Security Research - overview

About the Department

The IBM Research T.J. Watson Security Department's research focuses on developing security technologies, design methodologies, best practices and standards. The goal is to significantly raise the bar on the quality of security in products and services while simultaneously easing the overhead of developing and deploying such secure solutions.

Members of the group are known for their pioneering work on a variety of topics that have led to new technologies being incorporated in IBM's products and services, definitive industry leading standards as well as publications in premier security workshops and conferences.

The group continues to do innovative work on various topics including:

  • cryptographic research from the theoretical foundations to the design and implementation of practical protocols.
  • cognitive cyber security intelligence and cybersecurity analytics
  • cloud security and secure service delivery environments
  • emerging identity and access control management such as privileged user monitoring, role modeling and mining
  • secure hypervisors and operating systems
  • secure processor technologies via physical secure co-processors, service processors and novel hardware architectures
  • ethical hacking as part of the Global Security Analysis (GSAL) activities

In the News

  • 2018-03: IBM Cloud Security announces IBM Cloud Security Advisor, to which the department contributed.
  • 2017-11: IBM announces the Quad 9 DNS Service, which is based on DNS analytics developed by the CCSI team in the department
  • 2017-02: IBM Security launches its first cognitive solution: IBM QRadar Advisor with Watson, which has been invented in our department
  • 2017-02: IBM press release: IBM Delivers Watson for Cyber Security to Power Cognitive Security Operations Centers
  • 2016-12: Press coverage of the beta release of our research: IBM Watson for Cybersecurity Inches from Research to Reality
  • 2016-05: IBM Security announces to release our research as its first cognitive offering: Watson for Cyber Security
  • 2016-05: Ginni Rometty, CEO, Chairwoman, and President of IBM, announces Watson for Cyber Security at the IBM Security Summit 2016: Outthink Threats - Ginni Rometty [YouTube]
  • 2013-05: The paper Candidate Multilinear Maps from Ideal Lattices (eprint version) by Sanjam Garg, Craig Gentry and Shai Halevi won the Best Paper Award at the IACR Eurocrypt conference: In this scientific break-through we describe plausible lattice-based constructions with properties that approximate the sought-after multilinear maps in hard-discrete-logarithm groups, and show an example application of such multilinear maps that can be realized using our approximation.
  • 2013-05: The paper Pinocchio: Nearly Practical Verifiable Computation by Bryan Parno, Craig Gentry, Jon Howell and Mariana Raykova won the Best Paper Award at the IEEE Symposium on Security and Privacy, Oakland: In this paper and corresponding implementation we present a novel scheme to efficiently verify general computations delegated to the cloud, hence instilling greater confidence in such outsourcing. See also news coverage in the MIT Review.
  • 2013-03: After passing a very successful first phase, our projects Hermes and ESPADA got funded for a second phase as part of the U.S. Intelligence Advanced Research Projects Activity (IARPA)'s SPAR programme, for work on homomorphic encryption and large-scale privacy-preserving database query and manipulation, respectively. See papers in Eurocrypt'12, PKC'13, Crypto'12, Crypto'13 and CCS'13 for some results.
  • 2012-10: The U.S DHS Advanced Research Projects Agency awarded us a grant for the project Hardware Support for Malware Defense and End-to-End Trust in the BAA 11-02 programme. The project pursues novel research in hardware-supported malware defense and end-to-end trust, spanning a range of computing devices from servers, embedded and mobile devices and low end sensors and actuators. We will investigate what (minimal) set of changes at the hardware layers will allow to minimize the currently significant attack surface, to provide stronger isolation between different workloads (applications, processes, Virtual Machines) and to enable monitoring and verification of the integrity of these workloads. See the SecureBlue++ technical report and our presentation at the Linux Security Summit 2013 for some results.
  • 2012-10: In the the highly competitive (less than 4% acceptance) U.S. DHS Advanced Research Projects Agency BAA 11-02 programme we got also won a grant for a second project: Usable Multi-Factor Authentication and Risk-based Authorization. The proposal is based on our research on reducing security risk for mobile transactions through context-aware usable strong authentication and risk-based authorization. The work leverages a range of novel techniques in security, systems, usability, accessibility and biometrics to develop an intelligent multi-factor authentication and authorization solution for mobile devices. See papers in ACSAC'12 and RAID'13 for some results.


To find out more about our activities, explore the following list of current projects:

You might also be interested in some of our completed projects ...


If you are interested in these topics and you have a strong background in security, software engineering and services: Our team has openings for a variety of research positions including interns, coops and Research Staff Members. Please contact Josyula R. Rao for more information.