Currently our STEALTH research group is looking into critical infrastructure security. Specifically we are dealing with SCADA systems - System Control And Data Acquisition. These are the types of systems that are utilized for example by the power industry to control the electrical grid. Many are legacy systems but are gradually becoming targets as they are moved from proprietary communications methods over to public communications methods. (No web page for this group yet...)

Before SCADA I've been working on a system called IDEA - Intrusion DEtection Automata. This tool builds on "dynamicHook" (below) and allows one to automatically facilitate intrusion detection by first learning "typical" behavior of a program, and then later monitoring the program for "atypical" events. We've had a few published papers on this and we run a live server for external users to poke at. Assuming it is up and running (I take it down and back up a lot while testing) you can see it here.

Prior to IDEA we have been working on a software system named "dynamicHook". The "dynamicHook" tools enable one to take off-the-shelf open-source software and, after a recompile, enable dynamic aspects to be added to the executing program. I have utilized this system in a set of proof-of-concept applications and have added intrusion detection and security aspects to two web servers available as open C/C++ source. There's a web page forthcoming here although the content is (like this page) light. We've published a few papers on this one but the link's are not here yet.

I've put together some packages for accurate timing of functions and code on x86 platforms. This would be used to determine, with high accuracy, the timing requirements of (for example) real-time code. There's a technical paper on this. While I was at it I put together a similar system for monitoring dynamic memory allocations and detecting memory leaks.

Last spring, in conjunction with a local firm, we were in the process of implementing a new ontology and active agent language for non-technical people to use. This would allow a non-programmer to describe the units and concepts in use in a certain domain, and then to specify high level exemplar items. These high-level items are comprised of components and the probability distribution over the possible values of these components. It was all very grandiose and cool, right up to the point where it was cancelled.