CS Prof. Wins Two Awards from NSF’s $74.5 million for Interdisciplinary Cybersecurity Research

Writer(s): Jesica E. Hollinger

The National Science Foundation (NSF) has awarded more than $74.5 million in new research grants through the NSF Secure and Trustworthy Cyberspace (SaTC) program in its efforts to helpMathias Payer secure cyberspace.

NSF makes the announcement in October, which is National Security Month.

A total of 257 grants were awarded to researchers in 37 states, ranging in size from $10,000 to nearly $2 million. Assistant CS Professor Mathias Payer earned two grants from these awards to benefit his research.

The single private investigator grant provides $175,000 for Prof. Payer’s research CISE CRII: SaTC: Lockdown: guarded control-flow and data privacy for sensitive data.

The second award is a joint grant, benefitting CNS: SaTC: ENCORE - ENhanced program protection through COmpiler-REwriter cooperation shared between Michael Franz, UC Irvine; Mathias Payer, Purdue; and Kevin Hamlen, UT Dallas. Purdue’s portion of the award is $403,683.

Prof. Payer, who joined the CS faculty in 2014, said these grants enable significant research in system security.

“This research will result in the development of novel open-source mechanisms that will increase the protection of everyday users,” Prof. Payer said. “I’m honored to receive these grants and looking forward to many great collaborations both internally and externally,” he added.

The grants are awarded with the intention of advancing technical and social science solutions to cybersecurity challenges and bolster cybersecurity education. The goal is to support new projects which aim to enhance security practices and technologies, bolster education and training in cybersecurity, and establish a science of cybersecurity and transition promising cybersecurity research into practice.

“NSF-supported cybersecurity research builds the foundational and multidisciplinary knowledge bases needed to protect us in cyberspace – an environment that has expanded beyond computers to encompass many aspects of our physical world and critical infrastructure,” said Jim Kurose, NSF assistant director for Computer and Information Science and Engineering.

The National Science Foundation (NSF) is a long-time supporter of cybersecurity research to protect the frontiers of cyberspace—the virtual global village enabled by the Internet. NSF investments in basic research have resulted in innovative ways to secure information and privacy on the web and have led to algorithms that form the basis for electronic commerce, software security bug detection, spam filtering, and more.

The SaTC program supports research that addresses vulnerabilities in hardware, software and networking technologies. It also supports research exploring the human components of cybersecurity, as well as efforts to enhance cybersecurity education to supply the nation with expertise to build and defend tomorrow’s cyber-systems.

The largest, multi-institutional awards include research to better understand and offer reliability to cryptocurrencies, new forms of digital currency where encryption techniques are used to regulate and verify the generation and transfer of currency; technology to broadly scan large swaths of the Internet and automate the detection and patching of vulnerabilities; and efforts to establish the “science of censorship resistance” by developing accurate models of the capabilities of censors, for example blocked search results or interference with international network traffic.

The SaTC awards continue to acknowledge the complex interactions between people and technology, as a key part of cybersecurity and support interdisciplinary research that aims to address security and privacy by better understanding these relationships.

“No solution for securing cyberspace is complete without the integration of research that examines how people behave in the complicated systems that constitute the Internet – from the users of Internet commerce to the attackers who endanger networks,” said Fay Lomax Cook, NSF assistant director for Social, Behavioral & Economic Sciences. “Technology and behavior are intrinsically linked in the world of cybersecurity, and NSF’s support for interdisciplinary research reflects that,” he added.

The awards made this year also include more than 20 projects designed to address the cybersecurity educational and workforce development needs of the nation. These include the creation of new training and education programs and the development of effective cybersecurity pedagogy. Projects in this track include cybersecurity training for workers in hospitals, virtual environments in which students can experiment with and learn about cybersecurity practices, and competitions and challenges to enhance and broaden cybersecurity education.

“Cybersecurity is a rapidly expanding field, and the educational programs NSF supports will help develop the computer scientists, engineers, and creators of tomorrow’s solutions,” said Joan Ferrini-Mundy, NSF assistant director for Education and Human Resources. “At a time when an educated, experienced workforce is among the most precious resources in the world of cybersecurity, NSF facilitates programs that will generate the architects of a more secure Internet, “she added.

Because many aspects of cybersecurity can be implemented by industry, the program supports both a Secure, Trustworthy, Assured and Resilient Semiconductors and Systems (STARSS) perspective focused on hardware research in partnership with the Semiconductor Research Corporation (SRC), and a Transition to Practice (TTP) track focused exclusively on transitioning existing research into practice.

The awards are part of a portfolio of approximately $160 million invested in cybersecurity across the agency in fiscal year 2015A full list of active SaTC awards can be found at: http://1.usa.gov/1FJ4eUY.

A complete NSF news release, detailing all of the research funding, is available at http://nsf.gov/news/news_summ.jsp?cntn_id=136481&org=NSF&from=news.

For more information about Cyber Security Awareness Month visit http://www.dhs.gov/national-cyber-security-awareness-month.