Cybersecurity Workforce

Used by hundreds of millions of people every day, online services are central to everyday life. Their popularity and impact make them targets of public opinion skewing attacks, in which those with malicious intent manipulate the image of businesses, mobile applications and products. Website owners often turn to crowdsourcing sites to hire an army of professional fraudsters to paint a fake flattering image for mediocre subjects or trick people into downloading malicious software.

One of the most serious threats in the world today to the security of cyberspace is "social engineering" - the process by which people with access to critical information regarding information systems security are tricked or manipulated into surrendering such information to unauthorized persons, thereby allowing them access to otherwise secure systems. To date, little systematic research has been conducted on social engineering.

The goal of this project is to create the algorithms, frameworks, and systems for defending the open web ecosystem from emerging threats. This project aims to (i) analyze malicious tasks and behaviors of crowdturfers; (ii) detect malicious tasks on crowdsourcing platforms by developing novel malicious task detectors; (iii) design and build a task blacklist; (iv) uncover the ecosystem of crowdturfers and detect crowdturfers; (v) combine crowdturfer detection approaches with other malicious participants detection approaches.

The goal of the Modular Approach to Cloud Security (MACS) project is to develop methods for building information systems with meaningful multi-layered security guarantees. The modular approach of MACS focuses on systems that are built from smaller and separable functional components, where the security of each component is asserted individually, and where the security of the system as a whole can be derived from the security of its components. The project concentrates on building outsourced, cloud-based information services with client-centric security guarantees.

The threat of malicious insiders is a top concern for governmental agencies and corporations. In general, malicious insiders are typically disgruntled employees who encounter a negative experience, or stressor, as a triggering event. Criminology research has long associated certain stressors with malicious behavior. Recent neuroscience and cognitive psychology research has unequivocally demonstrated that linkages exist between cognitive processing (e.g., cognitive conflict, emotion, arousal, etc.) and hand movements.