UTSA to open cyber-security research institute

Fred Chang came to UTSA last year promising to expand the university’s role in cyber-security research.

The University of Texas at San Antonio College of Business is rolling out a new cyber-security research institute that will be directed by Fred Chang, the AT&T Distinguished Chair in Infrastructure Assurance and Security.

The center, which will be interdisciplinary in nature, will conduct research in information assurance and security while fostering student involvement in research activity in the College of Business.

The center has already secured $300,000 in research funding and has established a partnership with Lockheed Martin. The center has also signed a research and development agreement with the 688th Air Force Information Operations Wing at Lackland Air Force Base.

Current research projects include countering malware, intrusion detection avoidance and digital forensic string search capabilities.

“Cyber security is one of the most pressing problems facing our nation today,” says Chang. “Approximately every one and a half seconds, a new piece of malicious software is released on the Internet. Through (the new center) we will develop innovative cyber-security research solutions to combat this problem.”

When Chang came to UTSA last year from Austin, it was understood that he would be charged with helping the school raise its profile in the fast-growing field of cyber security. College of Business Dean Lynda de la Viña says Chang would help solidify the college’s information assurance and security program as one of the premier information security programs in the country.

“(Chang’s) broad expertise and leadership in information assurance and cyber security will elevate the college’s research efforts and stimulate research activity with our junior faculty and doctoral students,” de la Viña says.

Chang previously served as the associate dean of information technology at the University of Texas at Austin’s College of Natural Sciences.

The new center will be comprised of two lab components: the Advanced Laboratories for Infrastructure Assurance and Security (ALIAS) and the Laboratory for Advanced Information Security Education and Research (LAISER). ALIAS consists of a 30-seat security computer classroom as well as a secure server area that supports faculty research in network intrusion detection, development of forensic search algorithms, security modeling and other areas.

LAISER, which is currently under development, will consist of two components: a UTSA CyberRange and a behavioral lab. The UTSA CyberRange will provide researchers with a large scale, self-contained, rapidly reconfigurable platform for the study of advanced information assurance issues. The behavioral lab will be used to research social-science issues in cyber security.
Applied research focus

Chang says the research at the new center will be a little different from that being done at the neighboring Center for Information Assurance and Security or CIAS. That center was established in 2001 and receives federal funds to work with public health authorities, police, fire, utilities and telecommunications entities to provide training and exercises so that they can have a coordinated response to a potential cyber attack.

“Our focus will be on applied research that is beneficial to the business community,” Chang says.

Chang has outlined several broad categories for the kind of research that will take place at the center. The first is what he calls digital forensics or developing techniques and procedures for cleaning up the aftermath of a cyber attack. It will entail finding out what bad things happened, what information was taken, how much damage was done and, ultimately, who did it.

The second area or research will look at various kinds of malware in a controlled environment to see how it spreads and to develop defensive methods for stopping it. Another area of research will look at the psychology of information security.

Oftentimes when a company has a very strong cyber-security policy, the weakest link becomes the human technicians who manage and operate it. If a malicious person is able to get a password by tricking an employee, that person will have successfully circumvented thousands of dollars invested into security hardware and software.

“I am predicting that we will see a big increase in attempts to circumvent the security measures that are being put in place,” Chang says.

Gary Barmore, a senior analyst with the 688th Air Force Information Operations Wing at Lackland Air Force Base, oversaw the agreement with the new cyber-security center at UTSA. He says the agreement is mutually beneficial and allows for the exchange of ideas and information without any exchange of funds.

“This is not a contract agreement,” Barmore says. “They don’t deliver products to us. But we do get to share data and benefit from one another’s research.”

Barmore would not specify the research or data that will be shared, noting that it involves intellectual property that must be protected. But he says it does involve questions of how to deal with malware and other topics of mutual interest.

“We will learn about the algorithms, techniques and capabilities that they come up with while having access to the data that we can supply,” Barmore says.

UTSA has been designated as a Center of Academic Excellence in Information Assurance Research by the National Security Agency and is one of only 47 institutions in the country to have that designation.

UTSA’s College of Business is one of the 40 largest business schools in the nation with 5,600 enrolled students.