{"340981":{"#nid":"340981","#data":{"type":"news","title":"Tackling Global Cybersecurity Threats: Georgia Tech Is Developing Technologies and Strategies to Enable Cybersecurity Solutions","body":[{"value":"\u003Cp\u003E\u003Cem\u003EWritten by Abby Robinson\u003C\/em\u003E\u003C\/p\u003E\u003Cp\u003EEvery morning, Paul Royal sifts through reports on tens of thousands of new malicious software\u0026nbsp;samples to \ufb01nd the few that are truly novel and warrant further analysis. With 20 million new malware samples created last year alone, Royal stays busy.\u003C\/p\u003E\u003Cp\u003E\u201cModern malware is almost exclusively authored by professional criminals that act in the domain of organized crime,\u201d said Royal, a research scientist in the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.gtisc.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003EGeorgia Tech Information Security Center\u003C\/a\u003E\u0026nbsp;(GTISC). \u201cGiven the enormous popularity of inexpensive malicious software generation kits, even the technically illiterate can easily build stealthy malware with sophisticated anti-detection mechanisms.\u201d\u003C\/p\u003E\u003Cp\u003EThe number and complexity of cybersecurity threats has grown as corporate, government and consumer dependence on secure and reliable computer and cellular networks has increased \u2013 and the software Royal examines is only part of the problem. In 2010, malware programmers developed new forms of malicious software, including Stuxnet, which targeted Iran\u2019s critical infrastructure. In addition, Google disclosed that its systems had been deeply penetrated by sophisticated international attackers.\u003C\/p\u003E\u003Cp\u003EGeorgia Tech cybersecurity researchers are developing technologies and security strategies to enable the global cybersecurity solutions of the future. Georgia Tech\u2019s cybersecurity research efforts are multidisciplinary and institute-wide \u2013 involving researchers from the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.cc.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003ECollege of Computing\u003C\/a\u003E,\u0026nbsp;\u003Ca href=\u0022http:\/\/www.coe.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003ECollege of Engineering\u003C\/a\u003E,\u0026nbsp;\u003Ca href=\u0022http:\/\/www.iac.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003EIvan Allen College of Liberal Arts\u003C\/a\u003E\u0026nbsp;and the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.gtri.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003EGeorgia Tech Research Institute\u003C\/a\u003E\u0026nbsp;(GTRI).\u003C\/p\u003E\u003Cp\u003EGTISC, established in 1998, and the recently created GTRI\u0026nbsp;\u003Ca href=\u0022http:\/\/www.gtri.gatech.edu\/ctisl\u0022 target=\u0022_blank\u0022\u003ECyber Technology and Information Security Laboratory\u003C\/a\u003E\u0026nbsp;(CTISL), leverage the cybersecurity expertise across Georgia Tech to define and develop research programs that have made Georgia Tech an international leader in basic and applied cybersecurity research.\u003C\/p\u003E\u003Cp\u003EThis article examines Georgia Tech cybersecurity research efforts in the areas of threat monitoring and analysis, mobile device and telephone security, secure information sharing,\u0026nbsp;and U.S. government agency security.\u003C\/p\u003E\u003Ch3\u003E\u003Cstrong\u003EThreat Monitoring and Analysis\u003C\/strong\u003E\u003C\/h3\u003E\u003Cp\u003EMalware, which includes everything from worms to viruses to botnets, is spreading faster than ever over the Internet. Bots are automated software programs that steal computing power every time an infected computer connects to the Internet. Computer hackers harness these stolen resources to form scattered yet powerful networks \u2013 called botnets \u2013 that can be used to send spam, execute phishing scams or steal financial information.\u003C\/p\u003E\u003Cp\u003EThe fight against malware is often viewed as an arms race. Cybersecurity experts must continually raise the bar, sometimes by high profile arrests and takedowns of cybercrime\u0026nbsp;networks. In the past year, Royal helped dismantle two large botnets \u2013 Mariposa and Kraken\u0026nbsp;\u2013 using a system he developed called MTrace.\u003C\/p\u003E\u003Cp\u003EMTrace is an automated malware analysis system that uncovers certain characteristics of each malware sample and aggregates the information into a malware intelligence database that is used by corporate security groups, hosting providers, domain registrars and law enforcement.\u003C\/p\u003E\u003Cp\u003E\u201cWith tens of thousands of new malware samples uncovered daily, this automated analysis software is valuable to security researchers because the time required by a human to analyze every piece of new malware has become overwhelming and nearly impossible,\u201d said Royal.\u003C\/p\u003E\u003Cp\u003EAt its peak, the Mariposa botnet comprised more than 1 million computers, including compromises in half of the Fortune 1000 firms, as well as government agencies, universities and home users in more than 190 countries. When Mariposa\u2019s command-and control domains were shut down and its operators arrested, 800,000 financial credentials were found on one of the operator\u2019s home computers.\u003C\/p\u003E\u003Cp\u003ERoyal also used MTrace to gather intelligence about the resurgence of the large spamming botnet, Kraken. The Kraken botnet \u2013 which at one point included about 650,000 compromised computers, including computers in 10 percent of the Fortune 500 companies \u2013 re-emerged about a year after its last takedown, bootstrapped by another botnet that acted as a malicious installation service. According to Royal, this shutdown took exceptional persistence, as the Kraken operators continuously changed their domain names and hosting providers.\u003C\/p\u003E\u003Cp\u003ECybersecurity professionals like Royal and programs like MTrace are placing increasing pressure on the controllers of the tens of thousands of botnets worldwide.\u003C\/p\u003E\u003Cp\u003EBotnets aren\u2019t the only threats researchers in GTISC are battling \u2013 they\u2019re also trying to eliminate \u201cdrive-by downloads.\u201d During a drive-by download, a website installs malicious code, such as spyware, on a computer without the user\u2019s knowledge or consent. Approximately 1.2 million websites worldwide were found to be infected with malware in 2010.\u003C\/p\u003E\u003Cp\u003EGeorgia Tech School of Computer Science professor\u0026nbsp;\u003Ca href=\u0022http:\/\/www.scs.gatech.edu\/people\/wenke-lee\u0022 target=\u0022_blank\u0022\u003EWenke Lee\u003C\/a\u003E, graduate student Long Lu and collaborators from California-based SRI International developed a tool to eliminate drive-by download threats.