Grants and Projects

J. Joshi, B. Stengel, M. Spring, P. Krishnamurthy, B. Palanisamy, D. Tipper

Amount: $499,951.00

NSF-DGE Award (SFS-Capacity) "A Curriculum for Security Assured Health Informatics"


J. Joshi, K. Pelechrinis, B. Palanisamy, B. Parmanto, P. Krishnamurthy

Amount: $897,055.00

NSA CAE Cybersecurity Grant Towards Insider Threat Assessment and Mitigation


J.Joshi, P. Krishnamurthy, and D. Tipper

Amount: $264,553

CISCO Grant DiCoTraM: Towards a Distributed Collaborative Traffic Monitoring System


J. Joshi

Amount: $54,034

Building and Maintaining Trust in Wireless Networks


K. Pelechrinis (Sponsor: Pitt - CRDF)

The Principal Investigator proposes to design and implement a framework for trust establishment and maintenance in a wireless network. In particular, the following tasks will be undertaken: trust establishment, evidence collection and propagation, trustworthy routing, and accounting for contextual dependencies. The proposed work will be applicable in many mission critical settings (such as in disaster recovery or tactical networks). It is expected that this work will be a stepping stone to increasing the popularity of open networks and applications thereof (such as distributed gaming). Finally, it is also anticipated that the work will directly influence the growth of wireless social networks.

NSF Federal Cyber Service - A scholarship program for Security Assured Information System Track - $1.29 Million


J. Joshi, M. B. Spring, P. Krishnamurthy, D. Tipper

The primary objective of this proposal is to develop and implement a Secruity Assured Information Systems (SAIS) track in the Information Science and Telecommunications degrees (BSIS, MSIS, MST, and PhD). This curriculum will provide a unique education in the development, design and deployment of secure information systems with an emphasis on networked information systems. The goal is to produce IT professionals with the knowledge to cope with the special security challenges posed by conventional and emerging network information systems, e.g., wireless local area networks and their applications and services. Government and industry partners will form an advisory board for the SAIS tracks.

CT-ER: Collaborative Research: MiMANSaS: Metrics, Models and Analysis of Network Security and Survivability


D. Tipper (Sponsor: NSF-CyberTrust)

Information and Communications Technology (ICT) infrastructure failures and cyber attacks are realities that can have catastrophic societal effects. Information Assurance (IA) can be defined as the operations undertaken to protect and defend ICT systems by ensuring their dependability and security. There is a critical need for systematic IA methods that enable ICT systems to adapt and survive any type of disruption or attack. A major hurdle in the development of IA techniques is the lack of models and metrics which enable one to determine the effectiveness of IA mechanisms. This exploratory project seeds a collaborative effort between three PIs at different institutions: Duke University, University of Missouri Kansas-City, and the University of Pittsburgh focused on the development of metrics and models that will allow one to quantitatively study the technical aspects of information assurance (IA) for the network component of the ICT infrastructure. The basis of the approach is to unify attack trees, attack graphs, privilege graphs and fault trees into a common scalable framework with a well defined set of metrics and application scenarios. Extensions of the basic model that include state information, stochastic properties and rewards via Markov chains and stochastic Petri nets, enabling a wider variety of attack and fault scenarios are being studied. The impact of the models and metrics developed is that they provide the techniques and tools necessary to determine the effectiveness of IA mechanisms and allow one to detect bottlenecks and to evaluate the tradeoffs between levels of information assurance, performance and cost.

Project Home Page

Collaborative Research: NeTS: WN: Coping with Jamming Attacks in Ad hoc/Mesh Networks - $150,000


P. Krishnamurthy (Sponsor: NSF-CyberTrust)

Project Home Page

ARSENAL: A cross layer ARchitecture for SEcure resilieNt tacticAL mobile ad hoc networks


