Red-teaming helps network managers build and deploy practical defenses against cyberattacks

Yixin Sun graduated from the University of Virginia in 2013 with a Bachelor of Arts degree in computer science and math. The following year, she started her Ph.D. at Princeton University, and looks forward to moving back to the Grounds for the spring 2020 term as a new member of the Department of Computer Science and the Charles L. Brown Department of Electrical and Computer Engineering.

“I have many fond memories at UVA, and I am thrilled to have the opportunity to collaborate with faculty in electrical and computer engineering. UVA is a great place to do interdisciplinary research across many exciting areas, including my own field of cybersecurity and cyber-physical systems,” Sun said.

Sun focuses her research on building privacy-preserving and secure network systems. She approaches this task through red-teaming: to think about vulnerabilities and opportunities from an adversary’s perspective and identify flaws. This perspective invites a cross-layer approach to exploit the interdependencies of network layers and system components. Demonstrating attacks in practice—in a contained, experimental environment—is also part of Sun’s methodology. With this approach, Sun has helped network managers build and deploy practical defenses against cyberattacks.

Sun’s research has influenced design specifications in the Tor network, a large anonymity system. According to the Tor Project, the nonprofit organization that supports the network and develops its software, more than 2 million people use Tor on a daily basis. Sun has actively engaged with the Tor Project, Open Technology Fund and Let’s Encrypt to help protect vulnerable users.

“Our legacy Internet was not designed with security or privacy in mind,” Sun said. Whereas a number of protocols exist to secure internet routing, large-scale deployment of these solutions remains elusive. “The status quo is unacceptable. I aim to build practical tools for multiple and diverse applications to provide security, even when the underlying routing infrastructure is insecure.”