Hyunwoo Lee, Zachary Smith, Junghwan Lim, Gyeongjae Choi, Selin Chun, Taejoong Chung, and Ted Kwon, “maTLS: How to Make TLS middlebox-aware?” Accepted for Network and Distributed System Security Symposium (NDSS), February 2019.
Center PhD student Payap Sirinam’s paper “Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning” was one of nine finalists for the outstanding paper award at CCS 2018, putting in the top 1% of all 809 papers submitted to the conference. The acceptance rate of ACM CCS this year was 16.6%.
This paper explores how advanced deep learning architectures and techniques can be leveraged to perform more dangerous attacks on the Tor anonymity system and even undermine some of the state-of-the-art defenses. The paper was written together with external collaborators Mohsen Imani (UT Arlington) and Marc Juarez (KU Leuven), along with the Center Director Matthew Wright.
Center PhD student Igor Khokhlov’s presentation on “What is the Android Colluded Applications Attack and How to Detect It” at the was awarded the Certificate of Appreciation in recognition of an outstanding presentation. This was based on Igor’s work under supervision of Center member and CS professor Leon Reznik.
Center member Josephine Wolff published an opinion piece in NY Times on “Trump’s Reckless Cybersecurity Strategy” and the consequences of administration’s new policy of striking first at online attackers. Read her piece: https://www.nytimes.com/2018/10/02/opinion/trumps-reckless-cybersecurity-strategy.html
Taejoong (Tijay) Chung, Jay Lok, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, John Rula, Nick Sullivan, and Christo Wilson, “Is the Web Ready for OCSP Must Staple?” Accepted for the ACM Internet Measurement Conference (IMC), November 2018.
 Haehyun Cho, Penghui Zhang, Donguk Kim, Jinbum Park, Choonghoon Lee, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn, “Prime+Count: Novel Cross-world Covert Channels on ARM TrustZone,” Accepted for the Annual Computer Security Applications Conference (ACSAC), December 2018.
 Jaejong Baek, Sukwha Kyung, Haehyun Cho, Ziming Zhao, Adam Doupé, Yan Shoshitaishvili, and Gail-Joon Ahn “Wi Not Calling: Practical Privacy and Availability Attacks in Wi-Fi Calling,” Accepted for the Annual Computer Security Applications Conference (ACSAC), December 2018.
Marwan Krunz, Berk Akgun, Peyman Siyari, Hanif Rahbari, Rashad Eletreby, and Ozan Koyluoglu "Systems and Methods for Securing Wireless Communications", U.S. Patent App. 15/336,070 (granted Sep. 4, 2018).
Rajendra Raj (PI) and center member Daniel Krutz (co-PI) successfully executed two weeks of GenCyber camps in July. The camp covered both introductory and advanced security topics in web and mobile computing, and served approximately 80 middle and high school students from diverse backgrounds. The two-week, non-residential camps were set on the RIT campus.
Rajendra Raj (PI) and Daniel Krutz (co-PI), “GenCyber @ RIT: Secure Web and Mobile Computing,” National Security Agency (NSA), $130,908, May. 2018 to May. 2019.
The goal of this work is to explore the new landscape of website fingerprinting attacks and defenses in light of recent findings with deep learning. A key aspect of the work is to leverage and build upon recent advances in adversarial machine learning and be the first to apply these new findings to the context of traffic analysis.
Matthew Wright (PI), “SaTC: CORE: Small: Adversarial ML in Traffic Analysis,” NSF SaTC, $500,000. Aug. 2018 to Jul. 2021.
 Payap Sirinam, Marc Juarez, Mohsen Imani, and Matthew Wright, “Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning,” Accepted for ACM Conference on Computer and Communications Security (CCS), October 2018.
 Vaibhav Hemant Dixit, Adam Doupé, Yan Shoshitaishvili, Ziming Zhao and Gail-Joon Ahn, “AIM-SDN: Attacking Information Mismanagement in SDN-datastores,” Accepted for ACM Conference on Computer and Communications Security (CCS), October 2018.
Armon Barton, Mohsen Imani, Jiang Ming, and Matthew Wright, “Towards Predicting Efficient and Anonymous Tor Circuits,” Accepted for USENIX Security Symposium, August 2018.
Jing Chen, Chiheng Wang, Kun He, Ziming Zhao, Min Chen, Ruiying Du, and Gail-Joon Ahn, “Semantics-Aware Privacy Risk Assessment Using Self-Learning Weight Assignment for Mobile Apps,” Accepted for the IEEE Transactions on Dependable & Secure Computing (TDSC), September 2018.
IEEE ComSoc selected Center member Hanif Rahbari’s paper "Exploiting Frame Preamble Waveforms to Support New Physical-Layer Functions in OFDM-Based 802.11 Systems" as a Tech Focus paper in Prototyping Wireless Networks. https://goo.gl/CqCFmU
Hanif Rahbari, Peyman Siyari, Marwan Krunz, and Jung-Min (Jerry) Park, “Adaptive Demodulation for Wireless Systems in the Presence of Frequency-Offset Estimation Errors,” Accepted for the International Conference on Computer Communications (INFOCOM), April 2018.
Principal investigator Robert Olson will be hiring, managing and supervising a team of RIT students to perform a cybersecurity assessment for the Eaton Corporation.
