MC2 Researchers Benefit from Amazon Award
With projects ranging from understanding emerging cyber-threats to helping users create stronger passwords, eight members of the Maryland Cybersecurity Center (MC2) will share a $50,000 Amazon Web Services (AWS) credit fund to support their research.
The credit gives MC2 researchers and their students access to Amazon’s distributed cloud offerings, where they can utilize resources like large-scale storage and computation capabilities that will scale on demand.
“Several research projects in MC2 already rely crucially on AWS,” says Jonathan Katz, professor of computer science and director of MC2. “This award from Amazon will allow our faculty to tackle even more ambitious projects and accelerate their research.”
Katz, along with MC2 members Tudor Dumitras, Michael Hicks, Dave Levin, Michelle Mazurek, Charalampos “Babis” Papamanthou, Elaine Shi, and Atif Memon, plan to use the Amazon credit fund for five projects.
One project, “Data-Driven Cybersecurity Research,” which involves Katz, Dumitras, Hicks, Levin, and Mazurek, will harness empirical measurements and data-science techniques toward the understanding of emerging cyber-threats. The team will take a data-driven approach and aim to refine security models they develop based on analysis of real-world datasets. Through such empirical studies, they will investigate how security systems fail in the field, and put common assumptions about adversary behavior to the test.
Part of the project also involves large-scale measurements of cybercrime, such as Nigerian scams, social-network and search-engine spam, and botnets. The goal is to develop new techniques for automatically identifying previously unknown cybercrimes, says Katz.
Hicks says the award will also help support MC2’s annual Build It, Break It, Fix It security contest, which was first held in September 2014. The online contest, which Hicks conceived, evaluates student participants’ abilities to develop secure and efficient programs.
“This contest aims to reward not only students who can find vulnerabilities and bugs, but also students who know how to ‘build security in’ to their software, from the start,” he says. “The contest outcomes will support research into how software development often goes wrong, and sometimes goes right, and thus will feed into better educational tools and best practices.”