In this video, Anton explains why she disagrees with the
Director of the FBI and the Attorney General on the topic of cell phone
encryption.
Balancing individual privacy with national security needs will continue to be a
major challenge in the years to come. Annie Antón has been working on these dual
objectives since the 1990s, when she was a graduate student at Georgia Tech.
“I realized then that security and privacy were both essential goals for modern
computing systems,” said Antón, who returned to Georgia Tech in 2012 as chair of the
School of Interactive Computing.
Antón, who presented her first privacy and security papers before the 9/11 attacks,
is part of a National Research Council committee on Foundational Science in
Cybersecurity. She is on security and privacy advisory boards for major corporations
and has served on the Department of Homeland Security Data Privacy and Integrity
Advisory Committee. She recently appeared on C-SPAN for her testimony on the role of
technology and privacy in fighting terrorism.
Antón’s current research focuses on how to create systems that actually comply with
regulatory, security, and privacy requirements.
This work is particularly relevant today, considering the rapid growth of the
Internet of Things, which allows for communication among everyday devices such as
Fitbit Trackers, smart thermostat systems, and washers/dryers that use Wi-Fi for
remote monitoring.
As information for these devices is collected and stored, big data analytics will
process this information and infer things about us.
“Security and privacy will need to be baked in from the start,” she said.
—Annie Antón chairs the School of Interactive Computing in
the College of Computing.
Cyberanalytics: Protecting us with high-performance computing
When we think of cybersecurity, we often think of the outsider trying to hack into
our computer systems. But, another challenge is how we identify and defend against
an insider, oftentimes a lone wolf, who knows our procedures and safety
precautions.
If we want to protect ourselves from both scenarios, we must increase our reliance
on high-performance computing, especially the graph analytic research we conduct at
Georgia Tech, says David Bader, chair of the School of Computational Science and
Engineering in the College of Computing.
Graphs help us discover patterns and relationships hidden in massive amounts of
data. These graphs are comprised of interconnected vertices (nodes) and lines
(edges), and these graphs change over time.
In the realm of cybersecurity, the vertices are people, places, and things, and the
edges represent their interactions. By designing fast, using theoretic algorithms on
large-scale graphs, we can produce insights in near-real time. This is crucial
because cybersecurity analysts often are overwhelmed with thousands of alerts to
review, and our algorithms may direct them immediately to the most important ones.
We leave a digital trace every time we use a key card to get through a door, log in
to a computer, or send an email. Security officers need to analyze this information
so they can understand our patterns and identify potential threats.
These massive-scale datasets are often unstructured and challenging to inspect. The
emerging graph technology we are developing at Georgia Tech has the potential to be
the best and most efficient way to prevent future attacks where we work and live,
says Bader.
—David Bader chairs the School of Computational Science and
Engineering in the College of Computing.
Securing the new cyberspace revolution
We are in the midst of a revolution in cyberspace that could be as transformative
as the emergence of the Internet. The most significant difference between this
revolution and that of the emergence of the Internet is that the current revolution
gives computing systems an unprecedented amount of control over individuals and
critical infrastructure. As such, computer engineers play a key role in ensuring
maximum benefit from technologies while also ensuring that systems operate
safely.
One goal of the Georgia Tech Communications Assurance and Performance Group is to
develop algorithms that enable a more secure and efficient current and future
network infrastructure, with computer systems that are more accountable and less
vulnerable to attacks and abuse.
Our efforts focus on areas that are critical to the success and security of the
so-called Internet of Things (IoT) and cyber physical systems (CPS), says Raheem
Beyah, an associate professor in the School of Electrical and Computer Engineering
who leads the Communications Assurance and Performance Group.
IoT is comprised of everyday devices — such as irons, toasters, and thermostats —
that are wirelessly connected and work to improve our quality of life. CPS deals
with the use of cyberspace to manage and monitor existing physical systems, such as
power grids, oil and gas generation, and distribution systems.
To improve security in these areas, we are working to understand the behavior of
these systems to prevent misuse, secure the wireless networks IoT devices use to
communicate, and ensure information is exchanged in a manner that preserves privacy,
Beyah said. The impact of IoT and CPS on society will be tremendous, which is why we
must keep it secure, he added.
—Raheem Beyah, an associate professor in
the School of Electrical and Computer Engineering, leads the Communications
Assurance and Performance Group.
