CyLab Security & Privacy Institute

News

Apr 24

Understanding the cybersecurity grapevine

When people get word of an online data breach, men are far more likely to share that news with their colleagues and women are much more likely to share it with family and significant others, CyLab researchers report.

Apr 19

Fourteen years later, Pasareanu’s automated software-testing work awarded for retrospective impact

Fourteen years ago, CyLab associate research professor Corina Pasareanu and two of her colleagues published a paper outlining three automated techniques for checking software for bugs and vulnerabilities. This month, Pasareanu and her colleagues are receiving the 2018 Retrospective Impact Award from the International Symposium on Software Testing and Analysis (ISSTA).

Apr 12

CMU-Africa and Facebook co-host cybersecurity hackathon in Rwanda

Last week, Facebook and Carnegie Mellon University Africa hosted a cybersecurity-themed hackathon in Kigali, Rwanda, with the goal of engaging and inspiring students to become more involved in cybersecurity. During the 24-hour hackathon, students were challenged with identifying a security problem in any industry currently affecting Rwanda and/or other African countries and developing a solution.

More news from CyLab

Research areas

Biometrics: Biometrics—characteristics about a person unique to them and no one else, such as their fingerprint, their iris, or features in their face—are becoming an increasingly popular method of authenticating a person’s identity.

Cryptography: At the heart of cryptography is creating trust. Strong, robust cryptography allows us to shop online, manage personal finances, and communicate with one another without worrying about criminals stealing our information.

Formal methods: Software today comes with few, if any, security guarantees. Traditionally, software vendors become aware of vulnerabilities after an attack occurs and then issue a patch that fixes that particular attack. Formal methods may be the key to guaranteeing security from the start.

Hardware security: Just as software can have exploitable flaws and vulnerabilities, hardware carries similar risks, but with one major setback: while software can be can be patched for millions of users with a click of a button, fixing hardware vulnerabilities requires manual labor and time.

Machine learning & AI: As the world of “big data” gradually becomes a world of “bigger data,” CyLab researchers are focused on advancing research in machine learning and artificial intelligence (AI), in which computers can “learn” trends from massive collections of data.

Network security: As the number of connected devices continues to grow, the security of the networks that connect them all becomes even more important. In many cases, adversaries are able to gain access to any number of devices through an unsecured network.

Privacy: As a growing number of connected devices are introduced to the world with a goal of improving our quality of life, they also pose a risk of collecting sensitive information about ourselves and invading our privacy.

Software security: At the heart of countless cyberattacks is a single flaw in the code making up a piece of software. CyLab researchers are advancing the methods in which software bugs are found and fixed in a variety of ways.

Usability: In order for security and privacy tools to work, they must be easily and intuitively usable—by everyone. CyLab researchers are focusing on ways to make security and privacy not feel like a hard task for users, but an easy, enjoyable experience.