Public Release: 

Security briefing: These 7 NJIT research initiatives take a bite out of cybercrime

New Jersey Institute of Technology

NJIT, home to the largest computer science program among all research universities in the New York metropolitan area, continues to build a critical mass and increase its visibility as a top university for future leaders and research in the field of cybersecurity.

"On the educational front, we offer two MS programs that help train a workforce skilled in identifying and addressing a wide range of cybersecurity issues," said Reza Curtmola, co-director of NJIT's Cybersecurity Research Center and associate professor of computer science at Ying Wu College of Computing (YWCC), which houses New Jersey's Homeland Security Technology Systems and was designated a Center of Academic Excellence in Cyber Defense Education by the National Security Agency and Department of Homeland Security through 2020.

"On the research front," he continued, "our faculty lead cutting-edge projects that prevent criminals from tampering with the software development and distribution process, and enable a rich set of security guarantees for data owners who entrust their data and computation to cloud service providers."

All told, there are numerous projects underway on the NJIT campus that focus on, or have a significant component of, cybersecurity.

Here's a quick peek at 7 NJIT research initiatives that take a bite out of cybercrime:

1. DEFENDING SOFTWARE SUPPLY CHAINS AGAINST HACKERS

Curtmola spearheaded the creation of the YWCC MS degree program in cybersecurity. He is developing in-toto, a system that promises to safeguard software for developers and end users. By raising the bar for attackers, in-toto will provide organizations with insight into the software development and distribution chain, and determine if proper software development practices have been followed.

2. DEVISING APPLIED SOFTWARE SECURITY TECHNIQUES

As director of the NJIT Cybersecurity Research Center, Associate Professor Kurt Rohloff leads a team of experts developing encrypted computing technologies to address our current inability to protect software from being reverse engineered and re-used without permission. Bridging the gap between theory and practice, the PALISADE and OPERA projects are part of a Defense Advanced Research Projects Agency-funded R&D effort to produce effective program obfuscation techniques that will better protect our nation's investments in innovative software.

3. SAFEGUARDING CLASSIFIED INFORMATION

The leaking of classified information by Edward Snowden revealed the existence of previously unknown large-scale surveillance. Assistant Professor Qiang Tang is designing new cryptographic techniques that will protect classified communication and information in the presence of malicious software and hardware.

4. DEBUGGING COMPUTER PROGRAMS

Professor Ali Mili explores the concept of relative correctness, using a static analysis approach to test and debug computer programs. His work also investigates the introduction and analysis of similar properties for cybersecurity practices.

5. COMBATING DATA LEAKS

RAMPARTS, PARAPET and REVET are a trio of projects led by Rohloff that develop and apply software engineering tools for a new family of encryption technologies. These projects will result in a general open-source software library allowing organizations to outsource computation to cloud computing environments, without risking privacy and leaking sensitive information to potential adversaries.

6. BOLSTERING THE INTEGRITY OF REMOTELY-STORED DATA

Funded by a National Science Foundation CAREER grant, Curtmola is establishing a practical remote data checking (RDC) framework to provide long-term integrity and reliability for remotely stored data. Additionally, the project seeks to develop new functionality for RDC that overcomes limitations of early protocols and improves the usability and deployment of RDC on existing cloud storage infrastructures. If successful, the mechanism will minimize the combined security costs of all data management phases, increase the transparency of cloud storage platforms and improve the security dimension of storage outsourcing, enabling wider adoption of cloud storage technologies and giving owners better control over their data.

7. PROTECTING ARMY NETWORKS AND SECURING SMARTPHONES

Associate Professor Iulian Neamtiu is part of the 10-year Cybersecurity Collaborative Research Alliance, a joint effort between the Army Research Laboratory, Applied Communication Services and six universities. With a focus on Moving Target Defense, deception, and assessing user and software risk, Neamtiu aims to advance the foundations of cybersecurity in the context of military networks. Neamtiu's group has also developed a variety of techniques for improving Android's reliability and security. Released as open-source tools, his innovative approach to static and dynamic analyses helps users, developers and researchers reproduce and debug executions, find lost data and assess app risk.

###

About NJIT

One of the nation's leading public technological universities, New Jersey Institute of Technology (NJIT) is a top-tier research university that prepares students to become leaders in the technology-dependent economy of the 21st century. NJIT's multidisciplinary curriculum and computing-intensive approach to education provide technological proficiency, business acumen and leadership skills. With an enrollment of 11,400 graduate and undergraduate students, NJIT offers small-campus intimacy with the resources of a major public research university. NJIT is a global leader in such fields as solar research, nanotechnology, resilient design, tissue engineering, and cybersecurity, in addition to others. NJIT is among the top U.S. polytechnic public universities in research expenditures, exceeding $130 million, and is among the top 1 percent of public colleges and universities in return on educational investment, according to PayScale.com. NJIT has a $1.74 billion annual economic impact on the State of New Jersey.

Disclaimer: AAAS and EurekAlert! are not responsible for the accuracy of news releases posted to EurekAlert! by contributing institutions or for the use of any information through the EurekAlert system.