Categories
News

Morgan State featured on NSA website

If you’re in the market for a new car, you’ve probably noticed two things recently. The first being that almost all new cars today have electronic components for even the most basic of functionalities. The second being that because cars have these functionalities that require semiconductors (small chips “that manage functions like data storage, graphic rendering, and power consumption in electrical devices”), the recent semiconductor shortage is keeping many new cars on the lots.

If you end up buying that new car (or a relatively new, used car), you will be buying both a transportation and data collection system. “The data collected and recorded is quite broad and includes vehicle speed, passenger count, GPS routes, images from backup cameras, and [personally identifiable information] from connected cell phones. This information stays locally on the vehicle forever and in most cases is uploaded to the [original equipment manufacturer]. Those systems also control critical safety items like brakes. If left unprotected both privacy and lives could be at risk,” says Brian Knighton from the National Security Agency.

That’s where Morgan State comes in. Morgan State University Professor and SPLICE PI, Kevin Kornegay, and his team at the Cybersecurity Assurance and Policy (CAP) Center are working with the NSA’s reverse-engineering tool, Ghidra, to mitigate privacy, cybersecurity, malware, and geolocation vulnerabilities. Their work ensures that the electronic systems are supported and protected throughout the lifetime of the vehicle. Follow the links to learn more about the CAP Center and to read about their partnership with the NSA.

Dr. Kevin Kornegay (front) and Aaron Edmond review Ghidra firmware analysis. (Photo courtesy of Morgan State University)

Categories
News

Kotz named Dartmouth interim provost

Dartmouth College recently announced that David Kotz, SPLICE PI, will be interim provost starting July 1st. Along with leading the SPLICE project, Kotz will support and advance the teaching and scholarship of Dartmouth faculties and schools, as well as student-related programs.

Kotz previously held the position of interim provost in 2017-2018 and has served as executive director of Dartmouth’s Institute for Security, Technology, and Society and as core director of Dartmouth’s Center for Technology and Behavioral Health. We look forward to Kotz’s continued contributions in his academic pursuits and as a leader of Dartmouth College.

To read more, check out the Dartmouth News’ piece here. Join us in congratulating Professor Kotz!

Categories
News Publication

Landau’s book on contact-tracing apps published

The term “contact tracing” has recently grown in public prominence. Articles, news reports, and Google searches surrounding the phrase have sky-rocketed since the start of the pandemic. As Susan Landau explains in her recently published book People Count: Contact-Tracing Apps and Public Health, “Ending a plague requires more than medication; we need to stop spread.” And for that, contact tracing—test patients, trace their contacts, and have them isolate—is key. But how do you do so with a disease that spreads as quickly as Covid-19 does, with people contagious before they are even aware they are ill?

The pervasiveness of smart phones has led to the deployment of mobile applications designed to aid in the contact-tracing process. In her book, Landau explains how the technologies work, how they can be designed to protect privacy, and what the complex interplay between technology, social needs, and medicine looks like. Landau highlights the need for technical solutions to be created with the guidance of social scientists and public health experts. 

To get a copy of Landau’s book, check out the MIT Press’s website. To learn about Landau’s work at the intersection of technology and society with regards to the SPLICE project, check out the rest of this website.

Susan Landau: SPLICE PI at Tufts University and author of People Count: Contact-Tracing Apps and Public Health

Categories
News Video

Kotz speaks at Science Cafe

If you’ve ever wanted to learn more about your digital privacy and online security and didn’t know who to ask, this Science Cafe NH episode is the one to watch.

In a one-hour long webinar, questions run the gamut of topics, from “Is 1password a good service to use?” to “What should you do if you’re hacked?” and “What are the real risks of sharing family photos and information on Facebook?” Panelists Professor Kotz, Dr. Nora Draper, and Azeddine Jakib give you their straightforward answers to help keep yourself, your families, communities, and broader networks safer.

What’s one way you’ve integrated security and privacy practices in your technological habits to protect yourself and others?

The panelists and moderator for the March 2021 Science Cafe NH

Categories
News

SPLICE PI David Kotz Named ACM Fellow

Professor Kotz was recently named one of 95 new ACM Fellows. This prestigious award recognizes the top 1% of ACM Members for their outstanding accomplishments in computing and information technology and/or outstanding service to ACM and the larger computing community. Kotz is recognized “for contributions to the security, privacy, and usability of mobile systems.”

To learn more, check out the ACM website here, or check out Dartmouth’s article here.

