UC Berkeley has the world's leading research group in Computer Security. Five faculty members primarily focus in computer security (Anthony Joseph, Vern Paxson, Dawn Song, Doug Tygar, and David Wagner) and a large number contribute to security in the course of other research -- we actively collaborate with faculty from the School of Information, Boalt Law School, Goldman School of Public Policy, the Department of Mathematics, and faculty from throughout the College of Engineering. UC Berkeley was chosen for the headquarters for its Science and Technology Center called TRUST, the Team for Research in Ubiquitous Security Technologies. We welcome involvement from others -- academia, industry, and government, and we are always looking for outstanding students to join our program.
For more information, we encourage you to visit our web site describing some of our recent work.
Our work spans the range from theoretical cryptography to applications, including significant research efforts in complexity-theoretic approaches to cryptography, development of new crypographic systems, cryptanalysis, protocol development, applied cryptography, quantum computation, applications including electronic commerce, electronic voting, wireless communications, and protocols for sensor webs.
Among various topics that we consider are privacy in wireless sensor webs (a difficulty balancing problem -- consider the role of privacy in medical monitoring systems, for example), privacy in RFID systems, privacy issues in databases, privacy in web based applications (look below for the discussion of anti-phishing technologies, for example).
Social implications of security
Our work is guided by a strong sense of social needs -- for example, we are actively involved in research in bringing advanced computing and communication technologies to those in the developing world. The role of security takes a crucial role here.
Sensor web security
Berkeley is a pioneer in development of the sensor web model -- based around wireless "motes" with limited computing power and sensing devices. Because of the limited power requirements, making these motes security presents fascinating technical challenges.
Testbeds for security
We are building large-scale testbeds for our ideas including:
* DETER -- a virtual Internet for testing prorogation of worms and attacks
* OceanStore -- a system for storing data in global scale distributed systems
* Wireless City Taipei -- the world largest wireless network experiment -- built in Taipei.
Security, programming languages, and software engineering
We are active in exploring the interaction between programming languages and computer security -- an area often called "software security."
Human interfaces and security
We are major innovators in the field of Human-centric security; the paper that helped launch that field ("Why Johnny can't encrypt") was written here at UC Berkeley. We continue to be active in this area.
Identity and integrity
Preventing "phishing" and attacks is a central focus of our research.
The TRUST project collaborates with faculty at a number of schools, including major partners Stanford, CMU, Cornell, and Vanderbilt. It explores all areas of security, from embedded systems to large scale nationwide system.
We have an active research group (much of it joint with Berkeley's International Computer Science Institute) working on high-performance network security monitoring and intrusion prevention. Much of the research is grounded in operational deployment at a number of sites.
We are known for our work on the security of electronic voting. Berkeley faculty helped found the ACCURATE center, which studies voting technology and its policy implications; other institutions involved in the ACCURATE project include Johns Hopkins, Rice, SRI, Stanford, and U. Iowa. In 2008, Berkeley helped lead a groundbreaking study commissioned by the California Secretary of State to perform a top-to-bottom evaluation of California's voting systems.
Large-scale compromise of Internet hosts
The Cybertrust-sponsored Collaborative Center for Internet Epidemiology and Defenses, joint with UC San Diego, studies the problems of botnets and worms, and more generally, the ability of modern attackers to cheaply gain control of thousands of Internet hosts. This work analyzes outbreaks and attacker technology as seen in the wild; assesses the likely evolution of the threat; considers legal and policy issues that shape the research area; and more broadly investigates the "underground economy" supporting Internet crime that these large-scale compromises fuel.