Visible to the public EDU: Collaborative: Using Virtual Machine Introspection for Deep Cyber Security EducationConflict Detection Enabled

Project Details

Lead PI

Performance Period

Jun 15, 2018 - Aug 31, 2019

Institution(s)

Virginia Commonwealth University

Award Number


Cybersecurity is one of the most strategically important areas in computer science, and also one of the most difficult disciplines to teach effectively. Historically, hands-on cyber security exercises helped students reinforce basic concepts, but most of them focused on user level attacks and defenses. Since OS kernels provide the foundations to the applications, any compromise to OS kernels will lead to an entirely untrusted computing. Therefore, it is imperative to teach students the practice of kernel level attacks and defenses.

Over the past decade, there has been great interest in using virtualization to profile, characterize, and observe kernel events including the security incidents. Inspired by the great success from virtual machine introspection (VMI), this project aims to provide an advancement by directly building practical VMI tools and libraries (or toolkit) on top of virtualization, and applying them for deep cybersecurity education. The deepness comes from the study of the lower level system internals such as OS kernels. The project will further provide a number of seed contents to teach both instructors and students on utilizing the toolkit to be used for studying not only traditional user level attacks such as buffer overflow, but also defenses inside the OS kernels. The outcome of this project (i.e., the toolkit and the cybersecurity exercises) will contribute to the health, safety, and economic well-being of our society by helping to improve the state-of-the-art in cybersecurity education, especially for effectively performing hands-on cybersecurity exercises.

Continuation of Award #: 1623276

I am a faculty member in the Department of Computer Science at Virginia Commonwealth University (VCU). My research group is the Security and Forensics Engineering (SAFE) Lab. I am also a faculty fellow of VCU Cybersecurity Center. Before VCU, I was a Canizaro-Livingston Endowed Assistant Professor in Cybersecurity at the University of New Orleans (UNO), New Orleans, LA.

My research interests are broadly in the area of cybersecurity, currently focusing on digital forensics, malware, cyber-physical systems, and cybersecurity education.

I am a recipient of the ORAU Ralph E. Powe Junior Faculty Enhancement Award, an Outstanding Research Award from the American Academy of Forensic Sciences (AAFS), and the UNO's Early Career Research Prize.

My research work has been supported in part by the NSF, NSA, ONR, ARO, ORAU, and VA CCI, and has received three Best Paper Awards at DFRWS'20, ISC'13, and ICRC'11, and an Outstanding Poster Award at CODASPY'16.