Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

The opinions, findings, and conclusions or recommendations expressed are those of the Center author(s) and do not necessarily reflect the views of the National Science Foundation.

Center Overview

The Center for Cybersecurity Analytics and Automation (CCAA) focuses on analytics and automation capabilities for efficient, accurate, and timely cyber-defense operations for complex enterprise information technology (IT), cloud and cyber-physical systems. CCAA's mission is to advance the science and state of the art of analytics and automation by developing innovative sense-making and decision-making techniques for automated adaptive cyber defense that offers minimal human involvement and with provable and measurable properties.

Today's growing use of technology is driving an exponential increase in the complexity of IT operations. The cyber-system complexity pushes the limits of manual infrastructure management and places a heavy burden on organizations and experienced enterprise administrators, and dramatically reduces overall system agility to provide protect network services. There is a great need to automate cyber defense to provide predictive analytics and proactive mitigation against sophisticated advanced persistent threats and malware attacks. As the U.S. Department of Homeland Security wrote in 2011, "Automation is one of the three interdependent building blocks of a healthy cyber ecosystem, along with interoperability and authentication."

Assuring that the configuration of devices can be known, analyzed, and managed is fundamental to emerging concepts of automated and agile defense, and such a defense is viewed as an essential mechanism for future systems. Analytics that are adaptive and robust to achieve this objective is one challenge the research community must address. CCAA's research objectives are focused on advancing cyber defense by integrating robust sense-making and adaptive decision-making for automating risk and threat mitigation and supporting proactive cybersecurity.


  • Colorado State University
  • George Mason University
  • University of North Carolina, Charlotte
View Center Website

Center Personnel

Sushil Jajodia
Center Staff
+1 703 993 2295

Indrakshi Ray
Center Staff
+1 970 491 6355

Heather Richter Lipford
Center Staff
+1 704 687 8376

Massimiliano Albanese
Center Staff
+1 703 993 1629

Bruce Anderson
Center Staff

Research Focus

CCAA research covers a wide range of application domains including critical infrastructure (such as financial systems, industrial control systems, and power grids), large-scale enterprise IT systems and data centers, cloud and software-defined networking, cyber-physical systems, and "internet of things" systems. CCAA research focus areas include:

  • Predictive analytics with the ability to learn risks and threats to the enterprise IT environment without manually inputting data. The fusion of a broad range of enterprise-related data automatically in machine-readable form supports a variety of analytics that can direct automated defensive actions.
  • Automating the cybersecurity architecture design and configuration based on measured properties and metrics to determine the cost-effective and resilient counter-measure deployment and course of action mitigation to minimize residual risk and time to response
  • Holistic systems of security and resiliency evaluation using metric-driven formal methods for quantifying the protection of security configuration and cyber-defense systems.
  • Formal (provable) analytics techniques for defining, verifying, and validating system requirements, such as security policies for large-scale complex systems (for example cloud data centers, software-defined networks, and smart-grid environments), and determining the effectiveness of various analytic methods.


Member Organizations

IUCRC affiliated member organizations are displayed as submitted by the Center. Non-federal organizations are not selected, approved, or otherwise endorsed by the National Science Foundation.