Sorry, you need to enable JavaScript to visit this website.

News and Events


Ziming Zhao coauthored a CCS paper on Security Operations Center security incidents

Center Member Ziming Zhao, Assistant Professor of Computing Security, is a co-author of the new paper “Matched and Mismatched SOCs: A Qualitative Study on Security Operations Center Issues,” in the ACM 2019 Conference on Computer and Communications Security (CCS). This paper studies the problems specific to the Security Operations Centers that manage incidents for companies and governments. Through conducting interviews with Security Operations Center analysts and managers, the technical and non-technical issues that they agree and disagree on were identified. The findings will encourage center professionals to develop a better understanding of each other. The study also proposes opportunities to improve the efficiency and effectiveness of centers. The paper was written together with external collaborators from Arizona State University and Samsung Research.

Minseok Kwon and students from RIT coauthored a CCS paper on Secure Network Coding

Sahil Gupta, a PhD student in the Center, and Center member Minseok Kwon, Professor of Computer Science, are a co-authors of the new paper “Proof Carrying Network Code,” in the ACM 2019 Conference on Computer and Communications Security (CCS). This paper develops programming logic and a framework to specify and enforce security policies in federated network settings, focusing on authorization and network behavioral policies, including firewalls. Their Proof Carrying Network Code (PCNC) framework allows software-defined network programming by multiple, possibly non-local administrative domains, in a secure manner. PCNC provides features for checking authorization of administrative domains for network programming, and it allows programs themselves to be verified with respect to behavioral policy specifications. The paper was written together with former RIT student Kyle Diller and other collaborators from Cornell University and University of Vermont.

A Team from RIT coauthored a new CCS paper on Portable Website Fingerprinting

Payap Sirinam, a PhD alumnus of the Center, together with Center PhD students Nate Mathews and Mohammad Saidur Rahman and Center Director and Professor of Computing Security Matthew Wright, presented the new paper “Triplet Fingerprinting: More Practical and Portable Website Fingerprinting with N-shot Learning,” at the ACM 2019 Conference on Computer and Communications Security (CCS). This paper explores how the Tor anonymity system is vulnerable to an attack called website fingerprinting, which requires huge amounts of data to be downloaded and regularly refreshed to attain high levels of accuracy. The authors demonstrated the effectiveness of a new attack using a machine-learning technique called “triplet-loss learning,” which enables an attacker to perform effective website fingerprinting attacks with much less data—as few as five website downloads for each site the attacker is interested in monitoring. Given that the attack could be conducted with minimal resources by someone sniffing the victim’s wireless internet connection, it highlights the need for designing effective defenses to help keep Tor users safe.

Taejoong Chung coauthored a CCS paper on TLS Certificates Impersonation

Center Member Taejoong Chung, Assistant Professor of Computer Science, is a co-author of the new paper “You Are Who You Appear to Be: A Longitudinal Study of Domain Impersonation in TLS Certificates,” appearing in the ACM 2019 Conference on Computer and Communications Security (CCS). This paper examines the security of end-to-end authentication, which allows users to know who they are communicating with online. Chung and the other researchers identified a new type of impersonation attack, which they dubbed target embedding. By a conducting a user study, the research team discovered that the target embedding is the most effective attack against browsers today. The analysis looks at how target embedding impersonation has evolved, who is responsible for issuing impersonating certificates, who hosts the domains, and where the economic choke-points are, plus it discusses counter-measures against this growing threat.

Matthew Wright Gave a Keynote Speech at SecureComm 2019

Matthew Wright, Professor of Computing Security and director of the Center for Cybersecurity, gave a keynote speech at SecureComm 2019 Oct. 23 in Orlando, Florida. His talk was titled, "Deep Fingerprinting and Triplet Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning."

Photo: Wenjing Lou, Professor at VT (left), Matthew Wright, Professor at RIT (center), and David Mohaisen, Professor at UCF (right)

S. Jay Yang received the 2019 Outstanding Teaching in an IEEE Area of Interest Award

Center member and Director of Global Outreach S. Jay Yang, Professor of Computer Engineering, is the recipient of the 2019 Outstanding Teaching in an IEEE Area of Interest Award from IEEE Region 1 (Northeastern US) for outstanding leadership and contributions to cybersecurity and computer engineering education. 

