CyLab’s Future Enterprise Security Initiative has announced its third round of funded proposals.

The 10 selected proposals will empower researchers and industry leaders to rethink security across enterprise ecosystems through innovations in artificial intelligence, computer science, engineering, and human-factors research.

Each project falls under one of the four FutureEnterprise@CyLab key research thrusts:

• AI-driven workflows to automate security management and data-driven decision-making to minimize the need for large human teams
• Collaborative capabilities for real-time global visibility for security decision making
• Foundations for understanding cyber risk and dependencies in complex ecosystems and supply chains
• Least-privilege-by-design infrastructure, including trustworthy outsourcing, remote work/management, and deployable software-defined architectures

This year, Generative AI and Large Language Models (LLMs) were added as a technology of interest in all four research thrusts.

Funding for the projects is made possible by sponsorships from Amazon Web Services, Cisco, Microsoft, Nokia Bell Labs, PNC, and the VMware University Research Fund. Sponsors actively worked with FutureEnterprise@CyLab Co-Directors Lujo Bauer and Vyas Sekar on proposal requests and reviews.

During the execution of these projects, faculty will collaborate with FutureEnterprise@CyLab sponsors to develop a suite of novel foundations and technologies, re-imagining ways to achieve security in small- and medium-sized enterprise systems.

“We're grateful to our sponsors for the insights they contributed about industry pain points and for the thoughtful discussions that helped identify the most promising proposals,” said Bauer. “We selected for funding a mix of new and continuing projects.

“The funded projects stand out by their technical excellence, and also complement each other in the technical areas they address and in their scope. Some projects are tackling well-defined problems that have near-term solutions, while other projects are taking initial steps toward solving much more open-ended problems.”

Funded Projects

Collaborative Capabilities

Data Provenance Tracing in Generative AI Applications

• PIs: Carlee Joe-Wong - Robert E. Doherty Career Development Associate Professor, Electrical and Computer Engineering (ECE) and Harry Jiang - Ph.D. student, ECE

Privacy-Preserving Federated LLM Training for Critical Infrastructure Applications

• PI: Gauri Joshi - Associate Professor, ECE

Risk Assessment

Attacks and Defenses for Large Language Models on Code Generation Tasks

• PIs: Corina Pasareanu - Principal Systems Scientist, CyLab and Limin Jia - Research Professor, ECE

LLM-assisted Program Synthesis for Confirming Code-Injection Vulnerabilities in Node.js packages

• PIs: Ruben Martins - Assistant Research Professor, Computer Science Department (CSD) and Limin Jia - Research Professor, ECE

Resilient Enterprise Systems through Graceful Degradation

• PI: Eunsuk Kang - Assistant Professor, Software and Societal Systems Department (S3D) and David Garlan - Professor of Computer Science, S3D, CSD

AI-Driven Workflows

Heterogeneous Execution of Heterogeneous Text Analytics by Lexical Rules and LLM

• PI: James C. Hoe - Professor, ECE

Wireless Security Compliance Audits via LLMs

• PI: Swarun Kumar - Sathaye Family Foundation Career Development Professor, ECE

Bridging the Old and New: LLMs and Templates Unite for Automated Security Vulnerability Repair

• PIs: Claire Le Goues - Associate Professor, S3D and Ruben Martins - Assistant Research Professor, CSD

Least Privilege By Design

Verus: AI-Assisted Development of Provably Secure and Performant Software

• PI: Bryan Parno - Kavčić-Moura Professor, CSD and ECE

Automated security vulnerability remediation and prioritized software patching

• PI: Virgil D. Gligor - Professor, ECE