Jeffrey Todd McDonald, Ph.
D.
Professor of Computer Science
Research Projects and Interest
|
I am currently engaged in various projects focused on software and hardware protection (obfuscation, tamperproofing, watermarking),
anomaly detection, side-channel analysis, malware detection and analysis, vulnerability assessment, and secure software engineering.
Research Gate Profile
LinkedIn Profile
Google Scholar Profile
DBLP Profile
Program Encryption Toolkit
The Program Encryption Toolkit (PET) is a research-based software package that is used for visualization and experimentation in protection of digital logic circuits.
The PET source code embodies code from 8 seperate Master's theses and has undergone considerable refactoring and extension to support advanced studies and experiments in circuit protection based on obfuscation. PET and its graphical user interface are unique in that they provide a toolkit for evaluating various kinds of circuit obfuscation and transformation algorithms while also allowing visualization of these effects in smaller contexts.
Contributors to the PET software include students at the Air Force Institute of Technology (AFIT), Wright-Patterson AFB, OH and the University of South Alabama (USA), Mobile, AL.
A graphical release is available for download.
PET source and documentation are available on Github
PET Graphical User Interface (PETGUI) available in ZIP format. The entire folder should be unzipped and used:
Version 2.6
PETGUI User Guide
Executable JAR with JRE
Samples
Doctoral Research - Committee Chair
Patrick Luckett, USA, graduation Summer 2018, Dissertation: Nonlinear Methods for Detection and Prediction of Epileptic Seizures (now with Washington University School of Medicine)
Ramya Manikyam, USA, graduation Fall 2019, Dissertation: Program Protection Using Software Based Hardware Abstraction (now with Moderna)
Dustin Mink, USA, graduation Fall 2019, Dissertation: Indicators of Compromise for the United States Federal Aviation Administration Next Generation Air Transportation System Automatic Dependent Surveillance-Broadcast (now with Leidos)
Colby Parker, USA, graduation Spring 2022, Dissertation: Adversarial Machine Learning for the Protection of Legitimate Software (now with Sandia Laboratory)
Maureen Van Devender, USA, graduation Spring 2023, Dissertation: Risk Assessment Framework for Automated Evaluation of Cybersecurity Threats and Vulnerabilities in Medical Devices
Naveen Pendli, USA, ABD, Dissertation: A Novel Blockchain Based Framework for Secure and Privacy Preserving E-governance System
Daniel Miller, USA, in progress, Topic area: forensic analysis of residual data in additive layer manufacturing
Reeve Cabral, USA, in progress, Topic area: hybrid malware detection approaches
Pawan Karki, USA, in progress, Topic area: machine learning applications for software vulnerability detection
Barbara Pilates, USA, in progress, Topic area: threat detection for ICS and SCADA based systems
Masters Research - Committee Chair
Dylan Johnson , USA, in progress, Topic area: Software vulnerability analysis in intermediate code representation
Amber Surles, USA, graduation Summer 2023, Thesis: Epileptic Seizure Classification Using Image-Based Data Representations
Shelby Caldwell, USA, graduation Spring 2023, Thesis: A Framework for Identifying Malware Threat Distribution on the Dark Web
Jamie Carambat, USA, graduation Spring 2023, Thesis: Evaluating Defensive Countermeasures for Software-Based Hardware Abstraction
Jennifer Parnell, USA, graduation December 2021, Thesis: Comparative Analysis of Digital Logic Component Hiding Techniques (now with Mayo Clinic)
Lee Miller, USA, graduation May 2021, Project: Runtime Analysis of Ransomwware on Android Operating Systems
Jackson Braswell, USA, graduation December 2020, Project: Framework for Analyzing Human Attackers Subverting Commercial Obfuscators (now with Institute for Defense Analysis)
Deepak Adhikari, USA, graduation May 2020, Thesis: A Toolbase for Evaluating Software Protection Techniques Against Symbolic Execution Attacks (now with ADHI)
