NCSU SoS Lablet Quarterly Executive Summary

A. Fundamental Research
High level report of result or partial result that helped move security science forward-- In most cases it should point to a "hard problem". These are the most important research accomplishments of the Lablet in the previous quarter.

We continued to produce science of security outcomes. The following are the major contributions from Lablet projects.

• We completed the design, implementation, and initial evaluation of our hybrid machine learning framework as well as a comprehensive study  of real-world security vulerability code patterns arising in 109 vulnerabilities in 13 cloud servers.
• To better understand the common practice of releasing security fixes by open source developers, we completed an empirical study on security releases of open source packages.
• We began investigating the scope and conception of consent in a sociotechnical framework to better understand how to develop and govern AI agents to make sure they responsibly assist users.
• We developed Version 1.0 of the Guidelines for Scientific Reporting in Cyber Security that captures a consensus of the science of security community elicited through interviews and analysis of reviews.

B. Community Engagement(s)
Research interaction in the community including workshops, seminars, competitions, etc.

We brought up the Science of Security in a variety of fora, including

• Discussions with non-lablet colleagues locally and at other universities.

C. Educational Advances
Impact to courses or curriculum at your school or elsewhere that indicates an increased training or rigor in security research.

We involved a female undergraduate student in our research.