| |
Research Interests
Computer networks and
distributed systems, with focuses on security issues, including
computer and network forensics, wireless and sensor network
security, privacy-enhancing technologies for the Internet, and
secure real-time computing and communication.
Research Background
I am an Associate Professor in
Electrical and
Computer Engineering at Iowa
State University and am affiliated with the Iowa State
University's NSA-designated
Information Assurance Center.
Meanwhile, I am an Ames Lab associate for
Midwest Forensics Resource
Center at U.S. DoE's
Ames Lab. I won the National
Science Foundation CAREER Award and was honored as the Litton Chair
Assistant Professor in 2007. Our recent research work have been
featured in Science Daily,
Technology News Daily,
NSF News,
NASA Tech Briefs,
and Channel 13 News (Who-TV).
I received a Ph.D. degree (2002) in
Computer Science from
Texas A&M University under the
advisement of Dr. Wei
Zhao, M.S. degree in Computer
Science (advised by Prof. Baojue Chen) and B.S. degree in
Computer Science (advised by
Profs. Shiwei Tang and Dongqing Yang) from
Peking University.
Teaching
CprE 536: Computer and Network Forensics, (2002F,
2003F, 2004F, 2005F, 2006F, 2007F, 2008F)
CprE 450/550:
Distributed Systems and Middleware, (2003S,
2004S, 2005S, 2006S, 2007S, 2008S)
CprE 308:
Operating Systems, (2007F, 2008F)
Research Projects
Advanced
Attack Attribution
Cyber
Forensics
Secure
Network Coding
Online
Frauds
Wireless
Security
Research
Projects while I was in Texas A&M University:
NetCamo:
NetCamo (stands for Network Camouflaging) aims
to prevent traffic analysis in mission-critical QoS-guaranteed
networks. Funded by
DARPA ITO
Fault Tolerant Networks program.
NetEx: NetEx (stands
for Network Express) enables
user applications to participate in delay guaranteed communications.
Funded by
DARPA
ITO Quorum program.
Selected Research Support
National Science Foundation, "CAREER: Practical Scheme Design for Supporting
Secure and Resilient Resource-constrained Wireless Networks", Yong Guan (PI), 01/2007-12/2011.
National Science Foundation, "Secure Network Coding and Cooperative
Relaying", Yong Guan (PI), Ahmed Kamal and Sang
Kim, 10/2006-9/2009.
Intelligence Advanced Research Projects Activity (IARPA)
(formerly,
Disruptive Technology Office (DTO) / Advanced Research and
Development Activity (ARDA)), "Advanced
Attack Attribution", Yong Guan (PI), Julie Dickerson and Tom
Daniels, 10/2003-8/2007.
National Science Foundation, "Cyberspace Forensics: Research, Course
Development, and Laboratory Development", Yong Guan (PI), Jim
Davis and Doug Jacobson, 7/2003-8/2007.
Carver
Trust Foundation, "Adaptive Reputation-based Access Control and
Resource Scheduling for Distributed Computing Systems", Yong
Guan (PI), 4/2003-7/2004.
Honors and Awards
Outstanding Community Service Award,
IEEE Technical Committee on Security and Privacy, May 2008. (for the
joint work with Patrick McDaniel, Avi Rubin, David Du, David
Shambroom, and Deborah Shands in organizing the
2008
Oakland Conference. We had 3 award papers and a record high
number of attendees.)
The Litton
Industries Professorship, 2007.
Iowa State University Award for Early Achievement in Research,
2007. (One at ISU per year.
Photo with Iowa
State President Gregory Geoffroy at ISU 2007 Fall Convocation)
NSF Career Award, 2007.
Second Place Graduate
Winner,
10th
ACM International Student Research Contest,
Northern Kentucky/Cincinnati, OH, March 1, 2002. See
the photo of the top 3 winners.
Best Student Paper
Award, IEEE National Aerospace and Electronics Conference, Dayton,
OH, 1998.
Professional Activities and Services
Member of IFIP TC-11 WG
11.9: Digital Forensics.
