Articles tagged with Cybersecurity
Researchers at George Mason University are working on a new method called 'shuffling' to quickly separate hackers from legitimate users and isolate bad actors. The approach aims to prevent denial-of-service attacks that can cripple online businesses with downed websites, financial losses, and damaged client relationships.
The Software Assurance Marketplace (SWAMP) partnership between Morgridge Institute for Research and Bowie State University integrates cybersecurity into undergraduate coding courses. This integration helps students develop prolific programming skills, including reading and interpreting code for errors. The program aims to address the h...
A University at Buffalo researcher has developed a comprehensive model to explain why people fall for spear phishing attacks, accounting for user vulnerabilities and behavior patterns. The model proposes a new approach to training and education, using individual profiles to identify specific weaknesses, and enables organizations to dev...
Stefan Savage's work has made significant contributions to network security, including combating spam and vulnerabilities in automotive systems. His research has also influenced international standards and cybersecurity initiatives.
A recent study by Appthority reveals that over 88% of Android apps secretly spy on user data. Researchers from Saarland University developed an app called TaintArtist to track and monitor suspicious app behavior, providing users with a sense of security.
Boxmate systematically generates program inputs to investigate regular behavior, logging critical data access and resources. This approach catches hidden attacks and prevents them from executing, making malicious programs exposed and unusable.
RIT faculty will develop new cybersecurity curriculum on strategic thinking and tactics with a $25,000 Intel gift. The project aims to train future cybersecurity professionals in applying conventional warfare tactics for defense purposes.
The University of Kansas School of Engineering will educate cyberdefense experts dedicated to public service with a new $4.7 million grant. The initiative supports dozens of students, who commit to work at government cybersecurity jobs safeguarding critical infrastructure.
The University of Massachusetts Amherst has received a $4.2 million grant to establish a CyberCorps Scholarship for Service program, which will support 28 students in their pursuit of careers in cybersecurity. The program aims to address the national shortage of highly trained experts in this field.
The UK and Singapore are collaborating on six joint research projects to develop new cybersecurity solutions, with a focus on enhancing system resilience. The projects aim to improve the detection of cyber threats and create more robust systems for critical infrastructure.
A new study by UTSA professor Max Kilger delves into the human component of cybersecurity, highlighting the unique motivations of cyberterrorists. The research reveals that financial gain is a primary motivator for these attacks, making them a significant and growing threat.
The NSF Secure and Trustworthy Cyberspace (SaTC) program supports research on vulnerabilities in hardware, software, and networking technologies. The awards also focus on human components of cybersecurity, education, and workforce development.
The NSF Secure and Trustworthy Cyberspace (SaTC) program invests $74.5 million in research grants to address vulnerabilities in hardware, software, and networking technologies. The funding supports interdisciplinary research, including the human components of cybersecurity and education initiatives.
A new study by University of Washington and Columbia University researchers found significant security weaknesses in journalists' technological tools and ad-hoc workarounds. Despite the importance of protecting sensitive information, many journalists use insecure methods to organize notes and communicate with sources.
A RAND Corporation study finds companies are paying more attention to cybersecurity, with CEOs listening to CISOs and new products improving security. However, CISOs worry about hackers' sophistication and the difficulty in quantifying data losses, making it hard to estimate costs.
A team of US computer scientists are working on an analyzer that can hunt down algorithmic attacks, a new form of vulnerability that is nearly impossible to find with today's technology. The software will perform a mathematical simulation of the software to predict what will happen in the event of an attack.
Researchers have developed a new method to protect computer chips using advanced 3D optical imaging and photon encryption, making them virtually uncounterfeitable. The system replaces traditional electronic part numbers with compressed QR codes that can be scaled down to the size of microns.
The Journal of Cybersecurity is an open-access title that aims to tackle cybersecurity challenges through interdisciplinary approaches. It will publish high-impact research from various disciplines, including anthropology, computer science, economics, and psychology.
Research suggests that how people visualize hackers affects their cybersecurity decisions. Those who picture a teenage hacker make better decisions, while those who visualize a foreign hacker focus on more lucrative targets. This study aims to influence the development of cybersecurity by understanding social behaviors and rationales b...
The Fraunhofer Institute's IT Security Laboratory provides a secured test environment to assess the security of industrial automation systems and develop new defense strategies. Real-time requirements in production facilities necessitate unique IT security measures.
