We also have additional papers accepted/published in prestigious conferences including IEEE ICDM andECML/PKDD. Together with our colleagues <strong>at</strong> the <strong>University</strong> <strong>of</strong> Illinois, we have applied for a p<strong>at</strong>ent onthe Novel Class Detection System with <strong>The</strong> <strong>University</strong> <strong>of</strong> <strong>Texas</strong> <strong>at</strong> <strong>Dallas</strong> as the primary inventor. Wehave assembled all <strong>of</strong> the work described in Papers 1 - 3 as well as our additional papers on this topic andhave written a book titled D<strong>at</strong>a Mining Tools for Malware Detection (to be published l<strong>at</strong>er in the year).1. A New Intrusion Detection System using Support Vector Machines and Hierarchical Clustering,VLDB Journal, Vol. 16, 2007 (co-authors: M. Awad, L. Khan). Co-AuthorMy Contribution: Pr<strong>of</strong>. Khan and his student Mr. Awad carried out the design andimplement<strong>at</strong>ion. I gave comments and wrote much <strong>of</strong> the paper from the thesis.2. A Hybrid Model to Detect Malicious Executables, Proceedings IEEE Intern<strong>at</strong>ional Conference onCommunic<strong>at</strong>ion (ICC 2007) (co-authors: M. Masud, L. Khan). Co-AuthorMy Contribution: This was a team effort. Pr<strong>of</strong>. Khan and I supervised the student (Mr. Masud).<strong>The</strong> student carried out the detailed design and implement<strong>at</strong>ion. <strong>The</strong> paper was written by thestudent and I gave comments.3. A Scalable Multi-level Fe<strong>at</strong>ure Extraction Technique to Detect Malicious Executables,Inform<strong>at</strong>ion Systems Frontiers, Vol. 10, No. 1, p.33-45, March 2008 (co-authors: M. Masud, L.Khan). Co-AuthorMy Contribution: This was a team effort. Pr<strong>of</strong>. Khan and I supervised the student (Mr. Masud).<strong>The</strong> student carried out the detailed design and implement<strong>at</strong>ion. <strong>The</strong> paper was written by thestudent and I gave comments.4. A Practical Approach to Classify Evolving D<strong>at</strong>a Streams: Training with Limited Amount <strong>of</strong>Labeled D<strong>at</strong>a, Proceedings Intern<strong>at</strong>ional Conference on D<strong>at</strong>a Mining (ICDM 2008) (co-authors:M. Masud, J. Gao, L. Kahn, J. Han). Co-AuthorMy Contribution: This was a team effort between <strong>The</strong> <strong>University</strong> <strong>Texas</strong> <strong>at</strong> <strong>Dallas</strong> and the<strong>University</strong> <strong>of</strong> Illinois <strong>at</strong> Urbana Champaign. Pr<strong>of</strong>. Khan and I supervised the student (Mr. Masud).<strong>The</strong> student carried out the detailed design and implement<strong>at</strong>ion. <strong>The</strong> paper was mainly written bythe student and I gave comments.5. Classific<strong>at</strong>ion and Novel Class Detection in Concept-Drifting D<strong>at</strong>a Streams under TimeConstraints, IEEE Transactions on Knowledge and D<strong>at</strong>a Engineering, , Vol. 23, No. 6, p. 859 –874, June 2011 (co-authors: M. Masud, J. Gao, L. Khan, J. Han). Co-AuthorMy Contribution: This was a team effort between <strong>The</strong> <strong>University</strong> <strong>Texas</strong> <strong>at</strong> <strong>Dallas</strong> and the<strong>University</strong> <strong>of</strong> Illinois <strong>at</strong> Urbana Champaign. Pr<strong>of</strong>. Khan and I supervised the student (Mr. Masud).<strong>The</strong> student carried out the detailed design and implement<strong>at</strong>ion. <strong>The</strong> paper was mainly written bythe student and I gave comments.6. Exploiting an Antivirus Interface, Computer Standards and Interface Journal, Vol. 31,No.6, 2009 (co-authors: K. Hamlen, V. Mohan, M. Masud, L. Khan). Co-AuthorMy Contribution: I conceived the idea. This was a team effort between Pr<strong>of</strong>. Hamlen, Pr<strong>of</strong>. Khan,myself and our students, Mr. Masud and Mr. Mohan. <strong>The</strong> students carried out the detailed designand implement<strong>at</strong>ion. <strong>The</strong> paper was mainly written by Pr<strong>of</strong>. Hamlen and I gave comments.17.6 CONCLUSIONIn this section, I have presented a sample <strong>of</strong> my papers and described my research contributions in securedependable d<strong>at</strong>a management. Section 17.1 provided a sample <strong>of</strong> my papers in multilevel secure d<strong>at</strong>amanagement. Section 17.2 provided a sample <strong>of</strong> my papers in dependable d<strong>at</strong>a management. Section 17.3provided a sample <strong>of</strong> my papers in semantic web, web services security and Section 17.4 provided asample <strong>of</strong> my papers in d<strong>at</strong>a mining for malware detection. My research is continuing in these areas aswell as in additional areas. Below I provide an overview.110
