Teaching

CYBR 2250 - Low Level Programming

CYBR 3350 - Linux System Administration

CYBR 4440 - Industrial Control Security

CYBR 4450 - Host-based Vulnerability Discovery

CYBR 8460 - Secure Embedded Systems

CSCI 4500 - Operating Systems

CSCI 4700 - Compiler Construction

Interests

Software Fingerprinting: Static and dynamic fingerprinting of software for intellectual property protection. Software executable steganography.

Software Obfuscation: Obfuscation and anti-reverse engineering of binary executables. Binary opcode hiding and mingling. Thwarting reversing tools.

Also - Industrial Control: Various attack methods on industrial control protocols, in particular CIP and EtherNet/IP. Reverse engineering of operating systems and file systems in PLCs. Tamper detection with SCADAHawk. SCADA in the transportation sector - airports in particular. Modeling regulatory compliance in real-time. Development of hardware-in-the-loop devices.

Also - Improvements in Quasigroup Encryption: A fast table-driven block encryption scheme developed at UNO.

Publications

Journal Publications:

William Mahoney, "No Silver Lining: Information Leakage in Cloud Infrastructures" International Journal of Information Warfare, awaiting publication.

Eric Edens, William Mahoney, "Like My Terrorist Site? Pin It!", International Journal of Information Warfare, January 2016.

William Mahoney, "Modifications to GCC for Increased Software Privacy", International Journal of Information and Computer Security, Vol. 7, No. 2/3/4, 2015.

NR Arnold, WR Mahoney, DC Derrick, GS Ligon, MM Harms, "Feasibility of a Cyber Attack on National Critical Infrastructure by a Non-State Violent Extremist Organization", Journal of Information Warfare, Volume 14, Number 1, April 2015.

Matthew Battey, Abhishek Parakh and William Mahoney, "Cryptanalysis and Improvements of the Quasigroup Block Cipher", Journal of Information Assurance and Security (JIAS), Volume 10 Issue 1, January 2015, pp 31-39.

John McCarthy, William Mahoney, "SCADA Threats in the Modern Airport", International Journal of Cyber Warfare and Terrorism, Vol. 3 No. 4, October-December 2013.

Sara Shinn, William Mahoney, "Optimal Values for Disrupting x86-64 Reverse Assemblers", International Journal of Computer Science and Network Security, Volume 11, Number 11, November 2011.

Sharma, A., R. A. Gandhi, W. Mahoney, W. Susan, Q. Zhu, "Building a Social Dimensional Cyber Attack Threat Model with Formal Concept Analysis and Fact Proposition Space Inference", Computers & Security, Elsevier, International Journal of Information and Computer Security, Vol. 5, No. 4, 2013, pp 301-333.

Gandhi, R.A., Sharma, A. Mahoney, W., Susan, W., Quiming, Z., Laplante, P., (2011) "The Cultural, Social, Economic, and Political Dimensions of Cyber Attacks" IEEE Technology and Society Magazine, Volume 30, Number 1, Spring 2011 Issue.

Mahoney, W., Gandhi, R.A., "An Integrated Framework for Control System Simulation and Regulatory Compliance Monitoring", International Journal of Critical Infrastructure Protection (IJCIP), Vol. 4, 2011.

William Mahoney and James Harr (2010) "A Linux Implementation of Windows ACLs", International Journal of Computer Science and Network Security, Volume 10, Number 7, July 2010.

William Mahoney, Peter Hospodka, William Sousan, Ryan Nickell, and Qiuming Zhu (2009), "A Coherent Measurement of Web Search Relevance", IEEE Transactions on Systems, Man, and Cybernetics, Volume 39, Number 6, November.

William Mahoney, Bradley Haas, Alex Nicoll, "1-E-4: Café Mocha with Sugar; An Investigation into the Security of a Closed Debit System", accepted and then redacted (UNO request) from Journal of Information Assurance and Security.

William Mahoney and Craig A. Pokorny (2009), "Do-It-Yourself Guide to Cell Phone Malware", International Journal of Computer Science and Network Security, 9(1), January.

William L. Sousan, Qiuming Zhu, Ryan Nickell, William Mahoney, and Pete Hospodka (2008), "Collecting Open Source Intelligence via Tailored Information Delivery Services", Journal of Information Warfare, 7(2).

William Mahoney and William Sousan (2007), "Instrumentation of Open-Source Software for Intrusion Detection", Seventh Workshop on Runtime Verification, Lecture Notes in Computer Science, Number 4839, pp 151-163.

William Mahoney and William Sousan (2007), "Using Common Off-The-Shelf Tools to Implement Dynamic Aspects", SIGPLAN Notices, February, No. 6-38.

Paul Hultquist and William Mahoney (1998), "Using Simulation to Solve a Conveyor System Controller Design Problem", Simulation (Transactions of The Society for Modeling and Simulation International), Volume 71 Number 1, July, 31-37.

Refereed Conference/Workshop Publications:

William Mahoney, Abhishek Parakh, "Towards a New Quasigroup Block Cipher for a Single-Chip FPGA Implementation", The 24th International Conference on Computer Communications and Networks, ICCCN 2015, Las Vegas, Nevada, USA, August 3 – August 6, 2015

Hardware Implementation of Quasigroup Encryption for SCADA Networks, William Mahoney, Abhishek Parakh and Matthew Battey, The 13th IEEE International Symposium on Network Computing and Applications (IEEE NCA14), August 2014, Cambridge, MA.

