Information Assurance Research and Training

at Iowa State University

(ISU)Johnny Wong

Information Assurance Center (IAC)

www.iac.iastate.edu

Information Assurance Center

www.iac.iastate.edu

Iowa State University: Birthplace of the Digital Computer

Professor John Vincent Atanasoff

Atanasoff-Berry Computer

ISU Information

• 150 Years old

• 23rd in number of patents

• 2nd among universities in R&D 100 Awards

• 28,000 students

– 22,500 undergrads, 5,000 graduate students, 500 professional students

• 3 I/U CRC centers (PSERC, CNDE, CIP)

• Over $300 million in sponsored funding

A partnership between industry, academia, and government working

today to solve the security problems of tomorrow

Center for Information Protection• ISU is certified as NSA Center of Academic

Excellence (CAE) in IA both in Education (Year 1999) and Research (Year 2009), a chartered CAE school.

• An NSF I/U CRC with a focus on information protection

• The need for information protection is well documented

• Primary mission is to create a linkage between security research and organizations providing the critical cyber infrastructure.

ISU Industrial Members

• Boeing • Iowa DOT• John Deere • Union Pacific Railroad• Palisade Systems

Funded Projects (2006)Evaluation of learning Algorithms for Egress Filtering

DILON: Detecting Intrusions at Layer OneSAVANT: Security Analysis using Visualization of Network TopologyIntegrating Process Modeling with ITAudit Control Systems for Regulatory Compliance

Secure and Dependable Information Delivery in Wireless Ad Hoc and Sensor NetworksIntrusion Detection in Wireless Ad Hoc NetworksSpecification-guided Misuse and Anomaly Intrusion Detection

Funded Projects (2007)From Reality to Security TestbedsBootstrapping trust in Service-Oriented Architectures

Identity Theft Awareness Research, Evaluation and Education DeliveryIntrusion Detection & Response SystemsSecurity & Privacy Mechanisms for Wireless Mesh Networks

Architectural Approaches to Embedded Program Flow ProtectionIdentity Disclosure Protection: A Data Reconstruction Approach for Preserving Privacy in Data Mining

Funded Projects (2008)Privacy-Preserving Reasoning

Formal Approach for Intrusion Detection and Response Systems

Modeling Secure Web Services with AADL (Architecture Analysis & Design Language)

ID Theft Awareness Research, Evaluation, and Education Delivery

Modeling Paradigms for Security and Dependability in Policy-based Systems

Acceleration and Efficiency Exploration of Cryptographic Kernels on Multi-Core Processing Platforms

Funded Projects (2009)

Tamper-proof and Privacy Preserving Schemes for Smart Cards

Secrecy-Preserving Reasoning

Response to Collaborative Attacks against Network Vulnerability

ISEAGE Test-bed usage

Information Assurance (IA) Training at ISU

• Multidisciplinary Research Program (25 faculty)

• Graduate education

– Masters of Science in Information Assurance (70 students ½ off campus)

– MS programs specializing in IA in: CprE, CS, Math, PolySci, and MIS

– PhD programs specializing in IA: CprE and CS

– Graduate Certificate Program

• Major Lab Facilities

• Outreach efforts: seminars and short courses to state agencies and industry; security awareness integrated in other curricula; significant inter-University projects

IA Courses

CprE 530: Computer Network ProtocolsCprE 531: Computer System SecurityCprE 532: Information WarfareCprE/533: CryptographyCprE 534: Legal & Ethical Issues in SecurityCprE 535: Data HidingCprE 536: Computer and Network ForensicsCprE 537: Security in Wireless CommunicationsCprE 632: Capstone course in IAComS 586: Advanced Network ArchitecturesComS 552: Operating Systems: Advanced Concepts

Faculty Research AreasComputer Engineering and Computer Science

Security of wireless systems; data mining; mobile agents, DoS attacks; steganography; vulnerability taxonomies; intelligent agents; AI applied to IDS; privacy and anominity; trace back of attacks; battlefield mobile tactical wireless networks; privacy-preserving access of tactical sensor networks; privacy-preserving authentication and access control techniques for smart card; computer security curriculum development

Management Information Systems

Fraud and audit management; intrusion detection; computer networks, E-Commerce

Political Science

IT budgeting; criminal justice; science & technology public policy; politics of technology change; Cyber politics; constitutional law, ethics, and public policy

Mathematics

Cryptography

College of Education

Leadership training; faculty in-service program (Project LEARN)

IAC Labs

• ISEAGE

• SNAIR

• INS Lab

• Cyber Crime Lab

• Cyberspace Forensics

• Creation of a simulated Internet for researching, designing, and testing cyber defense mechanisms

• Allow real attacks to be played out against systems

• Staff trained on both attack and defense methods

Uses of ISEAGE

• Security System Modeling

• Cyber Physical modeling

• Cyber Infrastructure modeling

• Education and Training

• Research

• Outreach– Cyber Defense Competitions

CIP Access to ISEAGE

• Product testing using ISEAGE network testbed

• ISEAGE students perform the testing• Member companies propose the product

types to be tested and any specific test criteria

• Distribution of results will be limited to CIP members unless the members decide to release the findings

SNAIRSNAIR: Securing Networks through Attribution & Intrusion Research Lab

• Faculty– Thomas E. Daniels,

Director– Julie Dickerson, Yong

Guan, Steve Russell, Mani Mina

• A laboratory in the ISU Information Assurance Center

• Affiliate of the ISU High Speed Systems Engineering Lab

• Equipment– 3 Mobile network

testbeds for network attribution

– Sun POD Cluster– 40+ PC’s– 0.5 TB Data Server– Office space for 10 full

time research assistants

– Dedicated private firewalled network

INSINS: Innovative Networking and Systems Lab

• Faculty– Johnny Wong, Wensheng

Zhang, Ying Cai, Wallapak Tavanapong, Andrew Miner, Luan Lu, Carl Chang, Hen-I Yang

• A laboratory in the ISU Computer Science Department

• Affiliate with the ISU CCILD (Center for Computational Intelligence, Learning and Discovery, led by Professor Vasant Honavar)

• Equipment– Wireless Mobile ad hoc

network test-beds– Smart Home facilities– Wireless Sensor

Networks facilities– Multiple sensors and

actuators devices– 50+ PC’s– Office space for 20 full

time undergraduate and graduate research assistants

Outreach Efforts

• Numerous talks on security• Short courses & workshops• Cyber defense competitions

– College– Community colleges

• High school outreach– Cyber defense– Robotics & Games design– IT-Adventures (www.it-adventures.org)