Cybersecurity Researchers Help Protect the Internet

The internet is the backbone of our lives, supporting everything from conducting business to communicating with loved ones to managing home appliances. Cars, medical devices, farm equipment, and security systems all depend on it. Even currency, once known as “cold, hard cash,” is now traded in purely virtual form by more than 100 million people globally. 

It’s easy to assume this connectivity is safe and reliable, but the online world is subject to numerous threats. The growing field of cybersecurity aims to protect the system—and us—from cybercriminals: modern miscreants ranging from state entities to small groups of saboteurs to lone wolves who can wreak havoc from their living rooms. 

Cybersecurity is a growing emphasis in the University of Oregon Department of Computer and Information Science. Department faculty in the UO Center for Cyber Security and Privacy collaborate with colleagues from philosophy, law, business, and other areas to research—and help thwart—threats to internet traffic, cryptocurrency, social media networks, infrastructure security, and more. 


Lei Jiao Lei Jiao, an assistant professor in the computer science department, focuses on how to deny the deniers—those who try to incapacitate others’ computers by launching Distributed Denial of Service (DDoS) attacks that can paralyze a computer, a group of computers, or an entire multinational company. Jiao was recently awarded a fellowship as part of a university research initiative by Ripple Labs, a US-based developer of cryptocurrency platforms. 

In a DDoS attack, hackers launch a large amount of data traffic toward a victim, overwhelming the recipient’s computer bandwidth. The receipt or transmission of legitimate information becomes impossible for the victim. 

Internet service providers such as AT&T and Comcast try to thwart these incursions by operating “scrubbing centers”—data centers with many computers that are programmed to detect and defeat the intruders. Malicious traffic is filtered out in the scrubbing centers and the rest is routed to customers. These centers are located across the nation, and it’s up to each service provider to determine which one to use, which traffic flow to divert, and how many computers in the center to allocate for each suspicious incident. 

Jiao is developing “smart algorithms”—instructions computers can follow—that will make these decisions. “My algorithms will automatically and efficiently tell the internet service providers exactly what the best decisions are for handling every attack,” he says, “so they don’t need to address each one manually.” 


Ripple Professor Yingjiu “Joe” Li and PhD student Sanidhay Arora are focusing on flash loan attacks that happen on cryptocurrency exchanges. 

Cryptocurrency—currency that exists only in digital form—is traded on decentralized platforms that don’t rely on the oversight of institutions such as banks or governments. “Cryptocurrency is very convenient and cost-effective for users,” Li says. “Because participants have full control of their files, they feel safe. Plus, anyone can interact with these financial services without being censored or blocked by a third party.” 

The cryptocurrency market had a record year in 2021, briefly surpassing $3 trillion in November. Recent research by the Pew Research Center found that 16 percent of Americans say they have invested in, traded, or used cryptocurrency. “This is a very fast-growing platform,” Li says. 

While cryptocurrency reduces the hacking risk facing centralized exchanges such as the New York Stock Exchange, the decentralized system offers plenty of opportunities for cybercriminals. 

Individual “coin” ownership is stored in a digital database called blockchain, comprising chunks of information shared equally among the entire network of users. “The practical operations of the blockchain exchanges are way ahead of security measures,” Li says. “It is imperative to enhance their security to protect users from economic losses.” In 2021, criminals netted about $14 billion from digital currency exchanges, investors, and users, according to the Chainalysis 2022 Crypto Crime Report. 

A flash loan attack happens when someone borrows cryptocurrency assets potentially worth millions or billions of dollars, uses them to purchase currency, illegally manipulates the price through a vulnerability in the computer coding, and then pays back the loan, making a massive profit in as little as 30 seconds. In February, for example, hackers stole more than $320 million in cryptocurrency from Wormhole, a decentralized finance platform, by exploiting a vulnerability. 

Li and Arora are studying how to enhance the security of the protocols that govern exchanges. Some existing defenses monitor the exchange system and identify flash loan attacks after the fact, but losses may not be recoverable. Says Li: “A better strategy is to improve protocol designs in these decentralized exchanges to prevent flash loan attacks—or to detect and block them before they cause any economic loss. This is the topic we are working on.” 


With the help of more than $3 million in grants from the National Science Foundation and others, Ram Durairajan is making networks smarter and more robust. 

Durairajan, an assistant professor in the department, is working with PhD student Matthew Hall on stopping denial of service threats by reconfiguring the paths of wavelengths that transmit data. 

He uses the idea of a museum thief as a metaphor for an attacker. “Imagine someone is trying to steal a painting that hangs in a museum,” Durairajan says. “The museum is the network. The painting is the service the attacker is trying to steal. We can change the floor plan of the museum—that is, the configuration of the wavelengths that carry data—every so often so the thief will not know where to go.” 

Ram Durairajan Durairajan also studies how we can safeguard our ability to stay connected despite earthquakes, tsunamis, and rising seas. The West Coast, and especially the Oregon Coast, is the landing point for numerous underwater fiber cables that connect our continent to Asia. It is also the site of the Cascadia subduction zone, a fault line that separates two major tectonic plates and that is overdue for a devastating earthquake. 

Durairajan, with the help of undergraduate Juno Mayer, developed an assessment tool called ShakeNet to analyze the risk that earthquake-induced shaking poses to wired and wireless infrastructure in the Northwest. He collaborated with colleagues in the Department of Earth Sciences who helped develop ShakeAlert, an earthquake early warning system. Durairajan combined a map of earthquake impact areas with one of fiberoptic infrastructure and found that about 65 percent of the fiber infrastructure and cell towers on the West Coast will be damaged during a violent earthquake. 

Using the route planner capability of ShakeNet, data could be sent via longer but less susceptible routes during an earthquake. For example, data transfers between Seattle and Portland could be routed through Kennewick and Boise, avoiding the I-5 corridor, which may be affected by strong shaking. “There is this tension between what internet service providers do and what Mother Nature does,” Durairajan says. “Our aim is to relieve that tension, so you won’t get the shortest path, but you will get a robust path.” 

Durairajan has also studied dangers posed by climate change. He recently discovered that thousands of miles of fiberoptic cable in the US—primarily in areas around New York, Miami, and Seattle—will be severely affected by rising sea levels. 

He acknowledges that his focus on unpleasant scenarios can lead some to tease him about having a bad outlook. 

“I’m seriously not a fun person,” Durairajan says. “But I’m happy to be the negative guy as long as people are safe and the internet works better.” 

—By Rosemary Howe Camozzi, BA ’96 (magazine), a freelance writer and editor in Eugene

—Photos by Dustin Whitaker, University Communications


The Department of Computer and Information Science is establishing a multidisciplinary cybersecurity degree for undergraduate majors. 

Students will develop expertise in cybersecurity threats and solutions in areas including computer and information security, network security, applied cryptography, and secure software development. 

The degree will emphasize experiential learning. Students will spend at least two terms at the UO Cybersecurity Operation Center to engage in real-world problem solving and will also participate in research projects and internships. 

The degree also features courses in cyber law developed and taught by Bryce Newell, an assistant professor of media law and policy in the School of Journalism and Communication; and courses in the ethics of privacy and data ownership developed and taught by Ramón Alvarado and Colin Koopman, professors in the Department of Philosophy. 

“This program leverages our core competency in networking, systems, and data science, and will address the acute shortage of skilled cybersecurity workers in Oregon and across the US,” says Reza Rejaie, department head.