网络安全领域实验室(更新中...)

1.Dependable and Secure Distributed Systems Lab

The Dependableand Secure Distributed Systems Laboratory (DS2) at Purdue University focuses ondesigning distributed systems, networks and applications that are dependableand secure, while maintaining acceptable levels of performance. The workconducted within the lab explores how cryptographic protocols can be used todesign distributed systems that are resilient to a wide-range of attacks. Ofparticular interest is the research of systems and network protocols operatingunder a Byzantine adversarial model. Such systems are often referred asintrusion-tolerant systems, since their approach is not to detect intruders,but rather guarantee correct service in spite of compromised participants.

Research areasof interest include:

designingscalable architectures for dependable and secure network protocols, anddistributed services

investigateauthentication and authorization of users, systems, and applications

defining attackmodels for intrusion tolerance

investigatingfault-tolerance and security for new technologies such as ad hoc networks,cellular networks, hybrid networks, as well as pervasive systems.

Homepage：http://projects.cerias.purdue.edu/ds2/index.html

 

2. MobileAd-Hoc Network (MANET) and Sensor Network Security

In 2006, ourresearch team released an updated open source implementation of mLab, a MobileAd Hoc Network (MANET) test bed. This test bed allows researchers theopportunity to validate ad hoc networking theories and simulations in practice,to test simulation assumptions, and to discover practical problems facing adhoc network users and developers alike. The mLab tool allows users to createarbitrary network topologies and traffic scenarios in order to performreal-time performance measurements of routing protocols. By changing thelogical topology of the network, mLab users can conduct tests in an ad hocnetwork without having to physically move the nodes in the ad hoc network. Thetool allows users to replay different mobility scenarios, captures wirelesstraffic for further analysis, and helps perform specification-based intrusiondetection. The research team has published and presented the results at sixinternational conferences.

A number ofIntrusion Detection System (IDS) techniques for MANETs have been proposed inthe research literature. These techniques include trust building andcluster-based voting schemes, host-based watchdogs, and finite state machinesfor specifying correct routing behavior. Comparing and evaluating theeffectiveness of these IDS techniques has been hindered by the limited numberof large-scale MANET deployments, the lack of publicly available network tracesof actual MANET traffic, and the difficulty in defining typical application andmobility scenarios. Network simulation tools have allowed researchers to studyMANET IDSs without purchasing mobile nodes or conducting costly andtime-consuming field trial tests. These simulations, however, have beenconducted using widely varying assumptions on background network traffic,mobility, previous security associations, and the type of malicious networkactivity. In 2007, our research team will be using the mLab test bed to createpublicly available MANET network traces. These network traces will allow abroader range of researchers to compare the effectiveness of different MANETIDS techniques on the same data set, and conduct cost-effective and time-savingoffline experiments with new IDS techniques without requiring expensivehardware.

Homepage: http://csrc.nist.gov/groups/SNS/manet/index.html

 

3.VITRO

The VITROproject aims at developing architectures, algorithms and engineering methodswhich constitute an integrated solution regarding all the aforementionedtopics. In other words, the VITRO project will federate unprecedented designapproaches across involved layers, with the purpose of having the system designat the core of smart home, building automation and industrial control &monitoring applications. The VITRO toolbox will provide all the means to meetthe stringent demands of the latter applications, with respect to zero-outage(robustness), instant-response (hard-delay), green operation (energyefficiency) and adaptability (context-awareness). The VITRO platform willfacilitate distribution of the processing, storage and communication resources,as well as seamless network-centric computing/sensing and data aggregation.Abstractions to enable (re)programming and remote access to the heterogeneousnetworked smart objects of different Administrative Domains will be provided.Moreover, VITRO will evaluate the trade-offs between distributed processing andcommunications overheads, while hiding the complexity of collaborative objectsand thus contribute to better dependability, security and energy efficiency.

Homepage：http://www.vitro-fp7.eu/?q=node/4

 

4.The Rice University Monarch Project

The MonarchProject in the Department of Computer Science at Rice University addresses thearea of networking support for wireless and mobile hosts. We are developingnetworking protocols and protocol interfaces to allow truly seamless wirelessand mobile host networking. The scope of our research includes protocol design,implementation, performance evaluation, and usage-based validation, spanningareas ranging roughly from portions of the ISO Data Link layer (layer 2)through the Presentation layer (layer 6). The goal of this work is to enablemobile hosts to communicate with each other and with stationary or wired hosts,transparently and adaptively making the most efficient use of the best networkconnectivity available to the mobile host at any time.

The name"Monarch" derives from the migratory behavior of the monarchbutterfly. Each autumn, millions of monarch butterflies migrate from centraland eastern United States and Canada to overwintering roosts in central Mexico;with the coming of spring, the monarch population again migrates northward.During migration, they may cover 80 miles or more per day. The name"Monarch" can also be considered as an acronym for "MobileNetworking Architectures".

Homepage: http://www.monarch.cs.rice.edu/