\u0026nbsp;\u003Ca href=\u0022http:\/\/www.blade-defender.net\/\u0022 target=\u0022_blank\u0022\u003EBLADE\u003C\/a\u003E\u0026nbsp;\u2013 short for Block All Drive-By Download Exploits \u2013 is browser-independent and designed to eliminate all drive-by malware installation threats. Funding for the BLADE tool was provided by the National Science Foundation, U.S. Army Research Office and U.S. Office of Naval Research.\u003C\/p\u003E\u003Cp\u003E\u201cBy simply visiting a website, malware can be silently installed on a computer to steal a user\u2019s identity and other personal information, launch denial-of-service attacks, or participate in botnet activity,\u201d said Lee, who is also co-director of GTISC. \u201cBLADE is an effective countermeasure against all forms of drive-by download malware installs because it is vulnerability and exploit agnostic.\u201d\u003C\/p\u003E\u003Cp\u003EThe researchers evaluated the tool on multiple versions and configurations of Internet Explorer and Firefox. When they exposed a computer to more than 1,900 malicious websites, BLADE successfully blocked all drive-by malware installation attempts. The software produced no false positives and required minimal resources from the protected computer. Major antivirus software programs caught less than 30 percent of the more than 7,000 drive-by download attempts from the same websites.\u003C\/p\u003E\u003Cp\u003EThe BLADE testing showed that the applications most frequently targeted by drive-by download exploits included Adobe Acrobat Reader, Sun Java and Adobe Flash \u2013 with Adobe Reader attracting almost three times as many attempts as the other programs. Computers using Microsoft\u2019s Internet Explorer 6 became infected by more drive-by downloads than those using versions 7 or 8, while Firefox 3 had a lower browser infection rate than all versions of Internet Explorer. Among the more than 1,900 active malicious websites tested, Ukraine, the United Kingdom and the United States were the top three countries serving active drive-by download exploits.\u003C\/p\u003E\u003Cp\u003E\u201cBLADE monitors and analyzes everything that is downloaded to a user\u2019s hard drive to cross-check whether the user authorized the computer to open, run or store the file on the hard drive. If the answer is no to these questions, BLADE stops the program from installing or running and removes it from the hard drive,\u201d explained Lu.\u003C\/p\u003E\u003Cp\u003EThe researchers hope to release BLADE to the public for download later this year.\u003C\/p\u003E\u003Cp\u003EWhile computer users are waiting for this release, they should spend some time protecting their personal information with stronger passwords. A recent study by researchers in the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.gtri.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003EGeorgia Tech Research Institute\u003C\/a\u003E\u0026nbsp;(GTRI) found that seven-letter passwords might not be safe for long because of the growing computing power of graphics processing units (GPUs).\u003C\/p\u003E\u003Cp\u003E\u201cRight now we can confidently say that a seven-character password is hopelessly inadequate and as GPU power continues to go up every year, the threat will increase,\u201d said GTRI senior research scientist Richard Boyd.\u003C\/p\u003E\u003Cp\u003EDesigned to handle the ever-growing demands of computer games, today\u2019s top GPUs can process information at the rate of nearly two teraflops (a teraflop is a trillion floating-point operations per second). Until recently, multi-core graphics processors \u2013 which are made by either Nvidia Corp. or by AMD\u2019s ATI unit \u2013 were difficult to use for anything except producing graphics for a monitor.\u003C\/p\u003E\u003Cp\u003EBut that changed in February 2007 when Nvidia released an important new software-development kit. These new tools allow users to directly program a GPU using the popular C programming language. Unfortunately, this new capability dramatically accelerates a password-breaking technique that engineers call \u201cbrute forcing.\u201d\u003C\/p\u003E\u003Cp\u003EIn brute forcing, attackers use a fast GPU (or even a group of linked GPUs) \u2013 combined with the right software program \u2013 to break down passwords that are keeping them out of a computer or a network. The intruders\u2019 high-speed technique basically involves trying every possible password until they find the right one.\u003C\/p\u003E\u003Cp\u003E\u201cLength is a major factor in protecting against brute forcing a password,\u201d explained Joshua L. Davis, a GTRI research scientist involved in this project. \u201cA computer keyboard contains 95 characters, and every time you add another character to your password, your protection goes up exponentially, by 95 times.\u201d\u003C\/p\u003E\u003Cp\u003EComplexity also adds security, he said. Adding numbers, symbols and uppercase characters significantly increases the time needed to decipher a password.\u003C\/p\u003E\u003Cp\u003EWould-be password crackers have other advantages, said Carl Mastrangelo, an undergraduate student in the College of Computing who is working with GTRI on the password research. A computer stores user passwords in an encrypted \u201chash\u201d within the operating system. Attackers who locate a password hash can besiege it by building a \u201crainbow table,\u201d which is essentially a database of all previous attempts to compromise that password hash. Generating a rainbow table takes a long time, but if an attacker wants to crack many passwords quickly, once he\u2019s built a rainbow table it might then only take about 10 minutes per password rather than several days.\u003C\/p\u003E\u003Cp\u003EDavis believes the best password is an entire sentence, preferably one that includes numbers or symbols. That\u2019s because a sentence is both long and complex, and yet easy to remember. He said any password shorter than 12 characters could be vulnerable \u2013 if not now, soon.\u003C\/p\u003E\u003Ch3\u003E\u003Cstrong\u003EMobile Device and Telephone Security\u003C\/strong\u003E\u003C\/h3\u003E\u003Cp\u003ESmartphones \u2013 such as BlackBerrys, Droids and iPhones \u2013 have become indispensable to everyone from today\u2019s highly mobile workforce to tech-savvy youngsters. While these devices keep friends and colleagues just a few thumb-taps away and allow business to be done anywhere that has cellphone reception, they also pose new security and privacy risks.