The East Stroudsburg University Computer Security Research Program is strong. With our Master of Science thesis option in Computer Science, graduate students are able to perform thesis level research. Further, with the Master of Science project option, graduate students are able to solve a less difficult research problem. Students have already used these options to help solve Computer Security research problems.
Research Areas in Computer Security
The following shows current faculty research projects, graduate students theses or projects under investigation, or projects or theses that have been completed.
Hierarchical Access Control for Web Applications:
Access controls were optimized for collaborative, hierarchal incident management scenarios. Also, techniques were developed to protect web applications from vulnerabilities that would enable attackers to bypass any access control system.
Search Technology for Cybercrime Investigations:
With thousands of computer files in a criminal investigation, where is the best place to find evidence? The method of Non-negative Matrix Factorization is used to help categorize evidence.
Facial Recognition Biometrics:
The analysis of a system using a fusion scheme with multiple wavelengths to help recognize an individual in outdoor use.
Information Leakage:
An analysis of data which leaves a local corporation to find evidence of covert channels.
A Collaborative Web Based Emergency Management System:
The development of a system to help handle and facilitate the collaboration needed during an incident. This system is designed to reduce the workload and minimize the strain on command center staff when handling an incident.
Video Steganography Analysis and Detection:
An effective steganalysis technique for digital videos based on a linear collusion attack.
DCT Steganography Detection:
Steganalysis for DCT Steganography embedded JPEG images through statistical observations measuring the difference between the Sum of Square Errors of Inter-Block Coefficients with the Intra-Block DCT Coefficients.
Automated Threat Recognition for Large Public Venues:
The application of leading-edge information technologies to preemptively identify emerging, time-sensitive, terrorist threats for large public venues (such as airports, train stations, malls, sporting arenas, schools, etc).
Cyber Fraud Data Warehouse:
The analysis of current steganographic techniques and the detection of data files where these techniques have been used.
Steganography:
The analysis of current steganographic techniques and the detection of data files where these techniques have been used.
Intellectual Property Protection:
The use of search engine techniques to find when intellectual property has been stolen.
Hand Geometry Biometrics:
The use of a new hand geometry system for the identification and authentication of individuals.
Multilevel Security in Linux:
The use of Linux to help implement a multilevel security system.
Honeynets:
Research and implementation of a methodology to gain knowledge on attackers by using a virtual network, firewall, and intrusion detection system.
The Insecurity of Wireless Networks:
An investigation into the implementation of attacks on wireless networks
Side-Channel Attacks:
An analysis of side-channel and timing attacks which can be implemented against common encryption algorithms and possible solutions.
Integrity Analysis of Web Sites:
The use of hashing techniques to establish the integrity of web sites.
Automated Firewall Decision Engine:
The development of a model to automatically select the best Firewall type (packet filtering, proxy-application, etc.) and preferred vendor based on a users security posture, policy and operational requirements,
A Study of Firewalls:
An Enterprise Security Strategy: A performance analysis of the “top six” firewalls.
Prime Number Verification Algorithms:
A study of some of the best prime number verification algorithms and their implementations.
A Parallel Algorithm for the Multidimensional Knapsack Problem:
An analysis of certain algorithms and their relative performance characteristics in solving the 1-dimensional 0/1 knapsack problem.
Study and Implementation of Digital Signatures and Zero Knowledge Proofs of Knowledge:
The implementation of Channel, a message-passing scheme with digital signatures, and the use of zero Knowledge proofs of knowledge for proper identification of one party to another.
A Parallel Algorithm for 0/1 Knapsack Problem:
A description of an algorithm which generates an optimal solution for the 0/1 integer knapsack problem on the hypercube computer.