Over the last decade, the University has added new strengths that have developed strong research programs covering problems in the following CD Focus Areas: Security Mechanisms and Functionality, Architectures, Operations, Analysis, and Non-technical IA Issues.
Dr. Arun Lakhotia was the first to use program analysis and machine learning techniques to deal with polymorphic and metamorphic malware. His early research on modeling the offense-defense game of malware and anti-malware, supported by AFOSR, led to the creation of BinJuice, a system to normalize polymorphic malware. The system was later used in the MAAGI project in the DARPA Cybergenome program to create a system for malware attribution, and subsequently in an AFRL project to create next-generation anti-malware, and in a DHS project to create predictive malware defense. The DARPA and AFRL projects were performed in collaboration with Charles River Analytics, who is now working on commercializing the results. In parallel, Dr. Lakhotia has also created a spinoff, Cythereal, that is using BinJuice as a foundation to provide malware threat intelligence.
Hardware Based Security
Drs. Magdy Bayoumi, Dimitri Perkins, and Nian-Feng Tzeng have a long series of work in hardware-based security. Between them, they are considered authorities in RFID security, RFID identity security, PUFs (Physically Unclonable Functions), IoT security, and wireless sensor networks (WSNs) security. Over the years, their research has been supported by several NSF grants, published in leading IEEE journals and conferences, and have influenced many other works, as evidenced by their citations. Dr. Perkins is now on inter-governmental assignment to NSF as a Program Director.
Cyber Physical Systems
Dr. Raju Gottumukkala has established a research program in security of cyber physical systems. His current research, sponsored by Idaho National Lab, addresses security issues for smart charging of electric vehicles, specifically building diagnostic security modules for electric vehicles and charging stations.
Wireless Medical Devices
Dr. Xiali (Sharon) Hei has a growing research program in the security of wireless medical devices taking into account issues such as patient safety, human error, and resource limit. In her research, sponsored by NSF, she is studying the security vulnerabilities of wireless implantable medical devices. These devices offer new challenges since due to being low cost and low power, these devices cannot, by design, embed the same security protocols as those used by desktops, laptops, or even smart phones.
Dr. Mohsen Amini Saleh’s research, sponsored by Louisiana Board of Regents, is focused on security in the cloud environment. He is investigating the challenge of keeping data secure in a third-party controlled cloud storage where trust may be questionable. He has developed a homomorphic encryption scheme to enable search over encrypted cloud storage.
Dr. Mehmet Tozal is investigating security issues on the Internet scale, such as, identifying single points of failure in the Internet backbone. He models Internet as a complex system and analyzes its communication infrastructure in terms of resiliency, reliability, security and efficiency. One outcome of his work is the development of protocols for secure and real-time communication, reliable enough to perform telesurgery, over an unreliable network.
Cyber Terrorism and Data Breaches
Dr. David Khey in criminal justice is establishing a research program in cyber terrorism and data breaches, which includes some recent publications using publicly-available data on known breaches. Working with his colleagues in the Department of Criminal Justice and the Department of Psychology, he is studying the social psychology behind cyber terrorism and cyber bullying on social media. Dr. Chase Edwards of the College of Business is initiating research that focuses on economics of privacy; expectations of privacy; probable cause to obtain data from devices; public reaction to corporate cooperation with law enforcement; trade-offs between privacy and convenience; consumer valuation of privacy.