Sanders recognized twice at International Conference on Dependable Systems and Networks
Bill Sanders, the Department Head of Electrical and Computer Engineering and ITI researcher, and his students were recognized twice at this year's International Conference on Dependable Systems and Networks (DSN) in Toulouse, France.2016 IEEE Innovation in Societal Infrastructure Award for his revolutionary work concerning cybersecurity of the power grid. The award cites him for his assessment-driven design of trustworthy cyber infrastructures for societal-scale system and recognizes Sanders' work as some of the most significant in his field.
A leading cybersecurity expert, Sanders has made pioneering contributions to make sure the power grid is safe, secure, reliable, and available. He did so by developing tools and techniques to make the grid more resilient, and methods for quantitatively assessing its cyber security and resiliency.
In 2005, Sanders created TCIP, the Trustworthy Cyber Infrastructure for Power center, to combine computer security and power systems research as a unified front to address the problem. In 2009, this work continued through his leadership of TCIPG, an $18.4 million DOE Office of Electricity Delivery & Energy Reliability and DHS Office of Science and Technology sponsored activity. He's now co-PI of the Cyber Resilient Energy Delivery Consortium, a $28.1 million initiative the U.S. Department of Energy is funding.
Uttam Thakore, computer science PhD student, Gabriel Weaver, research scientist for the Information Trust Institute at Illinois, and Sanders won the Best Paper Award at DSN, the flagship conference for the dependability and security community. To win, the paper went through two committee selections against all the papers in the conference, and was then selected by the audience after the team competed with other nominees at the conference.
The paper, titled A Quantitative Methodology for Security Monitor Deployment, detailed a novel technique that aims to help administrators of enterprise and cloud systems make better decisions about how to monitor their systems to detect attacks.
One of the major challenges security administrators face today is the diversity and abundance of system information—it's possible to collect information from every layer of a system, but it's not always economically feasible to store and analyze all of the information, said Thakore, first author on the paper. We try to help security administrators understand the value gained from deploying different monitors to better detect attacks, and help them easily make decisions about which monitors to deploy.
The paper provides a quantitative methodology for modeling systems and monitors and determining how to optimally place monitors to maximize intrusion detection ability while minimizing monitor cost.