First round of Future Enterprise Security Initiative funded projects announced

Nov 28, 2022

Future Enterprise Security Logo

CyLab’s Future Enterprise Security Initiative is underway as the first round of funded proposals has been announced. The thirteen projects were presented at Carnegie Mellon University during the FutureEnterprise@CyLab Year One Kick-off Meeting on October 27, 2022.

Each project falls under one of the four FutureEnterprise@CyLab key research thrusts:

  • AI-driven workflows to automate security analysis and response
  • Collaborative capabilities for real-time global visibility for security decision making
  • Foundations for understanding cyber risk
  • Least-privilege-by-design infrastructure
Funding for the projects is made possible by sponsorships from Amazon Web Services, Aryaka Networks, Bosch, Cisco, Microsoft, Nokia Bell Labs, PNC, and VMware. Sponsors actively worked with FutureEnterprise@CyLab Co-Directors Lujo Bauer and Vyas Sekar on proposal requests and reviews.
sponsor logos: Amazon Web Services, Aryaka, Bosch, Cisco, Microsoft, Nokia Bell Labs, PNC, VMWARE University Research Fund

During the execution of these projects, faculty will collaborate with FutureEnterprise@CyLab sponsors to develop a suite of novel foundations and technologies, re-imagining ways to achieve security in small- and medium-sized enterprise systems.

“The Future Enterprise Security Initiative brings together a collective of industry leaders who are aligned with our mission and believe these are important problems to solve,” says Sekar. 

“Our partners are really engaged. They understand where problems lie and are willing to take the time to help us generate ideas, evaluate proposals, and offer suggestions as to how each project can become even more relevant to the core mission,” says Bauer.

Funded projects:

Correlated Multi-armed Bandit Algorithms for Automating Security Checks and Responses

Zero Trust: Virtues, Limitations, and Beyond

Verifiable Personalization for Federated Learning

Evaluating Graph-Based Anomaly Detection Models on Private Data

Adversarial Unlearning via Sybil Attacks: Impacts on Federated Learning and Enterprise Security

Understanding code injection attacks in Node.js packages

Automatic Testing Web-based Microservices

Verus: Developing Provably Secure and Performant Software

ODO: Open Dependency Observatory for Software Dependencies

Designing Robust Protocols for Future Enterprise Systems

CyDec: Cyber Deception Gym

  • PI: Fei Fang - Assistant Professor, S3D

Differentially Private Synthetic Data Generation

From Fault Injection Testing to Malicious Code Injection Testing