Collaborative Institutes: Institute of Information Science,National Taiwan University,National Chiao Tung University,National Tsing Hua University、National Cheng Kung University
Principal Investigators:
| Huang, Yen-nun (Executive Director) | Lei, Chin-Laung | Wang, Bow-Yaw |
| Chen, Sheng-Wei | Liau, Churn-Jung | Wang, Da-Wei |
| Cheng, Chen-Mou | Lu, Chi-Jen | Wu, Tzong-Chen |
| Chuang, Tyng-Ruey | Hsu, Tsan-Sheng | Yang, Bo-Yin |
| Lee, Hahn-Ming | Hwang, Wen-Liang |
Introduction and Objectives
- The Taiwan Information Security Center
(TWISC) was initiated as a research program in
April 2005 and funded by the National Science
Council for the past few years. TWISC pulls
together experts in information security from
various universities and research institutes
in Taiwan with an aim to boost research
and development activities in information
security, promote public awareness, and foster
partnership among government, academia, and
private sectors. TWISC has since established
three affiliated regional centers respectively
in northern, central, and southern Taiwan at
the National Taiwan University of Science and
Technology (TWISC@NTUST), National Chiao-
Tung University (TWISC@NCTU), and National
Cheng-Kung University (TWISC@NCKU). The
headquar ters ( TWISC@AS) is established
within and funded by the Research Center of
Information Technology Innovation, Academia
Sinica, and the three affiliated centers are
supported by the Networked Communication
Program, one of the National Science and
Technology Programs sponsored by the National
Science Council. The research activities in TWISC
involve cryptology, network security, software
security, multimedia security, information
security management, among others. The goals
of TWISC are as follows:
- Advance the research and development of technologies in information security and related areas.
- Collaborate with private sectors to strengthen local information securtiy industry' s competitiveness in security management and applications software development.
- Seek international collaborations to build a ubiquitous secure community.
- Cultivate and nurture talents in and promote public awareness of information security.
We have identified the following four areas as our main research activities:
- Data Security, including Cryptology, Post- Quantum Cryptosystems , Algebraic Cryptanalysis, Cloud Computing Security, Information Privacy Protection, and Database Security and Access Control.
- Software and Hardware Security, including Software Vulnerability Analysis, Compositional Reasoning, Model Checking, Security System Evaluation, Smart Card/RFID/ FPGA Security Testing, and Embedded System Security.
- Network Security, including Security Protocol Analysis, Biometric Identification, Intrusion Detection and Prevention, Social Networking, Wireless Network Penetration Test and Mobile Devices Penetration Test.
- Security Management, including Security Auditing, Information Security Management System, and Risk Management.
- Along with the Institute for Information Industry (III), the Industrial Technology Research Institute (ITRI), TWISC successfully completed a large-scale 3-year (2006/6— 2009/7) international collaboration project,iCAST, collaborating with the University of California at Berkeley and the Carnegie Mellon University. A detailed description of its achievements can be found at http://www.icast.org.tw/info/achievements-and-contributions/
- Development of basic security testing tools for code review and establishment of a web application vulnerability scan platform for vulnerabilities detection, including SQL injection, cross-site scripting, etc.
- Development of Smart Card/RFID/FPGA hardware testing techniques, including timing analysis, power analysis, and electromagnetic analysis.
- Establishment of Emulab-based testbed, Testbed@TWISC, that provides a largescale, user-configurable and controlled environment for network security testing.
- Establishment of an experimental observation network, SWOON@TWISC, for wireless network security and a wireless penetration platform, WiSec@TWISC, that provides penetration testing of heterogeneous multiple networks, malware discovery and penetration testing in mobile devices.
For more details please refer to the TWISC
website
Expected Outcome- Integrate the resources and expertise among academia, government, and private sectors to make comprehensive plans on how to foster security-related research efforts, and to elevate public awareness of information security threats.
- Strive for excellence in the realm of information security, especially R&D, in order to keep abreast with the top-notch research institutions worldwide.
- Incubate academic entrepreneurs and promote collaborative programs between private sector and academia in research and development of security-related applications.
- Serve as a bridge for partnership among government, industry and academia, a conduit for ideas, and a catalyst of technology transfer in the information security sector.
- Build a platform for both national and international collaborations, including exchange of scholars, researchers and students, and hosting of workshops and conferences.
- Post-quantum cryptosystems security analysis
- Evaluate the security of post-quantum cryptosystems
- Investigate possible cracking methods of the following cryptosystems: codingbased encryption, e.g., McEliece attack and Niederreiter attack, multivariate PKC, e.g., XL-based attack, F4-based attack and enumeration, and lattice-based PKC, e.g., enumeration, LLL method and BKZ method.
- Secure peer-to-peer data delivery on portable
devices
Using cloud-based data repository that ensures data's authenticity, confidentiality and integrity on portable devices, we propose to design a data delivery scheme that offers fine-grained access control and public key encryption and decryption, replacing traditional certificate authority in PKI, which is most suited in limited-resource operating environments. - Identity and privacy management in highperformance
cloud computing environment
- Cloud computing security
- Preserve user's privacy and maintain highperformance identity manageability in a mass user-base cloud environment (such as on-line gaming), addressing issues such as bandwidth for identity certification, CPU usage for identity management and public key management
- Detection and prevention of malicious
content in web pages
By monitoring the program behavior in virtual machines, and with the help of blacklists of malicious URL and software, we determine efficiently and accurately whether a suspicious URL contains any malicious content, and warn the users before its malicious content induces any damage. The research work can protect the safety of computer systems and the privacy of confidential information for individuals, organizations, and governments, and therefore minimize the economic loss due to information leakage. - Real-time botnet detection and prevention
We propose to develop a system for real-time botnet detection and prevention. The proposed system consists of three subsystems: Bot Host Detection System, Bot Inference System, and Bot Analyzer. The Bot Host Detection System is a real-time botnet detection system which detects any hosts being controlled by bot herders and reports the information of infected machines to the control center. The Bot Inference System is designed to automatically collect botnet traffic, which is grouped by the protocol used, and extracts the network relationship between nodes in the Internet. The extracted node relationship data are stored in the data center so that researchers can analyze botnet traffic in a post hoc manner. The Bot Analyzer automatically extracts common patterns embedded in malicious activities by machine learning techniques. The inferred results can be very useful references for security practitioners to detect and analyze the malicious attack behavior of botnet attacking campaigns. - Mobile platform penetration testing
- Mutant/deformable malware detection on the Android platform, based on taint analysis and behavior analysis
- Android byte-code security testing
- Establishment of a vulnerability penetration testing platform and an intelligent attack analysis and detection mechanism with a malicious behavior knowledge base for web application security
Last Modification: May 2010