Associate Research Professor Michael Bailey has been selected to receive the 2012 U-M Research Faculty Recognition Award from the Office of the Vice President for Research for the level and impact of his contributions in the security of complex distributed systems.
Prof. Bailey's research is focused on the security and availability of complex distributed systems. His work informs both the development of such systems as well as the sciences of computer security, network architecture and design, network protocols, and distributed systems. His work has been funded by the National Science Foundation, the Department of Homeland Security, the Department of Defense, the Beyster Foundation, and a number of commercial networking and security firms.
Prof. Bailey's early research focused on a scalable hybrid network monitoring architecture for measuring, characterizing, and tracking a broad spectrum of Internet threats. He was one of the architects of the Internet Motion Sensor (IMS), a collaborative research project which, at its peak, consisted of more than 60 distinct monitored blocks at over 25 organizations across the Internet and which was actively used by network operators to assure the availability and security of networked systems and applications.
His second area of contribution lies in the analysis of specific security threats – including worms, botnets, spam, covert channels, and malware – and networking phenomena – including ISP censorship, Internet routing and reachability, network anomaly detection, and Internet background radiation. One example of these research contributions is his research into the adversarial nature of attackers and defenders in today's networks. By building automatic methods for detection and classification of the tools these attackers use, he was able to successfully analyze large numbers of programs to understand their evolution and phylogeny, providing real and actionable intelligence to network operators and defenders. In addition, his work developed detailed taxonomies of the evasion techniques used by modern malware to avoid monitoring systems based on virtualization and debugger characteristics. As a result, he has demonstrated that a significant percentage of malware actively evades monitoring systems by exhibiting less malicious behavior.
Prof. Bailey has recently monitored the impact of the scarcity of Internet Protocol version 4 (IPv4) addresses and is currently monitoring the rollout of the next-generation Internet addressing protocol, IPv6.
Prof. Bailey is Co-Director of the Network and Security Research Group at the University of Michigan. He received his PhD in Computer Science and Engineering from Michigan in 2006 and joined the faculty as a Research Scientist in 2007. He has taught Distributed Systems (EECS 591) and served as a guest lecturer for many upper-level CS courses. Prior to U-M, he was the Director of Engineering at network security company Arbor Networks. In 2011, Prof. Bailey received the College of Engineering Kenneth M. Reese Outstanding Research Scientist Award. He is a Senior Member of the IEEE.
Posted: October 16, 2012