Cipher Associate Editor,
IEEE Computer Society's Technical Committee on Security and Privacy.
Editorial Board Member,
International Journal of Security and Networks (IJSN),
2008-present.
Security and Privacy Chair Emeritus,
IEEE Symposium on Security and Privacy (SP 2009), Berkeley,
California, May 17-21, 2009.
General Chair, 29th IEEE Symposium on Security and Privacy (SP
2008), Berkeley, California, May 18-22, 2008.
Program co-Vice
Chair for the area of Security and Privacy, 28th IEEE International
Conference on Distributed Computing Systems (ICDCS
2008), Beijing, China, June 17-20, 2008.
Publicity and
Registration Chair, 28th IEEE Symposium on Security and Privacy (SP
2007), Berkeley, California, May 20-23, 2007.
Program Committee Member, IEEE
INFOCOM 2009,
Rio de Janeiro, Brazil, April 19-25, 2009.
Program Committee Member, 24th Annual ACM Symposium
on Applied Computing (SAC 2009), Computer Forensics Track,
Honolulu, Hawaii, USA, March
8-12, 2009.
Program Committee Member, 4th IEEE International
Conference on Security and Privacy in Communication Networks (SecureComm
2008), Istanbul, Turkey, September 22-25, 2008.
Program Committee Member, 23rd IFIP International
Information Security Conference (SEC
2008), Milan, Italy, September 8 - 10, 2008.
Program Committee member, 5th IEEE International
Conference on Broadband Communications, Networks, and Systems
(BROADNETS
2008), London, UK, September 8-11, 2008.
Program Committee Member, 8th Annual Digital Forensic
Research Workshop (DFRWS 2008),
Baltimore, Maryland, USA, August 11-13, 2008.
Program Committee Member, 3rd IEEE International
Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE
2008), held in conjunction with the 2008 IEEE Symposium on Security
and Privacy (SP 2008), Oakland, California, USA, May 22, 2008.
Program Committee Member, IEEE
INFOCOM 2008,
Phoenix, Arizona, USA, April 13-19, 2008.
Program Committee Member, 14th ACM Computer and
Communication Security (CCS 2007), Industry Track, Alexandria, VA,
October 29 - November 2, 2007.
Program Committee Member, IEEE
INFOCOM 2007,
Anchorage, Alaska, USA, May 6-12, 2007.
Program Committee Member, 50th annual IEEE Global
Telecommunications Conference (GLOBECOM 2007), General Symposium,
Washington, D.C., November 26-30, 2007.
Program Committee Member, 2nd Computer
Network Forensics Research Workshop (CNFR 2007), held in conjunction
with the 3rd International Conference on Security and Privacy in
Communication Networks (SecureComm 2007), Nice, France, September
17-21, 2007.
Program Committee Member, 7th Annual Digital Forensic
Research Workshop (DFRWS 2007),
Pittsburgh, Pennsylvania, USA, August 13-15, 2007.
Symposium co-Chair, Computer and Network Security
Symposium, International Wireless Communications & Mobile Computing Conference
(IWCMC
2007), Turtle Bay Resort, Honolulu,
Hawaii, August 12-16, 2007.
Program committee member, 1st IEEE
International Workshop on Security in Software Engineering (IWSSE
2007), held in conjunction with 31st Annual IEEE International
Computer Software and Applications Conference (COMPSAC 2007),
Beijing, China, July 24-27, 2007.
Submission Chair and Program Committee Member, 2nd
International Workshop on Systematic Approaches to Digital Forensic
Engineering (SADFE
2007), Seattle, Washington, April 10-13, 2007.
Program Committee Member, 22nd Annual ACM Symposium
on Applied Computing (SAC 2007), Computer Forensics Track, Seoul,
Korea, March 11-15, 2007.
Posters and Demos Chair and Program Committee Member,
8th International Conference on Information and Communications
Security (ICICS 2006),
Raleigh, North Carolina, USA, December 4-7, 2006.
Program co-Chair, 2nd IEEE International Workshop on
Wireless and Sensor Networks Security (WSNS
2006), held in conjunction with the 3rd
IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS
2006), Vancouver, Canada, October 9-12, 2006.
