Friday, December 13, 2013

CyLab's Anthony Rowe and Fellow CMU Researcher Win U.S. DOE Grant for Sensor Networks and Energy Efficiency Research

With a three-year, $1.9 million grant from the Department of Energy, CMU CyLab's Anthony Rowe and fellow researcher Mario Berges are developing sensor networks and an open-source software platform to optimize energy use in buildings, which annually consume 39 percent of total U.S. energy production.

Anthony Rowe
CyLab's Anthony Rowe
The project builds on results from a larger research effort to integrate all sensors on campus, called Sensor Andrew.

"We want to create a control platform for building energy management that will help monitor and understand energy usage patterns over time," said Rowe, an assistant research professor in the Department of Electrical and Computer Engineering as well as a CyLab researcher.

"User-friendly tools that quickly and economically analyze energy use will also help businesses and homeowners make better use of those technologies to save energy and lower their utility bills," Rowe said. "The big challenge is to eventually support zero net-energy buildings, buildings that over an entire climate cycle actually collect energy from sources like solar and wind power, and be efficient when those are not available."

Berges, an assistant professor in the Department of Civil and Environmental Engineering, also reports that these networks will give facility managers the ability to see if a building is wasting energy or needs replacement equipment.

Full Text of Press Release

Related Posts

Tuesday, November 12, 2013

Two Recent News Items Underscore CyLab's Vital Role In Contributing to the Future of Cyber Security and Privacy.

Two recent news items underscore CyLab's vital role in contributing to the future of cyber security and privacy.

CyLab Researchers Work To Make Commercial Technologies Secure for Defense Department 

Researchers from Carnegie Mellon University CyLab and the University of Pennsylvania have received a four-year, $3.9 million grant from the Defense Advanced Research Projects Agency (DARPA) to improve the security of commercial technologies used by the military.

“We are studying how to improve the security for commercial-off-the-shelf  (COTS) technology that remains vulnerable to attack from latent vulnerabilities or hidden malicious codes,” said CyLab researcher David Brumley, the Gerard G. Elia Career Development Professor in the Department of Electrical and Computer Engineering. Brumley is widely regarded for his cutting-edge contributions to addressing the challenges associated with malware.

Full story

CyLab Joins Army Research Lab Funded Cyber Security Alliance 

Researchers at Carnegie Mellon University have joined with the Army Research Laboratory and academic partners in a new collaborative research alliance to develop a new science of how to make security-relevant decisions in cyberspace.

The five-year funding for the core and enhanced program is $23.2 million, with an additional $25 million for the optional five-year extension -- a potential total of $48.2 million over the 10-year collaboration ...

The alliance will focus on: detecting adversaries and attacks in the cyberspace; measuring and managing risk; and altering the environment to achieve best results at the least cost. A fourth area, developing models of human behaviors and capabilities that enable understanding and predicting motivations and actions of users, defenders and attackers, will be integrated into the first three areas.
Cranor, director of the CyLab Usable Privacy and Security Laboratory, said the CMU researchers will work in all of the areas, but will focus especially on psychosocial activities.

Full story


Wednesday, November 6, 2013

CyLab Chronicles: CyLab Leans Forward In Its Tenth Annual Partners Conference

The 2013 Annual CyLab Partners Conference was held October 1st and October 2nd, on the main campus of Carnegie Mellon University in Pittsburgh, PA.
2013 CyLab Partners Conference

For many of us working in and with CyLab it was a particularly poignant one.

It marked the tenth anniversary of this world class cyber security and privacy research program.

And for those who know what to look for, there were numerous indicators that the program's next ten years will be even more impactful and contribute even more to the common good.

I say "for those who know what to look for" because in some important ways what makes a CyLab Partners Conference successful is the polar opposite of what makes one of the major industry events (e.g., Black Hat Briefings or the RSA Conference) successful. One of the vital indicators of success for Black Hat Briefings or the RSA Conference is how many thousands of people attend. Conversely, one of the vital indicators of success at a CyLab Partners Confernece is the ratio of CyLab faculty to partners personnel in attendance. Scanning the room during lunches and dinners at this year's Partners Conference, you could see CyLab faculty and partners personnel seated together at every table, sharing invaluable insights and eagerly sought perspectives on emerging trends, perennial challenges and evolving technologies.