Hanif Rahbari and Ziming Zhao awarded $150k on Vehicle Security Education and Research

Center members Hanif Rahbari and Ziming Zhao, Assistant Professors of Computing Security, received a new award from the Department of Defense to build research capacity and develop a model curriculum covering existing and emerging topics on vehicle security, privacy, trust, and forensics, centered around connected vehicle security in the future smart city ecosystem.

Hanif Rahbari and Ziming Zhao, “VSER - Vehicle Security Education and Research,” Department of Defense (DoD), $149,931, August 2019 to November 2020.

Ziming Zhao and his collaborators received the Distinguished Paper Award at USENIX Security

Center Member Ziming Zhao, Assistant Professor of Computing Security, was a co-author of the paper “Users Really Do Answer Telephone Scams,” one of the six recipients of the Distinguish Paper Award at USENIX Security 2019. The winners were selected from 113 accepted papers, putting them in the top 1% of all 697 papers submitted to this conference.

This paper explores what causes people to fall victim to telephone scams. Armed with this knowledge, effective countermeasures can be developed to challenge the key foundations of successful telephone phishing attacks. The paper presents the methodology, design, execution, results, and evaluation of an ethical telephone phishing scam and identifies at least one key factor—spoofed Caller ID—that has a significant effect in tricking victims into revealing their Social Security number. The paper was written together with external collaborators Huahong Tu (University of Maryland), Adam Doupé (Arizona State University), and Gail-Joon Ahn (Arizona State University and Samsung Research).

RIT successfully hosted All Girls GenCyber Summer Camp

To continue to address the national need of skilled cybersecurity professionals, RIT hosted one of only 100 cybersecurity camps in the country, sponsored by NSA and free to high school students. This showcases RIT’s continuous outreach to get more female students into security. Watch the video report:

Steve Hoover is named as the endowed executive director for new Global Cybersecurity Institute

Steve Hoover, former chief technology officer and senior vice president at Xerox and former chief executive officer of the Palo Alto Research Center (PARC), has been named to the newly created position of endowed executive director of Rochester Institute of Technology’s Global Cybersecurity Institute. Hoover will lead the Global Cybersecurity Institute, a new state-of-the-art facility that will help RIT become a nexus of cybersecurity education and research. The institute aims to tackle and solve cybersecurity problems around the world, while addressing the critical workforce needs in cybersecurity. More details:

Hanif Rahbari coauthored an IEEE JSAC paper on machine learning for efficient modulation obfuscation

Center member Hanif Rahbari, assistant professor of Computing Security, coauthored a new paper in the IEEE Journal of Selected Areas in Communications (JSAC)–Special Issue on Machine Learning in Wireless Communications. Modulation obfuscation in wireless communications aims at hiding the payload's transmission rate. The leakage of this rate can facilitate various targeted jamming or traffic fingerprinting attacks. This paper tackles the practical challenges of a reliable modulation obfuscation, and explores lightweight machine learning techniques that can accurately approximate the irregular demodulation boundaries of obfuscated modulations under residual carrier frequency offset (the intrinsic mismatch between the oscillators of a wireless transmitter and the corresponding receiver).

Peyman Siyari, Hanif Rahbari, and Marwan Krunz, “Lightweight Machine Learning for Efficient Frequency-Offset-Aware Demodulation,” Accepted for publication in IEEE Journal on Selected Areas in Communications (JSAC), October 2019.

Carlos Rivero and his collaborators awarded $300k on using dependence graphs to propagate assignment feedback to the students

Center member Carlos Rivero, assistant professor of Computer Science, along with co-PIs Zachary Butler and Hadi Hosseini received a new award from NSF. The goal of the project is to assist instructors with programming assignments in computer science courses. Successful choices and errors leading to bugs will be automatically detected in a data-driven fashion and explained to a large body of students. We aim to help instructors understand collective strengths and weaknesses of students based on program submissions and explicitly promote responsive teaching. The project team will also explore helping both students and instructors analyze software vulnerabilities based on graph-based models built directly from source code. More info:

Carlos Rivero Osuna (PI), Zachary Butler (co-PI), and Hadi Hosseini (co-PI), “IUSE: EHR: Using Program Dependence Graphs to Propagate Feedback to Students on Programming Assignments and Promote Responsive Teaching,” National Science Foundation (NSF), $298,728, October 2019 to September 2022.

