The University of Alabama Cyber Research Initiatives. Cyber Forensics Research Cyber Security Research

Transcription

1 The University of Alabama Cyber Research Initiatives Cyber Forensics Research Cyber Security Research

2 Cyber Forensics Research Department of Criminal Justice College of Arts and Sciences

3 Cyber Crime Research Objectives Department of Criminal Justice Our objective is to work closely with local, state and federal law enforcement agencies to develop a research/teaching laboratory and a certified cyber forensics laboratory to assist agencies with processing the existing backlog of cases involving portable digital devices (cell phones, ipads, etc).

4 UA CJ Cyber Affiliations UNIVERSITY OF ALABAMA POLICE DEPARTMENT TUSCALOOSA POLICE DEPARTMENT TUSCALOOSA COUNTY SHERIFFS DEPARTMENT UNITED STATES SECRET SERVICE NATIONAL COMPUTER FORENSICS INSTITUTE (NCFI) INTERNET CRIMES AGAINST CHILDREN TASKFORCE (ABI)

5 Cyber Crime Faculty Department of Criminal Justice Dr. Diana Dolliver, Assistant Professor Dr. Diana S. Dolliver s areas of expertise include cybercrime, transnational organized crime and drug trafficking, and the existing links between these criminal phenomena. She works closely with members of law enforcement in the U.S. and abroad, in addition to collaborating with scholars from around the world on issues of comparative crime. Her current research endeavors include examining the legal, forensic, and criminological aspects of cyberterrorism, and investigating drug trafficking organizations (DTOs) involvement in cyber-related crimes.

6 Cyber Crime Faculty Department of Criminal Justice Dr. Kathryn Seigfried-Spellar, Assistant Professor Dr. Kathryn Seigfried-Spellar s areas of expertise include the psychological and social factors related to computer deviance, specifically the personality characteristics of Internet child pornography users and computer hackers. Her current research endeavors to encourage an interdisciplinary approach to understanding computer deviance from a behavioral sciences perspective: utilizing computer forensic evidence to profile child pornography users and contact offenders, understanding the relationship between Asperger syndrome and computer hacking, and assessing the relationship between adult pornography use and later deviant pornography use. Dr. Seigfried-Spellar has submitted several NSF grants involving international collaboration with Russia, Ireland, and Singapore as well as a NIJ grant working with Alabama and Indiana s Internet Crimes Against Children taskforce

7 Cyber Security Research Department of Computer Science CAPS Department of Electrical and Computer Engineering Department of Management and Information Sciences

8 Center for Advanced Public Safety Dr. Allen Parrish, Director 18 faculty, 25 students, 55 professional staff $8M/year in research Public safety applied research and technology: Live field data collection (citations, crash reports, crime reports) Criminal information sharing Advanced GIS-based analytics Optimizing law enforcement deployment through OR-based algorithms Traffic safety roadway and behavioral research Support a number of live mission-critical systems for AL and surrounding states

9 Cyber Security Faculty Department of Computer Science Dr. Yang Xiao, Associate Professor Accountability and Logging Intrusion Detection, Authentication Cipher Design Cyber Attacks Smart Grid Security Privacy and Anonymity Security Visualization Telemedicine Security Tradeoff of Security and Performance Key Management Secure Routing Secure Aggregation Worm Propagation Secure Synchronization GENI Security Access Control Cloud Computing Security Wireless Security RFID Security Industry Security

10 Funded Projects Accountability at the Wireless Medium Access Control Layer, NSF Error-resistant, RFID-assisted Wireless Sensor Networks for Elder Cardiac Tele-Healthcare, NSF GENI Experiments for Traffic Capture Capabilities and Security Requirement Analysis, NSF An Integrated Denial of Service (DoS) Mitigation Scheme for Tactical Networks DOD U.S. Army Proactive and Adaptive Reconfiguration for Reliable Communication in Tactical Networks DOD U.S. Army