Program Committee Member, 6th Annual Digital Forensic
Research Workshop (DFRWS 2006),
Lafayette, Indiana, USA, August 14-16, 2006.
Program Committee Member, 3rd ACM Workshop on
Security of Ad-Hoc and Sensor Networks (SASN 2005), held in
conjunction with the 12th ACM Conference on Computer and
Communications Security (CCS
2005), Alexandria, Virginia, USA, November 7-11, 2005.
Program Committee Member, 1st International Workshop
on Systematic Approaches to Digital Forensic Engineering (SADFE
2005), Taipei, Taiwan, November 7-10, 2005.
Program co-Chair, Computer Network Forensics Research
Workshop (CNFR 2005),
held in conjunction with the 1st International Conference on
Security and Privacy for Emerging Areas in Communication Networks (SecureComm
2005), Athens, Greece, September 5-9, 2005.
Program Chair, 2nd International Workshop on Security in Distributed
Computing Systems (SDCS-2005), held in conjunction with the 25th
International Conference on Distributed Computing Systems (ICDCS
2005), Columbus, Ohio, USA, June 6-10, 2005.
Students
Current Students: Mike Blasi, Bryan
Ellingson, Ben Kallal, Lars Kulseng, Yang Liu, Yanlin Peng, Soumya
Shetty, Yawen
Wei, Zhen Yu, Linfeng Zhang
Former Students:
Bhuvaneswari Ramkumar, MS, September
2006 - August 2008, Thesis: "Encrypted Malware Detection", granted
August 2008, now at Cisco.
Paul Miller, MS, (Johnny Wong,
co-advisor), September 2007 - May 2008, Thesis: "Visualization for
Network Forensic Analyses: Extending the Forensic Log Investigator (FLI)",
granted May 2008, now at FBI.
Thieu Pham, MS, September 2005 - December 2007,
Thesis: "Forensic Log Investigator (FLI) - A Log Analysis and
Visualization Tool", granted December 2007, now at Cisco.
Anthony Persaud, MS,
September 2004 - May 2006, Thesis: "The Use of Wavelet Watermarking
and Statistical Classification Techniques for Collusion Detection
and Identification in Multimedia Forensics", granted May 2006,
now a PhD student at Carnegie Mellon University.
Douglas
Houghton, MS, (Doug Jacobson, co-advisor), September 2004 - December
2005, Thesis: "Design and Development of Network Traffic Simulator",
granted December 2005, now at Mitre.
William
Sears, MS, (Tom Daniels, co-advisor), May 2003 - August 2005, Thesis:
"PeerCredential: A Support Reputation-based Trust Framework for
Peer-to-Peer Applications", granted Augutst 2005, now at U.S. DoE's
Ames Lab.
Wale
Martins, MS, (Tom Daniels, co-advisor), September 2003 - August 2005,
Thesis: "Affecting IP Traceback with Recent Internet Topology Maps",
granted August 2005, now at Microsoft.
Joel Cardo, BS, Undergraduate
RA, September 2003 - December 2004, Lightweight Statistical
Authentication Protocol for Access Control in Wireless LANs, now at
Rockwell Collins.
Alan Johnson, BS,
Undergraduate RA, Stepping Stone Attack Attribution, September 2003
- May 2006, now a PhD student at Princeton University.
Selected Recent Publications
Linfeng Zhang and Yong Guan, "Detecting
Click Fraud in Pay-Per-Click Streams of Online Advertising
Networks," in Proceedings of the 28th International Conference on
Distributed Computing Systems (ICDCS 2008), Beijing,
China, June 17-20, 2008.
Zhen Yu, Yawen Wei,
Bhuvaneswari Ramkumar, and Yong Guan, "An
Efficient Signature-based Scheme for Securing Network Coding against
Pollution Attacks," in
Proceedings of the
27th IEEE International Conference
on Computer Communications (INFOCOM 2008), Phoenix, Arizona,
USA, April 15-17, 2008.