Andy Meneely is awarded $130k on Analyzing Human Dimensions of Software Development

Center member Andy Meneely, associate professor of Software Engineering, together with Secure Decisions (a division of Applied Visions, Inc.), received a new award from DARPA to study how various human dimensions within software engineering processes influence the security and quality of the software that is developed. He will further collaborate with Secure Decisions to develop mechanisms for measuring these relationships in both open and closed development environments.

Andy Meneely, “Analyzing Human Dimensions of Software Development: Phase II,” DARPA/Applied Visions, $130,662, May 2019 to May 2020.

Professor Stackpole and his team win the WNY Project of the Year award

Justin Pelletier, Bill Stackpole and Daryl Johnson were awarded the 2019 ISACA Western New York (WNY) Project of the Year award for the development and growth of the Collegiate Penetration Testing Competition (CPTC). Professor Stackpole and team have been recognized for their efforts in creating the nation's first collegiate pentesting competition.

Dan Krutz is awarded two funds from DoD/NSA for New GenCyber Summer Camps

Center member Daniel Krutz, assistant professor of Software Engineering, received two grants titled “RIT GenCyber Camp 2019: Beginner” and “GenCyber Women's Beginner Camp at RIT” from the National Security Agency to support a set of summer GenCyber camps on the RIT campus to continue to address the national need of skilled cybersecurity professionals. They build on GenCyber summer camps that have been run for several years in the college, which covered both introductory and advanced security topics in web and mobile computing, and served approximately 80 middle and high school students from diverse backgrounds.

Daniel Krutz (PI) and Robert Jacques (co-PI), “RIT GenCyber Camp 2019: Beginner,” National Security Agency (NSA), $59,124, May 2019 to May 2020.

Daniel Krutz, “GenCyber Women's Beginner Camp at RIT,” National Security Agency (NSA), $45,809, May 2019 to May 2020.

RIT Embedded CTF (eCTF) team received third place in the MITRE eCTF competition

Team TigerBytes, coached by Center members Ziming Zhao and Marcin Lukowiak, won 3rd place in the 2019 MITRE Embedded Capture-the-Flag (eCTF) competition. The eCTF is an attack-and-defense exercise for designing secure embedded systems, in which teams from universities such as Northeastern, CMU, RIT, UMass, Penn, MIT, and Virginia Tech competed for the championship. The cross-college Team TigerBytes consists of 10 students from the Computing Security, Computer Engineering and Computer Science Departments. The team not only gained points by developing novel software and hardware security systems on an ARM-based and FPGA-enabled platform, but also succeeded in attacking other teams' designs and implementations. For more information about the competition, please refer to and .

Center member Tijay Chung is part of team who won a $3M NSF grant for developing evolvable Public Key Infrastructure

The Transport Layer Security (TLS) public key infrastructure (PKI) is what provides confidentiality and integrity in HTTPS, as well as a variety of other systems including email (IMAP), voice-over-IP, social networking, and mobile application APIs. Despite its tremendous importance, PKI suffers from a number of issues, such as certificate authorities (CAs) in the PKI having the right to issue a TLS certificate for any domain and the protocols that the PKI relies on often having hidden dependencies on underlying, insecure technologies. While it is tempting to simply declare that a clean-slate approach is required, completely replacing distributed systems that no single entity controls is very hard in practice. This project will address issues in the TLS PKI in ways that can be incrementally deployed and thus improve security progressively over time.

Tijay Chung (co-PI), “CNS Core: Large: Collaborative Research: Towards an Evolvable Public Key Infrastructure,” National Science Foundation (NSF), $3,000,000. June 2019 to July 2024.

