News

Mobilizing A Collective Cyber Defense

Mobilizing A Collective Cyber Defense

August 8, 2019

Aug 28 Cover Flyer
As the constant news of yet another enterprise data breach becomes the norm, the private sector and government agencies must increase collaboration to increase resiliency and defenses to these attacks. While large corporations increase their budgets for cybersecurity, there must also be a concerted effort to ensure small and medium-sized businesses, sometimes the weakest link in our collective cybersecurity defenses, have the adequate tools and resources they need. Join a discussion between government and private sector subject matter experts and attendees on how we can best leverage public-private partnerships to mobilize a collective cyber defense.

Avast Blog: “Avast CEO Vince Steckler Gives a Q&A on His Ten Years at the Top”

July 1, 2019

Vince Steckler

Q: What does being a UC Irvine alum mean to you?

A: I’m on the Executive Committee of the UCI Cybersecurity Policy & Research Institute, and if you look at the people on that committee, it is really world class. When a large public university achieves that kind of excellence, it helps a lot of people. Cybersecurity needs the best minds and lots of them, and you don’t always get there by being exclusive and prestigious, like some private colleges. A large, diverse student body can really provide great competition. Avast is protection for people, and UC schools provide top education for people through a real meritocracy. I like that atmosphere of meritocracy more than aristocracy when people are launching their careers. Personally we also fund a number of scholarships and fellowships at UCI focused on women in computer science. In cybersecurity, tech, and science generally there is a real need to diametrically increase diversity in some key areas. UCI is making great strides there, and I love being part of that.

Read the full story on the Avast Blog.

What a Mess: Complying with the New California Privacy & IoT Laws and the GDPR

What a Mess: Complying with the New California Privacy & IoT Laws and the GDPR

May 28, 2019

June 18, 2019
@ The Cove at UCI Applied Innovation


As numerous new privacy and security laws come into force, it’s not just large companies that need to comply. Small and mid-sized enterprises also will face penalties for failure to comply with these sometimes vague and even contradictory new laws. All businesses ignore these changes at their peril and time is running short to come into compliance. 

RSVP Now
IoT Security & Privacy Conference 2019

IoT Security & Privacy Conference 2019

May 22, 2019

This event was sponsored by UCI’s Cybersecurity Policy and Research Institute (cpri.uci.edu) and UCI’s Institute for Software Research (isr.uci.edu) features a special keynote by Professor Kevin Fu from the University of Michigan, followed by faculty presentations, a panel discussion and a research showcase.

Watch the Videos
IoT Security & Privacy Conference 2019

IoT Security & Privacy Conference 2019

April 17, 2019

This Free Event, sponsored by UCI’s Cybersecurity Policy and Research Institute (cpri.uci.edu) and UCI’s Institute for Software Research (isr.uci.edu) features a special keynote by Professor Kevin Fu from the University of Michigan, followed by faculty presentations, a panel discussion and a research showcase.

Researcher Spotlight: Qi Alfred Chen

March 5, 2019

Qi Alfred Chen

Assistant Professor of Computer Science at UCI Donald Bren School of Information and Computer Sciences

Researcher Spotlight: Qi Alfred Chen

What brought you to UCI?
I joined UCI right after my Ph.D. at University of Michigan, Ann Arbor. UCI students are the biggest reason for me to choose UCI over my other offers: during my job interview at UCI,  I found that UCI students are the most energetic among all my interviews, including the ones in top 10 CS universities. In my talk, almost all students in the room were proactively participating and asking good questions, which is exactly the atmosphere I am looking for as a faculty.

Besides good students, UCI also has an impressive number of excellent faculties in research areas related to mine, for example security, software engineering, and embedded systems, which creates enormous collaboration opportunities. In addition, Irvine is a wonderful place to live with good weather and location. I am extremely fortunate to have the opportunity to work in a school with both strong academics and a wonderful life.

What is your major focus area as a researcher, and why?
My research area is computer and network security. Most recently, as computer technology is increasingly adopted in our physical living environments such as homes and cars, my research starts to focus more on security problems in emerging IoT/CPS systems such as smart home systems, smart transportation systems, and autonomous vehicle systems.

I enjoy security research since it is like playing games and one can play both attacker and defender roles. At the same time, security is also extremely important since security problems in today’s computer systems can lead to severe economical, societal, and even safety damages — imagining that in the near future you are a passenger riding a self-driving taxi on the highway and a remote attacker suddenly manages to take full control of it.

In one sentence, what is the most important question you want to address?
While today’s defense mechanisms are mostly ad hoc and reactive, how to develop more systematic and more principled defense approaches that can proactively discover and address security challenges in existing and future computer technology?

What has been (or will be) the impact of your research?
My research has high impact in both academic and industry with over 10 top-tier conference papers (covering all top-tier security conferences), a US DHS (Department of Homeland Security) US-CERT alert, 2 CVEs (Common Vulnerabilities and Exposures), 7 Android bug tracking records, email acknowledgements from security teams in Apply, Microsoft, and Comcast, and over 50 news articles by major news media such as Fortune, BBC News, Ars Technica, CNET News, and Wired.

