Daryl Johnson Headshot

Daryl Johnson

Associate Professor

Department of Cybersecurity
Golisano College of Computing and Information Sciences

Office Mailing Address
152 Lomb Memorial Drive Rochester, NY 14623

Daryl Johnson

Associate Professor

Department of Cybersecurity
Golisano College of Computing and Information Sciences

Education

BS, St. John Fisher College; MS, Rochester Institute of Technology

Bio

Daryl Johnson is an associate professor of Computing Security. His research focus over the last two decades has been in the areas of computer and network security with a focus on Anonymity, Covert Communication, and CPS/IoT security. He has published over 50 papers in computing security. He was one of the founders of the Northeast Collegiate Cyber Competition and the Collegiate Penetration Testing Competition, has served 12 years as the NECCDC Red Team Captain, and organized many other security competitions. He has developed over thirteen and co-developed over a dozen new courses in the areas of security, networking, and systems administration as well as redesigning and contributing to many others. He has been a principle in the creation of three departments (IT, NSSA, & CSEC) and the associated graduate and undergraduate degrees.


Areas of Expertise

Select Scholarship

Published Conference Proceedings
Nagrikar, Sashaa, Saeed Alshahrani, and Daryl G Johnson. "Covert Communication Using MODBUS Protocol in IoT Devices." Proceedings of the 7th International Conference of Control, Dynamic Systems, and Robotics (CDSR\\\'20) 9-11 November, 2020 in Niagara Falls, Canada. Ed. Dr. Aparicio Carranza. Ottawa, Canada: n.p., 2020. Web.
Johnson, Matthew R, Peter H Lutz, and Daryl G Johnson. "Covert Channel using Man-In-The-Middle over HTTPS." Proceedings of the 2016 International Conference on Computational Science and Computational Intelligence(CSCI’16)(2016, December). Las Vegaas, NV: CPS, 2016. Print.
Heilman, Susan, Jonathan Williams, and Daryl G Johnson. "Covert Channel in HTTP User-Agents." Proceedings of the 11th Annual Symposium on Information Assurance (ASIA’16) (2016, June)Albany, NY USA. Ed. Sanjay Goel. Albany, NY: ASIA, 2016. Web.
Waggoner, Jonathan, William Stackpole, and Daryl G Johnson. "A Hands-On Approach to Computing Security Education: Metasploit Module Development." Proceedings of the 20th Colloquium for Information Systems Security Education (CISSE 2016) (Philadelphia, PA, USA 2016). Ed. ?. Philadelphia, PA: CISSE, 2016. Web.
Daneault, Gregory and Daryl G Johnson. "Client-Initiated HTTP Covert Channels Using Relays." Proceedings of the 4th International Symposium on Digital Forensic and Security (ISDFS)’2016)(p.32-37) (Little Rock, Arkansas-April 2016)Best Student Paper Award. Ed. Piroska Haller. Little Rock, AK: IEEE, 2016. Print.
Bogaard, Dan, et al. "Producing and Evaluating Crowdsourced Computer Security Attack Trees." Proceedings of the 2016 IEEE International Symposium on Technologies for Homeland Security(HST)’2016) (Waltham, Ma-May 2016). Ed. Claire Applegarth & Mark Peters. Waltham, MA: IEEE, 2016. Print.
Alsaffar, Hassan and Daryl G Johnson. "Covert Channel Using the IP Timestamp Option of an IPv4 Packet." Proceedings of the International Conference on Electrical and Bio-medical Engineering, Clean Energy and Green Computing (EBECEGC 2015). Ed. Mohammad V. Malakooti. Dubai, UAE: n.p., 2015. Print.
Ackerman, Geoffrey, Johnson, Daryl, and Stackpole, Bill. "Covert Channel Using ICMPv6 and IPv6 Addressing." Proceedings of the 2015 International Conference on Security and Management. Ed. Hamid R. Arabnia. Las Vegas, NV: n.p., 2015. Print.
Merrill, Justin and Johnson, Daryl. "Covert Channels in SSL Session Negotiation Headers." Proceedings of the 2015 International Conference on Security and Management. Ed. Hamid R. Arabnia. Las Vegas, NV: n.p., 2015. Print.
Harmat, Bryan, et al. "The Security Implications of IMSI Catchers." Proceedings of the 2015 International Conference on Security and Management. Ed. Hamid R. Arabnia. Las Vegas, NV: n.p., 2015. Print.
