SEFCOM is dedicated to improving society through innovative research projects, assurable development, and hands-on training programs in the areas of cyberspace security and defense security. Our research interests include identity management and access control, formal models for computer security, network and distributed systems security including mobile and cloud computing, vulnerability and risk assessment and cyber crime analysis among others.
We aim to tackle security concerns wherever they may appear, be it web, mobile, network, or hardware. Browsing the SEFCOM publications will provide a deeper understanding of our interests.
Vulnerability analysis is the art and science of finding vulnerabilities in software. While experts can find vulnerabilities by examining source code or interacting with an application, human experts are expensive and do not scale. The goal in this research area is to automate the vulnerability analysis process as possible, in essence to put the intelligence of a hacker into an automated program. In this way, everyone can benefit by running these tools against their own applications to gain some level of assurance about their software.
The web has fundamentally changed how we interact and communicate. However, the technologies underpinning the web evolved organically, and they were created without concern to potential security implications. I am interested in all aspects of web security, particularly in trying to find new way to attack security or privacy on the web, so that we can fix these problems, and ultimately enjoy a safe web.