Enabling Intelligent Security Assessment for HPC Systems via Automated Learning and Data Analytics

Enabling Intelligent Security Assessment for HPC Systems via Automated Learning and Data Analytics

Award Information
Agency: Department of Energy
Branch: N/A
Contract: DE-SC0017180
Agency Tracking Number: 235472
Amount: $1,050,000.00
Phase: Phase II
Program: SBIR
Awards Year: 2018
Solicitation Year: 2018
Solicitation Topic Code: 03b
Solicitation Number: DE-FOA-0001794
Small Business Information
15400 Calhoun Drive, Suite 190, Rockville, MD, 20855-2814
DUNS: 161911532
HUBZone Owned: N
Woman Owned: Y
Socially and Economically Disadvantaged: N
Principal Investigator
 Tung Nguyen
 (301) 795-4450
 tnguyen@i-a-i.com
Business Contact
 Mark James
Phone: (301) 294-5221
Email: mjames@i-a-i.com
Research Institution
N/A
Abstract
Software protection and its associated tools can be regarded as a first line of defense for run-time integrity in an High Performance Computing (HPC) system, but cannot be easily extended to provide security solution beyond the software level. Hence, it is also essential to build a system-wide security analysis tool to assess the entire HPC system’s security. The major challenges for building such a tool include efficient data processing under limited resource and performance constraint, customized feature extraction for security assessment, and the balance between security and overhead/usability. Statement of How this Problem or Situation is Being Addressed: To address this need, a machine learning based security assessment tool is being developed to ensure system-wide security monitoring and assessment in HPC systems. The overall approach is to leverage existing/future HPC profiling and tracing tools to provide real-time data collection and then use this information combined with HPC program behavioral knowledge, system logs and network traffic data for cyber security assessment using big data analytics and machine learning techniques. What was done in Phase I: During the Phase I period, to meet the project objectives, the following has been performed: literature study, system architecture design, machine learning algorithms design and development, preliminary system implementation, and initial performance evaluation of our proposed solution. The final goal is to provide a software tool that can efficiently collect system-wide data (user, application, and network) in HPC systems, perform analysis to detect security related events and generate effective alerts. What is planned for the Phase II project: In Phase II, this security assessment tool will be further developed to provide better data analytics for system-wide security monitoring and assessment. Its core functionalities include data collection and pre-processing, classification of HPC applications and phases, network anomaly detection and security assessment, and synthetic data generation of normal and abnormal datasets. Commercial Applications and Other Benefits: The proposed security tool has a significant impact on the cyber security enhancement for HPC systems to improve HPC security at the entire system level and raise global operational security awareness for system administrators. It can be applied to and benefit a broad range of HPC centers and Large-Scale Distributed Computer Systems in industry (such as IT, various science applications, finance/economics, etc.), university/academic, and government agencies (such as defense and government labs).

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government