{"615269":{"#nid":"615269","#data":{"type":"news","title":"School of Computer Science Cybersecurity Researchers Are Securing the Future","body":[{"value":"\u003Cp\u003ECybersecurity affects everything from policy to technology. Georgia Tech is at the forefront of many of these conversations on attribution and government responsibility. None of these discussions would be possible, though, without secure systems the public can rely on. In the School of Computer Science, we identify emerging threats and create these systems to defend against them. \u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ENew attacks\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003EKeeping a pulse on the latest attack methods is one of our strengths. In order to create a more secure world, we must imagine threats outside of traditional devices. Yet the depth of our expertise ensures we also stay on top traditional methods. By tracking all attacks, we can build the necessary solutions.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EInternet of things (IoT) devices let us control the temperature of our home or track the food in our fridge from afar, but they are often built on simple software stacks. \u0026ldquo;All of these things were never meant to be connected to anything, so there is no notion of security when the code was designed and that creates a lot of vulnerabilities,\u0026rdquo; Professor \u003Ca href=\u0022https:\/\/www.cc.gatech.edu\/~milos\/\u0022\u003E\u003Cstrong\u003EMilos Prvulovic\u003C\/strong\u003E\u003C\/a\u003E said.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EOne such vulnerability is \u003Ca href=\u0022https:\/\/www.scs.gatech.edu\/news\/556931\/monitoring-side-channel-signals-could-detect-malicious-software-iot-devices\u0022\u003Eside channels\u003C\/a\u003E, the electromagnetic fields the device deploys when computation runs. An attacker can monitor these side channels to determine how a program runs down to when the program deploys a cryptokey and steal it. Yet Prvulovic surveys these side channels, too, determining whether a device is running expected programs and then updating it with more secure software. Prvulovic is applying the same technique to hardware. He measures radio frequency signals to determine how much power is going through a chip to ensure that chips operate as they should.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EMany attackers still rely on classic phishing, but are trying more sophisticated techniques to monetize successful attacks. For example, the notorious tech support scammers use search poisoning and malicious advertisements to get victims to call them. These attacks employ both online and phone channels or \u003Ca href=\u0022https:\/\/www.scs.gatech.edu\/news\/602929\/georgia-tech-researchers-bring-transparency-telephone-blacklists\u0022\u003Ecross-channels\u003C\/a\u003E. Professor \u003Ca href=\u0022https:\/\/www.cc.gatech.edu\/~mustaq\/\u0022\u003E\u003Cstrong\u003EMustaque Ahamad \u003C\/strong\u003E\u003C\/a\u003Eresearches how to understand and defend against cross-channel attacks. Securing voice channels is a growing cybersecurity field as voice-controlled IoT devices become common.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ENew defenses\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003EMuch of our work is preventative. We secure data users already have. The first step in data protection is authenticating users, and biometrics are the best tool. \u0026ldquo;It\u0026rsquo;s based on who you are, not what you know,\u0026rdquo; said Professor \u003Ca href=\u0022http:\/\/wenke.gtisc.gatech.edu\/\u0022\u003E\u003Cstrong\u003EWenke Lee\u003C\/strong\u003E\u003C\/a\u003E. This \u003Ca href=\u0022https:\/\/www.scs.gatech.edu\/news\/602606\/real-time-captcha-technique-improves-biometric-authentication\u0022\u003Ereal-time Captcha\u003C\/a\u003E offers new ways to authenticate users, but still has shortcomings. Lee is working on how to preserve the privacy of biometrics so that if a server were compromised, an attacker couldn\u0026rsquo;t use the stolen data to impersonate users.