Risk Management

group_project

Visible to the public TTP: Medium: A Campus Pilot For A Privacy-Enabled Cloud Storage, Search, and Collaboration Portal for Education

Submitted by Radu Sion on Wed, 10/11/2017 - 1:23pm

As higher education institutions consider moving services to the cloud to save costs and improve collaboration, significant challenges to successful large-scale adoption still exist. Institutions are unwilling to risk cloud deployment because provable technological defenses have thus far been lacking. Control over sensitive data is relinquished without the institution's knowledge, liability is shifted and data breach risks are significantly increased. Further, regulatory-sensitive data has become an increasingly attractive target.

group_project

Visible to the public EDU: Developing Open Authentic Case Studies for a MS in Cybersecurity Capstone Course

Submitted by Grandon Gill on Wed, 10/11/2017 - 12:36am

The project will develop a case method capstone course for a new multidisciplinary Master's degree program in Cybersecurity at the University of South Florida (USF). It extends a project that focused on developing a capstone course for an undergraduate program employing the case method pedagogy. That study demonstrated the feasibility of building a course entirely around discussions of local case studies and demonstrated positive learning outcomes using a variety of instruments.

group_project

Visible to the public TWC: Medium: Understanding and Illuminating Non-Public Data Flows

Submitted by Nicholas Weaver on Tue, 10/10/2017 - 11:29am

Our lives are surrounded by a constant web of data, picked up by a global network of unseen programs that gather, coalesce, combine, and merge every scrap of data they can acquire. These programs and companies operate out of public view, collecting and exchanging data for profit without clear public knowledge. This is a complex ecosystem, the original collectors of data are likely unaware of eventual uses, users of data may be unaware of the original source.

group_project

Visible to the public TWC: TTP Option: Large: Collaborative: Towards a Science of Censorship Resistance

Submitted by Nicholas Feamster on Tue, 10/10/2017 - 11:09am

The proliferation and increasing sophistication of censorship warrants continuing efforts to develop tools to evade it. Yet, designing effective mechanisms for censorship resistance ultimately depends on accurate models of the capabilities of censors, as well as how those capabilities will likely evolve. In contrast to more established disciplines within security, censorship resistance is relatively nascent, not yet having solid foundations for understanding censor capabilities or evaluating the effectiveness of evasion technologies.

group_project

Visible to the public TWC: Medium: Collaborative: Exposing and Mitigating Cross-Channel Attacks that Exploit the Convergence of Telephony and the Internet

Submitted by Mustaque Ahamad on Mon, 10/09/2017 - 4:09pm

Rapid advances in technology now enable simultaneous access to both telephony and Internet services from smart phone devices that people carry with them at all times. Although this convergence of telephony with the Internet offers many benefits, it also provides cyber criminals the ability to develop increasingly sophisticated attacks that combine resources from both the telephony and Internet channels.

group_project

Visible to the public TTP: Small: Network-Level Security Posture Assessment and Predictive Analytics: From Theory to Practice

Submitted by Mingyan Liu on Mon, 10/09/2017 - 3:30pm

This project addresses the following two key questions in cyber security: (1) how is the security condition of a network assessed, and (2) to what extent can we predict data breaches or other cyber security incidents for an organization. The ability to answer both questions has far-reaching social and economic impact. Recent data breaches such as those at Target, JP Morgan, Home Depot, Office of Personnel Management (OPM), and Anthem Healthcare, to name just a few, highlight the increasing social and economic impact of such cyber security incidents.

group_project

Visible to the public TWC: Small: Understanding Network Level Malicious Activities: Classification, Community Detection and Inference of Security Interdependence

Submitted by Mingyan Liu on Mon, 10/09/2017 - 3:20pm

This goal of this project is development of a formal method to quantitatively assess the security posture of large networks and assign them a numeric score. Large networks are made up of a collection of individual machines, which exhibit more stable behavior and features as a group than at the IP level, where each host is inspected separately. Networks at an aggregate level thus carry more predictive power, enabling a more robust and accurate policy design.

group_project

Visible to the public CAREER: Securing Mobile Cyber-Physical Systems (CPSs) Against Stealthy Attacks

Submitted by Mina Guirguis on Mon, 10/09/2017 - 3:17pm

As Cyber-Physical Systems (CPSs) employing mobile nodes continue to integrate into the physical world, ensuring their safety and security become crucial goals. Due to their mobility, real-time, energy and safety constraints, coupled by their reliance on communication mediums that are subject to interference and intentional jamming, the projected complexities in Mobile CPSs will far exceed those of traditional computing systems.

group_project

Visible to the public TWC: Small: Subversion-Resistant Cryptography

Submitted by Mihir Bellare on Mon, 10/09/2017 - 3:12pm

This work aims to effectively address security concerns while maintaining the privacy of individuals and corporations. The project analyzes subversive attacks, develops defenses and deterrents, creates privacy tools and software, and increases awareness and expertise through teaching, mentoring and involvement of students in research.

group_project

Visible to the public EDU: Collaborative: Enhancing Education in Genetic Privacy with Integration of Research in Computer Science and Bioinformatics

Submitted by Xinghua Shi on Mon, 10/09/2017 - 1:56pm

The era of personal genomics, where genetic information is ubiquitously available for research, clinical practice or personal curiosity, is quickly approaching. At the same time, there is a growing concern of genetic privacy and the existing educational resources are focused mostly on legal, regulatory or ethical issues in personal genomics.

Outcomes Report URL: 
https://www.nsf.gov/awardsearch/showAward?AWD_ID=1523154