Cybersecurity and Forensics
· Directing the E-Crime Investigative Technologies Laboratory (ECIT)
· Research and development in targeted data extraction: Developing techniques and a prototype software system (TDES) that supports targeted data extraction from iOS or Android based mobile devices in a forensically sound manner. Applying machine learning techniques to identify classes such as photos and videos. A goal is to ensure privacy for data that does not need to be extracted.
· Exploring techniques to identify vault applications and automatically extract data from such apps.
· Probabilistic Password Cracking: Developing new techniques for password and passphrase cracking based on probabilistic context-free grammars (PCFGs). Adding methods to learn patterns such as keyboard, multi-words and Leetspeak, to improve the guesses generated. Also exploring how to build better attack and training dictionaries. Techniques for cracking passwords based on knowledge of targets’ information has also been explored.
· Developed a technique to identifying passwords on media. We have been using string filtering techniques on hard disks and the context-free grammar based probabilistic cracking approach to suggest to an investigator the top N strings that could be passwords.
· (Automated Disk Investigation Toolkit: AUDIT): Explored automatic analysis of hard disk through developing an expert system that can be used by expert and non-IT expert users alike. The systems integrates open source tools with the goal of providing an “intelligent assistant” to support forensic examinations.
· (Password Analysis and Modification (AMP): Explored ways to build strong and secure passwords that are also usable. Exploring metrics for evaluating the strength of passwords.
· Explored virtualization technology for analyzing malware in email attachments.
· (Accountable Systems): Investigated a new model of accountability for internet systems such as email, based on a dynamic trust management model, and exploring legal ramifications of this model. Explored how such accountable systems could be complementary to traditional security system.
· (UnMask): Built software tools to support the analysis of phishing and threatening emails by law enforcement analysts. UnMask automatically deconstructs an email and populates a database, searches the internet for relevant additional information and provides a customized database GUI and reporting facility. (DNA Online) Developed an online interface to link with a commercial backend system to help law enforcement in code breaking
· (PAPA2 & PAPA): Built a prototype monitoring tool for environments such as prisons, libraries, and parolee interactions. Built a system (predator & prey alert system) to support law enforcement in investigating cyberstalking crimes. The system supports monitoring of the victim and gathering of evidence for prosecution. This research prompted many media interviews.
Computer and Communication Networks
· Explored the use of social networks to locate hard-to-find individuals.
· Explored research problems in distributed network games. Issues included the notion of dynamic authority assignment and how to ensure accuracy and fairness in massively multiplayer online games (MMOG). Two patents have been filed related to this research.
· Developed a security architecture called SAMOA for efficient and secure communication of mobile devices based on segmented security. Patent issued.
· Built a multicast application level software system called Mercury for dynamic and efficient audio and video distribution. Patent issued for part of this work.
· Explored R&D issues in building content networks: intelligent 4/7 web switches, caching, DRM, security, streaming and supporting 3rd party applications.
· Explored building optimal and reliable application-level multicast networks. Developed a reliable multicasting scheme.
· Developed a multicast protocol, called CSM (conference Steiner multicast) as an alternative to protocols such as PIM and CBT. It supports authentication, application assisted routing, and dynamic tree modifications.
· Developed a new approach to QoS for many-to-many multicasting based on the use of Steiner trees and Lagrangian relaxation methods. Patent issued for this work.
Distributed Systems and Parallel Computing
· Developed a mathematical model of parallel computation and a software development environment, called DECCA (distributed environment for coordinating concurrent activities), for building distributed system applications.
· DECCA incorporates a methodology, toolkit and Java API that supports development using Java’s conventional and OOP features, but permits high-level coordination control.
· Developed a software simulation package (ASSERTS) for real-time systems that permits exploring real-time scheduling and the timely execution of tasks in a distributed environment.
· Developed a new real-time tasking model (hyper-periodic) for flexibly scheduling tasks involving monitoring and control.
· Explored middleware for software self-monitoring in a real-time environment.
Search Engines and Databases
· Developed WIRE (Web information retrieval and extraction) for retrieving and extracting relevant data from the Web based on hierarchically structured queries.
· Developed a system, SCOPE, for coping with a deluge of data in a dynamically evolving database system.
Design, Analysis and Verification of Protocols
· Developed a new approach for the formal specification, analysis and validation of communication protocols based on a novel communications algebra for coordination.
· Developed a file transfer protocol for a network of heterogeneous nodes.
· Designed and developed software tools for the specification and analysis of protocols. A prototype system (SPANNER) was used for research and led to the development of a commercial system.
Modeling and Simulation
· Developed techniques for improving the scalability of distributed interactive simulations.
· Developed mathematical methods for the probabilistic and approximate simplification of models of complex systems, based on the notion of ergodic machines.
· Developed simulation models to: assess risk of nuclear waste burial; aid almond growers in evaluating pest management strategies; assess virtual circuit behavior in an Ethernet local area network; and test C with Classes (a forerunner of C++) as a simulation language.
Fall 2018: Network Security – CNT 5412 / CNT 4406
Some Recent Courses Taught
Spring 2018: Theory of Computation – COT 4420
Networks – CNT 4504
Fall 2017: Network Security – CNT 5412 / CNT 4406
2017: Theory of Computation
– COT 4420
Spring 2017: Cryptography – CIS 5371
Interests: Network Security, Computer Networks, Automata Theory and Formal Languages, Algorithms and Data Structures, Digital Forensics, Formal Methods for Specification and Verification, Distributed Systems, Real-time Systems, Modeling and Simulation.
Last modified: August 2018