Electrical Engineering and Computer Science

Security and Privacy

Security is a topic that affects all software systems. For example, network security and OS security are some of current topics under active investigation including prevention of host and network infection, detection and mitigation of malware. As another example, research in data privacy and security focuses on several specific problems: (1) Privacy-preserving data publishing: Many organizations (e.g., departments of public health) publish data for research purposes. In doing so, it is important to protect the identities of individuals, as well as other sensitive information. How can we do this, while maintaining the utility of the data for various kinds of research? (2) Fine-grained enterprise policy enforcement: Often, organizations develop expressive high-level policies governing access to their data. How can we enforce these policies efficiently at the level of the database?

The security group at the University of Michigan is active in a number of areas in computer and network security, along with related topics of privacy, and formal methods in security. In computer security, research activities include using virtual machines for building security services, security in mobile systems, and detection of insider attacks and spyware, and malware capture and analysis tools. In network security, research activities include measurements of attacks on the Internet, detection and dismantling of Botnets, and security of routing infrastructure. We also have a strong interest in the design of techniques to enhance user privacy. Work in this area includes privacy policy enforcement infrastructures for pervasive systems, database support for privacy-preserving queries, and privacy policy language design.

Faculty by Areas within Security

  • Network security: Farnam Jahanian, Morley Mao, Kang Shin
  • Computer systems security: Peter Chen, Peter Honeyman, Brian Noble, Atul Prakash
  • Software reliability and programming languages: Chandra Boyapati and Kang Shin
  • Database privacy and user privacy: Mark Ackerman, Kristen LeFevre, and Atul Prakash
  • Formal methods in security and cryptography: Kevin Compton, Yaoyun Shi, and Martin Strauss

Chen, Peter M.
Fu, Kevin
Halderman, J. Alex
Honeyman, Peter
Jahanian, Farnam
Madhyastha, Harsha
Mao, Zhuoqing Morley
Noble, Brian
Prakash, Atul
Shin, Kang G.

Affiliated Faculty
Ackerman, Mark
Compton, Kevin
Honeyman, Peter
Resnick, Paul
Shi, Yaoyun
Strauss, Martin

Related Labs, Centers, and Groups
Pervasive Computing Research at Michigan
RobustNet Research Group
Software Systems Laboratory
Virtual-machine based security services