Network Security
Embedded Systems Security

Contact Information

Robert W. Heller, Ph.D.
Program Director
Embedded Systems Security
(210) 522-3824

New network threats and attacks require revolutionary protection concepts. Southwest Research Institute (SwRI) is working to improve the security of networks and systems comprising the global information infrastructure. Through active research in multiple security disciplines, SwRI is advancing the state of the art in:

Security Modeling and Simulation

Engineers at SwRI are experienced in modeling the security characteristics of complex networks to simulate response to attacks and enable better protection strategies. SwRI is also conducting research into an architecture of trusted, synchronized programs that perform:

  • Network health and status checks
  • Security monitoring and management
  • Integrated information protection
  • Information assurance reporting functions

This new approach promises to improve the flexibility and response speed of network security decision-making.

Internet Protocol (IP) Traceback

SwRI engineers developed a novel, cost-effective approach for IP traceback that locates the source of Internet attacks at data rates greater than 1Gbps. IP traceback leverages the autonomous system (AS) architecture of the Internet to combat denial-of-service attacks and improve attribution of malicious activity.

Botnet Detection

To fight the increasing use of networks of compromised computers for large-scale denial of service attacks, SwRI has also pioneered new techniques for detecting the command and control communications for botnets and is developing designs for automated botnet sensors for network protection.

Insider Threat Detection

Insider threats and attacks exhibit different characteristics than external threats and can go unnoticed by standard intrusion detection systems. SwRI is cooperating with government, industry, and university researchers to investigate detection and reporting methods for insider threats by:

  • Building threat models of malicious insider behavior
  • Integrating data from multiple network and application-level sensors
  • Determining the most appropriate sensors
  • Constructing appropriate sensors without compromising user privacy or system performance

Wireless Security

SwRI combines deep expertise in wireless communications technologies with practical security knowledge to analyze the risks and vulnerabilities of wireless networking protocols and systems. We have evaluated the security characteristics of the 802.11 protocol and RFLAN, Zigbee, and optical communication systems. Other services offered include:

  • Penetration testing of a variety of wireless systems
  • Security architecture analysis and definition
  • Trade study analysis
  • Security reverse engineering and penetration analysis
  • Security prototyping and testing
  • Wireless security testing
  • System security modeling and simulation

Related Terminology

cyber security  •  network-based intrusion detection  •  host-based intrusion detection  •  policy-based security  •  internet security  •  insider threat  •  wireless security  •  botnet detection  •  penetration testing  •  reverse engineering  •  traceback  •  attack attribution  •  information assurance

Benefiting government, industry and the public through innovative science and technology
Southwest Research Institute® (SwRI®), headquartered in San Antonio, Texas, is a multidisciplinary, independent, nonprofit, applied engineering and physical sciences research and development organization with 9 technical divisions.