Grants and Projects
- Sensing Infrastructure(2021)
- Investigation of Analogs between Social, Organizational, and Technical Domains for Information Security(2021)
- Strategies to include more underrepresented groups in cybersecurity(2021)
- The Pitt Cyber Range(2021)
- NSF SaTC: CORE: Small: Collaborative: Tangible Privacy: User-Centric Sensor Designs for Assured Privacy (2018-2021)
- Securing Cybermanufacturing Systems Applied to Cloud-Based Additive Manufacturing(2018-2019)
- NSF CyberTraining:CDL:Security-Assured Data Science Workforce Development in Pennsylvania(2017-2020)
- NSF SaTC:CORE:Medium:Collaborative:Scalable Dynamic Access Control for Untrusted Cloud Environments(2017-2021)
- NSF-CICI SAC-PA:Towards Security Assured Cyberinfrastructure in Pennsylvania(2016-2018)
- NSF-DGE Award (SFS - Capacity) A Curriculum for Security Assured Health Informatics(2014-2017)
- NSA CAE Cybersecurity Grant Towards Insider Threat Assessment and Mitigation (2014-2015)
- NSF-CAREER UCPriv: User-Centric Privacy Management (2013-2018)
- CISCO Grant DiCoTraM: Towards a Distributed Collaborative Traffic Monitoring System Amount (2012-2013)
- NSF TWC: Medium: Collaborative: Foundations of Application-Sensitive Access Control Evaluation (2012-2015)
- Building and Maintaining Trust in Wireless Networks (2011)
- NSF Federal Cyber Service - A scholarship program for Security Assured Information System Track (2011 - 2014)
- NSF TC:Small:Collaborative Research:Improved Privacy Through Exposure Control (2010-2013)
- NSF TC:Medium:Collaborative Research:Towards Formal, Risk-Aware Authorization (2010-2014)
- NSF TC:Small:Collaborative Research:Towards a Dynamic and Composable Model of Trust (2009-2012)
- CT-ER: Collaborative Research: MiMANSaS: Metrics, Models and Analysis of Network Security and Survivability (2008)
- Collaborative Research:NeTS:WN:Coping with Jamming Attacks in Ad hoc/Mesh Networks (2007)
- ARSENAL: A cross layer ARchitecture for SEcure resilieNt tacticAL mobile ad hoc networks (2007)
- A Trust-based Access Control Management Framework for Secure Information Sharing and Multimedia Workflows in Heterogeneous Environments (2006)
- CIAG Cisco Equipment Grant Winners (2005)
- A Curriculum in Security Assured Information Systems (2004 - 2006)
- An Adaptive Framework For Security-Assured Survivable Information Systems (2004-2006)
- Role Assured Publicly Accessible Information (RAPAI) (2004)
- Laboratory of Education and Research on Security Assured Information Systems (LERSAIS) (2004)
- Survivable and Secure Wireless Information Architecture (2001 - 2003)
- Design and Restoration Techniques for Fault Tolerant Wireless Access Networks (2000)
- E-Speak Services for E-Business (2000)
- ITR: Educating a Wireless Information Systems Workforce(2000)
- Security Architecture for Wireless Residential Networks (1999)
- Self-Configuring Multi-Networks for Information Systems Survivability (1997-2000)
- Network Design and Traffic Recovery Procedures for Survivable Wide Area Networks (1995-1998)
Sensing Infrastructure
2021
Adam Lee, Amy Babay, Jacob Biehl, Adriana Kovashka, Stephen Lee, Eleanor Mattern
Pitt Cyber Accelerator, University of Pittsburgh
Investigation of Analogs between Social, Organizational, and Technical Domains for Information Security
2021
Prashant Krishnamurthy, Mai Abdelhakim
Pitt Cyber Accelerator, University of Pittsburgh
Strategies to include more underrepresented groups in cybersecurity
2021
Ahmed Ibrahim, Leona Mitchell, Chelsea Gunn, and Sherif Khattab
School of Computing and Information, University of Pittsburgh
The Pitt Cyber Range
2021
Ahmed Ibrahim
University of Pittsburgh
SaTC: CORE: Small: Collaborative: Tangible Privacy: User-Centric Sensor Designs for Assured Privacy
2018-2021
Adam Lee, Rosta Farzan
Amount: $289,973.00
Securing Cybermanufacturing Systems Applied to Cloud-Based Additive Manufacturing
2018-2019
Mostafa Bedewy, Mai Mahmoud Abdelhakim
PittCyber Accelerator Pioneer Grant (from University of Pittsburgh’s Institute of Cyber Law, Policy and Security)
2017-2020
Balaji Palanisamy, Konstantinos Pelechrinis, James Joshi, Brian Stengel
Amount: $476,903
NSF-CNS SaTC: CORE: Medium: Collaborative: Scalable Dynamic Access Control for Untrusted Cloud Environments
2017-2021
Adam J. Lee and John R. Lange
Amount: $794,409 to Pitt of $1,069,182 total
Joint with Steven Myers (Indiana University at Bloomington)
2016/2017/2018
J. Joshi, B. Stengel, M. Spring, P. Krishnamurthy, B. Palanisamy, D. Tipper
Amount: $499,951.00
NSF-DGE Award (SFS-Capacity) A Curriculum for Security Assured Health Informatics
2014/2015/2016/2017
J. Joshi, K. Pelechrinis, B. Palanisamy, B. Parmanto, P. Krishnamurthy
Amount: $897,055.00
