Research Projects in Cybersecurity
Research in the Center for Cybersecurity is supported in part by these funded projects.
- Sponsor: RIT
- Amount: $2,100,000
- Period: June 2016 to May 2021
This project provides the initial funding to launch the Center and for six interdisciplinary seed projects.
- Sponsor: NSF SaTC
- Amount: $500,000 ($150,000 RIT share)
- Period: Sep. 2016 to Aug. 2019
In this transitions to practice (TTP) project, RIT will work with the Tor Project to implement a new defense against traffic analysis attacks in the Tor system.
- Sponsor: NSF
- Amount: $3,549,663
- Period: Jan. 2015-Dec. 2019
This project seeks to establish a new CyberCorps®: Scholarship for Service (SFS) program at the Rochester Institute of Technology (RIT) to prepare highly-qualified Cybersecurity professionals for entry into the federal, state, local, and tribal government workforce.
Period: March 2017 - March 2018
The program designs a curriculum, develops all course materials, tests and evaluates them in real college classroom settings, compiles and disseminates the practical recommendations for delivery of a college level course on Intelligent Security Systems.
Sponsor: Eaton Corporation
Period: Sept 2017 to Aug 2018
The goal of this project is to provide a cybersecurity assessment of industrial control and loT devices.
Sponcer: NSF SaTC
Period: Sept 2017 to Aug 2020
This projest presents a comprehensive research plan for specifying and enforcing federated security policies using an approach based on Proof-Carrying Code (PCC).
Period: April 2017 to April 2018
This project to host two one-week Gencyber student summer camp at RIT.
Sponsor: NSF SaTC
Period: Sept 2017 to Aug 2019
Cybersecurity can use anticipatory or proactive defense measures based on adversarial behavior and decision making, which are currently downplayed in existing technical research. Imagine a criminological theory that captures the dynamics of cyber crime and a corresponding simulator to generate attack scenarios that adapts to ever changing and diverse cyber vulnerabilities, defense, and adversary tactics. This collaborative project between RIT (PI Yang) and Temple University (PI Rege) aims at developing and evaluating an integrated Dynamic Routine Activities Theory (DRAT) aided by Monte-Carlo simulation so as to understand adversarial attack trajectories impacted by the various intrinsic and extrinsic factors.
Sponsor: USAF/Leidos, Inc.
Period: Aug 2016 to Jan 2018
The project aims at developing and testing new automated methods that forecast cyber-attacks before they happen using unconventional sensors and signals. The unconventional sensors leverage data not typically used in practice today for cybersecurity (at least not in the way the data was originally intended), and may not be directly related to the potential victims or exploits used of the forecasted attacks. PI Yang and Co-PI McConky from RIT is part of a multidisciplinary industry-academia team to research, develop, integrate and test a prototype solution with cyber attack forecast models and algorithms.
Period: Sept 2015- Dec 2016
Cyber attacks to enterprise networks or cyber warfare have moved into an era where both attackers and security officers utilize complex strategies to confuse and mislead one another. Critical attacks often take multitudes of reconnaissance, exploitations, and obfuscation to maneuver in a network to achieve the goal of cyber espionage and/or sabotage. This project builds upon Pi Yang and Co-PI Kuhl’s previous work on Multistage Attack Scenario Simulation (MASS) and develop a simulation environment to model diverse and ever-changing adversary behavior against various network defense configurations, including the deployment of MTDs.
Period: Nov 2016 to June 2017
The objective of this project is to design a unique Authenticated Encryption algorithm (MK-3) for an FPGA based radio architecture. The algorithm offers enhanced features including integrity verification, customization, enhanced military grade design and provable computational security.
Period: Jan 2017-Feb 2017
SAFE lab will evaluate the extent to which a malicious agent could compromise VisaulDX customer data throught it's website.
Period: Sept 2016 - May 2017
This sub award from UTSA is a part of funding from DHS grant to support Collegiate Cyber Defense Competition. The fund is used to support the logistics of the Northeast regional competition hosted at RIT.
Sponsor: Department of Defense
Period: Sept 2017- May 2018
The ANNEX II project is to support Cybersecurity outreach activities.