\u003C\/p\u003E\u003Cp\u003E\u201cTraditional cellphones have been ignored by attackers because they were specialty devices, but the new phones available today are handheld computers that are able to send and receive email, surf the Internet, store documents and remotely access data \u2013 all actions that make them vulnerable to a wide range of attacks,\u201d said\u0026nbsp;\u003Ca href=\u0022http:\/\/www.scs.gatech.edu\/people\/patrick-traynor\u0022 target=\u0022_blank\u0022\u003EPatrick Traynor\u003C\/a\u003E, an assistant professor in the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.scs.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003EGeorgia\u0026nbsp;Tech School of Computer Science\u003C\/a\u003E\u0026nbsp;and a GTISC faculty member.\u003C\/p\u003E\u003Cp\u003ETraynor and\u0026nbsp;\u003Ca href=\u0022http:\/\/www.scs.gatech.edu\/people\/jonathon-giffin\u0022 target=\u0022_blank\u0022\u003EJonathon Giffin\u003C\/a\u003E, also an assistant professor in the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.scs.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003ESchool of Computer Science\u003C\/a\u003E, recently received a National Science Foundation grant to develop tools that improve the security of mobile devices and the telecommunications networks on which they operate. These Georgia Tech faculty members, together with a team of graduate students, are developing methods of identifying and remotely repairing mobile devices that may be infected with viruses or other malware.\u003C\/p\u003E\u003Cp\u003EMalware can potentially eavesdrop on user input, steal sensitive information, destroy stored information or disable a device. Attackers may snoop on passwords for online accounts, electronic documents, emails that discuss sensitive topics, calendar and phonebook entries, and audio and video media.\u003C\/p\u003E\u003Cp\u003E\u201cBecause mobile phones typically lack security features found on desktop computers, such as antivirus software, we need to accept that the mobile devices will ultimately be successfully attacked. Therefore, our research focus is to develop effective attack recovery strategies,\u201d explained Giffin.\u003C\/p\u003E\u003Cp\u003EThe researchers are investigating whether cellular service providers \u2013 such as AT\u0026amp;T and Verizon Wireless \u2013 can detect infected devices on their respective networks. Because infected devices often begin to overutilize the network by sending a high volume of traffic to a known malicious Web server or by suddenly generating a high volume of text messages, monitoring traffic patterns on the network should allow these infected phones to be located, according to the researchers.\u003C\/p\u003E\u003Cp\u003ETo assess their proposed methods of finding and repairing infected mobile devices, the researchers are building a cellular network test bed at Georgia Tech that will simulate how cellular devices communicate over a network. This test bed will be interoperable with GTRI\u2019s Mobile Innovation, Security and Forensic Test bed (MISFiT), which examines the entire mobile ecosystem and its vulnerabilities.\u003C\/p\u003E\u003Cp\u003E\u201cThe focus of MISFiT is in-depth analysis with a system view, including mobile data analytics for capacity planning, machine-to-machine security and security issues associated with mobile and location-based commerce,\u201d said Chuck Bokath, a GTRI senior research engineer.\u003C\/p\u003E\u003Cp\u003EAnother dimension of privacy and security concern for mobile phones is their future integration with consumer credit and banking capabilities. Imagine \u2013 instead of fumbling for a credit card, coupons and loyalty card at a grocery store, you use your mobile phone to provide all that information.\u003C\/p\u003E\u003Cp\u003EThis futuristic-sounding experience may not be far off. In November 2010, AT\u0026amp;T Mobility, Verizon Wireless and T-Mobile USA announced the formation of the Isis mobile commerce network, with pay-by-phone service expected in some markets within 18 months. In advance of these new mobile capabilities, a research team at Georgia Tech recently analyzed the technical and policy gaps that make pay-by-mobile users vulnerable.\u003C\/p\u003E\u003Cp\u003EWith support from the National Science Foundation and SAIC, the study was conducted by\u0026nbsp;\u003Ca href=\u0022http:\/\/www.inta.gatech.edu\/faculty-staff\/listing.php?uID=21\u0022 target=\u0022_blank\u0022\u003ESeymour Goodman\u003C\/a\u003E, a professor in the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.inta.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003ESam Nunn School of International Affairs\u003C\/a\u003E\u0026nbsp;and the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.scs.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003ESchool of Computer Science\u003C\/a\u003E\u0026nbsp;at Georgia Tech, Traynor, and graduate students Andrew Harris of the Sam Nunn School and Frank Park of the School of Computer Science.\u003C\/p\u003E\u003Cp\u003E\u201cIt is essential that we understand both the opportunities and the dangers presented by mobile devices,\u201d said Goodman, who is also co-director of both the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.gtisc.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003EGeorgia Tech Information Security Center\u003C\/a\u003E\u0026nbsp;(GTISC) and the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.cistp.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003ECenter for International Strategy, Technology and Policy\u003C\/a\u003E\u0026nbsp;(CISTP). \u201cThe safe and responsible deployment of emerging mobile technologies requires not only additional understanding, but also the willingness of government, corporations and civil society to confront these challenges expeditiously.\u201d\u003C\/p\u003E\u003Cp\u003ECustomers must first be educated about how data is collected and shared on mobile phones and how they can protect against theft and abuse of their personal information. The researchers propose the creation of a comprehensive national privacy policy to ensure that consumers can use a \u201cdigital wallet\u201d to purchase goods with confidence that the data generated through those transactions will not be bought, sold or traded. In addition, the study suggests that digital wallet developers consider sensible privacy statements designed specifically for mobile phones.\u003C\/p\u003E\u003Cp\u003EOn the technical side, vulnerabilities lie in authenticating the legitimacy of a digital wallet reader. Near-field communication technology \u2013 a form of radio-frequency identification (RFID) \u2013 will likely be used to process consumer transactions. The researchers suggest there should be a mechanism to authenticate readers and notify users before they disclose their private information.