My interests in research mostly involve the topics of computer security and privacy. More specifically, I enjoy studying computer security from a systems perspective and am interested in exploring how security can be improved in cloud computing environments and cyber-physical systems. My goal is to improve the design of security in these domains to be more dynamic to better accommodate the challenges and shortcomings currently in these areas. Below are a few of the research opportunities that I have been a part of.
University of Kansas - Graduate Research Assistant
DevOps Tools – Service Meshes
My primary research project is the investigation, design and implementation of dynamic security designs for service mesh tools. As a part of this study, I have been designing and implementing a proof-of-concept service mesh that allows for automated migration of security artifacts from one state to another. By allowing for the automated rotation of security artifacts across a service mesh, it is possible to refresh the certificates and keys within a cluster without the need for redeployment across the cluster. This dynamic security solution provides a more accommodating security method for a highly dynamic area such as microservice architectures in cloud computing environments. In additon to this project, I have previously investigated the security of state-of-art service mesh tools and analyzed the protections that these tools provide, both in the ideal case where security mechansims are fully implemented and utilized, but also in the default configuration of the tools. This initial study of service mesh security resulted in a publication in SecureComm 2020.
Cyber-Physical Systems – Power Grid
Aside from service mesh tools and cloud computing, I was previously involved in a study that investigated the security and privacy implications of consumer-grade solar panel arrays that are connected to the Internet and may be monitored and controlled via a web-interface. This effort resulted in a publication in IEEE Access in 2020.
Network Security – SSH Vulnerability Measurement Study
During the beginning of my graduate studies at the University of Kansas, I was invovled in a research effort involving password-based authentication vulnerabilities within the implementation of SSH. As a part of this effort, we measured the prevalence of SSH-based authentication in SSH servers on the public-facing internet. This effort resulted in a publication within IEEE ICC (International Conference on Communications) in 2020. Dr. Alex Bardas serves as my doctoral advisor and committee chair.
Kansas State University (Manhattan, KS) - Undergraduate Research Assistant
As a part of my undergraduate career at Kansas State University, I was involved in a number of research groups and efforts. My first experience was as a part of eyeDNS alongside my now graduate advisor Dr. Alex Bardas, a campus monitoring and visualization system. This effort resulted in a publication in the IEEE Internet Communications Conference 2018. My senior year, I was involved in two research efforts on campus. The first was with Dr. Arslan Munir as a part of the ISCAAS lab. During this research effort, I studied the security and privacy issues of Intelligent Transportation Systems (ITS), as well as the security and privacy issues of contemporary consumer electronics devices. Both of these projects resulted in submissions to the IEEE Intelligent Transportation Systems Magazine (ITSM) and the IEEE Consumer Electronics (CEM) respectively. Lastly, as part of a senior capstone project, I participated in the development and establishment of the Autonomous and Hybrid Energy Systems (AHES) Research Lab. This project was supervised by Dr. George Amariucai of the Department of Computer Science and Dr. Mohammad Shadmand of the Department of Electrical and Computer Engineering. The focus of this project was to establish a foundation for future research within security and privacy of smart grid systems. As a part of this effort, I helped to develop a cyber security testbed for the lab that could be used to test new equipment and techniques used by energy utilities to secure their systems in the real world.
Argonne National Laboratory (Lemont, IL) - Cyber Operations, Analysis, and Research Intern
While at Argonne National Laboratory, I was part of a group that was studying the impacts and effectiveness of Moving Target Defenses (MTDs). I conducted a review of the state-of-art practices in the research community dealing with MTDs and helped in the development of new MTD technologies. Specifically, I worked on the MORE MTD project attempting to develop a measurement technique to classify and categorize MTD technologies according to effectiveness.
Pacific Northwest National Laboratory (Richland, WA) - Cyber Security Operations Intern
During the Summer of 2016, I served my first internship at Pacific Northwest National Laboratory. I was part of a team developing and implementing tools to be used to defend the National Laboratory system. As a part of this, I worked alongside other cyber security operations specialists and helped maintain the existing systems while also developing new systems. My project during the summer was to create a small-scale replica of the core components of the existing system at Pacific Northwest National Laboratory that could be deployed at smaller satellite offices around the nation.