NSSL Research

As mobile networks transition into their fifth and sixth generations, they are becoming increasingly software-driven, virtualized, and cloud-native. These architectural shifts open the door to unprecedented levels of flexibility, scalability, and programmability—but they also introduce new design complexities and security risks. Future networks must meet demanding performance guarantees across diverse verticals, from industrial automation and immersive media to autonomous systems, all while maintaining resilience and trustworthiness. Our research in this domain focuses on the design, deployment, and security of virtualized and disaggregated 5G/6G systems. We study how network slicing, containerized core functions, and cloud-hosted deployments shape the performance and scalability of next-generation networks. By building realistic testbeds and measurement frameworks, we evaluate how microservice-based architectures behave under real-world workloads, and how architectural decisions impact latency, resource efficiency, and user experience. On the security front, our work addresses the unique threat models introduced by open and programmable interfaces, such as those in OpenRAN and xApp ecosystems. We design scalable mechanisms for authentication, authorization, and trust management within these dynamic environments—ensuring that flexibility does not come at the cost of increased vulnerability. By bridging systems research with applied security, our group contributes to both fundamental insights and deployable solutions that inform how mobile operators, equipment vendors, and cloud providers build the networks of the future. Our work shapes the broader research community's understanding of the trade-offs and challenges in virtualized mobile systems, and supports the development of secure, efficient, and adaptive 5G/6G infrastructures—both in academia and industry.

Accurate localization is foundational to the autonomy, safety, and reliability of modern cyber-physical systems—especially in GPS-denied environments such as indoor spaces, urban canyons, and critical infrastructure zones. From drones and autonomous vehicles to asset tracking and smart manufacturing, the need for robust, high-precision, three-dimensional localization systems is more pressing than ever. Our research group focuses on next-generation localization frameworks that push the boundaries of accuracy, reliability, and adaptability in challenging environments. We design and evaluate novel positioning systems that operate without GPS, leveraging technologies such as ultrasonic acoustic ranging, Wi-Fi and 5G multi-RAT integration, reconfigurable intelligent surfaces (RIS), and optimized beacon placement. A core theme of our work is mitigating the twin challenges of multipath interference and geometric-induced error—two primary sources of inaccuracy in indoor localization. We develop algorithms and systems that not only achieve centimeter-level or sub-meter accuracy but also operate robustly in real-world conditions, including areas with poor signal quality or structural interference. Our work systematically explores how the geometry and placement of anchors and beacons influence localization performance and develops optimization algorithms to reduce error, especially in the Z-axis, which is often the most challenging. Beyond achieving high-accuracy estimates, our research also addresses scalability, real-time operation, and integration with communication infrastructure, making our solutions viable for 5G-enabled drone navigation, autonomous robotics, and intelligent transportation systems. Our contributions have advanced the state of the art in sensor fusion, anchor optimization, and indoor localization architecture, influencing both academic approaches and industrial deployment strategies. Through rigorous experimentation, simulation, and real-world deployment, we contribute to a deeper understanding of the trade-offs and capabilities of GPS-free localization systems, helping pave the way toward truly autonomous systems that can navigate seamlessly across environments.

Securing the networks of tomorrow begins with understanding how they behave today. Our research in Network Security and Measurement bridges two critical and complementary areas: Empirical analysis of real-world mobile and satellite network performance, and Foundational security research, including DDoS mitigation and rethinking network trust models. On the measurement side, we conduct extensive, real-world studies of mobile networks—spanning terrestrial 5G and satellite systems—to reveal how geography, mobility, and infrastructure impact performance. These insights are essential to informing infrastructure planning, policy decisions, and application design for next-generation connectivity, especially in high-mobility and underserved regions. On the security front, we focus on both practical and architectural challenges. Our group has led comprehensive analyses of Distributed Denial-of-Service (DDoS) defense strategies, uncovering common design patterns and systemic limitations across decades of research. We highlight not only the technical challenges but also the economic and deployment factors that influence which solutions succeed in practice—providing a more realistic and actionable understanding of the DDoS defense landscape. Beyond mitigating existing threats, we also rethink how security and trust should be built into future networks. Traditional IP-based security models rely on static, centralized mechanisms that struggle in dynamic environments like virtualized cellular cores. We explore data-centric security paradigms, particularly Named Data Networking (NDN), which embed trust directly into the data itself. This shift supports fine-grained, scalable, and tenant-aware security models, better suited to the elastic and service-oriented nature of modern and future mobile networks. Together, our work provides both a ground-truth understanding of modern network behavior and a vision for how these systems can be secured by design. We contribute not only to the academic understanding of mobile network systems but also to the development of practical solutions that help shape resilient, trustworthy, and high-performing communication infrastructures.