James Bell, USA, graduation May 2020, Thesis: Program Protection against Symbolic Execution in x86 Executables (now with DHS-CISA)
Alex Mullins, USA, graduation May 2020, Thesis: Evaluating Security of Executable Steganography for Digital Software Watermarking (now with USAF)
Nathan Herron, USA, graduation May 2020, Thesis: Machine Learning Based Android Malware Detection using APK Digests (now with US Navy SPAWAR/NIWC)
Michael Dorsett, USA, graduation May 2020, Thesis: Forensic Analysis of Ransomware Malware (now with US Navy SPAWAR/NIWC)
Taylor Meckley, USA, graduation May 2019, Thesis: Residual Data Analysis on Consumer Market Smart Phones (now with MITRE)
Bronwyn Hodges, USA, graduation May 2019, Thesis: Attack Modeling and Mitigation Strategies for Risk Based Analysis of Networked Medical Devices (now with MITRE)
Adam Minor, USA, graduation May 2019, Thesis: Malware Detection and Program Feature Recognition Using Binary Visualization (now with Naval Research Lab )
Jordan Seaman, USA, graduation May 2019, Thesis: The Effect of Sold-State Drive Firmware Processes on Individual File Hashes (now with Pacific Northwest National Laboratory)
Sandy Falgout, USA, graduation December 2018, Project: Data Integration for Risk-Based Threat Vulnerability Asset Schema (now with US Navy SPAWAR)
Colby Parker, USA, graduation Summer 2018, Thesis: Android Malware Detection Using Step-Size Based Multi-Layered Vector Space Models (now SoC doctoral student)
Thanh Nguyen, USA, graduation May 2018, Thesis: Systematic Detection of Repackaged Applications by Dynamically Visualizing User Interface Components (now with Sandia National Laboratory)
Katherine Seale, USA, graduation May 2017, Thesis: Integrating Relational Data Frameworks Into Risk Assessment of Networked Medical Devices (now with MITRE)
Joel Dawson, USA, graduation May 2017, Thesis: Rootkit Detection Through Phase-Space System Call Timing and Power Analysis (now with Oak Ridge National Laboratory)
William Holder, USA, graduation May 2017, Thesis: Evaluating Optimal Phase Ordering in Obfuscation Executives (now with Air Force Research Lab)
Miles Forbes, USA, graduation May 2017, Thesis: Digital Logic Protection Using Functional Polymorphism and Topology Hiding (now with City of Mobile)
Ramya Manikyam, USA, graduation May 2016, Thesis: Comparing Effectiveness of Commercial Obfuscators against Man at the End Attacks (now SoC doctoral student)
Charles Hubbard, USA, graduation May 2015, Thesis: Data Collection for Cyber Anomaly Event Detection (now with Government Accountability Office)
James Cerkovnik, USA, graduation May 2015, Thesis: Assessing Vulnerabilities and Risks in Networked Medical Devices (now with Idaho National Laboratory)
Joshua Cazalas, USA, graduation May 2014, Thesis: Probing the Limits of Virtualized Software Protection (now with Boeing)
William Ashbee, USA, graduation December 2013, Thesis: Nonlinear Epilepsy Forewarning By Support Vector Machines (now with Eliassen Group)
Daniel Koranek, AFIT, graduation June 2010, Thesis: Deterministic, Efficient Variation of Circuit Components to Improve Resistance to Reverse Engineering (now with Air Force Research Lab)
James Parham, AFIT, graduation March 2010, Thesis: Deterministic Component Hiding Using Identification and Boundary Blurring Techniques (now with Dept of Homeland Security)
Sherry Murphy, AFIT, graduation March 2010, Thesis: Deceiving Adversary Network Scanning Efforts Using Host-Based Deception (now with U.S. Air Force)
Han-Seok Kim, AFIT, graduation March 2009, Thesis: Removing Redundant Logic Pathways in Polymorphic Circuits (Korean Air Force)
Jason Williams, AFIT, graduation March 2009, Thesis: Characterizing Component Hiding Using Ancestral Entropy (now with Air Force Research Lab)
Brad Sevy, AFIT, graduation March 2009, Thesis: Using Covert Means to Establish Cybercraft Command and Control (now with U.S. Air Force)
Eric Simonaire, AFIT, graduation December 2008, Thesis: Sub-Circuit Selection and Replacement Algorithms Modeled as Term Rewriting Systems (now with US Railroad Retirement Board)
Michael Hunsberger, AFIT, graduation June 2008, Thesis: Cybercraft Requirements Elicitation (now with U.S. Air Force)
