Home

News

2020

2019 2021

Oct 28

New tool simplifies data sharing, preserves privacy

According to a new study authored by researchers in Carnegie Mellon University’s CyLab and IBM, a new tool can help circumvent the privacy issue in data sharing.

Oct 20

Finally: a usable and secure password policy backed by science

After nearly a decade of studies, the passwords research group in Carnegie Mellon’s CyLab Security and Privacy Institute has developed a policy for creating passwords that maintains balance between security and usability—one backed by hard science.

Oct 15

Intelligent, automatic contact tracing Opens in new window

CMU ECE alumnus Patrick Lazik and his team at Yodel Labs have developed a system that creates contact networks to contain COVID-19.

Oct 08

Cyber defense is an art in human deception

CyLab's Coty Gonzalez and her research group presented two studies on cyber deception at this week’s Human Factors and Ergonomics Society annual meeting. CyLab director Lorrie Cranor gave the meeting’s keynote talk.

Sep 30

Websites containing COVID info are tracking you

In a new study, CyLab's Tim Libert showed that 99 percent of websites that contained information regarding COVID-19 also contained code that shares user activity data with third parties, including advertisers.

Sep 28

picoCTF to hold 2020 Mini Competition in October

In celebration of National Cybersecurity Awareness Month, picoCTF will be holding a mini competition during the month of October. The competition will consist of series of cybersecurity challenges of intermediate difficulty in the topics of reverse engineering, forensics, web, and binary exploitation problems.

Sep 22

CyLab releases 2019-2020 Year in Review

CyLab has just released its 2019-2020 Year in Review, which highlights research, talks, papers, and other key events that have occurred in the past twelve months.

Sep 21

Jin receives 2020 UbiComp Outstanding Student Award

Haojian Jin, a fifth year Ph.D. student, received the Gaetano Borriello Outstanding Student Award during the virtual UbiComp 2020 awards ceremony.

Aug 26

Ads may not provide benefits companies say they do

A recent study by researchers in Carnegie Mellon University’s CyLab and Heinz College tests claims by the advertising industry that online ads help consumers find better, cheaper products faster.

Aug 21

Home automation rules are more risky and less risky than we thought

A recent CyLab study found that previous risks in home automation rules aren’t as dangerous in reality as once thought, but new threats were identified.

Aug 18

Simple “nudges” can encourage people to use a safer payment method

A team of CyLab researchers have found two forms of "nudging" that can successfully convince people to start using mobile payment, which is more secure than paying with a credit card at a point-of-sale terminal.

Aug 14

What if you could better control what mobile apps do with your data?

Researchers in CyLab are working to create digital “privacy assistants” that can recommend phone app privacy settings to users based on their preferences.

Research paper Opens in new window

See More Stories

Aug 12

Elaine Shi receives inaugural CyLab Distinguished Alumni Award

Elaine Shi, a CyLab alum and professor at Cornell University who will join the faculty at CMU this Fall, has been selected to receive the inaugural CyLab Distinguished Alumni Award.

Aug 10

Carnegie Mellon hacking team finishes 2nd at DefCon

Carnegie Mellon University’s competitive hacking team, the Plaid Parliament of Pwning (PPP), finished in 2nd place in the “Capture the Flag” competition—widely referred to as “The Olympics of Hacking”—at this year’s DefCon security conference.

Aug 07

CyLab names 2020 Presidential Fellows

Seven Ph.D. students pursuing security and/or privacy research will receive 2020 CyLab Presidential Fellowships.

Jul 29

New programming language and tool ensures code will compute as intended

A team of researchers including CyLab's Bryan Parno published a study about a new tool that mathematically proves that concurrent programs will compute correctly.

Related Article Opens in new window

Jul 24

Three CyLab papers presented at the FTC’s PrivacyCon 2020

Three CyLab papers were presented at this year's PrivacyCon, focusing on privacy and security nutrition labels, making privacy choices easier, and perceptions of advanced video analytics.

Jun 30

picoCTF announces next competition dates

The world's largest hacking competition, hosted by Carnegie Mellon University, has announced the dates of its next competition.

Jun 25

Shedding light (and sound) on hidden IoT devices in your next hotel room

In a new study, a team of CyLab researchers explored different locator designs to make IoT devices seem a little less hidden.

Research paper Opens in new window

Jun 18

How much control are people willing to grant to a personal privacy assistant?

In a new study presented at the CHI 2020 conference, CyLab researchers sought to find out how much autonomy people would feel comfortable giving to a personalized privacy assistant.

Research paper Opens in new window

Jun 16

Privacy perceptions of contact-tracing apps

Researchers at Carnegie Mellon University examined user preferences on six different contact-tracing app designs after explaining the risks and benefits of each option.

Jun 11

Finding privacy choices on websites is hard for average users.

In a study presented at this year's ACM CHI conference, CyLab researchers show precisely how difficult it is for average users to access privacy choices online.

Research paper Opens in new window

Research paper Opens in new window

Jun 03

Justine Sherry named to ISAT Study Group

The Defense Advanced Research Projects Agency (DARPA) has named CyLab's Justine Sherry to the Information Science and Technology (ISAT) Study Group for a three-year term beginning this summer.

May 27

IoT labels will help consumers figure out which devices are spying on them

A team of CyLab researchers have developed a prototype security and privacy “nutrition label” that performed well in user tests. To develop the label, the team consulted with a diverse group of 22 security and privacy experts across industry, government, and academia.

Research paper Opens in new window

May 26

After a breach, users rarely change their passwords, and when they do, they’re often weaker

A recent study authored by CyLab researchers shows that only a minority of people change their passwords after a security breach, and those that do often change them to weaker ones.

