Professor of Computer Science at UCI Donald Bren School of Information and Computer Sciences
Researcher Spotlight: Ian Harris
What brought you to UCI?
I came to UCI because it’s in California and I wanted to work with the people here. I was already familiar with several UCI researchers, including Professor Dan Gajski who has since retired, and many of the group was known for embedded systems research. Embedded systems is basically IoT before the term IoT was coined.
What is your major focus area as a researcher, and why?
My major focus is the design and security of IoT systems. I have a strong background in digital hardware design in addition to low-level software development. That gives me an advantage in IoT systems which involve both hardware and software components. I was also a testing person in a previous research life and testing is closely related to security.
In one sentence, what is the most important question you want to address?
How do we secure IoT systems in a cost-effective way?
What has been (or will be) the impact of your research?
I’ve developed several hardware-based security approaches for IoT systems, including using the debug port of a processor to detect malware execution. I’ve developed methods to guarantee security of IoT networks, specifically Bluetooth Low Energy (BLE) networks. I’ve developed approaches to detect social engineering scams using natural language processing to understand the intent of sentences spoken by an attacker.
What is innovative about your research?
I try to make sure that all of my IoT security research is grounded in reality, so I evaluate it using real systems, not simulations. I also use Natural Language Processing to support security in the detection of social engineering scams.
What papers do you have coming through in the next year?
I expect to publish a paper on a new approach to reverse engineering malware executables which defeats code obfuscation techniques. I expect to publish the results of a study on the susceptibility of students to phone scams. We will publish the scams that we used so that other researchers can have a set of realistic scams to use for learning and evaluation.