Shannon Hunt, AFIT, graduation March 2008, Thesis: Developing a Reference Framework for Cybercraft Trust Evaluation (now with U.S. Air Force)
Alan Lin, AFIT, graduation March 2008, Thesis: Software Obfuscation with Symmetric Cryptography (now faculty member at A.F. Institute of Technology)
Moses James, AFIT, graduation March 2008, Thesis: Obfuscation Framework Based on Functionally Equivalent Combinatorial Logic Families (now with Google)
Ken Norman, AFIT, graduation March 2008, Thesis: Algorithms for White-box Obfuscation Using Randomized Subcircuit Selection and Replacement (now with U.S Air Force)
Undergraduate Honors Thesis - Committee Chair
Rebecca Clark, USA, in progress, Thesis: Side Channel Detection of PC Rootkits using Nonlinear Phase Space
Trinity Stroud, USA, graduation May 2021, Thesis: Developing a Deterministic Polymorphic Circuit Generator Using Random Boolean Logic Expansion
Undergraduate Research Projects
Rebecca Clark, 2021, USA, USA SURF Internship Summer 2021, Topic area: Power side-channel collection for PC-based malware detection
Amber Surles, 2019-2020, USA, Topic area: Cryptographic properties of Boolean logic functions
Jacob Cassity, 2018-2019, USA, Topic area: Software-based polymorphic functions for anti reverse-engineering
Jamie Carambat, 2019, USA, Topic area: Image-based analysis and detection of malware with machine learning
Michael Gambrell, 2019, USA, Topic area: Java-based implementation of open source circuit synthesis algorithms for KMAP reductions
Trinity Stroud, 2018-2019, USA, USA SURF Internship Summer 2019, Topic area: approximating random circuit selection using deterministic polymorphic generation
Abigail Brockman, 2019, USA, Topic area: nonlinear analysis for predictive forewarning of failures
Jennifer Parnell, 2019, USA, Topic area: analytic study of circuit variants against reverse engineering, nonlinear analysis of EKG for seizure prediction
Blair Doyle, 2017-2019, USA, USA SURF Internship Summer 2018, Topic area: Phase-space detection of rootkit execution using power side channels
Fernando Lorenzo, 2017-2019, USA, Topic area: side-channel exploitation of iPhones for unlock scenarios, characterizing side-channel properties of code diversity
Jesse Bryant, 2018, USA, Topic area: IoS Application for Nonlinear Phase-Based Seizure Prediction
Trevor Rayl, 2018, USA, Topic area: epileptic seizure prediction using phase-space dissimilarity of EKG
Alex Dudenhoeffer, 2017, USA, Topic area: vulnerability assessment of Tile Tracker
Ryan Creel, 2016-2017, USA, Topic area: executable steganography, BDD-based circuit analysis
An Vu, 2016-2017, USA, Topic area: evaluating circuit-based component identification and hiding
DeMarcus Williams, 2016-2017, USA, Topic area: Programmable Logic Controller (PLC) vulnerability analysis
Justin Raya, 2016, USA, Topic area: K-MAP implementation for the Program Encryption Toolkit (PET)
Joshua Polling, 2015-2016, USA, Topic area: reverse engineering malicious Android apps
Erick Roberson, 2015-2016, USA, Topic area: IoS vulnerability assessment and testing
Blake Blackwell, 2015, USA, Topic area: Java-based port of Boolean Expression Diagram library
Caleb Hall, 2014, USA, Topic area: Polymorphic gate implementation for the Program Encryption Toolkit (PET)
Andrew Edwards, 2014, USA, Topic area: IoS Prototype for Nonlinear Phase-Based Seizure Prediction
Sponsored Research
Cumulative total of awarded research from the Air Force Institute of Technology and
University of South Alabama exceeds $15.5 M in shared and collaborative funding.
1. Department of Interior, Contract # 140D0419-9-0004,
L. Chronister, A. Yasinsac, J.T. McDonald (Principal), et al.,
"Project Jaguar", funded January 2019 ($7,171,606).
2. National Science Foundation, Award # CNS-1811578,
William R. Mahoney and J.T. McDonald,
"SaTC: CORE: Small: Collaborative: Evaluating Performance and Security of Executable Steganography for Surreptitious Programs",
Solicitation NSF 17-576, Secure and Trustworthy Computing (SaTC Small), submitted Nov 2017, funded August 2018 (grand total $325,402, USA share $151,433).
