Information Assurance Research and Training at Iowa State University

Information Assurance
Research and Training
Iowa State University
Johnny Wong
Information Assurance Center (IAC)
Iowa State University: Birthplace of the Digital Computer
Professor John Vincent Atanasoff
Atanasoff-Berry Computer
ISU Information
150 Years old
23rd in number of patents
2nd among universities in R&D 100 Awards
28,000 students
– 22,500 undergrads, 5,000 graduate
students, 500 professional students
• 3 I/U CRC centers (PSERC, CNDE, CIP)
• Over $300 million in sponsored funding
A partnership between industry,
academia, and government working
today to solve the security problems of
Center for Information Protection
• ISU is certified as NSA Center of Academic
Excellence (CAE) in IA both in Education
(Year 1999) and Research (Year 2009), a
chartered CAE school.
• An NSF I/U CRC with a focus on information
• The need for information protection is well
• Primary mission is to create a linkage
between security research and organizations
providing the critical cyber infrastructure.
ISU Industrial Members
Iowa DOT
John Deere
Union Pacific Railroad
Palisade Systems
Funded Projects (2006)
Evaluation of learning Algorithms for Egress Filtering
DILON: Detecting Intrusions at Layer One
SAVANT: Security Analysis using Visualization of Network
Integrating Process Modeling with IT
Audit Control Systems for Regulatory Compliance
Secure and Dependable Information Delivery in Wireless Ad
Hoc and Sensor Networks
Intrusion Detection in Wireless Ad Hoc Networks
Specification-guided Misuse and Anomaly Intrusion Detection
Funded Projects (2007)
From Reality to Security Testbeds
Bootstrapping trust in Service-Oriented Architectures
Identity Theft Awareness Research, Evaluation and
Education Delivery
Intrusion Detection & Response Systems
Security & Privacy Mechanisms for Wireless Mesh Networks
Architectural Approaches to Embedded Program Flow
Identity Disclosure Protection: A Data Reconstruction
Approach for Preserving Privacy in Data Mining
Funded Projects (2008)
Privacy-Preserving Reasoning
Formal Approach for Intrusion Detection and Response
Modeling Secure Web Services with AADL
(Architecture Analysis & Design Language)
ID Theft Awareness Research, Evaluation, and Education
Modeling Paradigms for Security and Dependability in
Policy-based Systems
Acceleration and Efficiency Exploration of Cryptographic
Kernels on Multi-Core Processing Platforms
Funded Projects (2009)
Tamper-proof and Privacy Preserving Schemes for
Smart Cards
Secrecy-Preserving Reasoning
Response to Collaborative Attacks against Network
ISEAGE Test-bed usage
Information Assurance (IA)
Training at ISU
• Multidisciplinary Research Program (25 faculty)
• Graduate education
– Masters of Science in Information Assurance (70 students ½ off campus)
– MS programs specializing in IA in: CprE, CS, Math, PolySci, and MIS
– PhD programs specializing in IA: CprE and CS
– Graduate Certificate Program
• Major Lab Facilities
• Outreach efforts: seminars and short courses to state agencies
and industry; security awareness integrated in other curricula;
significant inter-University projects
IA Courses
CprE 530:
CprE 531:
CprE 532:
CprE 534:
CprE 535:
CprE 536:
CprE 537:
CprE 632:
ComS 586:
ComS 552:
Computer Network Protocols
Computer System Security
Information Warfare
Legal & Ethical Issues in Security
Data Hiding
Computer and Network Forensics
Security in Wireless Communications
Capstone course in IA
Advanced Network Architectures
Operating Systems: Advanced Concepts
Faculty Research Areas
Computer Engineering and Computer Science
Security of wireless systems; data mining; mobile agents, DoS attacks;
steganography; vulnerability taxonomies; intelligent agents; AI applied to IDS;
privacy and anominity; trace back of attacks; battlefield mobile tactical wireless
networks; privacy-preserving access of tactical sensor networks; privacy-preserving
authentication and access control techniques for smart card; computer security
curriculum development
Management Information Systems
Fraud and audit management; intrusion detection; computer networks, ECommerce
Political Science
IT budgeting; criminal justice; science & technology public policy; politics of
technology change; Cyber politics; constitutional law, ethics, and public policy
College of Education
Leadership training; faculty in-service program (Project LEARN)
IAC Labs
Cyber Crime Lab
Cyberspace Forensics
• Creation of a simulated Internet for
researching, designing, and testing cyber
defense mechanisms
• Allow real attacks to be played out against
• Staff trained on both attack and defense
Uses of ISEAGE
Security System Modeling
Cyber Physical modeling
Cyber Infrastructure modeling
Education and Training
– Cyber Defense Competitions
CIP Access to ISEAGE
• Product testing using ISEAGE network
• ISEAGE students perform the testing
• Member companies propose the product
types to be tested and any specific test
• Distribution of results will be limited to CIP
members unless the members decide to
release the findings
SNAIR: Securing Networks through
Attribution & Intrusion Research Lab
• Faculty
– Thomas E. Daniels,
– Julie Dickerson, Yong
Guan, Steve Russell,
Mani Mina
• A laboratory in the ISU
Information Assurance
• Affiliate of the ISU High
Speed Systems
Engineering Lab
• Equipment
– 3 Mobile network
testbeds for network
– Sun POD Cluster
– 40+ PC’s
– 0.5 TB Data Server
– Office space for 10 full
time research
– Dedicated private
firewalled network
INS: Innovative Networking and
Systems Lab
• Faculty
– Johnny Wong, Wensheng
Zhang, Ying Cai, Wallapak
Tavanapong, Andrew Miner,
Luan Lu, Carl Chang, Hen-I
• A laboratory in the ISU
Computer Science
• Affiliate with the ISU CCILD
(Center for Computational
Intelligence, Learning and
Discovery, led by Professor
Vasant Honavar)
• Equipment
– Wireless Mobile ad
hoc network test-beds
– Smart Home facilities
– Wireless Sensor
Networks facilities
– Multiple sensors and
actuators devices
– 50+ PC’s
– Office space for 20 full
time undergraduate
and graduate research
Outreach Efforts
• Numerous talks on security
• Short courses & workshops
• Cyber defense competitions
– College
– Community colleges
• High school outreach
– Cyber defense
– Robotics & Games design
– IT-Adventures (