Center director Matthew Wright is among the winners of the AI and the News Open Challenge; receiving $100k grant from The Miami Foundation for Robust Deepfake Detection

Out of 500+ applications to The Ethics and Governance in AI Initiative, a joint project from the MIT Media Lab and Harvard's Berkman Klein Center for Internet & Society, computing security professor Wright’s project “AI Ethics Initiative for Robust Deepfake detection” is one of the seven final winners. He and his team will experiment with techniques to assist researchers and the public in identifying evidence that a given piece of video or audio is a fake generated via machine learning. These techniques will then be field tested with journalists and media forensics experts who are on the frontlines of identifying and evaluating media “in the wild.”

Listen to Matt’s interview with WXXI News:

Watch Matt’s interview with WROC-TV:

Center member Mehdi Mirakhorli is awarded a $600k DARPA grant for developing an architecture based approach to cyber resiliency

To enhance engineering of Cyber-Assured Systems, this project aims at providing a modeling language-agnostic technique to support resilient architecture design and reasoning. Software engineering professor Mirakhorli’s team works on the development of novel technologies for detection of cyber resiliency related architectural weaknesses. This project not only bridges the gap between multiple technologies being developed by DARPA, but also the field of cyber-resilient systems engineering.

Mehdi Mirakhorli (PI), “An Architecture-Based Approach to Cyber Resiliency,” Defense Advanced Research Projects Agency’s (DARPA), $619,034. February 2019 to February 2022.

Center member Tijay Chung is awarded a new NSF grant to improve Resource Public Key Infrastructure

The Border Gateway Protocol (BGP) is responsible for managing how packets are routed across the Internet by exchanging routing related messages (path announcements) between routers. While the Border Gateway Protocol plays a critical role in the Internet communications, it remains highly vulnerable to many attacks. This project has two research foci, each examining the management and improving security challenges of Resource Public Key Infrastructure (RPKI). First, the project will analyze existing RPKI repositories from multiple vantage points in an effort to understand how much of actual BGP feeds in the Internet are verifiable. Second, the project will develop new techniques to detect misconfigurations of routers and potential security vulnerabilities.

Taejoong (Tijay) Chung (PI), “CRII: SaTC: Measuring and Improving the Management of Resource Public Key Infrastructure (RPKI),” NSF CNS, $166,561. October 2019 to September 2021.

David’s paper on electoral control problems has been accepted for AAAI’19

David E. Narváez, Zack Fitzsimmons, Edith Hemaspaandra, and Alexander Hoover, “Very Hard Electoral Control Problems” Accepted for 33rd AAAI Conference on Artificial Intelligence (AAAI’19), January 2019.

PhD student Danielle Gonzalez is among the 10 recipients of the prestigious Microsoft Research PhD Fellows!

Danielle Gonzalez, a 3rd year PhD student in the Center has been recognized by Microsoft Research as one of the 10 outstanding PhD students in North America (  Her research focuses on software architecture and security, and she works under supervision of Center member Dr. Mehdi Mirakhorli. She also has been the lead author on a recent paper on architectural security weaknesses in industrial control systems (ICS). ICS are computers used to control automation systems in industrial processes and environments that include critical infrastructures, such as, oil and gas production, chemical processing, power grids, transportation, and pharmaceutical. The paper exploits the vulnerability data received from Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) to highlight security design issues in ICS and their root causes. Furthermore, it provides an in depth investigation of attacks in ICS domain.

[1] Danielle Gonzalez, Fawaz Alhenaki and Mehdi Mirakhorli, “Architectural Security Weaknesses in Industrial Control Systems (ICS): An Empirical Study based on Disclosed Software Vulnerabilities”, International Conference on Software Architecture, Hamburg, Germany, March 2019.

Tijay Chung was selected as one of the 2019 awardees of the Applied Networking Research Prize

Center member Tijay Chung is a recipient of Applied Networking Research Prize (ANRP) for his paper, “Understanding the Role of Registrars in DNSSEC Deployment”, published at IMC’2017. The prize is awarded for recent results that are relevant for transitioning into shipping Internet products and related standardization efforts. It will offer the winners the opportunity to present and discuss their work with the engineers, network operators, policy makers and scientists that participate in the Internet Engineering Task Force (IETF) and its research arm, the Internet Research Task Force (IRTF). The goal of the ANRP is to recognize the best new ideas in networking, and bring them to the IETF and IRTF especially in cases where they would not otherwise see much exposure or discussion.