Nineteen CyLab researchers presented reports on their latest work, across a broad spectrum of cyber security and privacy issues, from Software Security to Mobility, from Usable Privacy and Security to the Security of Cyber-Physical Systems, from Formal Method to Internet Architecture, from Business Risks and Economic Implications to Trustworthy Computing Devices and Platforms. In addition to the time to engage in meaningful diaogue with CyLab faculty, attendees also got to engage many CyLab graduate students during a poster session in which this next generation displayed their projects.
Student Posters at 2013 CyLab Partners Conference

Sending key members of your security and privacy teams to immerse themselves in this two-day event is a powerful and exclusive benefit of CyLab partnership. But the opportunity to draw on the richness of what's shared at the Partners Conference doesn't end when the conference itself ends. Because each of these events is now archived online and accessible via the Partners Portal, another exclusive benefit of CyLab Partnership. In these archives, you will find videos of the faculty presentations, and the presentations themselves, as well as .pdfs of the graduate students' posters. This archive enables our partners to share the contents with the rest of their security and privacy team members, at convenient times and without incurring the cost of travel, etc. It also allows those team members returning from the Partners Conference to do more than simply refer to a few scribbled notes as they integrate what they have taken in.

Although the full archive of Partners Conference content is accessible only to CyLab Partners, every year, we make a few select videos publicly available via our YouTube Channel just to encourage dialogue and raise awareness.

This year's publicly available videos include a sampler with six brief excerpts from presentations, and full-length videos of four presentations:

Monday, July 29, 2013

A Distinguish Paper Award for CUPS, and Other News from Ninth Annual SOUPS 2013

CyLab graduate student Cristian Bravo Lillo presents at SOUPS 2013
The ninth annual Symposium on Usable Privacy and Security (SOUPS 2013) was held July 9th through July 11th at Northumbria University (Newcastle, U.K.).

Lorrie Cranor, Director of CyLab Usable Privacy and Security (CUPS), chaired the conference, and CyLab Associate Research Professior Lujo Bauer served as technical papers co-chair.

CUPS researchers Cristian Bravo-Lillo, Lorrie Faith Cranor, Julie Downs, Saranga Komanduri, and Robert W. Reeder (Carnegie Mellon University), Stuart Schechter (Microsoft Research), and Manya Sleeper (Carnegie Mellon University) won one of two Distinguished Paper Awards, for Your Attention Please: Designing Security-Decision UIs to Make Genuine Risks Harder to Ignore.

Here is a brief excerpt with a link to the full text:

We designed and tested attractors for computer security dialogs: user-interface modi cations used to draw users' attention to the most important information for making decisions. Some of these modi cations were purely visual, while others temporarily inhibited potentially-dangerous behaviors to redirect users' attention to salient information. We conducted three between-subjects experiments to test the effectiveness of the attractors. In the fi rst two experiments, we sent participants to perform a task on what appeared to be a third-party site that required installation of a browser plugin. We presented them with what appeared to be an installation dialog from their operating system. Participants who saw dialogs that employed inhibitive attractors were signifi cantly less likely than those in the control group to ignore clues that installing this software might be harmful. In the third experiment, we attempted to habituate participants to dialogs that they knew were part of the experiment. We used attractors to highlight a eld that was of no value during habituation trials and contained critical information after the habituation period. Participants exposed to inhibitive attractors were two to three times more likely to make an informed decision than those in the control condition. Your Attention Please: Designing Security-Decision UIs to Make Genuine Risks Harder to Ignore, Cristian Bravo-Lillo, Lorrie Faith Cranor, Julie Downs, Saranga Komanduri, and Robert W. Reeder (Carnegie Mellon University), Stuart Schechter (Microsoft Research), and Manya Sleeper (Carnegie Mellon University)

The SOUPS proceedings will be archived in the ACM Digital Library in a few weeks. All papers are also available linked from the SOUPS 2013 program page on the SOUPS site.

