Highlight: EDA Supports the University of Albany’s Work in Cybersecurity to Help Protect Businesses in the New York Region
EDA partnered with the University of Albany’s Forensics, Analytics, Complexity, Energy and Transportation Security (FACETS) Center through our University Center program in 2011 to foster cybersecurity innovation, public-private partnerships, and cyber job growth in the New York Capital District. This University Center is building an engine of economic growth through collaborations, research, entrepreneurial opportunities, and jobs in the field of cybersecurity.
The University’s Cyber Innovation Laboratory allows academic researchers and businesses to test their cyber defenses against different attacks such as malware, intrusion, and denial-of-service. The Lab supports research, industry innovation, and training via data collection servers and its own self-contained quarantined network to prevent malware from escaping into the global network.
Recently, researchers at The Lab collaborated with General Electric to understand behavioral triggers for identification of potential malicious insiders within an organization. In their approach, the team designed probes to trigger malicious users into action that can be detected. They created simulated conditions to reflect common insider motivations by asking subjects to roleplay an insider and test how they would respond to different scenarios and react to different probes.
The project was completed in the summer of 2020. The results demonstrated how insider threats can be identified prior to manifestation of the attacks through use of active indicators. This research is impactful since it provides a way to protect U.S. national secrets before they are disclosed, unlike most insider threat detection approaches where leaks are detected after the disclosure has happened.
“Through the work made possible by this grant, companies have decreased their time to market for new products and increased their revenue,” said Digital Forensics Chair Sanjay Goel. “Organizations reported that they were also able to service more customers, offer better products and services, and become more efficient and innovative.”
Digital Forensics Chair Sanjay Goel with University of Albany student
This work has also generated a National Science Foundation project to develop interventions that will prevent insider threats. The same approach of active engagement with the adversary ahead of a breach is also being done through a project in the Lab in collaboration with the MITRE Corporation.
The grant has also allowed the Center to support innovation efforts of several startup companies accelerating their R&D efforts, including Chaasm, Cyrisma, Iconoclasm, Ten80 Education, DataSpotlite, Xchangeworx, Lithoz, and Halovation. Trained students and researchers work closely with the firms on short and focused projects with clear deliverables and have been able to make significant contributions to the local business ecosystem.
Over time, the reputation and quality of work has spread through word of mouth and students are now inundated with companies seeking their assistance for their R&D efforts. Currently, the student teams are working with Big Rock Technologies on supporting a secure medical supply delivery through the use of drones. They are performing complete security analyses and helping them obtain grant funding for building a drone testbed.
To learn more about other cybersecurity projects happening through the program, please visit the University of Albany’s EDA University Center page.