SAFE Lab has received two new contracts for brands portfolio penetration testing and industrial IoT security

Center member and business direction Justin Pelletier is the PI in two funded projects titled “Pentesting Engagement” and “Examining Industrial Control and IoT Devices”.

At the request of the CEO of Vulsec, RIT’s Eaton Cybersecurity SAFE Lab will conduct an external, blackbox penetration test against network environments for a company’s portfolio of brands. The goal of this penetration test will be to evaluate the extent to which an external attacker could compromise the IP addresses associated with the brands. The penetration testing team will exclusively conduct tests externally without pre-established user credentials.

The second project is a one year project to examine industrial control devices and Internet of Thing (IoT) devices. The devices and necessary tools will be provided by Eaton Corporation.

Justin Pelletier (PI) and Rob Olson (Co-PI), “VULSEC2018-01 Pentesting Engagement,” Vulsec, $9,944. Nov. 2018 to Nov. 2019.

Justin Pelletier (PI) and Rob Olson (Co-PI), “Examining Industrial Control and IoT Devices,” Eaton Inc., $142,325. Sep. 2018 to Aug. 2019.

Tijay Chung coauthors a paper at NDSS 2019 on extending TLS protocol to allow middleboxes to intercept its traffic in an accountable fashion

Hyunwoo Lee, Zachary Smith, Junghwan Lim, Gyeongjae Choi, Selin Chun, Taejoong Chung, and Ted Kwon, “maTLS: How to Make TLS middlebox-aware?” Accepted for Network and Distributed System Security Symposium (NDSS), February 2019.

Stanford University took home the top trophy in the 2018 National Collegiate Penetration Testing Competition (CPTC) hosted by RIT

The Department of Computing Security and RIT's Center for Cybersecurity hosted the National Collegiate Penetration Testing Competition (CPTC)—the premier offensive-based competition—on Nov. 2–4, 2018. This allowed students to learn about cybersecurity from a different vantage point—offense, as opposed to defense. Teams from nine national universities faced-off to break into fabricated computer networks, evaluating their weak points and presenting plans to better secure them.

The event was sponsored by several top tech companies, including IBM, Google, Palo Alto Networks and Eaton. The CPTC is one way that higher education is working with industry to combat the national shortage of qualified cybersecurity professionals. Stanford University took home the top trophy in the 2018 competition, while Cal-State Fullerton placed second and University of Central Florida placed third. During the course of this year’s CPTC events, Stanford distinguished itself by discovering a 0-day vulnerability.

Payap's paper was a finalist for the outstanding paper award at CCS 2018

Center PhD student Payap Sirinam’s paper “Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning” was one of nine finalists for the outstanding paper award at CCS 2018, putting in the top 1% of all 809 papers submitted to the conference. The acceptance rate of ACM CCS this year was 16.6%.

This paper explores how advanced deep learning architectures and techniques can be leveraged to perform more dangerous attacks on the Tor anonymity system and even undermine some of the state-of-the-art defenses. The paper was written together with external collaborators Mohsen Imani (UT Arlington) and Marc Juarez (KU Leuven), along with the Center Director Matthew Wright.

Igor was awarded the Certificate of Appreciation for an outstanding presentation at the Rochester Security Summit

Center PhD student Igor Khokhlov’s presentation on “What is the Android Colluded Applications Attack and How to Detect It” at the Rochester Security Summit was awarded the Certificate of Appreciation in recognition of an outstanding presentation. This was based on Igor’s work under supervision of Center member and CS professor Leon Reznik.

Mehdi Mirakhorli is a co-PI of a multi-university $1,700,000 NSF grant on assembling architecture-related tools for software maintenance

Center member Prof. Mehdi Mirakhorli is participating in a six-university project funded $1.7 Million by the National Science Foundation (NSF) to develop the Software Architecture INstrument (SAIN). SAIN is a first-of-its-kind integration framework for assembling architecture-related techniques and tools with the goal of enabling empirical research in the context of software maintenance. Other participating universities are: University of Southern California (USC), University of California, Irvine (UCI), University of Hawaii, Drexel University, and Stevens Institute of Technology.

