Home | Publications | Professional | Teaching | Research | Personal   

Jeffrey Todd McDonald, Ph. D.
Professor of Computer Science
 Research Projects and Interest



I am currently engaged in various projects focused on software and hardware protection (obfuscation, tamperproofing, watermarking), anomaly detection, side-channel analysis, malware detection and analysis, vulnerability assessment, and secure software engineering.

Research Gate Profile
LinkedIn Profile
Google Scholar Profile
DBLP Profile


Program Encryption Toolkit


The Program Encryption Toolkit (PET) is a research-based software package that is used for visualization and experimentation in protection of digital logic circuits. The PET source code embodies code from 8 seperate Master's theses and has undergone considerable refactoring and extension to support advanced studies and experiments in circuit protection based on obfuscation. PET and its graphical user interface are unique in that they provide a toolkit for evaluating various kinds of circuit obfuscation and transformation algorithms while also allowing visualization of these effects in smaller contexts. Contributors to the PET software include students at the Air Force Institute of Technology (AFIT), Wright-Patterson AFB, OH and the University of South Alabama (USA), Mobile, AL. A graphical release is available for download.

PET Graphical User Interface (PETGUI) available in ZIP format:
32-bit
32-bit with JRE
64-bit
64-bit with JRE

Doctoral/Dissertation Research

Patrick Luckett, USA, graduation Summer 2018, Dissertation: Nonlinear Methods for Detection and Prediction of Epileptic Seizures (now with Washington University School of Medicine)

Ramya Manikyam, USA, in progress, Topic area: security evaluation of homomorphic obfuscation

Maureen van Devender, USA, in progress, Topic area: risk-based assessment of networked medical devices

Daniel Miller, USA, in progress, Topic area: forensic analysis of residual data in additive layer manufacturing

Dustin Mink, USA, in progress, Topic area: Simulated attack modeling for next generation aircraft using big-data analysis

Colby Parker, USA, in progress, Topic area: malware detection using data mining techniques

Masters/Thesis Research

Nathan Herron, USA, in progress, Topic area: static and dynamic Android malware detection

Michael Dorsett, USA, in progress, Topic area: analyzing and mitigating ransomware attacks

Taylor Meckley, USA, in progress, Topic area: forensic analysis of residual data in smartphones

Bronwyn Hodges, USA, in progress, Thesis: Attack Modeling and Mitigation Strategies for Risk Based Analysis of Networked Medical Devices

Adam Minor, USA, in progress, Thesis: Malware Detection and Program Feature Recognition Using Binary Visualization

Sandy Falgout, USA, in progress, Thesis: Data Integration for Risk-Based Threat Vulnerability Asset Schema

Colby Parker, USA, graduation Summer 2018, Thesis: Android Malware Detection Using Step-Size Based Multi-Layered Vector Space Models (now SoC doctoral student)

Thanh Nguyen, USA, graduation May 2018, Thesis: Systematic Detection of Repackaged Applications by Dynamically Visualizing User Interface Components (now with Sandia National Laboratory)

Katherine Seale, USA, graduation May 2017, Thesis: Integrating Relational Data Frameworks Into Risk Assessment of Networked Medical Devices (now with MITRE)

Joel Dawson, USA, graduation May 2017, Thesis: Rootkit Detection Through Phase-Space System Call Timing and Power Analysis (now with Oak Ridge National Laboratory)

William Holder, USA, graduation May 2017, Thesis: Evaluating Optimal Phase Ordering in Obfuscation Executives (now with Air Force Research Lab)

Miles Forbes, USA, graduation May 2017, Thesis: Digital Logic Protection Using Functional Polymorphism and Topology Hiding (now with City of Mobile)

Ramya Manikyam, USA, graduation May 2016, Thesis: Comparing Effectiveness of Commercial Obfuscators against Man at the End Attacks (now SoC doctoral student)

Charles Hubbard, USA, graduation May 2015, Thesis: Data Collection for Cyber Anomaly Event Detection (now with Government Accountability Office)