Defending the U.S. against cyber warriors
A new generation of cyber warriors has suited up for battle and is targeting U.S.
interests.
The Georgia Tech Research Institute (GTRI) is a leader in developing the
technologies that secure, defend, and respond to threats within our country’s
information, distribution, and network systems on the virtual battlefield.
The Cyber Technology and Information Security Laboratory (CTISL) conducts applied
research focused on cyber threats and countermeasures, secure multilevel information
sharing, resilient command and control network architectures, reverse engineering,
vulnerability identification, and high-performance computing and analytics.
CTISL has six strategic thrusts: Reverse Engineering, Vulnerability Identification,
and Exploitation; Resilient Network Systems Engineering; Malicious Software
Analysis, Threat Intelligence, and Penetration Testing; High-Performance Computing
and Analytics; Multilevel, Secure Software Systems, and Collaboration Tools; and
Professional Education, Outreach, and Awareness.
CTISL engineers develop and apply cutting-edge technologies in computing, network
architectures, signal and protocol analysis, network forensics, malware analysis,
and reverse engineering (hardware and software) to solve tough problems, says Andrew
Howard, senior research scientist at GTRI.
Howard, along with other GTRI experts in his lab, is tackling tough security issues
within military and non-military networks, developing new tools and methods for
securing information, educating and increasing awareness in the cyber domain, and
applying leading technologies in network design to keep us safe now — and in the
future. CTISL brings this knowledge to the classroom by providing professional
education offerings across the cyber landscape.
—Andrew Howard directs the Cyber Technology and Information
Security Laboratory at the Georgia Tech Research Institute.
Attacking botnets before they attack the Internet
Large-scale attacks on the Internet are typically launched using a botnet, which is
a large number of infected machines under the control of an attacker.
Wenke Lee, who directs the Georgia Tech Information Security Center, and his
research group are leaders in botnet detection, and were among the first to work on
this problem starting in 2005.
They have focused on the key characteristics of botnets — for example, the need for
a command-and-control infrastructure — that separate them from the previous
generations of Internet-based attacks. They have developed and deployed several
algorithms and have demonstrated their effectiveness in early-warning, detection,
and attribution of Internet-scale attacks.
More importantly, their work has had a significant practical impact. In 2006, Lee
co-founded Damballa Inc., which focuses on delivering anti-botnet technologies to
enterprises, and now has about 90 employees. It counts all major Internet service
providers in the U.S. and many Fortune 500 companies as its customers.
Lee’s group was the first to conduct a systematic study of the security of iOS as
well as Apple’s app review and management process. While many in the industry and
academia believe that iOS is (almost) immune to malicious programs, their work
showed that it is possible to inject malicious code on iOS devices, and even create
an iOS botnet. Their work revealed a number of vulnerabilities in iOS and has led
Apple to implement several security improvements.
—Wenke Lee, a professor of Computer
Science in the College of Computing, directs the Georgia Tech Information Security
Center.
Adjusting to today’s cyber realities
In this video, Swire talks about the importance of
cybersecurity, and how individuals can protect themselves against potential
attacks.
In August 2013, less than a week after joining the faculty at Georgia Tech, Peter
Swire was tapped to serve on President Barack Obama’s Review Group on Intelligence
and Communications Technology. Swire became one of the five authors of a major report that was issued that December.
The work on the Review Group is part of Swire’s two decades of research and
government service on issues of cybersecurity and privacy. He previously served as
chief counselor for privacy under President Bill Clinton, where cybersecurity topics
included encryption, intrusion detection for federal systems, and how to update
wiretap laws for the Internet age. In the subsequent decade, Swire served on
security advisory boards.
This year, he is teaching a privacy course and one on “Information Security
Strategies and Policy.” Among his multiple research projects, he’s looking at how to
refine the debate about when information sharing should take place for
cybersecurity.
“As personal data flows everywhere, security issues are everywhere as well,” Swire
said.
He’s also looking at how well secrets will be kept in the future, noting the effect
of the “declining half-life of secrets” on the workings of intelligence
agencies.
“Today’s cyber realities mean people and government on the outside can find out
what the agencies are doing,” Swire said. “We’re going to have to get used to a
world where we can’t keep things classified for 25 or 50 years and assume they are
going to stay hidden.”
—Peter Swire is the Nancy J. and Lawrence P. Huang
Professor of Law and Ethics in the Scheller College of Business.
