Research involves developing ways of detecting new kinds of cyberattacks using honeypots (decoy digital systems), especially those simulating cyber-physical systems. We are collecting network-traffic data using various kinds of deception and are trying to find patterns in it using machine-learning techniques. We are particularly interesed in methods to subvert machine learning with manipulated data ("adversarial machine learning"). Related work focuses on disk-drive forensics.
N. C. Rowe, Identifying forensically uninteresting files in a large corpus. EAI Endorsed Transactions on Security and Safety, Vol. 16, No. 7, article e2, 2016.
N. C. Rowe, Honeypot deception tactics. Chapter 3 in E. Al-Shaer, J. Wei, K. Hamlen, and C. Wang (Eds.), Autonomous Cyber Deception: Reasoning, Adaptive Planning, and Evaluation of HoneyThings, Springer, Chaum, Switzerland, 2018, pp. 35-45.
J. S. Dean and N. C. Rowe, Utility of user roles in comparing network flow behaviors. Proc. Intl. Conf. on Computational Science and Computational Intelligence, December 2018, Las Vegas, NV, USA.