Mehdi Mirakhorli (PI), “CRI: CI-NEW: Collaborative Research: Constructing a Community-Wide Software Architecture Infrastructure,” NSF CNS, $374,238.00. Sep. 2018 to Aug. 2021.

Josephine Wolff piece in NY Times on “Trump’s Reckless Cybersecurity Strategy”
News article

Center member Josephine Wolff published an opinion piece in NY Times on “Trump’s Reckless Cybersecurity Strategy” and the consequences of administration’s new policy of striking first at online attackers. Read her piece:

Tijay Chung is the lead author of a paper at IMC 2018 on measuring PKI on the Web
New Paper

Taejoong (Tijay) Chung, Jay Lok, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, John Rula, Nick Sullivan, and Christo Wilson, “Is the Web Ready for OCSP Must Staple?” Accepted for the ACM Internet Measurement Conference (IMC), November 2018.

Ziming Zhao coauthors two papers at ACSAC 2018 on covert channels and Wi-Fi calling
New Paper

[1] Haehyun Cho, Penghui Zhang, Donguk Kim, Jinbum Park, Choonghoon Lee, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn, “Prime+Count: Novel Cross-world Covert Channels on ARM TrustZone,” Accepted for the Annual Computer Security Applications Conference (ACSAC), December 2018.

[2] Jaejong Baek, Sukwha Kyung, Haehyun Cho, Ziming Zhao, Adam Doupé, Yan Shoshitaishvili, and Gail-Joon Ahn “Wi Not Calling: Practical Privacy and Availability Attacks in Wi-Fi Calling,” Accepted for the Annual Computer Security Applications Conference (ACSAC), December 2018.

Hanif Rahbari and his collaborators earn a US patent for secure wireless communications
New Patent

Marwan Krunz, Berk Akgun, Peyman Siyari, Hanif Rahbari, Rashad Eletreby, and Ozan Koyluoglu "Systems and Methods for Securing Wireless Communications", U.S. Patent App. 15/336,070 (granted Sep. 4, 2018).

RIT team successfully executed 2018 GenCyber summer camps
New Project

Rajendra Raj (PI) and center member Daniel Krutz (co-PI) successfully executed two weeks of GenCyber camps in July. The camp covered both introductory and advanced security topics in web and mobile computing, and served approximately 80 middle and high school students from diverse backgrounds. The two-week, non-residential camps were set on the RIT campus.

Rajendra Raj (PI) and Daniel Krutz (co-PI), “GenCyber @ RIT: Secure Web and Mobile Computing,” National Security Agency (NSA), $130,908, May. 2018 to May. 2019.

Matt Wright is awarded a $500,000 NSF SaTC grant on studying adversarial machine learning for better online privacy
New Project

The goal of this work is to explore the new landscape of website fingerprinting attacks and defenses in light of recent findings with deep learning. A key aspect of the work is to leverage and build upon recent advances in adversarial machine learning and be the first to apply these new findings to the context of traffic analysis.

Matthew Wright (PI), “SaTC: CORE: Small: Adversarial ML in Traffic Analysis,” NSF SaTC, $500,000. Aug. 2018 to Jul. 2021.

Two papers from RIT will feature in this year’s ACM CCS. Congratulations to Payap, Ziming, and Matt!
New Paper

[1] Payap Sirinam, Marc Juarez, Mohsen Imani, and Matthew Wright, “Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning,” Accepted for ACM Conference on Computer and Communications Security (CCS), October 2018.

[2] Vaibhav Hemant Dixit, Adam Doupé, Yan Shoshitaishvili, Ziming Zhao and Gail-Joon Ahn, “AIM-SDN: Attacking Information Mismanagement in SDN-datastores,” Accepted for ACM Conference on Computer and Communications Security (CCS), October 2018.

Matt Wright’s team publishes a paper at USENIX Security 2018 on making Tor faster
New Paper

Armon Barton, Mohsen Imani, Jiang Ming, and Matthew Wright, “Towards Predicting Efficient and Anonymous Tor Circuits,” Accepted for USENIX Security Symposium, August 2018.