Sponsor: Harris RF
Period: Dec 2017- July 2018
The objective of this project will be to investigate an innovative solution to the CDS (Cross Domain Solitions) problem using homomorphic or functional crytography principles as a possible option to the "high to low" cross domain problem.
Sponsor: DARPA/Secure Decisions
Period: Oct 2017 to July 2018
Vulnerable software affords external attackers an easy way of gaining access to critical DoD and commercial systems. The significant number of weaknesses (both quality and security) per application provides camouflage for insider threats to insert vulnerabilities without drawing attention. Current automated tools for detecting security-related weaknesses in source code suffer from both false negatives and false positives: for example, they fail to find all types of vulnerabilities (false negatives) and produce thousands of unactionable findings (false positives). Sifting through the findings of source code analyzers in search of true positives is time-consuming and is most efficient when guided by heuristics that prioritize where to search first. While manual code reviews can find weaknesses that the automated tools miss,1 manual reviews are resource-intensive and need to be targeted to the code that is likely to contain significant quality and security issues.
Sponsor: NSF/Ball State University
Period: July 2017 to July 2018
Software defect data has long been used to drive improvement of the software development process. Knowledge of how security defects, which are referred to as vulnerabilities, are discovered and resolved can be used to guide development of more accurate software assurance tools. In the security community there have been two approaches in utilizing this knowledge. Several researchers have used this knowledge and developed a number of different techniques such as fuzzing, static and dynamic code verifiers to verify if code contains security vulnerabilities. Another group of researchers have attempted to use this knowledge, extract metrics and leverage data mining and statistical techniques to perform vulnerability analysis. In this proposal, we empirically compare and validate each of these techniques.
Period: Sept 2016 to Aug 2019
The project builds a proof-of-the-concept design, which will be used to develop, verify and promote a comprehensive methodology for data quality and cybersecurity (DQS) evaluation focusing on an integration of cybersecurity with other diverse metrics reflecting DQS, such as accuracy, reliability, timeliness, and safety into a single methodological and technological framework. The framework will include generic data structures and algorithms covering DQS evaluation. While the developed evaluation techniques will cover a wide range of data sources from cloud based data systems to embedded sensors, the framework's implementation will concentrate on using an ordinary user's owned mobile devices and Android based smartphones in particular. Its operation will be based on incorporating data and process provenance schemes along with the methods evaluating data and system accuracy, reliability and trustworthiness. Graph and game theories, machine learning, information and control theory, probability and fuzzy logic techniques will be employed.
Period: Oct 2015 to Sept 2019
The Transition to Practice (TTP) option of the proposed Attack Strategy Synthesis and Ensemble Predictions of Threats (ASSERT) project will include software prototype development, deployment of ASSERT to test networks, and evaluation via a four-phase plan. The goal of this proposed optional effort is to demonstrate a robust use of ASSERT in real- world environments. In fact, the four-phase plan is to incrementally enhance the prototype in its ability to recognize attack strategies. The TTP option overlaps with the main Sa TC proposal in the last two years, and will begin with the algorithmic implementation of the semi-supervised learning framework and continue incorporating additional features and the ensemble prediction capability as they are developed.
The Center for Cybersecurity engages in a wide range of research activities that reach across disciplines. Our current areas of strength are:
Cryptography provides the foundation for many security and privacy tools. We explore fast and secure implementations in hardware for faster speeds that enable advanced applications, including powerful homomorphic encryption techniques.
There is a tremendous need for more and better-prepared cybersecurity professionals. We investigate how to best educate and train this growing part of the workforce.
The latest advances in security technology do not benefit anyone if they are not adopted by individuals and companies. We examine how adoption decisions get made and how to influence these choices for improved outcomes.
Modern distributed systems are complex and difficult to secure. We use the latest techniques in modeling, experimentation, and design to address these challenges.
Security tools are only beneficial if their users can leverage them correctly. Beyond typical usability challenges, usable security must overcome the fact that security is often not the primary goal of a typical user and that the user may not know much about security.
We are applying the latest advances in Big Data analytics to the problems of cybersecurity. Research efforts include predicting attacks based on unconventional data sources such as blogs, using data mining techniques to better understand software security issues, and applying NLP to explore the context surrounding the creation of security bugs to understand how to prevent them from happening.