Title: Information Systems and Internet Security (ISIS) Lab Research overview and some recent projects Nasir Memon Polytechnic Institute of NYU
1Information Systems and Internet Security (ISIS)
LabResearch overview and some recent
projectsNasir MemonPolytechnic Institute of
NYU
2ISIS - Highlights
- 8 faculty members in program
- More than a dozen Ph.D. students
- More than a dozen specialized courses in security
- More than over 10 million in funding over the
last 3 years - Host of NSA/NSF Cyber Corps Program (SFS)
- NSA Center of Excellence in IA Education, NSA
Center of Excellence in IA research - One of the premier cyber security programs in US
Cyber Corps Group - 2006
3ISIS - Research Areas
- Hardware for Secure Systems
- Trusted hardware, hardware obfuscation, Gigabit
IDS/IPS, DDoS defense. - Multimedia Security
- Image forensics, digital watermarking,
steganography and steganalysis - Software Security
- Static analysis, software obfuscation
- Host Security
- Disk forensics, secure virtualization
- Network Security
- Infection detection, Ad-hoc networks, network
forensics.
Cyber Corps Group - 2005
4Secure Device Pairing
Faculty NiteshSaxena Funded by NSF
Out-Of-Band (OOB) Audio, Visual or Tactile
- Fundamental Security Objective How to bootstrap
secure communication between Alices and Bobs
devices when they have - no prior context
- no common trusted CA or TTP
- Examples
- Pairing a bluetooth cell phone with a headset
- Pairing a WiFi laptop with an access point
- Solution Idea
- make use of a physical channel between devices
- with least involvement from Alice and Bob
5Research Challenges
- OOB channels are low-bandwidth
- Devices may be constrained in terms of
interfaces, e.g., - access points, headsets
- implanted wireless devices
- User is constrained - Usability
- Multiple devices
- Sensor network initialization
- Group formation
Ohh! I cannot even pair my socks!
6Other Ongoing Projects
- RFID Security and Privacy
- Mobile Phone Assisted Usable Password
Authentication - Fault-Tolerant User-Centric Security Services
(with Yevgeniy Dodis) - Privacy of Web Search
- Inference of Private Attributes on Facebook (with
Keith Ross)
More info http//cis.poly.edu/nsaxena/research.h
tml
7Media Forensics
8Many aspects to the problem
Media Forensics
Media Source Identification
Source-Model Identification
Camera- Model
Scanner-Model
Identification of Synthetic media
Individual Source Identification
Media Forgery Detection
Camera
Scanner
9Contributions
Developed novel techniques to collect, attribute
and authenticate image (video) evidence. Funded
by NSA, NIJ, AFOSR
Camera Imaging Pipeline
10Trusted and Secure Hardware (towards building
hardware root of trust)
- RameshKarri (rkarri_at_poly.edu) ECE Department
- Ph. D. students
- A. Kanuparthi and R. Guo Trusted Platform
Modules - J. Rajendran Hardware Trojans
- J. Li Circuit Obfuscation
- K. Rosenfeld Secure Testing
- J. Quan Hardware Sidechannels
- Supported by Air Force Research Labs, NSF,
Army, Cisco Systems
11Embedded Devices Trust?
12Approach Trusted Platform Modules (TPM)
- Supports Remote attestation, data sealing, and
binding - Remote Attestation? Proving to you (the
challenger) that I (the attester) - run legitimate programs
- am sending you legitimate data (ground truths) etc
13TPM ongoing research
- High performance vs Low cost vs Low Power vs
Application Specific - Prototypes successfully tested on different
application scenarios - Redesign smart grid elements (smart meters, grid
sensor platforms and grid control elements) - Deployment in pilot studies will uncover
practical kinks
14memon_at_poly.edu