Ziming Zhao coauthors a paper at TDSC 2018 on mobile app security
New Paper

Jing Chen, Chiheng Wang, Kun He, Ziming Zhao, Min Chen, Ruiying Du, and Gail-Joon Ahn, “Semantics-Aware Privacy Risk Assessment Using Self-Learning Weight Assignment for Mobile Apps,” Accepted for the IEEE Transactions on Dependable & Secure Computing (TDSC), September 2018.

IEEE ComSoc features Hanif Rahbari’s research as a Tech Focus paper
Accepted Paper

IEEE ComSoc selected Center member Hanif Rahbari’s paper "Exploiting Frame Preamble Waveforms to Support New Physical-Layer Functions in OFDM-Based 802.11 Systems" as a Tech Focus paper in Prototyping Wireless Networks.

Hanif Rahbari is the lead coauthor of a paper at INFOCOM 2018 and then wins a Best-in-Session Presentation Award
New Paper

Hanif Rahbari, Peyman Siyari, Marwan Krunz, and Jung-Min (Jerry) Park, “Adaptive Demodulation for Wireless Systems in the Presence of Frequency-Offset Estimation Errors,” Accepted for the International Conference on Computer Communications (INFOCOM), April 2018.

The SAFE Lab is working with the Eaton Corporation to examine industrial control and Internet of Thing devices.

Principal investigator Robert Olson will be hiring, managing and supervising a team of RIT students to perform a cybersecurity assessment for the Eaton Corporation.

Hossein Hojjat is awarded a new NSF grant titled “SaTC: CORE: Small: Collaborative: A New Approach to Federated Network Security”.
New Project

The project is to develop a comprehensive plan for solving challenges in federated network security using an approach based on Proof-Carrying Code (PCC).

NSA awards Leon Reznik $118K for the creation of course on Intelligent Security Systems.
New Project

Center member Leonid Reznik (PI, Computer Science) has received a new grant from the DOD National Securty Agency. The program designs a curriculum, develops all course materials, tests and evaluates them in real college classroom settings, compiles and disseminates the practical recommendations for delivery of a college level course on Intelligent Security Systems. The award brings $118,000 to RIT.

RIT Team wins ACM SIGSOFT Distinguished Paper award

Center for Cybersecurity PhD students Joanna C. S. Santos and Anthony Peruma together with advisor Mehdi Mirakhorli led a team who won the 2017 ACM SIGSOFT Distinguished Paper award at the International Conference on Software Architecture (ICSA).

Jay Yang leads a new $350k IARPA effort to forecast cyber attacks
New Project

Center members Jay Yang (PI, Computer Engineering) and Katie McConky (Co-PI, Industrial & Systems Engineering) have received a new grant from IARPA in conjunction with defense contractor Leidos, Inc. The project seeks to develop CAUSE, a system that leverages data that is not currently used for cybersecurity to predict cyber attacks. Phase 1 of the award brings $350,000 to RIT.

Matt Wright is co-PI on a new $500K NSF grant on improving Tor security
New Project

Center Director Matt Wright (Computing Security) has a new $500,000 grant from the NSF’s Secure and Trustworthy Computing (SaTC) program to work with the Tor Project on improving its defenses against a type of traffic analysis called website fingerprinting. The award brings $150,000 to RIT.

A team including Center Director Matt Wright wins the Outstanding Paper Award at ESORICS 2016
Outstanding Paper

A paper authored by Marc Juarez, Mohsen Imani, Mike Perry, Claudia Diaz and Center Director Matthew Wright, titled "Toward an Efficient Website Fingerprinting Defense,” won the Outstanding Student Paper Award at ESORICS 2016.

Prof. Mirakhorli is part of a team that got a $100K CISE Infrastructure Planning Grant
New Project

To help plan for a large, collaborative research effort, a group of researchers including Center member Mehdi Mirakhorli (Software Engineering) have gotten a $90,000 grant from NSF’s CISE Infrastructure program. The goal of the project, titled "Planning and Prototyping a Community-Wide Software Architecture Instrument," is to provide metrics for software architecture.


