Cybersecurity Workforce

group_project

Visible to the public SaTC-EDU: EAGER Enhancing Cybersecurity Education Through a Representational Fluency Model

Submitted by Baijian Yang on Mon, 10/16/2017 - 5:11pm

Cybersecurity experts must possess several abilities: deep technical skills, the capability to recognize and respond to complex and emergent behavior, mastery of using abstractions and principles, the ability to assess risk and handle uncertainty, problem-solving and reasoning skills, and facility in adversarial thinking. Based on cognitive theory, this project will investigate the efficacy of model eliciting activities for developing students' ability to recognize and respond to complex and emergent behavior, and how to handle uncertainty and ambiguity.

group_project

Visible to the public CAREER: Applying a Criminological Framework to Understand Adaptive Adversarial Decision-Making Processes in Critical Infrastructure Cyberattacks

Submitted by arege on Mon, 10/16/2017 - 4:43pm

Infrastructure systems (such as power, water and banking) have experienced a surge in cyberattacks over the past decade. These attacks are becoming more sophisticated and resilient, suggesting that the perpetrators are intelligent, determined and dynamic. Unfortunately, current cyberdefense measures are reactive and frequently ineffective. Defenders need to move to a proactive approach, which will require an understanding of the human characteristics and behaviors of the people behind these cyberattacks.

group_project

Visible to the public CAREER: Automated Analysis of Security Hyperproperties

Submitted by Rohit Chadha on Mon, 10/16/2017 - 2:47pm

Computer programs and cryptographic protocols are increasingly being used to access confidential and private information on the Internet. Due to their complex nature, they often have subtle errors that can be exploited by malicious entities. As security flaws can have serious consequences, it is important to ensure that computer programs and cryptographic protocols achieve their security objectives.

group_project

Visible to the public TWC: Small: Design and Analysis of Symmetric Key Ciphers

Submitted by Andrew Klapper on Mon, 10/16/2017 - 2:39pm

Pseudorandom sequences (PRS) exhibit a statistical randomness and are widely used in applications where randomness is needed and PRS generation can be effectively done. Many everyday applications in digital computing and communication require randomness to operate correctly. For example, these include secure network communications, global positioning systems, and even weather prediction simulations. Yet, few general generators of high quality pseudorandom sequences are known.

group_project

Visible to the public TWC: TTP Option: Small: Collaborative: Enhancing Anonymity Network Resilience against Pervasive Internet Attacks

Submitted by RDingledine on Fri, 10/13/2017 - 1:42pm

Large-scale Internet censorship prevents citizens of many parts of the world from accessing vast amounts of otherwise publicly available information. The recognition and publication of these censorship events have aided in motivating the development of new privacy-enhancing technologies to circumvent the censor. We argue that as circumvention technologies improve and the cost of detecting their use increases, adversaries that are intent on restricting access to information will seek out alternative techniques for disruption.

group_project

Visible to the public TTP: Small: Collaborative: Defending Against Website Fingerprinting in Tor

Submitted by RDingledine on Fri, 10/13/2017 - 1:39pm

The more people use the Internet, the more they risk sharing information they don't want other people to know. Tor is a technology that every day helps millions of people protect their privacy online. Tor users -- ranging from ordinary citizens to companies with valuable intellectual property -- gain protection for the content of their online messages and activities, as well as whom they interact with and when. For the most part, Tor is very secure. However, it has a known vulnerability to an attack called website fingerprinting.

group_project

Visible to the public EDU: Collaborative: Educating the Security Workforce through On-Demand Live Competitions

Submitted by Adam Doupe on Thu, 10/12/2017 - 5:28pm

The United States is facing a cyber-security crisis. Recent studies predict a shortfall of 1.5M global information security jobs by 2020. The lack of qualified cyber-security workforce gives rise to high-profile security incidents. In addition, attacks against the nation's critical infrastructure can have devastating effect that go well beyond the financial losses that we are witnessing today.

group_project

Visible to the public EDU: QuaSim: A Virtual Interactive Quantum Cryptography Educator-A Project-based Gamified Educational Paradigm

Submitted by Abhishek Parakh on Thu, 10/12/2017 - 4:58pm

Video-based traffic monitoring systems have been widely used for traffic management, incident detection, intersection control, and public safety operations. Current designs pose critical challenges. First, it relies heavily on human operators to monitor and analyze video images. Second, commercially available computer vision technologies cannot satisfactorily handle severe conditions, such as weather and glare, which significantly impair video image quality.

group_project

Visible to the public TWC: Small: Unsupervised and Statistical Natural Language Processing Techniques for Automatic Phishing and Opinion Spam Detection

Submitted by Rakesh Verma on Thu, 10/12/2017 - 12:49pm

In phishing, an attacker tries to steal sensitive information, e.g., bank/credit card account numbers, login information, etc., from Internet users. The US society and economy are increasingly dependent on the Internet and the web, which is plagued by phishing. One popular phishing method is to create a site that mimics a good site and then attract users to it via email, which is by far the most popular medium to entice unsuspecting users to the phishing site.