Research Areas

We research a wide range of cybersecurity topics spanning from network measurement and traffic analysis, network security, to testbeds for security and others. We study ways to improve technologies and skills of security teams. We build systems and prototypes, and much of the research is grounded in operational deployment.

Network Measurement and Traffic Analysis

We aim to reliably measure and analyze network data to understand current and emerging threats. We research ways to generate, collect and analyze large volumes of data in ever-evolving networks. We develop, deploy and operate a state of the art infrastructure for network measurement and traffic analysis to gain cyber situational awareness.

Network Security

We focus on technologies enabling security analyses over big data. We research mechanisms for efficient operation of security teams through data acquisition, collaborative analysis, information sharing, and automated decision support. We develop methods for automation of sophisticated network attacks and focus on their large-scale simulations and evaluation.

Testbeds for Security

We aim at building knowledge of new cyber threats and training in correct and timely responses to them. We research innovative methods for learning cutting-edge cybersecurity skills. We develop virtualized, controlled and monitored environments to provide complex simulations of cyber systems and networks.

List of some of our research  topics:

  • Cyber situational awareness and threat analysis
  • Adaptive attack strategies
  • Digital forensics
  • Identity management
  • Active learning in cyber security
  • Similarity-based network anomaly detection
  • Early detection and mitigation of network attacks
  • Host trustworthiness estimation
  • Cyber situational awareness and threat analysis
  • Game-theoretic approaches in adaptive network defense
  • Event-driven security monitoring and situational awareness
  • Next generation application-aware flow monitoring
  • Data Visualization in Cyber Security
  • In-depth exploration of interactions within cybersecurity systems
  • Advanced threat analysis and response to sophisticated cyber  attacks