The project is to develop a comprehensive plan for solving challenges in federated network security using an approach based on Proof-Carrying Code (PCC).
Center member Leonid Reznik (PI, Computer Science) has received a new grant from the DOD National Securty Agency. The program designs a curriculum, develops all course materials, tests and evaluates them in real college classroom settings, compiles and disseminates the practical recommendations for delivery of a college level course on Intelligent Security Systems. The award brings $118,000 to RIT.
Center for Cybersecurity PhD students Joanna C. S. Santos and Anthony Peruma together with advisor Mehdi Mirakhorli led a team who won the 2017 ACM SIGSOFT Distinguished Paper award at the International Conference on Software Architecture (ICSA).
Center members Jay Yang (PI, Computer Engineering) and Katie McConky (Co-PI, Industrial & Systems Engineering) have received a new grant from IARPA in conjunction with defense contractor Leidos, Inc. The project seeks to develop CAUSE, a system that leverages data that is not currently used for cybersecurity to predict cyber attacks. Phase 1 of the award brings $350,000 to RIT.
Center Director Matt Wright (Computing Security) has a new $500,000 grant from the NSF’s Secure and Trustworthy Computing (SaTC) program to work with the Tor Project on improving its defenses against a type of traffic analysis called website fingerprinting. The award brings $150,000 to RIT.
A paper authored by Marc Juarez, Mohsen Imani, Mike Perry, Claudia Diaz and Center Director Matthew Wright, titled "Toward an Efficient Website Fingerprinting Defense,” won the Outstanding Student Paper Award at ESORICS 2016.
To help plan for a large, collaborative research effort, a group of researchers including Center member Mehdi Mirakhorli (Software Engineering) have gotten a $90,000 grant from NSF’s CISE Infrastructure program. The goal of the project, titled "Planning and Prototyping a Community-Wide Software Architecture Instrument," is to provide metrics for software architecture.
- When: Friday, Sep. 14 at 4 pm
- Where: Golisano Auditorium
- Title: When Electronic Privacy Gets Physical: Privacy in the Age of Pervasive Photography
- Abstract: As always-on and wearable cameras -- and digital photography in general -- become more common place, we will need to reconsider our notions of privacy. How will people react to constant surveillance by their peers ("sousveillance") and what technical solutions can enhance privacy in this new age? I will highlight some of our interdisciplinary research on answering and addressing these questions in the context of wearable cameras. I will also talk about how cameras can enhance privacy, e.g., by aiding populations with visual impairments with a visual assessment of their surroundings.
- Bio: Apu Kapadia is an Associate Professor of Computer Science at the School of Informatics, Computing, and Engineering, Indiana University Bloomington. Before joining Indiana University, he received his Ph.D. in Computer Science from the University of Illinois at Urbana-Champaign (UIUC), was later a Post-Doctoral Research Fellow at Dartmouth College, and then a Member of Technical Staff at MIT Lincoln Laboratory.
For the second year in a row, RIT will host Great Lakes Security Day (GLSD) in Slaughter Hall on the RIT campus. GLSD 2017 was a very successful event with 100 registered participants coming from nearby universities, including U. Binghamton, U. Buffalo, Cornell, Penn State, U. Rochester, Syracuse, and of course RIT. This year's event will include research talks, a panel on research trends in security, a lunch with topic-based discussion tables, a poster session, and it will end with a Distinguished Lecture from Apu Kapadia, Assoc. Professor of Computer Science at Indiana University.
The Center for Cybersecurity and the IEEE regional chapter are sponoring Great Lakes Security Day 2017, an event bringing together researchers in cybersecurity from around the region to discuss their latest works. There will be talks, posters, and a distinguished lecture from Patrick McDaniel of PSU.
Dr. Mittal talks about RAPTOR Attacks and Counter-RAPTOR Defenses at the GCCIS Colloquium Series.
When: Friday, April 21, 2017
Where: Golisano College 70-1435
Time: 12:00 – 1:00 PM
For more information click here.
Dr. Tao Xie, Associate Professor and Willett Faculty Scholar at U. Illinois (UIUC), will present a Center for Cybersecurity seminar on "User Expectations in Mobile App Security" on Friday, Mar. 24 at 11:45 AM in Golisano Auditorium, 70-1435. For more information, click here.
Robert Walls, Asst. Professor of Computer Science at Worchester Polytechnic Institute (WPI) will be the IEEE speaker on Nov. 18th at 12. His talk will cover the Science of Security in the context of computer forensics.
Center member Jay Yang is running a workshop on Nov. 7 based on his NSA project on Modeling attackers. The workshop brings together top cybersecurity minds to discuss the project findings and new directions in cybersecurity. Members of the Center will also display their latest research results in a poster session.
On Nov. 4-6, 2016, RIT hosted the second Collegiate Pentesting Competition (CPTC), bringing on campus 10 teams from Florida, Texas, California, and more to test their red team skills on vulnerable systems. RIT also hosted the first CPTC in 2015. Center members Bill Stackpole and Daryl Johnson ran the event with lots of help from the Dept. of Computing Security. CPTC was sponsored in part by NSA, Google, and Amazon. Planning is underway for the first CPTC Regional events and the third national event in 2017.