D. Tipper, P. Krishnamurthy - Sponsor: MURI

The goal of this project is to develop a cross layer architecture that provides comprehensive security and resilience. Depending on the services desired, the proposed architecture will be able to adaptively provide the right trade-offs between performance, security and fault-resilience. The project as a whole will undertake three simultaneous but interdependent tasks geared towards a) performing measurements via real deployments and enhancing our understanding of layer dependencies and vulnerabilities in mobile ad hoc networks; these measurements will be on existing testbeds at various PI institutions b) building analytical models to characterize the behavioral nuances of these networks and c) design of new cross layer protocols that that protect against vulnerabilities and provide the desired robustness as mentioned above. The distinguishing aspects of this proposed work are that the approach (i) provides accurate, experimentally validated physical and higher layer characterization and dependencies between layers, (ii) unlike previous approaches, accounts for physical layer effects and exploits specialized physical layer features to provide better security and (iii) models and takes into account, a comprehensive set of possible attacks including attacks by insider nodes and eliminates/alleviates their impact. At Pitt, the PIs will participate in experimental work (data collection at Pitt to complement testbeds at UC Davis and elsewhere), developing analytical models in conjunction with other universities, and integrating them with the cross-layer protocols likewise.

"A Trust-based Access Control Management Framework for Secure Information Sharing and Multimedia Workflows in Heterogeneous Environments" - $416,419, NSF-CAREER (IIS)

2006, 5 years

James B. D. Joshi

CIAG Cisco Equipment Grant Winners - ~$130,000

Spring 2005

James B. D. Joshi, P. Krishnamurthy, D. W. Tipper, M. B. Spring

"A Curriculum in Security Assured Information Systems" - $286,000


M. B. Spring, P. Krishnamurthy, D. Tipper, J. B. D. Joshi (NSF Federal Cyber Service - Scholarship for Service)

Project Home Page

"An Adaptive Framework For Security-Assured Survivable Information Systems" - $15988


J. B. D. Joshi (Sponsor: CRDF, University of Pittsburgh)

"Role Assured Publicly Accessible Information (RAPAI)" - $25,000


M. B. Spring (Dean's Entrepreneurial Initiatives)

The School of Information Sciences has initiated a project to provide an accessible and public information system that has a high level of security based on role-based authentication. While the basic theory behind the idea is not new, the idea of making a plug and play system that could be implemented easily is worth exploring. The project has three goals:

  • To provide an interdisciplinary effort exposing undergraduates to security – specifically to the development of a role based authentication system based on the use of RFID tags and a role based authentication system.
  • To provide a publicly accessible information exchange system that securely allows a broad population to enter information for public display
  • To provide a system that maximizes the relevance of information displayed in a transient public environment – the lobby and elevators of the School of Information Sciences.

The project builds on Weiser’s work on Ubiquitous computing at Xerox PARC. (More...)

"Laboratory of Education and Research on Security Assured Information Systems (LERSAIS)," - $12,000


J. B. D. Joshi, P. Krishnamurthy, D. W. Tipper, M. B. Spring (Dean's Entrepreneurial Initiatives)

"Survivable and Secure Wireless Information Architecture," - $432,076

08/01 - 08/03

P. Krishnamurthy, D. W. Tipper, J. Kabara (Sponsor: National Institute of Standards (NIST) Critical Infrastructure Protection Grant)

Wireless networks are inherently vulnerable and their increased deployment makes security a big problem. In this project, we are investigating a security architecture for hybrid wireless networks that include both wide and local area components. The resource limitation of wireless devices makes energy efficiency important and another aspect of this project is evaluating the energy consumption of different security protocols and looking at the tradeoffs between energy and security.

"Design and Restoration Techniques for Fault Tolerant Wireless Access Networks," - $300,000

9/15/00 - 9/15/03

D. Tipper and T. Dahlberg (Sponsor: National Science Foundation ANIR Program)

Supplemented by "NSF Research Experience for Undergraduates," June 01, $12,000 for student support.

The objective of this project is to develop a comprehensive treatment of survivability for wireless access networks. One thrust is survivable network design and analysis. This includes identifying metrics that are useful for quantifying mobile network performance during normal and abnormal operating modes and determining a methodology for estimating the metrics. Given appropriate metrics, wireless access network topology design and capacity allocation algorithms which incorporate survivability strategies are being developed. This includes the cell-site architecture and the topology of the network interconnecting the cells to the fixed infrastructure. A second thrust is development of traffic restoration algorithms which aim at making the best use of available network resources after a failure. This work concentrates on the design and analysis of priority based traffic restoration techniques to provide users service continuity while minimizing network congestion. A multi-layer approach involving a coordinated strategy among network layers is being developed.