Authentication Bypass and Remote Escalated I/O Command Attacks, Ryan Grandgenett, William Mahoney, Robin Gandhi, 10th Cyber and Information Security Research Conference, Oak Rdige, Tennessee, April 2015.

Exploitation of Allen Bradley's Implementation of EtherNet/IP for Denial of Service Against Industrial Control Systems, Ryan Grandgenett, Robin Gandhi and William Mahoney, 9th International Confernce on Cyber Warfare and Security, Purdue University, March 2014.

My PLC Makes an Excellent Web Server, William Mahoney, 9th International Conference on Cyber Warfare and Security, Purdue University, March 2014.

Privacy Preserving Computations using Implicit Security; Abhishek Parakh, William Mahoney, Third International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST 2013), Nassau, Bahamas, July 30.

Fingerprinting Malware using Bioinformatics Tools Building a Classifier for the Zeus Virus; Jay Pedersen, Dhundy Bastola, Ken Dick, Robin Gandhi, William Mahoney, 2013 International Conference on Security and Management (SAM'13), Las Vegas, USA, July 22-25.

A New Quasigroup Based Random Number Generator; Matthew Battey, Abhishek Parakh, William Mahoney, 2013 International Conference on Security and Management (SAM'13), Las Vegas, USA, July 22-25.

SCADA Threats in the Modern Airport, John McCarthy, and William Mahoney, International Conference on Information Warfare, Denver CO, March 2013.

Jay Pedersen, Dhundy Bastola, Ken Dick, Robin Gandhi, William Mahoney, "BLAST Your Way Through Malware", 2012 International Conference on Security and Management (SAM'12)

William Sousan, Robin Gandhi, Qiuming Zhu, William Mahoney (2011), "Using Anomalous Event Patterns in Control Systems for Tamper Detection", CSIIRW-7 Cyber Security and Information Intelligence Research Workshop, Oct 12-14, 2011, Oak Ridge, Tennessee.

Nicholas Wertzberger, Casey Glatter, William Mahoney, Robin Gandhi, Kenneth Dick (2011), "Towards a Low-Cost SCADA Test Bed: An Open-Source Platform for Hardware-in-the-Loop Simulation", The 2011 International Conference on Security and Management, Special Track on Mission Assurance and Critical Infrastructure Protection (STMACIP'11), Las Vegas, Nevada.

Brett Walenz, Robin Gandhi, William Mahoney, Quiming Zhu (2010), "Exploring Social Contexts along the Time Dimension: Temporal Analysis of Named Entities"; Second IEEE International Conference on Social Computing (SocialCom10).

Anup Sharma, Robin A. Gandhi, William Mahoney, William Sousan, Qiuming Zhu (2010), "Building a Social Dimensional Threat Model from Current and Historic Events of Cyber Attacks"; Second IEEE International Conference on Information Privacy, Security, Risk and Trust, Symposium on Secure Computing (SecureCom-10).

William Sousan, Anup Sharma, Robin A. Gandhi, William Mahoney, Qiuming Zhu (2010), "Using Term Extraction Patterns to Discover Coherent Relationships from Open Source Intelligence"; Second IEEE International Conference on Information Privacy, Security, Risk and Trust, Symposium on Secure Computing (SecureCom-10).

Robin Gandhi, William Mahoney, Ken Dick, Zachary Wilson (2010), "Language-driven Assurance for Regulatory Compliance of Control Systems", Proceedings of the International Conference on Information Warfare and Security, April 2010.

Robin Gandhi, William Mahoney, Ken Dick (2009), "ADACS – A Language for Monitoring Regulatory Compliance in Control Systems"; Second Workshop on Compiler and Architectural Techniques for Application Reliability and Security, the 39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Estoril, Portugal.

William Mahoney and William Sousan (2008), "Intrusion Detection via Instrumented Software"; First Workshop on Compiler and Architectural Techniques for Application Reliability and Security, the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, June 24-27, 2008, Anchorage, Alaska.

Dan Cotton, Steve Nugen, William Mahoney (2008), "The Impact of the Federal Desktop Core Configuration on Incident Response"; Proceedings of the International Conference on Information Warfare and Security, April, 2008.

William Mahoney and William Sousan (2008), "IDEA: A New Intrusion Detection Data Source"; Second International Conference on Information Security and Assurance, April 24-26, Busan, Korea.

William Mahoney and William Sousan (2007), "Intrusion Detection in Open Source Software Via Dynamic Aspects"; Proceedings of the International Conference on Information Warfare and Security, March 8-9, Naval Postgraduate School, Monterey, California.

William Mahoney (2006), "Compiler Assisted Tracking of Hacker Assaults"; Proceedings of the International Conference on Information Warfare and Security, University of Maryland Eastern Shore, March 15-16.

Book Chapters:

Sousan, W., Zhu, Q., Gandhi, R.A., Mahoney, W., (2013) Smart Grid Tamper Detection using Learned Event Patterns, Systems and Optimization Aspects of Smart Grid Challenges, Springer, Editors: Dr. Marco Carvalho, Vijay Pappu, Dr. Panos M. Pardalos, Optimization and Security Challenges in Smart Power Grids Energy Systems, 2013, pp 99-115

Other Things

Outstanding Teaching and Instructional Creativity Award (2019)

University-wide Excellence in Teaching Award (2015)

Cheryl Prewett Diamond Alumni Professorship (2014)

Alumni Outstanding Teaching Award (2008)