Current projects

Dynamic Early Filtering of Botnet Garbage Traffic (sponsored by NSF), 02/01/2010 - 01/31/2013

Chin-Tser Huang, PI

Currently in the Internet there is an increasing number of unwanted, unsolicited "garbage" packets mainly generated by botnets, which can launch Distributed Denial-of-Service attacks, worm attacks, and spam. These garbage packets are allowed to traverse the Internet to cause severe traffic burdens, waste communication resources, and disrupt the Internet's normal functions. Such packets need to be discarded as close to their sources as possible to increase the availability and reliability of the Internet.

This project aims to address the above problem by establishing a comprehensive and sustainable architecture that coordinates the routers in the Internet to filter out botnet garbage packets from Internet traffic as early as possible. The architecture comprises four major components: rule generation component, rule dissemination component, rule management component, and rule security component. The objective is to investigate and quantify the tradeoff between the saved bandwidth originally consumed by the garbage traffic and the throughput slowdown introduced by the routers' extra filtering overhead, and find optimal solutions under the tradeoff function. The evaluation plan will use benchmarks developed under various traffic traces and network topologies to evaluate the performance of the developed algorithms and technologies, and derive insights on how far and wide the filtering rules should be disseminated and installed under different attack scenarios in order to optimize the performance.

 

Collaborative Cyber Attack Data Capturing, Sharing and Analysis for Cloud Security (sponsored by AFOSR)

Chin-Tser Huang, Co-PI at USC

The proposed instrumentation will directly serve the needs of AFRL researchers (Dr. Keesook Han and her team) in combating cyber attacks and securing cloud computing, and will also significantly enhance the DoD-related research and educational projects that involve nine project investigators of six universities.

 

Past projects

Adaptive and precise intrusion detection techniques (sponsored by DARPA)

Chin-Tser Huang, PI

Network anomaly detection systems play an important role in improving the trustworthiness of global network-based services. Their accuracy and false alarm rates, however, must be improved before they can be widely accepted for network monitoring and anomaly detection purposes. Furthermore, network anomaly detection system models do not have a highly successful reputation for processing high volumes of network traffic in real-time mode. This project will focus on development of new theoretical models and a research prototype system for rapid on-line network anomaly detection.  

Multiple Instantiations of Dynamic Firewall Rules in BGP Routers (sponsored by University of South Carolina Research and Productive Scholarship Fund)

Chin-Tser Huang, PI

Denial-of-service (DoS) attacks and worm attacks have caused increased traffic burden on the communication backbone of the Internet and huge financial losses to enterprises all over the world. This project seeks to integrate firewalls and routers in order to block attacking packets soon after they enter the Internet.

Security Protocols for Wireless Networks

This project is focused on development, verification, and implementation of security protocols that conform to the 802.11 and 802.16 standards and apply to wireless ad hoc sensor networks. Joint work with Dr. Manton M. Matthews.