"E-Speak Services for E-Business"


M. B. Spring, Taieb Znati, Dennis Galletta, et. al. (Hewlett Packard)

Students with technology skills and business acumen are in high demand and the need for these students will continue to increase over the years to come. The University of Pittsburgh will develop a secure environment, based on Hewlett-Packard's e"speak, where students can study and experiment with programming and network technology basics along with marketing and other business. The project will involve Katz Graduate School of Business(KGSB),Information Science and Telecommunications(IST), and Computer Science(CS).The project will impact courses available to 1400 full and part time graduate students (900KGSB, 400DIST, and 100CS) and 475 undergraduate students (225 CS and 250 IS).The project focuses on the development of secure frameworks based on e"speak which will allow students in courses to complete meaningful components of larger systems within the scope of a course or independent study. The courses selected include those within the departments that already address systems design. The success of the initiative will be measured in terms of the number of functioning modules developed by students. In addition, the project will endeavor to shape student contribution to research projects currently underway or planned for the departments.

"ITR: Educating a Wireless Information Systems Workforce," research funded by the National Science Foundation. - $391,204


P. Krishnamurthy, D. Tipper, J. Kabara (Link-To-Learn Information Technology Workforce Development grant)

The primary objective of this project is to develop and implement a wireless information systems degree track that provides a unique education in the development, design, and deployment of wireless information systems with an emphasis on emerging wireless data technology. The goal is to produce information technology (IT) professionals with the knowledge to address the special challenges (e.g. user mobility, adverse communications channels, limited battery life) posed by emerging wireless information systems. A secondary objective is to develop innovative instructional methods and tools using wireless devices in the classroom and laboratory that extend through K-16 education. The research and coursework associated with this educational track are needed to help meet the explosive demand for IT professionals from wireless service providers, wireless equipment manufacturers, applications developers using wireless systems, and wireless information systems users.

Security Architecture for Wireless Residential Networks - $13,230


P. Krishnamurthy and J.F. Kabara (CRDF)

The installation rate of residential networks is expected to accelerate in the next few years with wireless networking being by far the technology of choice due to attractive features such as ease of use. A wide variety of traditional computing devices and embedded Internet appliances will be networked in homes. However, due to the broadcast nature of these networks and the heterogeneity of devices on these networks, new security problems will arise since the different types of devices have different security requirements and capabilities. The objective of this project is to explore security issues related to wireless residential networks, and develop architectural solutions based on a classification of security services, containment and algorithm agility that will be suitable for wireless residential networks.

"Self-Configuring Multi-Networks for Information Systems Survivability" - $1,251,241

7/1/97 - 6/30/00

D. Medhi and D. Tipper (Sponsor: Defense Advanced Research Projects Agency, (DARPA))

A major attack can significantly reduce the capability to deliver services in large-scale networked information systems. In this project, we plan to address the survivability of large scale heterogeneous information systems which consists various services provided over multiple interconnected networks with different technologies. The communications network portions of such systems are referred to as multi-networks. We specifically address the issue of survivability due to physical attacks that destroy links and nodes in multi-networks. The end goals is to support critical services in the face of a major attack by making optimum use of network resources while minimizing network congestion. This is an area which is little studied, especially for large scale heterogeneous systems.

"Network Design and Traffic Recovery Procedures for Survivable Wide Area Networks" - $274,097 for faculty and student support

8/95 - 6/98

D. Tipper and D. Medhi (Sponsor: National Science Foundation CCR Program)

Supplemented by "NSF Research Experience for Undergraduates," Fall 96, $5,000 for student support.

This research project in communication protocols focuses on the study of formal modeling of communication protocols which spans the areas of protocol specification, verification, testing and performance. Goals of the project are to provide a unification of the formulation techniques across all of these areas from specification to testing and to add the capability of studying performance within the same kind of formulation. Currently the approaches used to formally specify a protocol are different from those used to verify the logical correctness of a protocol. There is also a gap between the verification formulations and the conformance test generation formulations. The research studies in this project are aimed at closing these two gaps and thereby providing a more integrated approach to the design of communication protocols from specification to verification to testing. In addition, the studies aim to allow one to investigate the performance of the protocol at an early stage of the design, again using the same formulation techniques as in specification and verification.