James Cerkovnik, USA, graduation May 2015, Thesis: Assessing Vulnerabilities and Risks in Networked Medical Devices (now with Idaho National Laboratory)

Joshua Cazalas, USA, graduation May 2014, Thesis: Probing the Limits of Virtualized Software Protection (now with Boeing)

William Ashbee, USA, graduation December 2013, Thesis: Nonlinear Epilepsy Forewarning By Support Vector Machines (now with Eliassen Group)

Daniel Koranek, AFIT, graduation June 2010, Thesis: Deterministic, Efficient Variation of Circuit Components to Improve Resistance to Reverse Engineering (now with Air Force Research Lab)

James Parham, AFIT, graduation March 2010, Thesis: Deterministic Component Hiding Using Identification and Boundary Blurring Techniques (now with Air Force Research Lab)

Sherry Murphy, AFIT, graduation March 2010, Thesis: Deceiving Adversary Network Scanning Efforts Using Host-Based Deception (now with U.S. Air Force)

Han-Seok Kim, AFIT, graduation March 2009, Thesis: Removing Redundant Logic Pathways in Polymorphic Circuits

Jason Williams, AFIT, graduation March 2009, Thesis: Characterizing Component Hiding Using Ancestral Entropy (now with Air Force Research Lab)

Brad Sevy, AFIT, graduation March 2009, Thesis: Using Covert Means to Establish Cybercraft Command and Control (now with U.S. Air Force)

Eric Simonaire, AFIT, graduation December 2008, Thesis: Sub-Circuit Selection and Replacement Algorithms Modeled as Term Rewriting Systems (now with US Railroad Retirement Board)

Michael Hunsberger, AFIT, graduation June 2008, Thesis: Cybercraft Requirements Elicitation (now with U.S. Air Force)

Shannon Hunt, AFIT, graduation March 2008, Thesis: Developing a Reference Framework for Cybercraft Trust Evaluation (now with U.S. Air Force)

Alan Lin, AFIT, graduation March 2008, Thesis: Software Obfuscation with Symmetric Cryptography (now Assistant Professor at A.F. Institute of Technology)

Moses James, AFIT, graduation March 2008, Thesis: Obfuscation Framework Based on Functionally Equivalent Combinatorial Logic Families (now with Google)

Ken Norman, AFIT, graduation March 2008, Thesis: Algorithms for White-box Obfuscation Using Randomized Subcircuit Selection and Replacement (now with U.S Air Force)

Undergraduate Research

Blair Doyle, USA, 2017-2018, USA SURF Internship Summer 2018, Topic area: Phase-space detection of rootkit execution using power side channels

Jesse Bryant, 2018, USA, Topic area: IoS Application for Nonlinear Phase-Based Seizure Prediction

Fernando Lorenzo, USA, 2017-2018, Topic area: side-channel exploitation of iPhones for unlock scenarios

Trevor Rayl, USA, 2018, Topic area: epileptic seizure prediction using phase-space dissimilarity of EKG

Alex Dudenhoeffer, USA, 2017, Topic area: vulnerability assessment of Tile Tracker

Ryan Creel, USA, 2016-2017, Topic area: executable steganography, BDD-based circuit analysis

An Vu, USA, 2016-2017, Topic area: evaluating circuit-based component identification and hiding

DeMarcus Williams, 2016-2017, USA, Topic area: Programmable Logic Controller (PLC) vulnerability analysis

Justin Raya, 2016, USA, Topic area: K-MAP implementation for the Program Encryption Toolkit (PET)

Joshua Polling, 2015-2016, USA, Topic area: reverse engineering malicious Android apps

Erick Roberson, 2015-2016, USA, Topic area: IoS vulnerability assessment and testing

Blake Blackwell, 2015, USA, Topic area: Java-based port of Boolean Expression Diagram library

Caleb Hall, 2014, USA, Topic area: Polymorphic gate implementation for the Program Encryption Toolkit (PET)

Andrew Edwards, 2014, USA, Topic area: IoS Prototype for Nonlinear Phase-Based Seizure Prediction

Sponsored Research

1. National Science Foundation, Award # CNS-1811578, William R. Mahoney and J.T. McDonald, "SaTC: CORE: Small: Collaborative: Evaluating Performance and Security of Executable Steganography for Surreptitious Programs", Solicitation NSF 17-576, Secure and Trustworthy Computing (SaTC Small), submitted Nov 2017, recommended July 2018 (grand total $325,402, USA share $151,433).