The University of Texas at San Antonio (UTSA) is developing online cybersecurity training for communities, addressing the lack of strategies to respond to cyber attacks. The training will include case studies, best practices, and templates to help municipal officials develop a cybersecurity strategy.
The University of Houston has been awarded a $1.5 million grant from the National Science Foundation to train students in cybersecurity. The program aims to attract talented graduate students and build a community of well-qualified scholars in this area.
A study by University of Maryland cybersecurity experts found that only 13% of websites patched their software correctly and implemented additional security measures to secure systems. The team's analysis revealed a significant drop in revocation rates during weekends, highlighting the human factor's role in computer security.
The UT Dallas Cybersecurity program has received a $3.9 million award from the National Science Foundation to provide scholarships and support education in computer science related to cybersecurity. The program aims to fulfill the US government's needs for cybersecurity employees, with nearly 30 students expected to be supported.
Researchers at Dartmouth College have developed a new approach to computer security using a wearable device called ZEBRA, which authenticates users continuously and automatically logs them out when they leave. The technology has shown high accuracy rates in verifying the correct user and identifying adversaries.
The Transition to Practice program assists in bridging the gap between laboratory and practical cybersecurity technologies. The program uses testing and evaluation methods, such as dynamic testing of executable files, red-teaming, and implementation cost analysis, to help move research discoveries into practical use.
Researchers developed a modification to the core Android operating system that allows developers and users to plug in new security enhancements. The ASM framework enables custom security control modules to protect phones and enhance consumer privacy.
The Columbia Engineering team found a critical security problem in Google Play, where developers store their secret keys in their apps, making them vulnerable to malicious attacks. The discovery was made using a new tool called PlayDrone, which downloaded over 1.1 million Android apps and identified thousands of secret keys.
The US is facing a severe shortage of cybersecurity professionals, with demand far outpacing supply, particularly in the federal government. The RAND Corporation study calls for reforms, including waiving civil service rules and increasing funding for education programs to address the issue.
A new defense framework will be developed by UT Dallas professor Dr. Zhiqiang Lin to detect, diagnose and repair kernel malware attacks and enforce a prevention mechanism. The framework aims to detect malicious code sequences in the core of computer operating systems and prevent kernel malware infections.
The UTSA Center for Infrastructure Assurance and Security, along with partners, will develop a new training course and update five existing courses to enhance state preparedness for cyber attacks. The consortium aims to improve coordination among states in preventing, detecting, and responding to cyber threats.
A new security system called LatentGesture continuously monitors how a user taps and swipes their mobile device, recognizing differences from the owner's tendencies. The system achieved nearly 98% accuracy on smartphones and 97% accuracy on tablets, making it an effective tool for enhancing mobile device security.
Students at both universities will learn to break into and protect hardware, software, and data through hands-on experiments. The program aims to educate future users, developers, and controllers of computer systems on how to defend against cyber attacks.
A team of researchers conducted the first-ever clinical study on computer security, exploring the impact of technological and human factors on malware attacks. The four-month study involved 50 subjects and found that technically sophisticated users were more at risk, contradicting the notion that they should have a 'Internet license'.
Researchers at the University of Bristol have made a significant breakthrough in cryptography, developing a new protocol that enables fast and secure Multi-Party Computation. This allows for complex computations on secret data without revealing inputs, with potential applications in finance, pharmaceuticals, and other industries.
Computer scientists programmed ACT-R, a cognitive simulation, to play Concentration, improving computer security and understanding human thought processes. Human participants played 20 times each to compare with the AI model's performance.
Computer scientists from Saarbrücken have developed a new method to scan and monitor Android apps for security-critical functions, allowing users to revoke or grant privileges. The method, known as SRT Appguard, provides real-time policy enforcement for third-party applications and protects user privacy.
The National Science Foundation awards a $2.3 million scholarship program at Kansas State University to train students in cybersecurity, as the nation faces growing cyber threats. The program aims to develop experts capable of handling cybersecurity challenges and safeguard critical infrastructure.
Researchers at Kansas State University are working on developing a flexible but standardized and secure communication network for medical devices. The team aims to enable devices to monitor and reason about patient health, reducing security problems as devices become more complex.
The Idaho National Laboratory has demonstrated a suite of cybersecurity tools that provides situational awareness of networks and control systems. The Sophia software tool passively observes network communications, providing real-time and historical records of those communications.
