Network Security

The goal of network security is to identify threats and prevent them from entering and spreading through the network. Effective network security requires a spectrum of measures, including hardware, software, policy and process.

Together, these elements protect the network itself, and everything connected to it, including data, from unauthorized access, misuse, and modification. From passive attacks like network “wiretapping” and traffic analysis to active ones, such as denial-of-service attacks, effective network security is critical. 

Examples of network security measures include access control, antivirus/antimalware software, behavioral analytics, data loss prevention, email security, firewalls, intrusion prevention security, network segmentation, security information and event management, web security and wireless security.

Below, meet UCI’s network security researchers, and a selection of research completed and underway, at UCI today.

Research Faculty​
Michael Franz

Chancellor's Professor of Computer Science

Michael Goodrich

Chancellor's Professor of Computer Science

Sam Malek

Associate Professor of Informatics

Athina Markopoulou

Associate Professor of Electrical Engineering & Computer Science

A Lee Swindlehurst

Professor Electrical Engineering & Computer Science

Gene Tsudik
Gene Tsudik

Chancellor's Professor of Computer Science

Selected Research & Publications

D.K. Song, F. Hetzelt, D. Das, Ch. Spensky, Y. Na, S. Volckaert, G. Vigna, Ch. Kruegel, J.-P. Seifert, and M. Franz; “PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary;” accepted for publication in 2019 Network and Distributed Systems Security Symposium (NDSS 2019), San Diego, California; February 2019. (89 papers accepted out of 521 submissions = 17%)

Hailun Tan, Gene Tsudik, Sanjay K. Jha:
MTRA: Multi-Tier randomized remote attestation in IoT networks. Computers & Security 81: 78-93 (2019)

Byron Hawkins, Brian Demsky:
ZenIDS: introspective intrusion detection for PHP applications. ICSE 2017: 232-243

Xavier CarpentNorrathep Rattanavipanon, Gene Tsudik:
Remote Attestation via Self-Measurement. ACM Trans. Design Autom. Electr. Syst. 24(1): 11:1-11:15 (2019)

Moreno AmbrosinAlberto CompagnoMauro ContiCesar Ghali, Gene Tsudik:
Security and Privacy Analysis of National Science Foundation Future Internet Architectures. IEEE Communications Surveys and Tutorials 20(2): 1418-1442 (2018)

Ivan Oliveira Nunes, Gene Tsudik:
KRB-CCN: Lightweight Authentication and Access Control for Private Content-Centric Networks. ACNS 2018: 598-615

Xavier Carpent, Gene Tsudik, Norrathep Rattanavipanon:
ERASMUS: Efficient remote attestation via self-measurement for unattended settings.DATE 2018: 1191-1194

Paolo Gasti, Gene Tsudik:
Content-Centric and Named-Data Networking Security: The Good, The Bad and The Rest. LANMAN 2018: 1-6

Ivan Oliveira Nunes, Gene Tsudik:
KRB-CCN: Lightweight Authentication & Access Control for Private Content-Centric Networks. CoRR abs/1804.03820 (2018)

Ivan MartinovicKasper Bonne RasmussenMarc Roeschlin, Gene Tsudik:
Authentication using pulse-response biometrics. Commun. ACM 60(2): 108-115 (2017)

Edith C. H. NgaiBörje Ohlman, Gene Tsudik, Ersin UzunMatthias WählischChristopher A. Wood:
Can We Make a Cake and Eat it Too? A Discussion of ICN Security and Privacy. Computer Communication Review 47(1): 49-54 (2017)

Cesar Ghali, Gene Tsudik, Christopher A. Wood:
When encryption is not enough: privacy attacks in content-centric networking. ICN 2017: 1-10

Xavier CarpentKarim El DefrawyNorrathep Rattanavipanon, Gene Tsudik:
Lightweight Swarm Attestation: A Tale of Two LISA-s. AsiaCCS 2017: 86-100

Zhangkai ZhangXuhua Ding, Gene Tsudik, Jinhua CuiZhoujun Li:
Presence Attestation: The Missing Link in Dynamic Trust Bootstrapping. ACM Conference on Computer and Communications Security 2017: 89-102

Alberto CompagnoMauro ContiDaniele Lain, Gene Tsudik:
Don’t Skype & Type!: Acoustic Eavesdropping in Voice-Over-IP.AsiaCCS 2017: 703-715

Karim EldefrawyNorrathep Rattanavipanon, Gene Tsudik:
FUsing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned. DSN Workshops 2017: 141-144

Cesar Ghali, Gene Tsudik, Ersin UzunChristopher A. Wood:
Closing the Floodgate with Stateless Content-Centric Networking.ICCCN 2017: 1-10

Mauro ContiGiulio LovisottoIvan Martinovic, Gene Tsudik:
FADEWICH: Fast Deauthentication Over the Wireless Channel. ICDCS2017: 2294-2301

Cesar Ghali, Gene Tsudik, Christopher A. Wood:
Mitigating On-Path Adversaries in Content-Centric Networks. LCN2017: 27-34

Ivan Oliveira Nunes, Gene Tsudik, Christopher A. Wood:
Namespace Tunnels in Content-Centric Networks. LCN 2017: 35-42