Cybersecurity researchers help protect the internet

The internet is the backbone of our lives, supporting everything from doing business to communicating with loved ones to managing home appliances. Automobiles, medical equipment, agricultural machinery and security systems all depend on it. Even currency, once known as “cold, hard money,” is now traded in purely virtual form by more than 100 million people worldwide.

It’s easy to assume that this connectivity is secure and reliable, but the online world is subject to countless threats. The growing field of cybersecurity aims to protect the system—and us—from cybercriminals: modern-day miscreants, ranging from state entities to small groups of saboteurs to lone wolves who can wreak havoc from their living rooms.

Cybersecurity is a growing focus in the University of Oregon Department of Computer and Information science. Departmental faculties at the UO Center for Cyber ​​Security and Privacy collaborate with colleagues from philosophy, law, business, and other fields to research—and help counter—threats to Internet traffic, cryptocurrency, social media networks, infrastructure security, and more.


Lei JiaoLei Jiao, an assistant professor in the computer science department, focuses on denying the deniers — those who attempt to disable others’ computers by performing Distributed Denial of Service (DDoS) attacks that attack a computer, a group of computers or an entire multinational. Jiao was recently awarded a fellowship as part of a university research initiative by Ripple Labs, a US-based developer of cryptocurrency platforms.

In a DDoS attack, hackers launch a large amount of data traffic to a victim, exceeding the recipient’s computer bandwidth. The reception or transmission of legitimate information becomes impossible for the victim.

Internet service providers like AT&T and Comcast are trying to thwart these raids by operating “scrubbing centers” — data centers with many computers programmed to detect and defeat the invaders. Malicious traffic is filtered out in the scrubbing centers and the rest is forwarded to customers. These centers are located across the country and it is up to each service provider to determine which one is used, which traffic flow is diverted and how many computers in the center are allocated for each suspected incident.

Jiao develops “smart algorithms” – instructions that computers can follow – that will make these decisions. “My algorithms will automatically and efficiently tell ISPs the best decisions to handle each attack,” he says, “so they don’t have to manually handle each attack.”


Ripple professor Yingjiu “Joe” Li and PhD student Sanidhay Arora target flash loan attacks taking place on cryptocurrency exchanges.

Cryptocurrency – currency that only exists in digital form – is traded on decentralized platforms that do not rely on the supervision of institutions such as banks or governments. “Cryptocurrency is very convenient and cost-effective for users,” says Li. “Because participants have full control over their files, they feel safe. In addition, anyone can interact with these financial services without being censored or blocked by a third party.”

The cryptocurrency market had a record year in 2021, briefly crossing $3 trillion in November. A recent survey from the Pew Research Center found that 16 percent of Americans say they have invested in, traded, or used cryptocurrencies. “This is a very fast-growing platform,” says Li.

While cryptocurrency reduces the hacking risk of centralized exchanges like the New York Stock Exchange, the decentralized system offers plenty of opportunities for cybercriminals.

Individual “coin” ownership is stored in a digital database called blockchain, which consists of pieces of information shared equally by the entire network of users. “The practical operations of the blockchain exchanges are way ahead of security measures,” says Li. “It is imperative to improve their security to protect users from economic losses.” According to the Chainalysis 2022 Crypto Crime Report, criminals raised approximately $14 billion in 2021 from digital currency exchanges, investors and users.

A flash loan attack occurs when someone borrows cryptocurrency assets potentially worth millions or billions of dollars, uses them to buy currency, illegally manipulates the price through a vulnerability in the computer encryption, and then repays the loan, making a huge profit in as little as 30 seconds. In February, for example, hackers stole more than $320 million worth of cryptocurrency from Wormhole, a decentralized funding platform, by exploiting a vulnerability.

Li and Arora investigate how to improve the security of the protocols that govern the exchange. Some existing defenses guard the exchange system and identify flash loan attacks afterwards, but losses may not be recoverable. Li says, “A better strategy is to improve protocol designs in these decentralized exchanges to prevent flash loan attacks — or to detect and block them before they cause economic loss. This is the subject we are working on.”


With more than $3 million in grants from the National Science Foundation and others, Ram Durairajan is making networks smarter and more robust.

Durairajan, an assistant professor in the department, is working with PhD student Matthew Hall to stop denial of service threats by reconfiguring the paths of wavelengths that transmit data.

He uses the idea of ​​a museum thief as a metaphor for an attacker. “Imagine someone trying to steal a painting hanging in a museum,” says Durairajan. “The museum is the network. The painting is the serve that the attacker is trying to steal. We may occasionally change the floor plan of the museum—that is, the configuration of the wavelengths that carry data—so the thief doesn’t know where to go.’

Ram DurairajanDurairajan also studies how to ensure our ability to stay connected despite earthquakes, tsunamis and rising seas. The west coast, and especially the coast of Oregon, is the landing place for many underwater fiber cables that connect our continent with Asia. It’s also the location of the Cascadia subduction zone, a fault line separating two major tectonic plates that is overdue for a devastating earthquake.

Durairajan, with the help of undergraduate Juno Mayer, has developed an assessment tool called ShakeNet to analyze the risk posed by earthquake-induced shaking to wired and wireless infrastructure in the Northwest. He collaborated with colleagues from the Earth Sciences Department who helped develop ShakeAlert, an earthquake early warning system. Durairajan combined a map of earthquake areas with one of fiber infrastructure and found that about 65 percent of fiber infrastructure and cell towers on the west coast will be damaged in a major earthquake.

Using ShakeNet’s route planner feature, data can be sent over longer but less sensitive routes during an earthquake. For example, data transfer between Seattle and Portland can be routed through Kennewick and Boise, avoiding the I-5 corridor, which can be affected by strong vibrations. “There is a tension between what Internet service providers do and what Mother Nature does,” Durairajan says. “Our goal is to relieve that tension so you don’t get the shortest path, but you get a robust one.”

Durairajan has also studied the dangers of climate change. He recently found that thousands of miles of fiber optic cable in the US — mainly in areas around New York, Miami and Seattle — will be hit hard by rising sea levels.

He acknowledges that his focus on unpleasant scenarios may lead some to tease him with a bad prospect.

“I’m really not a nice person,” says Durairajan. “But I’m happy to be the negative guy as long as people are safe and the internet works better.”

—By Rosemary Howe Camozzi, BA ’96 (magazine), a freelance writer and editor in Eugene

—Photos by Dustin Whitaker, University Communications


The Department of Computer and Information Science prepares a multidisciplinary cybersecurity degree for undergraduate majors.

Students will develop expertise in cybersecurity threats and solutions in areas such as computer and information security, network security, applied cryptography, and secure software development.

The degree will emphasize experiential learning. Students will spend at least two terms in the UO Cybersecurity Operation Center dealing with real-world problem solving and will also participate in research projects and internships.

The degree also offers courses in cyber law developed and taught by Bryce Newell, an assistant professor of media law and policy in the School of Journalism and Communication; and courses in ethics of privacy and data ownership, developed and taught by Ramón Alvarado and Colin Koopman, professors in the Department of Philosophy.

“This program leverages our core competency in networks, systems and data science and will address the acute shortage of skilled cybersecurity professionals in Oregon and in the US,” said Reza Rejaie, division chief.

Leave a Comment

Your email address will not be published.