Harmat, Bryan, Stroud, Jared, and Johnson, Daryl. "A Covert Channel in the Worldwide Public Switched Telephone Network Dial Plan." Proceedings of the 10th ANNUAL SYMPOSIUM ON INFORMATION ASSURANCE. Ed. Sanjay Goel. Albany, NY: n.p., 2015. Print.
Priest, Joseph and Johnson, Daryl. "Covert Channel over Apple iBeacon." Proceedings of the 2015 International Conference on Security and Management. Ed. Hamid R. Arabnia. Las Vegas, NV: n.p., 2015. Print.
Tentilucci, Matthew, et al. "Crowdsourcing Computer Security Attack Trees." Proceedings of the 10th ANNUAL SYMPOSIUM ON INFORMATION ASSURANCE. Ed. Sanjay Goel. Albany, NY: n.p., 2015. Print.
Heard, Timothy, Johnson, Daryl, and Stackpole, Bill. "Exploring a High-Capacity Covert Channel on the Android Operating System." Proceedings of the 8 th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications. Ed. Anatoly Sachenko. Warsaw, Poland: n.p., 2015. Print.
Markowsky, G., et al. "The Benefits of Hosting the NECCDC at Your Institution." Proceedings of the 2015 International Conference on Security and Management. Ed. Hamid R. Arabnia. Las Vegas, NV: n.p., 2015. Print.
Assayari, Hashem and Daryl G Johnson. "A Channel for Exchanging Information Covertly using Game Save File in Prison Architect." Proceedings of the 9th Annual Symposium on Information Assurance (ASIA 14). Ed. Sanjay Goel. Albany, NY: n.p., 2014. Print.
Sabernick, Allen and Daryl G Johnson. "Google Maps KML Covert Channel." Proceedings of the 9th Annual Symposium on Information Assurance (ASIA 14). Ed. Sanja Goel. Albany, NY: n.p., 2014. Print.
Leonardo, Carlos and Daryl G Johnson. "MODBUS Covert Channel." Proceedings of the 2014 International Conference on Security and Management (SAM'14). Ed. Kevin Daimi. Las Vegas, NV: n.p., 2014. Print.
Sharma, Kuhu, et al. "Meshed Tree Protocol for Faster Convergence in Switched Networks." Proceedings of the Tenth International Conference on Networking and Services (The Tenth International Conference on Networking and Services (The Tenth International Conference on Networking and Services. Ed. Sasha Pan. Shanghai, China: n.p., 2014. Print.
Farmer, Douglas and Daryl G Johnson. "Audio Steganography Using Stereo Wav Channels." Proceedings of the 2014 International Conference on Security and Management(SAM'14). Ed. Kevin Daimi. Las Vegas, NV: n.p., 2014. Print.
Rowe, Brian and Daryl G Johnson. "A Behavior-Based Covert Channel in a MMQ." Proceedings of the 2014 International Conference on Security and Management (SAM'14). Ed. Kevin Daimi. Las Vegas, NV: n.p., 2014. Print.
Dearstyne, Steven and Daryl G Johnson. "Leveraging Public Posts and Comments as Covert Channels." Proceedings of the Systems, Signals and Image Processing (IWSSIP), 2014 International Conference. Ed. Mislav Grgic. Dubrovnik, Croatia: n.p., 2014. Print.
Madiraju, Tarun, et al. "Passwords in Public: Dictionary Attacks, Password Selection and Password Meters." Proceedings of the Proceedings of the International Joint Conference on Computer, Information, and Systems Sciences and Engineering (CISSE 14). Ed. Srinivas Ramaswamy. San Diego, CA: n.p., 2014. Print.
Hartpence, Bruce, et al. "Natural Selection in Virtualization Environments: A Decade of Lessons from Academia." Proceedings of the EISTA'13: The 11th International Conference on Education and Information Systems, Technologies and Applications. Orlando, FL: n.p., 2013. Print.
Johnson, Daryl, et al. "Designing, Constructing and Implementing a Low-Cost Virtualization Cluster for Education." Proceedings of the EISTA'13: The 11th International Conference on Education and Information Systems, Technologies and Applications. Orlando, FL: n.p., 2013. Print.
Markowsky, George, et al. "The 2013 NECCDC - Lessons Learned." Proceedings of the SAM'13 - The 2013 International Conference on Security and Management. Las Vegas, NV: n.p., 2013. Print.
Feeney, Kyle and Daryl Johnson. "XSS Cookie Injection Covert Channel." Proceedings of the SAM'13 - The 2013 International Conference on Security and Management. Las Vegas, NV: n.p., 2013. Print.
