Cybersecurity research center works to keep our data safe
NSA, Homeland Security endorse 黑料视频's Center for Information Assurance and Cybersecurity
Nearly 30 years after the internet opened to the public, more and more of our data are online.
Financial records. Healthcare info. Social media. Personal photos and videos stored in the cloud.
The latest smart fridges text us when we鈥檙e low on milk, high-end cars email when they need servicing and home thermostats can be adjusted from anywhere on the planet.
We鈥檙e quickly approaching a Jetsons world of future wonders 鈥 but all those connections only make us more vulnerable to hackers. That鈥檚 where cybersecurity experts come in.
For years, researchers at 黑料视频 have developed ways to make our internet experience safer. Those efforts became better coordinated in 2019 with the establishment of the Center for Information Assurance and Cybersecurity (CIAC), an organized research center directed by Associate Professor Ping Yang from Watson College鈥檚 Department of Computer Science. Yang arrived at Binghamton in 2006, after earning her doctorate at Stony Brook University, and she taught Watson鈥檚 first graduate cybersecurity course.
鈥淏efore 2019, we already had a strong cybersecurity research and education program, but there was not much collaboration among researchers,鈥 she says. 鈥淚ndividual cybersecurity faculty members had limited exposure to the research that was outside of their expertise. So we submitted a proposal to the ORC [organized research center] program in 2019 to establish CIAC to facilitate interdisciplinary collaboration among cybersecurity researchers.鈥
Because cybersecurity touches so many areas, CIAC includes 25 faculty members from nearly every corner of campus: Watson College (of course), but also Harpur College, the School of Management, Decker College, and the College of Community and Public Affairs. Their research areas range from programming and computer engineering to security policy, education technology, mathematics and psychology.
MULTIPLE VULNERABILITIES
When most of us think about hacking, we see it as a software problem 鈥 and, worryingly, cybersecurity breaches in the past decade have exposed weaknesses in the fundamental building blocks of computer coding.
鈥淓ven at the level of computer architecture, people assumed that standard out-of-order execution designs are safe and nobody questioned their security implications,鈥 says Dmitry Ponomarev, a computer science professor and CIAC associate director. 鈥淩ecently, it was discovered that these architectures can cause significant security threats and leak sensitive information. As a result, now we have to rethink the entire processor architecture design with security in mind, and that shakes the foundation of what we鈥檝e been doing for 40 years.鈥
As an associate professor in the Electrical and Computer Engineering Department and a CIAC associate director, Yu Chen looks at problems from a more hardware-related, network infrastructure-oriented point of view, such as how to make processors, memory chips and communication facilities more impervious to meddling.
鈥淐ybersecurity has to cover both the application level and the infrastructure level,鈥 Chen says. 鈥淎ll the programs need to run on hardware platforms, so if the infrastructure is not secure, then your apps will be more likely to be taken down by hackers. With the research center, we look from the root to the hardware and software levels systematically. We have a cross-disciplinary effort together to address all the aspects of the cyber systems.鈥
Even a package of the best hardware and software cannot protect against the human factor, however. People make mistakes that lead to vulnerabilities, such as having passwords that are too easy to guess, or they deliberately leak information that can give hackers an entry point they can exploit. Dealing with those issues is also part of CIAC鈥檚 mandate.
鈥淓ven if you put in a security infrastructure that is very robust like barbed-wire fences, you just need a single place where there鈥檚 a weakness and that will be exploited,鈥 says Sumantra Sarkar, an associate professor in the School of Management and a CIAC associate director.
鈥淗uman beings, as the users of computers, are the weakest link in the chain. It鈥檚 necessary that we focus on the engineering side and the human side.鈥
THE FUTURE
Last year, the National Security Agency and the Department of Homeland Security named Binghamton a National Center of Academic Excellence in Cyber Research, thanks largely to the collaborations that CIAC has inspired. The designation puts the University among an elite group of research institutions and opens doors for larger grant funding.
That鈥檚 not just good news for Binghamton, but for all of us. Cyberattacks will only become more frequent and sophisticated, and there is a shortage of trained security professionals prepared for what is ahead.
Yang compared cybersecurity to an arms race: 鈥淏oth the hackers and the researchers will get smarter. Recently, we鈥檙e seeing an increase in malicious software attacks on companies, universities, healthcare systems and more. We also see many pandemic-related phishing scams, denial-of-service attacks and attacks on the Internet of Things. We need mechanisms to counter those attacks.鈥