Carnegie Mellon CyLab

Last updated

The Carnegie Mellon CyLab Security and Privacy Institute is a computer security research center at Carnegie Mellon University. [1] [2] Founded in 2003 as a university-wide research center, it involves more than 50 faculty and 100 graduate students from different departments and schools within the university. [3] It is "one of the largest university-based cyber security research and education centers in the U.S." [4]

Contents

CyLab works with the CERT Coordination Center as well as US-CERT on matters relating to cybersecurity. [5] The institute is often cited for its security and privacy research. [6] [7] [8] [9] [10]

picoCTF

picoCTF is a cybersecurity capture the flag competition hosted by CyLab. Established in 2013, the event is run annually over a period of two weeks and is geared towards high schoolers, billing itself as the largest high school cybersecurity event in the United States; the inaugural edition had 6,000 participants and 39,000 people competed in 2019. [11] The challenges, which are modeled around real-life cybersecurity problems, are themed around a different storyline each year. [12] The program aims to get high schoolers interested in computer security, offering cash prizes. [13]

CyLab website


Related Research Articles

<span class="mw-page-title-main">Software Engineering Institute</span> Federally funded research center in Pittsburgh, Pennsylvania, United States

Software Engineering Institute (SEI) is a federally funded research and development center in Pittsburgh, Pennsylvania, United States. Founded in 1984, the institute is now sponsored by the United States Department of Defense and the Office of the Under Secretary of Defense for Research and Engineering, and administrated by Carnegie Mellon University. The activities of the institute cover cybersecurity, software assurance, software engineering and acquisition, and component capabilities critical to the United States Department of Defense.

Brian Krebs is an American journalist and investigative reporter. He is best known for his coverage of profit-seeking cybercriminals. Krebs is the author of a daily blog, KrebsOnSecurity.com, covering computer security and cybercrime. From 1995 to 2009, Krebs was a reporter for The Washington Post and covered tech policy, privacy and computer security as well as authoring the Security Fix blog.

<span class="mw-page-title-main">CERT Coordination Center</span>

The CERT Coordination Center (CERT/CC) is the coordination center of the computer emergency response team (CERT) for the Software Engineering Institute (SEI), a non-profit United States federally funded research and development center. The CERT/CC researches software bugs that impact software and internet security, publishes research and information on its findings, and works with businesses and the government to improve the security of software and the internet as a whole.

The economics of information security addresses the economic aspects of privacy and computer security. Economics of information security includes models of the strictly rational “homo economicus” as well as behavioral economics. Economics of security addresses individual and organizational decisions and behaviors with respect to security and privacy as market decisions.

The Qatar Computer Emergency Response Team was created in December 2006 by CERT/CC and ictQATAR. It is Qatar's coordination center in dealing with internet security problems.

MySecureCyberspace began in 2003 as an initiative by Carnegie Mellon CyLab and the Information Networking Institute to educate the public about computer security, network security and Internet safety. Inspired by the National Strategy to Secure Cyberspace, the initiative empowers users to secure their part of cyberspace.

<span class="mw-page-title-main">Howard Schmidt</span> American computer security expert

Howard Anthony Schmidt was a partner with Tom Ridge in Ridge Schmidt Cyber LLC, a consultancy company in the field of cybersecurity. He was the Cyber-Security Coordinator of the Obama Administration, operating in the Executive Office of the President of the United States. He announced his retirement from that position on May 17, 2012, effective at the end of the month.

<span class="mw-page-title-main">Lorrie Cranor</span> American academic

Lorrie Faith Cranor, D.Sc. is the FORE Systems Professor of Computer Science and Engineering and Public Policy at Carnegie Mellon University and is the director of the Carnegie Mellon Usable Privacy and Security Laboratory. She has served as Chief Technologist of the Federal Trade Commission, and she was formerly a member of the Electronic Frontier Foundation Board of Directors. Previously she was a researcher at AT&T Labs-Research and taught in the Stern School of Business at New York University. She has authored over 110 research papers on online privacy, phishing and semantic attacks, spam, electronic voting, anonymous publishing, usable access control, and other topics.

The Information Networking Institute (INI) was established by Carnegie Mellon in 1989 as the nation's first research and education center devoted to information networking.

The EINSTEIN System is an network intrusion detection and prevention system that monitors the networks of US federal government departments and agencies. The system is developed and managed by the Cybersecurity and Infrastructure Security Agency in the United States Department of Homeland Security (DHS).

Trellix is a privately held cybersecurity company that was founded in 2022. It has been involved in the detection and prevention of major cybersecurity attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks.

An insider threat is a perceived threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems.

The following outline is provided as an overview of and topical guide to computer security:

The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC), also known as the New Jersey Office of Homeland Security and Preparedness' (NJOHSP) Division of Cybersecurity, is the first American state-level information sharing and analysis organization in the United States that exchanges cyber threat intelligence and conducts incident response for governments, businesses, and citizens in New Jersey. Located at NJ’s Regional Operations and Intelligence Center (ROIC), and acting in a cyber fusion center capacity the NJCCIC is composed of staff from NJOHSP, the NJ Office of Information Technology, and the NJ State Police. The NJCCIC's nomenclature is derived from its federal counterpart, the National Cybersecurity and Communications Integration Center, which encompasses the U.S. Department of Homeland Security's Computer Emergency Readiness Team (US-CERT).

