K-State designated a National Center of Academic Excellence in Information Assurance Research

June 09, 2010

MANHATTAN, Kan. -- Kansas State University's Center for Information and Systems Assurance has been named a National Center of Academic Excellence in Information Assurance Research. The designation is made by the U.S. Department of Homeland Security and National Security Agency and is effective through 2015.

"This designation speaks volumes about the cybersecurity and high-assurance software research taking place at K-State," said Kirk Schulz, K-State president. "Our researchers are among the best minds in the country when it comes to information and computer security."

K-State's designation as a National Center of Academic Excellence in Information Assurance Research -- or CAE-R -- became official at a ceremony June 8 at the National Electronics Museum in Baltimore, Md.

Research in K-State's Center for Information and Systems Assurance - also known as CISA - falls into two categories: cybersecurity and secure software system construction. Xinming Ou, assistant professor of computing and information sciences, led K-State's effort in applying for the designation.

"Most of the causes of cybersecurity problems have to do with software vulnerabilities, which are mistakes made by software developers," he said. "We've been investigating and exploring scientific methods for improving software quality by developing automated program verification techniques and language concepts that can be applied to improve software security."

K-State research on secure software system construction falls under John Hatcliff, professor of computing and information sciences and director of the laboratory for specification, analysis and transformation of software, also known as the SAnToS laboratory. Hatcliff's research involves creating mathematical and logical models that can be used by special computer-based auditing programs to guarantee that information is shared with the right people at the right time and that leaks are prevented.

"We're moving beyond conventional quality assurance techniques in common use, like testing and systematic inspection, to using both logic and different types of math to model software," Hatcliff said. "Once we have these more rigorous ways of describing software behavior, we are then able to systematically establish -- using mathematical reasoning and logical reasoning -- whether the software is correct."

K-State's work in this area netted the university a $3 million grant from the Air Force Office of Scientific Research in 2009. With the grant, K-State researchers are collaborating with researchers at Princeton University to develop tools to secure information systems so that when information is transferred across large systems, there is confidence that nothing is accidentally revealed.

On the cybersecurity side, Ou's Argus research group is formulating scientific methods for managing the security of complex network systems.

"Cybersecurity is an asymmetric warfare," he said. "The attackers only need to find one hole to compromise a system, whereas the defenders have to plug them all. Without automated reasoning, cyberspace will continue to be the Wild West, where bad guys will wreak havoc."

Ou's work seeks to improve cybersecurity by providing automated reasoning that a network administrator can use to reach a conclusion about what security breaches have happened and how they happened, as well as quantitative metrics to determine how secure a system is. This line of work has been supported by a number of federal and industrial grants, including a $430,000 National Science Foundation CAREER grant awarded to Ou earlier this year.

"This national designation is a recognition of the expertise K-State has built in this area over the last 20 years," said Gurdip Singh, head of the department of computing and information sciences. "We had one of the world's earliest scientific works in the area of secure information flow back in the 1980's. Today, the SAnToS laboratory and Argus group are taking that research to new heights.

"Cybersecurity research is a strategic area for our department as we build a strong educational program to train the next generation of leaders in the field of cybersecurity," he said.

The Center of Academic Excellence in Research program is in its third year, and K-State is the only university in Kansas that has received the research designation.
-end-
Other members of K-State's Center for Information and Systems Assurance are: Torben Amtoft, associate professor of computing and information sciences; Dan Andresen, associate professor of computing and information sciences; Scott DeLoach, associate professor of computing and information sciences; Robby, associate professor of computing and information sciences; David Schmidt, professor of computing and information sciences; Noel Schulz, professor of electrical and computer engineering; Craig Stapley, assistant professor of political science; David Stone, professor of history; Julie Thornton, instructor of computing and information sciences; Harvard Townsend, K-State's chief information security officer; and Virgil Wallentine, professor of computing and information sciences.

Kansas State University

Related Cybersecurity Articles from Brightsurf:

Computer scientists' new tool fools hackers into sharing keys for better cybersecurity
Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them.

Cultural differences account for global gap in online regulation -- study
Differences in cultural values have led some countries to tackle the specter of cyber-attacks with increased internet regulation, whilst others have taken a 'hands-off' approach to online security -- a new study shows.

Study finds companies may be wise to share cybersecurity efforts
Research finds that when one company experiences a cybersecurity breach, other companies in the same field also become less attractive to investors.

$4.6 million award creates program to train cybersecurity professionals
A five-year, $4.63 million award from the National Science Foundation will enable a multi-disciplinary team of researchers at the University of Arkansas to create a program to recruit, educate and train the next generation of cybersecurity professionals.

First cyber agility framework to train officials developed to out-maneuver cyber attacks
To help train government and industry organizations on how to prevent cyberattacks, as part of a research project for the US Army, scientists at The University of Texas at San Antonio, developed the first framework to score the agility of cyber attackers and defenders.

Cyber of the fittest: Researchers develop first cyber agility framework to measure attacks
The framework proposed by the researchers will help government and industry organizations visualize how well they out-maneuver attacks over time.

Army researchers identify new way to improve cybersecurity
Researchers at the US Army Combat Capabilities Development Command's Army Research Laboratory, the Army's corporate research laboratory also known as ARL, and Towson University may have identified a new way to improve network security.

How susceptible are hospital employees to phishing attacks?
A multicenter study finds high click rate for simulated phishing emails, potential benefit in phishing awareness training.

A Georgia State cybersecurity study of the dark web exposes vulnerability to machine identities
A thriving marketplace for SSL and TLS certificates -- small data files used to facilitate confidential communication between organizations' servers and their clients' computers -- exists on a hidden part of the Internet, according to new research by Georgia State University's Evidence-Based Cybersecurity Research Group (EBCS) and the University of Surrey.

Army scientists revolutionize cybersecurity through quantum research
Army scientists have found a novel way to safeguard quantum information during transmission.

Read More: Cybersecurity News and Cybersecurity Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.