The 10th Annual
CERIAS Information Security Symposium

About ← home

The Center for Education and Research in Information Assurance and Security (CERIAS) is currently viewed as one of the world’s leading centers for research and education in areas of information security that are crucial to the protection of critical computing and communication infrastructure. CERIAS is unique among such national centers in its multidisciplinary approach to the problems, ranging from purely technical issues (e.g., intrusion detection, network security, etc) to ethical, legal, educational, communicational, linguistic, and economic issues, and the subtle interactions and dependencies among them.

The Research conducted through CERIAS includes faculty from six different colleges and 20+ departments across campus. The eight areas below summarize the research focus areas for the faculty involved with the center:

Risk Management, Policies, and Laws

This area includes tools and methods for understanding the context of security, and how to best allocate resources for protection of assets. This includes research into risk assessment and mitigation methodologies, policy development, the role of law and social pressure on security, economic aspects of security, cross-cultural issues governing security, cyberethics, simulation and modeling of security, and policy languages and proofs.

Associated personnel: B. Alge, J. Anderson, M. Bernstein, A. Chaturvedi, H. Cho, J. Goldman, K. Kannan, R. Mislan, J.Rees, J. Richardson, D. Schoorman, E. Spafford, L. Tsoukalas

Departments: Communication, Computer Science, Education, ITaP, Management, Nuclear Engineering, Philosophy, Sociology, Computer & Information Technology

Trusted Social and Human Interactions

How does IT change our interactions, and how can more trustworthy IT change them further? This includes studies of on-line trust, ecommerce (business-to-business and business-to-consumer), digital government services, e-conferencing, on-line personae and anonymity, online news, on-line research and the ephemeral nature of information, on-line propaganda, and spam.

Associated faculty: J. Boyd, H. Cho, M. Dutta, A. Elmagarmid, J. Hahn, K. Kannan, S. Matei, P. Meunier, J. Mills, S. Offenbach, M. Rogers, E. Spafford, H. Sypher

Departments: Communication, CERIAS Staff, Computer Science, Hospitality & Tourism Management, Management, Psychology, Computer & Information Technology

Security Awareness, Education, and Training

How do we educate users, producers, designers, and purchasers of IT to choose wisely when it comes to security? CERIAS personnel examine issues of awareness methods, on-line security education, security certification issues, security curriculum design, the role of K-12 education, risk communication, community awareness and standards, cross-cultural issues of security, organizational structure and communication of risk, and public perceptions of IT security.

Associated personnel: D. Bennett, M. Dark , D. Dellacca, C. Justice, K. Kannan, S. Matei, R. Mislan, V. Raskin, J. Richardson, E. Spafford, K. Watson, T. Wedge

Departments: CERIAS staff, Communication, Computer & Information Technology, Computer Science, Education, Linguistics, Management

Assurable Software and Architectures

This area includes tools and methods for building software artifacts, servers, and networks that are resistant to attacks and failures. This includes research into vulnerability assessment and identification, programming languages and tools for secure programming, mobile code and “sandboxes,” proof-carrying systems, trusted embedded systems, resilient server architectures, protection against malicious software, dynamic reconfiguration of systems, hardware architecture design, fault-tolerance, code tamperproofing, and penetration testing. Research into more secure operating systems and database systems falls in this area, as does research into better human-computer interfaces for security (HCI).

Associated personnel: W. Aref, M. Atallah, E. Bertino, B. Bhargava, C. Clifton, R. Eigenmann, A. Elmagarmid, A. Ghafoor, A. Grama, A. Hosking, E. Houstis, C. Justice, P. Meunier, N. Li, C. Nita-Rotaru, K. Park, S. Prabhakar, R. Proctor, J. Rice, G. Salvendy, M. Salvo, L. Si, T.N. Vijaykumar, J. Vitek, K. Watson, D. Xu

Departments: CERIAS staff, Computer & Information Technology, Computer Science, Electrical & Computer Engineering, Industrial Engineering, Linguistics, Psychology

Enclave and Network Security

Security becomes more complex when participating entities are physically separated from the current location; knowing who and what is communicating from a remote location complicates security decisions. Research in this area includes wireless computing, communication protocol design and verification, agent computation, quality-of-service protection, firewall design and testing, SCADA security, dynamic and protective routing, security for grid computing, and sensor net security.

Associated personnel: S. Bagchi, W. Cleveland, E. Coyle, R. Dejoie, P. Eugster, S. Fahmy, J. T., Korb, S. Ksander, J. Lehnert, S. Matei, P. Meunier, C. Nita-Rotaru, S. Nof, S. Rao, P. Rawles, A. Schroll, N. Shroff, E. Spafford, K. Watson, D. Xu, D. Yau, M. Zhu, M. Zoltowski

Departments: CERIAS staff, Communication, Computer & Information Technology, Computer Science, Electrical & Computer Engineering, Industrial Engineering, ITaP

Incident Detection, Response, and Investigation

Systems are attacked, and sometimes attacks succeed. This area of our expertise includes intrusion and misuse detection, integrity management issues, audit and logging analysis, sensor and alarm design, strike-back mechanisms, dynamic reconfiguration, honeypots and “jails”, cyberforensics, hacker profiling, deception and psychological operations, information warfare, cyberterrorism, criminal law and computer crime.

Associated personnel: S. Bagchi, J.T. Korb, S. Ksander, P. Meunier, R. Mislan, M. Rogers, A. Schroll, E. Spafford, H. Sypher, K. Watson, T. Wedge

Departments: CERIAS staff, Communication, Computer & Information Technology, Computer Science, Electrical & Computer Engineering, ITaP

Identification, Authentication, and Privacy

There is a tension between increased confidence and granularity of authorization provided by better identification of on-line entities, and with the need to protect the privacy rights of individuals and organizations. This area includes research in role-based access control (RBAC), biometrics, pervasive surveillance (“Panoptic Effects”), privacy-protecting transformations of data, privacy-protecting data mining methods, privacy regulation (e.g., HIPAA and COPPA), oblivious multiparty computation, and trusted proxy research.

Associated personnel: J. Anderson, M. Atallah, E. Bertino, W. Cleveland, C. Clifton, S. Elliott, A. Ghafoor, N. Li, C. Nita-Rotaru, L. Si, J. Siskind, S. Wagstaff, B. Xi

Departments: Communication, Computer & Information Technology, Computer Science, Electrical & Computer Engineering, Industrial Technology, Sociology, Statistics

Cryptology and Rights Management

Controlling information from being read or altered by others, preserving marks of ownership and origin, and breaking the code of adversaries are all of interest in information security. CERIAS expertise and interest includes encryption, number theoretic foundations, cryptanalysis, optical encryption, watermarking (of images, audio, movies), research in natural language digital rights protection including natural language watermarking and tamperproofing, automated security (de)classification of documents, cryptographic protocols, cybercash, trusted voting and bidding protocols, and intellectual property laws.

Associated personnel: M. Atallah, E. Delp, J. Jin, N. Li, T. Moh, V. Raskin, S. Wagstaff

Departments: Computer Science, Electrical & Computer Engineering, Linguistics, Mathematics

Posters ← home

Partners ← home

Thanks to Our Partners

Special thanks to our industry partners for their commitment and support!

Tier I

Tier II

For information on the CERIAS Industry Partnership Program contact or 765-494-7841

Credits ← home