Policy management: While discretionary security for rel<strong>at</strong>ional d<strong>at</strong>abase is a m<strong>at</strong>ure technology, there isa lot to do in discretionary security for XML and RDF d<strong>at</strong>abases. For example, how can we specifypolicies? How can we incorpor<strong>at</strong>e policies for provenance d<strong>at</strong>a management with trust, confidentiality andprivacy? How can semantic web d<strong>at</strong>a be secured? Wh<strong>at</strong> sorts <strong>of</strong> temporal authoriz<strong>at</strong>ion models areappropri<strong>at</strong>e for the emerging d<strong>at</strong>abase systems? <strong>The</strong>se are all interesting challenges.Multilevel security: We have focused on multilevel security for various types <strong>of</strong> d<strong>at</strong>abases. Whileresearch in this area is not as active as it used to be, we have learned a lot in conducting research inMLS/DBMSs. Furthermore, such systems are still needed for military and intelligence applic<strong>at</strong>ions. <strong>The</strong>challenges here include developing new kinds <strong>of</strong> models and architectures for MLS/DBMSs as well asbuilding high assurance systems.Inference Problem: While this is a very difficult problem, it continues to fascin<strong>at</strong>e researchers. We needto build policy managers th<strong>at</strong> are more efficient and can manage prior knowledge. We also need toexamine the complexity <strong>of</strong> the problem. <strong>The</strong>re is a lot <strong>of</strong> interesting theoretical work to do in this area.Secure Distributed and Heterogeneous D<strong>at</strong>abases: While some progress has been made, we need anextensive investig<strong>at</strong>ion <strong>of</strong> security for distributed, heterogeneous and feder<strong>at</strong>ed d<strong>at</strong>abases. Wh<strong>at</strong> sorts <strong>of</strong>access control models are appropri<strong>at</strong>e for such systems? How can we share d<strong>at</strong>a and still have security andautonomy? How can security policies be integr<strong>at</strong>ed across organiz<strong>at</strong>ions? How can distributedtransactions be executed securely?Secure Object D<strong>at</strong>abases and Applic<strong>at</strong>ions: <strong>The</strong>re has been work in both discretionary and mand<strong>at</strong>orysecurity for object d<strong>at</strong>abases. How can we apply the principles for object-rel<strong>at</strong>ional systems since suchsystems are domin<strong>at</strong>ing the marketplace? Are the security mechanisms for distributed object managementsystems sufficient? How can we provide fine-grained access control? How can UML be used to designsecure applic<strong>at</strong>ions?Secure D<strong>at</strong>a Warehousing: <strong>The</strong>re are many challenges here. How can we build a secure warehouse fromthe d<strong>at</strong>a sources? How can we develop an integr<strong>at</strong>ed security policy? Wh<strong>at</strong> is the security impact on thefunctions <strong>of</strong> a warehouse?Secure Web D<strong>at</strong>a and Inform<strong>at</strong>ion Management: <strong>The</strong>re is a lot <strong>of</strong> work to be done on secure web d<strong>at</strong>aand inform<strong>at</strong>ion management. For example, how can we build secure web d<strong>at</strong>abase systems? Wh<strong>at</strong> are thesecurity issues for digital libraries? How do we secure the semantic web? How can we maintain trust onthe web? How can we secure emerging applic<strong>at</strong>ions such as knowledge management, multimedia,collabor<strong>at</strong>ion, e-commerce and peer-to-peer d<strong>at</strong>a management? Also securing the semantic web and webservices will be major research areas.D<strong>at</strong>a Mining, Security and Privacy: Without a doubt, d<strong>at</strong>a mining has many applic<strong>at</strong>ions in security.However, privacy is a major concern. We need better techniques for detecting novel classes. Furthermore,we need to detect the malware before they change p<strong>at</strong>terns. Privacy research includes privacy-preservingd<strong>at</strong>a mining, building privacy controllers and analyzing the complexity <strong>of</strong> the privacy problem. Privacy isa multidisciplinary research topic between computer scientists and social scientists.Assured Inform<strong>at</strong>ion Sharing: <strong>The</strong> 9/11 commission report has st<strong>at</strong>ed th<strong>at</strong> we have to migr<strong>at</strong>e from aneed to know to a need to share environment. We need appropri<strong>at</strong>e policy management techniques forsharing d<strong>at</strong>a. More importantly, we need incentives for d<strong>at</strong>a sharing. This is a multidisciplinary researcharea between computer scientists and social scientists.111
- Page 1:
Curriculum VitaeBhavani Thuraisingh
- Page 5 and 6:
EXTERNALSection 2: MAJOR AWARDSBest
- Page 7 and 8:
Section 3: SYNOPSIS OF RESEARCHMy r
- Page 9 and 10:
the concepts in semantic nets and c
- Page 11 and 12:
secure query processing for cloud.