\u003C\/p\u003E\u003Cp\u003E\u201cUsers are willing to trust devices with which they are interacting without proper validation, so the public will need to be educated about what these digital wallet readers should look like and how to spot an illegitimate device,\u201d said Goodman.\u003C\/p\u003E\u003Cp\u003EGoodman, Harris and collaborators at Carnegie Mellon University are also concerned with the security risks that mobile phones bring to less-developed countries. In 2009, the 53 countries of Africa boasted 295 million mobile phone subscriptions for a penetration rate of 37.5 per 100 inhabitants.\u003C\/p\u003E\u003Cp\u003EWith funding from the MacArthur Foundation, the researchers investigated cellular security vulnerabilities in Africa. They found that many African nations suffer from a deficiency of appropriate laws and organizations needed to confront cyber crime.\u003C\/p\u003E\u003Cp\u003E\u201cIn such an environment, mobile phones become an unprecedented tool to track a citizen\u2019s activities. An unscrupulous government could easily use the cellular network to track an individual\u2019s movement, listen to conversations and access financial records,\u201d explained Goodman.\u003C\/p\u003E\u003Cp\u003EThe research team has suggested solutions to these vulnerabilities, such as requiring device manufacturers and service providers to offer adequate security, increasing the African workforce of information security professionals, and initiating a public awareness campaign to alert the African people to the potentially detrimental effects mobile phones can have.\u003C\/p\u003E\u003Cp\u003EGTISC researchers are also investigating security on landline phones, as phishing scams make the leap from email to the world\u2019s voice systems. Today, it is relatively easy for criminals to fake caller ID and employ the same sort of phishing scams they use on the Internet.\u003C\/p\u003E\u003Cp\u003EFunded in part by the National Science Foundation, Traynor and\u0026nbsp;\u003Ca href=\u0022http:\/\/www.scs.gatech.edu\/people\/mustaque-ahamad\u0022 target=\u0022_blank\u0022\u003EMustaque Ahamad\u003C\/a\u003E, a professor in the School of Computer Science and GTISC director, identified a digital fingerprint hidden within voice signals that can reveal fraud and thwart voice phishing scams.\u003C\/p\u003E\u003Cp\u003EThe team created a system called PinDr0p that exploits artifacts left on call audio by the voice networks themselves and then determines the path a call takes to get to a recipient\u2019s phone with at least 90 percent accuracy. The team is currently working on using PinDr0p to geolocate the origin of calls.\u003C\/p\u003E\u003Ch3\u003E\u003Cstrong\u003ESecure Information Sharing\u003C\/strong\u003E\u003C\/h3\u003E\u003Cp\u003EInformation sharing requires that partners establish broad electronic trust among the caretakers of critical information and those who need and are authorized to use that information.\u003C\/p\u003E\u003Cp\u003EResearchers from Georgia Tech teamed with Children\u2019s Healthcare of Atlanta and Emory University\u2019s Center for Comprehensive Informatics to develop technologies that will protect the security and privacy of electronic health information.\u003C\/p\u003E\u003Cp\u003E\u201cStoring medical records in electronic format and sharing them among different health care organizations has the potential to produce enormous improvements in the quality and efficiency of the health care system, but unauthorized disclosure of the information has the potential to damage lives and harm careers,\u201d said\u0026nbsp;\u003Ca href=\u0022http:\/\/www.ece.gatech.edu\/about\/personnel\/bio.php?id=14\u0022 target=\u0022_blank\u0022\u003EDouglas Blough\u003C\/a\u003E, a professor in the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.ece.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003ESchool of Electrical and Computer Engineering\u003C\/a\u003E\u0026nbsp;at Georgia Tech.\u003C\/p\u003E\u003Cp\u003EThrough a project called\u0026nbsp;\u003Ca href=\u0022http:\/\/medvault.gtisc.gatech.edu\/\u0022 target=\u0022_blank\u0022\u003EMedVault\u003C\/a\u003E, Blough and professors\u0026nbsp;\u003Ca href=\u0022http:\/\/www.scs.gatech.edu\/people\/mustaque-ahamad\u0022 target=\u0022_blank\u0022\u003EMustaque Ahamad\u003C\/a\u003E\u0026nbsp;and\u0026nbsp;\u003Ca href=\u0022http:\/\/www.scs.gatech.edu\/people\/ling-liu\u0022 target=\u0022_blank\u0022\u003ELing Liu\u003C\/a\u003E\u0026nbsp;of the School of Computer Science at Georgia Tech are developing a broad set of information security and privacy tools that can be integrated with electronic health records systems and work flows. MedVault is supported by the National Science Foundation and the Atlanta Clinical and Translational Science Institute.\u003C\/p\u003E\u003Cp\u003EWith health information exchanges popping up across the country, individuals will begin sharing health documents with various health care system entities, which will need to verify the source and trustworthiness of the documents. MedVault researchers developed a system that uses redactable signature technology for source-verifiable, patient-controlled information sharing. The system enables documents digitally signed by a health care provider to be authenticated, while at the same time invisibly deleting information a patient wants to keep confidential.\u003C\/p\u003E\u003Cp\u003E\u201cThis technology could be especially valuable, for example, to parents who need certified health records to enroll a child in school, college, summer camp or other activity because parents would just need this one digitally signed document and could use it in many different ways,\u201d explained Blough.\u003C\/p\u003E\u003Cp\u003EThe research team also designed a policy combination and conflict resolution system that can examine the policies of multiple health care entities and ensure they are all followed.\u003C\/p\u003E\u003Cp\u003E\u201cEach organization with a health information exchange may have a different policy about what information in their system can be disclosed under specific circumstances and patients might want to set their own disclosure controls, and all of these policies must be enforced. Our system combines these multiple policies and resolves any conflicts,\u201d added Blough.\u003C\/p\u003E\u003Cp\u003EThe MedVault team is working to ensure that these technologies are seamlessly integrated with the overall health system and its medical processes to provide strong security and privacy while assuring patient safety.