Smartphone Related Systems Development
· Developing a scalable multiphone targeted data extracting system (SM-TDES) that implements a ``forensics intelligence" platform able to selectively extract data from multiple phones during mass incident events. This data is collected and analyzed in quasi real-time to provide law enforcement with actionable forensic intelligence for such situations.
· Exploring AI-enabled community supervision for criminal justice services (AI-SMS). Developing an AI based support and monitoring system (AI-SMS) based on the 5-Key Model that includes an app for Android smartphones, a dashboard for supervisors, and a backend system to support parolees in their reentry into the community.
· Research and development in targeted data extraction: Developed techniques and a prototype software system (TDES) that supports targeted data extraction from iOS or Android based mobile devices in a forensically sound manner. Applied machine learning techniques to identify classes such as photos and videos. A goal is to ensure privacy for data that does not need to be extracted.
Cybersecurity and Forensics
· Directing the E-Crime Investigative Technologies Laboratory (ECIT)
· Explored techniques to identify vault applications and automatically extract data from such apps.
· Probabilistic Password Cracking: Developed new techniques for password and passphrase cracking based on probabilistic context-free grammars (PCFGs). Adding methods to learn patterns such as keyboard, multi-words and Leetspeak, to improve the guesses generated. Also exploring how to build better attack and training dictionaries. Techniques for cracking passwords based on knowledge of targets’ information has also been explored. Also developing a distributed systems for faster cracking.
· Developed a technique to identifying passwords on media. We have been using string filtering techniques on hard disks and the context-free grammar based probabilistic cracking approach to suggest to an investigator the top N strings that could be passwords.
· (Automated Disk Investigation Toolkit: AUDIT): Explored automatic analysis of hard disk through developing an expert system that can be used by expert and non-IT expert users alike. The systems integrates open source tools with the goal of providing an “intelligent assistant” to support forensic examinations.
· (Password Analysis and Modification (AMP): Explored ways to build strong and secure passwords that are also usable. Exploring metrics for evaluating the strength of passwords.
· Explored virtualization technology for analyzing malware in email attachments.
· (Accountable Systems): Investigated a new model of accountability for internet systems such as email, based on a dynamic trust management model, and exploring legal ramifications of this model. Explored how such accountable systems could be complementary to traditional security system.
· (UnMask): Built software tools to support the analysis of phishing and threatening emails by law enforcement analysts. UnMask automatically deconstructs an email and populates a database, searches the internet for relevant additional information and provides a customized database GUI and reporting facility. (DNA Online) Developed an online interface to link with a commercial backend system to help law enforcement in code breaking
· (PAPA2 & PAPA): Built a prototype monitoring tool for environments such as prisons, libraries, and parolee interactions. Built a system (predator & prey alert system) to support law enforcement in investigating cyberstalking crimes. The system supports monitoring of the victim and gathering of evidence for prosecution. This research prompted many media interviews.
Computer and Communication Networks
· Explored the use of social networks to locate hard-to-find individuals.
· Explored research problems in distributed network games. Issues included the notion of dynamic authority assignment and how to ensure accuracy and fairness in massively multiplayer online games (MMOG). Two patents have been filed related to this research.
· Developed a security architecture called SAMOA for efficient and secure communication of mobile devices based on segmented security. Patent issued.
· Built a multicast application level software system called Mercury for dynamic and efficient audio and video distribution. Patent issued for part of this work.
· Explored R&D issues in building content networks: intelligent 4/7 web switches, caching, DRM, security, streaming and supporting 3rd party applications.
· Explored building optimal and reliable application-level multicast networks. Developed a reliable multicasting scheme.
· Developed a multicast protocol, called CSM (conference Steiner multicast) as an alternative to protocols such as PIM and CBT. It supports authentication, application assisted routing, and dynamic tree modifications.
· Developed a new approach to QoS for many-to-many multicasting based on the use of Steiner trees and Lagrangian relaxation methods. Patent issued for this work.
Distributed Systems and Parallel Computing
· Developed a mathematical model of parallel computation and a software development environment, called DECCA (distributed environment for coordinating concurrent activities), for building distributed system applications.
· DECCA incorporates a methodology, toolkit and Java API that supports development using Java’s conventional and OOP features, but permits high-level coordination control.
· Developed a software simulation package (ASSERTS) for real-time systems that permits exploring real-time scheduling and the timely execution of tasks in a distributed environment.
· Developed a new real-time tasking model (hyper-periodic) for flexibly scheduling tasks involving monitoring and control.
· Explored middleware for software self-monitoring in a real-time environment.
Search Engines and Databases
· Developed WIRE (Web information retrieval and extraction) for retrieving and extracting relevant data from the Web based on hierarchically structured queries.
· Developed a system, SCOPE, for coping with a deluge of data in a dynamically evolving database system.
Design, Analysis and Verification of Protocols
· Developed a new approach for the formal specification, analysis and validation of communication protocols based on a novel communications algebra for coordination.
· Developed a file transfer protocol for a network of heterogeneous nodes.
· Designed and developed software tools for the specification and analysis of protocols. A prototype system (SPANNER) was used for research and led to the development of a commercial system.
Modeling and Simulation
· Developed techniques for improving the scalability of distributed interactive simulations.
· Developed mathematical methods for the probabilistic and approximate simplification of models of complex systems, based on the notion of ergodic machines.
· Developed simulation models to: assess risk of nuclear waste burial; aid almond growers in evaluating pest management strategies; assess virtual circuit behavior in an Ethernet local area network; and test C with Classes (a forerunner of C++) as a simulation language.
Fall 2023: Theory of Computation – COT 4420
Some Recent Courses Taught
Spring 2023: Theory of Automata and Formal Languages – COT 5310
Fall 2022: Theory of Computation – COT 4420
Spring 2022: Network Security – CNT 5412 / CNT 4406
Spring 2022: Theory of Computation – COT 4420
Spring 2021: Theory of Computation – COT 4420
Fall 2020: CNT 5505 / 4504 Data/Computer Comm & Networks
Spring 2020: Internet Security (Hands-on) -CIS 5930
Fall 2019: Theory of Computation – COT 4420
Fall 2018: Network Security – CNT 5412 / CNT 4406
Networks – CNT 4504
Spring 2017: Cryptography – CIS 5371
Interests: Network Security, Password Cracking, Systems Development of Mobile Apps and Environments for real-world applications, Computer Network Multicasting, Automata Theory and Formal Languages, Algorithms and Data Structures, Digital Forensics, Formal Methods for Specification and Verification, Distributed Systems, Real-time Systems, Modeling and Simulation.
Last modified: Aug 2023