Department of Homeland Security Research Solicitation

Interesting document.

Lots of good stuff. The nine research areas:

  • Botnets and Other Malware: Detection and Mitigation
  • Composable and Scalable Secure Systems
  • Cyber Security Metrics
  • Network Data Visualization for Information Assurance
  • Internet Tomography/Topography
  • Routing Security Management Tool
  • Process Control System Security
  • Data Anonymization Tools and Techniques
  • Insider Threat Detection and Mitigation

And this implies they've accepted the problem:

Cyber attacks are increasing in frequency and impact. Even though these attacks have not yet had a significant impact on our Nation's critical infrastructures, they have demonstrated that extensive vulnerabilities exist in information systems and networks, with the potential for serious damage. The effects of a successful cyber attack might include: serious consequences for major economic and industrial sectors, threats to infrastructure elements such as electric power, and disruption of the response and communications capabilities of first responders.

It's good to see research money going to this stuff.

Posted on June 6, 2007 at 6:07 AM • 19 Comments

Comments

KeithJune 6, 2007 7:02 AM

"It's good to see research money going to this stuff."

In theory, yes. The problem is that DARPA and other such agencies have been funding research in the same areas for years.

Perhaps this DHS funding would be better spent hiring a handful of knowledgeable folks to first identify the myriad projects in these areas that are already underway, and either add funding to those projects, or take the time to identify what they've attempted to do, and why they did not succeed.

Level 9 - Cyber terrorismJune 6, 2007 8:13 AM

Just checkout what mobs of criminal hackers did in Estonia and that will give you a picture of what could happen to any nation's digital resources.

Wall Street Journal:
http://online.wsj.com/article/SB118099627980924270.html?mod=googlenews_wsj

"Similar attacks have accompanied other international political spats. Arab and Israeli hackers attack each other's Web sites, as do Pakistani and Indian hackers. After a South Korean speed skater was disqualified for bumping an American rival during the 2002 Winter Olympics, several strikes apparently originating from South Korea hit U.S. servers."


Teleporting Data with Quantum EntanglementJune 6, 2007 8:17 AM

Off topic - check this out:

The scientists did it by exploiting the "spooky" and virtually unfathomable field of quantum entanglement - when the state of matter rather than matter itself is sent from one place to another. Tiny packets or particles of light, photons, were used to teleport information between telescopes on the two islands. The photons did it by quantum entanglement and scientists hope it will form the basis of a way of sending encrypted data.

http://news.independent.co.uk/sci_tech/article2611757.ece#2007-06-04T00:00:25-00:00

monopoleJune 6, 2007 10:20 AM

"It's good to see research money going to this stuff."

Sadly, as any proposal writer knows, DHS solicitations are "wired" to the hilt. A seemingly broad topic will have a detail or two which will only be met by a specific proprietary technology.

The DoD, particularly the USAF and DARPA is where the innovation is occurring, although DoE and NSF also do good work.

AnonymousJune 6, 2007 10:31 AM

So basically DHS is starting to begin to consider thinking about what the rest of the IT security world has been working on for years....

AllUrBaseRBelong2June 6, 2007 11:03 AM

Perhaps it is beginning to dawn on *someone* that as the Chinese are light years ahead of us in the realm of cyber-offense it just may follow that they are light years ahead of us in the realm of cyber-defense?

I'd say that whatever budget DHS has for this research they should triple the amount and double that each year for the next 10.

Anonymous GovvieJune 6, 2007 11:35 AM

While I agree that it is "good to see research money going to this stuff.", did you notice how the BAA is broken down?

All 9 categories (TTAs) will get funding.
The funding is $4.5 mil.

Type 1 (New Technologies max 36 mos): Not to exceed $2mil
Type II (Prototype Technologies max 24 mos): Not to exceed $1mil
Type III (Mature Technologies max 12 mos): Not to exceed $750k

The average Ph.D costs LANL/INL/Other Labs $1.5 mil/yr by current government GSA schedule contracting rates.

My opinion:

36mos x 1.5mil == Complete BAA funding == 1 Ph.D contracting work == Government not very serious about these things yet

9 Categories == diluted $4.5mil == government not even paying close to GSA schedule rates for this research == Government not very serious about these things yet

Kevin McGrathJune 6, 2007 11:41 AM

"So basically DHS is starting to begin to consider thinking about what the rest of the IT security world has been working on for years...."

I posted a similar thought on this topic in another forum as follows:

"...as it looks like DHS is trying to get up to speed by asking for white papers that they can review? Are they trying to re-invent the cyber security wheel here? Maybe someone should tell them that we already have a few ... cyber security experts with a few years of experience already working in our various fields.

Plus there are tons of this stuff, in white paper format, already available from the "regular" IT security world.

Maybe the NRC should start asking for white papers on nuclear
fission! ;-) "

sidelobeJune 6, 2007 11:52 AM

What in the world is Internet Tomography? Can the interior of the Internet really be revealed in slices of some kind? Sounds like a slice of jargon.

Stephen SmoogenJune 6, 2007 12:13 PM

@Anonymous Govvie

That is standard rules laid out a long time ago by Congress and not updated for inflation since to do so would 'grow' the budget etc etc. Pretty much all startup/business grants are on these levels which means that they are pretty useless these days except for press-release money. The rules on this money also has a LOT of strings attached and every penny must be spent in the ways that those strings tell you. There has been more than one story about a company who came up with something cool but lost it because they spent the government money on something non-allowed.

PetergovJune 6, 2007 2:13 PM

When I got RFP's turned into grants, pay was set at COST plus 10% [as a management reserve], from which any [all] profits could be derived, if they were not expended to deliver. The usual strategy was to have a product/design in hand, bid out the cost of its completion. Trying to do any real R&D was usually left to DARPA.

Ross Stapleton-GrayJune 6, 2007 6:39 PM

I attended the bidder's conference... yes, $4.5M is a small amount of money; according to the DHS folks, they're seeking comparable out year monies (for years 2 and 3), but that's entirely dependent on the Congress. NB that while there's a Botnet topic, DHS has easily spent or otherwise committed about $4M already to Botnet defense R&D, including an award of more than $1M to the University of Michigan and Merit.

ToyJune 7, 2007 10:21 AM

"Perhaps it is beginning to dawn on *someone* that as the Chinese are light years ahead of us in the realm of cyber-offense it just may follow that they are light years ahead of us in the realm of cyber-defense?"

Check this out:
http://www.dtic.mil/descriptivesum/Y2006/Navy/0804758N.pdf

"The Joint Integrated IO Range (JIIOR) establishes the realistic test, training, and exercise environment for developing and operationalizing IO weapon systems as well as
tactics, techniques, and procedures (TTP). JIIOR facilitates this mission by providing an environment that integrates specific IO development, test, training, and exercise capabilities and resources across the Department
to meet the growing needs of the Services, components, and combatant commanders. JIIOR provides an environment a representative combat targets, systems, and situations that facilitate technical and performance
assurance testing to certify weapon systems and enables effective and thorough Service, component, and combatant commander sponsored training and exercises. The JIIOR goal is to create a flexible, seamless
environment that enables combatant commanders to achieve the same level of confidence and expertise in employing IO weapons that they have with kinetic weapons."

RealistJune 7, 2007 5:45 PM

Ah-ha! This little "solicitation: coincides nicely with a recent (as in within this last week) DHS notice on potential terrorist threats to information infrastructure.

Nice little bit of self-serving going on here...

anonymous researcherJune 14, 2007 7:56 PM

Might want to actually read what you're commenting on, sidelobe, before you throw out comments. I don't see anything in the presentation about a desire to discover the interior of the Internet.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..