Linfeng Zhang and Yong Guan, "Frequency
Estimation over Sliding Windows,"
in
Proceedings of the 24th IEEE International Conference on Data Engineering (ICDE
2008), poster paper, Cancún, México, April 7-12, 2008.
Yawen Wei, Zhen Yu,
and Yong Guan, "Location Verification Algorithms for Wireless Sensor
Networks," in Proceedings of the 27th IEEE International
Conference on Distributed Computing Systems (ICDCS 2007), Toronto, Canada, June
25-29, 2007.
Linfeng Zhang and Yong Guan, "Variance
Estimation over Sliding Windows,"
in Proceedings of the
26th ACM Symposium on Principles of Database Systems (PODS 2007),
Beijing, China, June 11-14, 2007.
Zhen Yu, Yawen Wei,
and Yong Guan, "Key Management for Wireless Sensor Networks,"
Handbook of Wireless Mesh & Sensor Networking, G. Aggelou (ed.),
McGraw-Hill International, Accepted in February 2007.
Linfeng Zhang and Yong Guan, "TOPO: A
Topology-aware Single Packet Attack Traceback Scheme," in
Proceedings of
IEEE International Conference on
Security and Privacy in Communication Networks (SecureComm 2006),
Baltimore, Maryland, USA, August 28-September 1, 2006.
Yawen
Wei, Zhen Yu, and Yong Guan, "COTA: A Robust Multi-hop Localization
Scheme in Wireless Sensor Networks," in
Proceedings of
IEEE/ACM
International Conference on Distributed Computing in Sensor Systems
(DCOSS 2006), San Francisco, California, USA, June 18-20, 2006.
Zhen Yu and Yong Guan,
"A Dynamic En-route Scheme for Filtering False Data in Wireless
Sensor Networks," in
Proceedings of
IEEE INFOCOM 2006,
Barcelona, Spain, April 23-27, 2006.
Linfeng
Zhang, Anthony Persaud, Alan Johnson, and Yong Guan, "Stepping Stone
Attack Attribution in Non-cooperative IP Networks," in
Proceedings of the 25th IEEE International Performance Computing and
Communications Conference (IPCCC 2006), Phoenix, Arizona, USA, April
10-12, 2006.
Jianqiang Xin, Linfeng Zhang, Brad Aswegan, Julie Dickerson, Tom
Daniels, and Yong Guan, "A Testbed for Evaluation and Analysis of Stepping Stone Attack Attribution Techniques,"
in
Proceedings of the 2nd
International IEEE/Create-Net Conference on Testbeds and Research
Infrastructures for the Development of Networks and Communities (TridentCom
2006), Barcelona, Spain, March 1-3, 2006.
Anthony Persaud and
Yong Guan, "Collusion Detection and Identification for
Multimedia Forensics," in the second Annual IFIP
WG 11.9 International Conference on Digital Forensics, Orlando,
Florida, USA, January 29 - February 1, 2006.
An extended version in
Research
Advances in Digital Forensics (Springer).
Haoli Wang, Joel
Cardo, and Yong Guan, "Shepherd: A Lightweight Statistical
Authentication Protocol for Access Control in Wireless LANs,"
Elsevier Computer Communications Journal, Special Issue on
Applications and Services in Wireless Networks, Vol. 28, No. 14, pp. 1618-1630,
September 2005.
William Sears, Zhen
Yu, and Yong Guan, "An Adaptive Reputation-based Trust Framework for
Peer-to-Peer Applications," in
Proceedings of the 4th IEEE
International Symposium on Network Computing and Applications (NCA
2005), Boston, Massachusetts, USA, July 27-29, 2005.
Zhen Yu and Yong Guan,
"A Key Pre-Distribution Scheme Using Deployment Knowledge for
Wireless Sensor Networks," in Proceedings of the 4th
ACM/IEEE International Conference on Information Processing in Sensor
Networks (IPSN 2005), Los Angeles, California, USA, April 25-27, 2005.
An extended version will appear in IEEE Transactions on Parallel and
Distributed Systems.
