MIT Lincoln Laboratory
I am currently technical staff at MIT Lincoln Lab. My research here focuses mostly on cyber modeling and simulation as well as the development and deployment of cyber security metrics.
Prior to joining Lincoln Lab, I was a computer science PhD student at Georgia Institute of Technology,
where I was part of GTNoise, NTG, and GTISC.
My advisors at Georgia Tech were Nick Feamster
and Alexandra Boldyreva .
Prior to joining Georgia Tech I obtained a masters degree in Computer Science at University of Massachusetts Amherst,
where I was advised by Kevin Fu and Siman Wong.
My masters project was on using electronic ticketing to preserve privacy in public transport.
RECENT PUBLICATIONS (Full Publication List)
- R. Lychev, S. Jero, A. Boldyreva, C. Nita-Rotaru, How Secure and Quick QUIC? Provable Security and Performance Analyses, Appeared in S&P (Oakland) 2015.
- R. Lychev, S. Goldberg, M. Schapira, BGP Security in Partial Deployment: Is the Juice Worth the Squeeze? Appeared in SIGCOMM'13.
Awarded the IETF/IRTF Applied Networking Research Prize (ANRP) 2014
- A. Boldyreva, R. Lychev, Provable Security of S-BGP and other Path-Vector Protocols: Model, Analysis and Extensions, Appeared in CCS'12.
- R. Lychev, S. Goldberg, M. Schapira, Network Destabilizing Attacks, Appeared as a brief announcement in PODC'12.
RECENT TALKS (Full Presentation List)
- Security and Performance of the Quick UDP Connections (QUIC) protocol
- How Secure and Quick is QUIC? Provable Security and Performance Analyses, San Jose, CA, USA, IEEE S&P'15, May 18, 2015.
- How Secure and Quick is QUIC in Presence of Malice? Santa Barbara, CA, USA, Rump Session Presentation, CRYPTO'14, August, 19, 2014.
- Evaluating BGP Security in Partial Deployment
- Is the Juice Worth the Squeeze? BGP Security in Partial Deployment, Baltimore, MD, NANOG 62, October 8, 2014.
- Is the Juice Worth the Squeeze? BGP Security in Partial Deployment, IETF 90, Toronto, Canada, July 22, 2014.
- Is the Juice Worth the Squeeze? Evaluating Security-Enhanced Variants of BGP in Full and Partial Deployment, Georgia Institute of Technology, February 3, 2014.
- Is the Juice Worth the Squeeze? Evaluating S*BGP Security Benefits in Full and Partial Deployment, University of Maryland College Park, November 6, 2013.
- Is the Juice Worth the Squeeze? Evaluating S*BGP Security Benefits in Full and Partial Deployment, Georgetown University, November 5, 2013.
- BGP Security in Partial Deployment: Is the Juice Worth the Squeeze? The Chinese University of Hong Kong, China, SIGCOMM'13, August 14, 2013.
- Is the Juice Worth the Squeeze? BGP Security in Partial Deployment, Sandia National Laboratories, Livermore, California, July 1, 2013.
- Is the Juice Worth the Squeeze? BGP Security in Partial Deployment, Boston University, April 29, 2013.
- Provable Security Analysis of S-BGP
- Evaluating Provable Security Guarantees of S-BGP, Johns Hopkins University, November 7, 2013.
- Provable Security of S-BGP and other Path-Vector Protocols: Model, Analysis and Extensions, Raleigh, NC, CCS'12, October 17, 2012.
- Provable Security of S-BGP and other Path-Vector Protocols: Model, Analysis and Extensions, Georgia Institute of Technology, October 12, 2012.
- Network Destabilizing Attacks
- Network Destabilizing Attacks, Madeira, Portugal, PODC'12, July 18, 2012.
- Network Destabilizing Attacks, Boston University, July 2, 2012.
CURRENT PROJECTS (Full Project List)
- Data Delivery Assurance
In this project we investigate protocols that could provide guarantees of data delivery with bounded latency in presence of active attackers
that could listen, modify, reorder, redirect, inject, and simply drop traffic in ad hoc as well as interdomain networks.
- Effectiveness of S*BGP Under Partial Deployment
In this project we address many questions that arise when S*BGP protocols (e.g. S-BGP, SoBGP, BGPsec, etc) are only partially deployd (i.e. when some ASes have deployed S*BGP, but others have not). By combining theoretical analyses with multiple large-scale simulations on empirical data, we address many important questions such as ``What security guarantees are achievable under partial deployment and how to quantify them?'', ``What new vulnerabilities are introduced into the interdomain routing system?'', ``Under what conditions are secure path-vector protocols guaranteed to converge even in presence of attackers?'', ``Which ASes are the most important to secure?'', and many more.
- S-BGP Security Analysis
The goal of this investigation is to provide the first provable-security treatment of the Secure Border Gateway Protocol (S-BGP).
We design a formal security model by studying, generalizing, and formalizing numerous known
threats in the context of path-vector routing protocols. We can show that although S-BGP
meets some security goals, it fails to prevent attacks that stem from export policy
violations and collusion. We study practical modifications to S-BGP to address all known
attacks in the the context of weaker security models and relaxed PKI requirements.
- Network Contracts and Accountability
The main challenge of this project is to study mechanisms that incentivize autonomous
systems (ASes) to meet their contractual obligations with respect to quality of service
(e.g. packet drops, delays, and/or jitter) and honestly report their failures when they do not.
We model the interactions between ASes with a game, in which ASes are the players, and study
their behaviors in the context of different topologies and payment schedules.
SERVICE: PEER REVIEW
- Journal Reviewer
- IEEE/ACM Transactions on Networking, 2011.
- External Reviewer
- NSDI 2014
- IMC 2012
- SIGCOMM 2012
- IEEE/ACM Transactions on Networking, 2012