May 22

Passwords research group awarded the 2020 Allen Newell Award for Research Excellence

A group of CyLab faculty and graduate students were just awarded the Allen Newell Award for Research Excellence for their contributions from a decade of passwords research.

May 18

Remote fever-scanning technologies Opens in new window

Researchers are developing affordable fever-screening technologies for buildings and first responders to detect fevers, using an algorithm to detect faces and measure temperature on the forehead.

May 18

Five CMU security and privacy papers awarded IEEE’s Test of Time award

Five papers co-authored by Carnegie Mellon researchers presented at past IEEE Security & Privacy (S&P) symposia more than fifteen years ago were awarded IEEE’s Test-of-Time Award at this week’s annual conference.

Apr 30

Online status indicators during a pandemic: do they work?

People working from home have been using online status indicators to check whether their co-workers are available, but recent CyLab research shows that these indicators lead to some strange behaviors.

Research paper Opens in new window

Apr 30

Yağan receives emergency NSF grant to help fight COVID-19 Opens in new window

ECE’s Osman Yağan seeks to understand the spread of coronavirus and how public health measures can reduce that spread.

Related Article Opens in new window

Apr 29

Provably-secure code incorporated into Linux kernel

This month, code from the provably correct and secure “EverCrypt” cryptographic library, which CyLab’s Bryan Parno and his team helped develop and release last year, was officially incorporated into the Linux kernel — the core of the Linux operating system.

Apr 15

Q&A with Lujo Bauer

Many Americans are entering their fifth of working remotely, which has resulted in new paradigms in their own and their employers’ cybersecurity and privacy. CyLab's Lujo Bauer has been monitoring the situation.

Apr 14

Managing necessary bias in AI Opens in new window

Some biases in AI might be necessary to satisfy critical business requirements, but how do we know if an AI recommendation is biased strictly for business necessities and not other reasons?

Apr 08

Q&A with Lorrie Cranor

As COVID-19 continues to spread around the world, CyLab director Lorrie Cranor says there are number issues related to privacy and cybersecurity that people need to be aware of.

Apr 02

Q&A with Vyas Sekar

As huge swaths of the world have shifted to remote work in response to COVID-19, CyLab's Vyas Sekar thinks that enterprises need to be thinking very critically about the security of their networks – maybe more now than ever.

Mar 31

Q&A with Jason Hong

As the COVID-19 pandemic continues to impact countless aspects of everyday life, CyLab researchers are monitoring its effects on people’s cybersecurity and privacy. Jason Hong thinks that right now, people need to be even more aware and cautious online.

Mar 26

Q&A with Kathleen Carley

Amid the coronavirus pandemic, disinformation about the virus is spreading at lightning speeds. CyLab's Kathleen Carley has been monitoring the situation.

Watch the Video Opens in new window

Mar 16

Why people delay software updates, despite the risks

In a study published in the latest issue of the Journal of Cybersecurity, a team of CyLab researchers found that the time-cost of updates and individuals’ risk preferences have a significant impact on whether or not a user applies a software update, and how long it takes them to do so.

Mar 06

CMU’s big showing at RSA 2020

The Human Element” was the theme of this year’s RSA Conference in San Francisco, which featured CyLab Director Lorrie Cranor talking about usable security research as a warm-up act for magician duo Penn & Teller.

Watch the Video Opens in new window

Watch the Video Opens in new window

Mar 02

To predict an epidemic, evolution can’t be ignored Opens in new window

In a new study, a team of Carnegie Mellon University researchers show for the first time how important evolutionary adaptations are in predicting epidemics.

Feb 26

Edge computing, ad-blocking, and more: CyLab announces 2020 seed funding awardees

Over $500K in seed funding has been awarded to 10 different CyLab faculty in six different departments across three colleges at CMU.

Feb 21

Elite high school hackers convene at CMU to claim their well-earned picoCTF prizes

Last week, the top three winning teams from picoCTF 2019 visited Carnegie Mellon to receive their prizes.

Feb 20

Second round of Secure and Private IoT Initiative funded projects announced

Carnegie Mellon CyLab’s Secure and Private IoT Initiative (IoT@CyLab) has announced its second round of funding, which will support ten IoT-related projects for one year.

Feb 19

New infrastructure will enhance privacy in today’s Internet of Things

A team of Carnegie Mellon researchers just launched the IoT Assistant, an app that informs users about what IoT technologies are around them and what data they are collecting. An accompanying cloud-based portal allows IoT owners to register their devices to the infrastructure.

Watch the Video Opens in new window

Feb 11

The curious case of OpenBazaar

This week, CyLab’s Nicolas Christin and graduate student James Arps are presenting the first in-depth look at the decentralized online anonymous market known as OpenBazaar.

Jan 30

Safety helmet for firefighters Opens in new window

Communication technologies built into a firefighter’s helmet can send directional information in realtime to firefighters working in dangerous environments.

Watch the Video Opens in new window

Jan 23

“Hacked! An Escape Room Experience” puts you in cybercriminals’ shoes

“Hacked! An Escape Room Experience” will hold one session per day January 28 – 30 from 2:00 – 3:00 p.m. in the Cohon University Center. Each session can handle up to 50 participants, and all students, staff, or faculty at CMU are eligible to participate.

Jan 08

Cybercriminals: Things are about to get a lot more confusing for you

Two papers on cyber deception authored by CyLab’s Cleotilde Gonzalez and colleagues are being presented at this week’s Hawaii International Conference on System Sciences (HICSS).

Jan 02

Using AI to recycle bottles Opens in new window

A collaborative project in partnership with CMKL University aims to develop an artificial intelligence (AI) system to accurately screen bottles for reuse and recycling.

News mentions include recent publications, funding announcements, student accolades, and more.

@CyLab

Does your project or program have a news story to share with us?

Let us know.