Fellowship Program

home > education > Fellowship Program

 

2007-2008 Fellows

Fellow: Kenneth Crowther
I3P Member hosting fellow: University of Virginia (Yacov Haimes)
Title of Proposal: Risk-based Identity Management for Flexible Regional Emergency Response Plans
Abstract:Several emergency response events over the last decade have illustrated the need for identity (ID) management systems that are both secure and flexible. However, these objectives of flexibility and security are usually in competition with each other and frequently result in suboptimal information sharing during emergency response situations. The I3P is currently proposing research to develop ID management technologies for specific economic sectors. However, that research is missing the capability to address the need for ID management in emergency response events that arise from disaster scenarios that are less frequent and more catastrophic than traditional fraud. Regions receive large economic returns from enabling their interconnected and interdependent infrastructures to quickly and securely recover from natural and man-made disasters, and the operation of information infrastructures to securely share digital information and to coordinate fast recovery is absolutely necessary.

This proposed research will (1) identify regional emergency response coordination that benefits from sharing of digital information, (2) identify impact metrics to measures the efficacy and flexibility of identity controls that could be put in place for cross-agency identity management and coordination during emergency response, (3) review technologies and systems available for identity controls and their associated costs, and (4) make specific recommendations for the risk-based identity management that enables a flexible regional emergency response plan. A Geographic Information System (GIS)-based tool will be created that will enable the results of this research to aid agency planning and recovery plans.

This research will provide an in-depth understanding of credentialing and identity management system requirements for rapidly configurable emergency response systems that must integrate governmental organizations (e.g., sector-specific agencies) with the networked information systems associated with a critical infrastructure and will support the Department of Homeland Security, National Cyber Security Division (NCSD) objectives through the identifying of credentialing needs in emergency situations, structuring of training and exercises to provide efficient and secure response, securing necessary cyber information system during emergency response between critical infrastructures, and enabling flexibility to optimize the resilience of critical infrastructures following a disaster requiring emergency response through the implementation of GIS-based tools.

 
Fellow: Ruy DeOliveria
I3P Member hosting fellow: Purdue University ( Bharat Bhargava)
Title of Proposal: Collaborative Attacks in Wireless Networks
Abstract: Attacks against networked systems are becoming more complex and powerful. Individual attackers can collaborate to cause extensive problems for the intruder-identification and defense mechanisms. Models for cooperation for attacks and defense mechanisms will be studied. This work focuses on mobile as hoc networks (MANETs) which are expected to play a key role in future wireless communications. These networks are vulnerable to attacks primarily because of the needed cooperation among nodes for routing protocols. Current threats due to attacks such as wormhole, blackhole, rushing and DoM against these networks are becoming more sophisticated and interleaved. For instance, various attacking nodes could collude to incorrectly report routes or to get more bandwidth than other good nodes. Unlike single and uncoordinated group attacks, coordinated/collaborative attacks may cause more devastating impacts on wireless environments as they combine efforts of more than one attacker. In this research, we proposed to address issues of characterizing, modeling and defense against coordinated attacks for mobile wireless ad hoc networks. We have access to a test bed in the Purdue’s campus (MAP: Mash At Purdue) for conducting real life experiments. This test bed is spread over various buildings in Purdue’s campus and allows performing experiments with up to 38 nodes. We have expertise in DETER and EMULAB virtual test beds which work along with thens2 simulator allowing emulations of a large number of nodes. We intend to conduct extensive evaluations of our models so that realistic guidelines for protecting these networks from colluding nodes can be developed. In the modeling of collaborative attacks, we plan to apply learning techniques such as fuzzy logic to recognize attacks patterns. We have successfully used fuzzy logic for distinguishing traffic variations due to congestion and noise in ad hoc networks. Impact of distinct collaboration among attacks can also be discriminated using such a methodology. In summary, we plan to develop and enhance the science to deal with collaborative attacks through theoretical models, simulations and experiments. This research is in line with the aims of I3P in that it will define guidelines for managing security in wireless environments. The experiments will also enhance the facilities for research in wireless security for others working in wireless security.
 

Fellow: Sean Peisert
I3P Member hosting fellow: University of California, Davis (Matt Bishop)
Title of Proposal: Forensic Analysis through Goal-Oriented Logging
Abstract:Forensic analysis is the process of understanding, re-creating, and analyzing arbitrary events that have previously occurred. It answers the questions of how an intrusion occurred and what the attacker did during the intrusion. Currently the field of computer forensics is largely ad hoc. The result is that that too much of the wrong data is currently being recorded by most forensic systems, rendering analysis difficult or impossible. The absence of a rigorous approach to forensics indicates the need for a model from which to extract the exact logging requirements. Until recently, such a model did not exist. We created a model called Laoco¨on, and performed a basic implementation of that model on a real system. Though the model has been demonstrated to be effective, further research is required to analyze methods to improve rigorousness of the model as well as efficiency and effectiveness of the implementation.

 

See also: Past Participants in the I3P Post Doctoral Fellowship Program 

Dartmouth Leaf Icon
The I3P is managed by Dartmouth College.
Copyright © 2007, the Trustees of Dartmouth College. All rights reserved.