First round of Future Enterprise Security Initiative funded projects announced

CyLab’s Future Enterprise Security Initiative is underway as the first round of funded proposals has been announced. The thirteen projects were presented at Carnegie Mellon University during the FutureEnterprise@CyLab Year One Kick-off Meeting on October 27, 2022.

Each project falls under one of the four FutureEnterprise@CyLab key research thrusts:

• AI-driven workflows to automate security analysis and response
• Collaborative capabilities for real-time global visibility for security decision making
• Foundations for understanding cyber risk
• Least-privilege-by-design infrastructure

Funding for the projects is made possible by sponsorships from Amazon Web Services, Aryaka Networks, Bosch, Cisco, Microsoft, Nokia Bell Labs, PNC, and VMware. Sponsors actively worked with FutureEnterprise@CyLab Co-Directors Lujo Bauer and Vyas Sekar on proposal requests and reviews.

During the execution of these projects, faculty will collaborate with FutureEnterprise@CyLab sponsors to develop a suite of novel foundations and technologies, re-imagining ways to achieve security in small- and medium-sized enterprise systems.

“The Future Enterprise Security Initiative brings together a collective of industry leaders who are aligned with our mission and believe these are important problems to solve,” says Sekar. 

“Our partners are really engaged. They understand where problems lie and are willing to take the time to help us generate ideas, evaluate proposals, and offer suggestions as to how each project can become even more relevant to the core mission,” says Bauer.

Funded projects:

Correlated Multi-armed Bandit Algorithms for Automating Security Checks and Responses

• PI: Osman Yagan - Research Professor, Electrical and Computer Engineering (ECE)

Zero Trust: Virtues, Limitations, and Beyond

• PI: Virgil Gligor - Professor, ECE

Verifiable Personalization for Federated Learning

• PI: Corina Pasareanu - Principal Systems Scientist, CyLab
• Co-PI: Ravi Mangal - Postdoctoral Researcher, CyLab

Evaluating Graph-Based Anomaly Detection Models on Private Data

• Co-PI: Giulia Fanti - Assistant Professor, ECE
• Co-PI: Nihar Shah - Assistant Professor, Machine Learning Department (MLD) and Computer Science Department (CSD)

Adversarial Unlearning via Sybil Attacks: Impacts on Federated Learning and Enterprise Security

• PI: Carlee Joe-Wong - Associate Professor, ECE

Understanding code injection attacks in Node.js packages

• PI: Ruben Martins - Assistant Research Professor, CSD
• Co-PI: Limin Jia - Research Professor, ECE

Automatic Testing Web-based Microservices

• PI: Limin Jia - Research Professor, ECE
• Co-PI: Fraser Brown - Assistant Professor, Software and Societal Systems Department (S3D) 

Verus: Developing Provably Secure and Performant Software

• PI: Bryan Parno - Associate Professor, CSD and ECE

ODO: Open Dependency Observatory for Software Dependencies

• PI: Rohan Padhye - Assistant Professor, S3D
• Co-PI: Yuvraj Agarwal - Associate Professor, S3D

Designing Robust Protocols for Future Enterprise Systems

• PI: Eunsuk Kang - Assistant Professor, S3D
• Co-PI: Romulo Meira-Goes - Postdoctoral Researcher, S3D

CyDec: Cyber Deception Gym

• PI: Fei Fang - Assistant Professor, S3D

Differentially Private Synthetic Data Generation

• PI: Steven Wu - Assistant Professor, S3D

From Fault Injection Testing to Malicious Code Injection Testing

• PI: Heather Miller - Assistant Professor, S3D