Virginia Tech®home

Collective and Collaborative Defense for Virginia Regional Cyber Ecosystems

Northern Virginia Node

Principal Investigator: 
J.P. Auffret, associate director, Center for Assurance Research and Engineering (CARE), George Mason University.

Co-Principal Investigators: 
Kevin Heaslip, associate professor, civil engineering, Virginia Tech; Abdul Rahman, CCI AI Testbed Director; Jamil Jaffer, executive director, National Security Institute, George Mason University; Karl Darin, VP, operations, ConnectedDMV; George Thomas, VP, innovation and strategic initiatives, ConnectedDMV

Project Description: 
The Commonwealth of Virginia has enhanced its cybersecurity posture over the last five years but scaling challenges remain given Virginia’s varied regional critical infrastructure, supply chains and cyber ecosystems. In addition, the work from home environment resulting from the global COVID‐19 pandemic and increased cyber threat surface area due to the adoption of IoT devices and the rollout of 5G infrastructure are furthering the scaling challenge.  The project brings together Northern Virginia and Southwest Virginia CCI nodes with the George Mason Center for Assurance Research & Engineering, Volgenau School of Engineering, National Security Institute, Antonin Scalia Law School, Virginia Tech Hume Center for National Security and Technology, the CCI AI Testbed, and Connected DMV. The project proposes adapting the fusion center concept to regional collective and collaborative defense with Regional Cyber Centers (RCCs)  by developing innovative strategic, business, legal, policy, and operational constructs that are tailorable for a region’s cyber ecosystem.  The project will tailor the RCC model to the Greater Washington Metropolitan Area (DMV) and Blacksburg/New River Valley Planning District and provide a foundation for standing up the RCCs in 2022. The CCI AI Test Bed will develop and demonstrate  capability to assist RCCs in scaling including the application of AI‐ML to network sensor feeds for anomaly detection and threat identification; leveraging the Test Bed for both ingest of relevant data and usage of models for prediction, correlation, and analysis of  threats,  their severity, their impact; and enriching ingested data with other  local  data  to establish common operating pictures.