Research

Overview

We are working on cutting-edge cybersecurity topics (check our publication page for details):

SPS: Software-defined Programmable Security for next-generation networks and systems (e.g., SDN, NFV, Cloud, Edge, 5G…)
- Check out the final report from our 2018 NSF Workshop on Programmable System Security in a Software Defined World.
- Check our S2OS project website. S2OS is a large multi-institute project funded by NSF/VMware, in which we aim to build a new Security OS with Software Defined Infrastructure
- Other projects: NextSec, FRESCO, OpenFlowSec.org
AI Security
- AI for cybersecurity: e.g., AI-powered malware and threat detection
- Security for AI
Security in emerging technologies (e.g., Mobile, IoT, Web and Web3)
- To secure emerging technologies such as mobile devices, IoT, web applications, and Web3 ecosystems against evolving threat landscapes

Our mission is to make networking and computing more secure!

A few selected example research projects are listed as follows:

NextSec: Securing 5G, 6G and Beyond

This project proposes a revolutionary construct of secure architecture for NextG (Next-Generation wireless communication systems), and a resulting frame- work called NextSec.

Learn More…

With the help of new service worker technology, traditional websites can now act like native mobile apps or become appified. In this emerging appified web paradigm, we systematically study both the vulnerabilities and the security enhancement to appified websites.

Learn More…

S2OS

A new SDI-defined Security OS. It aims to abstract security capabilities and primitives at various layers, thus providing unified programmability and controllability so that any security policy or procedure can be easily and dynamically programmed at the infrastructure scale.
Learn More…

LipFuzzer

LipFuzzer aims to assess vApp’s problematic Intent Classifier at a large scale. The tool generates potentially dangerous voice commands that are likely to incur semantic inconsistency such that a user reaches an unintended vApp/functionality (i.e. users think they use voice commands correctly but yield unwanted results).
Learn More…

Hybrid-PostMessage & OSV-Free

We find a new type of security issues caused by hybrid postMessage in mobile hybrid apps, i.e., “Origin Stripping Vulnerability” (OSV). To mitigate OSV from the root, we design and implement three new postMessage APIs, called OSV-Free.
Learn More…

FRESCO

An application framework for rapid security service implementation. In this project, we aim to provide a SDN development framework to facilitate development and deployment of network (security) services.
Learn More…