Cyber-security Research at Stony Brook

Transcription

1 Cyber-security Research at Stony Brook Radu Sion Network Security and Applied Cryptography Lab

2 USS Yorktown September, 1997: USS Yorktown is 100% dead in the water for 2.5 hours, then stalled in port for 2 days. Cause: Cruiser runs MS Windows on LAN-connected machines in its Smart Ship system. Result: blue screen of death 2

3 F22 Raptor mach 2.4+ (classified) February 11, 2007: 12 raptors flying from Hawaii to Japan are forced to turn back in panic mode: nav and comm systems are 100% down. Cause: software was not designed to cross international date line (180 meridian of longitude) 3

4 Cyber-security is hot! First and foremost: it is lots of fun! Security incidents continue to sky-rocket Incidents reported by US CERT have increased by a factor of 100 in the past decade Bad guys are becoming more sophisticated Progression from script kiddies to cybercrime, cyberactivism, and so on Thus Spam, cyber-extortion, phishing attacks all driven by this trend Current technologies and solutions aren t very effective Things are going to get worse before they get better 4

5 What is cyber-security? Businesses Banking and financial transactions Marketing, advertising, and corporate communication Federal and State Governments Classified data (DoD, DoE, ) Critical infrastructures telecom, transportation, power, law-enforcement, Consumers Theft of bank accounts, passwords, credit card #s, Loss of privacy snoop on web sites visited capture keystrokes, microphone or camera input 5

6 Overview Research spread over several laboratories Over 30 graduate students Research supported by NSF, ONR, AFOSR, Army Research, DARPA, NIST, Computer Associates, Motorola Labs, IBM Research, IBM Center for Cyber-security NSA-designated Center of Excellence in Information Assurance Education ( ) 6

7 Faculty Tzi-cker Chiueh Compiler transformations, attack recovery Rob Johnson Software security, program analysis, cryptography C.R. Ramakrishnan Formal methods, vulnerability analysis R. Sekar Program analysis/transformation, policy enforcement, attack detection/recovery Radu Sion Data and network security, applied/practical cryptography Scott Stoller Trust management, vulnerability analysis, program analysis Erez Zadok File system and storage security many others + collaboration with other faculty 7

8 Labs Applied Logic Laboratory Design and Analysis Research Laboratory Experimental Computer Systems Laboratory File-systems and Storage Laboratory Network Security and Applied Cryptography Lab Secure Systems Laboratory Security, Programming Languages and Theory Lab Trusted Hardware Lab (part of NSAC Lab) 8

9 Sample Projects (1) Software security Source-code analysis for vulnerability detection Program transformation for runtime detection and prevention of attacks on COTS software program anonymization Intrusion Detection Safe execution of mobile/untrusted code Safe vulnerability and penetration testing automated vulnerability analysis + signature/patch generation Applied Cryptography Digital E-Cash and Micro-payments in networks analysis of security in DVD/HD-DVD protocols authentication for digital imagery 9

10 Sample Projects (2) Security in Wireless Networks Privacy in Cellular Networks Sensor Network Security Storage Security Secure file systems Regulatory compliance Access control policies and trust management Secure Data Management data outsourcing database security High-confidence operating systems Trusted Hardware Laboratory 10

11 Areas Software security Compilers Operating systems Verification/assurance Hardware security Trustworthy hardware Data security Storage/file security Database security Rights Protection Network security Wireless/cellular security Applied Cryptography Distributed systems Trust management Vulnerability analysis Privacy preservation Security policies Frameworks Monitoring and compliance Intrusion detection 11

12 Impact and Funding Funding: $12M+ in federal research grants: NSF CAREER (5), ONR Young Investigator, IBM Faculty Award, DoD Critical Infrastructure Protection and IA Fellowship award (1 of 12 in US, 1 of 2 in NY), NSF ITR awards, $2.5M NSF award to support Scholarships for students specializing in IA (only new award in 2004), 8+ NSF Cyber Trust awards in 2006/2007 Publications: 30+ papers/year in highly competitive forums: IEEE Security and Privacy, USENIX Security, NDSS, CCS, DSN, ACSAC (best paper), OSDI, FC, CSFW, ICDCS, USENIX Technical, FAST, RAID, DSN, TKDE, VLDB, ICDE, PLDI, FSE, TOPLAS, SOSP 12

13 Why work in cyber-security? Plenty of problems to be solved The one area where companies are investing significantly Shortage of qualified personnel Especially in federal government Hard to outsource security jobs Robust growth expected in the sector for foreseeable future And don t forget: it s lots of fun! 13

14 Further contact info Center for Cyber Security homepage Faculty personal home pages Laboratory home pages Information Assurance Scholarships 14

15 echo lunchtime > /dev/null rock on! 15