3. National Security Agency, GenCyber,
J.T. McDonald and T.R. Andel,
"GenCyber-Cybersecurity and Information Assurance Camps",
Solicitation GEN-01-2017, submitted Nov 2016, funded March 2017 ($57,870).
4. INNOCENTIVE,
Patrick H. Luckett, J. Todd McDonald, Lee M. Hively,
"Seizure Prediction and Detection Via Nonlinear Analysis",
INNOCENTIVE Challenge ID: 9933784 - Phase One, The SUDEP Institute Challenge: Developing Predictive Biomarkers of Epilepsy Seizures, submitted October 2016, funded November 2016 ($10,000).
5. National Science Foundation, Award # DGE-1564518,
T.R. Andel, J.T. McDonald, A.M. Clark, H.L. Barnett,
"Renewal: Scholarship for Service in Information Assurance",
Solicitation NSF 15-584, submitted Sept 2015, funded 1 Oct 2016 - 30 Sep 2021 ($4,097,801).
6. INNOCENTIVE,
J.T. McDonald, Patrick H. Luckett, Lee M. Hively,
"Reliable and Efficient Seizure Prediction and Detection Using Nonlinear Phase-Space Analysis",
INNOCENTIVE Challenge ID: 9933719, The SUDEP Institute Challenge: Predictive Biomarkers of Epilepsy Seizures, submitted May 2016, funded Aug 2016 ($15,000.
7. National Science Foundation, Award # CNS-1624944,
T.R. Andel, J.T. McDonald, S.H. Russ,
"MRI: Acquisition of Side-Channel Measurement and Analysis System",
Solicitation NSF 15-504, submitted January 2016, funded 15 Aug 2016 - 14 Aug 2019 ($393,288).
8. National Security Agency, GenCyber,
T.R. Andel and J.T. McDonald,
"GenCyber-Cybersecurity and Information Assurance Camps",
Solicitation GEN-01-2016, submitted Sept 2015, funded February 2016 ($42,722).
9. National Science Foundation, Award # DGE-1303384,
J.T. McDonald, T.R. Andel, R. Bace, and H.L. Barnett,
"Capacity Building in Information Assurance",
Solicitation NSF 12-585, submitted April 2012, funded 1 Sep 2014 - 31 Aug 2017 ($322,410).
10. National Science Foundation, Award # CNS-1305369,
J.T. McDonald and T.R. Andel,
"II-NEW: RUI: Expanding Cyber Assurance Research and Education",
Solicitation NSF 11-536, submitted October 2012, funded 1 Oct 2013 - 30 Sep 2015 ($476,017).
11. National Science Foundation, Award # DUE-1241675,
J.T. McDonald, T.R. Andel, A.M. Clark, H.L. Barnett,
"Scholarship for Service in Information Assurance",
Solicitation NSF 12-531, submitted March 2012, funded 1 Jan 2013 - 31 Dec 2017 ($2,190,694).
