Subareas: Network Security, Cloud Computing Security, Mobile Device Security
Security research focuses on developing techniques to defend computer systems and networks against misuse and interference. Presently our department is engaged in several research directions in this general area.
Network security: Today’s Internet infrastructure is a common target of attack and the vehicle for numerous unwanted activities in network applications (e.g., spam, phishing). We are conducting research to evaluate the extent of these vulnerabilities and to develop defenses against them. This includes research on both protecting the Internet infrastructure from attack and designing defenses within the context of network applications.
Cloud computing security: An undeniable trend in computing is increased use of “clouds”, i.e., facilities to which customers outsource data and processing. Because these facilities are shared, however, a customer’s data and processing may reside with those of competitors or attackers, and so privacy and integrity of the customer’s activities are paramount. We are developing technologies to better protect data and processing in such threatening environments.
Mobile device security: Mobile devices like smartphones pose interesting challenges and opportunities in the area of computer security. Challenges arise because as mobile devices evolve toward fully functional computers with platforms like Android, they become targets for exploits that are now common for personal computers and potentially new exploits arising from the usage modes they enable. That said, as the first truly ubiquitous mobile computer, they offer new opportunities for security functionality, as well, e.g., for user authentication. We are conducting research to address the threats facing mobile devices and to harness the new opportunities they offer.