Embed Size (px)
Citation preview
Computer Science and Engineering 1
Information Assurance Research
Department of Computer Science and EngineeringUniversity of South Carolina, Columbia
Faculty in Information Assurance
• 3 faculty members with primary interest in IA– Csilla Farkas: Information assurance, web data security and
privacy, damage and social vulnerability analysis of cyber attacks
– Chin-Tser Huang: Intrusion detection, wireless security, network protocols
– Wenyuan Xu: Wireless networking and security, sensor networks, jamming detection and avoidance
• 6 faculty members with IA-related research– Duncan Buell, Caroline Eastman, Stephen Fenner, Michael Huhns,
Manton Matthews, and John Rose
Computer Science and Engineering 3
Csilla FarkasCsilla Farkas
Associate Professor (2000 – present)
Computer Science and Engineering 4
• Semantic Web security – Data and meta-data security – Secure information sharing– Web application security
• Critical Infrastructure Protection– Economic and social aspects of
cyber attacks– SCADA systems security
Research DirectionsResearch Directions
Organizational Data
Confidential
OntologySecure Data Integration
andInferences
Public User
Web Data
Public
Access ControlModels
OffenseDefense
• Other Research– Policy Compliance – Online Privacy – Open source intelligence– Secure VANET communication
Computer Science and Engineering 5
Secure Semantic Web Secure Semantic Web
• Web Data and Metadata Security – Semantic-Aware XML access control– RDF security policy– Stream data security
• Web Services (WS) Security– Service-level security across heterogeneous domains– Identity and trust management– Execution correctness, WS transactions
Computer Science and Engineering 6
Damage Assessment and Social Damage Assessment and Social VulnerabilityVulnerability
• Damage Estimation and Social Vulnerability– Damage of the target may not reflect the real amount of
damage– Services may rely on the attacked service, causing a
cascading and escalating damage– Identify characteristics to evaluate vulnerability of different
social strata for cyber attack consequences• Support decision makers to
– Evaluate risk and consequences of cyber attacks– Support methods to prevent, deter, and mitigate consequences
of attacks
Computer Science and Engineering 7
Chin-Tser HuangChin-Tser Huang
Assistant Professor (2003 – present)
Computer Science and Engineering 8
Wenyuan XuWenyuan Xu
Associate Professor (2007 – present)
Wireless networking and Wireless networking and security security
• Interested in non-traditional security and privacy issues for emerging wireless systems
• Vehicular networks, Sensor networks…..
• Like to deal with real systems, play with cool gadgets.
• Like to break thing first, then build a solution
Computer Science and Engineering 9Computer Science and Engineering
Computer Science and Engineering 10Computer Science and Engineering
Radio Interference/Jamming Radio Interference/Jamming Attacks in Wireless NetworksAttacks in Wireless Networks
Wireless networks Communicate via shared media
Channel access protocol: carrier sense based
Threats Unintentional radio interference: 802.11b/g, cordless phone, Bluetooth, Microwave
oven share the same frequency band
Intentional jamming: A transmitter overrides any signal with enough power
Research Jamming detection– distinguish between radio interference scenario from normal
network dynamics, including congestion, hardware failure, mobility
Jamming defenses – resume network connectivity in the presence of jamming
Channel Surfing
Timing channel
Bob Alice
Hello …
Hi …
@#$%%$#@&…
Mr. X
Security Analysis of TPMSSecurity Analysis of TPMS
• TPMS - Tire Pressure Monitoring Systems– Monitoring the air pressure inside tires in automobiles.
– All cars made after 2008 are mandated to install TPMS
• Any secure or any privacy issues?– Can we eavesdrop?
– Can we inject fake packets?
• Not much TPMS information available in public domains.
=> Reverse engineered communication protocols
Computer Science and Engineering 11
Computer Science and Engineering 12
Privacy Issues in Wireless NetworksPrivacy Issues in Wireless Networks
• Content-Oriented Security and Privacy:– Issues that arise because an adversary can observe and manipulate the exact
content in a sensor message.
– Best addressed through cryptography and network security.
• Context-Oriented Privacy (what we are interested):– Issues that arise because an adversary observes the context surrounding creation
and transmission of a sensor message.– Example: sink location privacy in sensor networks.
12
ATM
Computer Science and Engineering 13
Contact Information
Center for Information Assurance Engineering
http://www.cse.sc.edu/research/isl