11 Cyber Security Faculty Department of Computer Science Dr. Jeffrey Carver, Associate Professor Dr. Jeffrey Carver s overall research goal is improving the quality and reliability of software through the use of empirical software engineering. His research focuses on developing, measuring and improving processes and tools that will impact software quality with respect to certain attributes, such as cost, reliability and security. The overriding goal of empirical software engineering research is to provide concrete data, observations and evidence to support a decision-making process. Empirical software engineering techniques also allow researchers and practitioners to gather information to provide a deeper understanding of the context(s) in which techniques and methods are most useful.

12 Cyber Security Faculty Department of Computer Science Dr. Jeffrey Carver Recent Security Projects Empirically Evaluating and Quantifying the Effects of Inspections and Testing on Security Vulnerabilities (Current Project) ARO/NSA CT-ISG: Empirically-Based Visualization for Computer Security and Forensics (Previous Project) - NSF Analysis, Documentation and Evaluation of Security Analysts Work Practices (Previous Project) - ARL

13 Cyber Security Research Department of Computer Science Xiaoyan Hong, PhD, Associate Professor Dr. Hong s research interests include mobile and wireless networks, future wireless Internet and high performance networks. Her current research covers mobile ad hoc networks, wireless Mesh networks, vehicular networks, and delay tolerant networks. She has received over $1.5 million in external funding, primarily from NSF.

14 Cyber Security Research Department of Electrical and Computer Engineering Dr. Fei Hu, Associate Professor Medical Security: Overcome different attacks to implanted medical devices (IMDs) and medical information networks. (Funded by NSF # CNS Cyber Trust # , $400K, PI: Dr. Fei Hu) (1) IMD security: Developed cyber-physical security schemes (via Chaosbased circuit design) to overcome wireless pacemaker power charge attacks. Example publication: Fei Hu, et. al., Trustworthy Data Collection from Implantable Medical Devices (IMDs) via High-speed Security Implementation Based on Industry Standard IEEE (2) Medical privacy and security: Proposed low-cost security schemes to protect the patient s privacy and medical information database. Example publication: Fei Hu, et, al., "Privacy-Preserving Tele-cardiology Sensor Networks: Towards A Low-cost, Portable Wireless Hardware / Software Co-design ", IEEE

15 Cyber Security Research Department of Electrical and Computer Engineering Dr. Fei Hu Wireless Security: Overcome attacks in different wireless networks including wireless RFID/sensor networks and Cognitive Radio Networks. (Funded by DoD and Cisco University Research Program) (1) RFID/Sensor security: Proposed low-cost, low-energy security schemes to protect the data access to the tiny RFID readers/tags and wireless micro-sensors. Example publication: Fei Hu, Waqaas Siddiqui, "LESS: Light-Weight Security Solution for Wireless Sensor Networks Based on a Scalable Tree-Ripple-Zone Routing Scheme," IEEE Monograph (2) Cognitive Radio Network (CRN) Security: CRNs are one of the latest wireless networks. We have proposed efficient schemes to overcome control channel saturation attacks and primary user emulation attacks. Example publication: Fei Hu, et al., "Specific Attacks and Countermeasures in Multi-hop Cognitive Radios Networks", International Journal of Security and Networks

16 Cyber Security Faculty Management and Information Sciences Dr. Clay Posey, Assistant Professor Dr. Posey joined UA in Fall 2012 after working as a systems analyst in the transportation industry. His research interests lie in information security, protection-motivated behaviors, and insider computer abuse. His research has been published or is forthcoming in European Journal of Information Systems, Computers & Security, Journal of Information System Security, and Decision Sciences Journal of Innovative Education, among others His research on information-security related behaviors of organizational insiders has been funded by the U.S. Department of Defense and IBM. Dr. Posey is a member of the Association for Information Systems (AIS) and IFIP Working Group 8.11/ Information Systems Security Research.