IS focuses on advancing and assuring the security of our vital social, political, and financial networks while balancing the crucial needs and expectations of privacy and governmental oversight. This mission cuts across four other destination areas and strategic growth areas, intersecting at key points of national interest where Virginia Tech has demonstrated expertise and capability: Security for the Internet of Everything: The interconnection of the digital world, the physical world, and humans interacting with both worlds. Governance and Ethics for Security: Questions and concerns about the adoption, use, and audit of security and privacy practices as they affect citizens and their government, consumers and business, and humans and their environment. Analytics for National Security and Preparedness: Using the capabilities of big data to improve security, forecasting, awareness, and resilience in response to disasters and for national defense.

Recent Submissions

  • Conceptualizing Cyber Deterrence by Entanglement 

    Brantly, A (2018-03-01)
    Dr. Brantly was invited to give one of three keynote lectures for the opening of the Cyber Governance and Policy Center at the University of Oklahoma.
  • Battling the Bear: Ukraine's Approach to National Cybersecurity 

    Brantly, A (2018-09-29)
    Ukraine has faced substantial challenges across multiple fronts its successful 2014 Revolution of Dignity. Among the greatest challenges Ukraine has faced is the establishment of a national cybersecurity infrastructure ...
  • Creating Technological Surprise 

    Walker, Steven H. (Virginia Tech, 2018-10-05)
    This is an abstract from the 2018 Hugh and Ethel Kelly Lecture, "Creating Technological Surprise", presented by Dr. Steven H. Walker in Goodwin Hall on October 5, 2018.
  • Keystroke-Dynamics Authentication Against Synthetic Forgeries 

    Stefan, Deian; Yao, Danfeng (Daphne) (IEEE, 2010)
    We describe the use of keystroke-dynamics patterns for authentication and detecting infected hosts, and evaluate its robustness against forgery attacks. Specifically, we present a remote authentication framework called ...
  • Personal Anomaly Detection and Smart-Phone Security 

    Xiong, Huijun; Yao, Danfeng (Daphne) (Virginia Tech, 2010-04-22)
    Mobile devices increasingly become the computing platform for networked applications such as Web and email. This development requires strong guarantees on the system integrity and data security of mobile devices against ...
  • Strategic Cyber Maneuver 

    Brantly, Aaron F. (Small Wars Foundation, 2017-10-17)
    Maneuver warfare is an integral part of the strategy, tactics and operations of the United States military, but what does it mean to maneuver in cyberspace? Maneuvering with an army is advantageous; with an ...
  • Security and Privacy produced by nHCP Unique Identifiers 

    Tront, Joseph; Groat, Stephen; Dunlop, Matthew; Marchany, Randy (IEEE, 2011-10)
    As protection against the current privacy weaknesses of StateLess Address AutoConfiguration (SLAAC) in the Internet Protocol version 6 (IPv6), network administrators may choose to deploy the new Dynamic Host Configuration ...
  • A Declarative Approach to Hardening Services Against QoS Vulnerabilities 

    Kwon, Young-Wo; Tilevich, Eli (IEEE, 2011)
    The Quality of Service (QoS) in a distributed service-oriented application can be negatively affected by a variety of factors. Network volatility, hostile exploits, poor service management, all can prevent a service-oriented ...
  • Implementing Moving Target IPv6 Defense to Secure 6LoWPAN in the Internet of Things and Smart Grid 

    Sherburne, Matthew; Marchany, Randy; Tront, Joseph (ACM Press, 2014)
    The growing momentum of the Internet of Things (IoT) has shown an increase in attack vectors within the security research community. We propose adapting a recent new approach of frequently changing IPv6 address assignment ...
  • An Extended Perspective on Individual Security Behaviors 

    Crossler, Robert E.; Belanger, Francé (ACM, 2014-11)
    Security threats regularly affect users of home computers. As such, it is important to understand the practices of users for protecting their computers and networks, and to identify determinants of these practices. Several ...
  • Implementing an IPv6 Moving Target Defense on a Live Network 

    Dunlop, Matthew; Groat, Stephen; Marchany, Randy; Tront, Joseph (Cyber-Physical Systems Virtual Organization, 2012)
    The goal of our research is to protect sensitive communications, which are commonly used by government agencies, from eavesdroppers or social engineers. In prior work, we investigated the privacy implications of stateless ...
  • User-Centric Dependence Analysis For Identifying Malicious Mobile Apps 

    Elish, Karim O.; Yao, Danfeng (Daphne); Ryder, Barbara G. (IEEE, 2012)
    This paper describes an efficient approach for identifying malicious Android mobile applications through specialized static program analysis. Our solution performs offline analysis and enforces the normal properties of ...
  • Religiosity and Information Security Policy Compliance 

    Borena, Berhanu; Belanger, Francé (AMCIS, 2013-08)
    Information security is a top concern of managers, often addressed with technical, behavioral and procedural solutions. Information Security Policies (ISPs) are among these solutions. ISPs require organizational members ...
  • Distributed Storage Systems with Secure and Exact Repair - New Results 

    Tandon, Ravi; Amuru, SaiDhiraj; Clancy, T. Charles; Buehrer, R. Michael (IEEE, 2014-02)
    Distributed storage systems (DSS) in the presence of a passive eavesdropper are considered in this paper. A typical DSS is characterized by 3 parameters (n, k, d) where, a file is stored in a distributed manner across n ...
  • Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable Sublinear Revocation 

    Rahaman, Sazzadur; Cheng, Long; Yao, Danfeng (Daphne); Li, He; Park, Jung-Min (Jerry) (De Gruyter Open, 2017)
    Group signature schemes enable anonymous-yetaccountable communications. Such a capability is extremely useful for applications, such as smartphone-based crowdsensing and citizen science. However, the performance of modern ...
  • Rapid Screening of Transformed Data Leaks with Efficient Algorithms and Parallel Computing 

    Shu, Xiaokui; Zhang, Jing; Yao, Danfeng (Daphne); Feng, Wu-Chun (ACM, 2015-03)
    The leak of sensitive data on computer systems poses a serious threat to organizational security. Organizations need to identify the exposure of sensitive data by screening the content in storage and transmission, i.e., ...
  • Virtual Secure Circuit: Porting Dual-Rail Pre-charge Technique into Software on Multicore 

    Chen, Zhimin; Schaumont, Patrick Robert (Cryptology ePrint Archive, 2010)
    This paper discusses a novel direction for multicore cryptographic software, namely the use of multicore to protect a design against side-channel attacks.We present a technique which is based on the principle of dual-rail ...
  • The Cyber Deterrence Problem 

    Brantly, AF (Nato Ccd Coe, 2018-05-30)
    What is the role of deterrence in an age where adept hackers can credibly hold strategic assets at risk? Do conventional frameworks of deterrence maintain their applicability and meaning against state actors in cyberspace? ...
  • Bitcoin and Cryptocurrencies 

    Vasek, Marie; Jardine, Eric; Brantly, Aaron (Virginia Tech, 2018-05-18)
    This panel includes three presentations: “Cryptocurrencies and Financial Crimes” by Marie Vasek; “Cryptocurrencies and Specific Drug Types” by Eric Jardine; and “Bitcoin and OPSEC for Terrorists” by Aaron Brantly. (Please ...

View more