The Center for Cyber Innovation (CCI) is part of the High Performance Computing Collaboratory at Mississippi State University. CCI develops solutions for Defense, Homeland Security and the Intelligence Community. The primary focus of the CCI is to research, prototype and deliver cutting-edge cyber solutions that support global national security, homeland security and peacekeeping operations.

Large and small companies play major roles in executing contracts awarded by the U.S. government and have become targets for many cyber attackers. Not protecting government data properly can drastically impact the viability and reputation of these small businesses, as well as negatively impact the interests of the United States. As a result, the National Institute of Standards and Technology (NIST) wrote requirements that state how this type of information should be protected. The result was NIST Special Publication 800-171, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations". CCI is helping small and large business understand the regulations and offers advice on how to implement them.

Social media—a  tool, a way to connect, a place to create, a place to share, but  users have growing fears about what they might not know they are really sharing. The Director of the Center for Cyber Innovation, Drew Hamilton, and Research Engineer with CCI, Doug Girault, gives some advice on how to protect the information you might not know you gave permission to use.

Cyber Threat Avoidance and Cyber Defense

CCI has been a pioneer in cyber defense. Security architecture provides the blueprint for in-depth defense strategies. You cannot avoid cyber threats if you do not know how systems connect and what software those systems are running. Scalable, security architecture is a critical enabling technology required to model, defend and wargame network-intensive cyber networks.

Cyber Network Exploitation

The reality is that working in cyber defense provides insights into cyber exploitation. Key capabilities include side channel attacks, access control compromise, leveraging undocumented system entry points, system masquerade, compromising system logging. In many ways, this is the easiest research topic to move forward on.

Cyber Infrastructure

MSU supports one of the most robust cyber infrastructures of any university. CCI researchers have access to state of the art high performance computing assets to include petabyte scale high-speed storage. CCI has the capability to scale up laboratory research into enterprise scale cyber demonstrations and to do so in NOFORN and other restricted environments.

Information Network Modeling, Simulation and War Gaming

The CCI Director is a leading expert in this field. Dr. Hamilton was named a Fellow of the Society for Modeling and Simulation in part because of his work in network simulation. He had served as an associate editor of the Journal of Defense Modeling & Simulation since 2006 and Simulation, Transactions of the Society for Modeling and Simulation since 2008. The Army G6 funded his doctoral work in network simulation.

Full Spectrum Cyber Operations

Artillerymen have been executing full spectrum cyber operations since the invention of the field telephone. It is the technology and the scale that has changed, not the underlying mission to put steel on target. Now the challenge is the pervasiveness of network-enabled devices, particularly embedded devices. CCI has practical experience in software architecture that can help identify hidden or undocumented functionality. This is particularly important for software-intensive black box components. These vulnerabilities are endemic to embedded weapons systems as well industrial control systems. Full spectrum cyber operations are both offensive and defensive and constantly changing. Research in the rapid reverse engineering of software not only allows for more effective cyber defense but also new cyber attack vectors, particularly reverse engineering of captured enemy systems. Research in software anti-tamper measures is needed to safeguard US military systems that will inevitably be captured on future battlefields.

Cyber Situational and Mission Awareness

The first step in cyber situational awareness is an accurate and scalable visualization of the network and their security appliances. This should be based on verified and validated security architecture. Monitoring of access points and security appliances would provide friendly cyber situational awareness. Providing enemy cyber situational awareness follows a similar path with the extra required steps of penetration and stealthy monitoring. The real research issues here are scalability and latency.

Cyber Command and Control

Dr. Hamilton directed a tri-service command and control interoperability office supporting CECOM, SPAWAR and ESC. CCI has strong military C2 experience as well as hard cyber engineering research programs. Sending and receiving cryptographically secure near-real-time video is still a hard research problem that CCI has experimental experience with. The multitude of US C2 systems brings software-based interoperability challenges complicated by cyber security considerations.

Cyber Mission Assurance

CCI is a leader in cyber risk assurance. CCI has developed risk assessment and management courseware funded and certified by the National Security Agency. The Missile Defense Agency adopted Dr. Hamilton's software vulnerability assessment process for evaluating MDA software before releasing the software through Foreign Military Sales.