Cybersecurity researchers help protect the internet

The internet is the backbone of our lives, supporting everything from conducting business to communicating with loved ones to managing home appliances. Cars, medical devices, agricultural equipment and security systems all depend on it. Even currency, once known as “cash and hard cash”, is now traded in purely virtual form by more than 100 million people around the world.

It’s easy to assume that this connectivity is secure and reliable, but the online world is subject to many threats. The burgeoning field of cybersecurity aims to protect the system – and us – from cybercriminals: modern miscreants ranging from state entities to small groups of saboteurs to lone wolves who can wreak havoc from their living rooms.

Cybersecurity is an increasingly important topic in the Department of Computing and Information Science at the University of Oregon. Faculty in the department’s Center for Cybersecurity and Privacy collaborate with colleagues in philosophy, law, business, and other fields to research and help thwart threats to Internet traffic, cryptocurrency, networks social media, infrastructure security, etc.


Lei Jiao, an assistant professor in the computer science department, focuses on how to deny deniers – those who attempt to disable others’ computers by launching distributed denial of service (DDoS) attacks that can cripple a computer, group computers or an entire multinational. Jiao recently received a scholarship as part of an academic research initiative from Ripple Labs, an American developer of cryptocurrency platforms.

In a DDoS attack, hackers launch a large amount of data traffic towards a victim, overwhelming the bandwidth of the recipient’s computer. Receiving or transmitting legitimate information becomes impossible for the victim.

Internet service providers like AT&T and Comcast attempt to thwart these incursions by operating “sweep centers,” data centers with many computers programmed to detect and defeat intruders. Malicious traffic is filtered in cleanup centers and the rest is routed to customers. These centers are located across the country, and it is up to each service provider to determine which one to use, which traffic flow to divert, and how many center computers to allocate to each suspicious incident.

Jiao is developing “intelligent algorithms” – instructions that computers can follow – that will make these decisions. “My algorithms will automatically and efficiently tell ISPs what the best decisions are to make to handle each attack,” he says, “so they don’t need to deal with each one manually.”


Ripple professor Yingjiu “Joe” Li and PhD student Sanidhay Arora focus on flash loan attacks that occur on cryptocurrency exchanges.

Cryptocurrency – money that only exists in digital form – is traded on decentralized platforms that do not depend on the oversight of institutions such as banks or governments. “Cryptocurrency is very convenient and profitable for users,” Li says. “Because participants have full control over their records, they feel safe. Moreover, anyone can interact with these financial services without being censored or blocked by a third party.

The cryptocurrency market had a banner year in 2021, briefly topping $3 trillion in November. Recent research from the Pew Research Center found that 16% of Americans say they have invested in, traded in, or used a cryptocurrency. “It’s a very fast-growing platform,” Li says.

While cryptocurrency reduces the risk of hacks faced by centralized exchanges such as the New York Stock Exchange, the decentralized system provides many opportunities for cybercriminals.

Individual ownership of “coins” is stored in a digital database called blockchain, comprising blocks of information shared equally among the entire network of users. “Practical operations of blockchain exchanges are far ahead of security measures,” Li says. “It is imperative to strengthen their security to protect users from economic loss.” In 2021, criminals earned an estimated $14 billion from digital currency exchanges, investors, and users, according to the Chainalysis 2022 Crypto Crime Report.

A flash loan attack occurs when someone borrows cryptocurrency assets that may be worth millions or billions of dollars, uses them to buy currency, illegally manipulates the price through a vulnerability in computer coding, and then repays the loan, making a huge profit in such a short time. like 30 seconds. In February, for example, hackers stole more than $320 million in cryptocurrency from Wormhole, a decentralized financial platform, by exploiting a vulnerability.

Li and Arora study how to strengthen the security of the protocols that govern the exchanges. Some existing defenses monitor the exchange system and identify flash loan attacks after the fact, but losses may not be recoverable. According to Li: “A better strategy is to improve the design of protocols in these decentralized exchanges to prevent flash lending attacks, or to detect and block them before they cause economic loss. This is the subject on which we are working. »


With the help of more than $3 million in grants from the National Science Foundation and others, Ram Durairajan is making grids smarter and more robust.

Durairajan, an assistant professor in the department, is working with doctoral student Matthew Hall on stopping denial-of-service threats by reconfiguring the wavelength paths that transmit data.

He uses the idea of ​​a museum thief as a metaphor for an attacker. “Imagine someone trying to steal a painting from a museum,” says Durairajan. “The museum is the network. The paint is the serve the attacker is trying to steal. We can change the floor plan of the museum – that is, the configuration of the wavelengths that carry the data – from time to time so that the thief does not know where to go.

Ram DurairajanDurairajan is also studying how we can preserve our ability to stay connected despite earthquakes, tsunamis and rising seas. The west coast, and more specifically the Oregon coast, is the landing point for many fiber submarine cables that connect our continent to Asia. It is also the site of the Cascadia Subduction Zone, a fault line that separates two major tectonic plates and is overdue for a devastating earthquake.

Durairajan, with help from undergraduate student Juno Mayer, developed an assessment tool called ShakeNet to analyze the risk that earthquake-induced shaking poses to wired and wireless infrastructure in the Northwest. . He collaborated with colleagues from the Department of Earth Sciences who helped develop ShakeAlert, an earthquake early warning system. Durairajan combined a map of earthquake impact zones with fiber optic infrastructure and found that approximately 65% ​​of fiber infrastructure and cell towers on the West Coast would be damaged in a severe earthquake. earthen.

Using ShakeNet’s route planning capability, data could be sent over longer but less sensitive routes during an earthquake. For example, data transfers between Seattle and Portland could be routed through Kennewick and Boise, avoiding the I-5 corridor, which can be affected by strong shaking. “There’s this tension between what ISPs are doing and what Mother Nature is doing,” says Durairajan. “Our goal is to relieve that tension, so you won’t get the shortest path, but you will get a robust path.”

Durairajan has also studied the dangers posed by climate change. He recently discovered that thousands of miles of fiber optic cables in the United States, mostly in the New York, Miami and Seattle areas, would be severely affected by rising sea levels.

He acknowledges that his focus on nasty storylines can cause some to tease him about having poor outlook.

“I’m really not a fun person,” Durairajan says. “But I’m happy to be the negative guy as long as people are safe and the internet is working better.”

—By Rosemary Howe Camozzi, BA ’96 (magazine), writer and freelance writer in Eugene

—Photos by Dustin Whitaker, University Communications


The Department of Computing and Information Science is introducing a multidisciplinary degree in cybersecurity for undergraduate majors.

Students will develop expertise in cybersecurity threats and solutions in areas such as computer and information security, network security, applied cryptography, and secure software development.

The degree will emphasize experiential learning. Students will spend at least two terms at the UO Cybersecurity Operation Center to engage in solving real-world problems and will also participate in research projects and internships.

The degree also includes cyber law courses developed and taught by Bryce Newell, assistant professor of media law and policy in the School of Journalism and Communication; and courses on privacy ethics and data ownership developed and taught by Ramón Alvarado and Colin Koopman, professors in the Department of Philosophy.

“This program builds on our core skills in networks, systems and data science, and will solve the acute shortage of skilled cybersecurity workers in Oregon and the United States,” said Reza Rejaie, Head of Department.

Comments are closed.