Anthony Persaud and
Yong Guan, "A Framework for Email Investigations: Automated Information
Extraction and Linkage Discovery,"
First Annual IFIP WG 11.9
International Conference on Digital Forensics, Orlando, Florida,
USA, February 13-16,
2005. An extended version in Research
Advances in Digital Forensics (Springer).
Yong Guan, Xinwen Fu, Riccardo Bettati, and Wei Zhao,
"A Quantitative Analysis of Anonymous Communications," IEEE
Transactions on Reliability, Vol. 53, No. 1, pp. 103-116, March
2004.
Dan Berleant, M.-P. Cheong, Chris Chu, Yong Guan,
Ahmed Kamal, Gerald Sheble, S. Ferson, and J.F. Peters, "Dependable
Handling of Uncertainty", Reliable Computing, Special Issue on
Dependable Reasoning about Uncertainty, Vol. 9, No. 6, pp.
407-418, 2003.
Yong Guan, Xinwen Fu, Riccardo Bettati, and Wei Zhao,
"An Optimal Strategy for Anonymous Communication Protocols," in
Proceedings of the 22nd IEEE International Conference on Distributed
Computing Systems (ICDCS 2002), Vienna, Austria, July 2-5, 2002.
Yong Guan, Xinwen Fu, Dong Xuan, Prashanth Shenoy,
Riccardo Bettati, and Wei Zhao, "NetCamo: Camouflaging Network
Traffic for QoS-Guaranteed Mission Critical Applications," IEEE
Transactions on System, Man, and Cybernetics, Special Issue on
Information Assurance, Vol. 31, No. 4, pp. 253-265, July 2001.
Selected Talks
Tutorial, "Digital
Forensics: Research Challenges and Open Problems", 13th
ACM Conference on Computer and Communication Security (CCS 2006),
Alexandria, VA, October 31, 2006.
"Detecting
Click Fraud in Pay-Per-Click Streams of Online Advertising
Networks", Department of Computer Science, University of Hong Kong,
July 31, 2008.
"False Data Filtering", Hong Kong
Polytechnic University, July 29, 2008.
"Fraud Detection in the Internet
Auction Systems", eBay, San Jose, CA, May 23, 2008.
"Cyber
Crime: The Transformation of Crime in the Information Age", ISU
Alumni @ Hamilton Co., Webster City, IA, March 30, 2008. (The title
was the same as David S. Wall's book) (Photo
with ISU Alumni).
"Digital
Forensics: Research Challenges and Open Problems", University of Iowa, Iowa City, IA, December 4, 2007.
"Stepping
Stone Attack Attribution in Non-Cooperative IP Networks", John Jay
College of Criminal Justice, City University of New York, New York,
NY, October 17, 2006.
"Practical
Security Scheme Design for Sensor Networks", Telcordia Research,
Piscataway, NJ, October 16, 2006.
"Open
Source/Closed Source Software in Security Education", Invited
panelist at the Annual Conference on Education in Information
Security, Ames, IA. September 17-18, 2006.
"Key
Pre-distribution Scheme Using Deployment Knowledge for Wireless
Sensor Networks", Department of Computer Science and Engineering,
Ohio State University, Columbus, OH, June 8, 2005.
"Topology-aware Single Packet Attack Traceback", Northrop Grumman,
Omaha, NE, March 16, 2005.
Keynote
Speech, "Cyber Crime Scene Reconstruction", Symposium on Computer
Forensics 2004: Research, Education, and Practice, St. Paul, MN,
October 15, 2004.
"Stepping Stone Attack Attribution in Non-Cooperative
IP Networks", Computer Forensics Working Group Meeting (CFWG),
Baltimore, MD, August 9, 2004.
"Keep Kids Safe On-Line", Annual meetings of Iowa
Mother of Multiples, Boone, IA, May 1, 2004.
Patents
Yong Guan and Linfeng Zhang,
"Detecting Click Fraud in Pay-Per-Click Streams of Online
Advertising Networks", Provisional US Patent Application, No.
60/968,963, August 30, 2007.
|
