The division is engaged in a broad program of research and development applied to pressing problems. The research agenda evolves as the field adapts to the changes in cyberspace today and in the future. We are increasingly engaged in multi-discipline research with colleagues across ISI and in the greater research community.

Network and Security Measurement, Analysis and Defenses

We research methods to observe and collect network and network security data and behaviors. These methods are used to develop novel networking capabilities and network defenses.


fading stopwatch
hallway with servers

Network Infrastructure Supporting Science and Applications

Network infrastructure that fosters network and cybersecurity enabled collaborations, driving discovery in science for research, education communities, and internet users domestically and internationally.


Research, Methods, and Infrastructure for Cyber Experimentation

Valid scientific experiments are required to accurately evaluate and assess network systems. Conducting these experiments necessitates modeling multiple, complex network, environmental, traffic, and behavioral effects and systems. Our work creates models, experimentation frameworks, tools, and approaches to enhance the science of cyber experimentation and make the experiments reusable, repeatable, and robust.


  • Scientific Experiment Modeling
    Designing a system for modeling experts to contribute with readily available, easily usable tools
hologram displayed in front of computer
warning sign on monitor

Social Engineering Attacks

Social engineering attacks such as phishing and impersonating are on the rise because often an organization's weakest link in security is the human in the loop. By leveraging the metadata from communication channels, and using techniques to redirect attackers, we can produce new methods for detection and fingerprinting campaigns across multiple attempts.


  • Detecting and Responding to Phishing
    Producing new methods for detection and fingerprint campaigns across multiple attempts

Binary Program Analysis, Vulnerability Discovery, and Reverse Engineering

Binary program analysis is the process of analyzing software programs in their binary form, also called "executable." Our work focuses on reverse engineering to search for vulnerabilities in software that is released without source-code, and to assess the security of software products.


  • Is Your Software Secure?
    Assessing the security of software products
bits and data lines
digital brain made of wires

Modeling Human Behavior for Cybersecurity and Social Simulation

Human behavior is a key determining factor in assessing the effectiveness of an organization's cyber defenses, including its policies. Our current research aims to observe and model important aspects of human behavior in order to predict likely responses to security posture and the evolution of information in online social networks.

Theory and Practice of Distributed Computing

Understanding the foundations of distributed computing is important for the design of efficient computational techniques across all scientific fields. As a consequence of failures and the asynchrony pervasive in distributed systems, many problems that are trivial to solve sequentially are impossible or infeasible to solve in a distributed fashion, thus presenting us with problems of deep intellectual yet practical interest.


  • Distributed Algorithmics for Robust Network Controllers
    Designing and implementing a scalable and secure distributed controller platform
  • Concurrency Challenges in Cryptocurrencies
    A Privacy and Security Perspective on Building Next-Generation Smart Contract and Blockchain-Based Ecosystems
world map made of data lines