Articles tagged with Cybersecurity
Researchers at North Carolina State University identified a vulnerability in homomorphic encryption that allows data to be stolen during the encryption process. This discovery highlights the need for protection against side-channel attacks, which can compromise even next-generation encryption technologies.
Researchers developed DAGguise, a scheme that shapes memory requests into a predefined pattern to prevent contention attacks and enable faster computation. The technique represents programs' memory access requests as a graph, where each request is stored in a node, and the edges are time dependencies between requests.
KAUST researchers simulate microgrid cyberattacks to assess impact and develop detection methods. Effective methods identify anomalous conditions associated with attacks, enabling swift isolation of affected subsystems.
Eric Osterweil, George Mason University Assistant Professor, receives $40,000 funding to develop an adaptive encryption platform and threat intelligence information sharing system. The project aims to enable usable cryptographic protections for email transactions and establish a foundation for future cybersecurity efforts.
A KU researcher has received a National Science Foundation CAREER award to investigate how to boost the effectiveness of security operations centers. The goal is to create a framework that tailors automation for operational environments and reflects human involvement in the process.
Nathan Dautenhahn, a Rice University computer scientist, has received a prestigious CAREER Award to develop 'Least-Authority Virtual Architecture' (LAVA) strategy for retrofitting existing products with meaningful firewalling. This approach aims to systematically analyze and optimize security boundaries in complex systems.
The National Science Foundation's CyberCorps Scholarship for Service program will provide training and scholarships to the next generation of information technology experts and security managers. The Binghamton University partnership aims to diversify the workforce with a focus on attracting underrepresented minorities.
Researchers at George Mason University, led by Duminda Wijesekera and Vijay Shah, have received $100,000 in funding to develop a multi-cloud environment with decentralized trust management for the manufacturing industry. The goal of this project is to implement OpenStack-SDN-based PoPs across multiple cloud environments.
The European Research Council has awarded €1.5 million in grants to three Saarbrücken-based researchers. Their projects focus on artificial intelligence and cybersecurity, with aims to develop fairer machine learning algorithms and secure computing methods.
The University of Texas at El Paso has received a $4 million grant from the National Science Foundation and Department of Homeland Security to support highly qualified computer science students. The program aims to enhance the regional and national cybersecurity workforce with an emphasis on Hispanic and female students.
A new study has generated a massive dataset of artificial voice recordings, revealing subtle differences in high frequencies between real and fake files. The researchers developed algorithms that can distinguish between deepfakes and real speech, providing a starting point for other researchers to improve detection methods.
Researchers Wijesekera and Menon aim to address building security governance and communication issues through a uniform secure platform. The project enables energy optimization, cyber-physical security posture, and incorporation of new technologies like solar rooftops and vehicle-to-grid charging.
Researchers simulated an attack that falsified mammogram images, fooling both AI breast cancer diagnosis models and human radiologist experts. The study highlights the need to develop ways to make AI models more robust to adversarial attacks, which could lead to incorrect cancer diagnoses.
The program aims to build confidence in teachers to present cybersecurity in the classroom and create opportunities for peer sharing. Teachers participating in the cohort will receive a $1,000 stipend and complete various workshops and surveys.
A new study by the University of Plymouth has demonstrated the potential of gait authentication to protect smartphones from cyber crime. The system achieved an average accuracy rate of around 85% in recognizing individuals' stride patterns, with rates rising to almost 90% when participants were walking normally and fast.
Researchers propose new ways to protect 3D printed objects from stealthy logic bombs, which can cause catastrophic failures. Two strategies are proposed: designing a sensor to detect changes in raw materials or using high-resolution CT images to detect residual stresses.
Researchers from Ruhr-University Bochum identified 14 new types of cross-site leak (XS-Leak) attacks on web browsers. XS-Leaks allow malicious websites to grab personal data by interacting with other sites in the background, with popular browsers like Chrome and Firefox vulnerable to multiple attacks.
A KAUST team developed an improved method for detecting malicious intrusions using deep learning, achieving accuracy rates of up to 99% in simulations of different kinds of attacks. This stacked deep learning approach promises an effective defense against cyberattacks and could prevent outages in critical infrastructure.
A team of researchers has developed a simple and efficient method of quantum encryption using single photons, which can detect any attempt to hack the message. The breakthrough brings us closer to securing our data against quantum computers' potential attacks.
