Satish Narayanasamy

By |

Satish Narayanasamy, Ph.D., is Associate Professor in the Electrical Engineering and Computer Science department in the College of Engineering at the University of Michigan, Ann Arbor. Satish’s interests are working at the intersection of computer architecture, software systems and program analysis. His current interests include concurrency, security, customized architectures and tools for mobile and web applications, machine learning assisted program analysis, and tools for teaching at scale.

Z. Morley Mao

By |

Z. Morley Mao, PhD, is Professor of Electrical Engineering and Computer Science, College of Engineering, at the University of Michigan, Ann Arbor campus.

Suleyman Uludag

By |

My research spans security, privacy, and optimization of data collection particularly as applied to the Smart Grid, an augmented and enhanced paradigm for the conventional power grid. I am particularly interested in optimization approaches that take a notion of security and/or privacy into the modeling explicitly. At the intersection of the Intelligent Transportation Systems, Smart Grid, and Smart Cities, I am interested in data privacy and energy usage in smart parking lots. Protection of data and availability, especially under assault through a Denial-of-Service attacks, represents another dimension of my area of research interests. I am working on developing data privacy-aware bidding applications for the Smart Grid Demand Response systems without relying on trusted third parties. Finally, I am interested in educational and pedagogical research about teaching computer science, Smart Grid, cyber security, and data privacy.

This figure shows the data collection model I used in developing a practical and secure Machine-to-Machine data collection protocol for the Smart Grid.

This figure shows the data collection model I used in developing a practical and secure
Machine-to-Machine data collection protocol for the Smart Grid.

Mingyan Liu

By |

Mingyan Liu, PhD, is Professor of Electrical Engineering and Computer Science, College of Engineering, at the University of Michigan, Ann Arbor.

Prof. Liu’s research interest lies in optimal resource allocation, sequential decision theory, online and machine learning, performance modeling, analysis, and design of large-scale, decentralized, stochastic and networked systems, using tools including stochastic control, optimization, game theory and mechanism design. Her most recent research activities involve sequential learning, modeling and mining of large scale Internet measurement data concerning cyber security, and incentive mechanisms for inter-dependent security games. Within this context, her research group is actively working on the following directions.

1. Cyber security incident forecast. The goal is to predict an organization’s likelihood of having a cyber security incident in the near future using a variety of externally collected Internet measurement data, some of which capture active maliciousness (e.g., spam and phishing/malware activities) while others capture more latent factors (e.g., misconfiguration and mismanagement). While machine learning techniques have been extensively used for detection in the cyber security literature, using them for prediction has rarely been done. This is the first study on the prediction of broad categories of security incidents on an organizational level. Our work to date shows that with the right choice of feature set, highly accurate predictions can be achieved with a forecasting window of 6-12 months. Given the increasing amount of high profile security incidents (Target, Home Depot, JP Morgan Chase, and Anthem, just to name a few) and the amount of social and economic cost they inflict, this work will have a major impact on cyber security risk management.

2. Detect propagation in temporal data and its application to identifying phishing activities. Phishing activities propagate from one network to another in a highly regular fashion, a phenomenon known as fast-flux, though how the destination networks are chosen by the malicious campaign remains unknown. An interesting challenge arises as to whether one can use community detection methods to automatically extract those networks involved in a single phishing campaign; the ability to do so would be critical to forensic analysis. While there have been many results on detecting communities defined as subsets of relatively strongly connected entities, the phishing activity exhibits a unique propagating property that is better captured using an epidemic model. By using a combination of epidemic modeling and regression we can identify this type of propagating community with reasonable accuracy; we are working on alternative methods as well.

3. Data-driven modeling of organizational and end-user security posture. We are working to build models that accurately capture the cyber security postures of end-users as well as organizations, using large quantities of Internet measurement data. One domain is on how software vendors disclose security vulnerabilities in their products, how they deploy software upgrades and patches, and in turn, how end users install these patches; all these elements combined lead to a better understanding of the overall state of vulnerability of a given machine and how that relates to user behaviors. Another domain concerns the interconnectedness of today’s Internet which implies that what we see from one network is inevitably related to others. We use this connection to gain better insight into the conditions of not just a single network viewed in isolation, but multiple networks viewed together.

A predictive analytics approach to forecasting cyber security incidents. We start from Internet-scale measurement on the security postures of network entities. We also collect security incident reports to use as labels in a supervised learning framework. The collected data then goes through extensive processing and domain-specific feature extraction. Features are then used to train a classifier that generates predictions when we input new features, on the likelihood of a future incident for the entity associated with the input features. We are also actively seeking to understand the causal relationship among different features and the security interdependence among different network entities. Lastly, risk prediction helps us design better incentive mechanisms which is another facet of our research in this domain.

A predictive analytics approach to forecasting cyber security incidents. We start from Internet-scale measurement on the security postures of network entities. We also collect security incident reports to use as labels in a supervised learning framework. The collected data then goes through extensive processing and domain-specific feature extraction. Features are then used to train a classifier that generates predictions when we input new features, on the likelihood of a future incident for the entity associated with the input features. We are also actively seeking to understand the causal relationship among different features and the security interdependence among different network entities. Lastly, risk prediction helps us design better incentive mechanisms which is another facet of our research in this domain.

Muzammil M. Hussain

By |

Muzammil M. Hussain is an Assistant Professor of Communication Studies, and Faculty Associate in the Institute for Social Research at the University of Michigan. Dr. Hussain’s interdisciplinary research is at the intersections of global communication, comparative politics, and complexity studies. At Michigan, Professor Hussain teaches courses on research methods, digital politics, and global innovation. His published books include “Democracy’s Fourth Wave? Digital Media and the Arab Spring” (Oxford University Press, 2013), a cross-national comparative study of how digital media and information technologies have supported the opening-up of closed societies in the MENA, and “State Power 2.0: Authoritarian Entrenchment and Political Engagement Worldwide” (Ashgate Publishing, 2013), an international collection detailing how governments, both democracies and dictatorships, are working to close-down digital systems and environments around the world. He has authored numerous research articles, book chapters, and industry reports examining global ICT politics, innovation, and policy, including pieces in The Journal of Democracy, The Journal of International Affairs, The Brookings Institutions™ Issues in Technology and Innovation, The InterMedia Institute™s Development Research Series, International Studies Review, International Journal of Middle East Affairs, The Communication Review, Policy and Internet, and Journalism: Theory, Practice, and Criticism. His website is mmhussain.net, and he tweets from @m_m_hussain