Usable Security and Privacy, Applied Cryptography, Network Security.
Usable Security and Privacy for Mobile Authentication
The domain of Usable Security and Privacy is concerned with the human factor in secure systems: how do users interact with security systems and how does that interaction affect security? In particular, I am interested in mobile authentication which considers how the authentication occurs on the mobile devices, such as smartphones and tablets. I have extensively studied the Android Graphical Password system, or Android Unlock Patterns, as well as designed new mobile authentication systems. Much of this work is done in the PUSH group at UMBC.
Cryptographic Solutions to Achieving Access Privacy in the Cloud
While we may trust the cloud storage to store and provide our data honestly, but what's to stop the cloud from spying on your content or monitoring your actions. Even if data is stored encrypted in the cloud, such that content is not revealed, whenever an access or modification occurs, this can be known through the meta-data logs. Correlations between the timing of access and which files were access, even if encrypted, can reveal sensitive information about users.
The goal of this research is to design cryptographic systems that make these accesses oblivious to the cloud service such that the provider cannot know which encrypted data was accessed, only that something was accessed. One solution to this problem is a system that deploys an ORAM (Oblivious Random Access Memory), cryptographic primitives that provide oblivious read/write access to encrypted databases. The particular problems faced in this research is designing ORAMs that are efficient and practical for cloud applications.
Network Security Enabled by Programmable Networks
The canonical programmable network protocol is software defined networking (SDN) and it enables network operators to manage networks at a very low level, right at the switch where packets are routed between Ethernet ports. A SDN enables the switch to be programmed, with software rather then embedded hardware changes, using a protocol between the switch and a centralized control server (a controller). When packets arrive that are unfamiliar or have other properties that can be detected, the controller is contacted through a control channel (a connection that does not carry data from the network). Decisions on how to route that packet is taken based on the controller response.
The goal of my research efforts have been to harness the control logic of SDN’s to build network monitoring for security applications, such as detecting distributed denial of service attacks or port scanning. The great innovation that we developed was identifying that the switch hardware itself can also do general purpose computation without having to send information back to the software controller.