Student Research

At the INI, student research comes in many forms. You can work on research projects at one of several research centers at the university. However, research is not confined to the university setting. You can also solve real-world problems for companies through internships or practicums.

For students with a strong interest in research, completing a research project is the capstone experience, allowing students to contribute original work in an interesting and relevant area.

Areas of Student Research at the INI

Behavioral Analysis
Big Data Analytics
Browser Security
Client/Server Computing
Cloud Computing
Computer Network Architecture
Computer Network Protocols and Management
Computer Simulation
Data Processing, Storage and Retrieval
E-Commerce
Fault-Tolerant Computing
Information Security

Internet of Things
Internet Marketing
Machine Learning
Mobile Health
Network Security
Operating Systems
Organizational Communication
Sensor Networks
Smart Building and Agents
Smart Cars
Storage and File Systems
Wireless Systems

Daniel

Daniel

Hometown: Nashville, North Carolina
Program: Information Security
Class: 2012 (MS22)
Research: Cyber forensics; weaknesses in the Android operating system

"The level of research done at Carnegie Mellon is a rare thing. You can't find that at many other places."

 


CyLab ResearchExamples of Student Research Projects

Take a look at some of these examples of how INI students pursue exiciting ideas and work with cutting-edge technology.

Advancing Cyber Forensics
Daniel Votipka (MS22) researched Android forensics and was able to develop a single method for collecting data from a wide variety of Android devices. It was a hurdle attempting to devise a general collection process to suit various devices, but Daniel rose to the challenge. His work resulted in a master's thesis and two papers, while also making a real-world impact on criminal investigations.

Integrating Virtual Training Labs
Ashley Keith (MS21) used her internship with the CERT Program to expand her knowledge in computer forensics. Working with faculty member Chris May, and CERT's Workforce Development team, Keith updated labs from the Virtual Training Environment, integrated new labs, including adjusting some of the virtual machines and their networks, and helped develop and record videos to demonstrate the software tools used in various labs and exercises. "This internship has provided valuable academic and professional experience," Keith said. "I have learned about security vulnerabilities and remediation techniques, as well as the importance of communication, versioning control and organization in the workplace."

Researching and Implementing Information Warfare Exercise
Arik Misler (MS21) was a College Student Technical Senior Specialist for Lockheed Martin over the summer. With fellow INI intern Bryan Thiry (MS21), Misler researched and developed an information warfare exercise in a simulated environment. This process included defining all hardware and software requirements, planning administrative details, recording practices, identifying potential benefits and developing software. Lockheed Martin can now use Misler's completed exercise as a realistic training tool, as a testing ground for new products and services, and as a lab for hosting various scenarios. "The opportunity to work in the realm of advanced concepts research and development was too good to pass up," Misler said.

Investigating the Misuse of Information
Mila Gorodetsky (MS22) conducted research for the Internet Corporation for Assigned Names and Numbers (ICANN) to help track down spammers. She looked at how various domain registrars handle the privacy of databases that store domain names and IP addresses. Even though this public WHOIS data is meant to be viewable, it has been abused by spammers. "It is very exciting for me, a non-security major, to learn about cybersecurity and privacy issues," Gorodetsky stated. "And to be involved in research that is related to millions of people around the world."
Group Project 

Simplifying Domain Name Querying
Yu-Lo Su (MS21) developed a module that takes the raw data from a domain name query and presents the information in a standard format. To do so, Su built upon an existing module from the Comprehensive Perl Archive Network (CPAN). With help from his sponsor at ICANN and his supervisor, Professor Nicolas Christin, Su used the programming language Perl to extend the current module’s capabilities. The consistent output format he developed will immensely help security researchers who commonly conduct batch processing, querying large numbers of domain names simultaneously, and organizations such as ICANN.

Improving Cyber Risk Modeling
Supervised by Professor Nicolas Christin, Shinichi Mori (MS21) spent his summer designing a better way to assess cyber risks, which companies can use to more accurately estimate the probability and cost of cyber attacks. Building on current methods, which primarily measure historical data, Mori's proposed model predicts risk based on a history of software vulnerabilities. This approach acknowledges changes in technology and the sophistication of modern cyber attacks, which have increasingly become harder to detect.

Analyzing Smartphone Security
Alex Qin (MS21) and Cheng Ye Zhang (MS21) analyzed the security of Android, Google's open-source operating system that powers a number of smartphones and other mobile devices. Under the supervision of Professor Nicolas Christin, the team used its collective knowledge of Linux, on which Android is based, and access control systems to break the Android infrastructure and gain access to the phones they are testing. By analyzing different ways to break-in, Qin and Zhang identified potential security breaches, which Google can then correct to prevent malicious worms or zombie networks from entering Android.

SensorFlyUnderstanding Success, Failure of IT Projects
Neethi Shenoy (MS20) carefully scrutinized IT projects of past and present to understand why they succeed, or fail. She joined the efforts of Silicon Valley Professors Martin Griss and Martin Radley to analyze the methodology of TopCoder, a progressive software development organization. Neethi explored how TopCoder consistently achieved project goals that met the quality standards within set budgets and deadlines. Then, she used metrics to validate the organization's process.

Studying Fast, Efficient Data Transfer
Hiral Shah (MS19) used the facilities at Carnegie Mellon's Parallel Data Lab to study the problem of Incast, which is an obstacle to speedy data transfer over standard TCP/IP over Ethernet protocol. While previous research has come up with ways to delay the occurrence of Incast, a solution does not exist. She researched a workable solution by changing the amount of time a server waits before trying to retransmit data after a failed first try.

Developing Custom Software
As a research assistant, Amal Krishnan (MS22) designed software to be used in research studies at Carnegie Mellon. The program improved a research team's ability to track the behavior of computer users in a study, by enabling the team to monitor the users' activities continuously and invisibly. He developed a full prototype of the software.