My research interests are in the area of computer and network security, with focuses on malware defense, security policy development and enhancing security on critical systems including cloud computing, smart grids and health information systems. I am directing Advanced Computing Research Lab.
We are currently looking for Ph.D. students with strong background in cyber security, please forward your CV to me.
- SGDIDS (Smart Grids Distributed Intrusion Detection System) is an effort to address the emergent cyber threats for the smart grids system. It fits the hierarchical architecture of smart grids network by developing and deploying layer specific detection modules, which use SVM and AIS algorithms to classify and detect malicious attacks. Simulation results demonstrate that it is a promising approach.
Distributed Intrusion Detection System in A Multi-Layer Network Architecture of Smart Grids [Link]
Yichi Zhang, Lingfeng Wang, Weiqing Sun, Robert C. G
reen II, and Mansoor Alam,
IEEE Transactions on Smart Grid, Special issue on Cyber, Physical and System Security for Smart Grid
, Vol. PP, Issue 99, July 2011.
- I-RBAC (Isolation Enabled Role Based Access Control Model) incorporates the isolation component into the basic RBAC model to provide roles the option of isolated execution instead of being directly denied. Therefore, the usability is enhanced without affecting the security. This model can be used to accommondate roles which are untrusted or inexperienced in nature, such as intern doctors.
I-RBAC: Isolation Enabled Role-Based Access Control [pdf]
Ngajyothi Gunti, Weiqing Sun, and Mohammed Niamat,
Ninth Annual Conference on Privacy, Security and Trust (PST 2011),
Montreal, Quebec, Canada, July 19-21, 2011.
- PPI (Practical Proactive
Integrity preservation) is focused on developing and enforcing
practical information flow based policies to safeguard host integrity
against sophisticated malware attacks. PPI addressed two important
problems with previous information flow models, usability and policy
development. Usability is addressed by decoupling integrity labels
from access policies. To mitigate the difficulty in policy
development, PPI developed an analysis that can largely automate the
generation of integrity labels and polices.
Practical Proactive Integrity
Preservation: A Basis for Malware Defense [pdf]
Sun, R. Sekar, Gaurav Poothia and Tejas Karandikar, in IEEE
Symposium on Security and Privacy (S&P 2008), Oakland, CA, May 2008. (Acceptance rate: 11.2%)
- SEE (Safe Execution Environments) employed one-way isolation approach to create isolated environments for users to try out untrusted applications without worrying about system integrity getting compromised. It also provided commit criteria to make results consistent and conveniently usable on the host environment.
One-way Isolation: An Effective Approach
for Realizing Safe Execution Environments [pdf]
Weiqing Sun, Zhenkai
Liang, R. Sekar and V.N. Venkatakrishnan, in 12th Annual Network and
Distributed System Security Symposium (NDSS 05), San Diego,
California, Feb. 2005. (Acceptance rate: 13%)
- SSI (Secure Software
Installer) identified the necessity for securing software installation
which is an attractive vector for malware to get deeply into the
system, but largely ignored by contemporary OSes. SSI was implemented
by isolating the installation procedure and applying state-based
post-installation security policy verification.
Expanding Malware Defense by Securing
Software Installations [pdf]
R. Sekar, Zhenkai Liang and V.N. Venkatakrishnan, in 5th Conference on Detection
of Intrusions and Malware & Vulnerability Assessment (DIMVA 08),
Paris, France, July 2008.
- V-Netlab (Virtual machine based virtual
network testbed) implemented a data-link layer virtualization mechanism. The system is used to provide cost-effective virtual networks for security related experiments. It has been used successfully to support the network security course in the department.
V-NetLab: A Cost-Effective Platform to Support Course Projects in Computer Security [pdf]
Kumar Krishna, Weiqing Sun, Pratik
Rana, Tianning Li and R. Sekar, in 9th Annual Colloquium for
Information Systems Security Education (CISSE 05), Atlanta, GA,