Research Specializations

Cybercrime: Research initiatives have addressed strategies for mapping and disrupting cybercrime networks, and legal and policy interventions that can deter criminal networks from raising, storing, moving, and using funds.

Cyber Governance: When it comes to cybersecurity, who is responsible for developing and enforcing policies to adequately address current and future risk? Our work on cyber governance aims to identify the appropriate roles and obligations of various stakeholders—including private companies and government agencies. This includes issues of technical capacity, the regulatory environment, and  commercial incentives. 

Cyber Strategy: As cybersecurity is still a young discipline, many of the strategic frameworks that will define it are still in formation. CCS research is working to sharpen the boundaries between cybersecurity and intelligence authorities, the ways in which cyber capabilities are integrated into larger strategic structures, and the development of international laws and norms.

Security of Cyberphysical Systems  Cyberphysical systems are mechanical systems that are monitored and controlled by computers.  Attacks aimed at cyberphysical systems can have catastrophic effects on electric power generation and delivery, traffic flow management, public health, national economic security, and more. Our work focuses on enhancing the security of these systems. 

Software and System Security: Securing systems and the software that powers them requires a multitude of approaches. Current research initiatives at CCS address virtualization security, memory forensics, embedded systems, data compression, security and human behavior, and the delivery of secure updates to repositories, automobiles, and other smart devices. A common thread among all these initiatives is that they are based on deployments in real world systems. In addition, CCS projects have empirically measured the security and privacy of technology systems and their intersections with society. These latter initiatives address security and privacy issues with great societal impact, such as censorship, online harassment, and the protection of vehicular systems.

Digital Forensics: As our society has been transformed into a “digital world,” where most information is created, captured, transmitted, stored, and processed in digital form, it has also spawned a new way  to preserve, collect, validate, identify, analyze, interpret, document, and present digital evidence. In addition to fostering the development of these emerging technologies, there may also be a need to set parameters for their use, both legally and ethically. 

Privacy: New technologies are making it easier for governments, corporations, and individuals to learn the details of our online activities. Internet companies—such as Google, Facebook and ISPs—collect our information, while an expanding surveillance apparatus and outdated privacy laws allow for unprecedented government monitoring of everyday citizens. CCS initiatives investigate how data mining can be used to infringe on our privacy, and how systems and laws can be redesigned to limit these intrusions. Our work is data driven and measurement based, and exposes privacy leakages in popular services. We have also been studying major privacy laws—such as the Children’s Online Privacy Protection Act and the Right to be Forgotten—and the degree to which they can lead to unintended consequences.

Supply Chain Security In the computer science field, security has generally been piecemeal in nature, rather than a holistic operation that can guarantee the security of a project from end to end. Two different CCS initiatives are now tackling the need to secure the supply chain when creating hardware and/or software.

• Research Spotlight:  (Note: This will be a link to feature articles on different faculty research initiatives. I have not linked anything here because I need to check with Emerald if we can pull out individual articles from the newsletter for this purpose. Maybe for now the text could just say the first sentence above as a placeholder)

• Student Research Initiatives: Students at all degree levels are given opportunities to engage in hands-on research initiatives in a number of ways. 

• • • CSAW (https://csaw.engineering.nyu.edu/) is the largest student-run cyber security event in the world, featuring international competitions, workshops, and industry events, as well as the opportunity to submit and present research findings  to faculty and industry representatives. 
    • The OSIRIS Lab (https://www.osiris.cyber.nyu.edu/) gives undergraduate and graduate students the opportunity to learn the techniques used by both attackers and defenders in the cyber world.  By analyzing real-world actors, conducting hands-on experiments, and developing projects in the lab, students are given a practical complement to classroom learning on security strategies. 
    • Lastly, individual CCS faculty provide research internships over the summer and during the school year for high school and undergraduate students. These are generally arranged by contacting faculty members directly.