I work in diverse set of research are in security, systems and networking. Below are highlights of the key thrusts I am or have been involved in over the years. This is a subset of the work but fairly representative of my technical interests.

Adversarial Machine Learning

Description: Machine learning is revolutionizing technology and society. However, like any technology, it can be misused by adversaries and our understanding of the potential threats remains limited. If machine learning is to part of any critical decision making process, we must be able to detect and mitigate threats at both training and inference phases. In this vein of research, I have studied a myriad of threats to machine learning at all stages of its lifecycle and proposed a variety of methods that bring us closer towards trustworthy machine learning systems.

SupportRepresentative Publications


Description: As technology propagates into our daily lives, so does the risk of potential misuse of such systems. This can cause privacy harm to individuals, organizations, and our society. Privacy is first and foremost about control. People must have the right to know and decide what exact data, systems can collect about them and how they can process it. Today, such user's control and overview is still limited. As researchers, we can bring awareness, develop tools and solutions, and participate in public policy, as to improve standard privacy practices. Through my research on Android and IoT, I have studied how applications and systems collect and leak sensitive data and proposed automated ways to analyze such informations flows. This has resulted in intense (and ongoing) discussions between privacy experts, the press, regulators, consumer groups, and industry.

SupportRepresentative Publications

Smartphone/IoT Application Security

Description: Smartphones and IoT have emerged as an essential vehicle for information access and personal communication. However, the fluidity of application markets and structures of the underlying mobile hand operating systems complicate smartphone security. Over the last 4 years I have worked wih a number of students and researchers across the country to investigate the security of phones and IoT devices and applications they support. This effort has spanned projects in, among other topics, systems design, policy, and program analysis.

SupportRepresentative Publications

Network Security

Description: Networking as a discipline and the Internet as an artifact have changed just about everything in our society in the last 15 years. One area that has been neglected (to our great misery and continued peril) is that of protecting the network that serves us. This research focuses on addressing the threats against these increasingly complex networks. One core area I have been involved in is the study of routing security. As the Internet's de facto interdomain routing protocol, the Border Gateway Protocol (BGP) is the glue that holds the disparate parts of the Internet together. A major limitation of BGP is its failure to adequately address security. Recent high-profile outages and security analyses clearly indicate that the Internet routing infrastructure is highly vulnerable. Moreover, the design of BGP and the ubiquity of its deployment have frustrated past efforts at securing inter- domain routing. I have explored the limitations and advantages of proposed security extensions to BGP, and attempted to understand why no solution has yet struck an adequate balance between comprehensive security and deployment cost.

SupportRepresentative Publications

Cyber-Security Collaborative Research Alliance

Description: The goal of the Models for Enabling Continuous Reconfigurability of Secure Missions (MACRO) Cyber-Security Collaborative Research Alliance (CRA) program is to understand and model the risks, human behaviors and motivations, and attacks within Army cyber-maneuvers. Such understanding and models will lead to an asymmetric advantage in cyber domains against known and unknown attackers both in the ability to detect and thwart attacks as well as allow mission progress in the face of ongoing and evolving threats. The overarching scientific goal of this effort is to develop a rigorous science of cyber-decision making that enables military environments to a) detect the risks and attacks present in an environment, b) understand and predict the motivations and actions of users, defenders, and attackers, c) alter the environment to securely achieve maximal maneuver success rates at the lowest resource cost. Ultimately we wish to dictate and control the evolution of cyber-maneuvers and adversarial actions.

SupportRepresentative Publications

Storage Security and Data Provenance

Description: As computing models change, so too do the demands on storage. Distributed and virtualized systems introduce new vulnerabilities, assumptions, and performance requirements on disks. However, traditional storage systems have very limited capacity to implement needed "advanced storage" features such as integrity and data isolation. This is largely due to the simple interfaces and limited computing resources provided by commodity hard-drives. A new generation of storage devices affords better opportunities to meet these new models, but little is known about how to exploit them. This research is focused on the investigation of security architectures that use advanced storage techniques to address security, performance, and functional requirements of emerging environments.

SupportRepresentative Publications

SmartGrid and Control Systems Security

Description: As SmartGrid development progresses, new technologies like AMI, microgrids and transmission and distribution automation introduce new vulnerabilities into the electric grid and the world at large. In order for society to make informed decisions about the deployment and implementation of these devices, detailed information about these vulnerabilities and the necessary mitigation strategies is necessary. The objective of this research is to analyze the security vulnerabilites of SmartGrid devices and to develop mitigation strategies. Much of the work to date has focused on penetration testing of commercial smart meters and their communication interfaces (see papers below).

SupportRepresentative Publications

Information Flow/High Integrity Systems

Description: Increasingly prevalent and costly vulnerabilities in software systems mandate stronger guarantees than provided by widely used, ad hoc, informal, and social assurance practices. Such practices are common because there exists no tractable framework for proving or even broadly reasoning about the correctness of an implementation based on a scientific ground truth. Built on decades of rigorous work on the foundations of security, the information flow and integrity guarantees provided by emerging programming languages and systems are now reaching practicality. However, it is not known how to apply these technologies to provide high-assurance systems. This research investigate architectures exploiting these new capabilities, with a focus security typed languages (e.g., Jif), MAC systems (e.g., SELinux), and integrity measurement (e.g., TPMs).

SupportRepresentative Publications

Telecommunications Security

Description: The nature of telecommunications networks is rapidly changing. Mobile phone frameworks such as Android and Openmoko invite developers and end users to build applications, modify the behavior of the phone, and use network services in novel ways. This offers a promising opportunity to create new, valuable markets and modes of communication. However, the move to open systems alters the underlying performance and security assumptions upon which the network was based. In ongoing work, we have shown that such changes lead to vulnerabilities ranging from merely vexing phone glitches to catastrophic network failures. The current infrastructure lacks the basic protections needed to protect an increasingly open network, and it is unclear what new stresses and threats open systems and services will introduce.

This research seeks to formally and experimentally investigate vulnerabilities and defensive infrastructure addressing vulnerabilities in open cellular operating systems and telecommunications networks. This includes the development of infrastructure for the analysis, configuration, and enforcement of security policy in telecommunications networks.

SupportRepresentative Publications

Patrick McDaniel - patrickmcdaniel.org