Center for Cyber Security and Privacy
Internet Content, Traffic, and DDoS
Distributed denial of service (DDoS) is a long-standing problem for Internet users and service providers. In a DDoS attack, attacker-controlled computers that are distributed throughput the Internet can launch traffic toward a victim and clog the bandwidth or other resources of the victim, making it unavailable to legitimate users. Because DDoS traffic is very hard to distinguish from legitimate traffic, it is hard to filter them out. We research DDoS and DDoS defense. We analyze how DDoS may happen in peer-to-peer networks and other contexts. More importantly, we conduct extended research on DDoS defense. Since DDoS traffic often carry spoofed IP source addresses, in the past we have studied source address validation extensively. Lately, we have been investigating how we may leverage software-defined networking (SDN) for DDoS defense.
Internet Routing and Infrastructure Security
The Internet has become a critical component of our society, but its routing infrastructure, that is in charge of delivering traffic toward different IP address blocks, i.e. IP prefixes, can undergo many types of anomalies. The anomalies can occur at both the global level and the IP prefix level. At the global level, the Internet routing can deviate from its normal state of operation because of disruptive events such as large-scale power outages, undersea cable cuts, or Internet worms, causing what we call an "Internet earthquake." At the IP prefix level, a prefix can experience degraded or completely broken services because of operational malpractice or security attacks; in prefix hijacking, for example, by lying about routing paths an attacker can hijack or intercept traffic toward a prefix at ease. We therefore conduct a series of studies on Internet routing and infrastructure security, including two Internet routing monitoring systems that we have been researching: "Internet Seismograph" that can be used to measure Internet earthquakes, and "Buddyguard" that detects and analyzes prefix-level routing anomalies.
Online Social Networking Security
Online social networks (OSNs) are a fast-developing global socio-technical infrastructure that have linked millions of users through networked computers and other devices. Unfortunately, OSN participants also face various forms of frauds and attacks, such as spam, denial of service, Sybil attacks, and privacy violations. We are therefore very interested in researching the OSN fraud and attack analysis and detection problem, and have particularly focused on the analysis of various Sybil detection algorithms. We have also designed and developed a privacy-oriented, distributed OSN called SOUP.
Internet of Things Security and Privacy
In recent years, there has been a growing number of physical objects embedded with electronics, sensors, software, and the ability to connect to the Internet. The network of these physical objects that are capable of sending and receiving data over the network without ever needing human-to-human or human-to-machine communication is what is now known as the Internet of Things (IoT). It is projected that by 2020 there will be 50 billion of these devices connected to the Internet, with applications in many diverse areas including health care, home automation, smart grid, smart vehicle, and smart cities. However, while the number, complexity, and functions of IoT devices have been growing, it poses a severe challenge to provide the security and privacy of IoT. Our current research focuses on addressing these challenges in the smart home or hospital environment by developing a framework for adaptive IoT security and privacy.
Privacy in Digital Age
Internet privacy has reached an unprecedentedly high level of risk. Protecting Internet privacy, however, is a daunting task as there are many open problems in almost every domain. Technically, the Internet is yet to become robust against traffic eavesdropping and hijacking, and social medias on the Internet are known to be vulnerable to various privacy violation attempts. Legally, the rapid advance of techniques is catalyzing change in nearly every information privacy law. Economically, it is often elusive to evaluate the cost that privacy violation may bring to consumers and businesses. And lastly, from the social perspective, every netizen must find ways to take control over their personal information. We therefore recognize the great opportunity to study Internet privacy, an unquestionably critical problem. Our team consists of computer scientists and professors in law, business, and philosophy.