USA CIS-497/498 Senior Project Sponsor/Mentor
Spring 2020, Sponsor, Senior Project on OpenSTF for Android Malware Analysis
Fall 2019, Sponsor, Senior Project on Software-Based Polymorphic Functions
Spring 2018, Sponsor, Senior Project on Secure API Server Showdown Challenge
Spring 2018, Sponsor, Senior Project on Cyber Competition Range
Fall 2017, Sponsor, Senior Project on Facebook CTF Capability
Spring 2017, Mentor, Senior Project on Software Vulnerability Assessment
Spring 2016, Sponsor, Senior Project on Android Reverse Engineering Tutorial
Fall 2015, Sponsor, Senior Project on Medical Mannequin Exploitation
Spring 2015, Sponsor, Senior Project on JAGTRACK (JagTran Tracker Application)
Fall 2014, Sponsor, Senior Project on JAGTRACK (JagTran Tracker Application)
Spring 2014, Sponsor, Senior Project on JAGTRACK (JagTran Tracker Application)
Spring 2014, Sponsor, Senior Project on Medical Device Security Testing
Spring 2012, Sponsor, Senior Project on Malware Testbed
Spring 2012, Sponsor, Senior Project on Java Obfuscation and Deobfuscation
Fall 2012, Sponsor, Senior Project on Security Evaluation of CHATS
USA College of Engineering Senior Project Sponsor/Mentor
Spring 2019, Sponsor, Senior Project on Wearable EEG Data Collection Headgear
Spring 2014, Sponsor, Senior Project on JAGTRACK (JagTran Tracker Application)
CSC-440 Secure Software Engineering - Student Projects
Fall 2018, Open Source Evaluation: Grand Theft Auto 5
Fall 2018, Open Source Evaluation: Blender
Fall 2018, Open Source Evaluation: Firefox
Fall 2018, SDLC Application Development: Android Social App
Fall 2018, Software Security Tool Evaluation
Fall 2018, Malware Analysis Study
Fall 2018, Java Rolodex Security Evaluation
Fall 2018, IT Service Desk Security Evaluation
Fall 2018, Dictionary Builder Security Evaluation
Fall 2017, Open Source Evaluation: Filezilla
Fall 2017, Open Source Evaluation: Tender Clone
Fall 2017, Open Source Evaluation: Cryptomator
Fall 2017, Open Source Evaluation: Padlock
Fall 2017, SDLC Application Development: Jag Memory Flash
Fall 2017, SDLC Application Development: Vacation Planner
Fall 2017, Security Application Development: Markvid
Fall 2017, Security Application Development: Go Secure ZIP Extension
Fall 2017, Honeynet Project Challenges
Fall 2017, NSA Codebreaker Challenges
Fall 2016, Open Source Evaluation: Word Press
Fall 2016, Open Source Evaluation: QupZilla Web Browser
Fall 2016, Open Source Evaluation: Blender
Fall 2016, Open Source Evaluation: Mumble
Fall 2016, Open Source Evaluation: MediaWiki
Fall 2016, Security Software Tool Assessment
Fall 2016, Honeynet Project Challenges
Fall 2016, Security in Java Compiler/JVM
Fall 2016, BurnItUp! Security Assessment
Fall 2016, SDLC Application Development: WAMP-Based Shopping Cart
Fall 2016, SDLC Application Development: Password Management
Fall 2015, 3D Printer Software Security Analysis
Fall 2015, Open Source Evaluation: Wireshark
Fall 2015, Open Source Evaluation: Chromium
Fall 2015, Open Source Evaluation: Eclipse Plugins
Fall 2015, Open Source Evaluation: No Script Browser Plugin
Fall 2015, Open Source Evaluation: Sakai
Fall 2015, Open Source Evaluation: KeePass
Fall 2015, Zigbee Protocol Analysis
Fall 2015, SDLC Application Development: Peer to Peer Communication App
Fall 2015, SDLC Application Development: Single-Sign On Security Check
Fall 2015, SDLC Application Development: Sign Business App
Fall 2015, SDLC Application Development: Video Game App
Fall 2015, SDLC Application Development: Web-Based File Sharing
Fall 2015, Study in Reverse Engineering
Fall 2015, Comparison of Static Analysis Tools
Fall 2015, Open Source Evaluation: Sakai
Fall 2014, Open Source Evaluation: LimeSurvey Voting System
Fall 2014, Open Source Evaluation: http-server
Fall 2014, Open Source Evaluation: Apache Open Office
Fall 2015, SDLC Application Development: iOS Social Finder App
Fall 2015, SDLC Application Development: Workout App
Fall 2015, SDLC Application Development: SoC Advisor App
Fall 2015, SDLC Application Development with Agile/XP: Abject-Class Manager
Fall 2014, Tool Development for Active Software Defense
Fall 2014, Zaxby's Web Site Development Project
Fall 2014, Anti-Virus Comparison
Fall 2014, Honeynet Project Challenges
Fall 2013, Open Source Evaluation: Estonia Voting System
Fall 2013, Open Source Evaluation: Mozilla Firefox
Fall 2013, Vulnerability Assessment with OWASP Goat
Fall 2013, SDLC Application Development: JagTran Tracker App
Fall 2013, Comparison of Open Source Static Analyzers
Fall 2013, Infirmary Health Care Project
Fall 2012, Open Source Evaluation: AjaXplorer
Fall 2012, SDLC Application Development: CHATS
Fall 2012, Extending Static Analysis Tools
|
|
|