Phuong M. Cao Profile Picture Avatar

Phuong M. Cao

Research Scientist

National Center for Supercomputing Applications
University of Illinois at Urbana-Champaign


Phuong M. Cao was born in Phu Tho, Vietnam and currently a U.S. Permanent Resident (EB1). He is a cybersecurity researcher at the National Center for Supercomputing Applications (NCSA) at the University of Illinois at Urbana-Champaign. His work focuses on securing high-performance computing (HPC) cyberinfrastructure against accidental failures and intentional cyberattacks. His research is driven by network traffic measurements, cyberattack detection using probabilistic models, and formal verification of authentication protocols. As a National Science Foundation Trusted CI Fellow, he provides security expertise to research and education partners, including the FABRIC testbed. He has received awards for his research and mentorship, including a Best Paper Award, a Best Hackathon Award, and recognition as an Outstanding Mentor for Fiddler Innovation Fellowship recipients. (Name and Biography)
Research Summary: Building resilient and secure supercomputers to advance open-science research in the presence of accidental failures and intentional cyber-attacks.


Publications

  • Post-Quantum Cryptography (PQC) Network Instrument:
    Measuring PQC Adoption Rates and Identifying Migration Pathways

    Jakub Sowa, Bach Hoang, Advaith Yeluru, Steven Qie, Anita Nikolich, Ravishankar Iyer, Phuong M. Cao
    IEEE International Conference on Quantum Computing and Engineering (QCE)
    Pre-print PDF
  • True Attacks, Attack Attempts, or Benign Triggers? An Empirical Measurement of Network Alerts in a Security Operations Center
    Limin Yang, Zhi Chen, Chenkai Wang, Zhenning Zhang, Sushruth Booma, Phuong M. Cao, Constantin Adam, Alex Withers, Zbigniew Kalbarczyk, Ravishankar K. Iyer, Gang Wang
    33rd USENIX Security Symposium
    PDF
  • Taxonomy of Fingerprinting Techniques for Evaluation of Smart Grid Honeypot Realism
    Vanessa Tay, Xinran Li, Daisuke Mashima, Bennet Ng, Phuong M. Cao, Zbigniew Kalbarczyk, Ravishankar K Iyer
    IEEE International Conference on Smart Grid Communications (SmartGridComm), 2023
    PDF
  • Post-Quantum Cyberinfrastructure Security Readiness: Risks, Measures and Prospects
    Phuong M. Cao, Bach Hoang, Santiago Nunez-Corrales
    ASCR Workshop on Basic Research Needs in Quantum Computing and Networking, Department of Energy, (Position Paper), 2023.
    PDF
  • stealthML: Data-driven Malware for Stealthy Data Exfiltration
    Keywhan Chung, Phuong M. Cao, Zbigniew Kalbarczyk, Ravishankar K Iyer
    IEEE International Conference on Cyber Security and Resilience, 2023
    PDF
  • Predicting ICU Admissions for Hospitalized COVID-19 Patients with a Factor Graph-based Model
    Yurui Cao, Phuong M. Cao, Haotian Chen, Karl M. Kochendorfer, Andrew B. Trotter, William L. Galanter, Paul M. Arnold, Ravishankar K Iyer
    AAAI-22 Health Intelligence Workshop
    PDF
  • Investigating Root Causes of Authentication Failures Using a SAML and OIDC Observatory
    Jim Basney, Phuong M. Cao, Terry Fleury
    IEEE DependSys 2020
    PDF
  • Mining Threat Intelligence from Billion-scale SSH Brute-Force Attacks
    Yuming Wu, Phuong M. Cao, Alex Withers, Zbigniew Kalbarczyk, Ravishankar Iyer
    Workshop on Decentralized IoT Systems and Security, co-located with NDSS, 2020
    PDF
  • CAUDIT: Continuous Auditing of SSH-Servers To Mitigate Brute-Force Attacks
    Phuong M. Cao, Yuming Wu, Subho Banerjee, Alex Withers, Justin Azoff, Zbigniew Kalbarczyk, Ravishankar Iyer
    USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2019
    PDF   Talk   Press
  • SVAuth: A Single-Sign-On Integration Solution with Runtime Verification
    Shuo Chen, Matt McCutchen, Phuong M. Cao, Shaz Qadeer, and Ravishankar Iyer
    International Conference on Runtime Verification (RV), 2017
    PDF
    Blackhat Europe presentation
  • Preemptive intrusion detection: theoretical framework and real-world measurements
    Phuong M. Cao, Eric Badger, Adam Slagell, Zbigniew Kalbarczyk, Ravishankar Iyer
    ACM Symposium and Bootcamp on the Science of Security (HotSOS), 2015
    PDF
  • Security Monitoring for Virtual Machines Using Hardware Architectural Invariants
    Cuong Pham, Zachary Estrada, Phuong M. Cao, Zbigniew Kalbarczyk, and Ravishankar Iyer
    IEEE Conference on Dependable Systems and Networks (DSN), 2014
    PDF

