Research Seminar Series
OCCoE’s Research Seminar Series is a semi-monthly virtual event showcasing innovative cybersecurity research taking place at each of our partnering institutions.
Dr. Chris Misa - April 4 2025
Dr. Chris Misa - April 4 2025
Increased reliance on Internet-connected services leads to two opposing problems. On the one hand, malicious adversaries can leverage an increasingly large number of avenues of attack to inflict harms on a large number of users. On the other hand, defensive security professionals must sift through an increasingly large volume of high-velocity network traffic (most of which is likely benign) in order to detect and mitigate malicious actions. Programmable switch hardware (such as Intel Tofino or Broadcom Trident 4 ASICs) are poised to tip the scales toward the defender's side by enabling high-efficiency real-time detection of malicious traffic. However, effectively achieving this goal requires addressing several key challenges that stem from limits in the hardware's model of computation as well as the complex structure of real-world network traffic.
This presentation will provide a window into the capabilities and limitations of programmable switch hardware, the potential of these capabilities to improve a defender's ability to quickly and efficiently detect malicious traffic, key research questions in this space tackled by our group at the UO, and several open questions for future consideration.
How to Leverage the Capabilities of Programmable Switch Hardware for Efficient Real-Time Detection of MaliciousTraffic
Dr. Houssam Abbas - May 2, 2025
Dr. Houssam Abbas - May 2, 2025
We present an opportunistic method to commandeer already-flying UAVs for herding malfunctioning UAVs to safety. Malfunctioning UAVs, which deviate from their path due to a planning or a communication failure, pose a safety risk, and it is important to develop methods for mitigating that risk in various circumstances. Here we focus on the case when the Defender (e.g. the airport authority or provider of service) cannot deploy its own UAVs, and taking down the malfunctioning UAV poses an unacceptable risk to people on the ground. In such a case, we propose that the Defender commandeer other flying UAVs to herd the malfunctioning UAV to safety by temporarily spoofing their state estimate. Leveraging Remote ID (a new FAA requirement for UAVs) and existing methods for spoofing effectively guiding malfunctioning UAVs away from restricted airspace or sensitive zones. Our results, validated through extensive simulations (studying multiple herder and target configurations) and small-scale real-world experiments, demonstrate the efficacy of our approach in mitigating UAV intrusion incidents and enhancing airspace security.
OUT-HERD: Opportunistic UAV Takeover for Herding Malfunctioning Drones
Dr. Primal Pappachan - June 6, 2025
Dr. Primal Pappachan - June 6, 2025
With modern data domains and more stringent privacy regulations, the need for robust data protection is more critical than ever in data management systems. In this talk, I will introduce the challenges of incorporating policy-awareness in data management systems through fine-grained access control (FGAC) policies. Particularly, I will present our ongoing research on efficiently enforcing FGAC policies at scale in databases at the time of answering queries under different workloads. Next, I will introduce an inference attack that exploits data dependencies to leak data that is protected by access control. To mitigate such attacks, I will present our approach for enhancing privacy by selectively hiding a minimal number of additional data cells to prevent inferences, while preserving data utility. Finally, I will provide a brief overview of other ongoing works in the DIPr Lab aimed at embedding privacy-consciousness and policy-awareness more deeply into various data management systems.