Sorry, you need to enable JavaScript to visit this website.

Research

Research Projects in Cybersecurity

Research in the Center for Cybersecurity is supported in part by these funded projects.

SIRA: Socio-Technical Approaches to Cybersecurity
  • Sponsor: RIT
  • Amount: $2,100,000
  • Period: June 2016 to May 2021

This project provides the initial funding to launch the Center and for six interdisciplinary seed projects.

PI's:
Matthew Wright
Matthew Wright
Defending Against Website Fingerprinting in Tor
  • Sponsor: NSF SaTC
  • Amount: $500,000 ($150,000 RIT share)
  • Period: Sep. 2016 to Aug. 2019

In this transitions to practice (TTP) project, RIT will work with the Tor Project to implement a new defense against traffic analysis attacks in the Tor system.

PI's:
Matthew Wright
Matthew Wright
NSF SFS: Preparing Crosscutting Cybersecurity Scholars
  • Sponsor: NSF
  • Amount: $2,654,551
  • Period: Jan. 2015-Dec. 2019

This project seeks to establish a new CyberCorps®: Scholarship for Service (SFS) program at the Rochester Institute of Technology (RIT) to prepare highly-qualified Cybersecurity professionals for entry into the federal, state, local, and tribal government workforce.

PI's:
Bo Yuan
Bo Yuan
raj
Rajendra K. Raj
Andy
Andy Meneely
DOD NSA: Intelligent Security Systems

Sponsor: NSA

Amount: $118,926

Period: March 2017 - March 2018

The program designs a curriculum, develops all course materials, tests and evaluates them in real college classroom settings, compiles and disseminates the practical recommendations for delivery of a college level course on Intelligent Security Systems.

PI's:
Leon Reznik
Leonid Reznik
Examining Industrial Control and IoT Devices

Sponsor: Eaton Corporation

Amount: $124,923.00

Period: Sept 2017 to Aug 2018

The goal of this project is to provide a cybersecurity assessment of industrial control and loT devices.

PI's:
Robert Olson
SaTC: CORE: Small: Collaborative: A New Approach to Federated Network Security

Sponcer: NSF SaTC

Amount: $167,450.

Period: Sept 2017 to Aug 2020

This projest presents a comprehensive research plan for specifying and enforcing federated security policies using an approach based on Proof-Carrying Code (PCC).

PI's:
Hossein Hojjat
RIT GenCyber Summer Camps 2017

Sponsor: NSA

Amount: $99,110.00

Period: April 2017 to April 2018

This project to host two one-week Gencyber student summer camp at RIT.

PI's:
Bo Yuan
Bo Yuan
SaTC-EAGER: A Criminology-Based Simulation of Dynamic Adversarial Behavior in Cyberattacks

Sponsor: NSF SaTC

Amount: $149,611.00

Period: Sept 2017 to Aug 2019

Cybersecurity can use anticipatory or proactive defense measures based on adversarial behavior and decision making, which are currently downplayed in existing technical research. Imagine a criminological theory that captures the dynamics of cyber crime and a corresponding simulator to generate attack scenarios that adapts to ever changing and diverse cyber vulnerabilities, defense, and adversary tactics. This collaborative project between RIT (PI Yang) and Temple University (PI Rege) aims at developing and evaluating an integrated Dynamic Routine Activities Theory (DRAT) aided by Monte-Carlo simulation so as to understand adversarial attack trajectories impacted by the various intrinsic and extrinsic factors.

 

PI's:
Shanchieh Yang
Cyber Attack Forecasting using Nonconventional Data

Sponsor: USAF/Leidos, Inc.

Amount: $373,963.00

Period: Aug 2016 to Jan 2018

The project aims at developing and testing new automated methods that forecast cyber-attacks before they happen using unconventional sensors and signals. The unconventional sensors leverage data not typically used in practice today for cybersecurity (at least not in the way the data was originally intended), and may not be directly related to the potential victims or exploits used of the forecasted attacks. PI Yang and Co-PI McConky from RIT is part of a multidisciplinary industry-academia team to research, develop, integrate and test a prototype solution with cyber attack forecast models and algorithms.