Magazine articles and workshops

  • Building Reliable and Secure Virtual Machines Using Architectural Invariants
    Cuong Pham, Zachary Estrada, Phuong M. Cao, Zbigniew Kalbarczyk, and Ravishankar Iyer
    IEEE Security and Privacy (S&P) Magazine, 2014
    PDF
  • Toward a high availability cloud: Techniques and challenges
    Cuong Pham, Phuong M. Cao, Zbigniew Kalbarczyk, and Ravishankar Iyer
    IEEE International Conference on Dependable Systems and Networks (DSN), 2012
    PDF

Research

My research focuses on securing High Performance Computing (HPC) environments. Statistical measurements of real-world data on security incidents and outages are the key driver to design secure-by-construction software such as federated authentication tokens for supercomputing systems. This work is crucial for mitigating evolving threats like Machine Learning-powered attacks and the rise of new computing paradigms such as Quantum Computing. My work has been funded by the National Science Foundation (NSF), Illinois Computes program, and industry partner such as International Business Machines (IBM).

  • CC*: Quantum-Resistant Cryptography in Supercomputing Scientific Applications, NSF, Office of Advanced Cyberinfrastructure (OAC)
  • FMitF: Track II: Bringing Verification-Aware Languages and Federated Authentication to Enable Secure Computing for Scientific Communities, NSF, Division of Computing and Communication Foundations (CCF)
  • ResiliANT AIOps: Foundation-Model-Driven Resilience for Cloud Computing, IBM-Illinois Discovery Accelerator Institute
Please contact me for a copy of the grant proposal for NSF projects above.

Talks

Honors and Awards

  • Outstanding Mentors, Students Pushing INnovation (SPIN) at NCSA, 2024
  • Trusted CI Open Science Cybersecurity Fellow, Trusted CI, the NSF Cybersecurity Center of Excellence , 2023
  • 10th place, Salesforce Hackathon (Heroku category), 2014
  • Best Paper Award, IEEE International Conference on Dependable Systems and Networks (DSN), 2014
  • Best Use of the APIs, Box.com Hackathon, 2012
  • Vietnam Education Foundation (VEF) Fellowship Nominee, 2011

Service

Proposal Review Panels: Department of Energy (2025) Proposal Review Panels: National Science Foundation (2024, 2025)

Program Committee Member: IEEE DSN 2024 Industry Track, IEEE QCE 2024, IEEE QCE 2025

Journal Reviewer: IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Information Forensics and Security

Teaching

Fall 2021/2022: Guest Lecturer, Designing MPs for ECE 542 / CS 536: Design of Fault Tolerant Digital Systems

Fall 2020: Designing MPs for ECE 598 RKI: Dependable AI Systems

Fall 2019: Teaching Assistant for ECE 542 / CS 536: Design of Fault Tolerant Digital Systems

Spring 2018: Teaching Assistant for CS 461: Computer Security

Fall 2017: Teaching Assistant for CS 461: Computer Security

Spring 2017: Teaching Assistant for ECE 313: Probability and Statistics

Press