Networks and computer systems are becoming increasingly attractive targets to large-scale programmed attacks such as worms and Distributed Denial of Service attacks (DDoS), which can compromise a vast number of vulnerable targets in a few minutes. Critical end-user applications vulnerable to such attacks include e-commerce, e-medicine, command-and-control applications, video surveillance and tracking, and many other applications. While there is a growing body of research techniques, prototypes, and commercial products that purport to protect these applications and the network infrastructure on which they rely, there is little existing scientific methodology by which to objectively evaluate the merits of such claims. Moreover, thorough testing of a defense system for worms or for attacks on the infrastructure cannot be evaluated safely on a live network without affecting its operation.

To make rapid advancements in defending against these and future attacks, the state of the art in the evaluation of network security mechanisms must be improved. This will require the emergence of large-scale security testbeds coupled with new standards for testing and benchmarking that can make these testbeds truly useful. Current shortcomings and impediments to evaluating network security mechanisms include lack of scientific rigor;lack of relevant and representative network data;inadequate models of defense mechanisms; and inadequate models of both the network and the transmitted data (benign and attack traffic). The latter is challenging because of the complexity of interactions among traffic, topology and protocols.

The researchers propose to develop thorough, realistic,and scientifically rigorous testing frameworks and methodologies for particular classes of network attacks and defense mechanisms. These testing frameworks will be adapted for different kinds of testbeds, including simulators such as NS, emulation facilities such as Emulab, and both small and large hardware testbeds. They will include attack scenarios; attack simulators; generators for topology and background traffic; data sets derived from live traffic; and tools to monitor and summarize test results. These frameworks will allow researchers to experiment with a variety of parameters representing the network environment, attack behaviors, and the configuration of the mechanisms under test.

In addition to developing testing frameworks, the researchers propose to validate them by conducting tests on representative network defense mechanisms. Defense mechanisms of interest include network-based Intrusion Detection Systems (IDS); automated attack traceback mechanisms;t raffic rate-limiting to control DDoS attacks; and mechanisms to detect large-scale worm attacks. Conducting these tests will require incorporating real defense mechanisms into a testbed, and applying and evaluating frameworks and methodologies. Conducting these tests will also help us to ensure that the testbed framework allows other researchers to easily integrate and test network defense echanisms of their own.

The research team includes experts in security, networking, data analysis, software engineering, and operating systems who are committed to developing these challenging integrated testing frameworks.

When conducting research, life scientists rely heavily on clinically annotated specimens, and the most thorough and effective clinical annotations contain information that is found in the electronic health records (EHRs) for the human subjects that are participating in the scientists’ studies. One primary piece of legislation pertinent to electronic health records is the Health Information Portability and Accountability Act (HIPAA, 1996). To protect the privacy of the human subjects, HIPAA dictates differing levels of access to the information found in the EHRs based on the roles that researchers play in a particular study; these levels vary from full access (including protected health information) to very limited (i.e., public) access. In the case of public access, the data must be de-identified based on criteria elucidated in the HIPAA legislation, and some of these criteria are stated in a general fashion to reflect the fluid nature of modern science. Due to these ambiguities, the complex measures that are often necessary to de-identify protected health information, and the risk of litigation and lost reputation, scientists rarely share their de-identified annotated data beyond their current study.

Unfortunately, this lack of sharing negatively impacts the reuse of experimental data beyond its current context, and in turn, this lack of reuse can adversely affect the translational impact of basic life sciences. In contrast to this constricting approach to the management of clinical annotations is the move in computing toward the “Cloud” wherein data are stored for easy retrieval and sharing. In our current study, we are surveying life scientists to ascertain their perceptions of a cloud-based approach to the management of their annotated data.

Health Insurance Portability and Accountability Act of 1996 (HIPAA). (1996). Retrieved July 10, 2009 from http://www.cms.hhs.gov/HIPAAGenInfo/Downloads/HIPAALaw.pdf.

Undergraduate Research Project:

Poster .pdf

The undergraduate student will conduct a comprehensive literature review and perform an analysis of the large data repositories frequently used in the life sciences. There are several large repositories. The Susan B. Komen Virtual Tissue Bank is one example. The Komen Virutal Tissue Bank is the only repository in the world for normal breast tissue and matched serum, plasma and DNA. By studying normal tissue, we accelerate research for the causes and prevention of breast cancer. To more deeply understand the evolution of the disease, it is necessary to compare abnormal, cancerous tissue against normal, healthy tissue. Student research projects include: - Characterization of how these large data repositories handle the sensitivity and privacy of the information they store. - Best practices for designing proteomic, genomic and metabalomic databases to enable data sharing and reuse while managing privacy and security requirements.

Self-propagating malware spreads over the network quickly and automatically. Malware propagation should be modeled accurately for fast detection and defense. State-of-the-art malware propagation models fail to consider a number of issues. First, the malware can scan a host for multiple vulnerabilities on multiple ports. Second, the vulnerability scanning can be done by multiple threads concurrently. Third, the exploitation of vulnerabilities and the infection of vulnerable hosts cannot be done instantly. Fourth, the malware propagation can start from multiple places in the network rather than a single release point. Finally, the malware copies can collaborate with each other to cause much more damage. Little was done to understand the effects of Multi-port scanning, Multi-threading, Infection time, Multiple starting points, and Collaboration (MMIMC) on malware propagation. This research quantitatively measures the effects of MMIMC on infected hosts. We employ the Fibonacci Number Sequence (FNS) to model the effects of infection time. We derive the Shift Property, which illustrates that different malware initializations can be represented by shifting their propagations on the time axis. We prove the Linear Property, which shows that the effects of multiple-attacker collaboration can be represented by linear combinations of individual attacks. Experimental results show that the above issues significantly affect malware propagation and verify our analysis.

The goal of our research in the StreamShield project is to investigate security and privacy constraints on both data and queries in the context of data stream management systems (DSMS). Unlike in traditional DBMSs where access control policies are persistently stored on the server and tend to remain stable, in streaming applications the contexts and with them the access control policies on the real-time data may rapidly change. We propose a novel “stream-centric” approach, where security restrictions are not persistently stored on the server, but rather streamed together with the data. The data provider access control policies are expressed via security constraints called “data security punctuations” (or short, dsps). Server-side policies are specified by administrators in the form of “continuous policy queries” which emit query security constraints called “query security punctuations” (or short, qsps). The advantages of our model include flexibility, dynamicity and speed of enforcement as both data and query security punctuations are embedded inside data streams. Administrators can specify complex context-aware authorization policy queries. At run-time, continuous policy queries are evaluated, authorizations are produced and the engine can enforce any context-aware policy automatically. Moreover, DSMSs can adapt to not only data-related but also security-related selectivities, which helps reduce the waste of resources, when few subjects have access to data.