Careers | Phone Book | A - Z Index

HPC and Scientific Networking Security

The Data Science and Technology Department is an active participant in a number of projects in the arena of security for scientific, high-performance computing systems and high-bandiwdth research and education networks.  Research sponsors have typically included DOE's ASCR program and NSF's SaTC program, among others. 

LBNL has had a leadership role in security in scientific computing environments for many years, including the development of the Bro Network Security Monitor, as well as leading several DOE-sponsored activities related to defining a cybersecurity research program within the DOE Office of Science. 

More recently, LBNL is serving as the lead of the "Cyber R&D" Enterprise Cyber Capability (ECC) of the DOE-wide Integrated Joint Cybersecurity Coordination Center (iJC3) — a sponsored R&D program that currently involves ten DOE National Laboratories as performers.

DOE Cybersecurity R&D Challenges for Open Science: Developing a Roadmap and Vision, January 24–26, 2007 [news, report]

DOE Grassroots Cybersecurity Initiative [Frincke presentation, Catlett ASCAC presentation, report 1, report 2, report 3]

ASCR Cybersecurity Workshop, January 7–9, 2015 [report, news]

ASCR Cybersecurity for Scientific Computing Workshop, June 2–3, 2015 [report]

ESnet, CENIC Announce Joint Cybersecurity Initiative - CRD’s Sean Peisert to serve as director of initiative [TABL]— Jan. 19, 2016

NSF Cybersecurity Center of Excellence, ESnet Organize Working Group on Open Science Threats — Jun. 22, 2016

Working Group on Open Science Cybersecurity Risks Releases First Document Draft for Public Comment — Oct. 31, 2016

Building a CENIC Security Strategy — Jan. 11, 2017

Mind the gap: Speaking like a cybersecurity pro — Feb. 10, 2017

CENIC's Network Security Initiative — Mar. 15, 2017

A partial listing of current and recent projects specifically focused on security for high-performance, scientific computing and high-throughput, scientific networking is as follows:

  1. Toward a Hardware/Software Co-Design Framework for Ensuring the Integrity of Exascale Scientific Data.  This project takes a broad look at several aspects of security and scientific integrity issues in HPC systems.  It is funded by DOE ASCR and is led by Sean Peisert.  See Scientific Computing Integrity project website.
  2. Distributed Detection of DDoS Attacks on the WAN.   This project is examining ways in which operators of wide-area networks (WANs) cam better use their vantage points to detect DDoS attacks before they reach individual sites.  It is particularly focused on large-scale science traffic as seen in ESnet and certain other national and regional "research and education" networks.  This project is funded by DOE's iJC3 Cyber R&D program and is led by Sean Peisert at LBNL.
  3. Network Measurement, Analysis and Visualization. NetSage is a network measurement, analysis and visualization service funded by the National Science Foundation and is designed to address the needs of today's international networks. See NetSage project website.
  4. A Mathematical and Data-Driven Approach to Intrusion Detection for High-Performance Computing. In this project, CRD researchers developed mathematical and statistical techniques to analyze the access and use of high-performance computer systems. This project was funded by the U.S. Department of Energy's Applied Mathematics Section. LBNL, which was the lead institution for the project, also funded UC Davis and the International Computer Science Institute (ICSI) at UC Berkeley in this activity via subcontracts from LBNL. See Mathematical Approach to Intrusion Detection in HPC project website.