Dr. Bhavani Thuraisingham

Home

My Work

Cyber Security Institute

Dr. Bhavani with Colleagues and Students Cyber Security Institute 2018

Cyber Security Research and Education Institute 2004-2021

(Initial version prepared for the UT System Chancellor in 2020)

I am the founding executive director of the Cyber Security Research and Education Institute (CSI) UT Dallas. CSI was founded in October 2004 and I directed it until September 2021 for 17 years. Below I am providing the accomplishments during the 17 hear period. The current website of CSI is: Visit CSI Website

The link to an overview video presentation of CSI as of May 2020 can be found here: https://www.youtube.com/watch?v=H94mY9RkEAU&t=7s

Key Accomplishments

Differentiated Capability Area: Cyber Security, Data Science

Key Words: Data Science/AI and Security, Data Privacy, Malware Analysis, Hardware Security, Secure Software Defined Networks, Social Media Security and Analytics, Cryptography and Blockchain technologies, Secure Cyber Physical Systems and Industrial IoT Systems, Cyber Security Policy, Behavioral Aspects of Security, Risk Analysis for Cyber Security.

Mission: Explore new opportunities in interdisciplinary research, engage women and minority communities in cyber security programs, and build a strong cyber security workforce for government, industry and academia.

Key Differentiators:

  • NSA/DHS National Centers of Academic Excellence (CAE) in Cyber Defense Education and Research; first University in Texas to receive the NSA CAE in Cyber Operations.
  • Prestigious awards in Cyber Security including 100% success in NSF CAREER, Multiple DoD YIP (Young Investigator Program), DoD MURI, Multiple MRI/DURIP, Multiple NSF SFS (Scholarship for Service) Grants (2010, 2014, 2019), Multiple NSF Capacity Development Grants.
  • Multiple IEEE Fellows as well as Fellows of ACM, AAAS, IACR (International Association of Cryptographic Research) and NAI (National Academy of Inventors)
  • Multiple IEEE and ACM Awards, NSA Science of Security Best Paper Award, NSA Science of Security Lablet (Team Member), Multiple IBM Faculty Awards
  • Grants from several federal agencies including NSF, NSA, AFOSR, ARO, ONR, DARPA, IARPA, NASA, NIH, DHS, NIST, NASA, NGA
  • Strong industry collaboration including via NSF IUCRCs with Texas Instruments, IBM, Raytheon, Lockheed, Cisco and other companies.
  • Research publications in several top tier Cyber Security, Data Science and Artificial Intelligence (AI) Conferences and Journals (e.g., ACM CCS, IEEE S&P, ACM KDD, IEEE ICDM, AAAI, IJCAI).
  • Building World-class reputation on Integrating Cyber Security and Data Science/AI both in Cyber Security Research and Education.
  • Over $70M in Competitive Research Funding and Over $15M in Education Funding.

Examples of novel capabilities and recent contributions (Centers and Labs)

Major Research and Education Thrusts include the following: Secure Data Science; Active Malware Defense; Integrating Artificial Intelligence and Cyber Security; Machine Learning for Malware Analysis; Adversarial Machine Learning; Hardware and Embedded Systems Security; Secure Cyber Physical Systems and Industrial IoT Systems; Secure Software Defined Networks and Detecting DNS Attacks; Cryptography and Blockchain Technologies; Interdisciplinary Cyber Security Education; Centers for Women in Cyber Security and Women in Data Science. Courses offered include: Computer and Information Security, Data and Applications Security, Network Security, Software and Language Security, Hardware Security, Malware Analysis, Secure Cyber Physical Systems, Analyzing and Securing Social Media, Machine Learning and Security, Secure Cloud, Cryptography, and Digital Forensics. More details of the major thrusts are given below:

  • Secure Data Science Center including research and education in Big Data Security and Privacy, Secure Cloud Computing, Secure Social Media Analytics, Data and Applications Security and Privacy, and Big Data Analytics.

    POC: Profs. Murat Kantarcioglu, Latifur Khan, Bhavani Thuraisingham, Feng Chen.