\u003C\/p\u003E\u003Cp\u003EWhile secure information sharing is necessary in the health care sector, it\u2019s also essential for criminal justice organizations. The\u0026nbsp;\u003Ca href=\u0022http:\/\/www.it.ojp.gov\/default.aspx?area=nationalinitiatives\u0026amp;page=1179\u0022 target=\u0022_blank\u0022\u003EGlobal Federated Identity and Privilege Management\u003C\/a\u003E(GFIPM) initiative provides a way for justice and public safety organizations to securely access information from multiple agencies with a single logon. John Wandelt, a GTRI principal research scientist, is the GFIPM initiative\u2019s project manager.\u003C\/p\u003E\u003Cp\u003EEstablished through a collaborative effort of the Global Justice Information Sharing Initiative membership, the U.S. Department of Justice, Office of Justice Programs, Bureau of Justice Assistance and the U.S. Department of Homeland Security, the GFIPM initiative provides the justice community with a secure information-sharing architecture based on an electronic justice credential. This standards-based justice credential can be used to securely connect law enforcement and public safety personnel to interagency applications and data over the Internet.\u003C\/p\u003E\u003Cp\u003E\u201cBy separating the roles of identity providers from service providers, the GFPIM architecture allows agencies to leverage their existing local security infrastructures, policies and mechanisms to significantly reduce overall cost and increase privacy, security and usability,\u201d explained Wandelt.\u003C\/p\u003E\u003Cp\u003EThe GFIPM framework supports identifying and authenticating users; managing the certifications, clearances, job functions, local privileges and organizational affiliations associated with each user that can serve as the basis for authorization decisions; and determining what information is required to audit systems.\u003C\/p\u003E\u003Cp\u003EThe framework leverages the\u0026nbsp;\u003Ca href=\u0022http:\/\/www.niem.gov\/\u0022 target=\u0022_blank\u0022\u003ENational Information Exchange Model\u003C\/a\u003E\u0026nbsp;(NIEM) for which Wandelt and other GTRI researchers provided engineering support and technical guidance.\u003C\/p\u003E\u003Cp\u003EIn September 2010, the GTRI team working in conjunction with the Global Security Working Group published a baseline set of GFIPM technical and governance specifications. The specifications are currently being adopted by the U.S. Department of Justice, U.S. Department of Homeland Security, Federal Bureau of Investigation, and several state and local agencies to securely exchange sensitive information.\u003C\/p\u003E\u003Ch3\u003E\u003Cstrong\u003EU.S. Government Agency Security\u003C\/strong\u003E\u003C\/h3\u003E\u003Cp\u003EFor decades, researchers at Georgia Tech have developed technologies for defending against and defeating attacks on the battlefield. More recently, they have been focusing major efforts on defending the virtual battlefield.\u003C\/p\u003E\u003Cp\u003EExperts in the Georgia Tech Research Institute (GTRI) and the Georgia Tech Information Security Center (GTISC) are tackling security issues with government and military networks, and developing new tools and methods for securing information and networks.\u003C\/p\u003E\u003Cp\u003ETo develop and deploy advanced technologies to defend against and deter cyber attacks on the United States, researchers are pursuing challenges in various agencies within the U.S. Departments of Defense and Homeland Security, and local, state and allied foreign governments.\u003C\/p\u003E\u003Cp\u003EGeorgia Tech\u2019s work focuses on providing resilient command-and-control solutions to war fighters operating in contested environments, and helping government agencies defend against cyber criminals to safeguard the nation\u2019s critical infrastructure.\u003C\/p\u003E\u003Ch3\u003E\u003Cstrong\u003E\u003Cem\u003ECommand and Control Mission Assurance\u003C\/em\u003E\u003C\/strong\u003E\u003C\/h3\u003E\u003Cp\u003EThe sophisticated, multiphase cyber attacks that increasingly target government operations are often invisible to traditional security technology. To construct systems that control homeland and combat operations, GTRI researchers are designing and fielding resilient information systems that include secure network enclaves, virtualization and multilevel security.\u003C\/p\u003E\u003Cp\u003EGTRI researchers are helping the U.S. Department of Defense develop, test and integrate new technologies for defending networks.\u003C\/p\u003E\u003Cp\u003E\u201cThe objective of this work is to assure command and control from a networking perspective in a hostile cyber environment,\u201d said Jeff Moulton, a GTRI principal research associate.\u003C\/p\u003E\u003Cp\u003EThe\u0026nbsp;\u003Ca href=\u0022http:\/\/www.terec.gatech.edu\/netts.html\u0022\u003ENetwork-centric Test and Training System\u003C\/a\u003E\u0026nbsp;(NeTTS) developed by GTRI also provides command-and-control mission assurance. NeTTS is a family of nonintrusive test tools for distributed, network-centric environments that support test and training through the creation of realistic virtual environments.\u003C\/p\u003E\u003Cp\u003ESince 1997, GTRI has developed these tools, with most funding from the Department of Defense\u2019s Resource Enhancement Program. The first of these tools, the Realistic Operational Communications Scenarios (ROCS) System, pioneered a systematic approach to Command, Control, Communications, Computers and Intelligence (C4I) testing, focusing on ground combat elements. Successor systems \u2013 the Commander\u2019s Air Defense Environment Test Tool (CADETT) and the Integrated Broadcast Service Test and Analysis Tool (ITAS) \u2013 focused on air operations and intelligence systems.\u003C\/p\u003E\u003Cp\u003EThe centralized code base allows rapid deployment of updated code, new plug-ins and drivers, new development language versions, troubleshooting and other changes. The NeTTS training component emphasizes realism, focusing on software that can merge training with actual tactical communications systems to o\ufb00er a true hands-on experience.\u003C\/p\u003E\u003Cp\u003E\u201cNeTTS has been used by all four military services, providing support during pre-test planning, test conduct and post-testanalysis of a wide variety of communication networks and systems,\u201d said Fred Wright, a GTRI principal research engineer.\u003C\/p\u003E\u003Cp class=\u0022wp-caption-text\u0022\u003EU.S. Army personnel use a Deployable Joint Command and Control (DJC2) forward command post. GTRI researchers have supported information technology upgrades for the DJC2. (Credit: U.S. Army)\u003C\/p\u003E\u003Cp\u003EGTRI has also been involved for more than seven years with the U.S. military\u2019s\u0026nbsp;\u003Ca href=\u0022https:\/\/sp.djc2.org\/\u0022\u003EDeployable Joint Command and Control\u003C\/a\u003Esystem (DJC2) \u2013 a self-contained, self-powered temporary headquarters facility. GTRI has been responsible for designing DJC2\u2019s information technology infrastructure since the initial prototype stage.