Center for Cybersecurity and Trusted Foundations
Capabilities
- Binary exploitation
- Reverse engineering
- Machine learning
- Web/mobile security
- Dark web market behaviors
- Competitive hacking
- Workforce development
- Cyber education
Featured projects
- Research Collaboration with PayPal Aims to Improve Online Consumer Security
- Department of Defense Research in Cybersecurity
Research Collaboration with PayPal Aims to Improve Online Consumer Security
The Center for Cybersecurity and Trusted Foundations, alongside PayPal, leads pioneering research that significantly improves the consumer security ecosystem. These efforts have identified critical vulnerabilities in anti-phishing tools and worked with additional companies, such as Google, Microsoft and Mozilla, to address the problems they found, improving the safety of online payments. This research continues to explore security properties of 2.1M apps on the Google Play store. Additionally, this collaboration explored the full life-cycle of phishing attacks. From the launch of a phishing campaign, to an account being compromised, researchers tracked nearly 4.8 million victims over a one year period. This groundbreaking research captured valuable data about the success rates of phishing, and helped develop a framework for measuring victim traffic and protecting accounts. Recognizing the impact of these findings, this research was awarded second place in Facebook’s Internet Defense Prize Competition and was granted the “Distinguished Paper Award” at the 26th USENIX Security Symposium.
Department of Defense Research in Cybersecurity
CDF researchers are developing the next generation of cyber reasoning systems that can automatically find vulnerabilities, synthesize exploits, and create patches of real-world software. With multiple contracts from the Defense Advanced Research Projects Agency, CDF is developing systems to effectively and quickly address cybersecurity risks by integrating human knowledge with automated cyber reasoning systems. The Center was recently awarded a four-year contract to contribute research and development efforts to the Assured Micropatching (AMP) program. The goal of AMP is to develop a system that can rapidly repair mission-critical software in a targeted manner while minimizing potential side effects without original source code. CDF researchers are developing new automated methods for “understanding” the machine-readable form of software, reversing the translation process, and generating human-readable source code. They can then repair small segments of code, retranslate the repaired segments, and integrate them back into the deployed software. This will allow the address of security issues in deployed mission-critical software in a timely, cost-effective, and scalable manner.