Information Assurance Research and Training at Iowa State University (ISU) Johnny Wong Information Assurance Center (IAC) www.iac.iastate.edu Iowa State University: Birthplace of the Digital Computer Professor John Vincent Atanasoff Atanasoff-Berry Computer ISU Information • • • • 150 Years old 23rd in number of patents 2nd among universities in R&D 100 Awards 28,000 students – 22,500 undergrads, 5,000 graduate students, 500 professional students • 3 I/U CRC centers (PSERC, CNDE, CIP) • Over $300 million in sponsored funding A partnership between industry, academia, and government working today to solve the security problems of tomorrow Center for Information Protection • ISU is certified as NSA Center of Academic Excellence (CAE) in IA both in Education (Year 1999) and Research (Year 2009), a chartered CAE school. • An NSF I/U CRC with a focus on information protection • The need for information protection is well documented • Primary mission is to create a linkage between security research and organizations providing the critical cyber infrastructure. ISU Industrial Members • • • • • Boeing Iowa DOT John Deere Union Pacific Railroad Palisade Systems Funded Projects (2006) Evaluation of learning Algorithms for Egress Filtering DILON: Detecting Intrusions at Layer One SAVANT: Security Analysis using Visualization of Network Topology Integrating Process Modeling with IT Audit Control Systems for Regulatory Compliance Secure and Dependable Information Delivery in Wireless Ad Hoc and Sensor Networks Intrusion Detection in Wireless Ad Hoc Networks Specification-guided Misuse and Anomaly Intrusion Detection Funded Projects (2007) From Reality to Security Testbeds Bootstrapping trust in Service-Oriented Architectures Identity Theft Awareness Research, Evaluation and Education Delivery Intrusion Detection & Response Systems Security & Privacy Mechanisms for Wireless Mesh Networks Architectural Approaches to Embedded Program Flow Protection Identity Disclosure Protection: A Data Reconstruction Approach for Preserving Privacy in Data Mining Funded Projects (2008) Privacy-Preserving Reasoning Formal Approach for Intrusion Detection and Response Systems Modeling Secure Web Services with AADL (Architecture Analysis & Design Language) ID Theft Awareness Research, Evaluation, and Education Delivery Modeling Paradigms for Security and Dependability in Policy-based Systems Acceleration and Efficiency Exploration of Cryptographic Kernels on Multi-Core Processing Platforms Funded Projects (2009) Tamper-proof and Privacy Preserving Schemes for Smart Cards Secrecy-Preserving Reasoning Response to Collaborative Attacks against Network Vulnerability ISEAGE Test-bed usage Information Assurance (IA) Training at ISU • Multidisciplinary Research Program (25 faculty) • Graduate education – Masters of Science in Information Assurance (70 students ½ off campus) – MS programs specializing in IA in: CprE, CS, Math, PolySci, and MIS – PhD programs specializing in IA: CprE and CS – Graduate Certificate Program • Major Lab Facilities • Outreach efforts: seminars and short courses to state agencies and industry; security awareness integrated in other curricula; significant inter-University projects IA Courses CprE 530: CprE 531: CprE 532: CprE/533: CprE 534: CprE 535: CprE 536: CprE 537: CprE 632: ComS 586: ComS 552: Computer Network Protocols Computer System Security Information Warfare Cryptography Legal & Ethical Issues in Security Data Hiding Computer and Network Forensics Security in Wireless Communications Capstone course in IA Advanced Network Architectures Operating Systems: Advanced Concepts Faculty Research Areas Computer Engineering and Computer Science Security of wireless systems; data mining; mobile agents, DoS attacks; steganography; vulnerability taxonomies; intelligent agents; AI applied to IDS; privacy and anominity; trace back of attacks; battlefield mobile tactical wireless networks; privacy-preserving access of tactical sensor networks; privacy-preserving authentication and access control techniques for smart card; computer security curriculum development Management Information Systems Fraud and audit management; intrusion detection; computer networks, ECommerce Political Science IT budgeting; criminal justice; science & technology public policy; politics of technology change; Cyber politics; constitutional law, ethics, and public policy Mathematics Cryptography College of Education Leadership training; faculty in-service program (Project LEARN) IAC Labs • • • • • ISEAGE SNAIR INS Lab Cyber Crime Lab Cyberspace Forensics • Creation of a simulated Internet for researching, designing, and testing cyber defense mechanisms • Allow real attacks to be played out against systems • Staff trained on both attack and defense methods Uses of ISEAGE • • • • • • Security System Modeling Cyber Physical modeling Cyber Infrastructure modeling Education and Training Research Outreach – Cyber Defense Competitions CIP Access to ISEAGE • Product testing using ISEAGE network testbed • ISEAGE students perform the testing • Member companies propose the product types to be tested and any specific test criteria • Distribution of results will be limited to CIP members unless the members decide to release the findings SNAIR: Securing Networks through Attribution & Intrusion Research Lab • Faculty – Thomas E. Daniels, Director – Julie Dickerson, Yong Guan, Steve Russell, Mani Mina • A laboratory in the ISU Information Assurance Center • Affiliate of the ISU High Speed Systems Engineering Lab • Equipment – 3 Mobile network testbeds for network attribution – Sun POD Cluster – 40+ PC’s – 0.5 TB Data Server – Office space for 10 full time research assistants – Dedicated private firewalled network INS: Innovative Networking and Systems Lab • Faculty – Johnny Wong, Wensheng Zhang, Ying Cai, Wallapak Tavanapong, Andrew Miner, Luan Lu, Carl Chang, Hen-I Yang • A laboratory in the ISU Computer Science Department • Affiliate with the ISU CCILD (Center for Computational Intelligence, Learning and Discovery, led by Professor Vasant Honavar) • Equipment – Wireless Mobile ad hoc network test-beds – Smart Home facilities – Wireless Sensor Networks facilities – Multiple sensors and actuators devices – 50+ PC’s – Office space for 20 full time undergraduate and graduate research assistants Outreach Efforts • Numerous talks on security • Short courses & workshops • Cyber defense competitions – College – Community colleges • High school outreach – Cyber defense – Robotics & Games design – IT-Adventures (www.it-adventures.org)