[an error occurred while processing this directive]
[an error occurred while processing this directive]
Source: Simon Ou, 785-532-6350, xou@k-state.edu
Pronouncer: Ou sounds like "oh"
Photo available. Contact media@k-state.edu or 785-532-6415.
News release prepared by: Erinn Barcomb-Peterson, 785-532-6415, ebarcomb@k-state.edu
Friday, March 12, 2010
K-STATE PROFESSOR'S NATIONAL SCIENCE FOUNDATION AWARD WILL FUND RESEARCH TO THWART CYBER ATTACKS; PROJECT INFRASTRUCTURE CAN TEACH PUBLIC ABOUT CYBERSECURITY
MANHATTAN -- A Kansas State University professor's research on thwarting cyber attacks is getting a boost from a National Science Foundation award for young faculty.
The foundation gave Simon Ou, K-State assistant professor of computing and information sciences, a CAREER Award. It supports the early career-development activities of junior teacher-scholars who most effectively integrate research and education within the context of the mission of their institution.
"Cybersecurity is an asymmetric warfare," Ou said. "The attackers only need to find one hole to compromise a system, whereas the defenders have to plug them all. Without automated reasoning, the cyberspace will continue to be the Wild West, where bad guys wreak havoc.”
Ou will receive nearly $430,000 during five years for his project, "Reasoning under Uncertainty in Cybersecurity." His award marks K-State's fourth CAREER Award so far this year.
"The CAREER award will enable Simon to advance his research on enterprise network security and develop techniques for critical infrastructure protection," said Gurdip Singh, who heads K-State's computing and information sciences department. "This award will provide a great opportunity to further strengthen K-State's cybersecurity research program, a strategic area for our department, and to build a strong educational program -- particularly at the undergraduate level -- to train the next generation of cybersecurity leaders."
Ou's project seeks to improve cybersecurity by providing automated reasoning that a network administrator can use to reach a conclusion about what security breaches have happened and how they happened. Although computer scientists have developed reasoning models that work well for problems like disease diagnosis, these models have not proven effective in dealing with an active, malicious attacker who will try to break whatever assumptions are made in the model.
For the project, Ou will seek to formulate a reasoning model through first understanding how a human security analyst would reason about cyber-events. The eventual goal is to find the right theoretical framework for reasoning under the uncertainty that comes from not knowing a cyber attacker's actions and choices, and also from relying on imperfect sensors to report symptoms of potential attacks.
Beyond improving cybersecurity, Ou's project will provide research opportunities for K-State undergraduate students. Through K-State outreach programs, the test-bed infrastructure produced from the research then will educate the general public about cybersecurity problems.
Moreover, Ou said that the research will provide endless data and examples to refresh the materials of the cybersecurity courses he teaches. He also aims to develop new courses with a focus on uncertainty in cybersecurity defense.
Ou came to K-State in 2006 and directs research for the cybersecurity research group Argus. His research is primarily in enterprise network security defense with a focus on attack graphs, security configuration management, intrusion detection and security metrics for enterprise networks.
Ou earned a doctorate in computer science at Princeton University and then served as a post-doctoral research associate at Purdue University's Center for Education and Research in Information Assurance and Security, and also as a research associate at Idaho National Laboratory. He earned bachelor's and master's degrees in computer science from Tsinghua University in Beijing.