Our research is focused on cyber security, in particular network and information security, human-behaviors in computer security, user-centric and user-friendly systems, insider threats, secure information sharing, data privacy, and applied cryptography.

Research Directions

• Network Anomaly Detection and Forensics
• Privacy-Enhancing Collaborative Security
• Device/Hardware Based Security
• Cognition in Cyber Security

• (Mar. 2012) Congrats to Karim Elish on winning the first place in the annual VT Graduate Research Competition for his data protection work!

• (Feb. 2012) Danfeng received the VT College of Engineering Outstanding Assistant Professor Award.

• (Nov. 2011) Our two papers on authenticated application (A2) and cloud-based content delivery got in the ACM CODASPY Conference! Congrats to Huijun and Hussain!

• (Sep. 2011) Our journal paper on TPM-enabled kernel data integrity was accepted by IEEE TDSC!

• (Aug. 2011) Yao group received generous supports from Northrop Grumman for cyber security research!

• (Jul. 2011) Danfeng to serve as on the editorial board of International Journal of Security and Networks (IJSN).

• (Jul. 2011) Our behavior-based drive-by-download detection work got in the Conference on Network and System Security (NSS) -- acceptance rate 22%!

• (Jul. 2011) Two papers on cloud computing security got in SecureComm '11!

• (Jul. 2011) Danfeng to give talk at Huawei Research in NoCal.

• (June, 2011) Our cyber game project received funding from VT ICTAS!

• (June, 2011) Congrats to Yipan on his successful Master thesis defense and job offer from Intel! Congrats to Hao on his internship offer from Amazon!

• (April, 2011) Provisional patent filed on our data-loss detection solutions.

• (March, 2011) Two papers (DNS-bot analysis and protocol-state inference) got in ACNS '11 (18% acceptance rate)! Also congrats to our collaborators in China Academy of Sciences.

• (February, 2011) Our personalized anomaly detection work received support from Army Research Office (ARO)!

• (January, 2011) Huijun starts her exciting co-op at Huawei in NoCal!

• (December, 2010) Our paper on identity management for mashups to appear in the Identity in Information Society Journal!

• (October, 2010) Our paper on detecting identity spoofing through keystroke analysis received the Best Paper Award at CollaborateCom '10!

• (October, 2010) Peter Lee (CMU/MSR) to visit VT Computer Science and Yao group.

• (August, 2010) VT's College of Engineering undergrad program is ranked 13th, tied with Northwestern, Johns Hopkins and U Wisc - Madison, according to US News.

• (August, 2010) Our inter-disciplinary collaboration work with Rutgers Professor James Garnett on enabling flexible information sharing across organizational domains will appear in Journal of Contingencies and Crisis Management!

• (July, 2010) Our journal paper on the security of user-centric wireless systems to appear in a special issue of Future Internet edited by Ralf Steinmetz and Andre Koenig.

• (June, 2010) Our poster on detecting drive-by-download attacks on hosts appears in the 13th International Symposium On Recent Advances in Intrusion Detection (RAID) 2010. Congratulations to Kui!

  Full version of our infection-onset detection paper is available HERE.

  Our old (June 2009) slides describing our drive-by-download detection can be found HERE.

• (April, 2010) Our paper titled "Knowing Where Your Input is From: Kernel-Level Provenance Verification" is accepted by Applied Cryptography and Network Security (ACNS) 2010.

• (April, 2010) Danfeng to give talks at VT ECE Department, Georgia Tech, and UNC Chapel Hill.

• (February, 2010) Two journal papers to appear: one on role-based cascaded delegation in IEEE SMC and one on identity management in Identity in the Information Society.

• (January, 2010) Dr. Yao received the NSF CAREER Award supporting her work on human-behavior driven malware detection.

• (November, 09) Our work on activity-based continuous authentication is on NSF News.

• (November, 09) Our paper on anonymizing Netflix Prize data is accepted by ASIACCS '10. Congratulations to Chih-Cheng and Brian, and my collaborator Prof. Wendy Wang!

• (October, 09) Our paper on detecting outbound malware traffic is accepted by ICICS '09. Congratulations to Huijun and other co-authors!