In-House Research

The CIAG research team conducts numerous research projects internally with a member of the CIAG Research team serving as primary investigator. Quite a few of these projects, however, involve collaboration with people from across the industry and in academia. Research collaborators may include other companies, national laboratories, and other government organizations, academic institutions, nonprofit organizations, and individuals.

Research projects are chosen based on analysis of the needs of the sectors in critical infrastructure with a focus on generally accepted grand IT challenges that are relevant to the critical infrastructure.

Below is a list of projects CIAG Research has been conducting in-house.

Research Area	Project	Brief Description
Industrial Networking Security	SCADA Link Encryption Protocol	Development of an encryption protocol to ensure integrity and privacy of slow serial links used in gas field control system environments
	Honey Net for SCADA Environments	Simulation of a whole SCADA network, including the devices, protocols, and applications in a single Linux box, using multiple scripts
	Netfilter Extensions for Modbus/TCP	Development of a Linux 2.4.x Netfilter extension that permits filtering decisions (DROP, REJECT, etc.) based on application-layer values, allowing finer-grained access control for Modbus/TCP
	Secure Administrative Access in SCADA Networks	Development of mechanisms for securing administrative access to control systems devices in the field
Internet Infrastructures Security	Internet DNS Scanning	Analysis of the vulnerabilities in the DNS infrastructure, aimed at creating recommendations for improving its security posture
	IPv6 Security	Comprehensive comparison of the security aspects of IPv4 and IPv6, including tools for testing IPv6 vulnerabilities
	Malware Impact on Network Devices	Analysis and modeling of the collateral damage on network devices caused by malware attacks
Internet Routing Protocols Security	Route Validation Graphs for Interdomain Routing	Protocols proposed for securing interdomain routing by validating origin and path information against a reachability validation graph (RVG)
Internet Routing Protocols Security	BGP Attack Tree Development and Testing	Systematic study of Border Gateway Protocol (BGP) security vulnerabilities using attack tree methodology and resulting in BGP deployment best practices
Legal, Financial, and Operational Security	Common Vulnerability Scoring System (CVSS)	Creation of a unified framework for the scoring of vulnerabilities
Physical Cyber Security	Physical Security	Analysis of the security posture of various physical security systems and development of best practice countermeasures for physical security networks
Secure Coding Practices	Software Engineering Best Practices	Classification of protocol-related vulnerabilities and the corresponding engineering (design, implementation, and testing) countermeasures, with a goal of helping engineering teams avoid the errors that are the root causes of these vulnerabilities
	eRFC	Exploit-robust implementation of standardized protocols through formal methods-driven, unambiguous, and attack-intelligent specifications
	Security Evaluation of an IP-based Stack	Creation of a formal methodology for planning and evaluating the robustness of a TCP/IP stack
VoIP Security	SIP Security	Analysis of mechanisms to remove weaknesses in Session Initiation Protocol (SIP) response mechanism through introduction of identity and authentication paradigms
VoIP Security	VoIP Threat Identification	Analysis of potential threats to VoIP network security

Hierarchical Navigation

Research

Related Items