Visible to the public 4th Annual WinnersConflict Detection Enabled

4th Annual Best Scientific Cybersecurity Paper Competition

Winning Paper | Honorable Mention | Award Ceremony | Review Team

The fourth Annual NSA Competition for Best Scientific Cybersecurity Paper recognized the best scientific cybersecurity paper published in 2015. Papers were nominated between December 1, 2015 through March 31, 2016 and 54 nominations were received. Three papers were selected for recognition, a winning paper and two papers for an honorable mention.

Winning Paper

The winning paper is Nomad: Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration by Soo-Jin Moon, Vyas Sekar and Michael Reiter from Carnegie Mellon University and University of North Carolina. It was presented at Association for Computer Machinery (ACM) Conference on Computer and Communications Security (CCS 15).

The paper discusses a new system called Nomad which demonstrates a general and immediate defense against side-channel attacks as opposed to the current method of developing attack-specific fixes. This side-channel defense applies to attacks that come from another co-resident virtual machine. Conceptually; computers can simulate the appearance of multiple physical computers but in reality be just one computer. These simulated computers should be completely separated and be as if they were two physically different devices, but side-channel attacks break this separation. This is particularly relevant to cloud service providers where each virtual machine could be under the control of different people.

This paper was selected as the winning paper because it provided several scientific advances and tests its conclusions. It develops a threat model and information leakage model. It also develops and test several algorithms for how to move around the virtual machines within the cloud as to reach its goals. In summary, the paper's proposed defense is very simple and yet very powerful. It combines a relevant problem with a pragmatic solutions with the science to support it.

Honorable Mention Papers

Two papers are being recognized as honorable mentions. The first honorable mention paper is Quantum-Secure Covert Communication on Bosonic Channels. This paper in Nature Communications was written by a team of researchers at University of Massachusetts, Amherst and Raytheon. The researchers are: Boulat A. Bash, Andrei H. Gheorghe, Monika Patel, Jonathan L. Habif, Dennis Goeckel, Don Towsley, and Saikat Guha.

This paper explorers the limits of how much information can be transmitted on a Bosonic Channel where an attacker cannot determine that the transmission has even occurred. This paper presents quantum communications and also presents real world examples and proofs of concept.

The paper is receiving an honorable mention recognition because its a strong and impactful paper with fresh ideas. Most importantly, the paper is being held up as an example of how effective scientific exposition should be organized in scientific and engineering disciplines that employ heavy mathematical analysis.

The other honorable mention paper is Increasing Cybersecurity Investments in Private Sector Firms. It was written by a research group at the University of Maryland, College Park. The team members are Lawrence Gordon, Martin Loeb, William Luchshyn and Lei Zhou. It was published in a fairly new journal on cross discipline cybersecurity issues, the Journal of Cybersecurity.

This paper develops an economics-based framework for evaluating governmental approaches to increase private sector investment in cybersecurity. Increased cybersecurity investment is needed because of the cost of externalities, the effects on others. This paper helps informs policy makers impact of policies.

This paper was chosen for recognition as it has meticulous methodology and its produces insight that can apply in teh real world to improve security.

Awards Ceremony

The authors from all three papers are invited to present their work at NSA and be recognized on November 2nd.

Review Team

NSA Competition Leads

Dr. Deborah Frincke - Director of Research, NSA
Dr. Adam Tagert - Science of Security, NSA Information Assurance Research

Distinguished Expert Reviewers

  • Dr. Whitfield Diffie - Cybersecurity Advisor
  • Dr. Daniel Earl Greer Jc., Sc.D. - Chief Information Security Officer at In-Q-Tel
  • John D. McLean - Superintendent of the Naval Research Laboratory's Information Technology Division (ITD)
  • M. Angela Sasse - Professor of Human-Centered Technology and Head of Information Security Research in the Department of Computer Science at University College London (UCL), UK
  • Fred B. Schneider - Samuel B. Eckert Professor of Computer Science at Cornell University
  • Phil Venables - Chief Information Risk Officer at Goldman Sachs
  • David A. Wagner - Assistant Professor in the Computer Science Division at the University of California, Berkeley
  • Jeannette Wing - Vice President, head of Microsoft Research International

NSA Reviwers

The papers were reviewed by a team of experts drawn from various backgrounds across NSA.

About the 4th Annual Paper Competition

The Best Scientific Cybersecurity Paper Competition is sponsored yearly by NSA's Research Directorate and reflects the Agency's desire to increase scientific rigor in the cybersecurity field. This competition was established to recognize current research that exemplifies the development of scientific rigor in cybersecurity research. SoS is a broad enterprise, involving both theoretical and empirical work across a diverse set of topics. While there can only be one best paper, no single paper can span the full breadth of SoS topics. Nevertheless, work in all facets of security science is both needed and encouraged.