CyLab graduate student Pedro Leon presents At SOUPS 2013

Wednesday, July 10, 2013

CyLab's Dr. Lorrie Cranor Keynotes 13th Annual Privacy Enhancing Technologies Symposium

CyLab's Dr. Lorrie Cranor delivered the keynote for the 13th Annual Privacy Enhancing Technologies Symposium (Bloomington, Indiana), Wednesday, July 10, 2013.

Dr. Cranor is Director of the CyLab Usable Privacy and Security Laboratory (CUPS) and co-director of the MSIT-Privacy Engineering masters program and Associate Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University.

She spoke on "Privacy Notice and Choice in Practice."

"Notice and choice" are key principles of modern information privacy protection. The various sets of fair information practice principles and the privacy laws based on these principles include requirements for providing notice about data practices and allowing individuals to exercise control over those practices. In the United States, privacy self-regulatory efforts focus heavily on notice and choice. However, there has been little follow-up to evaluate the effectiveness of notice and choice efforts in practice -- to determine whether individuals provided with notice are able to make informed choices that align with their expectations of privacy...

Dr. Cranor's CUPS team has conducted empirical evaluations of a variety of notice and choice mechanisms, including privacy policies, the Platform for Privacy Preferences (P3P), online behavioral advertising opt-out tools, privacy nutrition labels, the AdChoices icon, and the standard form privacy notice for financial institutions.

In her keynote, Dr. Cranor provided background on notice and choice and presented several of of her team's empirical studies, highlighting both areas where notice and choice approaches show promise, as well as areas where existing notice and choice tools appear to be largely ineffective. In addition to discussing features of the notices and tools themselves, she also discussed the problems of incentives and enforcement, which continue to plague notice and choice efforts.

The full presentation in .pdf format can be viewed here.

Studies referenced in Dr. Cranor's keynote included:

Necessary But Not Sufficient: Standardized Mechanisms for Privacy Notice and Choice

Smart, Useful, Scary, Creepy: Perceptions of Online Behavioral Advertising

What Do Online Behavioral Advertising Disclosures Communicate to Users?

Why Johnny Can’t Opt Out: A Usability Evaluation of Tools to Limit Online Behavioral Advertising

Are They Actually Any Different? Comparing Thousands of Financial Institutions’ Privacy Practices

Thursday, May 23, 2013

CyLab's Strong Presence Continues at Annual IEEE Symposium on Security and Privacy

Min Suk Kang with fellow CyLab grad student, after presenting The Crossfire Attack at
34th Annual IEEE Security & Privacy Symposium (May 2013, San Francisco).
The 34th annual IEEE Security and Privacy Symposium was held May 19-22 2013, in downtown San Francisco. Once again, as in recent years, Carnegie Mellon University CyLab researchers made a significant contribution to both its content and its tone.

CyLab Distinguished Fellow Adrian Perrig served as one of the three Program Chairs, along with Wenke Lee of Georgia Tech and Michael Backes of Saarland University.

Also, four of the thirteen Session Chairs were current or former CyLab researchers: current faculty members Lujo Bauer and Anupam Datta, and former faculty members Jon McCune, now with Google, and Bryan Parno, now with Microsoft Research.

Two CyLab papers were among the thirty-eight presented: The Crossfire Attack authored by Min Suk Kang, Soo Bum Lee and Virgil D. Gligor of CyLab, and Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework authored by CyLab researchers Amit Vasudevan, Limin Jia, James Newsome and Anupam Datta, along with Sagar Chaki of the Software Engineering Institute (SEI) at Carnegie Mellon University) and Jonathan M. McCune of Google (a former CyLab researcher, as mentioned above).

