2326835
Cooperative Agreement
Overview
Grant Description
NSF Converence Accelerator Track G: 5G Hidden Operations Through Securing Traffic (GHOST) Phase 2 - The proliferation of 5G networks around the world presents an attractive opportunity for U.S. government organizations, nongovernmental humanitarian aid organizations, and private sector enterprises to eliminate the costs of installing and maintaining an alternate communications infrastructure by making use of indigenous 5G networks.
However, in many areas of the world, 5G networks are deployed and operated by organizations that are untrusted and potentially hostile to the U.S. In these environments, new security technologies are needed to secure operations. While 5G encrypts data packets and subscriber IDs, analysis of network activity can reveal detailed information about individuals and groups. For example, pattern-of-life analysis can be used to identify and track users. Similarly, traffic analysis can reveal details of an organization's structure and operations.
The 5G Hidden Operations Through Securing Traffic (GHOST) project provides four additional layers of security to protect against these threats. First, GHOST protects individuals by swapping subscriber and device IDs, along with usage patterns, or personas. Second, GHOST prevents traffic analysis by introducing ghost users and ghost traffic into the network to obscure real activity. Third, the GHOST project further frustrates traffic analysis by injecting "false flag" traffic that models real events and operations. Finally, GHOST secures devices at the hardware level by locating ghost software inside trusted execution environments (TEEs).
The GHOST technology will enable organizations to securely operate over foreign 5G networks, regardless of the politics of the network operators. GHOST addresses threats that cannot be countered by traditional cyber security solutions. The GHOST project will demonstrate an integrated solution on a real 5G network and evaluate GHOST effectiveness in multiple operational scenarios. The GHOST project will yield four major intellectual benefits to the research and operational communities.
First, the GHOST project will deliver technology to anonymize or disguise end-user identities and their association with locations, and communications endpoints. End-user identities will be protected by dynamically allocating software defined credentials and associated software defined personas. Association with locations are protected by correlating movement history with compromising patterns of movement. Communications connections are protected by peer-to-peer anonymization.
Second, the GHOST project will deliver technology to overlay normal network activity with ghost activity to obfuscate traffic analysis and hide regular patterns of activity or changes in activity.
Third, the GHOST project will deliver technology to model, generate, and inject "false flag" traffic into the network to make it appear to a network analyst that a real event is occurring at a particular location.
Fourth, the GHOST project will deliver technology that will protect end-user devices and non-indigenous networking equipment from penetration and compromise through the use of TEEs. The idea behind a TEE is that no software, privileged or not, should be able to access or modify protected data. TEEs enable the process of attestation of both the hardware and the software. The GHOST software will run inside the TEE to be able to attest to the security of the protocol and protect it in case of capture. GHOST technology will benefit end-users of any untrusted network, not just untrusted 5G networks.
The primary criteria for success of the GHOST project will be: prevention of identification and tracking of individuals by a network operator, inability of a network analyst to determine regular activity patterns, or significant changes in activity, misleading a network analyst by injection of "false flag" activity, and GHOST software deployment in TEEs with no observable degradation in device performance.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria. Subawards are planned for this award.
However, in many areas of the world, 5G networks are deployed and operated by organizations that are untrusted and potentially hostile to the U.S. In these environments, new security technologies are needed to secure operations. While 5G encrypts data packets and subscriber IDs, analysis of network activity can reveal detailed information about individuals and groups. For example, pattern-of-life analysis can be used to identify and track users. Similarly, traffic analysis can reveal details of an organization's structure and operations.
The 5G Hidden Operations Through Securing Traffic (GHOST) project provides four additional layers of security to protect against these threats. First, GHOST protects individuals by swapping subscriber and device IDs, along with usage patterns, or personas. Second, GHOST prevents traffic analysis by introducing ghost users and ghost traffic into the network to obscure real activity. Third, the GHOST project further frustrates traffic analysis by injecting "false flag" traffic that models real events and operations. Finally, GHOST secures devices at the hardware level by locating ghost software inside trusted execution environments (TEEs).
