The National Security Agency Research Directorate began funding foundational research at Lablet institutions beginning in 2012 through the Science of Security (SoS) Initiative. The Lablets were funded in order to promote foundational cybersecurity science that is needed to mature the cybersecurity discipline and to underpin advances in cyberdefense. In 2014, the SURE project was founded to investigate cybersecurity in the cyber-physical systems realm. The Lablet and SURE projects are listed below.

Project Titlesort icon Lead PI Project Abstract All terms Last Updated
A Human Information-Processing Analysis of Online Deception Detection Robert Proctor Human interaction is an integral part of any system. Users have daily interactions with a system and make many decisions that affect the overall state of security. The fallibility of users has been shown but there is little research focused on the... A Human Information-Processing Analysis of Online Deception Detection, NCSU, NCSU Jan 30 2020 - 11:17am
A Hypothesis Testing Framework for Network Security Brighten Godfrey This project develops a scientific approach to testing hypotheses about network security when those tests must consider layers of complex interacting policies within the network stack. The work is motivated by observation that the infrastructure of large... Policy-Governed Secure Collaboration, Resilient Architectures, Scalability and Composability, Security Metrics Driven Evaluation, Design, Development, and Deployment, UIUC Jan 30 2020 - 11:10am
A Language and Framework for Development of Secure Mobile Applications Jonathan Aldrich Mobile applications are a critical emerging segment of the software industry, and security for web-based mobile applications is of increasing concern. We hypothesize that many of the most important security vulnerabilities in web-based mobile... A Language and Framework for Development of Secure Mobile Applications, A Language and Framework for Development of Secure Mobile Applications, CMU, CMU Jan 30 2020 - 11:53am
A Monitoring, Fusion and Response Framework to Provide Cyber Resiliency William Sanders UIUC Jan 30 2020 - 11:13am
A Science of Timing Channels in Modern Cloud Environments Michael Reiter The eventual goal of our research is to develop a principled design for comprehensively mitigating access-driven timing channels in modern compute clouds, particularly of the "infrastructure as a service" (IaaS) variety. This type of cloud permits the... NCSU Jun 14 2017 - 2:30pm
An Adoption Theory of Secure Software Development Tools Emerson Murphy-Hill Programmers interact with a variety of tools that help them do their jobs, from "undo" to FindBugs' security warnings to entire development environments. However, programmers typically know about only a small subset of tools that are available, even when... NCSU Jun 14 2017 - 2:30pm
An Investigation of Scientific Principles Involved in Attack-Tolerant Software Mladen Vouk High-assurance systems, for which security is especially critical, should be designed to a) auto-detect attacks (even when correlated); b) isolate or interfere with the activities of a potential or actual attack; and (3) recover a secure state and... NCSU Jun 14 2017 - 2:30pm
An Investigation of Scientific Principles Involved in Software Security Engineering Laurie Williams Fault elimination part of software security engineering hinges on pro-active detection of potential vulnerabilities during software development stages. This project is currently working on a) an attack operational profile definition based on known... NCSU Jun 14 2017 - 2:30pm
Anonymous Messaging Pramod Viswanath Anonymity is a basic right and a core aspect of Internet. Recently, there has been tremendous interest in anonymity and privacy in social networks, motivated by the natural desire to share one's opinions without the fear of judgment or personal reprisal (... Scalability and Composability, UIUC Jan 30 2020 - 11:10am
Architecture-based Self Securing Systems David Garlan An important emerging trend in the engineering of complex software-based systems is the ability to incorporate self-adaptive capabilities. Such systems typically include a set of monitoring mechanisms that allow a control layer to observe the running... CMU Jun 14 2017 - 2:33pm
Argumentation as a Basis for Reasoning about Security Munindar Singh This project involves the application of argumentation techniques for reasoning about policies, and security decisions in particular. Specifically, we are producing a security-enhanced argumentation framework that (a) provides not only inferences to draw... NCSU Jun 14 2017 - 2:30pm
Attack Surface and Defense-in-Depth Metrics Attack Surface and Defense-in-Depth Metrics, NCSU, NCSU Jan 30 2020 - 11:17am
Attaining Least Privilege Through Automatic Partitioning of Hybrid Programs William Enck This project investigates the hard problem of resilient architectures from the standpoint of enabling new potential for incorporating privilege separation into computing systems. However, privilege separation alone is insufficient to achieve strong... Architectures, NCSU, Resilient Systems Jun 14 2017 - 2:30pm
Automated Synthesis of Resilient Architectures Ehab Al-Shaer NCSU, NCSU, Automated Synthesis of Resilient Architectures Jan 30 2020 - 11:17am
Classification of Cyber-Physical System Adversaries

Cyber-Physical Systems (CPS) are vulnerable to elusive dynamics-aware attacks that subtly change local behaviors in ways that lead to large deviations in global behavior, and to system instability. The broad agenda for this project is to classify...
UIUC Jun 14 2017 - 2:37pm
Composability of Big Data and Algorithms for Social Networks Analysis Metrics Juergen Pfeffer Applying social network analysis to Social Media data supports better assessment of cyber-security threats by analyzing underground Social Media activities, dynamics between cyber-criminals, and topologies of dark networks. However, Social Media data are... CMU Jun 14 2017 - 2:33pm
Data Driven Security Models and Analysis Ravishankar Iyer In security more than in other computing disciplines, professionals depend heavily on rapid analysis of voluminous streams of data gathered by a combination of network-, file-, and system-level monitors. The data are used both to maintain a constant vigil... Resilient Architectures, Security Metrics Driven Evaluation, Design, Development, and Deployment, Understanding and Accounting for Human Behavior, UIUC Jan 30 2020 - 11:10am
Data-Driven Model-Based Decision-Making William Sanders The goal of this project is to develop quantitative, scientifically grounded, decision-making methodologies to guide information security investments in private or public organizations, combining human and technological concerns, to demonstrate their use... Security Metrics Driven Evaluation, Design, Development, and Deployment, Understanding and Accounting for Human Behavior, UIUC Jan 30 2020 - 11:11am
Decentralization in Security: Consequences and Incentive Design Yevgeniy Vorobeychik In security, our concern is typically with securing a particular network, or eliminating security holes in a particular piece of software. These are important, but they miss the fact that being secure is fundamentally about security of all constituent... Resilient Architectures, Science of decentralized security, Vanderbilt Jan 30 2020 - 10:50am
Developing a User Profile to Predict Phishing Susceptibility and Security Technology Acceptance Christopher Mayhorn Phishing has become a serious threat in the past several years, and combating it is increasingly important. Why do certain people get phished and others do not? In this project, we aim to identify the factors that cause people to be susceptible and... NCSU Jun 14 2017 - 2:30pm