2. National Security Agency, GenCyber, J.T. McDonald and T.R. Andel, "GenCyber-Cybersecurity and Information Assurance Camps", Solicitation GEN-01-2017, submitted Nov 2016, funded March 2017 ($57,870).

3. INNOCENTIVE, Patrick H. Luckett, J. Todd McDonald, Lee M. Hively, "Seizure Prediction and Detection Via Nonlinear Analysis", INNOCENTIVE Challenge ID: 9933784 - Phase One, The SUDEP Institute Challenge: Developing Predictive Biomarkers of Epilepsy Seizures, submitted October 2016, funded November 2016 ($10,000).

4. National Science Foundation, Award # DGE-1564518, T.R. Andel, J.T. McDonald, A.M. Clark, H.L. Barnett, "Renewal: Scholarship for Service in Information Assurance", Solicitation NSF 15-584, submitted Sept 2015, funded 1 Oct 2016 - 30 Sep 2021 ($4,097,801).

5. INNOCENTIVE, J.T. McDonald, Patrick H. Luckett, Lee M. Hively, "Reliable and Efficient Seizure Prediction and Detection Using Nonlinear Phase-Space Analysis", INNOCENTIVE Challenge ID: 9933719, The SUDEP Institute Challenge: Predictive Biomarkers of Epilepsy Seizures, submitted May 2016, funded Aug 2016 ($15,000.

6. National Science Foundation, Award # CNS-1624944, T.R. Andel, J.T. McDonald, S.H. Russ, "MRI: Acquisition of Side-Channel Measurement and Analysis System", Solicitation NSF 15-504, submitted January 2016, funded 15 Aug 2016 - 14 Aug 2019 ($393,288).

7. National Security Agency, GenCyber, T.R. Andel and J.T. McDonald, "GenCyber-Cybersecurity and Information Assurance Camps", Solicitation GEN-01-2016, submitted Sept 2015, funded February 2016 ($42,722).

8. National Science Foundation, Award # DGE-1303384, J.T. McDonald, T.R. Andel, R. Bace, and H.L. Barnett, "Capacity Building in Information Assurance", Solicitation NSF 12-585, submitted April 2012, funded 1 Sep 2014 - 31 Aug 2017 ($322,410).

9. National Science Foundation, Award # CNS-1305369, J.T. McDonald and T.R. Andel, "II-NEW: RUI: Expanding Cyber Assurance Research and Education", Solicitation NSF 11-536, submitted October 2012, funded 1 Oct 2013 - 30 Sep 2015 ($476,017).

10. National Science Foundation, Award # DUE-1241675, J.T. McDonald, T.R. Andel, A.M. Clark, H.L. Barnett, "Scholarship for Service in Information Assurance", Solicitation NSF 12-531, submitted March 2012, funded 1 Jan 2013 - 31 Dec 2017 ($2,190,694).

USA CIS-497/498 Senior Project Sponsor/Mentor

Spring 2018, Sponsor, Senior Project on Secure API Server Showdown Challenge

Spring 2018, Sponsor, Senior Project on Cyber Competition Range

Fall 2017, Sponsor, Senior Project on Facebook CTF Capability

Spring 2017, Mentor, Senior Project on Software Vulnerability Assessment

Spring 2016, Sponsor, Senior Project on Android Reverse Engineering Tutorial

Fall 2015, Sponsor, Senior Project on Medical Mannequin Exploitation

Spring 2015, Sponsor, Senior Project on JAGTRACK (JagTran Tracker Application)

