My research focuses on measurable security in core Internet protocols, Internet-scale cybersecurity systems, and application-level/endpoint protections that can be derived from these. I am the director of the Measurable Security Lab (MSL), and this is the link to the lab's webpage.
Research in the MSL focuses on evaluating and evolving protections by using measurements and data analysis: measurement-based (or measurable) security. This work involves systems implementation (both of measurement aparatuses and endpoint security software), large-scale data analyses, innovations to network protocols, and ultimately developing Internet-scale cybersecurity that works! The MSL maintains the world’s only complete longitudinal measurements of the Internet’s first deployment of a secure core protocol: the Domain Name System’s (DNS’) Security Extensions (DNSSEC). This is a 36.6 billion row database that spans 16+ years, and is actively growing and evolving. We conduct research to learn lessons from what has worked in order to propose cybersecurity for tomorrow.
I have been conducting basic research while also being involved in industry/policy settings for almost 20 years. I believe basic research that comes from large-scale measurements and data analyses synergizes well with operationalizing new solutions and conducting structured research investigations into real-world cybersecurity and Internet security problems. Areas and protocols that I work most directly with include the Domain Name System (DNS) with DNSSEC, inter-domain routing in the Border Gateway Protocol (BGP), Distributed Denial of Service (DDoS) attacks, and Cybersecurity Threat Information (CTI) sharing (STIX/TAXII, Communities of Trust, etc.). My research is exploring settings like the 5G/NextG Internet of Things (IoT) deployments, mobile Healthcare (mHealth), and CyberPhysical Systems (CPS). Eric Osterweil
George Mason University
- Assistant Professor
My research focuses on measurable security in core Internet protocols, Internet-scale cybersecurity systems, and application-level/endpoint protections that can be derived from these. I am the director of the Measurable Security Lab (MSL), and this is the link to the lab's webpage.
Research in the MSL focuses on evaluating and evolving protections by using measurements and data analysis: measurement-based (or measurable) security. This work involves systems implementation (both of measurement aparatuses and endpoint security software), large-scale data analyses, innovations to network protocols, and ultimately developing Internet-scale cybersecurity that works! The MSL maintains the world’s only complete longitudinal measurements of the Internet’s first deployment of a secure core protocol: the Domain Name System’s (DNS’) Security Extensions (DNSSEC). This is a 36.6 billion row database that spans 16+ years, and is actively growing and evolving. We conduct research to learn lessons from what has worked in order to propose cybersecurity for tomorrow.
I have been conducting basic research while also being involved in industry/policy settings for almost 20 years. I believe basic research that comes from large-scale measurements and data analyses synergizes well with operationalizing new solutions and conducting structured research investigations into real-world cybersecurity and Internet security problems. Areas and protocols that I work most directly with include the Domain Name System (DNS) with DNSSEC, inter-domain routing in the Border Gateway Protocol (BGP), Distributed Denial of Service (DDoS) attacks, and Cybersecurity Threat Information (CTI) sharing (STIX/TAXII, Communities of Trust, etc.). My research is exploring settings like the 5G/NextG Internet of Things (IoT) deployments, mobile Healthcare (mHealth), and CyberPhysical Systems (CPS).