The objective of this research is to design a series of security enhancements at the network layer to defend Internet services against malicious attacks. The approach integrates protocol design at the network layer with hardware design at the physical layer. The proposed approach has the potential to deliver effective, low-cost, and easy-to-upgrade solutions to secure the next-generation Internet.
With respect to intellectual merit, the research addresses the opportunity to improve security at the network layer, while most recent advances in security have focused on the transport and application layers. The research also considers the integration of protocol design at the network layer with hardware implementation at the physical layer. The proposed enhancements are co-developed and co-deployed at the network and physical layers, with the goal of high efficiency. The research focuses on the judicious integration of software and hardware techniques to resolve the challenges of providing effective network security with efficient hardware support.
With respect to the potential for broader impact, this research can serve as a catalyst for the large-scale deployment of effective and robust security services on the Internet, offering a high level of reliability for future security services. The approach to developing security techniques simultaneously across different layers has the potential to provoke more basic research in this area. The project also focuses on integrating education and research activities through enhancing undergraduate and graduate courses on network security and very large-scale integrated (VLSI) circuit design.