NCSU SoS Lablet Quarterly Executive Summary

A. Fundamental Research
High level report of result or partial result that helped move security science forward-- In most cases it should point to a "hard problem". These are the most important research accomplishments of the Lablet in the previous quarter.

We continued to produce science of security outcomes. The following are the major contributions from Lablet projects.

• We built a dataflow-based static program analysis tool for Payment Service Provider (PSP) libraries for mobile Android apps store security-critical information. This tool generates warnings based on modeling interrelated rules that sometimes seem to allow or disallow the same action.
• We refined and evaluated our framework for identifying rogue apps (those that violate privacy expectations) based on app reviews. Our method achieves a higher F1 score than the previous approach and provides a high recall of 89%, which is a more valuable metric than precision in that it captures more rogue apps for further scrutiny.
• We implemented three approaches based on natural language processing with respect to their effectiveness in extracting attacker techniques from cyberthreat intelligence (CTI) reports. We compared these approaches using the MITRE ATT%CK dataset.

B. Community Engagement(s)
Research interaction in the community including workshops, seminars, competitions, etc.

We brought up the Science of Security in a variety of fora, including

• Three Secure Software Supply Chain summits that we conducted.  Two of the summits were with industrial organizations involving 24 organizations.  One summit was with five government organizations.
• Discussions with non-lablet colleagues locally and at other universities.

C. Educational Advances
Impact to courses or curriculum at your school or elsewhere that indicates an increased training or rigor in security research.