CyLab

CyLab researchers aren’t only studying the fundamental principles of security privacy, they are applying those principles to real world applications. From the safety of autonomous vehicles to the integrity of elections, CyLab researchers are working to make the world around us — the apps we use on a daily basis, the energy supplied to our homes, our workplaces — one in which technology can be trusted.

Biometrics—characteristics about a person unique to them and no one else, such as their fingerprint, their iris, or features in their face—are becoming an increasingly popular method of authenticating a person’s identity.

At the heart of cryptography is creating trust. Strong, robust cryptography allows us to shop online, manage personal finances, and communicate with one another without worrying about criminals stealing our information.

Experts around the world have touted blockchain technology as the next big technological revolution, with the potential to create trust where trust didn’t exist before, allowing people and organizations to transact in ways they never thought was possible. CyLab researchers are working on helping make sure this hype turns into a reality.

Software today comes with few, if any, security guarantees. Traditionally, software vendors become aware of vulnerabilities after an attack occurs and then issue a patch that fixes that particular attack. Formal methods may be the key to guaranteeing security from the start.

Just as software can have exploitable flaws and vulnerabilities, hardware carries similar risks, but with one major setback: while software can be can be patched for millions of users with a click of a button, fixing hardware vulnerabilities requires manual labor and time.

The number of Internet of Things (IoT) connected devices worldwide is expected to surpass 50 billion by 2023. IoT growth currently outpaces the security and privacy of those devices, introducing new vulnerabilities into homes and offices across the globe. CyLab researchers are working on solutions not only to secure IoT devices of the future, but to make the devices that are already deployed safer.

As the world of “big data” gradually becomes a world of “bigger data,” CyLab researchers are focused on advancing research in machine learning and artificial intelligence (AI), in which computers can “learn” trends from massive collections of data.

Half the battle in security and privacy research is often developing the right tools to measure and analyze — whether that’s accurately measuring human behaviors online, analyzing and quantifying the risk associated with certain data sharing practices, or measuring the economy of anonymous online marketplaces, among other examples. CyLab researchers are working towards developing these measurement and analysis tools to help identify the status of products or services, and where the problems are that need to be addressed.

As the number of connected devices continues to grow, the security of the networks that connect them all becomes even more important. In many cases, adversaries are able to gain access to any number of devices through an unsecured network.

As a growing number of connected devices are introduced to the world with a goal of improving our quality of life, they also pose a risk of collecting sensitive information about ourselves and invading our privacy.

At the heart of countless cyberattacks is a single flaw in the code making up a piece of software. CyLab researchers are advancing the methods in which software bugs are found and fixed in a variety of ways.

Many researchers in CyLab are focusing on the security of systems — any systems ranging from the components that make up an autonomous vehicle to the various sectors that make up the energy grid — which requires placing security protocols on different, non-homogeneous parts that must still be able to communicate and work together efficiently and effectively.

In order for security and privacy tools to work, they must be easily and intuitively usable—by everyone. CyLab researchers are focusing on ways to make security and privacy not feel like a hard task for users, but an easy, enjoyable experience.