Research Projects

Hamdy Soliman

Wireless & Computer Security

The development of a new security protocol (similar to the CCMP with core AES encryption, WPA2, aka IEEE802.11i) with a novel stream-block cipher “Synchronous Dynamic Encryption System” (SDES) at its core; very competitive to modern most advanced peers (CCMP).

Smart Sensor Networks

Developing “Smart Asynchronous Event Detection Secure Wireless Sensor Network”; utilizing the SDES and Neural Networks modeling, for civil/military applications such as: battle field monitoring, forest-fire, tsunami, earthquake, volcanic activities, border intrusion, etc.

Smart Cloud-Computing monitoring

Neural Network modeling for preemptively dealing with any unexpected failure or security intrusion in the cloud, warning us ahead of time of any future problem.

Neural Network Image/Data Compression & Security:

Hybrid SOFM & ART Neural Networks modeling to compress data and images, very competitive to peer Wavelet technology.

Routeless Routing Protocols (RRP) for Ad-Hoc Mobile Wireless Sensor Networks (AMWSN):

To deal with the very challenging routing over AMWSN by making one route for every packet, avoiding all of the fixed/pre-determind routing mechanisms’ route failure problems/overheads (e.g., AODV)!

Subhasish Mazumdar

Information Analysis

Can events be detected by examining traces of processes? How can diverse sources of information be queried and fused? Our approach is to build a \e{model} of the domain using ontologies. (supported by DHS.)

Sensor data management

How to minimize energy while getting a set of sensors to compute meaningfully. We examine in-network aggregation and synchronous computation in realistic settings which need recovery schemes. (supported by NSF)

Mobile Security and Privacy

Data on mobile devices are subject to manipulation by malware. Mobile devices are often lost or misplaced. Our approach is a logging scheme for the mobile environment that also provides tamper-resistance.

Large graph data

Research articles and their citations form a very large and growing graph from which metrics allegedly capturing the impact of articles are derived. They are popular but often misleading because the semantics of the citations are missing. Our approach is to classify citations by semantic meaning and use them as weights on our extension of the Hubs and Authorities algorithm to determine impact.

Lorie Liebrock

Enterprise-wide security (EwS): Identifying Attackers

Data

Outbound web proxy data (6.4B requests)
Antivirus detection reports ($\sim$~306k events)
Cyber incident response tickets (1256)
Public phishing site data ($\sim$~90k sites)
Analysis

Build per computer web access timelines and overlay compromise events
Label suspicious sites (correlate in time)
Multiple independent labels $\sim$ compromise site

EwS: Authentication-based Analysis

Data

Enterprise authentication
User types and indication of compromise

Build time-constrained authentication graph with vertices for computers and user authentication arcs between computers
Diameter can separate user types (admins versus regular users)
Changes to diameter can indicate compromise
Quantifying risk

Build bipartite host-user transitivity analysis with connectivity approximating risk

Dongwan Shin

Multi-Channel Based Security in Pervasive Computing

This project is focused on addressing the problems of secure mobile device identification and secure information sharing in ubiquitous/pervasive computing environments. The fundamental question we try to tackle is “without a priori knowledge such as using password, can we establish a secure and spontaneous communication between two wireless nodes?” The solution to this can be applied to many real-life scenarios such as ad-hoc collaborations among first/emergency responders. The multi-channel based approaches such as using a visual barcode are what we are interested in solving the problem. For instance, we proposed a visual barcode system called UbiColor, which can be used in an out-of-band channel in order to bootstrap trust between mobile entities previously unknown to each other and facilitates a mechanism for indentifying those entities, thereby providing a robust means for authentication and access control. For more information, please visit the project site below. (supported by Intel, New Mexico Tech)

User-Controlled Attribute Sharing in Virtual Community

This project is focused on addressing the problems of online privacy in virtual communities such as social networking sites (SNSs). The question we are particularly interested in is “how can users control which attributes of theirs will be shared with other entities such as other users, 3rd-party applications, or service providers in virtual communities?” This question, so-called selective attribute release and sharing, has been partially addressed in the domain of digital identity management (permission-based attribute sharing, server-based approach) and in the domain of cryptography (selective attribute disclosure, credential-based approach). Our goal in this project is to develop fundamental techniques (both server- and credential-based) to attain user-controlled sharing of personal attributes in virtual community without compromising the user’s social intent and interaction. For more information, please visit the project site below. (supported by NSF (TC))

Lightweight Security Policy Support in Sensor Networks

The research on security and risk management in a wireless sensor network (WSN) will attempt to tackle the fundamental security problem in WSN and to explore a lightweight, risk-aware security framework for sensor network, which dynamically facilitates secure data/information/knowledge communication and sharing in WSN. The key idea behind this framework is that the notion of risk should be factored into the design of a security solution for WSN to better reflect the dynamic nature of the network as well as optimize the performance. (supported by NSF (CRI))

Advanced Security Policy Engineering Framework For Critical System

As our national reliance upon information systems increases, more and more focus has been directed toward the security of those systems. One of the most challenging security problems facing us today is how to secure these critical systems. This project is focused on developing an advanced security policy engineering framework for protecting distributed, critical systems. The proposed framework is mainly concerned with the access control aspects of the security policy. It includes a formal approach to modeling an access control in distributed environments, which can be used to analyze flaws in authorization. Consequently, it results in an adversary model by detecting the flaws in distributed access control policies. In order to attain our goal, the proposed project includes three technical tasks: 1. modeling of a distributed access control policy, 2. analysis of access control policy constructs, and 3. development of access control policy management and enforcement. (supported by Sandia Labs)

Jun Zheng

DroidRisk

A framework to quantitatively evaluate the security risk levels of Android apps and permissions

Pattern Strength Meter for Android Pattern Unlock

Use pattern strength meter as visual indicator of pattern strength.
Encourage users to create visually complex pattern for better security

Exploration of Attack Vectors facilitated by Mobile Devices

Explore various passive and active attacks that could be launched through mobile apps

Abdelmounam Rezgui

Big Data

Techniques for efficient and scalable big data processing in non-traditional execution environments, e.g., clouds , GPUs, purpose built computers.

Cloud Computing

Efficient resource allocation in the context of community clouds (e.g., GENI, CloudLab, Chameleon)
Stochastic methods (e.g., Poisson-Gamma Gibbs Sampling) Geospatial Computing

Geospacial Computing

Multi-criteria geospatial routing

Energy Efficient Networking and Computing

Energy saving approaches (e.g., offloading compute-intensive tasks to the clouds)
Energy saving thread scheduling and synchronization

Social Computing

Utilizing sentiment analysis to derive hidden relationships (e.g., affinity) in social networks with no explicit friendships (e.g., Twitter)