    Secure Data Science Center

    Secure Cloud Computing

  • Active Malware Defense: Analysis of Reactively Adaptive Malware Detection: Developed novel algorithms to detect malware that change patterns as well as handle deception.

    POC: Prof. Kevin Hamlen Personal Website

  • Machine Learning for Malware Analysis: Adaptive machine learning techniques such as Support Vector Machine and Deep Learning to detect malware that also include detecting novel classes of malware.

    • POC: Prof. Latifur Khan Personal Website

  • Adversarial Machine Learning: Since the machine learning techniques could be attacked, developed adversarial machine learning techniques that learn the behavior of the adversary and adapt accordingly.

    POC: Prof. Murat Kantarcioglu Personal Website

  • Pattern Discovery and Machine Learning: Developing novel machine learning methods for scalable and accurate detection of anomalous or interesting patterns (e.g., events, frauds, knowledge patterns) in complex, massive, and high-dimensional datasets.

    • POC: Prof. Feng Chen Personal Website

  • Hardware Security: Techniques for detecting hardware security attacks including hardware Trojans; Trustworthy Embedded Systems.

    POC: Profs. Yiorgos Makris, Kanad Basu; Kaveh Shamsi,

    Profs. Yiorgos Makris&apos Personal Website

    Profs. Kanad Basu&aposs Personal Website

    Kaveh Shamsi&aposs Personal Website

  • ecure IoT and Cyber Physical Systems: Techniques for detecting malware in Industrial Internet of Things, Internet of Transportation Systems, Autonomous Vehicles and other related IoT and Control Systems.

    POC: Profs. Kangkook Jee, Chung Hwan Kim.

    Profs. Kangkook Jee&aposs Personal Website

    Profs. Chung Hwan Kim&aposs Personal Website

    S3 Lab

  • Secure Software Engineering: Research and education areas include mobile systems security, secure software testing and making program analysis practical for improving the security and reliability of real-world software.

    POC: Profs. Wei Yang and Shiyi Wei

    Profs. Wei Yang&aposs Personal Website

    Profs. Shiyi Wei&aposs Personal Website

  • Affiliated NSF Industry/University Cooperative Research Program Center (IUCRC)

    POC: Prof. Farokh Bastani Personal Website

  • Network Security Research and Education including in Secure Software Defined Networks, DNS Attack Detection, and Network Measurement.

    POC: Profs. Zygmunt Haas, Shuang Hao, Kamil Sarac.

    Profs. Zygmunt Haas&apos Personal Website

    Profs. Shuang Hao&aposs Personal Website

    Profs. Kamil Sarac&aposs Personal Website

  • Cryptography and Blockchain Technologies

    POC: Profs. Yvo Desmedt, Murat Kantarcioglu, Latifur Khan, and Bhavani Thuraisingham

    Profs. Yvo Desmedt&apos Personal Website

    Profs. Murat Kantarcioglu&aposs Personal Website

    Profs. Latifur Khan&aposs Personal Website

  • Outstanding Education Programs in Cyber Security that include a Masters Track in Cyber Security and an Interdisciplinary Maste's Degree Program in Cyber Security (one of a handful in the US – see also degrees offered)

