Research Projects

Home ] About Me ] Students ] Old News ] Publications ] [ Research Projects ] Teaching ] Miscellaneous ] Contact ]

Research Projects:

  • Real-Time Intrusion Detection with Emphasis on Insider Attacks (completed). We have worked on a novel security system based on the encapsulation of owner's intent, which can be readily used as a concise reference for monitoring of intrusions. Moving away from the traditional method of detecting intrusions through low level network and other resource audit, to a much higher level results in the semantic perspective of what the user wants to accomplish. By actively querying the user for his intent, one will be able to build a small and manageable set of assertions so that the search space is more focused and the system is able to respond faster, make fewer mistakes and scale well.

  • Graduate Students: R. Chinchani (Ph.D., May 2005), A. Muthukrishnan (M.S., June 2004), M. Chandrasekaran (M.S., June 2004); Under Supervision of Shambhu Upadhyaya

  • Publications: IEEE IWIA 2003, ACSAC 2004, Managing Cyber Threats, Springer 2005

  • Funding Agency: DARPA (2003-05), AFRL (2000-06)

  • Event Correlation for Cyber Attack Recognition Systems (completed). We have developed a demonstrable software-system prototype that is capable of fusing performance and event data coming from various intrusion detection and network management subsystems typically used in information infrastructures with data derived from textual, open sources to give the security analyst a broad interpretation of what is going on in his system, and what the motivation might be behind an attack. The fusion process involves adaptive logic that produces feedback information that can also be used to modulate the network and open-source sensors to increase their effectiveness. This research involves graph theoretic approaches to threat assessment, fusion and sensor management.

  • Graduate Students: S. Mathew (Ph.D. July 2009) and C. Shah (M.S., Jan. 2005); Under Supervision of Shambhu Upadhyaya, Moise Sudit, Jim Llinas

  • Publications: IEEE IWIA 2005, SIMA 2005, ACM VizSec 2006, Milcom 2009, Milcom 2010

  • Funding Agency: ARDA (2004-06), AFRL (2004-06)

  • Protecting Documents from Insider Threat – A Multiphase Approach (completed). This project has developed a comprehensive document control and management system through several innovative schemes for secure access, on-line monitoring and support for log-based forensics. The uniqueness of the approach is the security consideration throughout the life cycle of a document, viz., pre-document access phase, mid-document access phase and post-document access phase. We have applied the concept of user profiling, document profiling and role-based access control mechanisms to accomplish the goals. The outcomes of this research are: more accurate modeling and mitigation of insider threat (graph-based), protection against subversion/circumvention of the monitoring mechanism itself (structural knowledge) and post-attack trace-back for attack identification (forensics) as applicable to the realm of document control.

  • Graduate Students: S. Pramanik (Ph.D., Aug. 2007), S. Vidyaraman (Ph.D., Feb. 2008), N. Shah (M.S., June 2004), A. Garg (Ph.D., June 2006); Under Supervision of Shambhu Upadhyaya

  • Publications: IA Symposium 2004, ACSAC 2004, IA Symposium 2006, ICC 2006, IFIP Digital Forensics 2008

  • Funding Agency: ARDA (2003-05)

  • Game Theoretic User-Centered Security Design Techniques (completed). The field of security has many theories that are both sound and complete, yet their implementation is of concern in modern day systems. The game theoretic models developed in this project take into account the preferences of the users and the goals of the system/security mechanism; each of the models is tuned towards the goal of providing a technically meaningful solution by actively involving the users in the loop. This project is a major step forward in solving the decade old problem of the weak human factor that has received little technical attention beyond mere education of users.

  • Graduate Students: S. Vidyaraman (Ph.D., June 2008); Under Supervision of Shambhu Upadhyaya

  • Publications: iTrust 2006, Ubisafe 2007, ESORICS 2007, MMM-ACNS 2010

  • Funding Agency: Air Force Research Laboratory (2004-08)

  • Defect and Fault Modeling of RF Circuits (completed). A number of problems in the VLSI Testing area are better addressed by empirical studies and simulation. Defect based testing has been now recognized as a very effective test approach for deep sub-micron integration technology due to its ability to focus on realistic faults. In this research, we have looked at front-end RF components and with the help of layout level analysis tools, conducted empirical analysis to model realistic failures. This research has involved the defect analysis and fault model extensions of both active and passive circuit elements.

  • Graduate Students: K. Sundararaman (M.S., May 2004), R. Bhowmick (M.S., June 2005), S. Gopalakrishnan (Dec. 2006); Under Supervision of Shambhu Upadhyaya

  • Publications: ISQED 2004, NATW 2004, DFTS 2006, Jetta 2008

  • Funding Agency: SRC, Microelectronics Design Center, University of Rochester (2003-06)

  • Modeling Insider Threats and Reasoning about Intrusions.  We have developed a theory of insider threat assessment. This is the first such work which systematically and specifically addressed insider threat. The team has developed a modeling methodology which captures several aspects of insider threat, and subsequently makes an assessment to reveal possible attack strategies of an insider in an organization. The current focus is insider threat detection in database systems by monitoring user's data access patterns.

  • Graduate Students: R. Chinchani (Ph.D., May 2005), S. Pramanik (Ph.D., Aug. 2007), S. Mathew (Ph.D., July 2009); Under Supervision of Shambhu Upadhyaya and Hung Ngo

  • Publications: JCO 2005, IEEE DSN 2005, Fusion 2008, RAID 2010

  • Funding Agency: DARPA (2004-05)

  • A Behavior Based Methodology to Mitigate Internet Attacks. In this project, a unified behavior based framework for mitigating Internet based threats is being developed. The main goal of this research is to develop an attack-agnostic framework to address all facets of security – viz. attack protection, detection, response and forensics. The impact of this research is a set of solutions to mitigate the common Internet based threats – phishing, zero-day attacks, spyware and information leak.