During the 2020 US presidential election, researchers collected data on over 1 million online political ads. The study found that these ads often used manipulative tactics to collect personal information, including fake polls and click-bait headlines. More than 56,000 of these ads were found on conservative-leaning websites.
A new nine-state regional coalition will develop and provide hands-on training, exercises, and materials for students and professionals to protect critical infrastructure from computer attacks. The coalition aims to grow a skilled workforce in the region's rural areas.
A new study maps out risk factors associated with misleading information and proposes practical ways to manage them in the business world. The research aims to bridge the divide between academic research and real-world practice of cyber risk management.
Researchers have developed a federated analytics system, FAMHE, that enables healthcare providers to collaborate on statistical analyses and machine learning models without exchanging underlying datasets. The system has been proven mathematically secure and accurately reproduced published studies in multi-centric settings.
A blockchain-based system allows leader robots to signal movements and add transactions to a chain, while malicious leaders forfeit tokens when caught in a lie. This limits the spread of incorrect information and enables follower robots to eventually reach their destination.
Researchers have developed a novel process to manufacture extreme heat-resistant carbon-carbon composites, which will be tested on a U.S. Navy rocket launching with NASA this fall. Additionally, they created a technology that more realistically emulates user activities to improve cyber testbeds and prevent cyberattacks.
Researchers aim to create a flexible security feature that learns from past cyberattacks and requires minimal human intervention. They'll collaborate with device developers to share solutions and improve future responses to attacks.
Researchers from North Carolina State University developed a software toolkit to test Apple device security, identifying a previously unknown vulnerability called iTimed. The team used this toolkit to reverse-engineer key components of Apple hardware and demonstrated the vulnerability's potential impact.
Scientists created a reliable true random number generator using atomically thin two-dimensional films, overcoming long-term stability issues and power consumption concerns. The innovation uses memristors to produce fluctuating electronic signals with an exceptionally high degree of randomness.
Researchers developed a novel resilient state estimation (RSE) method for cyber-physical systems that can withstand malicious attacks and external disturbances. This allows the system to maintain its functionality even when faced with faults or attacks, making it crucial for the design of control systems.
Researchers found that students express concern about sharing personal information with exam proctoring companies, citing a lack of trust. The study recommends institutions use the minimum number of monitoring types necessary to ensure student safety and privacy.
Researchers develop hands-on labs to educate high school students about AI and cybersecurity ethics issues, aiming to increase empathy for vulnerable populations. The project uses functional near-infrared spectroscopy to assess the impact of these labs on brain regions associated with empathy.
A research team found that the GEA-1 algorithm, used in mobile phones since the 1990s, is easy to break and likely a deliberate weak encryption. The vulnerability no longer poses a significant threat to users, as most data traffic now uses more secure networks.
A new NSF-funded project will focus on developing data-driven methods and algorithms to make cyberinfrastructure more resilient against ransomware attacks. The goal is to provide actionable cyber threat intelligence to mitigate this debilitating threat.
The Shadow Figment technology uses AI-powered deception to keep attackers engaged in a pretend world, rewarding them with false signals of success while defenders learn about the attackers' methods. This creates a distraction that allows defenders to take action and protect real systems.
Researchers at the University of Göttingen are developing a method to assess IT security measures and their costs for businesses. The ProBITS project aims to evaluate the business process effects of IT security measures, taking into account operational impacts on employee productivity and flexibility.
Researchers at Ruhr-Universität Bochum discovered two new attacks that break PDF certification signatures, enabling attackers to implant malicious code and insert fake content. The team tested 26 PDF applications, with 24 of them vulnerable to at least one attack.
The NIRVANA Kai platform has been enhanced to support IPv6, allowing real-time visualization of packets and improved alert collection. This update is expected to simplify security operations in IPv6 networks.
Researchers from Peter the Great St.Petersburg Polytechnic University developed a methodology for assessing cyber risks in Smart City infrastructure. The new approach analyzes asset types, threats, and risk values using a quantitative approach, demonstrating superiority over existing methods.
The NYU Tandon School of Engineering has awarded the 2021 S&K Scholarships to four outstanding NYU Cyber Fellows, including women and underrepresented group members. The scholarships will provide an additional $500 tuition scholarship towards each course for the entire Cyber Fellows program.
