Center for Applied Cybersecurity Research
Permanent link for this collectionhttps://hdl.handle.net/2022/15468
The Center for Applied Cybersecurity Research (CACR) leads the creation of IT security policy, security tools, and secure applications in critical areas of cyberinfrastructure, including health. CACR is affiliated with the Indiana University Pervasive Technology Institute and works closely with its partner organizations at Indiana University: CLEAR Health Information, the Maurer School of Law, the Kelley School of Business, the School of Informatics and Computing, REN-ISAC, the University Information Policy Office, and the University Information Security Office.
Browse
Browsing Center for Applied Cybersecurity Research by Title
Now showing 1 - 20 of 193
- Results Per Page
- Sort Options
Item 2015 Annual Report and Strategic Plan (2015-2020)(2016) Welch, VonItem 2016 Annual Report(2017) Welch, VonItem 2016 NSF Community Cybersecurity Benchmarking Survey Report(2016) Cowles, Robert; Jackson, CraigItem 2017 NSF Community Cybersecurity Benchmarking Survey Report(2018-06) Russell, Scott; Jackson, Craig; Cowles, Bob; Avila, KayThe NSF Community Cybersecurity Benchmarking Survey provides insight into the NSF science community's cybersecurity programs, practices, challenges, and concerns by collecting, analyzing, and publishing useful baseline benchmarking information."Item 2019 NSF Community Cybersecurity Benchmarking Survey Report(2019-12-20) Russell, ScottThe purpose of Trusted CI’s Community Survey project is to collect, analyze, and publish useful baseline benchmarking information about the NSF science community’s cybersecurity programs, practices, challenges, and concerns.Item 2020 CACR AI/ML Lessons Learned Report(2020-07-31) Kiser, Ryan; Adams, Emily K.; Cushenberry, Austin; Abhinit, Ishan; Shute, KelliSince Fall of 2019, the Indiana University Center for Applied Cybersecurity Research (CACR) has been exploring the application of machine learning to cybersecurity workflows with the intent of developing the applicable expertise necessary to maintain a commanding lead in the cybersecurity domain where machine learning solutions are expected to increasingly become the norm. In order to serve the objectives laid out in the project charter, CACR primarily worked in partnership with OmniSOC and researchers at Rochester Institute of Technology to explore the application of the ASSERT research prototype to SOC analyst workflows. The intent of this effort was to better understand both the utility of the ASSERT prototype and the challenges associated with the implementation of machine learning approaches to cybersecurity workflows more broadly.Item 2021 NSF Cybersecurity Summit Collection of Presentations(2021-10) Welch, Von2021 NSF Cybersecurity Summit Collection of Presentations of slides for Plenary, Workshops & TrainingItem Access Control Policy(2021) Krenz, Mark; Adams, Andrew; Marsteller, JamesItem Aligning Your Research Cyberinfrastructure with HIPAA and FISMA(2015-08-17) Shankar, AnuragItem Analysis of authentication events and graphs using Python(2015-05) Heiland, Randy; Welch, VonDiscerning meaningful information from network log files is an ongoing challenge in cybersecurity. We demonstrate techniques for analyzing a large log of authentication events and associated graphs. Our approach is instructional and exploratory, using Python modules and tools.Item Item The Applicability of HPC for Cyber Situational Awareness(2017-08-17) Leonard, Leslie, PhDItem Authentication and Authorization Considerations for a Multi-tenant Service(ACM, 2015-06-16) Heiland, Randy; Koranda, Scott; Marru, Suresh; Pierce, Marlon; Welch, VonDistributed cyberinfrastructure requires users (and machines) to perform some sort of authentication and authorization (together simply known as "auth"). In the early days of com- puting, authentication was performed with just a username and password combination, and this is still prevalent today. But during the past several years, we have seen an evolution of approaches and protocols for auth: Kerberos, SSH keys, X.509, OpenID, API keys, OAuth, and more. Not surpris- ingly, there are trade-offs, both technical and social, for each approach. The NSF Science Gateway communities have had to deal with a variety of auth issues. However, most of the early gateways were rather restrictive in their model of access and development. The practice of using community credentials (certificates), a well-intentioned idea to alleviate restrictive access, still posed a barrier to researchers and challenges for security and auditing. And while the web portal-based gate- way clients offered users easy access from a browser, both the interface and the back-end functionality were constrained in the flexibility and extensibility they could provide. Design- ing a well-defined application programming interface (API) to fine-grained, generic gateway services (on secure, hosted cyberinfrastructure), together with an auth approach that has a lower barrier to entry, will hopefully present a more welcoming environment for both users and developers. This paper provides a review and some thoughts on these topics, with a focus on the role of auth between a Science Gateway and a service provider.Item Automated Assessment Tools Theory & Practice(2017-08-15) Miller, Barton; Heymann, ElisaInjection AttacksItem Beyond the Beltway-The Problems with NIST’s Approaches to Cybersecurity and Alternatives for NSF Science(2017-08-16) Jackson, Craig; Russell, Scott; Cowles, BobItem Bro Platform Training Workshop(2015-08-17) Amann, Johanna; Azoff, Justin; Slagell, AdamItem Building a Cybersecurity Program: A Tutorial for Managers and PIs(2013-09-30) Duda, Patrick; Marsteller, James; Butler, Randy; Bobba, Rakesh; Welch, Von; Jackson, CraigItem Building a Digital Forensics Program(2017-08-15) Raquel, WarrenCTSC’s mission is to provide the NSF community a coherent understanding of cybersecurity’s role in producing trustworthy science and the information and know-how required to achieve and maintain effective cybersecurity programs.Item Building a NIST Risk Management Framework for HIPPA and FISMA Compliance(2016-08-16) Shankar, AnuragItem Building the Modern Research Data Portal Using the Globus Platform(2016-08-16) Tuecke, Steve