CybersecurityTwo R&D Projects to Enhance Mobile Network Traffic Security

Published 11 March 2021

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) and the Cybersecurity and Infrastructure Security Agency (CISA) are jointly announcing the final two research and development (R&D) awards for the newly launched Secure and Resilient Mobile Network Infrastructure (SRMNI) project.

The Department of Homeland Security (DHSScience and Technology Directorate (S&T) and the Cybersecurity and Infrastructure Security Agency (CISA) are jointly announcing the final two research and development (R&D) awards for the newly launched Secure and Resilient Mobile Network Infrastructure (SRMNI) project.

Managed by S&T’s Mobile Security and Emergency Communications R&D Program, the project addresses CISA’s top mobile-focused priorities: securing the information and communications technology (ICT) supply chain as well as critical mobile network infrastructure, including the newly launched fifth generation (5G) mobile network.

“In the online world, the more insight you have about the traffic on your devices and networks, the more effectively your cybersecurity defenses can be implemented,” says CISA Deputy Executive Assistant Director of Cybersecurity Matthew Hartman. “These R&D projects will support CISA’s effort to address DNS resolution on federal networks and an applicable Trusted Internet Connection (TIC) 3.0 security overlay, both of which will greatly enhance enterprise mobile security and the backend federal government networks that make mobility possible for the workforce.”

“Security of mobile devices—phones and tablets alike—and enterprise networks are central to the capability of the federal workforce to securely conduct the government’s business no matter where in the world they are located,” said William N. Bryan, S&T Acting Under Secretary. “These S&T-led R&D projects will lead to innovative solutions that will analyze mobile network traffic to enhance the security of government-provided mobile devices and enterprise networks.”

These two newest SRMNI project awards are focused on developing solutions that will improve the government’s visibility into mobile device network traffic to identify malware, attacks or attempts to extract data from or through mobile devices. The awardees, the total dollar amount of their award, the title of their R&D project, and a brief overview of their R&D projects are as follows:

·  GuidePoint Security (Herndon, Va.) - $915,000

·  Mobile Network Traffic Visibility for the Enterprise: GuidePoint is developing a solution that will leverage Zscaler’s Internet Access Platform, a FedRAMP-authorized Security-as-a-Service cloud platform, to explore and model a TIC-based architecture for mobility that will help discover different approaches in supporting a protective domain name resolver service for mobility. The project will ultimately help improve the protection of federal systems and data, which are accessible on or to government-managed mobile devices.

·  AppCensus, Inc. (El Cerrito, Calif.) - $1.2 million

·  Mobile Traffic Intelligence at Scale: The company will expand the capabilities of its AppCensus platform to take an app-based approach to explore and model a holistic mobile-traffic monitoring system. This system will include the following features: a mobile traffic intelligence application programming interface that will identify risks posed by traffic from apps; software development kits or network destinations; client-based filtering to detect and filter sensitive traffic before it leaves mobile devices; and integration considerations for protective DNS-like services.

An earlier round of seven SRMNI R&D projects were awarded to private-sector partners that are developing solutions to help protect legacy cellular networks—2G, 3G and 4G, build security into the newly launched 5G network, and develop end-to-end protection of network traffic, including a standardized secure voice capability for unclassified government communications.

CISA leads the national effort to defend critical infrastructure against the threats of today, while working with partners across all levels of government and in the private sector to secure against the evolving risks of tomorrow. For more information, visit cisa.gov.