LSU Cybersecurity team receives $600K grant from NSF to Combat Malware
“As devices have become cheaper and easier to buy, we no longer have to rely on specific
vendors for security products where we can’t change how the data passes through, or
analytics are done,” said Bou-Harb, who joined LSU last year as a strategic cybersecurity
hire, having previously directed the Cyber Center for Security and Analytics at the
University of Texas at San Antonio.
Bou-Harb and his team are creating an open-source platform that enables users to program
their own devices (P4 Programmable Data Processors) and smart network interface cards
(SmartNICs), leveraging new machine learning methods to recognize malicious behaviors.
“Usually, there’s a trade-off between usability and security because security measures
can hamper performance. However, our solution for programmable hardware devices attempts
to achieve both,” Bou-Harb said.
To optimize performance, the researchers are developing a “demilitarized zone,” a
network partition with restricted communications and fewer security parameters for
higher data throughput. This will allow for real-time detection and mitigation of
cyberattacks and malware at network speed, with attackers being automatically cut
off, their network connection terminated.
“Our system is designed to analyze each data packet at full speed, typically terabits
per second, and to be easy to deploy—especially in legacy networks to enhance cyber
operations for state and national security,” Bou-Harb said. “Legacy networks include
industrial control systems and critical infrastructure.”
The team is planning workshops with industry professionals and virtual labs for students
to train them to use and implement the new solution.
LSU doctoral student Kurt Friday is working on the project with Bou-Harb as his advisor.
Friday followed Bou-Harb from Florida Atlantic University to the University of Texas
at San Antonio, and now to LSU.
“Leveraging programmable network hardware to accelerate cybersecurity mechanisms is
particularly exciting, as it allows us to promptly detect and mitigate attacks within
the network fabric before victims are ever impacted,” Friday said.