System Security Lab

Department of Cybersecurity and Information Technology
Hal Marcus College of Science and Engineering & Sciences, University of West Florida

 



Contact

Building 4, Room 228
11000 University Pkwy
Pensacola, FL 325145

Email: myu at uwf dot edu
Office: (850)474-2137

Web

www.profmengyu.org www.profmengyu.com

Projects

Privacy Protection in Cloud Computing

Click here for more details about the project.

This research studies new mechanisms for enabling the consumer of the service to reduce the visibility of consumer computations to the service provider and thereby reduce the trust that the consumer places in the provider. At the same time, the mechanisms allow security of the cloud computing environment to be monitored by a trusted third party. The work also develops a quantified method to evaluate the degree to which a user's privacy is disclosed and tools for monitoring causality relationships.

Data Center Security

Data centers using virtual machine (VM) consolidation are taking over old computer rooms run by individual companies. However, consolidating services and resources does not consolidate security automatically. To meet the top two requirements for modern data centers, namely business continuity and information security, this research will take a systematic approach that leverages the emerging VM technologies to consolidate four areas of systems security research: redundancy, microscopic intrusion analysis and detection, automatic response, and diversity-driven protection. We will make innovative contributions on various aspects of security consolidation, including (1) An architecture and underlying techniques based on diversified replication towards defensive protection against unknown attacks; (2) Novel cross-layer and cross-VM methods for causal relation logging, event correlation, damage assessment, and forensics; (3) New intrusion detection techniques based on unique cross-VM-replica inconsistency checking techniques, and new cross-layer inconsistency checking methods; (4) A novel pipelining approach towards automated intrusion response; and (5) New techniques for on-the-fly data center intrusion confinement and recovery.

Our research will result in significant advances in helping mission/life/business critical applications and information systems reduce risk, increase business continuity, and deliver data assurance in the presence of severe cyber attacks. Broader impact will also result from the education, outreach, and dissemination initiatives. Educational resources from this project, including course modules and teaching laboratory designs, will be disseminated through a dedicated Website.

Key Words: self-protection; recovery; virtual machine monitor; causal relations; availability

This project has been sponsored through the following grants.

Wireless Network Security

Computing devices equipped with multiple radio interfaces and working on multiple channels are becoming predominant in wireless networks. These networks are usually Multi-Interface Multi-Channel Mobile Networks (MIMC-MANETs). However, the study of security vulnerabilities and the research of fundamental security mechanisms in channel management of MIMC-MANETs have been seriously lagging behind the rapid progress of other research.

This project studies the security of MIMC-MANETs in three aspects.

1. Investigating the unique (unknown) security vulnerabilities associated with channel management in MIMC-MANETs.

2. Developing MIMC-enabled security mechanisms. This project redefines channel conflict, reveals the fundamental causes and consequences of channel attacks, and develops novel and attack-resilient security mechanisms to secure channel management (and routing) in MIMC-MANETs. New security mechanisms utilize the capability of MIMC, and include collaborative channel monitoring, channel-utilization based channel conflict detection and resolution, logic-based attack investigation, and cross-layer security design.

3. Building MIMC security and performance evaluation toolkits: This project develops evaluation toolkits and builds experimental environments. The toolkits and experimental environments can serve as a major testbed for the whole research community to conduct future MIMC-MANET research.

This project will advance the understanding of the unique security problems in MIMC-MANETs. The developed techniques will greatly enhance the security of the MIMC network infrastructure and secure the mission critical applications built atop such networks. Broader impacts will result from the education, outreach, and dissemination initiatives. Educational resources from this project, including course modules and teaching laboratory designs, will be disseminated through a dedicated Website.

This project has been sponsored through the following grants.

x3650 m3 photo