Go to the top


Implementing CYBEX-P: Helping Organizations to Share with Privacy Preservation

  • Role: Principal Investigator

  • Duration: 2018-2019

  • Funding Amount: $986,067


In response to the increasing number of attacks on cyberspace, public and private organizations are encouraged to share their cyber-threat information and data with each other. Although there are long-term interests in sharing security related information, it places organizations at risk regarding the protection of their data and exposure of other vulnerabilities. This project designs, develops and implements a CYBersecurity information EXchange with Privacy (CYBEX-P) platform using trusted computing paradigms and privacy-preserving information sharing mechanisms for cybersecurity enhancement and development of a robust cyberinfrastructure. The outcome of this project has a broader impact on the development of a novel cybersecurity information-sharing platform with privacy preservation and a robust governance structure. The project also has direct impact on undergraduate and graduate student education and training, emphasizing the engineering development of minorities and women, by providing a real-world platform for investigation and management of cyber threats. Envisioning that effective and privacy-preserving threat intelligence sharing can be instrumental for auditing the state of the threat landscape and helping to predict and prevent major cyber-attacks, this project provides a service for structured information exchange. The CYBEX-P platform provides valuable measurable information about the security status of systems and devices together with data about incidents stemming from cyber-attacks. To develop and implement such an environment across statewide organizations, then across the nation, this research project incorporates blind processing, privacy preservation and integrity of shared incident data by ensuring that only trusted processes access the raw data and only anonymized data are shared with other operators. Blind processing enables the advantages of additional information exchange while respecting organizational constraints and trust boundaries. This research also establishes a flexible governance framework that includes both policies and procedures to protect the data and provide all customers with the tools to demonstrate they are complying with both regulatory and internal data governance requirements. Specifically, the outcomes of the project demonstrate: i) CYBEX-P infrastructure development with affordable scalability, secure data exchange, and analytic components, ii) Privacy-preserving information sharing via blind processing and anonymization, and an iii) CYBEX-P governance framework.

NSF Award Link

Project Publications


  • C106. F. Sadique and S. Sengupta, "Analysis of Attacker Behavior in Compromised Hosts During Command and Control", (Accepted). IEEE International Conference on Communications (ICC), 2021.
  • C104. J. Thom, Y. Shah and S. Sengupta, "Correlation of Cyber Threat Intelligence Data Across Global Honeypots", (Accepted). IEEE CCWC 2021.


  • C103. A. Walker and S. Sengupta, "Malware Family Fingerprinting Through Behavioral Analysis", (Accepted). In 18th Annual IEEE International Conference on Intelligence and Security Informatics, 2020.
  • C101. Y. Shah and S. Sengupta, "A Survey on Classification of Cyber-Attacks on IoT and IIoT Devices", (Accepted). In 11th IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), 2020.
  • C95. Anuraag Kotra, AbdelRahman Eldosouky, S. Sengupta, "Every Anonymization begins with k: A Game theoretic Approach for Optimized k Selection in K-Anonymization", (Accepted). In Sixth International Conference on Advances in Computing & Communication Engineering, 2020.
  • C90. Bryson Lingenfelter, Iman Vakilinia and Shamik Sengupta, "Analyzing Variation Among IoT Botnets Using Medium Interaction Honeypots", (Accepted). In IEEE CCWC 2020.
  • C89. Shahriar Badsha, Iman Vakilinia and Shamik Sengupta, "Blockchain based Cybersecurity Information Sharing and Fine Grained Access Control", (Accepted). In IEEE CCWC 2020.
  • C88. Farhan Sadique, Raghav Kaul, Shahriar Badsha and Shamik Sengupta, "An Automated Framework for Real-time Phishing URL Detection", (Accepted). In IEEE CCWC 2020.



Project Portal

Jump to the project portal click here

Contact me if you would like to create a log in credential for your organization.


Have questions about my research or how to get involved?

Dr. Shamik Sengupta
Scrugham Engineering and Mines 204
1664 North Virginia Street
Reno, NV 89557
MS 0171