IS focuses on advancing and assuring the security of our vital social, political, and financial networks while balancing the crucial needs and expectations of privacy and governmental oversight. This mission cuts across four other destination areas and strategic growth areas, intersecting at key points of national interest where Virginia Tech has demonstrated expertise and capability: Security for the Internet of Everything: The interconnection of the digital world, the physical world, and humans interacting with both worlds. Governance and Ethics for Security: Questions and concerns about the adoption, use, and audit of security and privacy practices as they affect citizens and their government, consumers and business, and humans and their environment. Analytics for National Security and Preparedness: Using the capabilities of big data to improve security, forecasting, awareness, and resilience in response to disasters and for national defense.

Recent Submissions

  • Medical Monitoring Applications for Wearable Computing 

    Raskovic, Dejan; Martin, Thomas; Jovanov, Emil (The British Computer Society, 2004-04-01)
    Medical monitors have benefited from technological advances in the field of wireless communication, processing and power sources. These advances have made possible miniaturization and prolonged operating times of medical ...
  • Enterprise data breach: causes, challenges, prevention, and future directions 

    Cheng, Long; Liu, Fang; Yao, Danfeng (Daphne) (Wiley, 2017)
    A data breach is the intentional or inadvertent exposure of confidential information to unauthorized parties. In the digital era, data has become one of the most critical components of an enterprise. Data leakage poses ...
  • Secure Coding Practices in Java: Challenges and Vulnerabilities 

    Meng, Na; Nagy, Stefan; Yao, Daphne; Zhuang, Wenjie; Argoty, Gustavo Arango (Virginia Tech, 2017-09-28)
    Java platform and third-party libraries provide various security features to facilitate secure coding. However, misusing these features can cost tremendous time and effort of developers or cause security vulnerabilities ...
  • Unearthing Stealthy Program Attacks Buried in Extremely Long Execution Paths 

    Shu, Xiaokui; Yao, Danfeng (Daphne); Ramakrishnan, Naren (ACM, 2015-10)
    Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., tampering with noncontrol data and waiting for the modified data to propagate and alter the control flow legally. Existing ...
  • Towards Optimal Secure Distributed Storage Systems with Exact Repair 

    Tandon, Ravi; Amuru, SaiDhiraj; Clancy, T. Charles; Buehrer, R. Michael (IEEE, 2016-06)
    Distributed storage systems in the presence of a wiretapper are considered. A distributed storage system (DSS) is parameterized by three parameters (𝑛, 𝑘, 𝑑), in which a file stored across n distributed nodes, can be ...
  • A Multi-Tier Wireless Spectrum Sharing System Leveraging Secure Spectrum Auctions 

    Abdelhadi, Ahmed; Shajaiah, Haya; Clancy, Charles (IEEE, 2015-10-08)
    Secure spectrum auctions can revolutionize the spectrum utilization of cellular networks and satisfy the ever increasing demand for resources. In this paper, a multi-tier dynamic spectrum sharing system is studied for ...
  • A Modest Proposal for Open Market Risk Assessment to Solve the Cyber-Security Problem 

    O’Shea, Timothy J.; Mondl, Adam; Clancy, T. Charles (Virginia Tech, 2016-04-29)
    We introduce a model for a market based economic system of cyber-risk valuation to correct fundamental problems of incentives within the information technology and information processing industries. We assess the makeup ...
  • Civil Cyberconflict: Microsoft, Cybercrime, and Botnets 

    Hiller, Janine S. (Santa Clara University School of Law, 2014-01)
    Cyber “warfare” and hackback by private companies is a hot discussion topic for its potential to fight cybercrime and promote cybersecurity. In the shadow of this provocative discussion, Microsoft has led a concerted, ...
  • Privacy and Security in the Implementation of Health Information Technology (Electronic Health Records): U.S. and EU Compared 

    Hiller, Janine; McMullen, Matthew S.; Chumney, Wade M.; Baumer, David L. (Boston University School of Law, 2011)
    The importance of the adoption of Electronic Health Records (EHRs) and the associated cost savings cannot be ignored as an element in the changing delivery of health care. However, the potential cost savings predicted in ...
  • Application of Cybernetics and Control Theory for a New Paradigm in Cybersecurity 

