Security & privacy

NSF awards $10 million to study cybercrime

09/24/12 International Computer Science Institute — Vern Paxson, EECS professor and researcher at the International Computer Science Institute (ICSI), will help lead cybercrime research funded by a $10-million, five-year grant from the National Science Foundation. Researchers from ICSI, UC San Diego and George Mason University will investigate the roles played by such human factors as social media and market incentives in providing opportunities for attacks and manipulation.

TRUST develops ‘science base’ for cybersecurity

08/23/11 Communications of the ACM — TRUST, a research center funded by the National Science Foundation and based at UC Berkeley, is developing what it calls a cyber-security "science base" -- a principled approach to developing "trustworthy systems" in which security is an integral part and not "bolted on like an afterthought." Shankar Sastry, dean of Berkeley's College of Engineering and TRUST's director and principal investigator, hopes the project will reduce the huge amount of time and resources the computer science community spends on fending off attacks on a piecemeal basis.

The science of cyber security

08/04/11 U.S. News & World Report — Imagine a large cyber-network with its own built-in "immune system" that can recognize and destroy foreign invaders, just like the human body. "We no longer can afford to be reactive in our attitudes about cyber security," says Shankar Sastry, dean of the College of Engineering at UC Berkeley, and principal investigator and director of the Team for Research in Ubiquitous Secure Technology (TRUST), focused on developing cyber security science and technology aimed at radically transforming the ability of organizations to design, build, and operate trustworthy information systems for the nation's critical infrastructure.

Security in a networked world

03/02/11 — Nearly two billion people-more than the population of China-now use the Internet. With its vast capacity for communication and information, the web has become a powerful tool for transformative change: from new financial services and poverty alleviation to political change, as we are seeing in North Africa and the Arabian Peninsula.

A thriller in the midst of EECS

05/05/10 — Picture this: The security of computers worldwide hangs in the balance. Cult-like followers of the Greek philosopher Pythagoras are suspected of a nefarious plot to crack the cryptographic code protecting virtually everyone's digital data. Who ya gonna call? In his debut thriller, Tetraktys, Ari Juels (Ph.D'96 EECS) crafted a stereotype-shattering sleuth to take on the bad guys. His fictional hero: an intrepid young doctoral candidate schooled in the classics and studying computer science at-you guessed it-UC Berkeley's College of Engineering.

Dr. Song’s Cure for Sick Computers

12/15/09 — Malware is tough to defeat. Once a piece of malicious software such as a virus or worm attacks, it might take days or weeks before computer security professionals release a fix or other countermeasure, says EECS associate professor Dawn Song (Ph.D.'02 EECS). But Song -- named one of Technology Review's 2009 Young Innovators Under 35 -- has created what she calls a "game-changing" technology in the security landscape, significantly cutting the amount of time it takes security analysts to address a malware problem.

Can Personal Privacy Coexist with National Security?

03/02/09 — The urgent business of protecting the American people from terrorism and other threats will almost certainly follow a different course under the Obama administration. In particular, the security of electronic information supporting our most critical systems – for instance, financial, medical and civil infrastructure data – is likely to be defined by a stronger effort to reconcile the competing needs of public security, personal privacy and utility.

Big Network is Watching You

02/02/09 — With Enhanced GPS, cell phones will soon be able to pinpoint a user's location down to a specific street address. For users, this new capability will improve directions, mapping and other location-based phone services. Meanwhile, marketers plan to use the data to track consumer preferences and personalize recommendations shown onscreen. While improved recommendations are nice, so is personal privacy, and having some company tracking your every move poses risks, no matter what the information is used for. Engineering professor John Canny is developing a privacy-protection scheme called Ant Club Trails that will let companies personalize your recommendations while preventing them from determining your identity.

Securing Our Cyberspace

09/02/08 — Information technology is pervasive in making our lives so much easier, that is, until we're paralyzed by a virus invading our home computer or crippled by an enterprise-wide system crash. The larger implications are something we don't even want to think about: What would happen to your life as you know it if your personal identity were stolen or, worse, some malicious entity hacked into just one component of our critical infrastructure, like the power grid or the air traffic–control infrastructure?

Debugging Election Codes

03/02/08 — Are voting machines secure? Not according to EECS professor David Wagner. Wagner, a computer security expert, explains that the main problem with current voting machines is that they are built on top of standard, non-secure computer hardware and operating systems. To ensure proper security for something as important as a voting machine, the security must be designed into the system from the ground up. Superficially, voting machines seem like ATMs. But what makes voting machines much more difficult, Wagner explains, is the secret ballot. A trustworthy system must break the link between the voter and votes in a way that cannot be reversed.