Radford, Ross and Daryl Johnson. "Composite Covert Channels through EVE Online." Proceedings of the SAM'13 - The 2013 International Conference on Security and Management. Las Vegas, NV: n.p., 2013. Print.
Delva, Wesley and Daryl Johnson. "SSDP Covert Channel." Proceedings of the SAM'13 - The 2013 International Conference on Security and Management. Las Vegas, NV: n.p., 2013. Print.
Johnson, Daryl, Dan Bogaard, and Robert Parody. "Browser Web Storage Vulnerability Investigation: HTML5 localStorage Object." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "Forensic Acquisition and Analysis of VMware Virtual Hard Disks." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "Employing Entropy in the Detection and Monitoring of Network Covert Channels." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "A Covert Channel Over Transport Layer Source Ports." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "A Physical Channel in a Digital World." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "A Covert Channel in TTL Field of DNS Packets." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "Covert Channel in the BitTorrent Tracker Protocol." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "Audio Steganography Using High Frequency Noise Introduction." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "UPnP Port Manipulation as a Covert Channel." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "Webpage Source Based Covert Channel." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, Brandon Mauer, and Bill Stackpole. "Developing Small Team-based Cyber Security Exercises." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "A Behavior Based Covert Channel within Anti-Virus Updates." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Johnson, Daryl, et al. "NAT Denial of Service: An Analysis of Translation Table Behavior on Multiple Platforms." Proceedings of the SAM\'12 - The 2012 International Conference on Security and Management (Las Vegas, NV, USA, July 2012). Ed. Kevin Daimi and Hamid R. Arabnia. Las Vegas, NV: SAM, 2012. Print.
Journal Paper
Heard, Timothy and Daryl G Johnson. "An Extended Discussion on a High-Capacity Covert Channel for the Android Operating System." International Journal of Computing 15. 3 (2016): 191-199. Web.
Sharma, Kuhu, et al. "Performance of Meshed Tree Protocols for Loop Avoidance in Switched Networks." The International Journal on Advances in Networks and Services 7. 3&4 (2014): 228-239. Web.

Currently Teaching

CSEC-473
3 Credits
Students will study, build, defend and test the security of computer systems and networking infrastructure while potentially under attack. Students will gain an understanding of standard business operations, timelines and the value of risk and project management. Techniques as related to security guidelines and goals will be studied. Aspects of legal requirements, inheriting existing infrastructure, techniques for backup and recovery of data and systems will be examined.
CSEC-742
3 Credits
The importance of effective security policies and procedures coupled with experience and practice is emphasized and reinforced through research and practical assignments. Organization and management of security discipline and response to threats is studied. Case studies of effective and failed security planning and implementation will be examined and analyzed. The issues influencing proper and appropriate planning for security and response to attacks will be studied. To be successful in this course students should be knowledgeable in networking, systems, and security technologies.
CSEC-750
3 Credits
Students will be introduced to the history, theory, methodology and implementation of various kinds of covert communications. Students will explore future techniques and uses of covert communications. More specifically students will explore possible uses of covert communications in the management of botnets. To be successful in this course students should be knowledgeable in networking, systems, and security technologies.