What is innovative about your research?
From the research topic perspective, I am the first to study security problem in many emerging computer technologies such as smart traffic light control, autonomous driving, and new gTLDs. From the research style perspective, my research aims at proactively addressing security challenges through systematic problem analysis and design, leveraging techniques such as static/dynamic program analysis, software testing, and data-driven approaches. My research has developed such approaches to systematically discover, analyze, detect, and fix vulnerabilities in a wide range of important computer systems and components such as smartphone OSes, network protocols, DNS, GUI systems, access control systems, and very recently smart traffic signal control systems.

What papers do you have coming through in the next year?
Two of my papers will appear in Mobisys’19 on IoT malware and smartphone malware. At the same time, I expect to submit papers on in-vehicle software security, autonomous vehicle perception security, and autonomous vehicle localization security to Usenix Security’19 and CCS’19.

ABC: “Australian citizens are unwitting ‘combatants’ in cyberspace, Defence boss says”

February 19, 2019

The cybersecurity threat could come to resemble the Dunkirk evacuation of World War II, suggested Bryan Cunningham, executive director of the Cybersecurity Policy and Research Institute at the University of California, Irvine. … “If there’s a significant cyber conflict, a ‘Cyber World War’ if you will — we’re going to be in that same situation [as Dunkirk],” Mr Cunningham told the ABC. At least in the beginning stages of an online conflict, he suggested, it will be civilians and civilian infrastructure under attack and by necessity it will be civilians that defend it.

Read the full story at the ABC.

CPRI Receives $1.4M Gift for Securing the Seams of the Internet of Everything

February 15, 2019

The Herman P. & Sophia Taubman Foundation has provided a generous gift of $1.4 million to UCI’s Cybersecurity Policy & Research Institute (CPRI), led by Executive Director Bryan Cunningham. Founded in the 1960s by the six children of Herman and Sophia Taubman, the foundation aims to promote the advancement of scientific research, higher education and community philanthropy. Six Taubman cousins manage the foundation, including attorney Perry Taubman, currently a visiting scholar at UC San Diego researching autonomous agents for medical diagnosis and insurance coding. Taubman and his cousins understand the crucial need for research focused on cybersecurity and the emerging Internet of Everything (IoE) — that is, the interaction between the traditional internet and the hundreds of millions of connected Internet of Things (IoT) devices.

(more…)

Researcher Spotlight: Zhou L

January 7, 2019

Zhou Li

Assistant Professor of Electrical Engineering and Computer Science at UCI Samueli School of Engineering

Researcher Spotlight: Zhou Li

What brought you to UCI?
I was a principal research scientist at an industrial research laboratory called RSA Labs before coming to UCI, focusing on developing new technologies that can be transferred to company’s products. The main reason for moving from industry to university is that I can work on very challenging problems calling for very innovative solutions, different from industrial research which tends to be short-term and less risky. This makes me quite excited. Another reason is that I’ll have chance to teach and mentor students and see them advancing to the next level.

I chose UCI because it has very strong programs related to computing technologies and especially information security. The students and faculty are very talented and many great works have been done at UCI. And of course, Irvine is a wonderful place to live.

What is your major focus area as a researcher, and why?
My main focus is the intersection between data and security. I believe there are a lot of open problems to solve at this intersection. Now data are generated at an amazing pace by various computing devices and there is strong need to develop new data-driven methods that can solve challenging problems, like the ones in security.

In one sentence, what is the most important question you want to address?
The questions I’m trying to answer include: how to unlock the power from big data to catch the cyber-attackers so our computing systems could be more secure? what new threats are emerged because of the data generated by the new computing devices/hardware?

What has been (or will be) the impact of your research?
Some of my research at RSA Labs have been transferred into company’s products in security analytics. The techniques we built enabled the detection of very sophisticated hacking activities. Besides, my research has identified critical vulnerabilities underlying new computing devices/hardware like smartwatch, mobile payment and GPU, due to data leakage. We worked with the vendors to fix the vulnerabilities and make their devices more secure.  

What is innovative about your research?
The key challenge I’m facing in most of the projects is how to make best use of data. To this end, I built many customized machine-learning models to address different security problems. As an example, one research during my time at RSA Labs combined supervised learning, temporal analysis and graph-based inference together to identify malicious domains visited by employees. It is able to examine tera-bytes of log data generated every day from enterprise devices and find most of malicious domains with very high accuracy.

What papers do you have coming through in the next year?
I have one paper accepted by NDSS’19 on security analysis of Bluetooth protocols and another one accepted by IEEE S&P’19 reveals the fraudulent behaviors of residential IP proxy so far.

Page 5of 9: 1 ... 3 4 5 6 7 ... 9