CAIDA project activities are supported by the DHS cooperative agreement FA8750-12-2-0326 "Supporting Research and Development of Security Technologies through Network and Security Data Collection".
PREDICT Project Overview
Researchers require current data on Internet security threats, including samples of normal and malicious Internet traffic, malicious software samples, and logs from machines compromised in targeted attacks, and other data to develop hardware and software that protects against and mitigates the effects of hacking attempts and malicious software. Concerns over privacy, security, proprietary information, and legal risks make collection and distribution of such data difficult for the owners of the infrastructure, owners of data, collectors of data, and distributors of data. Thus, few organizations make datasets available for the development and testing of defensive technologies.
The Department of Homeland Security (DHS) has developed the Protected Repository for the Defense of Infrastructure Against Cyber Threats (PREDICT) project to provide vetted researchers with current network operational data in a secure and controlled manner that respects the security, privacy, legal, and economic concerns of Internet users and network operators. Three primary goals of PREDICT are:
- To develop, implement, and maintain a Web-based portal that catalogs current computer network and operational data and handles data requests.
- To enable secure access to multiple sources of data collected on the Internet.
- To facilitate data sharing among PREDICT participants for the purpose of developing new models, technologies and products increasing cyber security capabilities.
More information about PREDICT is available in the Overview of the PREDICT program (DHS.gov PDF document).
CAIDA's Role in the PREDICT Project
Research on rapidly advancing information and communication technology (ICT) has exposed gaps between what researchers could do and what they should do, thereby creating ethical challenges. Research involving network measurement offers great promise for empirical and generalizable knowledge and innovation, yet can often place researchers at ethical crossroads. In addition to ensuring the legality of research activities, researchers, institutional review boards, funding agencies and organizations must also be cognizant of the ethical principles and applications that serve as foundational underpinnings for trusted and sustainable research.
Through PREDICT we are continuing to explore the complex issues surrounding ethics as they relate to cyber security research. CAIDA has played a founding and leading role in providing thought leadership and helping to interpret ethical principles in the context of network and security research, and in developing community-based guidelines that can enable researchers, and research review boards understand the importance and the need for understanding the impacts of a given research project.
Ethical Principles Guiding Information and Communication Technology Research: The Menlo Report.
- A Companion Report details the principles and applications more granularly and illustrates their implementation in real and synthetic case studies.
- The Interaction of the Menlo Report and Revisions to the Common Rule-Comments in Response to the Advanced Notice of Proposed Rulemaking (ANPRM).
- Federal Register Response to Comments Received for the "The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research"
- CAIDA data
- CAIDA Data FAQ
- Distribution Statistics for CAIDA Online Datasets
- CAIDA's Anonymization Tools Taxonomy
- CAIDA's bibliography of anonymization and data sharing papers
- PREDICT-related papers (co-)authored by CAIDA researchers