Furthermore, the Best Paper Award went to Bryan Parno for Pinocchio: Nearly Practical Veriļ¬able Computation, co-authored with Craig Gentry and Mariana Raykova of IBM Research and Jon Howell, also of Microsoft Research. Before he went to Microsoft, Parno did his PhD at Carnegie Mellon University CyLab under the supervision of Adrian Perrig, and his dissertation won the 2010 ACM Doctoral Dissertation Award.

Here are excerpts from the two CyLab papers presented, with links to the full texts:

In this paper, we present the Crossfire attack. This attack can effectively cut off the Internet connections of a targeted enterprise (e.g., a university campus, a military base, a set of energy distribution stations); it can also disable up to 53% of the total number of Internet connections of some US states, and up to about 33% of all the connections of the West Coast of the US. The attack has the hallmarks of Internet terrorism3: it is low cost using legitimate-looking means (e.g., low-intensity, protocol conforming traffic); its locus cannot be anticipated and it cannot be detected until substantial, persistent damage is done; and most importantly, it is indirect: the immediate target of the attack (i.e., selected Internet links) is not necessarily the intended victim (i.e., an end-point enterprise, state, region, or small country). The low cost of the attack (viz., Section IV), would also enable a perpetrator to blackmail the victim. The Crossfire Attack , Min Suk Kang, Soo Bum Lee and Virgil D. Gligor (Carnegie Mellon University CyLab)

We propose an eXtensible and Modular HypervisorFramework (XMHF) which strives to be a comprehensible and flexible platform for building hypervisor applications (“hypapps”). XMHF is based on a design methodology that enables automated verification of hypervisor memory integrity. In particular, the automated verification was performed on the actual source code of XMHF – consisting of 5208 lines of C code – using the CBMC model checker. We believe that XMHF provides a good starting point for research and development on hypervisors with rigorous and “designed-in” security guarantees. Given XMHF’s features and performance characteristics, we believe that it can significantly enhance (security-oriented) hypervisor research and development. Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework, Amit Vasudevan, Limin Jia, James Newsome and Anupam Datta (Carnegie Mellon University CyLab), Sagar Chaki (SEI, Carnegie Mellon University) and Jonathan M. McCune (Google)

Some Related Posts
CyLab Chronicles: CyLab's Strong Presence at IEEE Security and Privacy 2012 Packs A Wallop

CyLab Research has Powerful Impact on 2010 IEEE Security & Privacy Symposium

CyLab Researchers Virgil Gligor and David Brumley Receive Honors

CyLab researcher Bryan Parno wins ACM 2010 Doctoral Dissertation Award

Parno, McCune and Perrig Author Book on Bootstrapping Trust in Modern Computing

-- Richard Power

Sunday, May 19, 2013

CyLab Researchers Alessadro Acquisti and Marios Savviddes featured on CBS Sixty Minutes

[NOTE: This CyBlog story is cross-posted as a CyLab Chronicles on the CyLab home page.]

In the wake of the Boston Marathon bombing investigation, there has been some mainstream news media attention paid to facial recognition software. After years of NCIS and other popular law enforcement TV dramas, there is an expectation that such technology could have led to a speedier conclusion to the manhunt, or perhaps even have prevented the savage attack.

In recent weeks, looking for meaningful answers, major news organizations turned to researchers at Carnegie Mellon University CyLab. Why? Because they are at the forefront of research into related technologies; and that's the forefront of not only research on how to deliver these technologies, but also the forefront on their broader implications on society as a whole.

On the May 19th edition of CBS Sixty Minutes, the work of two Carnegie Mellon University CyLab researchers were featured: Alessandro Acquisti, Associate Professor of Information Technology and Public Policy (Heinz College), author of some blockbuster privacy studies, related to the convergence of facial recognition software and social media and other vital issues, and Marios Savvides, Carnegie Mellon University Associate Professor (Electrical and Computer Engineering Department) and Director of the CyLab Biometrics Center.

Here is the CBS Sixty Minutes video, followed by some transcript excerpts:

This may look like a high school science project, but this is Carnegie Mellon's CyLab, a world-class research center.

[Lesley Stahl: Look at that!]

