Given the significant local and national attention paid to the area of cyber security, we are well positioned to grow the center.  Information assurance is commonly defined by the four goals of security, namely, “confidentiality, integrity, availability, and policy”. Most universities engaged in computer security research focus solely on technical issues. We take a truly multi-prong? approach, searching for both technical and political solutions to security problems. Thus, our program includes faculty from multiple departments, who are actively involved in several core research areas, including: 1) intrusion detection; 2) network security; 3) data privacy and security; 4) dependable systems and networks; 5) security policy and commerce; and 6) computer security education. This combination of technology, business issues, policy concerns, leadership, and ethics makes our program unique and will allow us to produce highly qualified researchers, educators and security workers. The faculty members associated with the center each have their own research programs with many of the projects focused on security. We are also in discussion with several groups, including the Iowa National Guard, about being able to perform classified work.  That ability would enable us to work with the national labs, as well as several defense contractors, thus greatly expanding our research program.

We have numerous opportunities to grow the research portfolio and we have seen a marked increase in the number and size of federal funding opportunities and of proposals submitted by our faculty in security.   In order to accomplish the funding goals, we have identified several core research thrust areas, in which teams of faculty will collaborate on projects and proposals.

Research Thrust Areas:

Securing Systems

This thrust area focuses on the security of systems that are becoming more reliant on cyber to operate.  Research in this area uses both the system properties and principles of cyber security to create CPS systems (CPS, Cyber Resilience, autonomous systems) that are resilient  to cyber attacks  . Software systems are secured with program and compiler level analysis, monitoring, and transformations to establish both static and dynamic desirable properties.

Securing Things

This thrust area focuses on the security of networked devices.  Almost all computing and embedded devices are networked in the modern era. This includes low resource and power constrained internet of things to high power data center computing racks. Security solutions at architecture and hardware level include hardware roots of trust, virtualization support, and security against physical side channels.

Securing Data

This thrust area focuses on using data for enhancing security as well as enhancing the security and privacy of data.  In particular, one direction is to build secure and privacy-preserving systems via learning from system-generated historical data through big data analytics.  The other direction is to design secure and privacy-preserving data processing pipelines, through integrating techniques from multiple disciplines such as access control, system design, applied cryptography, and statistical privacy.

Securing People

This thrust area focuses on securing the people through methods like education, usable security, and authentication.

Research Testbeds:

ISEAGE – Internet-Scale Event & Attack Generation Environment

The Internet-Scale Event and Attack Generation Environment (ISEAGE) (pronounced “ice age”) has been developed by the Iowa State University Information Assurance Center. The goal of ISEAGE is to provide a world-class research and education facility to enhance the current state of the art in information assurance research, testing, and training. ISEAGE is a cluster of nodes which are capable of simulating an arbitrary, reconfigurable, static routing topology that is abstracted away from the physical hardware. ISEAGE provides an environment in which tools can violate logistical constraints to simulate internet-scale events and attacks.

Research Areas:

  • Artificial Intelligence and Data Mining
  • Cryptography
  • Forensics
  • Foreign Policy
  • Identity Theft
  • Intrusion Detection
  • Information/Cyber Warfare
  • Network Modeling
  • Wireless Communications

If you have something to add to this list, please contact