Network Security Research Home Page
This is the main web page of Network System Security Research Lab headed by Dr. Edward Chow.
Currently we have the following projects at different stages (some of these project-person mappings are tentative; you may move around or propose new one; follow your bliss; hope not changing too often:-)):
Proximity Based Encryption (PBE) sponsored by Northrop Grumman.
- Right Place Right Route Data Delivery(R2D2) project
- Design and develop system for specifying/verifying R2D2 requirements.
- Develop web app with web crypto and google map APIs for encrypting data and specifying R2D2 restrictions.
- Develop Value-Added Software Defined Network for location path verification.
- Develop privacy preserving/enforcement tools for R2D2
Unified homeland security strategies through game theory. Rick White and Aaron Burkhart
- Proximity Specification and Verification.
- Tools for PBE based on Web Cryptography draft standard
- Create new network verification services for supporting PBE.
- Rick White just finished his phd defense 11/5/2013. His dissertation attracts attention from DHS ST resulting the following grant.
- RAMCAP standard review and enhancement. Funded by ORNL and DHS ST.
SCOLD: DDoS attacks and defenses.
- Network Resilience in Cloud across Cloud Providers
- Defend with Diviersity: Explore the use of diverse OS/Library/Programming Languages.
- Migration of web service S2M, M2M, S2S, and M2S.
SCORES (Smart Cloud Optimal Resource Selection):
Intrusion Tolerance and the Cloud: Explore the use of virtual machines in cloud providers to establish alternate routes using multiple indirect routing/secure DNS.
Utilize IPv6 address hoping to avoid and slowdown DDoS attacks.
Large Scale Modeling and Simulation study of Botnet DDoS attacks and defense techniques.
Fast intrusion traceback/pushback/tolerance techniques with Software Defined Networks. Josh Alcorn. Modeling using Estinet.
Cloud/Computer/Mobile Forensics. Haitham Ennajah, Adil Ahmad
Tools and Techniques for Regulation Conformance (Initial work done by Sarah Pramanik, first graduate of phd security program). Sarah Pramanik, Ammar Almutawa
N-Cloud Storage. Secure efficient striping techniques and tools for utilizing low cost cloud storage. Fahad Alsolami (he will move to Dr. Boult's group after finish the first phase this project with me.)
Algorithms and network services for selecting data center locations given a set of producers, consumers, and metrics.
Cyber Physical System Security. Jarret Rush.
Return-Oriented Programming (ROP) Defense. Rodney Lykins.
Trusted system and their application to security and Privacy in Cloud and Social Networks.
Mobile Platform Vulnerability Analysis. Ehab Ashary, Abdulaziz Alzubaidi
IDE for Secure Programming (possibly a new secure programming language?). Abdullah Sheneamer.
Threats Theory and Their Applications. Sarah Pramanik, Abdelahmid Elgzil
Privacy issues in distributed sign translation systems. Michael Mennozzi.
Privacy by Design
Apply to DoD systems.
Apply to Healthcare systems.
- All software/tools/techniques developed in your dissertation/thesis/project will be put in public domain to be verified/shared/improved/enhanced by others, not declared as personal properties. Note that you can still copyright your software and allow academic research usage. You can always start your own business based on your insights of your work after you graduate. It is just too narrow a mindset to protect before to innovate.
- You will need my permission to submit the proposal and final report to the committee members and schedule the proposal meeting or final defense. This is to ensure the qualify of the work and your success in defending the work.
- Responsive to requests/emails. Try to check emails at least three times a day:-)
- PhD requires a lot of hard work and long persistent effort. As a guide for full time students, commit to work/study at least 6 hours during M-F during the semester. I spent twice that when worked as RA in UT Austin.
- Note that my main research area is in networks and systems. It requires a lot of effort in modeling, simulation, and implementation to demonstrate/validate the concepts/theories/techniques. This is "blue color" "dirty hand" hard work. If you do not like programming or building systems, do not join this dangerous group. You need to be willing to spend effort to pick up other languages/systems/tools that is necessary for conducting your research, not limiting to just those you are comfortable with.