This list provides an introduction to our past projects as well as ongoing efforts. Links to specific project webpages are provided.

Network Security & Survivability

SOS: Secure Overlay Services
SOS and WebSOS. SOS is a network overlay mechansim designed to counter the threats posed by Denial of Service attacks. SOS has been extended to provide WebSOS, a mechanism for protecting web servers from DoS.
DNAD: Distributed Network Anomaly Detection
Distributed Intrusion Detection seeks to identify global network threats through a cooperative framework and collaborative distributed mechanisms.
P2PID: Peer-to-Peer Intrusion Detection
P2P Intrusion Detection seeks to provide a platform for exchanging alert and other security critical information in a collaborative network of untrusted hosts.

Software & System Assurance

Autonomic Software Patching
The network worm vaccine architecture is a system that is designed to automatically patch and defend systems and networks under attack by worms or other network threats.
JDBC SQL Randomization (PachyRand)
PachyRand is an open-source extension to the PostgreSQL JDBC driver that implements SQL randomization in order to counter SQL injection attacks.
ASSURE: Automatic Software Self-healing Using REscue points
ASSURE is a system that introduces rescue points to recover software from unknown faults, while maintaining both system integrity and availability, by mimicking system behavior under known error conditions.

Operating Systems

The FlowOS project turns the operating system into a switch or signalling mechanism for data the needs to be processed at high (line) speed.
CamouflageFS is a cryptographic filesystem that employs a longer effective key length to increase confidentiality while reducing the performance cost of using this longer key.

Access Control & Security Management

The GRIDLOCK project aims to ease the burden of security management by unifying the concepts of network, host, and application access control.