Information systems security is of increasing importance in government, military and commercial arenas.  The Center for Secure Information Systems (CSIS) provides a dedicated environment to encourage the development of expertise in both the theoretical and applied aspects of information systems security.  CSIS emphasis on information security makes it unique among the institutions of higher learning in this country.

Established in 1990, CSIS has the distinction of being the first academic center in security at a U.S. university.  It is one of the National Security Agency’s original Centers of Academic Excellence in Information Assurance Education, a designation it continues to hold.  In 2008, NSA established a new designation – The National Centers of Academic Excellence in Information Assurance Research (CAE-Research).  CSIS has earned this new designation, and is designated for both CAEIAE and CAE-Research through 2013.

CSIS differentiates itself from other centers by working in a broad spectrum of security topics and issues.  The Center resides within The Volgenau School of Information Technology and Engineering (IT&E) at George Mason University (Mason).

For more information, you may contact Dr. Sushil Jajodia, CSIS Director, at (703) 993-1653.

Research in Information Systems Security

Information is an important strategic and operational corporate asset, and therefore, there is a need to have adequate security measures that can safeguard sensitive information.  In spite of its importance, there is a severe lack of truly comprehensive university research programs in information system security.  CSIS was created to provide a dedicated environment to encourage the development of expertise in both the theoretical and applied aspects of information systems security.

CSIS Objectives:

  1. To be one of the leading academic institutions for research in Information Systems Security
  2. To work collectively with academic institutions, industrial and government organizations to advance the state of the art in Information Systems Security
  3. To provide an environment for education and training in Information Systems Security

The goals of CSIS are to

  1. Conduct a broad spectrum research and development program on various aspects of information systems security
  2. Serve as a knowledge resource in the area of information system security
  3. Develop courses dealing with information systems security
  4. Act as a focus for doctoral research in the area of information systems security
  5. Provide technical support to industry and government in the information systems security area

Scope of the Center

The scope of CSIS encompasses information secrecy, integrity, and availability problems in military, civil, and commercial sectors. Among topics of current interest are:

  • Vulnerability assessment and exploit analysis
  • Virtualization for security
  • Operating systems security
  • Automated penetration testing
  • Intrusion detection and prevention
  • Secure information sharing
  • Secure network protocols
  • Auditing, audit log analysis, data mining
  • Flexible authorization management system
  • Role-based access control
  • Trust management
  • Secure key management
  • Digital rights management
  • Fast and secure cryptography implementations
  • Critical infrastructure protection
  • High assurance security architectures
  • Steganography and digital watermarking
  • Protection from malicious code
  • Ad hoc, wireless networks
  • Sensor networks

CSIS is interested in developing relationships with government agencies, industrial companies, and other universities.  These relationships can be tailored to the organization’s interests and needs.  For one organization, this might mean that CSIS acts as a knowledge resource; for another, CSIS might assemble a research group to collaborate with technical staff.

CSIS Researchers

CSIS has the following full-time research scientists:

  • Dr. Sushil Jajodia ( University Professor, BDM International Professor and Director; Ph.D., University of Oregon, 1977. Research Interests: Information Systems Security, Database Management Systems, Distributed Systems, Temporal Databases.
  • Dr. Anup Ghosh ( Chief Scientist and Research Professor; Ph.D., University of Virginia, 1996. Research Interests: Software Security, Operating System Security, Virtualization, Networking Security, Malicious Code.
  • Dr. Steven Noel ( Associate Director; Ph.D., University of Louisiana, 2000. Research Interests: Network Attack Modeling, Analysis, and Visualization, Data Mining for Intrusion Detection, Ontology of Network Attacks.
  • Dr. Angelos Stavrou ( . Assistant Professor, Computer Science Department; Ph.D., Columbia University, 2007. Research Interests: Network Security, Large Systems Reliability & Survivability, Statistical Inference, and Anonymity Systems.
  • Dr. Michael Locasto ( Visiting Professor, Ph.D., Columbia University, 2008.  Research Interests: Information Security, Intrusion Detection & Response, Debugging, Threat Models, Vulnerability Analysis, Operating Systems, Computer Architecture.
  • Dr. Duminda Wijesekera ( Associate Professor; Ph.D. in Mathematical Logic, Cornell University, 1990 and Ph.D. in Computer Science, University of Minnesota, 1997. Research Interests: Access Control, Telecommunications Security, Multimedia Systems, Data Mining, Applications of Logic to Computing.
  • Dr. Claudio Bettini ( Research Professor; Ph.D., University of Milan, 1993. Research Interests: Temporal Data Management and Reasoning, Policy, Internet and Web Technologies.
  • Dr. Yih Huang ( ). Research Scientist; Ph.D., Michigan State University, 1998. Research Interests: Computer Networks, Network Routing, Network and System Security, Distributed Systems.
  • Pramod Kalapa ( Research Scientist; M.S., Louisiana State University, 1991. Research Interests: Intrusion Alarm Correlation and Scenario Building, Software Engineering.
  • Dr. X. “Sean” Wang ( Research Professor; Ph.D., University of Southern California, 1992. Research Interests: Sequence Data Models, Temporal Databases, Intrusion Detection.

