This is the main web page of Network Security Research Lab headed by Dr. Edward Chow.
Currently we have the following projects at different stages (some of these project-person mappings are tentative; you may move around or propose new one; follow your bliss; hope not changing too often:-)):
Enhance Security of Blockchain Systems
- Investigate attacks and defenses of core technologies used by blockchain systems.
- Investigate vulnerabilities of permissioned blockchains for a business network in general and gorvernment services in particular.
- Create penetration testing tool specifically for blockchain systems
- Prototype permissioned blockchain systems for government services and perform vulnerability analsysis and penetration testing on them.
Homomorphic Encryption Research Project
- Efficient Clifford-Based Homomorphic Cryptosystems
-
Right Place Right Route Data Delivery(R2D2) project
- Design and develop system for specifying/verifying R2D2 requirements.
- Develop web app with web crypto and google map APIs for encrypting data and specifying R2D2 restrictions.
- Develop Value-Added Software Defined Network for location path verification.
- Develop privacy preserving/enforcement tools for R2D2
Proximity Based Encryption (PBE) sponsored by Northrop Grumman.
- Proximity Specification and Verification.
- Tools for PBE based on Web Cryptography draft standard
- Create new network verification services for supporting PBE.
Software Defined Network Based TOR Network (SOR). Abdelhamid Elgzil.
- Design and develop bootstrap networks for TOR networks.
- Design and develop anonymous secure payment systems for SOR services.
- Design and develop efficent SDN based TOR networks.
Unified homeland security strategies through game theory. Rick White and Aaron Burkhart
- Rick White just finished his phd defense 11/5/2013. His dissertation attracts attention from DHS ST resulting the following grant.
- RAMCAP standard review and enhancement. Funded by ORNL and DHS ST.
- Develop a risk analysis tool for critical infrastructure. LIRA.
Cyber Resilience.
- Network Resilience in Cloud across Cloud Providers
- Defend with Diviersity: Explore the use of diverse OS/Library/Programming Languages.
- Migration of web service S2M, M2M, S2S, and M2S.
SCOLD: DDoS attacks and defenses.
-
Intrusion Tolerance and the Cloud: Explore the use of virtual machines in cloud providers to establish alternate routes using multiple indirect routing/secure DNS.
-
Utilize IPv6 address hoping to avoid and slowdown DDoS attacks.
-
Large Scale Modeling and Simulation study of Botnet DDoS attacks and defense techniques.
-
Fast intrusion traceback/pushback/tolerance techniques with Software Defined Networks. Josh Alcorn. Modeling using Estinet.
-
Cloud/Computer/Mobile Forensics. Haitham Ennajah, Adil Ahmad
SCORES (Smart Cloud Optimal Resource Selection):
-
N-Cloud Storage. Secure efficient striping techniques and tools for utilizing low cost cloud storage. Fahad Alsolami (he will move to Dr. Boult's group after finish the first phase this project with me.)
-
Algorithms and network services for selecting data center locations given a set of producers, consumers, and metrics.
Tools and Techniques for Regulation Conformance (Initial work done by Sarah Pramanik, first graduate of phd security program). Sarah Pramanik, Ammar Almutawa
-
Apply to DoD systems.
-
Apply to Healthcare systems.
- Blockchain Security Research (Joint Rearch Projects with Drs. Xiaobo Zhou and Sang-Yoon Chang). Shawn Emery, Hsiang-Jen Hong, Wenjun Fan.
- Vulnerability Anslysis Blockchain Based E-Voting System.
- Fast Resilient Consensus Protocol for Blockchain.
- Homomorphic Encryption Research (Joint Project with Professor Carlos Araujo). David Honorio, Suneetha Tedla
-
Attribute-Based Chameleon Hash Algorithms for Redactable Blockchain in mHealth Systems. Arij Alfadi
- Behavior Study for Preventing Social Engineering. Henry Collier.
-
R2D2: Right Place Right Path Data Delivery. Ehab Ashary
-
Threats Theory and Their Applications. Sarah Pramanik
- SOR: Anonymity Software-Defined-Network-Based
Onion Routing. Abdelhamid Elgzil.
- SDN on-the-Go. Scott Melton, Joshua Alcorn.
- SDN Security Research. Scott Melton, Joshua Alcorn, Amer Aljaedi.
- Multi-channel software-based MAC protocol for Under Water Sensor Networks. Ahmed Guqhaiman.
- Secure GPS Data for Critical Infrastructure and Key Resources. Steve Lewis.
- UFAP: Ultra-fast Handoff Authentication Protocol for Wireless Mesh Networks. Naif Alamri.
- Machine Learning for Classifiying Sensitive/Classified Document (Joint Project with Dr. Terry Boult.) Khudran Alzhrani
- Risk Analysis for Critical Infrastructure Protection (funded by DHS). Rick White, Randy George, Aaron Burkhart.
- Long Lasting Survivable Web Objects. Jebreel Alamri.
- All software/tools/techniques developed in your dissertation/thesis/project will be put in public domain to be verified/shared/improved/enhanced by others, not declared as personal properties. Note that you can still copyright your software and allow academic research usage. You can always start your own business based on your insights of your work after you graduate. It is just too narrow a mindset to protect before to innovate.
- You will need my permission to submit the proposal and final report to the committee members and schedule the proposal meeting or final defense. This is to ensure the qualify of the work and your success in defending the work.
Expectation:
- Responsive to requests/emails. Try to check emails at least three times a day:-)
- PhD requires a lot of hard work and long persistent effort. As a guide for full time students, commit to work/study at least 6 hours during M-F during the semester. I spent twice that when worked as RA in UT Austin.
- Note that my main research area is in networks and systems. It requires a lot of effort in modeling, simulation, and implementation to demonstrate/validate the concepts/theories/techniques. This is "blue color" "dirty hand" hard work. If you do not like programming or building systems, do not join this dangerous group. You need to be willing to spend effort to pick up other languages/systems/tools that is necessary for conducting your research, not limiting to just those you are comfortable with.