  • Graduate Students: M. Chandrasekaran (Ph.D., May 2009), N. Pulera (M.S., June 2008), (H. Alkebulan, M.S., Dec. 2008); Under Supervision of Shambhu Upadhyaya

  • Publications: Ubisafe 2006, Malware 2007 (Best Paper Award)

  • Funding Agency: DoD (2007-08)

  • Secure, Robust and Trusted Communications in Wireless Networks. In this project, we adopt a "data-first" approach for improving robustness and security guarantees in wireless communications: it provides solutions for robust data delivery under several threat and failure models associated with diverse network settings. The emphasis is on mitigating risks from exploits that target open-air properties of the wireless media. Two parallel streams of work address dominant data communication and design issues in Wireless Data Networks (WDNs, which include Mobile Ad-hoc and Wireless Mesh Networks) and Wireless Sensor Networks (WSNs).

  • Graduate Students: M. Virendra (Ph.D., June 2008), R. Mehresh (M.S., June 2009); Under Supervision of Shambhu Upadhyaya

  • Publications: KIMAS 2005, SKM 2006, ICC 2007, MMM-ACNS 2007, SKM 2010

  • Funding Agency: Air Force Research Laboratory (2007-09)

  • Accelerating Techniques for Rapid Mitigation of Phishing and Spam Emails. Phishing scams pose a serious threat to end-users and commercial institutions alike. Current software based solutions that operate at application space to detect such emails using rule-based techniques are not very effective. We aim at detecting phishing attacks based on the semantic and structural properties present in the content of the phishing emails. Our solution is hardware based and can be implemented at the gateways. For this purpose, we are trying to implement some basic theories such as Simulated Annealing, Bayesian Learning, and Associative Rule Mining in the hardware by exploiting the inbuilt pipelining, scheduling and other accelerator capabilities and the micro engines of the Tolapai processor.

  • Graduate Students: M. Chandrasekaran (Ph.D., May 2009), A. Nagrale (M.S., Feb. 2010), P. Gupta (M.S., Feb. 2010), H. Nagarajaiah (M.S., June 2010), V. Keshavamurthy (M.S., June 2011); J. Parikh (M.S., expected December 2011); D. Yip (BS, expected June 2012); Under Supervision of Shambhu Upadhyaya

  • Publications:  ESCS Workshop co-located at IEEE SRDS 2009; DCNMS 2011 Workshop co-located at IEEE SRDS 2011

  • Funding Agency: Intel Corporation (2008-10)

  • Security and Robustness of Localization Techniques for Emergency Sensor Networks. Recent advancement in radio and processor technology has seen the rise of Wireless Sensor Networks (WSN) as a reliable and cost-effective tool for real-time information gathering and analysis tasks during emergency scenarios like natural disasters, terrorist attacks, military conflicts, etc. Post-deployment localization is extremely important and necessary in such applications. But, current distributed localization approaches are not designed for such highly hostile and dynamic network conditions. This project studies the adverse effects of factors like cheating beacon node behavior, node disablement and measurement inconsistencies on the corresponding localization protocols and attempts to provide simple and efficient solutions, both in terms of computation and resource requirements, to overcome each of these problems.

  • Graduate Students: M. Jadliwala (Ph.D., Sept. 2008); Under Supervision of Shambhu Upadhyaya

  • Publications: IJSNET 2007, SRDS 2007, INFOCOM 2008, WiSec 2009, F2DA Workshop co-located at IEEE SRDS 2009

  • Funding Agency: Currently Not Funded

  • Secure Proactive Recovery. In this project, we develop a new game-changing methodology, viz. secure proactive recovery, which can be built into future mission-critical systems as a contingency plan. Our solution is being realized through a hardware-supported design of consensus protocols to make them immune to attacks and deception by an adversary. In order to minimize overhead and enhance performance, we utilize redundant hardware that may be found in today’s self-testing processor ICs towards tamper-proofing the consensus protocols.

  • Graduate Students: R. Mehresh (Ph.D., Started Sept. 2009), K. Kamana (M.S., June 2010), M. Pothukolu (M.S., June 2010), H. Mulukutla (M.S., June 2010); J. Jagadheeshwar Rao (M.S., June 2011); Sulaksh Natarajan (M.S., June 2011); Under Supervision of Shambhu Upadhyaya

  • Publications:  Third International Workshop on Dependable Network Computing and Mobile Systems (DNCMS 2010) co-located at IEEE SRDS 2010; SAM 2011

  • Funding Agency: Air Force Research Laboratory (2009-10)

  • Formal Methods-Based Common Criteria Certification Framework for a Separation Kernel. The project will study the Open Kernel Lab’s OKL4 separation kernel and develop a framework of the formal proof artifacts necessary to obtain Common Criteria EAL 6+ certification of OKL4 to the SKPP v1.03 specification. Phase 2 will look at the design of secure application on top of the kernel using the concept of componentization.

  • Graduate Students: T. Kudari (M.S., Sept. 2010), P. Nataraj (M.S., June 2010), V. Krishnamurthy (M.S., June. 2011); P. Dabade (M.S. expected December 2011); Under Supervision of Shambhu Upadhyaya

  • Publications:  Forthcoming

  • Funding Agency: Harris Corporation, Rochester, NY

 
 

Home | Contact