 

PI's:
Shanchieh Yang
Modeling and Simulation of Adversary Behavior and Moving Target Defense

Sponsor: NSA

Amount: $171,034.00

Period: Sept 2015- Dec 2016

Cyber attacks to enterprise networks or cyber warfare have moved into an era where both attackers and security officers utilize complex strategies to confuse and mislead one another. Critical attacks often take multitudes of reconnaissance, exploitations, and obfuscation to maneuver in a network to achieve the goal of cyber espionage and/or sabotage. This project builds upon Pi Yang and Co-PI Kuhl’s previous work on Multistage Attack Scenario Simulation (MASS) and develop a simulation environment to model diverse and ever-changing adversary behavior against various network defense configurations, including the deployment of MTDs.

 

PI's:
Shanchieh Yang
Authenticated Encryption Customization

Sponsor: HarrisRF

Amount: $48,000.00

Period: Nov 2016 to June 2017

The objective of this project is to design a unique Authenticated Encryption algorithm (MK-3) for an FPGA based radio architecture. The algorithm offers enhanced features including integrity verification, customization, enhanced military grade design and provable computational security.

PI's:
Marcin Lukowiak
Security and Vulnerability Pentesting

Sponsor: VisualDx

Amount: $12,483.00

Period: Jan 2017-Feb 2017

SAFE lab will evaluate the extent to which a malicious agent could compromise VisaulDX customer data throught it's website.

PI's:
Robert Olson
Northeast Collegiate Cyber Defense Competition

Sponsor: USAF/​UTx

Amount: $10,000

Period: Sept 2016 - May 2017

This sub award from UTSA is a part of funding from DHS grant to support Collegiate Cyber Defense Competition. The fund is used to support the logistics of the Northeast regional competition hosted at RIT.

 

PI's:
Bo Yuan
Bo Yuan
DoD IASP Scholarship

Sponsor: Department of Defense

Amount: $42,836

Period: Sept 2017- May 2018

The ANNEX II project is to support Cybersecurity outreach activities.

PI's:
Bo Yuan
Bo Yuan

 

 

Research Areas

The Center for Cybersecurity engages in a wide range of research activities that reach across disciplines. Our current areas of strength are:

Cryptography

Cryptography provides the foundation for many security and privacy tools. We explore fast and secure implementations in hardware for faster speeds that enable advanced applications, including powerful homomorphic encryption techniques.

Recent Topics: 
Hardware implementations, side-channel attacks, and applied cryptography in the Internet of Things and in critical infrastructures.

Projects: 
Harris, Inc.: Authenticated Encryption Customization, Army: Emerging side-channel resistant and resource-friendly elliptic curve algorithms and architectures, NIST: Design for Fault Attack Resiliency of Lightweight Cryptographic Architectures for Deeply-Embedded Systems, NIST: Efficient Algorithms and Architectures for Post-Quantum Cryptography, SIRA: Socio-Technical Approaches to Cybersecurity

Researchers: 
Peizhou Hu
Peizhou Hu
Marcin Lukowiak
Marcin Lukowiak
Sumita Mishra
Sumita Mishra
Stanislaw Radziszowski
Stanislaw Radziszowski
Mehran Kermani
Mehran Mozaffari Kermani

Cybersecurity Education

There is a tremendous need for more and better-prepared cybersecurity professionals. We investigate how to best educate and train this growing part of the workforce.

Recent Topics: 
Gamification in cybersecurity education, Pentesting competitions

Projects: 
NSF Scholarships for Service (SFS): Cybersecurity as a Diverse Discipline, NSF DUE: Gamified Digital Forensics Course Modules for Undergraduates

Researchers: 
Daryl Johnson
Daryl Johnson
Sumita Mishra
Sumita Mishra
Yin Pan
Yin Pan
Bill Stackpole
Bill Stackpole
Bo Yuan
Bo Yuan
Carol Romanowski
Carol Romanowski
Leon Reznik
Leonid Reznik

Deployment of Security Technology

The latest advances in security technology do not benefit anyone if they are not adopted by individuals and companies. We examine how adoption decisions get made and how to influence these choices for improved outcomes.

