Introduction

Due to the ever increasing reliance of IT systems, people, businesses and devices on the Internet, cloud and networks Cyber Security is becoming a mandatory part of the National Security of any country. To address these critical national needs all countries are trying to protect their cyber space. These countries are making policies and establishing Cyber Research Centres at provincial and national levels in order to combat Cyber threats. These cyber threats include but not limited to cybercrimes, cyber-attacks, Cyber Security Incidences, cyber warfare, cyber terrorism and cyber espionage. It is also imperative for Pakistan to strengthen its Cyber Security Infrastructure with indigenous R&D to develop Cyber Security measures.

The cyberspace is also used by international insurgents and terrorist organizations as a tool for recruitment, financing, propaganda, training, incitement to commit acts of terrorism, and gathering & dissemination of information for terrorist purposes. It is also used to facilitate communication within terrorist organizations and to transmit information on, as well as material support for, planned acts of terrorism, all of which require specific technical knowledge for the effective monitoring and investigation of these offenses.

Every application in the field of Cyber Security needs to understand network traffic in detail. For example an NG firewall, which must have built-in real-time traffic visibility to do its job of blocking and alerting. Other solutions such as URL Blocking, malware protection, data loss prevention, IPDR analytics and threat intelligence platforms also require detailed traffic visibility in order to be effective. Deep Packet Inspection (DPI) provides the required insight. In order to develop indigenous Cyber Security applications and products, an indigenous DPI engine, free of back doors, is needed that provide the required traffic insight and meta-data for the development of Cyber Security solutions. Therefore a Comprehensive Research lab for the development of DPI engines is proposed, that will provide research platform for Cyber Security applications and lead to development of indigenous National Cyber Security product.

Using this DPI based Lab researchers will be able to test and verify their threat perception and detection algorithms and shall be able to verify the neutralization techniques. The project, from this perspective, is of critical importance to Pakistan and shall pave the way for innovative development of Cyber Security related technologies.

Centre for Advanced Studies in Engineering (CASE), an affiliated institute of UET Taxila, and its industrial arm Centre for Advanced Research in Engineering (CARE) have been working on National Cyber Security specific solutions and R&D since 2004. Since then, the developed technologies have been serving Pakistan in countering the use of cyber space for terrorism and anti-state activities. The core of the proven technology can be used for developing generic Cyber Security solutions like IDS, IPS, Firewall, Web blocking, content filtering etc. thus can help in addressing a number of Cyber Security related issues at national and enterprise level. UET Taxila, CASE & CARE collaborate to propose a scale able Deep Packet Inspection (DPI) platform to work on all layers of IP protocol stack and up to Layer-7 in reassembling and sessional formulation of web based applications for generating IPDR to be used in a host of Cyber Security applications. The scalability of the solution guarantees the use of the developed technology in a wide range of deployment and use cases. The proposals shall provide open interfaces and provisioning for its use by other researchers and solution providers to build indigenous Cyber Security solutions for national and enterprise use. Solutions from foreign vendors only give us a false sense of security. It is imperative for us to understand that a false sense of security is worse than no security at all.