\u003C\/p\u003E\u003Cp\u003E\u201cThe time it used to take to deploy a joint task force infrastructure was significant,\u201d said Jack Hart, a senior research engineer leading the program for GTRI. \u201cOur forces need to be able to stand up a joint task force communications infrastructure in a very short amount of time \u2013 not two or three weeks but 72 hours or less.\u201d\u003C\/p\u003E\u003Cp\u003EThe work, which is directly sponsored by the DJC2 Joint Program Office, has included networks and wired and wireless communications, as well as newer elements such as advanced peer-to-peer internetworking convergence and satellite communication terminals.\u003C\/p\u003E\u003Cp\u003EOne major hurdle, Hart explained, has involved migrating from the serial equipment originally used by the joint task forces. The serial approach was based largely on modem communications,\u0026nbsp;which made tactical communications between field units and headquarters problematic.\u003C\/p\u003E\u003Cp\u003ETo enable the migration, GTRI designed a seamless, phased transition from the original equipment to Ethernet systems based on current Internet protocol (IP) technology. Hart\u2019s team created a hybrid architecture that allowed older serial equipment to connect to new IP systems when required.\u003C\/p\u003E\u003Cp\u003ENow that the DJC2 rapid-response kit has been designed, tested and fielded, GTRI is focusing on enhancing important technical elements of the system. Hart\u2019s team is developing a secure DJC2 wireless architecture, expected to become one of the few operational systems that is fully accredited for security. To support this wireless architecture, the team is utilizing wideband satellite Ka and X-band communications technologies.\u003C\/p\u003E\u003Ch3\u003E\u003Cstrong\u003E\u003Cem\u003ENetwork Vulnerability\u003C\/em\u003E\u003C\/strong\u003E\u003C\/h3\u003E\u003Cp\u003EGeorgia Tech\u2019s cyber researchers are also applying the latest technologies in signal and protocol exploitation, Web crawling, malware analysis, and reverse engineering of embedded and application programs to counter adversary information networks.\u003C\/p\u003E\u003Cp\u003EFor one project, GTRI researchers are developing new techniques for critical infrastructure and network defense and information operations in the Air National Guard. GTRI plans to develop interoperability solutions for connecting aircraft to various data link systems and ground forces, along with analyzing and identifying security issues.\u003C\/p\u003E\u003Cp\u003EGTRI will also develop an interactive process for tracking cyber technologies and threats. In particular, a systems engineering process will be customized to provide an understandable presentation of cyberspace trends and issues, and predict future threats.\u003C\/p\u003E\u003Cp\u003E\u201cAs technology changes and new systems come online, the Air National Guard needs new tools to watch for attacks so that they can continue to progress as new technologies develop into cyber concerns,\u201d Wright explained.\u003C\/p\u003E\u003Cp\u003EAlso in the network vulnerability area, GTRI has developed a platform called SpiderSense, which provides intelligent crawling and analysis modules for Web research. The platform is currently used for automated penetration testing and exploits research, but new tools and techniques can be rapidly prototyped. Initial development of SpiderSense was led by former GTRI senior research engineer Steve Millar with support from GTRI\u2019s Independent Research and Development program.\u003C\/p\u003E\u003Cp\u003EWeb servers often have full access to databases and supporting services within an organization. If they are compromised, they have the network permissions to cause damage to other, more critical systems like databases or directory servers. Web threats like this are currently addressed by an infrequent and uneven application of code reviews and penetration tests.\u003C\/p\u003E\u003Cp\u003EOne of the SpiderSense modules assesses websites for possible entry points that malicious programs could use to gain access to Web servers and withdraw data from them, and tests each point for exploitability. The SpiderSense tool enables organizations to automatically defend websites from SQL injection, cross-site scripting, denial of service and other attacks.\u003C\/p\u003E\u003Cp\u003E\u201cSpiderSense enables government and industry to conduct repeatable, automated and customizable security assessments of their Web applications to validate software development life-cycle practices and ensure information assurance,\u201d said GTRI research scientist Andrew Howard, who is currently leading this research effort.\u003C\/p\u003E\u003Cp\u003EIn addition, SpiderSense can be used as a platform for directing simulated intrusion attacks into networks, a practice called \u201cred teaming.\u201d Automated discovery of the vulnerable entry points in Web servers provides a technique for developing cyber weapons that also automate the exploitation of the vulnerabilities.\u003C\/p\u003E\u003Cp\u003EIn another network vulnerability project, GTISC and GTRI researchers are helping the U.S. Department of Defense and other government agencies block and remove botnets from networks, shut down botnet operations on the Internet, assess current botnet threats and predict future trends.\u003C\/p\u003E\u003Cp\u003EGeorgia Tech computer science professor\u0026nbsp;\u003Ca href=\u0022http:\/\/www.scs.gatech.edu\/people\/wenke-lee\u0022\u003EWenke Lee\u003C\/a\u003E\u0026nbsp;leads the five-year, $7.5 million Multidisciplinary University Research Initiative (MURI) from the U.S. Office of Naval Research, which is aimed at developing practical approaches to detecting and removing botnets. The multi-university team, which includes collaborators at the University of Michigan, Stanford University and the University of California at Santa Barbara, plans to develop botnet detection and removal approaches that will work against all bots and botnets.\u003C\/p\u003E\u003Cp\u003ETo do this, the researchers will first identify the basic properties of all bots and botnets, and then determine how they can target these structural and operational properties to locate bots and botnets. Lastly, they will develop practical ways to shut down the botnets and remove the bots from affected computers.