Defending against Evolving Malicious Software : Malicious software attacks, including worms, spyware and botnets, are becoming a growing security concern. Although first-generation defenses have shown promise, attackers are also evolving, thus requiring vigilance as well as research in countering threats and making systems more secure.
Our current research revolves around three major problems in this area: defending against high-end threats such as fast-spreading and polymorphic worms, developing a rapid automated reaction capability against zero-day attacks, and examining new forms of attacks and new breeding grounds for malware, such as wireless and mobile networks.

Network Security : The global economy is becoming increasingly dependent on computer networks and particularly the Internet. As a result, networks have inevitably become the target of attackers whose objectives include gaining illegal profits, destroying a country's economy and paralyzing a business competitor's service. To achieve their objectives attackers exploit all possible security holes of the target network, and seek ways to circumvent existing security measures. Our mission is to help address these threats through world-class research and manpower training on network security, and to contribute to the economic growth of Singapore.

Secure Enterprise Document Management : We aim to play an important role in fighting against information theft, especially the theft due to insider threat in enterprise environment. It protects sensitive information by managing and enforcing access and usage rights to the information throughout its lifecycle – creation, distribution, storage and consumption. It is transparent for legal usage from the viewpoint of user. Hence, incorporated with our technologies, our partner is able to make Singapore a Trusted Hub for High Value Documents.

Efficient Certificate Validation : Modern security technologies such as S/MIME, SSL and VPN rely heavily on PKI and digital certificates. Unfortunately in such infrastructures, the binding between the certificate’s owner identity and the associated public key (contained in the digital certificate) can be easily compromised e.g. private key theft. Hence certificate validation is an absolute necessity for any PKI. Providing timely and reliable certificate status validation is not easy, especially for large PKI populations. Among several reasons, one key reason why PKIs have not been as widely deployed as expected is due to the high operational costs of certificate validation. At I2R, we have developed an on-demand certificate status validation protocol called Augmented CRLs (ACRLs) which provides superior network performance and lower operational costs compared to any known certificate validation scheme. We are currently productizing this technology and actively looking for industry partners.

Integrated Info-security for Vehicular Networks : The emerging vehicular networks in the forms of intra-car, car-to-car, car-to-roadside communications will enable a variety of applications for safety, traffic efficiency, driver assistance, as well as infotainment to be incorporated into future automotive designs. At the same time, networked Electronic Control Units (ECUs) are increasingly being deployed in cars to realize functions such as engine management, air-bag deployment, and even in intelligent brake systems. However, the availability of these exciting automotive applications can also lead to formidable set of exploits and vulnerable to attacks, as more and more data is being exchanged and communicated in and out of a car. Unlike other communication networks, the vehicular network differs in size, speed of the vehicles, as well as relevance of their geographic position. Most importantly, the sporadic connectivity between them also made providing data security to vehicles especially challenging. In this project, we propose integrated info-security solutions to manage and protect the critical data for intra-car, car-to-car and car-to-infrastructure communications. The proposed solutions will ensure that data with-inside and with-outside the automotive is protected from abuse and security attacks. We begin by identifying the various security threats and attacks that various vehicular communication networks are vulnerable to. Next we will carry out security analysis on these networks and propose our design in three major aspects: tamper-resistant software in embedded devices for intra-car security, security solutions for vehicular ad-hoc network (VANET) and standard compliant. These solutions will be prototyped and tested with a single-board computer equipped with interface to internal car networks and wireless communication capabilities.