• No results found

Cyber-security Research at Stony Brook

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Cyber-security Research at Stony Brook"

Copied!
15
0
0

Loading.... (view fulltext now)

Download now ( 15 Page )

Full text

(1)

http://ccs.cs.stonybrook.edu

Cyber-security Research

at Stony Brook

Radu Sion

http://crypto.cs.stonybrook.edu

(2)

USS Yorktown

• September, 1997: USS Yorktown is 100%

“dead in the water” for 2.5 hours, then

stalled in port for 2 days.

• Cause: Cruiser runs MS Windows on

LAN-connected machines in its “Smart

Ship” system. Result:

blue

screen of death

(3)

F22 Raptor

• February 11, 2007: 12 raptors flying from Hawaii to

Japan are forced to turn back in panic mode: nav and

comm systems are 100% down.

• Cause: software was not designed to cross international

date line (180 meridian of longitude)

(4)

Cyber-security is

hot

!

• First and foremost: it is lots of fun !

• Security incidents continue to sky-rocket

– Incidents reported by US CERT have increased by a factor of

100 in the past decade

• Bad guys are becoming more sophisticated

– Progression from “script kiddies” to cybercrime, cyberactivism, and so on

• Spam, cyber-extortion, phishing attacks all driven by this trend

• Thus …

– Current technologies and solutions aren’t very effective – Things are going to get worse before they get better

(5)

What is cyber-security ?

• Businesses

– Banking and financial transactions

– Marketing, advertising, and corporate communication

• Federal and State Governments

– Classified data (DoD, DoE, …) – Critical infrastructures

• telecom, transportation, power, law-enforcement,

• Consumers

– Theft of bank accounts, passwords, credit card #s, … – Loss of privacy

• snoop on web sites visited

(6)

Overview

• Research spread over several laboratories

• Over 30 graduate students

• Research supported by NSF, ONR, AFOSR, Army

Research, DARPA, NIST, Computer Associates,

Motorola Labs, IBM Research, IBM

• Center for Cyber-security

– NSA-designated Center of Excellence in Information Assurance Education (2002-08)

(7)

Faculty

• Tzi-cker Chiueh ([email protected])

– Compiler transformations, attack recovery

• Rob Johnson ([email protected])

– Software security, program analysis, cryptography

• C.R. Ramakrishnan ([email protected])

– Formal methods, vulnerability analysis

• R. Sekar ([email protected])

– Program analysis/transformation, policy enforcement, attack detection/recovery

• Radu Sion ([email protected])

– Data and network security, applied/practical cryptography

• Scott Stoller ([email protected])

– Trust management, vulnerability analysis, program analysis

• Erez Zadok ([email protected])

– File system and storage security

(8)

Labs

• Applied Logic Laboratory

• Design and Analysis Research Laboratory

• Experimental Computer Systems Laboratory

• File-systems and Storage Laboratory

• Network Security and Applied Cryptography Lab

• Secure Systems Laboratory

• Security, Programming Languages and Theory Lab

• Trusted Hardware Lab (part of NSAC Lab)

(9)

Sample Projects (1)

• Software security

– Source-code analysis for vulnerability detection

– Program transformation for runtime detection and prevention of attacks on COTS software

– program anonymization

• Intrusion Detection

– Safe execution of mobile/untrusted code – Safe vulnerability and penetration testing

– automated vulnerability analysis + signature/patch generation

• Applied Cryptography

– Digital E-Cash and Micro-payments in networks – analysis of security in DVD/HD-DVD protocols – authentication for digital imagery

(10)

Sample Projects (2)

• Security in Wireless Networks

– Privacy in Cellular Networks – Sensor Network Security

• Storage Security

– Secure file systems – Regulatory compliance

• Access control policies and trust management • Secure Data Management

– data outsourcing – database security

(11)

Areas

• Software security

– Compilers – Operating systems – Verification/assurance

• Hardware security

– Trustworthy hardware

• Data security

– Storage/file security – Database security – Rights Protection

• Network security

– Wireless/cellular security – Applied Cryptography

• Distributed systems

– Trust management – Vulnerability analysis – Privacy preservation

• Security policies

– Frameworks

– Monitoring and compliance – Intrusion detection

(12)

Impact and Funding

• Funding: $12M+ in federal research grants:

NSF CAREER (5), ONR Young Investigator, IBM Faculty Award, DoD Critical

Infrastructure Protection and IA Fellowship award (1 of 12 in US, 1 of 2 in NY), NSF ITR awards, $2.5M NSF award to support Scholarships for students specializing in IA (only new award in 2004), 8+ NSF Cyber

Trust awards in 2006/2007

• Publications: 30+ papers/year in highly

competitive forums: IEEE Security and Privacy, USENIX

Security, NDSS, CCS, DSN, ACSAC (best paper), OSDI, FC, CSFW, ICDCS, USENIX Technical, FAST, RAID, DSN, TKDE, VLDB, ICDE, PLDI, FSE, TOPLAS, SOSP

(13)

Why work in cyber-security ?

• Plenty of problems to be solved

– The one area where companies are investing

significantly

• Shortage of qualified personnel

– Especially in federal government

– Hard to outsource security jobs…

• Robust growth expected in the sector for

foreseeable future

(14)

Further contact info

• Center for Cyber Security homepage

http://ccs.cs.stonybrook.edu/

• Faculty personal home pages

http://www.cs.stonybrook.edu/people/faculty/

• Laboratory home pages

http://www.cs.stonybrook.edu/facilities/research/

• Information Assurance Scholarships

(15)

echo “lunchtime” > /dev/null

References

Download now ( PDF - 15 Page - 294.37 KB )

Related documents

v e r i g e n t w o r k s

Verigent provides qualified technical personnel to support your projects for any period

ENTREPRENEURSHIP IN BIOLOGY EDUCATION AS A MEANS FOR EMPLOYMENT

It is the (education that will empower biology graduates for the application of biology knowledge and skills acquired in solving the problem of unemployment for oneself and others

LCD Digital Colour TV

In analogue mode, press PROG/CH +/– , or the number buttons, to select the video channel~. For other

SAFETY DATA SHEET of: RE-TAC 2014

Do not walk into or touch spilled substances and avoid inhalation of fumes, smoke, dusts and vapours by staying up windRemove any contaminated clothing and

Savings accounts will earn you more

In view of the present satisfactory level of computerisation in commercial bank branches, it is proposed that, ‘‘payment of interest on savings bank accounts by scheduled

Dr. E. Kent Palmer. Ph.D. in Information Science, Nova Southeastern University, Fort Lauderdale, 2004

- Habitat for Humanity International – Provided computer support for the direct mail, telemarketing, major donor, matching gift, and special event fundraising programs -

Huawei Your solution partner

No.3 IP Fixed Mobile All-IP based FMC Single Platform Box Module Site or Central Office One Cabinet One Site 9KW 3×3KW Smart modularized power management 2KW

Comparing a Multiple Regression Model Across Groups

A series of regression analyses were run to examine the relationships between graduate school grade point average (GGPA) and the Verbal (GREV), Quantitative (GREQ) and Analytic