NSA CAE Cybersecurity Grant Towards Insider Threat Assessment and Mitigation
2014/2015
J.Joshi, P. Krishnamurthy, and D. Tipper
Amount: $264,553
NSF-CAREER UCPriv: User-Centric Privacy Management
2013-2018
Adam J. Lee
Amount: $545,623
CISCO Grant DiCoTraM: Towards a Distributed Collaborative Traffic Monitoring System
2012-2013
J. Joshi
Amount: $54,034
NSF TWC: Medium: Collaborative: Foundations of Application-Sensitive Access Control Evaluation
2012-2015
Adam J. Lee
Amount:$254,525 to Pitt of $1,109,562 total
Joint with Timothy Hinrichs and Lenore Zuck (University of Illinois at Chicago), and Von Welch (Indiana University at Bloomington)
Building and Maintaining Trust in Wireless Networks
2011
K. Pelechrinis (Sponsor: Pitt - CRDF)
The Principal Investigator proposes to design and implement a framework for trust establishment and maintenance in a wireless network. In particular, the following tasks will be undertaken: trust establishment, evidence collection and propagation, trustworthy routing, and accounting for contextual dependencies. The proposed work will be applicable in many mission critical settings (such as in disaster recovery or tactical networks). It is expected that this work will be a stepping stone to increasing the popularity of open networks and applications thereof (such as distributed gaming). Finally, it is also anticipated that the work will directly influence the growth of wireless social networks.
NSF Federal Cyber Service - A scholarship program for Security Assured Information System Track - $1.29 Million
2011-2014
J. Joshi, M. B. Spring, P. Krishnamurthy, D. Tipper
The primary objective of this proposal is to develop and implement a Secruity Assured Information Systems (SAIS) track in the Information Science and Telecommunications degrees (BSIS, MSIS, MST, and PhD). This curriculum will provide a unique education in the development, design and deployment of secure information systems with an emphasis on networked information systems. The goal is to produce IT professionals with the knowledge to cope with the special security challenges posed by conventional and emerging network information systems, e.g., wireless local area networks and their applications and services. Government and industry partners will form an advisory board for the SAIS tracks.
NSF TC: Small: Collaborative Research: Improved Privacy Through Exposure Control
2010-2013
Adam J. Lee
Amount:$149,859 to Pitt of $419,859 total
Joint with Apu Kapadia (Indiana University at Bloomington)
NSF TC: Medium: Collaborative Research: Towards Formal, Risk-Aware Authorization
2010-2014
Adam J. Lee
Amount:$329,274 to Pitt of $1,094,022 total
Joint with David K.Y. Yau (Purdue) and Marianne Winslett (Univ. Illinois at Urbana-Champaign)
NSF TC: Small: Collaborative Research: Towards a Dynamic and Composable Model of Trust
2009-2012
Adam J. Lee
Amount:$231,248 to Pitt of $465,582 total
Joint with Ting Yu (North Carolina State University)
CT-ER: Collaborative Research: MiMANSaS: Metrics, Models and Analysis of Network Security and Survivability
2008
D. Tipper (Sponsor: NSF-CyberTrust)
Information and Communications Technology (ICT) infrastructure failures and cyber attacks are realities that can have catastrophic societal effects. Information Assurance (IA) can be defined as the operations undertaken to protect and defend ICT systems by ensuring their dependability and security. There is a critical need for systematic IA methods that enable ICT systems to adapt and survive any type of disruption or attack. A major hurdle in the development of IA techniques is the lack of models and metrics which enable one to determine the effectiveness of IA mechanisms. This exploratory project seeds a collaborative effort between three PIs at different institutions: Duke University, University of Missouri Kansas-City, and the University of Pittsburgh focused on the development of metrics and models that will allow one to quantitatively study the technical aspects of information assurance (IA) for the network component of the ICT infrastructure. The basis of the approach is to unify attack trees, attack graphs, privilege graphs and fault trees into a common scalable framework with a well defined set of metrics and application scenarios. Extensions of the basic model that include state information, stochastic properties and rewards via Markov chains and stochastic Petri nets, enabling a wider variety of attack and fault scenarios are being studied. The impact of the models and metrics developed is that they provide the techniques and tools necessary to determine the effectiveness of IA mechanisms and allow one to detect bottlenecks and to evaluate the tradeoffs between levels of information assurance, performance and cost.