\u003C\/p\u003E\u003Cp\u003EFor example, a basic property of all bots is that they are not human, thus their activity is generated by a computer program. With this knowledge, the researchers hope to develop techniques that would help find bot-infected computers by distinguishing human-generated network traffic from program-generated traffic. To put this theory into practice, they would need to develop an effective way of monitoring the activity on computers and determining whether it originated from humans or programs.\u003C\/p\u003E\u003Cp\u003ETo do that, they might develop a way to determine whether an email sent from a computer was sent by a user clicking a send button or some program sending it without user action. While all activity generated by programs is not bad, this could be their first clue that a computer might be infected with a bot. If additional bot-like properties are observed, the researchers would be able to determine for sure whether the computer was compromised.\u003C\/p\u003E\u003Cp\u003E\u201cWe are confident that by following this methodology, we can deliver approaches that are fundamental, meaning that if a botnet changes, the solutions will still work because they target the fundamental properties of botnets that each one has to have to survive,\u201d said Lee.\u003C\/p\u003E\u003Ch3\u003E\u003Cstrong\u003E\u003Cem\u003ESecure Information Systems\u003C\/em\u003E\u003C\/strong\u003E\u003C\/h3\u003E\u003Cp\u003EGTRI researchers working in the secure information systems area design, develop and deploy enterprise information systems requiring state-of-the-art database, platform and Internet security. They are currently providing secure applications and cross-domain extensible markup language (XML) guards to the U.S. Department of Defense to enable sharing of compartmented data between networks and domains.\u003C\/p\u003E\u003Cp\u003EThese applications are built from the ground up with redundant security measures at every layer. This security infrastructure provides the necessary protections to prevent data spills that could be catastrophic to national defense.\u003C\/p\u003E\u003Ch3\u003E\u003Cstrong\u003ELooking Forward\u003C\/strong\u003E\u003C\/h3\u003E\u003Cp\u003EWith the growing scale and sophistication of cybersecurity threats, multidisciplinary teams at Georgia Tech are focused on gaining a better understanding of emerging threats, as well as the motives and methods of cyber attackers.\u003C\/p\u003E\u003Cp\u003EGeorgia Tech researchers are working together and partnering with local Internet security companies to provide solutions for defending against highly sophisticated and well-funded cyber criminal activities. The basic research conducted at GTISC provides the forward-looking activities required to defend proactively, and the applied research of GTRI incorporates these ideas into proof-of-concept and functional models. By partnering with small business, these solutions can be implemented.\u003C\/p\u003E\u003Cp\u003ETo foster this vision, GTRI is developing a long-term strategic plan that invests in collaborative research involving numerous Georgia Tech units and small businesses. These plans include building a cyber test laboratory that provides development, testing and visualization capabilities in support of wired and wireless transport media. Plans also include connectivity to government test ranges, partnering with private industry to include its solutions in the laboratory, and developing targeted educational courses to enhance awareness.\u003C\/p\u003E\u003Cp\u003E\u201cBy developing solutions to impending cyber concerns at an early stage before they become widespread sources of harm, Georgia Tech will continue to be a leader in the cybersecurity arena,\u201d said Mustaque Ahamad, director of GTISC.\u003C\/p\u003E\u003Cp\u003E\u003Cem\u003ERick Robinson and Michael Terrazas also contributed to this story.\u003C\/em\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cem\u003EThis material is based upon work supported by the National Science Foundation (NSF) under Award Nos. CNS-0716570, CNS-0916047 and 0911886; U.S. Army under Award No. W911NF-06-1-0316; U.S. Navy under Award No. N00014-09-1-1042; National Institutes of Health\u2019s (NIH) National Center for Research Resources under PHS Grant UL1 RR025008 from the Clinical and Translational Science Award program; and the Office of Naval Research (ONR) under Award No. N00014-09-1-1042. Any opinions, findings, conclusions or recommendations expressed in this publication are those of the principal investigators and do not necessarily reflect the views of the NSF, U.S. Army, U.S. Navy, NIH or ONR.\u003C\/em\u003E\u003C\/p\u003E","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":"","field_summary_sentence":[{"value":"Georgia Tech cybersecurity researchers are developing technologies and security strategies to enable the global cybersecurity solutions of the future."}],"uid":"28152","created_gmt":"2014-11-04 16:57:16","changed_gmt":"2016-10-08 03:17:26","author":"Claire Labanz","boilerplate_text":"","field_publication":"","field_article_url":"","dateline":{"date":"2011-09-07T00:00:00-04:00","iso_date":"2011-09-07T00:00:00-04:00","tz":"America\/New_York"},"extras":[],"hg_media":{"340871":{"id":"340871","type":"image","title":"Research Horizons - Tackling Cyber Threats - GTRI\u2019s new Cyber Technology and Information Security Laboratory","body":null,"created":"1449245595","gmt_created":"2015-12-04 16:13:15","changed":"1475895057","gmt_changed":"2016-10-08 02:50:57","alt":"Research Horizons - Tackling Cyber Threats - GTRI\u2019s new Cyber Technology and Information Security Laboratory","file":{"fid":"200712","name":"cybersecurity_threats_1.jpg","image_path":"\/sites\/default\/files\/images\/cybersecurity_threats_1_0.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/cybersecurity_threats_1_0.jpg","mime":"image\/jpeg","size":1264552,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cybersecurity_threats_1_0.jpg?itok=r7vYuw-9"}},"340881":{"id":"340881","type":"image","title":"Research Horizons - Tackling Cyber Threats - computers compromised by the Mariposa botnet","body":null,"created":"1449245595","gmt_created":"2015-12-04 16:13:15","changed":"1475895057","gmt_changed":"2016-10-08 02:50:57","alt":"Research Horizons - Tackling Cyber Threats - computers compromised by the Mariposa botnet","file":{"fid":"200713","name":"cybersecurity_threats_2.jpg","image_path":"\/sites\/default\/files\/images\/cybersecurity_threats_2_0.