CASTLE (Collaborative Approach using Social, Content, and Location for Evaluation) is a decentralized framework for building and maintaining network of repositories useful for anti-phishing services. For instance, browser-based toolbars lookup centrally maintained databases to determine whether a given location is safe. If a site is previously black-listed as phishing, the browser-based toolbar prevents the user from visiting it. Although the centralized databases are already in place for anti-phishing, their scalability is a cause for concern. In particular, the existing approaches do not handle the following issues in a scalable manner: enrollment, decision, and lookup. It is one of the first anti-phishing frameworks that allows the use of location (given by URL) and content in solving the status (phishing or anti-phishing) of a website. By using multiple (two in this case) factors, CASTLE attempts to make robust anti-phishing decisions.
For more information, go to the [CASTLE page].
GINI (GINI Is Not Internet) is an open-source toolkit that provides an entirely software-based system containing many of the features found in more expensive laboratory-based network experimentation platforms. The GINI provides lightweight but IP (Internet protocol) compliant virtual elements for machines, routers, switches, wireless access points, and mobile devices. The virtual elements can be interconnected to create virtual networks for experimentation purposes. The GINI provides a tool with a GUI (graphical user interface) called gBuilder to design, start, inspect, and stop virtual networks. The processes that are created as part of the elements of a virtual network such as virtual machines can all run within a single machine or be distributed across multiple machines. The GINI is designed such that it can install and run without special privileges (e.g., super user access). This allows students to use GINI toolkit on machines provided in university computing centers or on their personal computers. One of GINI's strengths is its realism.
For more information, go to the [GINI page].
Authentication on the Internet is mainly based around usernames and passwords. The more often a password has to be typed the more opportunities an attacker has to steal it, and the more of a burden is placed on the legitimate user. An alternative to explicitly authenticating the user by having them enter a password, is to implicitly authenticate the user based on other factors. The My Identity Cloud for Authentication (MICA) develops a novel framework for incorporating multiple factors for creating a robust token based implicit authentication system. As the name implies, MICA uses a collection of devices (e.g., smartphone, laptops, music players, smart watches) to create a cloud of devices that will collectively hold the capability to authenticate on behalf of the user. The MICA framework can include dynamic biometrics (behaviometrics) to further decrease the chances of error.
For more information, goto the [MICA page].
The Internet lacks an accountability framework that can relate an action (e.g., packet transmission) with a machine or user with high assurance. This lack of accountability is central to many problems such as untraceable spam and other forms of online attacks in the Internet. In this project, we develop a social accountability framework for the Internet that leverages the trusted links found on online social networks to hold both people and organizations accountable for their actions. The primary goal is to keep the deployment requirements minimal (i.e., minimal changes required for introducing the framework). The Social Gates install as firewalls on the end user machines (i.e., device firewalls). The router portion of the framework can be installed at strategically located access routers (i.e., institutional firewalls). Neither of these installs require changes to applications, operating systems, or router infrastructures.
For more information, goto the [Social Gate page].
The Internet with its pervasive presence is becoming an ideal platform for quickly distributing music, movies, games, and books to end-users. One of the challenges of using the Internet as a platform for digital content distribution is protecting the content from piracy (i.e., unauthorized copy, use, and distribution). In this project, we develop a new approach for rights management on the Internet. Our approach includes social factors into the rights management problem. The goal is to increase flexibility offered to the end user and deploy economic incentives along with social pressures to dissuade users from piracy. This project focuses on designing and implementing new mechanisms and analyzing them using game theoretic models and simulations. The eventual outcome of the project is a framework that can be deployed on the Internet.
For more information, goto the [SDN page].
In the past, our research activities centered around Grid and peer-to-peer computing. We were investigating the issues central to creating hybrid systems that combine Grids and peer-to-peer systems. In particular, we were interested in leveraging the scaling features of P2P and controlled resource management (quality of service) features of Grids to build hybrid systems. In the publications section, you can find several journal and conference publications based on the past research projects.
For more information on Galaxy (a public computing utility) go here.
For more information on RAN (resource addressable network) go here.