•   When: Wednesday, November 02, 2016 from 02:00 PM to 03:00 PM
•   Speakers: Angelos Stavrou, Department of Computer Science, George Mason University
•   Location: JC Room E
•   Export to iCal

Abstract

In this talk, I will be presenting my research over the past few years on Cyber Security defenses spanning from Cloud-enabled Moving Target defenses to host-based intrusion detection and mobile device security. To that end, I will showcase some of the defense strategies and systems that we designed to mitigate Denial of Service threats, detect intrusions, and expose embedded and mobile malware for Android and iOS devices. I will also discuss the research challenges and open problems in analyzing and building secure systems and the need for cross-disciplinary synergy and collaboration to fundamentally address them.

One of the projects I will describe in more detail is a novel architecture for cloud-enabled Distributed Denial of Service (DDoS) defenses called SR2 (for Shuffle, Redirect, Replicate) that elevates continuous system evolution and dispersion of available resources as first-rate design principles. The goal is to enable an environment for network services that constantly changes along several dimensions, toward creating an unpredictable target for an adversary. This unpredictability will both impede the adversary’s ability to focus his attack to specific “pinch”
points in the end-to-end network connectivity or otherwise corrupt specific elements of the system to disrupt, and/or otherwise impede the ability of clients to connect to network services. The architecture is effective even when the attacker becomes part of and compromises part of the defense system from the inside. Thus, the aim is to build defenses where network services and data are constantly in flux, using adaptive (both
proactive and reactive) protection mechanisms and distributed monitoring at various levels of abstraction. A key element of the proposed approach is that we enable the pooling of resources across different organizations by creating an architecture that can offer agile management of resources securely.

Furthermore, I will emphasize why Cyber Security is going to play a central role in our future research and education partly owed to the ever increasing adoption of technology in our everyday life and exposure of critical infrastructure to Internet connectivity. I will also discuss the role of research in education and the challenges of building a comprehensive security program that is appealing not only to computer scientists but other disciplines as well including electrical engineering, business, and policy.

Bio:

Dr. Angelos Stavrou is an Associate Professor at George Mason University and the Director of the Center for Assurance Research and Engineering (CARE) at GMU. Stavrou has served as principal investigator on research awards from NSF, DARPA, IARPA, DHS, AFOSR, ARO, ONR, and he is an active member of NIST's Mobile Security team and has written more than 90 peer-reviewed conference and journal articles. Stavrou received his M.Sc. in Electrical Engineering, M.Phil. and Ph.D. (with distinction) in Computer Science all from Columbia University. He also holds an M.Sc. in theoretical Computer Science from University of Athens, and a B.Sc. in Physics with distinction from University of Patras, Greece. Stavrou is an Associate Editor of IEEE Transactions on Reliability and IET Journal on Information Security. His current research interests include security and reliability for distributed systems, security principles for virtualization, and anonymity with a focus on building and deploying large-scale systems. Stavrou received the GMU Department of Computer Science Outstanding Research Award in 2010 and 2016 and was awarded with the 2012 George Mason Emerging Researcher, Scholar, Creator Award, a university-wide award. In 2013, he received the IEEE Reliability Society Engineer of the Year award. He is a NIST guest researcher, a member of the ACM and USENIX, and a senior IEEE member.