profile pic

Eric Osterweil

Assistant Professor, Department of Computer Science at George Mason University

NOTE: I am actively looking for post-docs, graduate students, and undergraduate students to work in the below research areas with me.

Research Foci

My research focuses on measurable security in core Internet protocols, Internet-scale cybersecurity systems, and application-level/endpoint protections that can be derived from these. I am the director of the Measurable Security Lab (MSL), and this is the link to the lab's webpage.

Research in the MSL focuses on evaluating and evolving protections by using measurements and data analysis: measurement-based (or measurable) security. This work involves systems implementation (both of measurement apparatuses and endpoint security software), large-scale data analyses, innovations to network protocols, and ultimately developing Internet-scale cybersecurity that works! The MSL maintains the world’s only complete longitudinal measurements of the Internet’s first deployment of a secure core protocol: the Domain Name System’s (DNS’) Security Extensions (DNSSEC). This is a 36.6 billion row database that spans 16+ years, and is actively growing and evolving. We conduct research to learn lessons from what has worked in order to propose cybersecurity for tomorrow.

I have been conducting basic research while also being involved in industry/policy settings for almost 20 years. I believe basic research that comes from large-scale measurements and data analyses synergizes well with operationalizing new solutions and conducting structured research investigations into real-world cybersecurity and Internet security problems. Areas and protocols that I work most directly with include the Domain Name System (DNS) with DNSSEC, inter-domain routing in the Border Gateway Protocol (BGP), Distributed Denial of Service (DDoS) attacks, and Cybersecurity Threat Information (CTI) sharing (STIX/TAXII, Communities of Trust, etc.). My research is exploring settings like the 5G/NextG Internet of Things (IoT) deployments, mobile Healthcare (mHealth), and CyberPhysical Systems (CPS).

If you are interested in exploring cybersecurity and/or analyzing expansive operational data sets, interested in inventing some of the world’s next Internet-scale security and privacy protections, and are excited to do research that has a tangible impact on the world, inquire about research opportunities.

About me

I am an assistant professor in the Computer Science Department at George Mason University, with almost 20 years of work in the industry. I studied physics and computer science at the Johns Hopkins University and earned my Ph.D. from the University of California, Los Angeles. Between these degrees I worked as a professional software engineer for many years, building large-scale production systems at a variety of companies. After earning my doctorate, I conducted research and led investigations as a principal scientist Verisign. While there I studied and published works on inter-domain routing security in the Internet, researched/designed/implemented/operationalized a large-scale DDoS detection and defense system for DNS attacks, and researched the previously unrecognized threats posed by name collisions with the DNS. I am the former co-Chair and vice-Chair of ICANN's 2nd Security, Stability, and Resiliancy Review Team (SSR2 RT), which has now concluded our work.

Research Tools

As part of my past, present, and future research, I maintain a number of measurement sites and tools. For example, I have monitored, analyzed and produced research findings about DNSSEC for over 16 years (since shortly after it was standardized), and maintain an archive of these measurements and results at SecSpider. This is the longest running (and still active) monitoring and longitudinal tracking system of the global rollout of DNSSEC (it is currently 16 years old). Its longitudinal database has over 36.6 billion records in it, which date back to the very beginning of the DNSSEC global rollout. I am also the maintainer of libCanute, which is a programmatic API for a reference implementation for the DANE protocol suite (S/MIME, OPENPGP, and a few other components from DANE), my lab maintains a growing suite of open-source software at GMU-MSL. We also operate DANEportal.net and have implemented a proof of concept for securing end-to-end email, called Kurer.