SOUTHWEST RESEARCH INSTITUTE

Embedded Systems Security

Embedded Technologies and Services

Host-Based Security

Network Security

Application Security

Security Testing

Marketing Information

Contact Us

SwRI Information

Home

New network threats and attacks require revolutionary protection concepts. Southwest Research Institute (SwRI) is working to improve the security of networks and systems comprising the global information infrastructure. Through active research in multiple security disciplines, SwRI is advancing the state of the art in:

• Security modeling and simulation

• Internet Protocol (IP) traceback

• Botnet detection

• Insider threat detection

• Intrusion detection

• Wireless security

Security Modeling and Simulation

Engineers at SwRI are experienced in modeling the security characteristics of complex networks to simulate response to attacks and enable better protection strategies. SwRI is also conducting research into an architecture of trusted, synchronized programs that perform:

• Network health and status checks

• Security monitoring and management

• Integrated information protection

• Information assurance reporting functions

This new approach promises to improve the flexibility and response speed of network security decision-making.

Internet Protocol (IP) Traceback

SwRI engineers developed a novel, cost-effective approach for IP traceback that locates the source of Internet attacks at data rates greater than 1Gbps. IP traceback leverages the autonomous system (AS) architecture of the Internet to combat denial-of-service attacks and improve attribution of malicious activity.

Botnet Detection

To fight the increasing use of networks of compromised computers for large-scale denial of service attacks, SwRI has also pioneered new techniques for detecting the command and control communications for botnets and is developing designs for automated botnet sensors for network protection.

Insider Threat Detection

Insider threats and attacks exhibit different characteristics than external threats and can go unnoticed by standard intrusion detection systems. SwRI is cooperating with government, industry, and university researchers to investigate detection and reporting methods for insider threats by:

• Building threat models of malicious insider behavior

• Integrating data from multiple network and application-level sensors

• Determining the most appropriate sensors

• Constructing appropriate sensors without compromising user privacy or system performance

Wireless Security

SwRI combines deep expertise in wireless communications technologies with practical security knowledge to analyze the risks and vulnerabilities of wireless networking protocols and systems. We have evaluated the security characteristics of the 802.11 protocol and RFLAN, Zigbee, and optical communication systems.  Other services offered include:

• Penetration testing of a variety of wireless systems

• Security architecture analysis and definition

• Trade study analysis

• Security reverse engineering and penetration analysis

• Security prototyping and testing

• Wireless security testing

• System security modeling and simulation

For more information about our network security capabilities, or how you can contract with SwRI, please contact Corey King at cking@swri.org or (210) 522-3011.

systemsecurity.swri.org

| Communications and Embedded Systems Department | Automation and Data Systems Division | SwRI Home |

Southwest Research Institute^® (SwRI^®), headquartered in San Antonio, Texas, is a multidisciplinary, independent, nonprofit, applied engineering and physical sciences research and development organization with 12 technical divisions.

March 23, 2010