Built in partnership with the National Science Foundation,
DETER provides the necessary infrastructure networks, tools,
methodologies and processes to support testing of emerging
and advanced security technologies. The testbed is freely available and has more than 3,000 users in 25 countries.
“The idea behind DETER is that we want researchers
doing experiments in cybersecurity,
“Researcher Funded by DHS Takes
Down the Internet,” he quips.
“This is an emulation and simulation environment, with even some
live fire, where people can run their
new ideas and new tests. It’s a 600-
node infrastructure. It can be virtual-ized and people can do all kinds of
security experiments on this testbed.
It’s not as big as the Internet, but it
tries to mimic the Internet in all the
ways that we can,” he elaborates.
Now, Maughan’s team is working to
expand DETER into an international
capability. “Last year, we open-sourced
the base code, and we are now work-
ing with Canada, Israel, the United
Kingdom and Singapore to try to help
them—using our DETER code—to
stand up their own national research testbeds,” Maughan
offers. “If we have systems in other countries, we can now
federate these technologies together and have a testbed that
is much larger than just the testbed we now have here in the
Canada has provided about $1 million in funding for
the project and could have the testbed completed this year,
Maughan estimates. The United Kingdom and Singapore
may not be far behind. “It just depends on the priorities
in their countries and their resources. We’re not providing
resources to them other than giving them the code base
from the DETER project,” Maughan points out.
Meanwhile, Japan partners with Cybersecurity Division
officials on the Protected Repository for the Defense of
Infrastructure Against Cyber Threats (PREDICT) system,
which is intended to provide insights into cyber attack
phenomena occurring across the Internet, as well as intel-
ligence on the health of the Internet, including outage
detection. PREDICT was initiated to assist technology
developers and evaluators in need of real-world data to
test the effectiveness of their technologies.
Additionally, the division works with the Netherlands
Forensics Institute, which Maughan describes as a quasi-
governmental organization. “In forensics, the Netherlands
is the best in the world. They’re better than us,” he declares.
The Cybersecurity Division decided
to fund malware analysis and memory analysis work at the institute after
Secret Service officials visited the
Netherlands and were impressed with
what they saw. The investment satis-fies requirements for the Cybersecurity for Law Enforcement program.
“The deliverables will be handed back
to us, and we will make them available to our law enforcement partners
at the Secret Service and Immigration
and Customs Enforcement,” he notes.
“They were interested in having us
fund the development of this work in
the Netherlands because the Netherlands is ahead of us. We didn’t have
anything going on, so rather than start
from scratch, we’ll put money on the
project in the Netherlands and get the
technology quicker. That was initiated
in 2014, and we expect the project to
finish by the end of this year.”
The United Kingdom is the closest
cybersecurity partner, Maughan indicates. “In our November meetings with the U.K., there was some discussion
about adding new work to our Cybersecurity for Law
Enforcement program. They just stood up, in their reorganization of the U.K. government, a new National Crime
Agency [NCA]. It’s a consolidation of a lot of their federal
and regional law enforcement agencies that they’re trying to
coordinate and consolidate. We’re starting to work with the
NCA and are looking at some long-term projects to support
the law enforcement community,” he says.
Australia is another solid partner. The Cybersecurity
Division funded about $1.25 million for the development
of a routing security technology known as the Border
Gateway Protocol Monitor (BGPmon) at Colorado State
University and the University of Oregon. The Australians wanted BGPmon for their Computer Emergency
Response Team and received an early version last year.
“They’ve provided us some feedback, and this round
they’ve come back and added about $160,000 where they
The Netherlands 6
United Kingdom 4
European Union 1
New Zealand 1
with one recently completed
“It’s all about building partnerships and doing collaborative work
to try to solve some of the problems we have in cybersecurity.”
—Doug Maughan, director, Cybersecurity Division, Science and Technology Directorate,
Homeland Security Department Directorate’s Cybersecurity Division.