Apu Kapadia (Indiana U) will give a Distinguished Lecture for GLSD 2018
  • When: Friday, Sep. 14 at 4 pm
  • Where: Golisano Auditorium
  • Title: When Electronic Privacy Gets Physical: Privacy in the Age of Pervasive Photography
  • Abstract: As always-on and wearable cameras -- and digital photography in general -- become more common place, we will need to reconsider our notions of privacy. How will people react to constant surveillance by their peers ("sousveillance") and what technical solutions can enhance privacy in this new age? I will highlight some of our interdisciplinary research on answering and addressing these questions in the context of wearable cameras. I will also talk about how cameras can enhance privacy, e.g., by aiding populations with visual impairments with a visual assessment of their surroundings.
  • Bio: Apu Kapadia is an Associate Professor of Computer Science at the School of Informatics, Computing, and Engineering, Indiana University Bloomington. Before joining Indiana University, he received his Ph.D. in Computer Science from the University of Illinois at Urbana-Champaign (UIUC), was later a Post-Doctoral Research Fellow at Dartmouth College, and then a Member of Technical Staff at MIT Lincoln Laboratory.
RIT Hosts Great Lakes Security Day 2018

For the second year in a row, RIT will host Great Lakes Security Day (GLSD) in Slaughter Hall on the RIT campus. GLSD 2017 was a very successful event with 100 registered participants coming from nearby universities, including U. Binghamton, U. Buffalo, Cornell, Penn State, U. Rochester, Syracuse, and of course RIT. This year's event will include research talks, a panel on research trends in security, a lunch with topic-based discussion tables, a poster session, and it will end with a Distinguished Lecture from Apu Kapadia, Assoc. Professor of Computer Science at Indiana University. 

Great Lakes Security Day 2017 will be held at RIT

The Center for Cybersecurity and the IEEE regional chapter are sponoring Great Lakes Security Day 2017, an event bringing together researchers in cybersecurity from around the region to discuss their latest works. There will be talks, posters, and a distinguished lecture from Patrick McDaniel of PSU.

The Center for Cybersecurity hosts Dr. Prateek Mittal from Princeton University

Dr. Mittal talks about RAPTOR Attacks and Counter-RAPTOR Defenses at the GCCIS Colloquium Series.

When: Friday, April 21, 2017

Where: Golisano College 70-1435

Time: 12:00 – 1:00 PM

For more information click here.

Illinois Professor Tao Xie to give Center talk
Center for Cybersecurity Seminar

Dr. Tao Xie, Associate Professor and Willett Faculty Scholar at U. Illinois (UIUC), will present a Center for Cybersecurity seminar on "User Expectations in Mobile App Security" on Friday, Mar. 24 at 11:45 AM in Golisano Auditorium, 70-1435. For more information, click here.

IEEE Speaker on Nov. 14: Robert Walls (WPI) on the Science of Security
IEEE Speaker

Robert Walls, Asst. Professor of Computer Science at Worchester Polytechnic Institute (WPI) will be the IEEE speaker on Nov. 18th at 12. His talk will cover the Science of Security in the context of computer forensics.

NSA event brings cybersecurity leaders to RIT, Nov. 7
NSA Workshop

Center member Jay Yang is running a workshop on Nov. 7 based on his NSA project on Modeling attackers. The workshop brings together top cybersecurity minds to discuss the project findings and new directions in cybersecurity. Members of the Center will also display their latest research results in a poster session.

2nd Collegiate Pentesting Competition (CPTC) successfully held at RIT on Nov. 4-6, RIT placed 3rd

On Nov. 4-6, 2016, RIT hosted the second Collegiate Pentesting Competition (CPTC), bringing on campus 10 teams from Florida, Texas, California, and more to test their red team skills on vulnerable systems. RIT also hosted the first CPTC in 2015. Center members Bill Stackpole and Daryl Johnson ran the event with lots of help from the Dept. of Computing Security. CPTC was sponsored in part by NSA, Google, and Amazon. Planning is underway for the first CPTC Regional events and the third national event in 2017.