George Mason University professors support a partnership between U.S. Department of Homeland Security (DHS) and the university to gather incident rate data using isolation architecture. The goal is to derive technical efficiency and cost effectiveness of this approach for Federal Civilian Executive Branch.
A new artificial intelligence system, WE-FORGE, generates fake documents to protect intellectual property and make it difficult for adversaries to identify the real document. The system, designed at Dartmouth College, uses natural language processing to create believable and incorrect documents.
A new paper suggests that traditional deterrence strategies in cybersecurity can lead to escalation and counterproductive responses. The authors propose a more judicious approach involving selective retaliation based on improved detection and information gathering.
George Mason University will lead a $111 million public-private partnership, Cybersecurity Manufacturing Innovation Institute (CyManII), to introduce cybersecure energy-ROI and drive American manufacturers. The university's well-recognized strength in cybersecurity research positions it well to support the five-year goals of CyManII.
The Phish Scale uses a rating system to analyze message content in phishing emails, providing insights into why users click or don't click. By understanding these cues, CISOs can optimize their phishing training programs for specific target audiences and improve user preparedness against real phishing scenarios.
Researchers studied AS interdependence, peering relationships, and cybersecurity threats. They found that organisations can't control their partners' choices, increasing the attack surface. However, some connections can reduce security threats by facilitating information sharing. Education and awareness are key to improving cybersecuri...
Researchers at Ruhr-University Bochum discovered a security gap in the LTE mobile network, enabling eavesdropping on calls. The vulnerability affected 80% of radio cells across Germany, but has been fixed by manufacturers and mobile phone providers.
A survey by WMG, University of Warwick found that UK consumers are unconvinced about the privacy and security of smart home devices, with anxiety about potential breaches. The study suggests that businesses must address these concerns to increase consumer trust and adoption.
A £19,000 government grant will fund a project to educate the public about posting sensitive personal information on social media. The initiative aims to teach individuals how to secure their Personal Identifiable Information (PII) and make informed choices about their online presence.
A Florida Tech student discovered systemic design flaws in several internet-connected doorbell and security camera systems, allowing malicious actors to retain access to camera systems indefinitely. The vulnerabilities could lead to substantial invasions of privacy or instances of electronic stalking.
Researchers successfully demonstrated the feasibility of quantum key distribution systems to enhance cybersecurity and extend range, ensuring compatibility across different vendors. This technology provides a secure solution for utilities without administrative headaches, simplifying operations.
A new cybersecurity study found that people are more likely to fall for phishing scams because they underestimate their own risk and overestimate others', despite having access to base rate information. This self-enhancement bias can lead to a false sense of security and increase vulnerability to online attacks.
A critical 'Starbleed' vulnerability in FPGA chips has been discovered, allowing attackers to gain complete control over the chips and their functionalities. The bug is integrated into the hardware and can only be removed by replacing the chips.
A team of researchers led by Gang Tan aims to create parsers that provide provable guarantees about safety and are resistant to bugs. The SPARTA system focuses on securely opening PDFs, but the goal is to apply this technology to other formats as well.
Researchers investigated how users choose their mobile phone PINs and found that six-digit PINs do not provide more security than four-digit ones. The study also showed that Apple's blacklist could be optimized and would make sense on Android devices.
Professor Gregory Ditzler is developing mathematical models and algorithms to recognize patterns and identify relevant features in machine learning. His research aims to prevent security threats in autonomous vehicles and other applications.
DEEP-Dig ushers intruders into a decoy site to learn from hackers' tactics, then trains computers to recognize and stop future attacks. The approach advances deception technology, which sets traps for hackers, providing valuable data to improve cybersecurity defenses.
A Wayne State University research team will develop algorithms to detect and prevent cyberattacks on chemical process control systems, enhancing production efficiency and safety. The three-year project aims to create stronger safeguards against automation system attacks.
The University of Kansas is launching a center to improve IoT security, partnering with private firms to develop secure products and practices. The center aims to provide frameworks for companies to address IoT cybersecurity threats, with potential follow-on research on proprietary projects.
A new study reveals that cultural values and human behavior shape cybersecurity regulations, with competitive nations like China enforcing stricter rules than the US or UK. The Global Cybersecurity Index assesses country commitments to regulation in five areas.
The CUHK faculty developed a browser-based analysis framework, Observer, to detect three types of click interception techniques. The research found that third-party scripts intercept user clicks on popular websites, leading to malicious activities such as ad click frauds and malware downloads.