A Georgia State University computer scientist says having to remember dozens of account passwords makes password security tricky -- and some of the faults with password security fall upon the operators of websites.
The explosion of the Internet and social media has literally put the world at our fingertips, revolutionizing the way people connect and share information. However, for all the positives social media provides, it can also open the door to deception, potentially wreaking havoc on people's lives both personally and professionally.
UAB researchers are investigating game-based verification that may improve computer security and reduce user frustration compared to typical “type-what-you-see” CAPTCHA tools that use static images.
From February through April, the cyber equivalent of the NCAA’s March Madness played out – keystroke by keystroke – at 180 colleges around the nation. The regional champions gathered at the National Collegiate Cybersecurity Defense Competition (NCCDC) in San Antonio Texas. While only one team emerged with the winner’s trophy, everyone walked away with an increased appreciation and understanding of current cybersecurity needs and a preview of emerging technologies.
This week, University of Central Florida, this year’s NCCDC winner, will tour the nation’s capital to learn how government agencies like the Department of Homeland Security (DHS) protect the nation from cyber threats.
Roxana Geambasu and Augustin Chaintreau, assistant professors of computer science at Columbia Engineering, have developed XRay, a new tool that reveals which data in a web account, such as emails, searches, or viewed products, are being used to target which outputs, such as ads, recommended products, or prices. They are presenting the prototype, an open source system designed to make the online use of personal data more transparent, at USENIX Security on August 20.
Shuyuan Mary Ho, an assistant professor at Florida State University’s School of Information, is available for media questions and analysis on cybersecurity threats, including the recent breach by Russian criminals who stole more than 1.2 billion Internet usernames and passwords.
The Software Assurance Market Place, or SWAMP, is an online, open-source, collaborative research environment that allows software developers and researchers to test their software for security weaknesses, improve tools by testing against a wide range of software packages, and interact and exchange best practices to improve software assurance tools and techniques.
Researchers are working to protect consumer data by using companies spam volume to evaluate its security vulnerability through the SpamRankings.net project.
Secure Decisions, a leading provider of assessment tools to enhance software security, is partnering with the Software Assurance Marketplace (SWAMP) to build a powerful and publicly accessible resource to improve the software that drives everyday life.
Georgia Tech researchers have created a tool to monitor the accessibility of Web pages around the world that can be installed by adding a single line of code to a web page. The tool, Encore, runs when a user visits a website where the code is installed and then discreetly collects data from potentially censored sites.
Georgia Tech researchers have identified a weakness in one of Android’s security features. The research, titled Abusing Performance Optimization Weaknesses to Bypass ASLR, identifies an Android performance feature that weakens a software protection called Address Space Layout Randomization (ASLR), leaving software components vulnerable to attacks that bypass the protection.
Columbia Engineering researchers have discovered a crucial security problem in Google Play, the official Android app store. The study is the first to make a large-scale measurement of the huge marketplace, using PlayDrone, a tool they developed to circumvent Google security to successfully download Google Play apps and recover their sources.
The tightly integrated computing and networking systems required to turn the nation’s freeways in “smart transportation systems” are currently under development. The efforts of the Smart Roads Cyber-Physical Systems project to identify cyber attacks against these systems and to develop software to protect them is dramatized by the video scenario “Mitigating Carmageddon” featured at the SmartAmerica Expo in Washington DC.
Computer scientists at Virginia Tech have developed a unique anomaly protection security approach for the detection of malicious activities on networked computers. The work was performed using a National Science Foundation CAREER award and is being presented at an international conference in Tokyo, Japan.
Industrial systems that control heating and cooling, water treatment plants, etc. are a low priority. That’s why they are so vulnerable to hackers, says Dr. Ray Vaughn, vice president for research at The University of Alabama in Huntsville.
The Internet bug "Heartbleed" was a stark reminder of how vulnerable our information is on the web, but also a sign that future job growth is rooted in securing that information. Higher education plays a significant role in helping fill these jobs.
As companies scrambled in recent days to address the latest cybersecurity bug known as Heartbleed, researchers at The University of Texas at Dallas had a solution that fixes the vulnerability, and also detects and entraps hackers who might be using it to steal sensitive data
The recently-discovered “Heartbleed” bug affecting as much as two-thirds of the Internet is causing people to hurriedly change passwords and further secure online personal information. Merrill Warkentin of Mississippi State University said Friday [April 11] that choosing strong passwords is among the best proactive steps for minimizing vulnerability to identity theft.
Georgia Tech researchers have developed a new security system that continuously monitors how a user taps and swipes a mobile device. If the movements don’t match the owner’s tendencies, the system recognizes the differences and can be programmed to lock the device.
NYIT held its first Global Cybersecurity Conference in Abu Dhabi today, which was inaugurated the U.A.E. Minister of Culture, Youth and Community Development.
NYIT’s conference welcomed cyber defense professionals, information technologists, banking and finance executives, and others across these fields from the U.S., China, the United Arab Emirates and beyond. NYIT has a history of hosting cybersecurity events at its New York City campus. Today’s event was its first cybersecurity conference with a truly worldwide reach.
Iowa State's Suraj Kothari is leading researchers from Iowa State University and Ames, Iowa-based EnSoft Corp. who are developing ways to secure smartphone software for the Defense Department.
Researchers used a novel methodology to gain new neurological insights into how users face security questions and how their personalities might affect their performance.
The paper proposes and tests four two-factor schemes that require servers to store a randomized hash of the passwords and a second device, such as the user’s security token or smartphone, to store a corresponding secret code.
Researchers at Georgia Tech have created a prototype software, Gyrus, that takes extra steps to prevent malware from sending spam emails and instant messages, and blocking unauthorized commands such as money transfers.
The San Diego Supercomputer Center (SDSC) at the University of California, San Diego, is collaborating with Leidos (formerly Science Applications International Corporation) to develop a reference system architecture aimed at increasing security levels of microgrid control and IT systems used to manage electrical microgrids worldwide.
Today’s cyber attacks aren’t just a threat to computer networks. Those with malicious intent can disrupt important infrastructure systems such as utilities. To counter this threat, the Department of Energy has awarded $1.7 million to help detect cyber attacks on our nation’s utility companies.
With full-fledged cyberwar becoming an increasingly likely possibility in the 21st century, one cybersecurity scholar calls on nations to extend the rules of war to cyberconflicts.