    POC: Prof. Kamil Sarac

    Profs. Kamil Sarac&apos Personal Website

    Education Center

    New degree cybersecurity public policy

  • Extensive Outreach in Women in Cyber Security, Women in Data Science

    POCs: Profs. Bhavani Thuraisingham, Latifur Khan

    WIDS

    Women in data science

    Women in cybersecurity

  • Extensive Outreach with other schools at UTD on Interdisciplinary Research including School of Management (Risk Analysis), School of Economics, Policy and Political Science (Cyber Security Policy), School of Brain and Behavioral Sciences (Modeling the adversary) and School of Natural Sciences and Mathematics (Statistics) POCs: Profs. Murat Kantarcioglu, Latifur Khan, Alain Bensoussan, Jennifer Holmes, Patrick Brandt, Daniel Krawczyk, Julia Gel and Jonathan Bakdash (Army Research Lab).
  • Other members of the team include Dr. Neeraj Gupta who teaches the digital forensics course and Dr. Ebru Cankaya who teaches the Data and Applications Security course. The Institute also has extensive collaboration with the Center for Education Outreach and organizes summer programs for K-12 (e.g. GenCyber, Cyber Security Essentials).
  • CSI also offers a collaborative course across multiple cyber security centers in the US that is offered every semester. The students carry out experimental research projects with problems given by government agencies. The course is called: InSuRE: The Information Security Research and Education Project. CSI also hosts annual cyber security events for students in Texas and neighboring states and holds workshops. The events called TexSAW (Texas Security Awareness Week).

Degrees offered: (Sample) that I have helped to put together

  • Interdisciplinary Master's Degree in Cyber Security, Technology and Policy
  • Undergraduate Minor in Cyber Security
  • Certificates in Cyber Security (undergraduate and graduate certificates)
  • Master's track in Cyber Security (Information Assurance) for Computer Science
  • Master's track in Data Science
  • PhD in Computer Science with Thesis in Cyber Security
  • Plan: Interdisciplinary PhD in Data Science

Spin-off Companies:

Data Security Technologies LLC

POC: Murat Kantarcioglu www.datasectech.com

Data Security Technologies LLC's SecureDL system enables organizations to protect their sensitive data stored in NoSQL databases such as Hadoop, Spark, HBase etc. SecureDL is a data access broker built on top of existing NoSQL databases to enforce a wide range of access control, privacy and governance policies. For big data stored in NoSQL databases and data lakes, the SecureDL allows organizations to 1) enforce policies that control access to sensitive data, 2) keep necessary audit logs automatically for data governance and regulatory compliance, 3) sanitize and redact sensitive data on-the-fly based on the data sensitivity, 4) detect potentially unauthorized or anomalous access to sensitive data, 5) automatically create attribute-based access control policies based on data sensitivity and data type.

Knowledge and Security Analytics (KSA), LLC.

POC: Bhavani Thuraisingham and Latifur Khan http://www.knowledge-security.com/

KSA markets a system called InXite. It provides the capability for social media users (e.g., Twitter) to tweet about the various products being marketed and give their sentiments. These sentiments are analyzed by the system so that companies can market their products. It is also a multi-purpose system. The tweets can also be analyzed to determine national security threats to support Intelligence analysts as well as law enforcement officials. UT Dallas owns multiple patents upon which the research for the system is based on. The work was commended by the former director of NSF Dr. France Cordova. It also resulted in Dr. Thuraisingham being elected to the Fellow of the National Academy of Inventors.

History (October 2004 – September 2021):

Established and directed by Dr. Bhavani Thuraisingham, Founders Chair Professor of Computer Science and a Fellow of ACM, IEEE, AAAS and NAI, The University of Texas at Dallas (UTD) Cyber Security Research and Education Institute (CSI) has evolved over the past 17 years. Dr. Thuraisingham joined UTD in 2004 after a 24 year career including at Honeywell Inc. the MITRE Corporation and the National Science Foundation.

UTD was designated as an NSA/DHS National Center of Academic Excellence in Education in June 2004, and subsequently the Cyber Security Research Center was established in October 2004. Its research funding reached over $1M in Fall 2007. It became one of the first universities to be designated an NSA/DHS National Center of Academic Excellence in Information Assurance Research in 2008. CSI received a re-designation as an NSA National Center of Academic Excellence in Information Assurance/Cyber Defense Research and Education for academic years 2014 – 2021 and again 2021-2027. In 2015 it became the first university in Texas and the 14th in the US to receive NSA's highly prestigious National Center of Academic Excellence in Cyber Operations.

