Transition to Practice

group_project

Visible to the public EDU: This is Not a Game---Using ARGs for Teaching Security Concepts to First-Year Undergraduates

Submitted by Zachary Peterson on Wed, 10/11/2017 - 1:56am

The project involves the design and development of a pedagogical alternate reality game (ARG) teaching Cybersecurity and Computer Science (CS) concepts to first-year, undergraduate students.

Outcomes Report URL: 
https://www.research.gov/research-portal/appmanager/base/desktop?_nfpb=true&_win...
group_project

Visible to the public EDU: Developing Security Education Materials for Future Advanced Manufacturing Engineering Workforce

Submitted by Weichao Wang on Wed, 10/11/2017 - 1:43am

The cyber security of advanced manufacturing systems (AMS) has raised significant interest amongst both the general public and researchers. However, corresponding education programs fall behind in many aspects. Limited curriculum or hands-on learning resources are available for security education in AMS, especially exercises that cover the complete manufacturing cycle. This project will try to bridge the gap by developing an experiment platform dedicated to security education for AMS, and designing a suite of course modules and hands-on projects upon it.

group_project

Visible to the public EDU: Collaborative: Using Virtual Machine Introspection for Deep Cyber Security Education

Submitted by zlin61 on Wed, 10/11/2017 - 1:31am

Cybersecurity is one of the most strategically important areas in computer science, and also one of the most difficult disciplines to teach effectively. Historically, hands-on cyber security exercises helped students reinforce basic concepts, but most of them focused on user level attacks and defenses. Since OS kernels provide the foundations to the applications, any compromise to OS kernels will lead to an entirely untrusted computing. Therefore, it is imperative to teach students the practice of kernel level attacks and defenses.

group_project

Visible to the public TWC: TTP Option: Large: Collaborative: Towards a Science of Censorship Resistance

Submitted by Nicholas Feamster on Tue, 10/10/2017 - 12:09pm

The proliferation and increasing sophistication of censorship warrants continuing efforts to develop tools to evade it. Yet, designing effective mechanisms for censorship resistance ultimately depends on accurate models of the capabilities of censors, as well as how those capabilities will likely evolve. In contrast to more established disciplines within security, censorship resistance is relatively nascent, not yet having solid foundations for understanding censor capabilities or evaluating the effectiveness of evasion technologies.

group_project

Visible to the public TC: Large: Collaborative Research: Facilitating Free and Open Access to Information on the Internet

Submitted by Nicholas Feamster on Tue, 10/10/2017 - 12:05pm

This project develops methods to provide citizens information about technologies that obstruct, restrict, or tamper with their access to information. Internet users need an objective, independent, third-party service that helps them determine whether their Internet service provider or government is restricting access to content, specific protocols, or otherwise degrading service. Towards this goal, we are (1) monitoring attempts to block or manipulate Internet content and communications; and (2) evaluating various censorship circumvention mechanisms in real-world deployments}.

group_project

Visible to the public TWC: Medium: Collaborative: Black-Box Evaluation of Cryptographic Entropy at Scale

Submitted by Nadia Heninger on Tue, 10/10/2017 - 11:21am

The ability to generate random numbers -- to flip coins -- is crucial for many computing tasks, from Monte Carlo simulation to secure communications. The theory of building such subsystems to generate random numbers is well understood, but the gap between theory and practice is surprisingly wide. As built today, these subsystems are opaque and fragile. Flaws in these subsystems can compromise the security of millions of Internet hosts.

group_project

Visible to the public CAREER: Exo-Core: An Architecture to Detect Malware as Computational Anomalies

Submitted by tiwari on Mon, 10/09/2017 - 4:36pm

Applications that run on billions of mobile devices backed by enormous datacenters hold the promise of personal, always-on healthcare; of intelligent vehicles and homes; and thus of a healthier, more efficient society. It is imperative to make such applications secure by protecting their integrity and keeping their data confidential. However, malicious programs (``malware'') today can subvert the best software-level defenses by impersonating benign processes on mobile devices or by attacking victim processes through the hardware on shared datacenter servers.

group_project

Visible to the public TTP: Small: Network-Level Security Posture Assessment and Predictive Analytics: From Theory to Practice

Submitted by Mingyan Liu on Mon, 10/09/2017 - 4:30pm

This project addresses the following two key questions in cyber security: (1) how is the security condition of a network assessed, and (2) to what extent can we predict data breaches or other cyber security incidents for an organization. The ability to answer both questions has far-reaching social and economic impact. Recent data breaches such as those at Target, JP Morgan, Home Depot, Office of Personnel Management (OPM), and Anthem Healthcare, to name just a few, highlight the increasing social and economic impact of such cyber security incidents.

group_project

Visible to the public EDU: Automated Platform for Cyber Security Learning and Experimentation (AutoCUE)

Submitted by Vassil Roussev on Mon, 10/09/2017 - 2:54pm

One of the main obstacles in providing extensive hands-on experience in cybersecurity classes is the substantial amount of manual work involved in creating and grading the exercise. Combined with the frequent need to update the exercises, this obstacle effectively limits that amount of hands-on work that gets incorporated into cybersecurity education. This project seeks to eliminate such barriers, and to greatly improve the efficiency of the educational process by automating the most time-consuming tasks.

group_project

Visible to the public TWC SBE: Medium: Collaborative: Dollars for Hertz: Making Trustworthy Spectrum Sharing Technically and Economically Viable

Submitted by Michelle Connolly on Mon, 10/09/2017 - 2:52pm

The critical role of spectrum as a catalyst for economic growth was highlighted in the 2010 National Broadband Plan (NBP). A challenge for the NBP is realizing optimal spectrum sharing in the presence of interference caused by rogue transmissions from any source, but particularly secondary users who share the spectrum. This complex problem straddles wireless technology, industrial economics, international standards, and regulatory policy.