Marios Savvides and his students outfitted this ordinary toy drone with their new advanced facial recognition software... that locks in on a face from a distance, and then identifies it. [Drone: Hello Lesley, nice to see you.

Lesley Stahl: It got it.]

The students are taking surveillance technology to the next level. They can now turn a blurry face into a clear one; a flat image into a 3D model.

[Lesley Stahl: Oh my goodness.]

Their technology can take a masked face and by focusing only on the eyebrows search a catalog of faces, come up with several people with very similar eyebrows and eventually find the identity of the person.

Marios Savvides: So Utzav is going to take a normal photo of you. The software maps a face using dots like electronic measles and creates something as unique as a fingerprint: a faceprint.

Lesley Stahl: This is your facial recognition technology working right now to find me? Utzav: Yes.

For this demonstration, they had added my picture ahead of time to the university's database. Marios Savvides: That's the top match.

[Samsung Lady: To use face recognition, use the color-coded button on your remote.]

Facial recognition is already in some of our home appliances like TVs. In our mobile devices, PINs and passwords are giving way to faceprints. And the technology can single us out in real-time as we go about our daily business, often without us ever knowing ...

Alessandro Acquisti: The ability of remaining anonymous is shrinking. And the places where we can be anonymous are getting fewer and fewer.

Alessandro Acquisti is a professor at Carnegie Mellon who does research on how technology impacts privacy. He says that smart phones may make "facial searches" as common as Google searches and he did an experiment to show how easy it could be. He took photos of random students on his campus. He then ran the pictures through a facial recognition program he downloaded for free that sifted through Facebook profiles and other websites. And he was able not only to identify many of them instantly, he also got their personal data, including in some cases, their social security numbers.

Lesley Stahl: In order for this to work, does the person you're trying to identify have to be on one of these social networks?

Alessandro Acquisti: You must have, somewhere on the Internet, a face with your name on it. Lesley Stahl: Well, let's say someone doesn't have a Facebook account, but his or her daughter or son does, and they've got your picture. So are they now automatically in the mix?

Lesley Stahl: Well, let's say someone doesn't have a Facebook account, but his or her daughter or son does, and they've got your picture. So are they now automatically in the mix?

Alessandro Acquisti: It's funny because one of the participants, before doing the experiment, told us, "You're not going to find me because I'm very careful about my photos online." And we found him. Because someone else had uploaded a photo of him.

But if an academic can easily mine our data with facial recognition, what about the government? Well, the government has a problem because to be effective, facial recognition requires a good database. Facebook for instance has one with billions and billions of photos. The government not nearly that many, and so the FBI is now assembling on these rows of servers the largest biometric database on Earth, costing over a billion dollars ...

Alessandro Acquisti: Often we are not even aware of how much data we are actually revealing or it is being gathered about us or, in fact, how it would be used. The idea that you can start from a face and predict social security numbers from that face seemed quite alien and surprising. But now we know that it can be done.

Lesley Stahl: So there's no place to hide, absolutely no place to hide.

Alessandro Acquisti: It's those places are shrinking.

CBS 60 Minutes, 5-19-13

(Savvides also appeared in a recent CNN news story on the same subject.)

-- Richard Power

Wednesday, May 8, 2013

CyLab's Marios Savvides Appears on CNN in Wake of Boston Marathon Bombing Investigation

In the wake of the Boston Marathon bombing investigation, there has been some mainstream news media attention paid to facial recognition software. After years of NCIS and other law enforcement TV dramas, there is some popular expectation that such technology could have led to a speedier conclusion to the manhunt, or perhaps even have prevented the savage attack.

Looking for meaningful answers, CNN turned to Marios Savvides, Carnegie Mellon University Associate Professor and Director of the CyLab Biometrics Center, a leading expert in the field.