Since 2008, its funding has increased rapidly including several prestigious awards such as 100% success with NSF CAREER, multiple AFOSR YIPs, DoD MURI, and several large NSF and DoD grants and contracts. Between 2004 to 2021, CSI grew to around fifteen core professors in the Erik Jonsson School of Engineering and Computer Science and around 15 more in other schools across the university. The faculty conduct research in several aspects of cyber security and privacy ranging from hardware, software data and applications security to risk-based security, behavioral and societal aspects of security and cyber security policy. CSI has received over $70M in research and over $15M (by Fall 2021) in education funding from federal agencies and labs such as NSF, AFOSR, ONR, ARO, IARPA, DARPA, NGA, NASA, NIH, NIST, MITRE and Sandia as well as from corporations such as Raytheon, Nokia, Cisco, VMware, IBM, Intel and Lockheed Martin. The Institute also releases open source software tools for the research and development communities. The Institute conducts extensive interdisciplinary research including on risk and cost-based security. The team is also world-renowned for its interdisciplinary research integrating cyber security with social, behavioral and decision sciences, its research on integrating cyber security with data science/machine learning as well as its research on data privacy especially as it relates to healthcare and genomic applications. In addition, the US Air Force commended the team in a press release in 2010 on its international collaboration on cloud-centric assured information sharing with Kings College, University of London and the University of Insubria Italy.

Members of CSI routinely publish in top tier venues such as IEEE Security and Privacy Conference, ACM CCS, NDSS, Usenix Security, ACSAC, ACM KDD, IEEE ICDM, ACM SIGMOD, PVLDB, IEEE ICDE, CRYPTO and Eurocrypt. Members have obtained several US patents for their research and have founded start-up companies to commercialize their technologies. Members have also received several fellowships and awards including ACM Fellow, IEEE Fellow, AAAS Fellow, IACR Fellow and NAI Fellow as well as IBM Faculty awards and other prestigious awards from ACM and IEEE. CSI members frequently appear on DFW television discussing cyber security attacks as well as write for national newspapers including the New York Times and have participated in panels including those organized by Fortune Media. Their work has also appeared in prominent magazines including The Economist, New Scientist, and the Boston Globe. CSI has also hosted multiple NSF IUCRCs over the years ranging from Cloud Centric Information Systems to Hardware Security.

With the initial NSF $1.8M Scholarship for Service (SFS) award in September 2010, the Cyber Security Education Center was established in September 2010 and the team has continued to generate multiple NSF SFS awards as well as capacity development funds from NSF and the DoD. Furthermore, we established the annual TexSAW (Texas Security Awareness Week) conference in 2011 to educate and motivate not only our students in cyber security but also the students in Texas as well as in neighboring states. We have also participated in the multi-university INSuRE experimental research program since January 2015 that gives opportunities for our students to work on real world research problems. We also established multiple education programs including a Masters track in Information Assurance in the Computer Science Department in 2010 and an interdisciplinary Master's degree in Cyber Security Technology and Policy in 2019 jointly between the School of Economic, Political and Policy Sciences and the School of Engineering and Computer Science. With the GenCyber award from NSA/NSF to train high school students in cyber security during summer 2016, CSI established the Cyber Security Training and Outreach Center in September 2016. We have continued to teach summer courses to high school interns in recent years as well as offer professional development seminars to DFW industry as well as federal agencies such as the National Security Agency.

In addition to conducting breakthrough research and training students at all levels in cyber security theory and practice, CSI also carries out extensive outreach to educate women and minority communities by giving presentations at various events. Members of CSI co-chaired the Women in Cyber Security conference in March 2016 and subsequently established the Center for Engaging Women in Cyber Security. Since 2016 we have served as co-chair for WiCyS at Tucson and Chicago. We are also very active in Women in Data Science events and gave the featured address at Stanford University's Women in Data Science (WiDS) event and have hosted the annual WiDS Dallas event. Members are also active in events hosted by Women in Communications Engineering and Women in Services Computing. The team also actively recruits students from underrepresented minority communities including those from the African American, Hispanic American and the LGBTQ communities.

After directing the Institute for 17 years between October 2004 and September 2021, the leadership was transitioned to Dr. Kevin Hameln who joined the university in 2006 as an Assistant Professor after his PhD at Cornell University. The Institute will continue to conduct outstanding research, provide excellent education and carry out extensive outreach in cyber security to achieve its mission of being a national resource in cyber security.