Networking is the backbone of the interconnected world, and cybersecurity is its guardian. The researchers, faculty, Ph.D. students, and student workers in the Networking and Cybersecurity Division focus on the following research areas:
Cyber Experimentation Research, Methods, and Infrastructure
Catalyzing a robust ecosystem of experimental infrastructure, capabilities, and communities is critical for research. Our work creates models, frameworks, testbeds, tools, and approaches to enhance the science of cyber experimentation and make the experiments rigorous, reusable, and repeatable.
Network Measurement, Analysis, and Defenses
The Internet – the largest, most complex object ever made by humans – is self-evolving, constantly changing, and poorly understood. Novel internet measurement techniques, tools, and data inform understanding and benefit technical developers, social scientists, government policymakers, and observers worldwide. Measurement is complemented by the application of formal methods and temporal logic, for operational identification of attack dependencies and descriptions of traffic behaviors; and by machine learning, for classification and quantification of privacy leaks.
Significantly improving the performance and security of wireless networks, including 5G and next-generation mobile networks, through research into novel network embedding techniques, constraints validation, and protection of information in transit, and from direct and side-channel attacks. The application of machine learning assists identification of applications based on their network traffic, and the application of advanced network tomography capabilities identifies the current state and structure of the network between communicating entities.
Human Behavior for Cybersecurity
Social engineering attacks pose an increasing threat. New methods for detecting and fingerprinting attack campaigns leverage metadata from communication channels and employ novel techniques to redirect attackers. Solutions for countering “fake” news require modeling human behavior to predict the impact of attacks and responses.
Natural Language Understanding for Human-focused Problems
Automated comprehension of human language enables better communication between humans and computers. Our research spans text, visual, and structured modalities to effectively use operator feedback for learning and to determine representation of objects, actions, affordances, and approaches to grounding non-named phrases in language.
Cyber-physical Systems and Autonomy
Safety-critical autonomy hinges on verifying the underlying controller software against a domain application's safety and security requirements. Modeling and understanding the semantics of cyber-physical systems (e.g., space, energy, medical, automotive) helps understand how the software will interact with higher-level, human-understandable physical models, operate in mission-critical zero trust environments, and interoperate with legacy systems. We tie in the semantics of cyber-physical behavior, to formally verify whether software control adheres to safety constraints.
Program Analysis for Vulnerability Discovery
Searching for vulnerabilities in software released without source code provides capabilities and tools to assess the security of software products. We leverage recent advances in machine learning and reasoning to build state-of-the-art vulnerability discovery models. Our models generalize vulnerability detection without manual labeling or extensive human effort and allow us to discover vulnerabilities before attackers.
Theory and Practice of Distributed Computing
Decentralized protocols enable consistency and fault-tolerance in cloud and dispersed edge computing infrastructures. Research areas include: consistency and safety semantics, models of communication interaction among heterogeneous participants, privacy-preserving blockchain protocols for cryptocurrencies, energy-efficient and secure protocols, robust, and distributed network provenance for wide-area networks.