Researchers at the New York University Tandon School of Engineering and the University of Illinois at Chicago (UIC) have published the first large-scale study of a low-tech, high-harm form of online harassment known as doxing. … “This study adds significantly to our understanding of this deeply damaging form of online abuse,” said Damon McCoy, an...
Author: Emerald Knox (Emerald Knox)
Post
U.S.-Led Cybersecurity Contest Gets More Global
The next generation of cybersecurity experts is vying for top honors at an annual global contest created by New York University [Tandon School of Engineering]. Ben-Gurion University of the Negev in Israel and the Grenoble Institute of Technology in France are the latest to join in the world’s biggest student-run cybersecurity event, called Cyber Security...
Post
Optimal Checkpointing for Secure Intermittently-Powered IoT Devices
Zahra Ghodsi, Siddharth Garg and Ramesh Karri Energy harvesting is a promising solution to power Internet of Things (IoT) devices. Due to the intermittent nature of these energy sources, one cannot guarantee forward progress of program execution. Prior work has advocated for checkpointing the intermediate state to off-chip non-volatile memory (NVM). Encrypting checkpoints addresses the security concern, but...
Post
Detecting Structurally Anomalous Logins Within Enterprise Networks
Hossein Siadati and Nasir Memon Many network intrusion detection systems use byte sequences to detect lateral movements that exploit remote vulnerabilities. Attackers bypass such detection by stealing valid credentials and using them to transmit from one computer to another without creating abnormal network traffic. We call this method Credential-based Lateral Movement. To detect this type...
Post
Boolean Circuit Camouflage: Cryptographic Models, Limitations, Provable Results and a Random Oracle Realization
Giovanni Di Crescenzo, Jeyavijayan Rajendran, Ramesh Karri and Nasir Memon Recent hardware advances, called gate camouflaging, have opened the possibility of protecting integrated circuits against reverse-engineering attacks. In this paper, we investigate the possibility of provably boosting the capability of physical camouflaging of a single Boolean gate into physical camouflaging of a larger Boolean circuit....
Post
Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing
Peter Snyder, Periwinkle Doerfler, Chris Kanich and Damon McCoy. Doxing is online abuse where a malicious party attempts to harm another by releasing identifying or sensitive information. Motivations for doxing include personal, competitive, and political reasons, and web users of all ages, genders and internet experience have been targeted. Existing research on doxing is primarily qualitative....
Post
All About Bugs (of the Animal and Computer Varieties) (Podcast)
Musical crickets, crop-saving wasps — and why you should pre-bug your software. Professor Brendan Dolan-Gavitt explains to Stephen Dubner, noted author and host of the NPR program Freakonomics why he puts bugs in programs to make them more secure. [interview at 12:10]
Post
Tracking Hackers with NLP and Machine Learning
…Cybercrime researchers and law enforcement need to broadly understand the scale and scope of the activity on these underground markets, but it takes a long time for human analysts to peruse entire forums. To expedite this process, a multi-university team of researchers including Damon McCoy, Assistant Professor of Computer Science and Engineering at NYU [Tandon...
Post
It's Time to Address Cybersecurity Education, Say Policymakers
… Many institutions have already ramped up their cybersecurity education frameworks, such as NYU Tandon School of Engineering’s Center for Cybersecurity, which began offering classes in the subject in 1999. Founder and professor, Nasir Memon, told Education Dive that the program provides the necessary hands-on approach to get students the training and expertise needed to...
Post
Provably-Secure Logic Locking: From Theory To Practice
Muhammad Yasin, Abhrajit Sengupta, Mohammed Thari Nabeel, Mohammed Ashraf, Jeyavijayan (JV) Rajendran and Ozgur Sinanoglu Logic locking has been conceived as a promising proactive defense strategy against intellectual property (IP) piracy, counterfeiting, hardware Trojans, reverse engineering, and overbuilding attacks. Yet, various attacks that use a working chip as an oracle have been launched on logic...