CyLab Chronicles
CyLab Chronicles is a series of articles that provide insight into the
research conducted in CyLab at Carnegie Mellon University. From
smartphones to network configuration protocols, face-recognition
applications to privacy policy, the details come to light in the
Chronicles. The series is written by Richard Power,
an internationally-recognized cybersecurity expert and CyLab
Distinguished Fellow. Power is the author of numerous books and
conceived and designed the "CSI/FBI Computer Crime and Security Survey"
(1995-2002), an annual study, conducted in conjunction with the FBI
Computer Crime Squad.
2012
Lightning in a Bottle? A Brief Tour of CyLab Online
Indeed, CyLab is an audacious undertaking; and doing justice to such audacity has been quite a challenge. How do you sustain a narrative that is so complex? How do you communicate the prevailing spirit of the overall program, while at the same time documenting the painstaking progress of individual researchers? Since its launch in 2008, CyLab Online has pursued these daunting goals. And as of this writing, we have over two thousand pages of content, stretching across two central hubs, as well as several other outposts throughout the World Wide Web. Let us take you on a brief tour of some of what is available via CyLab Online.Mike Farb Offers Insights Into SafeSlinger, CyLab's Powerful New Smartphone App
We want to provide secure operations even with careless users and powerful local adversaries who can monitor our messages and potentially alter our messages. We want to be able to detect group members attempting to impersonate other groups members. We want to eliminate the need to count in large groups. We want to enable remote operation, so that we can also do this over the phone. (We can assure each other of our presences, because we can recognize our voices in real time.) We want no information leaked to outsiders, even if the protocol fails.
2011
Anthony Rowe on Wireless Sensor Networks for Building Energy Management
Imagine having sensors all over the environment, telling you where the energy is going and what devices are using it. We can look for anomalies in the system. We can look at patterns over time. And we can see if some particular aspect of a building is misbehaving, or performing abnormally compared to what it would normally do, and that would flag a facilities maintenance person to inspect or replace equipment. Imagine a system where you have control as well, so you have both sensing and control over the infrastructure.A Report from the 8th Annual CyLab Partners Conference
The 8th Annual CyLab Partners Conference was held in September 2011, at the main campus of Carnegie Mellon University in Pittsburgh, PA. It offered attendees a unique opportunity to immerse themselves in a bold, cross-disciplinary program dedicated to deepening and enriching cyber security and privacy in the 21st Century ... Here are brief excerpts from just four of over thirty compelling research reports offered during the body of the Partners Conference.Q&A with Nicolas Christin (2011)
Our network analysis indicates there are probably about a dozen groups at most that are or have been involved in these advertising techniques. They fan traffic from several thousands compromised websites to a few hundred pharmacy websites. We're not sure how many actual individuals are behind those pharmacies, but advertisers and pharmacies seem to be two distinct entities; and given that there are not that many large advertisers, it may make sense to try to take them down, and stop the flow of traffic to online pharmacies, rather than going after the pharmacy operators themselves.Q&A with Lorrie Cranor (2011)
CUPS research continues to play a role in informing the privacy policy debate. The privacy nutrition label approach we developed is mentioned frequently as regulators encourage the adoption of more consumer-friendly privacy notices. Our work on location privacy is also cited frequently on Capital Hill. Our work on understanding consumer beliefs and attitudes about behavioral advertising is relevant to the do-not-track debate. And we expect our ongoing work evaluating the usability and effectiveness of various behavioral advertising choice mechanisms to shed light on the usefulness of these tools in practice.Q & A with Adrian Perrig (2011)
With fifty plus faculty researchers, and one hundred plus graduate students, working along seven major research thrusts and seven cross-cutting research thrusts, CyLab's program impacts a broad spectrum of challenges, from securing the smart grid to enhancing personal privacy; but none is more sweeping in its implications and potential consequences than Scalability, Control, and Isolation On Next-Generation Networks (SCION).Q&A with Michael Farb (2011)
KeySlinger is the result of research at Carnegie Mellon’s CyLab that resolves a specific security problem. The problem: How can we start a trusted relationship between people, on the fly, without people having sophisticated knowledge of security protocols?