LSU Cybersecurity team receives $600K grant from NSF to Combat Malware
May 21, 2024
“As devices have become cheaper and easier to buy, we no longer have to rely on specific vendors for security products where we can’t change how the data passes through, or analytics are done,” said Bou-Harb, who joined LSU last year as a strategic cybersecurity hire, having previously directed the Cyber Center for Security and Analytics at the University of Texas at San Antonio.
Bou-Harb and his team are creating an open-source platform that enables users to program their own devices (P4 Programmable Data Processors) and smart network interface cards (SmartNICs), leveraging new machine learning methods to recognize malicious behaviors.
“Usually, there’s a trade-off between usability and security because security measures can hamper performance. However, our solution for programmable hardware devices attempts to achieve both,” Bou-Harb said.
To optimize performance, the researchers are developing a “demilitarized zone,” a network partition with restricted communications and fewer security parameters for higher data throughput. This will allow for real-time detection and mitigation of cyberattacks and malware at network speed, with attackers being automatically cut off, their network connection terminated.
“Our system is designed to analyze each data packet at full speed, typically terabits per second, and to be easy to deploy—especially in legacy networks to enhance cyber operations for state and national security,” Bou-Harb said. “Legacy networks include industrial control systems and critical infrastructure.”
The team is planning workshops with industry professionals and virtual labs for students to train them to use and implement the new solution.
LSU doctoral student Kurt Friday is working on the project with Bou-Harb as his advisor. Friday followed Bou-Harb from Florida Atlantic University to the University of Texas at San Antonio, and now to LSU.
“Leveraging programmable network hardware to accelerate cybersecurity mechanisms is particularly exciting, as it allows us to promptly detect and mitigate attacks within the network fabric before victims are ever impacted,” Friday said.