The GHOST technology will enable organizations to securely operate over foreign 5G networks, regardless of the politics of the network operators. GHOST addresses threats that cannot be countered by traditional cyber security solutions. The GHOST project will demonstrate an integrated solution on a real 5G network and evaluate GHOST effectiveness in multiple operational scenarios. The GHOST project will yield four major intellectual benefits to the research and operational communities.
First, the GHOST project will deliver technology to anonymize or disguise end-user identities and their association with locations, and communications endpoints. End-user identities will be protected by dynamically allocating software defined credentials and associated software defined personas. Association with locations are protected by correlating movement history with compromising patterns of movement. Communications connections are protected by peer-to-peer anonymization.
Second, the GHOST project will deliver technology to overlay normal network activity with ghost activity to obfuscate traffic analysis and hide regular patterns of activity or changes in activity.
Third, the GHOST project will deliver technology to model, generate, and inject "false flag" traffic into the network to make it appear to a network analyst that a real event is occurring at a particular location.
Fourth, the GHOST project will deliver technology that will protect end-user devices and non-indigenous networking equipment from penetration and compromise through the use of TEEs. The idea behind a TEE is that no software, privileged or not, should be able to access or modify protected data. TEEs enable the process of attestation of both the hardware and the software. The GHOST software will run inside the TEE to be able to attest to the security of the protocol and protect it in case of capture. GHOST technology will benefit end-users of any untrusted network, not just untrusted 5G networks.
The primary criteria for success of the GHOST project will be: prevention of identification and tracking of individuals by a network operator, inability of a network analyst to determine regular activity patterns, or significant changes in activity, misleading a network analyst by injection of "false flag" activity, and GHOST software deployment in TEEs with no observable degradation in device performance.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria. Subawards are planned for this award.
Funding Goals
THE GOAL OF THIS FUNDING OPPORTUNITY, "NSF CONVERGENCE ACCELERATOR 2022 JOINT NSF/DOD PHASES 1 AND 2 FOR TRACK G: SECURELY OPERATING THROUGH 5G INFRASTRUCTURE", IS IDENTIFIED IN THE LINK: HTTPS://WWW.NSF.GOV/PUBLICATIONS/PUB_SUMM.JSP?ODS_KEY=NSF22538
Grant Program (CFDA)
Awarding / Funding Agency
Place of Performance
Boulder,
Colorado
80309-0001
United States
Geographic Scope
Single Zip Code
Related Opportunity
Analysis Notes
Amendment Since initial award the total obligations have increased 101% from $2,482,830 to $4,983,234.
The Regents Of The University Of Colorado was awarded
5G GHOST Project: Securing Operations on Untrusted Networks
Cooperative Agreement 2326835
worth $4,983,234
from National Science Foundation in September 2023 with work to be completed primarily in Boulder Colorado United States.
The grant
has a duration of 2 years and
was awarded through assistance program 47.084 NSF Technology, Innovation, and Partnerships.
The Cooperative Agreement was awarded through grant opportunity NSF Convergence Accelerator 2022 Joint NSF/DOD Phases 1 and 2 for Track G: Securely Operating Through 5G Infrastructure.
Status
(Ongoing)
Last Modified 9/17/24
Period of Performance
9/1/23
Start Date
8/31/25
End Date
Funding Split
$5.0M
Federal Obligation
$0.0
Non-Federal Obligation
$5.0M
Total Obligated
Activity Timeline
Subgrant Awards
Disclosed subgrants for 2326835
Transaction History
Modifications to 2326835
Additional Detail
Award ID FAIN
2326835
SAI Number
None
Award ID URI
SAI EXEMPT
Awardee Classifications
Public/State Controlled Institution Of Higher Education
Awarding Office
491502 INNOVATION AND TECHNOLOGY ECOSYSTEMS
Funding Office
491501 TECHNOLOGY FRONTIERS
Awardee UEI
SPVKK1RC2MZ3
Awardee CAGE
4B475
Performance District
CO-02
Senators
Michael Bennet
John Hickenlooper
John Hickenlooper
Budget Funding
| Federal Account | Budget Subfunction | Object Class | Total | Percentage |
|---|---|---|---|---|
| Research and Related Activities, National Science Foundation (049-0100) | General science and basic research | Grants, subsidies, and contributions (41.0) | $2,482,830 | 100% |
Modified: 9/17/24