Science of Security Virtual Institutes

The Science of Security (SoS) initiative has announced its newest iteration of collaborative academic research, the SoS Virtual Institutes (VIs). The goal of the SoS program is to foster a self-sustaining, open, and public security science research community to discover key cyber principles necessary to support improved security and privacy. The SoS program started in 2008 and began actively engaging the academic community in 2011 with the creation of the Lablet program. In addition to the Lablets, and now the VIs, the SoS initiative sponsors the Hot Topics in the Science of Security (HotSoS) Symposium and the Annual Best Scientific Cybersecurity Paper Competition.

There are three VI research areas and a total of eleven projects, each with a Principal Investigator (PI) and a government research liaison. The institutes are structured so that projects can be added or retired as the respective field advances. The VI model helps foster collaboration within and across topic areas between the academic institutions who are completing the projects and the assigned research liaisons. The VI members are expected to cooperate with members of their own VI as well as the others to help increase and accelerate the overall scientific return of the SoS program. The PIs will be seeking to identify how the research into these areas can benefit national security. The role of the research liaison is to foster a collaborative relationship between the PI and the government sponsor so that the project research can be integrated into related government research programs. The research generated by the VIs will be disseminated via professional publications, workshops, conferences, and other methods. 

VI for Trusted Systems

The research projects of Trusted Systems Virtual Institute further the foundations and applications of trust and trustworthiness of devices and systems. The challenge of trust is examined at each stage of the development life cycle: design, development, use and retirement. Integral to advancing trust are research projects which advance understanding and accounting for human behavior on trust.  

  • Advancing Security and Privacy of Bluetooth IoT
    • Ohio State University
    • Zhiqiang Lin
  • Continuous Reasoning with Gradual Verification
    • Carnegie Mellon University
    • Jonathan Aldrich
  • Predictable and Scalable Remote Attestation
    • University of Kansas
    • Perry Alexander
  • Quantitative Threat Modeling and Risk Assessment in the Socio-Technical Critical Infrastructure Systems
    • Towson University
    • Natalie Scala, Josh Dehlinger

VI for AI and Cybersecurity

The research projects of the AI and Cybersecurity Virtual Institute are at the intersection of cybersecurity and Artificial Intelligence (AI). These projects are in broad areas of AI for Cybersecurity, Cybersecurity for AI and Countering AI. The research for AI for Cybersecurity advances the secure application AI and Machine Learning to cybersecurity challenges. In the challenge of Cybersecurity for AI, research develops methods to protect critical AI algorithms and systems from accidental and intentional degradation and failure. The area of Counter AI is concerning the special cyber defenses needed to protect against cyberattacks that are aided by the use of AI. 

  • Improving Malware Classifiers with Plausible Novel Samples
    • Vanderbilt University
    • Kevin Leach, Taylor Johnson
  • Leveraging Machine Learning for Binary Software Understanding
    • Arizona State University
    • Yan Shoshitaishvili, Adam Doupe
  • Improving Safety and Security of Neural Networks
    • International Computer Science Institute
    • Michael Mahoney, Serge Egelman, N. Benjamin Erichson 

VI for Defensive Mechanisms

The research projects of the Defensive Mechanisms Virtual Institute advance resiliency by investigating the foundations needed to detect, respond, and mitigate cyberattacks. This requires theory, models, and tools at each stage of the cyberattack timeline. In addition, this field includes the necessary research to balance performance and security in responding to threats.  

  • Neurosymbolic Autonomous Agents for Cyber-Defense
    • Vanderbilt University
    • Xenofon Koutsoukos, Gabor Karsai, Sandeep Neema
  • Resilient Systems through Adaptive Architecture
    • Carnegie Mellon University
    • David Garlan
  • Towards Trustworthy Autonomous Cyber Defense for Dynamic Intrusion Response
    • Carnegie Mellon University
    • Ehab Al-Shaer
  • Vulnerabilities in the Social Attack Surface
    • University of Kansas
    • John Symons

Future issues of the Reviews & Outreach (R&O) will place special emphasis on each of the three VI research areas in addition to the regular content. The R&O will focus on a particular area each month. Topics might include short discussions by the government mentor on goals for the specific research. Articles might include the gaps in current efforts or the need for different approaches to discover technical solutions. The R&O welcomes inputs from the PIs in each of these areas to share their planned efforts. The overall goal is to advance the discipline on the three topics areas through focused research.

Submitted by Cyber Pack Ventures, Inc.

Submitted by Gregory Rigby on