GFSU's CyberLab Drives InnovationGoal: Build Skills in Incident Response, Forensics
Gandhinagar-based Gujarat Forensic Sciences University aims to enhance its CyberLab's research and development capabilities in security by collaborating with technology providers, academia and industry to drive security innovation and address emerging cyberthreats.
In response to these goals, security leaders say the lab should focus specifically on innovations regarding incident response, monitoring, vulnerability detection, computer forensics and threat investigation methods.
The CyberLab, which was created in August 2014, has plans to enhance its capabilities in conducting research, development, training and services in vulnerability testing and analysis, cyber-incident monitoring and computer forensics.
The lab will initially target the power sector and shortly commence its cybersecurity testing for critical infrastructure to test the SCADA system, monitor abuse on a real-time basis and detect malware.
To initiate the process, Delhi-based Codenomicon Software, a security solutions provider, is helping the lab set up the vulnerability discovery and cyber-incident monitoring methods.
According to Dr. J M Vyas, director general at GFSU, the objective is to create a unique platform in India where academia, industry and governmental stakeholders come together to collaborate in addressing emerging threats.
"With the growth in several smart city initiatives across the country and several security practitioners being part of it," Vyas says, "it's imperative to develop new security measures."
Delhi-based Mohit Rampal, regional manager India & South Asia at Codenomicon, points out: "The Cyberlab enhancement is based on the basic philosophy of creating a secured digital India by providing advanced cybersecurity training to professionals."
Meeting Future Needs
The CyberLab team and security groups see increasing need to bring in research capabilities, given that critical infrastructures - especially industrial control systems - are targets for cyber-attacks.
Rampal sees the urgency in building capacity of forensic professionals, which is the biggest challenge that the forensic agencies face in tackling cyberthreats. Such labs will provide the necessary wherewithal to gain expertise on forensic frameworks.
The challenge for forensic laboratories, finds Jharkhand-based Vineet Kumar, founder of Cyber Peace Foundation, is to do penetration testing on the encrypted data that flows in different forms and deal with innovations in cloud technologies that have challenged investigation capabilities.
Delhi-based Vinayak Godse, director of data protection for the Data Security Council of India, believes that the cyberforensic labs need to develop capabilities to match the technology evolution and address threats resulting from such advancements, including social media.
Experts say that if the CyberLab is to provide cybersecurity solutions for India, the primary need is to develop a vulnerability testing platform focusing on zero-day vulnerabilities that can be used by government organizations and enterprises to secure their network-based systems. Rampal says that the lab should embed facilities to provide abuse and situational monitoring on a real-time basis.
"Research is being conducted to handle and teach students on using tools to detect unknown vulnerabilities and to mitigate them, along with the ability to understand integration of feeds coming from various sources, analyse them for meaningful data and monitor real-time traffic," Rampal says.
The university has enabled the lab to provide hands-on expertise to professionals as part of the research and learning process.
Research is being done to create an automated platform for collecting, processing and prioritizing threat intelligence, which enables users to quickly identify and notify infected organizations.
The enhancement, according to Rampal, has been in the areas of enabling users such as CERTs, national SOCs and enterprises to create cyberthreat situation awareness that can easily scale up.
Godse recommends the lab take up research on building a platform that helps in tracing the root cause of the crime and provides sufficient evidence.
Besides vulnerability testing, Kumar believes the lab should be the test bed for detecting and investigating fraud across all operating systems and applications and be an advisory to users.
Platform for Practitioners
According the Vyas, GFSU intends to bring cyber capabilities under the same roof with physical forensic sciences to enable academia, practitioners and stakeholders from the government to leverage it effectively.
Rampal expects security practitioners and forensic bodies to leverage the CyberLab in building the skills of their forensic teams on varied security frameworks, besides spotting future prospects.
Vineet Kumar recommends that the Cyberlab establish an information sharing and analysis grid for the dissemination of research activities in addressing cyber threats.
"The industry's security and forensic bodies can then contribute to research while also creating awareness about innovations to society," Kumar says.