Here is a video excerpt, followed by a transcript of the news story:

TOM FOREMAN, CNN CORRESPONDENT: "When the FBI released these photos during the search for the Boston suspects, there was hope that computers might help as they do on shows like CSI, comparing facial features with existing data and coming up with a name. But even though pictures of both brothers were in public databases, the computers that searched that data missed them, and came up empty. The government has been working on facial identification software since the 1960s, and companies like Facebook and Apple use similar technology to tag people in photos. But security analysts widely admit this technology is not good enough to spot a suspect in the crowd. At Carnegie Melon, Mario Savvides runs the CyLab Biometric Center.

MARIOS SAVVIDES, DIRECTOR, CMU CYLAB BIOMETRICS CENTER: While the toughest problems is low resolution, when you look at images collected from (inaudible) TV footage, the faces are way too small.

FOREMAN: His team is developing next generation software to change poor and partial images into much clearer pictures. They are creating programs that can reliably match images of people to their true identities, despite low light, movement, odd positions.

SAVVIDES: Off-angle is a big challenge. How do you match an off- angle image that`s say 50 degrees, 60 degrees, 45 degrees off angle to a face that`s just a frontal sort of, you know, passport-type photo.

FOREMAN: They`re even transforming flat pictures into 3D, look at what their lab did with a single photo of me. In less than an hour it was turned into a series of images showing how I might look from above, from the left, from the right. Savvides believes such programs can and will substantially improve the reliability of facial recognition and lead police to suspects much faster.

SAVVIDES: And ultimately, hopefully save life, because that`s our aim, that`s our goal, that`s everything we do here.

FOREMAN: For now, the FBI is installing its latest version of facial identification software to work with security cameras coast to coast as part of the billion-dollar program called "next generation identification." Still, in Boston, it wasn`t technology, but human investigators who triumphed. Tom Foreman, CNN, Washington.

CNN, 5-7-13

-- Richard Power

Tuesday, March 12, 2013

CyLab's Alessandro Acquisti & Co-Authors Release 7 Year Study on Evolution of Facebook Privacy and Disclosure

CyLab researcher Alessandro Acquisti's world-class work on the privacy implications of social media and other technological developments continues to deliver both sizzle and substance.

In this latest study, Silent Listeners: The Evolution of Privacy and Disclosure on Facebook, Acquisti, Associate Professor at Carnegie Mellon University's Heinz College, together with co-authors Ralph Gross and Fred Stutzman, focus on "the tension between privacy choices as expressions of individual subjective preferences, and the role of the environment in shaping those choices."
"In this manuscript," the authors explain, "we use prole data from a longitudinal panel of 5,076 Facebook users to understand how their privacy and disclosure behavior changed between 2005, the early days of the network, and 2011. Our analysis highlights three contrasting trends. First, over time Facebook users in our dataset exhibited increasingly privacy-seeking behavior, progressively decreasing the amount of personal data shared publicly with unconnected proles in the same network. However, and second, changes implemented by Facebook near the end of the period of time under our observation arrested or in some cases inverted that trend. Third, the amount and scope of personal information that Facebook users revealed privately to other connected proles actually increased over time and because of that, so did disclosures to "silent listeners" on the network: Facebook itself, third-party apps, and (indirectly) advertisers."
In reflecting on the implications of the seven year study, Acquisti, Gross and Stutzman conclude:
"As our analysis revealed, a robust trend of declining public disclosure emerged over the years across a broad range of Facebook prole elements including personal, contact, and interest information. We also observed a signicant shift for many of these prole elements between the years 2009 and 2010, when public disclosure increased. We concluded that changes to privacy policy and interface settings by Facebook produced greater public disclosures. In other words, exogenous changes eected by Facebook near the end of the period of time under our observation arrested or inverted an endogenous, user-driven trend of members trying to protect their privacy by managing the public disclosure of their personal information.
On the other hand, we also observed that, over time, the amount and scope of personal information that Facebook users have revealed to friends' proles seems to have markedly increased and thus, so have disclosures to Facebook itself, third-party apps, and (indirectly) advertisers. Such ndings highlight the challenges users of social network sites face when trying to manage online privacy, and the power of providers of social media services to aect individuals' disclosure and privacy behavior through interfaces and default settings."
Silent Listeners: Evolution of Privacy and Disclosure on Facebook, Journal of Privacy and Confidentiality (4, Number 2, 2012).