- Page 13 and 14:
Section 4: RESEARCH LEADERSHIPhttp:
- Page 15 and 16:
Section 5: RESUME SUMMARYName:Dr. B
- Page 17 and 18:
Army, NSA, and CIA as well as consu
- Page 19 and 20:
Section 6: INDUSTRY/GOVERNMENT EXPE
- Page 21 and 22:
management to discuss projects as w
- Page 23 and 24:
Current (2004 - Present)The Univers
- Page 25 and 26:
Object Databases (1 day course taug
- Page 27 and 28:
Section 8: ACADEMIC RESEARCH SUPERV
- Page 29 and 30:
Thesis Committees: Serving/served o
- Page 31 and 32:
Section 9: RESEARCH FUNDINGI have o
- Page 33 and 34:
PI: L. KhanAmount: $260,00020. Nati
- Page 35 and 36:
3. CIA: As manager of fifteen resea
- Page 37 and 38:
15. Multilevel Security Issues in D
- Page 39 and 40:
48. E-Mail Worm Detection Using Dat
- Page 41 and 42:
79. Information Demands Drive Data
- Page 43 and 44:
2. Foundations of Multilevel Databa
- Page 45 and 46:
32. Parallel Processing and Trusted
- Page 47 and 48:
66. Privacy Preserving Data Mining,
- Page 49 and 50:
99. Data Mining for Cyber Security
- Page 51 and 52:
130. Object-oriented Implementation
- Page 53 and 54:
161. XIMKON- An Expert Simulation a
- Page 55 and 56:
194. Ontology Alignment Using Multi
- Page 57 and 58:
225. RETRO: A Framework for Semanti
- Page 59 and 60: 5. Inference Problem in Database Se
- Page 61 and 62: I. JOURNAL SPECIAL ISSUES EDITEDSec
- Page 63 and 64: 12. Proceedings ISI Conference, IEE
- Page 65 and 66: Bhavani ThuraisinghamUTDCS-45-06UTD
- Page 67 and 68: UTDCS-32-08A Practical Approach to
- Page 69 and 70: UTDCS-27-11Towards the Design and I
- Page 71 and 72: 29. A Seminar on Real-time Database
- Page 73 and 74: 14. Concurrency Control in Real-tim
- Page 75 and 76: 17. Data Management Systems Evoluti
- Page 77 and 78: 54. Data Mining for National Securi
- Page 79 and 80: 5. Recent Developments in Some Trus
- Page 81 and 82: 44. Data Engineering Directions, IE
- Page 83 and 84: 6. Towards a Global Multilevel Data
- Page 85 and 86: 19. Object Technology for C4I Appli
- Page 87 and 88: 59. Assured Cloud Computing, AFOSR
- Page 89 and 90: 2. A Seminar on Secure Database Sys
- Page 91 and 92: VIII. The University of Texas at Da
- Page 93 and 94: 5. Secure Distributed Query Process
- Page 95 and 96: Simulated algorithms for informatio
- Page 97 and 98: 1. Geospatial Proximity Algorithm,
- Page 99 and 100: Section 16: INTELLECTUAL PROPERTY A
- Page 101 and 102: Section 17: DISCUSSION OF PUBLISHED
- Page 103 and 104: conceptual structures (e.g., semant
- Page 105 and 106: 1990s, we designed and implemented
- Page 107 and 108: inference problem. Back in the earl
- Page 109: 9. A Semantic Web Based Framework f
- Page 113 and 114: Section 18: DISCUSSION OF COMPLETE
- Page 115 and 116: Publications: Several journal publi
- Page 117 and 118: Research and Technology Transfer in
- Page 119 and 120: 13. IEEE WORDS Workshop, Santa Barb
- Page 121 and 122: 82. AAAI, Vancouver, BC, Canada, Ju
- Page 123 and 124: http://findarticles.com/p/articles/
- Page 125 and 126: NSF Grants to Help Create Next-Gene
- Page 127: SECTION 21. CYBER SECURITY RESEARCH