Fall 2014, Sponsor, Senior Project on JAGTRACK (JagTran Tracker Application)

Spring 2014, Sponsor, Senior Project on JAGTRACK (JagTran Tracker Application)

Spring 2014, Sponsor, Senior Project on Medical Device Security Testing

Spring 2012, Sponsor, Senior Project on Malware Testbed

Spring 2012, Sponsor, Senior Project on Java Obfuscation and Deobfuscation

Fall 2012, Sponsor, Senior Project on Security Evaluation of CHATS

CSC-440 Secure Software Engineering - Student Projects

Fall 2017, Open Source Evaluation: Filezilla
Fall 2017, Open Source Evaluation: Tender Clone
Fall 2017, Open Source Evaluation: Cryptomator
Fall 2017, Open Source Evaluation: Padlock
Fall 2017, SDLC Application Development: Jag Memory Flash
Fall 2017, SDLC Application Development: Vacation Planner
Fall 2017, Security Application Development: Markvid
Fall 2017, Security Application Development: Go Secure ZIP Extension
Fall 2017, Honeynet Project Challenges
Fall 2017, NSA Codebreaker Challenges
Fall 2016, Open Source Evaluation: Word Press
Fall 2016, Open Source Evaluation: QupZilla Web Browser
Fall 2016, Open Source Evaluation: Blender
Fall 2016, Open Source Evaluation: Mumble
Fall 2016, Open Source Evaluation: MediaWiki
Fall 2016, Security Software Tool Assessment
Fall 2016, Honeynet Project Challenges
Fall 2016, Security in Java Compiler/JVM
Fall 2016, BurnItUp! Security Assessment
Fall 2016, SDLC Application Development: WAMP-Based Shopping Cart
Fall 2016, SDLC Application Development: Password Management
Fall 2015, 3D Printer Software Security Analysis
Fall 2015, Open Source Evaluation: Wireshark
Fall 2015, Open Source Evaluation: Chromium
Fall 2015, Open Source Evaluation: Eclipse Plugins
Fall 2015, Open Source Evaluation: No Script Browser Plugin
Fall 2015, Open Source Evaluation: Sakai
Fall 2015, Open Source Evaluation: KeePass
Fall 2015, Zigbee Protocol Analysis
Fall 2015, SDLC Application Development: Peer to Peer Communication App
Fall 2015, SDLC Application Development: Single-Sign On Security Check
Fall 2015, SDLC Application Development: Sign Business App
Fall 2015, SDLC Application Development: Video Game App
Fall 2015, SDLC Application Development: Web-Based File Sharing
Fall 2015, Study in Reverse Engineering
Fall 2015, Comparison of Static Analysis Tools
Fall 2015, Open Source Evaluation: Sakai
Fall 2014, Open Source Evaluation: LimeSurvey Voting System
Fall 2014, Open Source Evaluation: http-server
Fall 2014, Open Source Evaluation: Apache Open Office
Fall 2015, SDLC Application Development: iOS Social Finder App
Fall 2015, SDLC Application Development: Workout App
Fall 2015, SDLC Application Development: SoC Advisor App
Fall 2015, SDLC Application Development with Agile/XP: Abject-Class Manager
Fall 2014, Tool Development for Active Software Defense
Fall 2014, Zaxby's Web Site Development Project
Fall 2014, Anti-Virus Comparison
Fall 2014, Honeynet Project Challenges
Fall 2013, Open Source Evaluation: Estonia Voting System
Fall 2013, Open Source Evaluation: Mozilla Firefox
Fall 2013, Vulnerability Assessment with OWASP Goat
Fall 2013, SDLC Application Development: JagTran Tracker App
Fall 2013, Comparison of Open Source Static Analyzers
Fall 2013, Infirmary Health Care Project
Fall 2012, Open Source Evaluation: AjaXplorer
Fall 2012, SDLC Application Development: CHATS
Fall 2012, Extending Static Analysis Tools



bottom