Collaborative Research: NeTS: WN: Coping with Jamming Attacks in Ad hoc/Mesh Networks - $150,000
2007
P. Krishnamurthy (Sponsor: NSF-CyberTrust)
ARSENAL: A cross layer ARchitecture for SEcure resilieNt tacticAL mobile ad hoc networks
2007
D. Tipper, P. Krishnamurthy - Sponsor: MURI
The goal of this project is to develop a cross layer architecture that provides comprehensive security and resilience. Depending on the services desired, the proposed architecture will be able to adaptively provide the right trade-offs between performance, security and fault-resilience. The project as a whole will undertake three simultaneous but interdependent tasks geared towards a) performing measurements via real deployments and enhancing our understanding of layer dependencies and vulnerabilities in mobile ad hoc networks; these measurements will be on existing testbeds at various PI institutions b) building analytical models to characterize the behavioral nuances of these networks and c) design of new cross layer protocols that that protect against vulnerabilities and provide the desired robustness as mentioned above. The distinguishing aspects of this proposed work are that the approach (i) provides accurate, experimentally validated physical and higher layer characterization and dependencies between layers, (ii) unlike previous approaches, accounts for physical layer effects and exploits specialized physical layer features to provide better security and (iii) models and takes into account, a comprehensive set of possible attacks including attacks by insider nodes and eliminates/alleviates their impact. At Pitt, the PIs will participate in experimental work (data collection at Pitt to complement testbeds at UC Davis and elsewhere), developing analytical models in conjunction with other universities, and integrating them with the cross-layer protocols likewise.
A Trust-based Access Control Management Framework for Secure Information Sharing and Multimedia Workflows in Heterogeneous Environments" - $416,419, NSF-CAREER (IIS)
2006, 5 years
James B. D. Joshi
CIAG Cisco Equipment Grant Winners - ~$130,000
Spring 2005
James B. D. Joshi, P. Krishnamurthy, D. W. Tipper, M. B. Spring
"A Curriculum in Security Assured Information Systems" - $286,000
2004-2006
M. B. Spring, P. Krishnamurthy, D. Tipper, J. B. D. Joshi (NSF Federal Cyber Service - Scholarship for Service)
An Adaptive Framework For Security-Assured Survivable Information Systems
2004-2006
J. B. D. Joshi (Sponsor: CRDF, University of Pittsburgh)
Amount: $15988
Role Assured Publicly Accessible Information (RAPAI) - $25,000
2004
M. B. Spring (Dean's Entrepreneurial Initiatives)
The School of Information Sciences has initiated a project to provide an accessible and public information system that has a high level of security based on role-based authentication. While the basic theory behind the idea is not new, the idea of making a plug and play system that could be implemented easily is worth exploring. The project has three goals:
- To provide an interdisciplinary effort exposing undergraduates to security – specifically to the development of a role based authentication system based on the use of RFID tags and a role based authentication system.
- To provide a publicly accessible information exchange system that securely allows a broad population to enter information for public display
- To provide a system that maximizes the relevance of information displayed in a transient public environment – the lobby and elevators of the School of Information Sciences.
The project builds on Weiser’s work on Ubiquitous computing at Xerox PARC. (More...)
Laboratory of Education and Research on Security Assured Information Systems (LERSAIS) - $12,000
2004
J. B. D. Joshi, P. Krishnamurthy, D. W. Tipper, M. B. Spring (Dean's Entrepreneurial Initiatives)
Survivable and Secure Wireless Information Architecture - $432,076
08/01 - 08/03
P. Krishnamurthy, D. W. Tipper, J. Kabara (Sponsor: National Institute of Standards (NIST) Critical Infrastructure Protection Grant)
Wireless networks are inherently vulnerable and their increased deployment makes security a big problem. In this project, we are investigating a security architecture for hybrid wireless networks that include both wide and local area components. The resource limitation of wireless devices makes energy efficiency important and another aspect of this project is evaluating the energy consumption of different security protocols and looking at the tradeoffs between energy and security.
Design and Restoration Techniques for Fault Tolerant Wireless Access Networks - $300,000
9/15/00 - 9/15/03
D. Tipper and T. Dahlberg (Sponsor: National Science Foundation ANIR Program)
Supplemented by "NSF Research Experience for Undergraduates," June 01, $12,000 for student support.