In addition, several faculty members from the Computer Science Department and Electrical and Computer Engineering Department are involved in research collaboration with CSIS.  CSIS members are also involved in active collaboration with scientists from other institutions both in U.S. and around the globe.

Ph.D. Concentration in Information Security

Students may designate a concentration in information security in their doctoral degree title.  In that case the transcript of a graduating student would be “Ph.D. in Information Technology with Concentration in Information Security.”  Students may also pursue such doctoral studies without designating a concentration in their degree title.  The Information Security Concentration is also available for the Ph.D. degrees in Computer Science and Electrical Engineering.

M.S. in Information Security and Assurance

The Master of Science degree program in Information Security and Assurance is designed to prepare graduates to fill the current and future need for information security and assurance professionals to work in a wide variety of capacities to protect the information systems of different types of organizations and to support the nation's information infrastructure.

The objective of the Master of Science degree in Information Security and Assurance is to provide students with the general and technical knowledge and skills to understand the relationship between information security and advancing information systems technology, and with a theoretical understanding of the science and methodologies for ensuring the secrecy and integrity of data, and the availability and legitimate use of data and information systems.
Students will develop core competencies in database and information system, in operating systems and networks and in software development, and focus on the technical and management aspects of Information Security, examining ways to provide secure information processing systems, by investigating operating systems security, distributed secure system architectures, database security, software applications security, security policies, secure e-commerce, network and distributed systems security, cryptography and security protocols.

Graduates of the program will be actively recruited by federal, state and local governments and by the private sector. Typical employers include Internet-based companies, software companies, banks and insurance companies, and in general any organization that depends heavily on the use of information technology.  All classes are scheduled in the late afternoon and early evening to accommodate employed students.

M.S. in Computer Engineering with Concentration in Network and Systems Security

The Master of Science in Computer Engineering now offers a concentration in Network and Systems Security.  The plan of study covers the entire spectrum of topics related to security in computer networks and distributed systems.  The focus is on implementation aspects of cryptographic algorithms, protocols, and systems; trade-off between security and efficiency; and the close integration of cryptography, computer security, and communications.  Through projects and labs, students get acquainted with various means of implementing security transformations in both software and hardware.

Graduate Certificate Program in Information Systems Security

The Graduate Certificate Program in Information Systems Security has been designed for persons who are interested in science and methods for ensuring secrecy, integrity, and availability of information systems. The Certificate in Information Systems Security may be pursued concurrently with any of the graduate programs in the School of Information Technology and Engineering.

B.S. Information Technology Concentration in Information Security and Network Administration

Bachelor of Science in Information Technology offers a concentration in Information Security and Network Administration.  This concentration is comprised of five required courses in the categories of (1) Information Security; (2) Network Administration, and (3) Telecommunications.

Information Assurance Scholarship Program (IASP)

Mason is one of a few universities that have been selected by the U.S. Department of Defense to participate in the Information Assurance Scholarship Program (IASP).  IASP provides full scholarship support to selected undergraduate, graduate, and doctoral students seeking degrees and graduate certificates in information assurance disciplines.  Support includes tuition, a stipend, a paid part-time internship, and full-time employment following graduation.

During breaks in their academic studies, Information Assurance Scholars will receive progressive, hands-on experience in information security internships at Department of Defense agencies.  In return, scholars must agree to some restrictions and obligations regarding curriculum, GPA and post-program employment.  If all conditions are met, Information Assurance Scholars will receive full-time permanent positions with the Department of Defense on program completion.

IASP applicants must be current or accepted Mason students.  You must apply for admission to Mason (see as a separate process.  Consult CSIS web site for detailed information about IASP.  IASP is limited to U.S. citizens.

Contact Information

For more information about the Center for Secure Information Systems or about becoming a sponsor, see our web site at or contact:

Dr. Sushil Jajodia
Center for Secure Information Systems, Director
Research I, Suite 417
George Mason University
Fairfax, VA 22030-4444
Phone: (703) 993-1653
Fax:  (703) 993-4776


Home | Research | People | Publications | Seminars | Sponsors