Congratulations, Professor Kotz!

photo
Categories
News Video

Privacy Implications for the Internet of Things

SPLICE in collaboration with Dartmouth’s Institute for Security, Technology, and Society (ISTS) recently hosted a panel discussion amongst security and privacy leaders currently at the forefront of cybersecurity industry and research. 

Panelists discussed some of the most pressing privacy challenges related to the “Internet of Things” (IoT) devices, such as smart phones, smart watches, and other smart devices. 

If you’ve ever wondered “Is my TV spying on me?,” or whether that firmware update really is safe to download, or you are interested in learning more about federated learning models vs the “Hoover” approach with respect to IoT devices, you can watch the recording of the panel at the bottom of this post.

Our panelists were April Doss, JD (Chair of Cybersecurity and Privacy Practice at Saul Ewing Arnstein & Lehr  LLP); Hamed Haddadi, PhD (Professor in Human-Centered Systems at Imperial College London); Susan Landau, PhD (Bridge Professor in Cyber Security and Policy at Tufts University); and Avi Rubin, PhD (Technical Director of the Johns Hopkins University Information Security Institute). David Kotz, PhD (Professor of Computer Science at Dartmouth and SPLICE Principal Investigator) was the moderator.

Clockwise from top left:
David Kotz; Avi Rubin; Susan Landau; V.S. Subrahmanian, PhD (Director of Institute for Security, Technology, and Society); April Doss; Hamed Haddadi

Categories
News Video

David Kotz speaks on Smart Devices

Did you receive a smart device this holiday season, and leave it sitting in the box because you don’t know how to set it up? Or were you one of those savvy shoppers who bought a smart device on clearance after the holiday rush and already have the perfect place to put it in your home?

Either way, SPLICE PI David Kotz has some advice for keeping your information secure and private when using smart devices. Check it what he has to say in the video!

Categories
News Patents Publication

New SPLICE Patent

The SPLICE team is pleased to announce one new patent derived from research conducted by SPLICE Principal Investigator Kevin Kornegay and Professor Willie Thompson, both from Morgan State University. The patent describes a data traffic module supporting the attestation and secure boot operations of IoT devices and legacy computing devices, and providing tamper resistance to such devices. 

Kevin Kornegay and Willie Lee Thompson II. Decentralized Root-of-Trust Framework for Heterogeneous Networks, November 2020. Morgan State University; USPTO. Download from https://patents.google.com/patent/US20180196945A1/en

Categories
News

Announcing SPLICE

This fall, our team will begin a five-year research effort to increase the security and privacy of high-tech products used in smart homes. The project—Security and Privacy in the Lifecycle of IoT for Consumer Environments (SPLICE)—comes as households expand their reliance on smart products ranging from refrigerators to baby monitors. These devices can share information with each other as well as communicate with services across the Internet.

SPLICE includes ten faculty from Dartmouth College, the University of Illinois at Urbana-Champaign, Johns Hopkins University, the University of Maryland, the University of Michigan, Morgan State University, and Tufts University.

group photo (August 2019)
Left to right: Avi Rubin, Carl Gunter, Adam Bates, Denise Anthony, David Kotz, Kevin Kornegay, Susan Landau, Michelle Mazurek, Michel Kornegay, Tim Pierson

“The technology in the average home today is radically different from even a decade ago and is likely to change even more rapidly in the coming years,” said David Kotz, a professor of computer science at Dartmouth and the lead principal investigator for the project. “Home is a place where people need to feel safe from prying eyes. SPLICE will address the challenges required for the vision of smart homes to be realized safely and successfully.”

The shift toward smart devices and systems in residences—such as houses, apartments, hotels, and assisted-living facilities—offers benefits that include increased energy efficiency and personalized services. Through faulty configuration or poor design, however, these items can also create unsafe conditions and increase risk of harm to people and property.

Since many homes are complex environments in which residents, landlords, and guests have different privacy needs, researchers will consider the interests of all property owners and users.

The five-year SPLICE effort is funded by a $10 million award from the National Science Foundation (NSF) Secure and Trustworthy Cyberspace Frontiers (SaTC Frontiers) program. “Cybersecurity is one of the most significant economic and national security challenges facing our nation today,” said Nina Amla, lead program director of the NSF SaTC program. “NSF’s investments in foundational research will transform our capacity to secure personal privacy, financial assets, and national interests.”

See press releases from: NSFDartmouthIllinoisJHUMarylandMorgan StateMichiganTufts. Group press release is available in pdf:

SPLICE will begin on October 1, 2020.  Follow SPLICE news by subscribing below.