The objective of this project is to develop a comprehensive treatment of survivability for wireless access networks. One thrust is survivable network design and analysis. This includes identifying metrics that are useful for quantifying mobile network performance during normal and abnormal operating modes and determining a methodology for estimating the metrics. Given appropriate metrics, wireless access network topology design and capacity allocation algorithms which incorporate survivability strategies are being developed. This includes the cell-site architecture and the topology of the network interconnecting the cells to the fixed infrastructure. A second thrust is development of traffic restoration algorithms which aim at making the best use of available network resources after a failure. This work concentrates on the design and analysis of priority based traffic restoration techniques to provide users service continuity while minimizing network congestion. A multi-layer approach involving a coordinated strategy among network layers is being developed.
E-Speak Services for E-Business
2000-2001
M. B. Spring, Taieb Znati, Dennis Galletta, et. al. (Hewlett Packard)
Students with technology skills and business acumen are in high demand and the need for these students will continue to increase over the years to come. The University of Pittsburgh will develop a secure environment, based on Hewlett-Packard's e"speak, where students can study and experiment with programming and network technology basics along with marketing and other business. The project will involve Katz Graduate School of Business(KGSB),Information Science and Telecommunications(IST), and Computer Science(CS).The project will impact courses available to 1400 full and part time graduate students (900KGSB, 400DIST, and 100CS) and 475 undergraduate students (225 CS and 250 IS).The project focuses on the development of secure frameworks based on e"speak which will allow students in courses to complete meaningful components of larger systems within the scope of a course or independent study. The courses selected include those within the departments that already address systems design. The success of the initiative will be measured in terms of the number of functioning modules developed by students. In addition, the project will endeavor to shape student contribution to research projects currently underway or planned for the departments.
ITR: Educating a Wireless Information Systems Workforce - $391,204
2000
P. Krishnamurthy, D. Tipper, J. Kabara (Link-To-Learn Information Technology Workforce Development grant)
The primary objective of this project is to develop and implement a wireless information systems degree track that provides a unique education in the development, design, and deployment of wireless information systems with an emphasis on emerging wireless data technology. The goal is to produce information technology (IT) professionals with the knowledge to address the special challenges (e.g. user mobility, adverse communications channels, limited battery life) posed by emerging wireless information systems. A secondary objective is to develop innovative instructional methods and tools using wireless devices in the classroom and laboratory that extend through K-16 education. The research and coursework associated with this educational track are needed to help meet the explosive demand for IT professionals from wireless service providers, wireless equipment manufacturers, applications developers using wireless systems, and wireless information systems users.
Security Architecture for Wireless Residential Networks - $13,230
1999
P. Krishnamurthy and J.F. Kabara (CRDF)
The installation rate of residential networks is expected to accelerate in the next few years with wireless networking being by far the technology of choice due to attractive features such as ease of use. A wide variety of traditional computing devices and embedded Internet appliances will be networked in homes. However, due to the broadcast nature of these networks and the heterogeneity of devices on these networks, new security problems will arise since the different types of devices have different security requirements and capabilities. The objective of this project is to explore security issues related to wireless residential networks, and develop architectural solutions based on a classification of security services, containment and algorithm agility that will be suitable for wireless residential networks.
"Self-Configuring Multi-Networks for Information Systems Survivability" - $1,251,241
7/1/97 - 6/30/00
D. Medhi and D. Tipper (Sponsor: Defense Advanced Research Projects Agency, (DARPA))
A major attack can significantly reduce the capability to deliver services in large-scale networked information systems. In this project, we plan to address the survivability of large scale heterogeneous information systems which consists various services provided over multiple interconnected networks with different technologies. The communications network portions of such systems are referred to as multi-networks. We specifically address the issue of survivability due to physical attacks that destroy links and nodes in multi-networks. The end goals is to support critical services in the face of a major attack by making optimum use of network resources while minimizing network congestion. This is an area which is little studied, especially for large scale heterogeneous systems.
"Network Design and Traffic Recovery Procedures for Survivable Wide Area Networks" - $274,097 for faculty and student support
8/95 - 6/98
D. Tipper and D. Medhi (Sponsor: National Science Foundation CCR Program)
Supplemented by "NSF Research Experience for Undergraduates," Fall 96, $5,000 for student support.
This research project in communication protocols focuses on the study of formal modeling of communication protocols which spans the areas of protocol specification, verification, testing and performance. Goals of the project are to provide a unification of the formulation techniques across all of these areas from specification to testing and to add the capability of studying performance within the same kind of formulation. Currently the approaches used to formally specify a protocol are different from those used to verify the logical correctness of a protocol. There is also a gap between the verification formulations and the conformance test generation formulations. The research studies in this project are aimed at closing these two gaps and thereby providing a more integrated approach to the design of communication protocols from specification to verification to testing. In addition, the studies aim to allow one to investigate the performance of the protocol at an early stage of the design, again using the same formulation techniques as in specification and verification.