Renamed at the end of 2015, this project was previously known as the DHS Protected REpository for the Defense of Infrastructure against Cyber Threats (PREDICT) project.
CAIDA project activities are supported by the DHS cooperative agreement FA8750-12-2-0326 "Supporting Research and Development of Security Technologies through Network and Security Data Collection".
IMPACT Project Overview
Researchers require current data on Internet security threats, including samples of normal and malicious Internet traffic, malicious software samples, and logs from machines compromised in targeted attacks, and other data to develop hardware and software that protects against and mitigates the effects of hacking attempts and malicious software. Concerns over privacy, security, proprietary information, and legal risks make collection and distribution of such data difficult for the owners of the infrastructure, owners of data, collectors of data, and distributors of data. Thus, few organizations make datasets available for the development and testing of defensive technologies.
The Department of Homeland Security (DHS) has developed the Information Marketplace for Policy and Analysis of Cyber-risk & Trust (IMPACT) project to provide vetted researchers with current network operational data in a secure and controlled manner that respects the security, privacy, legal, and economic concerns of Internet users and network operators. Three primary goals of IMPACT are:
- To develop, implement, and maintain a Web-based portal that catalogs current computer network and operational data and handles data requests.
- To enable secure access to multiple sources of data collected on the Internet.
- To facilitate data sharing among IMPACT participants for the purpose of developing new models, technologies and products increasing cyber security capabilities.
More information about IMPACT is available in the Overview of the IMPACT program.
CAIDA's Role in the IMPACT Project
Research on rapidly advancing information and communication technology (ICT) has exposed gaps between what researchers could do and what they should do, thereby creating ethical challenges. Research involving network measurement offers great promise for empirical and generalizable knowledge and innovation, yet can often place researchers at ethical crossroads. In addition to ensuring the legality of research activities, researchers, institutional review boards, funding agencies and organizations must also be cognizant of the ethical principles and applications that serve as foundational underpinnings for trusted and sustainable research.
Through IMPACT we are continuing to explore the complex issues surrounding ethics as they relate to cyber security research. CAIDA has played a founding and leading role in providing thought leadership and helping to interpret ethical principles in the context of network and security research, and in developing community-based guidelines that can enable researchers, and research review boards understand the importance and the need for understanding the impacts of a given research project.
- IMPACT-related papers (co-)authored by CAIDA researchers
Ethical Principles Guiding Information and Communication Technology Research: The Menlo Report.
- The Interaction of the Menlo Report and Revisions to the Common Rule-Comments in Response to the Advanced Notice of Proposed Rulemaking (ANPRM).
- Federal Register Response to Comments Received for the "The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research"
- Applying Ethical Principles to Information and Communication Technology Research:
- A Companion to the Menlo Report details the principles and applications more granularly and illustrates their implementation in real and synthetic case studies.
- CAIDA data
- CAIDA Data FAQ
- Distribution Statistics for CAIDA Online Datasets
- CAIDA's Anonymization Tools Taxonomy
- CAIDA's bibliography of anonymization and data sharing papers