    Adams, Michael D.; Hitefield, Seth D.; Hoy, Bruce; Fowler, Michael C.; Clancy, T. Charles (Virginia Tech, 2013-11-01)
    A significant limitation of current cyber security research and techniques is its reactive and applied nature. This leads to a continuous ‘cyber cycle’ of attackers scanning networks, developing exploits and attacking ...
  • Intrusion Detection System for Applications using Linux Containers 

    Abed, Amr S.; Clancy, Charles; Levy, David S. (Springer, 2015-12-09)
    Linux containers are gaining increasing traction in both individual and industrial use, and as these containers get integrated into mission-critical systems, real-time detection of malicious cyber attacks becomes a critical ...
  • Pricing a Protest: Forecasting the Dynamics of Civil Unrest Activity in Social Media 

    Goode, Brian J.; Krishnan, Siddharth; Roan, Michael; Ramakrishnan, Naren (PLOS, 2015-10-06)
    Online social media activity can often be a precursor to disruptive events such as protests, strikes, and “occupy” movements.We have observed that such civil unrest can galvanize supporters through social networks and help ...
  • Forecasting Social Unrest Using Activity Cascades 

    Cadena, Jose; Korkmaz, Gizem; Kuhlman, Chris J.; Marathe, Achla; Ramakrishnan, Naren; Vullikanti, Anil (PLOS, 2015-06-19)
    Social unrest is endemic in many societies, and recent news has drawn attention to happenings in Latin America, the Middle East, and Eastern Europe. Civilian populations mobilize, sometimes spontaneously and sometimes in ...
  • Determining Relative Airport Threats from News and Social Media 

    Khandpur, Rupinder P.; Ji, Taoran; Ning, Yue; Zhao, Liang; Lu, Chang-Tien; Smith, Erik R.; Adams, Christopher; Ramakrishnan, Naren (AAAI, 2017)
    Airports are a prime target for terrorist organizations, drug traffickers, smugglers, and other nefarious groups. Traditional forms of security assessment are not real-time and often do not exist for each airport and port ...
  • Strengthening MT6D Defenses with LXC-Based Honeypot Capabilities 

    Basam, Dileep; Ransbottom, J. Scot; Marchany, Randy; Tront, Joseph G. (2016-04-20)
    Moving Target IPv6 Defense (MT6D) imparts radio-frequency hopping behavior to IPv6 networks by having participating nodes periodically hop onto new addresses while giving up old addresses. Our previous research efforts ...
  • Network Security Data Analytics Architecture for Logged Events 

    DeYoung, Mark E.; Marchany, Randy; Tront, Joseph (2017-01-04)
    Data-driven network security and information security efforts have decades long history. The deluge of logged events from network mid-points and end-points coupled with unprecedented temporal depth in data retention are ...
  • ‘Beating the news’ with EMBERS: Forecasting Civil Unrest using Open Source Indicators 

    Ramakrishnan, N; Butler, P; Self, N; Khandpur, R; Saraf, P; Wang, W; Cadena, J; Vullikanti, A; Korkmaz, G; Kuhlman, C; Marathe, A; Zhao, L; Ting, H; Huang, B; Srinivasan, A; Trinh, K; Getoor, L; Katz, G; Doyle, A; Ackermann, C; Zavorin, I; Ford, J; Summers, K; Fayed, Y; Arredondo, J; Gupta, D; Mares, D (2014)
  • Unsupervised Spatial Event Detection in Targeted Domains with Applications to Civil Unrest Modeling 

    Zhao, L; Chen, F; Dai, J; Hua, T; Lu, C-T; Ramakrishnan, N (PUBLIC LIBRARY SCIENCE, 2014-10-28)
  • Process Authentication for High System Assurance 

    Almohri, Hussain M.J.; Yao, Danfeng (Daphne); Kafura, Dennis (IEEE Computer Society, 2013-07-11)
    This paper points out the need in modern operating system kernels for a process authentication mechanism, where a process of a user-level application proves its identity to the kernel. Process authentication is different ...
  • Vulnerability of LTE to Hostile Interference 

    Lichtman, M; Reed, JH; Clancy, TC; Norton, M (IEEE, 2013-01-01)

View more