UC Davis Computer Security Lab Projects

Current Projects
	Balancing Privacy and Analysis in Data Sanitization
	Vulnerabilities Analysis
	Secure Programming Clinic




Previous Projects
	ICMP Traceback for DDoS
	Policy Analysis and Generation for IPSec/VPN
	Truthsayer
	Mobile Code Security
	E-Commerce Cryptographic Protocols
	Using Untrusted Domains for Computations
	Managing Computer Networks to Respond Rapidly to Threats
	Automated Analysis of Vulnerabilities
	Trust Models in Collaborative Systems
	Anomaly Detection in Database Systems (NSA)
	The Ariel Project (DARPA)
	ITR: A Semantic-Based Approach for Automated Response to Attacks (NSF/ITR)
	ITR: Automatic Consistency Checking for IPSec/VPN Security Policy (NSF/ITR)
	Intrusion Detection Analysis Project (Promia, Inc.)
	Mathematical Modeling of Deception (Sandia)
	Model Based Scenario Intrusion Correlation (NSA)
	MURI Protocol Research (UCSB)
	Property-Based Testing to Verify an Environment (NASA/JPL)
	Intrusion Detection for Mobile Ad Hoc Networks (Telcordia)
	Environment-Aware Security System (NetSquared)
	Verification of Security Run-Time Verification System (NSF/NASA)
	Testing & Benchmarking Methodologies for Future Network Security Mechanisms (NSF/NRT)
	Balancing Privacy and Analysis in Data Sanitization (NSF/TC)
	Security Analysis and Re-engineering of Databases (NSF)
	Sandbox System Call API for Linux
	AWB: Audit Workbench (NSA)
	Authentications in a Distributed Intrusion Detection System (Trident)
	Audit Reduction and Compression (NSA)
	Boeing Response Project (Boeing, DARPA)
	CMAD IV: Computer Misuse & Anomaly Detection Proceedings of the UC Davis conference held in Monterey, California from November 12-14, 1996
	Common Intrusion Detection Framework (CIDF) UC Davis participates extensively in this effort to define a common standard so that Intrusion Detection Systems can work together by sharing data.
	A Compositional Optimum Network Sensor Utilization System (CONSensUS) (DARPA)
	Denial of Service (Microsoft)
	Denial of Service in the Infrastructure (NASA Ames)
	From Generic Policies to Enforcement Rules (NSA)
	Global Guard Project: A Protection Architecture for Survivability of Large-Scale, High-Confidence Information Networks (DARPA)
	Hierarchical Adaptive for Qos Intrusion Tolerance (HACQIT) (Teknowledge Corporation)
	History of Computer Security (University of Maryland)
	Inference Detection in Database Systems (NSA)
	Intel Project (Intel)
	Intrusion Detection and Isolation Protocol / IDIP (DARPA)
	Intrusion Detection for Large Networks (DARPA) We are studying intrusion detection techniques that scale to very large networks. Our main effort has been a prototype called the Graph-based Intrusion Detection System (GrIDS).
	Misuse Detection (ORD)
	Models for Testing Intrusion Detection Systems (NSA)
	Network Router Auditing (NSA)
	Policy Research Group
	System Health & Intrusion Monitoring (SHIM): A New Approach to Triggering Intrusion Tolerant Mechanisms (Network Associates, Inc.)
	Virus (LLNL)
	Distributed Intrusion Detection System (USAF/LLNL)
	Vulnerabilities (HP, Intel, Net Squared)
	Workshop for Intrusion Detection and Response Data Sharing (SANS Institute)
Associated Labs
	Networks
	Database and Information Systems Group
	Parallel and Distributed Computing
	Verification

Politically Correct Virus: Doesn't refer to itself as a virus—instead, refers to itself as an "electronic microorganism."— Mark Kaye

Current Projects

Previous Projects

Associated Labs