Recent Topics: 
Influence in social networks of companies on adoption, modeling users and decision making.

Projects: 
NSF TWC: Small: Synthesizing Novel Attack Strategy for Predictive Cyber SA Transition to Practice Option, SIRA: Socio-Technical Approaches to Cybersecurity

Researchers: 
Victor Pirotti
Victor Pirotti
Esa Rantanen
Esa Rantenen
Josephine Wolff
Josephine Wolfe
Matthew Wright
Matthew Wright
Jay Yang
Jay Yang
Yang Yu
Yang Yu

Security and Privacy in Distributed Systems

Modern distributed systems are complex and difficult to secure. We use the latest techniques in modeling, experimentation, and design to address these challenges.

Recent Topics: 
Internet of Things (IoT) security and privacy, end-user privacy in the power grid, robust and efficient anonymity systems, data security, mobile device security, Sybil resistance, forensics, censorship evasion, and covert channels.

Projects: 
Data quality and security evaluation framework for mobile devices platform, SIRA: Socio-Technical Approaches to Cybersecurity, Defending Against Website Fingerprinting in Tor, Cyber Attack Forecasting using Nonconventional Data, TWC: Small: Synthesizing Novel Attack Strategy for Predictive Cyber SA Transition to Practice Option

Researchers: 
H. B. Acharya
H.B. Acharya
Peizhou Hu
Peizhao Hu
Daryl Johnson
Daryl Johnson
Marcin Lukowiak
Marcin Lukowiak
Sumita Mishra
Sumita Mishra
Yin Pan
Yin Pan
Stanislaw Radziszowski
Stanislaw Radziszowski
Leon Reznik
Leonid Reznik
Bill Stackpole
Bill Stackpole
Matthew Wright
Matthew Wright
Jay Yang
Jay Yang

Usable Security

Security tools are only beneficial if their users can leverage them correctly. Beyond typical usability challenges, usable security must overcome the fact that security is often not the primary goal of a typical user and that the user may not know much about security.

Recent Topics: 
Modeling security professionals and tools to support them, studying how software development processes lead to security problems, tools to help software developers make more secure software, user authentication systems, and phishing.

Projects: 
Socio-Technical Approaches to Cybersecurity

Researchers: 
Bernard Brooks
Bernard Brooks
Anne Haake
Anne Haake
No Photo Available
Rui Li
Bo Yuan
Bo Yuan
Esa Rantanen
Esa Rantanen
Matthew Wright
Matthew Wright
Josephine Wolff
Josephine Wolff

Cyber Analytics

We are applying the latest advances in Big Data analytics to the problems of cybersecurity. Research efforts include predicting attacks based on unconventional data sources such as blogs, using data mining techniques to better understand software security issues, and applying NLP to explore the context surrounding the creation of security bugs to understand how to prevent them from happening.

Recent Topics: 
Predictive situational awareness, understanding common architectural weaknesses in software systems, mining code repositories

Projects: 
NSA: Science of Security Lablet: Growing the Science of Security Through Analytics, NSF: Common Architecture Weakness Enumerations (CAWE), NSF SaTC: TWC: Small: Synthesizing Novel Attack Strategy for Predictive Cyber SA Transition to Practice Option, IARPA: Cyber Attack Forecasting using Nonconventional Data, NSF: CI-P: Collaborative Research: Planning and Prototyping a Community-Wide Software Architecture Instrument, NSF ACI: Data quality and security evaluation framework for mobile devices platform

Researchers: 
Jay Yang
Jay Yang
Mehdi
Mehdi Mirakhorli
Andy
Andy Meneely
Leon Reznik
Leonid Reznik