Related Posts:
-- Richard Power

Thursday, January 31, 2013

CMU Privacy Day Highlights Challenges and Showcases Research

At CMU, Data Privacy Day was recognized with a CyLab-sponsored panel discussion and poster session. Moderated by CyLab researcher Norman Sadeh, the panel included CyLab researchers Lorrie Cranor and Jason Hong, along with computer science faculty Travis Breaux. Privacy was the overarching topic, but the discussion focused on key points regarding data collection and usage practice, and regulation.

The panel first discussed data collection and usage practices. It is clear that awareness of data collection has increased, mostly due to mobile applications and the requirement to agree to application permissions. However, Jason Hong offered, “People are surprised … they don’t know how much data is being collected and what is being done with it.”

Lorrie Cranor added, “There is very little control over what apps actually collect when they are on your phone, what they do with it, and then whatever data is collected, how it is further shared.”
Discussion of regulation popped up during data collection. Whether provided by industry or government, regulation is seen as essential to protect privacy. Many proposals offered by government support self-regulation, provided by the industry. A set of guidelines, or best practices, can be released by the industry, but as technology advances, self-regulating policies become outmoded. As new and innovative devices and applications are created, Hong offers, “It is not clear what the set of best practices are... how to do you take these principles and apply to the mobile space or new areas that we haven’t even imagined yet.”

Discussion continued on what the panel felt were the biggest challenges in privacy, as well as, their current research projects on data privacy. Some of those projects were presented at a poster session, which followed the panel.

Watch the panel discussion in its entirety.

Thursday, January 17, 2013

CyLab Seminar Series Offers Vital Perspectives on Critical Issues in Cyber Security and Privacy

On Mondays at noon, during the school year, CyLab presents its Seminar Series.

These talks highlight the research of CyLab faculty as well as visiting scholars.

In addition, through the CyLab Business Risks Forum, experts in security and privacy from business and government share vital operational perspectives.

Online access to the Seminar Series is a benefit of CyLab partnership. Our corporate partners have exclusive access to both our live webcasts and our full archive of past seminars via the CyLab Partners Portal.

Each year, a few select seminar videos are released publicly via You Tube and iTunes to further scientific research, heighten awareness and encourage public discourse on critical issues.

The 2012-2013 Seminar Series started off with CyLab Senior Systems Scientist Nicolas Christin delivering an update on his compelling research into cybercrime, Traveling the Silk Road: A measurement analysis of a large online anonymous marketplace. The next week, filmmaker Jeremy Zerechak joined three CyLab researchers in a panel on his award-winning hacker documentary Code 2600. (The panel, moderated by Dr. Lorrie Cranor, one of several leading cyber security and privacy experts featured in the film, was followed that evening with the film’s Pittsburgh debut.)

Other 2012 fall semester offerings ranged from CyLab Director Virgil Gligor on Foundations of Trust in Networks of Humans and Computers to CyLab Research Systems Scientist Limin Jia on Run-Time Enforcement of Information-Flow Properties on Android.

The fall program also featured two visiting scholars, Yih-Chun Hu, Associate Professor, University of Illinois on Dynamic Jamming Avoidance, and Richard Clayton, security researcher at the University of Cambridge on Measuring Cybercrime.

In addition, two Business Risks Forum events were also held, Marcus Ranum, CTO of Tenable, on Cyberwar: You're Doing It Wrong!, and Christopher Burgess, CSO of Atigeo on Collaborative Distributed Inferencing - Intelligent Control of Data and Networks

Fifteen more seminars are scheduled for the Spring 2013 program.

To whet your appetite for what is to come, here are two fall 2012 semester seminars from leading CyLab researchers: David Brumley on Safe Software and Lorrie Cranor on Spoofing Operating System Security Interfaces to Study User Security Behaviors. For more samples, visit the CyLab You Tube Channel and the CyLab on iTunes