The 'Control-Alt-Hack' game allows teenage and young-adult players to defend against digital threats in a social and entertaining way. The game incorporates real-world scenarios and skills, dispelling stereotypes about computer science professionals.
An interdisciplinary research team from UMass Amherst and Harvard warns that federal regulators need to improve how they track security and privacy problems in medical devices. Despite a high prevalence of recalls related to software, the current classification methods are not well suited to emerging types of device malfunctions.
Researchers at the University of Arizona are developing a visualization system to detect suspicious network activity in real-time, using a geographic map metaphor to facilitate human analysis. The system aims to provide quick high-level information to non-experts and comprehensive data to experts, while also offering customization opti...
Researchers at Kansas State University are developing a self-adapting computer network that can detect and defend itself against cyber attacks. The 'moving-target defense' system randomly changes its configuration to make it difficult for hackers to identify vulnerabilities.
Researchers at NIST developed a new protocol for communicating with biometric sensors over wired and wireless networks using web services. This protocol, WS-BD, simplifies setting up and maintaining secure biometric systems by enabling interoperability among devices.
The US Department of Homeland Security's DNSSEC project authenticates data existence, ownership, and integrity, protecting against hackers' threats. By deploying DNSSEC in key zones, DHS builds a safer cyberspace with complete end-to-end chain protection.
Sandia National Laboratories is launching a Cyber Engineering Research Institute to coordinate with industry and universities, aiming to increase cybersecurity research. Experts discuss the need for shared threat information and innovative solutions, including prize competitions to stimulate radical security innovations.
Researchers from Ruhr-University Bochum found a serious attack against XML Encryption, which is used by companies like IBM and Microsoft to protect data. The attack exploits a weakness in the CBC mode for chaining ciphertext blocks, rendering XML Encryption insecure.
The NSF grant will enhance existing cybersecurity curricula and expand the laboratory for hands-on instruction. The initiative aims to address a growing need for 10,000-30,000 cybersecurity professionals in the US.
Dr. Susanne Wetzel's NSF-funded research aims to develop protocols for secure, private, and fair collaboration without trusted third-party intervention. The project seeks to resolve the issue of policy reconciliation, allowing parties to collaborate while preserving their privacy.
Kansas State University's Center for Information and Systems Assurance has been recognized as a National Center of Academic Excellence in Information Assurance Research. The designation recognizes the university's expertise in cybersecurity and secure software system construction, with research focusing on improving software quality th...
A new research paper concludes that deterrence can no longer be the primary national cybersecurity strategy due to the unique characteristics of cyberspace. Experts propose a three-tiered approach to guide US strategy in responding to cyber threats, emphasizing war-fighting and offense-defense frameworks to contain damage and reduce harm.
K-State professor Simon Ou has received a National Science Foundation CAREER Award to develop automated reasoning for cybersecurity. His project aims to improve enterprise network security and critical infrastructure protection by providing a theoretical framework for reasoning under uncertainty.
Researchers reveal that honeypot traps are susceptible to detection by advanced Botnet malware, allowing attackers to disable or ignore them. This vulnerability highlights the need for secure honeypot deployment and research into covert honeypot building techniques.
UC researchers argue that citizen awareness and participation are essential for a robust cybersecurity strategy. They recommend a three-pronged approach: coordination between government agencies and business interests, engagement with the public about their role in cybersecurity, and education on safe computer practices.
The NIST Small Business Information Security: The Fundamentals guide provides 10 necessary steps for small business security, including installing firewalls and backing up business data. By following these steps, small businesses can reduce their vulnerability to cyber threats and protect sensitive information.
A new passive protocol called IPACF blocks threats to gatekeeping computers and Authentication Servers, allowing legitimate users access private resources. The filter takes just 6 nanoseconds to reject non-legitimate information packets associated with DoS attacks.
A new approach based on mathematical theory of elliptic curves has emerged as a leading candidate for more efficient cryptography. Elliptic curve cryptography provides the same level of security as 1024-bit keys for RSA with smaller key sizes, making it computationally more efficient.
A new risk management tool, Protection Poker, can help identify security vulnerabilities during the planning process by having developers share their ideas and perspectives. This process allows for early identification of potential problems, preventing them from being included in software projects.
Stevens Institute of Technology has been awarded a $850,672 National Science Foundation grant to support students pursuing degree programs in cybersecurity. The scholarship program will provide 11 two-year scholarships covering tuition and a stipend, requiring students to work for the government for at least two years after graduation.