<span class="mw-page-title-main">Katie Moussouris</span> American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure

Katie Moussouris is an American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure, and is best known for her ongoing work advocating responsible security research. Previously a member of @stake, she created the bug bounty program at Microsoft and was directly involved in creating the U.S. Department of Defense's first bug bounty program for hackers. She previously served as Chief Policy Officer at HackerOne, a vulnerability disclosure company based in San Francisco, California, and currently is the founder and CEO of Luta Security.

<span class="mw-page-title-main">PACTF</span> Computer security competition

PACTF was an annual web-based computer security Capture the Flag (CTF) competition for middle and high school students. It was founded by a group of students at Phillips Academy in Andover, Massachusetts. The competition's sponsors include the Abbot Academy Association at Phillips Academy; the Information Networking Institute and CyLab at Carnegie Mellon University; the Hariri Institute for Computing, Massachusetts Open Cloud (MOC) project, and Modular Approach to Cloud Security (MACS) project at Boston University; and other entities.

<span class="mw-page-title-main">Gregory Touhill</span> American general

Brigadier GeneralGregory (Greg) J. Touhill is Director of the world renowned Carnegie Mellon University Software Engineering Institute’s CERT Division. Previously, he was the president of AppGate Federal Group . He was previously appointed by President Barack Obama as the first Federal Chief Information Security Officer of the United States, stepping down in January, 2017. He was previously the Deputy Assistant Secretary, Office of Cybersecurity and Communications, National Programs and Protection Directorate, Department of Homeland Security. While at DHS he concurrently served as Director of the National Cybersecurity and Communications Integration Center (NCCIC) during 2014–2015.

Andrea M. Matwyshyn is an American law professor and engineering professor at The Pennsylvania State University. She is known as a scholar of technology policy, particularly as an expert at the intersection of law and computer security and for her work with government. She is credited with originating the legal and policy concept of the Internet of Bodies.

Robert K. Cunningham is an American computer scientist and engineer. In 2021 he became Vice Chancellor for Research Infrastructure at the University of Pittsburgh. He is a fellow of the Institute of Electrical and Electronics Engineers.

<span class="mw-page-title-main">Capture the flag (cybersecurity)</span> Computer security exercise

Capture the Flag (CTF) in computer security is an exercise in which participants attempt to find text strings, called "flags", which are secretly hidden in purposefully-vulnerable programs or websites. They can be used for both competitive or educational purposes. In two main variations of CTFs, participants either steal flags from other participants or from organizers. A mixed competition combines these two styles. Competitions can include hiding flags in hardware devices, they can be both online or in-person, and can be advanced or entry-level. The game is inspired by the traditional outdoor sport of the same name.

References

  1. "Cylab at Carnegie Mellon University". US-CERT, U.S. Department of Homeland Security. Archived from the original on August 21, 2016. Retrieved August 5, 2016.
  2. Lindquist, Christopher (15 January 2004). "Security Supergroup: Carnegie Mellon's CyLab combines experts into an information security powerhouse". CIO: The Resource for Information Executives. CXO Media, Inc. Retrieved August 5, 2016.
  3. "CyLab - Cybersecurity Capacity Portal". The University of Oxford. Archived from the original on September 18, 2016. Retrieved August 5, 2016.
  4. "About CyLab". Carnegie Mellon Cylab. Retrieved August 5, 2016.
  5. "Carnegie Mellon CyLab Overview". Carnegie Mellon University College of Engineering. Archived from the original on August 31, 2016. Retrieved August 5, 2016.
  6. Chirgwin, Richard (May 24, 2016). "Want a better password? Pretend you eat kale. We won't tell anyone". The Register. Retrieved August 5, 2016.
  7. Weisman, Steve (September 12, 2015). "Is your child already a victim of identity theft?". USA Today. Retrieved August 5, 2016.
  8. "McAfee and Carnegie Mellon Report Finds Serious Disconnect Between Businesses and Mobile Users". McAfee, Intel Security. May 24, 2011. Retrieved August 5, 2016.
  9. Hill, Kashmir (December 17, 2015). "The university that broke the Dark Web is still running Tor nodes—but it's not what it appears". Fusion. Archived from the original on August 23, 2016. Retrieved August 5, 2016.
  10. "New Research Reveals Cyber Risk Still Not Getting Adequate Attention from Boards and Senior Executives". EMC Corporation. February 27, 2012. Retrieved August 5, 2016.
  11. Doughty, Nate (March 15, 2022). "Carnegie Mellon University's high school cybersecurity hacking competition picoCTF begins". PIttsburgh Inno. American City Business Journals . Retrieved March 16, 2022.
  12. "Carnegie Mellon University to launch picoCTF cybersecurity event next week". Security. March 12, 2021. Retrieved March 16, 2022.
  13. Sostek, Anya (April 9, 2017). "Wanted: hackers. Reward: the best may get a spot at CMU". Pittsburgh Post-Gazette . Retrieved March 16, 2022.


Flag of Pennsylvania.svg

This Pennsylvania-related article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.