Faculty members associated with the Institute for Information Assurance (IIA) are researching topics that include:
- Malware analysis
- Web security
- Intrusion detection
- Wireless network reliability
- Trustworthy computing
- Denial of service
- Virus and malware dissemination patterns
- Security and privacy in online social networks
- Security policy, international conflict, and cyber warfare
- Cryptography
- Side channel attacks and countermeasures
- Hardware and software system vulnerabilities
- Hardened systems
Specific projects include:
- Engin Kirda’s efforts to build a system to monitor large amounts of network traffic and automatically identify machines compromised by botnets.
- Alan Mislove’s work developing systems, networks, and distribution systems that provide greater control over access to Internet content and help limit vulnerability to online fraud.
- Multidisciplinary research by Javed Aslam and Nikos Passas that examines information retrieval and cyber crime in the banking industry.
- Efforts by Panagiotis “Pete” Manolios to design formal methods tools to achieve higher levels of reliability for safety critical systems, including the cyber infrastructure.
- Will Robertson’s research to detect and prevent attacks against Web applications and design development frameworks that automatically secure against certain classes of attacks.
- A large-scale effort by Agnes Chan, Guevara Noubir, Rajmohan Rajaraman, and Ravi Sundaram to develop agile wireless networks resilient to denial-of-service attacks.
- Research by Olin Shivers, Mitchell Wand, Pete Manolios, and Matthias Felleisen as part a collaborative effort funded by the Defense Advanced Research Projects Agency (DARPA) to develop new programming languages for bug-free, secure technology.
- Olin Shivers’ contributions to developing hardware with built-in safety checks and the ability to verify information, part of DARPA’s effort to design new computer systems that are highly resistant to cyber attacks.
- Amy Sliva’s examination of the semantics for a probabilistic logic framework to represent the timing and probability of attacks, including cyber attacks.
