Research Projects at the NEU SecLab
Exposing the Dark Side of Android Marketplaces
The goal of DarkDroid is to research static mechanisms for proving the non-existence of malicious code in Android applications. We use scalable and precise static analyses on Dalvik bytecode to discover attacks ranging from privacy violations to unauthorized modifications to critical sensor data. Using the results of our analyses, our tools can then excise the malicious code or harden other apps against attack.
Improving the Security of Web 2.0 Applications
ZigZag proposes to automatically instrument client-side scripting code so that its execution can be monitored. We use this monitoring framework to (i) build models that capture normal program runs, and (ii) subsequently leverage these models to detect and prevent attacks as they unfold.
Automatic Botnet Identification
Disclosure studies large-scale automated botnet detection and mitigation techniques.
Teaching Systems Security Using an Interactive Platform
This project explores techniques for developing a modern security education platform.
Scholarship for Service
Multi-Disciplinary Preparation of Next Generation Information Assurance Practitioners
The NSF Scholarship for Service program is intended to address the growing need for security experts in the public sector by providing students a solid foundation in computer security, coupled with hands-on experience in the leading edge of security research. Northeastern takes a multi-disciplinary approach to this problem, by exposing its SFS students to the wider sociological, political, and legal dimensions of security, while maintaining a strong grounding in technical skills.