Real-world data for cybersecurity research
ResearchSOC is developing the infrastructure, policies, and procedures to work with researchers who can push the edges of information security practice by using our data.
The operational data collected by security operations centers (SOCs) is of great value to cybersecurity research and supportive of NSF’s vision to advance data research. This data will help advance cybersecurity research. Additionally, having realistic data is useful for educational exercises and labs.
Due to privacy and security concerns, actual operational cybersecurity and network data cannot be shared openly – and it is difficult for researchers and educators to gain access to such data. As part of a long-term vision to improve cybersecurity, ResearchSOC will make operational data available to researchers and educators using a combination of technology, policy, and redaction/anonymization to make data available at varying levels that is acceptable to our operational customers while also useful to researchers and educators. ResearchSOC customers will be part of the process of data sharing.
We are developing an environment for sharing security operational data to enable interdisciplinary research, establish best practices and tools for analysis, and gain better knowledge of how to detect, prevent, and respond to threats.