Intrusion Detection Systems (IDS) are a cornerstone of modern cybersecurity, designed to detect, respond to, and prevent unauthorized or malicious activities across digital infrastructures. As the threat landscape evolves—driven by the proliferation of IoT devices, increased use of wireless networks, and the growing complexity of cyber-physical and cloud systems—traditional detection approaches often fall short in addressing new attack vectors, data privacy constraints, and system heterogeneity. Our group's research in IDS focuses on advancing the state of the art through resilient, adaptive, and privacy-aware detection mechanisms. We develop novel techniques that extend beyond static rule-based systems, integrating machine learning, federated learning, and programmable system-level defenses to detect and recover from sophisticated and stealthy intrusions. Our work targets diverse environments—from industrial control systems and IoT ecosystems to wireless networks and cloud platforms—prioritizing real-world applicability and minimal system disruption. A central theme in our research is building intelligence into the infrastructure itself, enabling systems to autonomously detect anomalies, recover from attacks, and adapt to new threats. We also contribute to the research community through the development of open datasets, empirical threat analyses, and detection frameworks that help bridge the gap between academic innovation and operational deployment. By tackling the challenges of scalability, data imbalance, privacy preservation, and system transparency, our IDS research not only enhances the security posture of today's computing environments but also shapes the future of autonomous, trustworthy, and resilient cyber defense—contributing to both academic advancement and industry-grade solutions.

The rise of artificial intelligence, particularly in the form of large language models, generative AI, and federated learning, has transformed modern computing—but it has also introduced a new set of vulnerabilities and security challenges. As AI systems become increasingly embedded in critical decision-making pipelines—from healthcare and infrastructure to autonomous systems—their robustness, trustworthiness, and explainability have become essential concerns for both academia and industry. Our group's research in AI/ML Security addresses these challenges by exploring the intersection of advanced machine learning and adversarial resilience. We study how learning systems can be attacked, manipulated, or deceived—and more importantly, how they can be protected. This includes examining the trust boundaries in federated learning environments, defending AI models from adversarial examples and data poisoning, and improving the reliability and transparency of complex AI systems such as transformers and large models. We focus on building explainable and resilient AI architectures that not only defend against attacks but also maintain operational robustness in uncertain, data-constrained, or adversarial conditions. Our research contributes both defensive innovations and offensive insights—revealing attack vectors that stress-test AI deployments in real-world scenarios. In doing so, we help define new benchmarks and security practices that are essential for the safe integration of AI into high-stakes environments. By bridging reliability engineering, secure learning, and explainable AI, our work informs the next generation of secure-by-design AI systems, ensuring they are not only powerful but also accountable, transparent, and resilient to manipulation. This has meaningful implications for the deployment of trustworthy AI in industry and policy as well as for advancing foundational understanding in the academic research community.

As digital systems become deeply embedded in everyday life—from personal smartphones and IoT devices to critical 5G infrastructure and AI applications—ensuring user privacy and data protection has become a foundational challenge. With increasing regulatory scrutiny and heightened public awareness, there is a growing need for security mechanisms that not only protect sensitive information but also respect user autonomy and system transparency. Our group's research in Privacy-Preserving Technologies focuses on developing lightweight, scalable, and practical solutions that enable secure data processing without compromising user privacy. We tackle the unique constraints of diverse environments such as resource-constrained IoT devices, mobile operating systems, and cloud-deployed network functions. Our work bridges advanced cryptographic techniques, secure system design, and hardware-assisted privacy solutions to build systems that are resilient to leakage, tampering, and surveillance. A key emphasis in our research is on privacy without compromise—designing systems that achieve high fidelity in their core functionality while simultaneously offering strong privacy guarantees. This includes the use of function secret sharing, hardware-enforced enclaves, and transparent debugging techniques that avoid detection by malicious software. We also explore decentralized architectures and tamper-proof logging to ensure data provenance and integrity in distributed and adversarial settings. Our innovations not only address the immediate technical challenges of data confidentiality, secure computation, and integrity verification but also pave the way for trustworthy platforms in critical domains like mobile firmware, location services, 5G networks, and malware analysis. These contributions are influencing both academic research trajectories and the privacy standards of next-generation systems in industry.