Future Enterprise Security Initiative 2022 funded projects

CyLab’s Future Enterprise Security Initiative is underway as the first round of funded proposals has been announced. The 13 projects were presented at Carnegie Mellon University during the FutureEnterprise@CyLab Year One Kick-off Meeting on October 27, 2022.

Each project falls under one of the four FutureEnterprise@CyLab key research thrusts:

• AI-driven workflows to automate security analysis and response
• Collaborative capabilities for real-time global visibility for security decision making
• Foundations for understanding cyber risk
• Least-privilege-by-design infrastructure

Funding for the projects was made possible by sponsorships from Amazon Web Services, Aryaka Networks, Bosch, Cisco, Microsoft, Nokia Bell Labs, PNC, and VMware. Sponsors actively worked with FutureEnterprise@CyLab Co-Directors Lujo Bauer and Vyas Sekar on proposal requests and reviews.

Funded projects:

Correlated Multi-armed Bandit Algorithms for Automating Security Checks and Responses

• PI: Osman Yagan - Research Professor, Electrical and Computer Engineering (ECE)

Zero Trust: Virtues, Limitations, and Beyond

• PI: Virgil Gligor - Professor, ECE

Verifiable Personalization for Federated Learning

• PI: Corina Pasareanu - Principal Systems Scientist, CyLab
• Co-PI: Ravi Mangal - Postdoctoral Researcher, CyLab

Evaluating Graph-Based Anomaly Detection Models on Private Data

• Co-PI: Giulia Fanti - Assistant Professor, ECE
• Co-PI: Nihar Shah - Assistant Professor, Machine Learning Department (MLD) and Computer Science Department (CSD)

Adversarial Unlearning via Sybil Attacks: Impacts on Federated Learning and Enterprise Security

• PI: Carlee Joe-Wong - Associate Professor, ECE

Understanding code injection attacks in Node.js packages

• PI: Ruben Martins - Assistant Research Professor, CSD
• Co-PI: Limin Jia - Research Professor, ECE

Automatic Testing Web-based Microservices

• PI: Limin Jia - Research Professor, ECE
• Co-PI: Fraser Brown - Assistant Professor, Software and Societal Systems Department (S3D) 

Verus: Developing Provably Secure and Performant Software

• PI: Bryan Parno - Associate Professor, CSD and ECE

ODO: Open Dependency Observatory for Software Dependencies

• PI: Rohan Padhye - Assistant Professor, S3D
• Co-PI: Yuvraj Agarwal - Associate Professor, S3D

Designing Robust Protocols for Future Enterprise Systems

• PI: Eunsuk Kang - Assistant Professor, S3D
• Co-PI: Romulo Meira-Goes - Postdoctoral Researcher, S3D

CyDec: Cyber Deception Gym

• PI: Fei Fang - Assistant Professor, S3D

Differentially Private Synthetic Data Generation

• PI: Steven Wu - Assistant Professor, S3D

From Fault Injection Testing to Malicious Code Injection Testing

• PI: Heather Miller - Assistant Professor, S3D

For information on how your company can get involved in FutureEnterprise@CyLab or other security and privacy research at CMU, contact a member of the CyLab partnerships team.