\u003C\/p\u003E\r\n\r\n\u003Cp\u003ESecuring the cloud is the next frontier. Associate Professor \u003Ca href=\u0022https:\/\/www.cc.gatech.edu\/~aboldyre\/\u0022\u003E\u003Cstrong\u003EAlexandra Boldyreva\u003C\/strong\u003E\u003C\/a\u003E works on searchable encryption. Users would be able to securely store data remotely on the cloud and perform searches. She also analyzes the cryptographic security guarantees of the newest networking and web authentication protocols. Associate Professor \u003Ca href=\u0022https:\/\/iisp.gatech.edu\/faculty\/vladimir-kolesnikov\u0022\u003E\u003Cstrong\u003EVladimir Kolesnikov\u003C\/strong\u003E\u003C\/a\u003E studies secure computation. This form of cryptography protects users\u0026rsquo; data during computation, so they can securely share healthcare data or private blockchain transactions. With the latter, users can verify they have enough money in their wallets for transactions without having to disclose the exact amount.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ENew advances\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003EWe combine our attack forecasting and prevention measures in our research labs. Our malware analysis lab offers a secure environment to run malware. Analysts can collaboratively explore and enumerate malware behaviors, which is a much more efficient effort than the current industry practice of reverse engineering malware in silos.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EWe are securing machine learning (ML) with a similar approach. Hackers can introduce dirty training data to corrupt an ML model or morph malware to evade an ML model. To combat adversarial ML, Lee\u0026rsquo;s team measures how robust a model is. They are creating an open source framework for researchers to test their models\u0026rsquo; strengths and improve their robustness.\u003C\/p\u003E\r\n\r\n\u003Cp\u003ENot all of this automation is bad. Assistant Professor \u003Ca href=\u0022https:\/\/taesoo.kim\/\u0022\u003E\u003Cstrong\u003ETaesoo Kim\u003C\/strong\u003E\u003C\/a\u003E sees the future of cybersecurity \u0026ldquo;as autonomous systems that assist human security experts handling large-scale security problems with small number of experts.\u0026rdquo; With this in mind, he\u0026rsquo;s been working on automated techniques to find bugs and cyber reasoning systems that create autonomous attack and defenses.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EOur efforts may be wide-ranging, but we are consistently creating the future of cybersecurity. Our cybersecurity researchers patch vulnerabilities in devices many didn\u0026rsquo;t even realize attackers compromised and ensure data is secure in our ever-connected world. Trust is a hard-won concept in the cybersecurity field, but our systems make people more confident their data is safe.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cem\u003EIllustrations by Pikisuperstar\/Freepik.com\u003C\/em\u003E\u003C\/p\u003E\r\n","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":"","field_summary_sentence":[{"value":"SCS researchers cover the range of cybersecurity research."}],"uid":"34541","created_gmt":"2018-12-12 20:13:24","changed_gmt":"2018-12-12 20:26:50","author":"Tess Malone","boilerplate_text":"","field_publication":"","field_article_url":"","dateline":{"date":"2018-12-12T00:00:00-05:00","iso_date":"2018-12-12T00:00:00-05:00","tz":"America\/New_York"},"extras":[],"hg_media":{"615272":{"id":"615272","type":"image","title":"Cybersecurity Illo","body":null,"created":"1544646187","gmt_created":"2018-12-12 20:23:07","changed":"1544646187","gmt_changed":"2018-12-12 20:23:07","alt":"Graphic of computer and security","file":{"fid":"234285","name":"Artboard 3 copy.png","image_path":"\/sites\/default\/files\/images\/Artboard%203%20copy.png","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/Artboard%203%20copy.png","mime":"image\/png","size":654631,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/Artboard%203%20copy.png?itok=jssu_C4I"}}},"media_ids":["615272"],"groups":[{"id":"47223","name":"College of Computing"},{"id":"50875","name":"School of Computer Science"}],"categories":[],"keywords":[],"core_research_areas":[{"id":"145171","name":"Cybersecurity"}],"news_room_topics":[],"event_categories":[],"invited_audience":[],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"\u003Cp\u003ETess Malone, Communications Officer\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Ca href=\u0022mailto:tess.malone@cc.gatech.edu\u0022\u003Etess.malone@cc.gatech.edu\u003C\/a\u003E\u003C\/p\u003E\r\n","format":"limited_html"}],"email":["tess.malone@cc.gatech.edu"],"slides":[],"orientation":[],"userdata":""}}}