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/cybersecurity_threats_2_0.jpg","mime":"image\/jpeg","size":5136453,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cybersecurity_threats_2_0.jpg?itok=SjICIJ9k"}},"340891":{"id":"340891","type":"image","title":"Research Hoizons - Tackling Cyber Threats - Wenke Lee","body":null,"created":"1449245595","gmt_created":"2015-12-04 16:13:15","changed":"1475895057","gmt_changed":"2016-10-08 02:50:57","alt":"Research Hoizons - Tackling Cyber Threats - Wenke Lee","file":{"fid":"200714","name":"cybersecurity_threats_3.jpg","image_path":"\/sites\/default\/files\/images\/cybersecurity_threats_3_0.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/cybersecurity_threats_3_0.jpg","mime":"image\/jpeg","size":814533,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cybersecurity_threats_3_0.jpg?itok=fR-VSus5"}},"340901":{"id":"340901","type":"image","title":"Research horizons - Tackling CyberThreats - investigated the GPU threat to password security,","body":null,"created":"1449245595","gmt_created":"2015-12-04 16:13:15","changed":"1475895057","gmt_changed":"2016-10-08 02:50:57","alt":"Research horizons - Tackling CyberThreats - investigated the GPU threat to password security,","file":{"fid":"200715","name":"cybersecurity_threats_4.jpg","image_path":"\/sites\/default\/files\/images\/cybersecurity_threats_4_0.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/cybersecurity_threats_4_0.jpg","mime":"image\/jpeg","size":1529771,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cybersecurity_threats_4_0.jpg?itok=RB8a4mcx"}},"340911":{"id":"340911","type":"image","title":"Research Horizons - Tackling Cyber Threats - developing tools to improve the security of mobile devices","body":null,"created":"1449245595","gmt_created":"2015-12-04 16:13:15","changed":"1475895057","gmt_changed":"2016-10-08 02:50:57","alt":"Research Horizons - Tackling Cyber Threats - developing tools to improve the security of mobile devices","file":{"fid":"200716","name":"cybersecurity_threats_5.jpg","image_path":"\/sites\/default\/files\/images\/cybersecurity_threats_5_0.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/cybersecurity_threats_5_0.jpg","mime":"image\/jpeg","size":1272305,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cybersecurity_threats_5_0.jpg?itok=Ww3xkQcw"}},"340921":{"id":"340921","type":"image","title":"Research Horizons - Tackling Cyber Threats - eveloping a broad set of information security and privacy tools","body":null,"created":"1449245595","gmt_created":"2015-12-04 16:13:15","changed":"1475895057","gmt_changed":"2016-10-08 02:50:57","alt":"Research Horizons - Tackling Cyber Threats - eveloping a broad set of information security and privacy tools","file":{"fid":"200717","name":"cybersecurity_threats_6.jpg","image_path":"\/sites\/default\/files\/images\/cybersecurity_threats_6_0.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/cybersecurity_threats_6_0.jpg","mime":"image\/jpeg","size":4700264,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cybersecurity_threats_6_0.jpg?itok=vrwejeS4"}},"340931":{"id":"340931","type":"image","title":"Research Horizons - Tackling Cyber Threats - critical field of information operations","body":null,"created":"1449245595","gmt_created":"2015-12-04 16:13:15","changed":"1475895057","gmt_changed":"2016-10-08 02:50:57","alt":"Research Horizons - Tackling Cyber Threats - critical field of information operations","file":{"fid":"200718","name":"cybersecurity_threats_7.jpg","image_path":"\/sites\/default\/files\/images\/cybersecurity_threats_7_0.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/cybersecurity_threats_7_0.jpg","mime":"image\/jpeg","size":6136373,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cybersecurity_threats_7_0.jpg?itok=R6eVl5ST"}},"340941":{"id":"340941","type":"image","title":"Research Horizons - Tackling Cyber Threats -Army","body":null,"created":"1449245595","gmt_created":"2015-12-04 16:13:15","changed":"1475895057","gmt_changed":"2016-10-08 02:50:57","alt":"Research Horizons - Tackling Cyber Threats -Army","file":{"fid":"200719","name":"cybersecurity_threats_8.jpg","image_path":"\/sites\/default\/files\/images\/cybersecurity_threats_8_0.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/cybersecurity_threats_8_0.jpg","mime":"image\/jpeg","size":659156,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cybersecurity_threats_8_0.jpg?itok=0sC3RAdP"}},"340961":{"id":"340961","type":"image","title":"Research Horizons - Tackling Cyber Threats - detecting and removing bots and botnets","body":null,"created":"1449245595","gmt_created":"2015-12-04 16:13:15","changed":"1475895057","gmt_changed":"2016-10-08 02:50:57","alt":"Research Horizons - Tackling Cyber Threats - detecting and removing bots and botnets","file":{"fid":"200721","name":"cybersecurity_threats_9.jpg","image_path":"\/sites\/default\/files\/images\/cybersecurity_threats_9_0.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/cybersecurity_threats_9_0.jpg","mime":"image\/jpeg","size":2337530,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cybersecurity_threats_9_0.jpg?itok=XW2alRSH"}}},"media_ids":["340871","340881","340891","340901","340911","340921","340931","340941","340961"],"groups":[{"id":"1188","name":"Research Horizons"}],"categories":[{"id":"42941","name":"Art Research"}],"keywords":[{"id":"108521","name":"Winter\/Spring 2011 Issue"}],"core_research_areas":[{"id":"39481","name":"National Security"}],"news_room_topics":[],"event_categories":[],"invited_audience":[],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"\u003Cp\u003E\u003Cstrong\u003EResearch News\u2028\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EGeorgia Institute of Technology\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003E\u2028177 North Avenue\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003E\u2028Atlanta, Georgia\u0026nbsp; 30332-0181 \u0026nbsp;USA\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003E\u0026nbsp;\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EMedia Relations Contacts:\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003E\u0026nbsp;\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EJohn Toon\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003E\u2028404-894-6986\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003E\u2028\u003Ca href=\u0022mailto:jtoon@gatech.edu\u0022\u003Ejtoon@gatech.edu\u003C\/a\u003E\u2028\u2028\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003E\u0026nbsp;\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EBrett Israel\u2028\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003E404-385-1933\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003E\u2028\u003Ca href=\u0022mailto:brett.israel@comm.gatech.edu\u0022\u003Ebrett.israel@comm.gatech.edu\u003C\/a\u003E\u003C\/strong\u003E\u003C\/p\u003E","format":"limited_html"}],"email":[],"slides":[],"orientation":[],"userdata":""}}}