Visible to the public NCSU SoS Lablet Quarterly Executive SummaryConflict Detection Enabled

Submitted by nzahan on Fri, 12/18/2020 - 12:50pm

A. Fundamental Research
High level report of result or partial result that helped move security science forward-- In most cases it should point to a "hard problem". These are the most important research accomplishments of the Lablet in the previous quarter.

We continued to produce science of security outcomes. The following are the major contributions from Lablet projects.

  • We investigated a hybrid of CDL, our classified distributed learning framework for security attack detection in container-based systems, with a new supervised approach that promises improved accuracy.
  • We identified desired properties of a contact tracing design that we dub PURE (Privacy, Utility, Resiliency, and Efficiency) along with a description of the design choices.
  • We submitted a paper to IEEE Security and Privacy symposium on our data analysis of the 2019 Collegiate Penetration Testing Competition. We found that (1) vulnerabilities related to protection mechanism failure (e.g. lack of SSL/TLS) and improper neutralization (e.g. SQL injection) are discovered faster than others; (2) vulnerabilities related to protection mechanism failure and improper resource control (e.g. user sessions) are discovered more often and are exploited more easily than others; and (3) there is a clear process followed by penetration testers of discovery/collection to lateral movement/preattack.
  • We identified relevant criteria from the OWASP Mobile Application Security Verification Standard (MASVS) and began mapping them to program analysis tasks to better analyze Payment Service Provider APIs.
  • We engaged with the security community, including Lablet members and committee members of previous HotSoS symposia and have been refining our guidelines for reporting cybersecurity research.

B. Community Engagement(s)
Research interaction in the community including workshops, seminars, competitions, etc.

We brought up the Science of Security in a variety of fora, including

  • Presentations at and discussions with colleagues at academic conferences, including the Deep Learning Cyberthreat Intelligence workshop at the International Conference on Data Mining.
  • We have assisted in the instrumentation for the CPTC 2020 competition. Our capacity is reduced from last year to focus on analyzing existing data.
  • Discussions with a local startup, Airgap Inc., regarding security in convergent Information Technology/Operational Technology networks for secure manufacturing.

 

C. Educational Advances
Impact to courses or curriculum at your school or elsewhere that indicates an increased training or rigor in security research.

 

Groups: