Anomaly detection Click for more details

    Anomaly detection differs from ordinary supervised classification in that typically, during the training phase, the learning algorithm only observes “normal” examples -- and yet is expected to detect “anomalous” ones if they appear during the testing phase. This presents, first and foremost, a philosophical problem, typical of the unsupervised setting: What’s to stop a learner from trivially labeling every single instance as “normal”? Nevertheless, this problem setting is of considerable importance in real-life problems, and I am regularly faced with its various manifestations in the course of consulting companies such as Deutsche Telekom, EMC, Paypal and IBM.

    Biometrics Click for more details

    Now, more than ever, cyber security is also about the verification and identification of individuals for physical or cyber access control, and in this quest, biometrics has become a primary tool. As a scientific and technological field dedicated to measuring human characteristics, the security that biometrics provides always juggle between robustness, reliability, portability, and affordability. Research directions in this field in the department lies at the intersection of computational sciences, neuroscience, and computer vision in order to optimize all these aspects of biometrics simultaneously towards a foolproof, portable, and affordable methods for individual verification and identification in cyber systems.

    Computer security Click for more details

    Since the mid-20th century computing power has grown exponentially. We all feel the advantages in our daily lives, but the drawback is that we are becoming much more dependent on computers. In the early days functionality was considered more important than security and therefore many of the systems are vulnerable to cyber attacks. Computer security research address this issue from all levels: Hardware (e.g., Spectre, and Raw Hammer); Software (e.g., secure develpoment); Privacy (e.g., homomorphic encryption and other solutions) and more.

    Cryptocurrencies Click for more details

    A cryptocurrency is a form of digital money that does not require a central authority (such as a bank). Modern cryptocurrencies (most notably Bitcoin) are based on the pioneering work of Satoshi Nakamoto. Nakamoto designed protocols that allow to achieve consensus on the state of the blockchain which is a public decentralized ledger that records all the transactions in the system.

    Since Bitcoin was launched in 2009 by Nakamoto, cryptocurrencies have accumulated a market capacity of several hundred billion dollars and attracted massive attention from governments, industry and academy. Nevertheless, cryptocurrencies are far from being a common and standard means of payment and there are many obstacles that must be overcome to reach this goal.

    Research directions in this domain include enhancing the scalability and efficiency of cryptocurrencies as well as improving their security against various types of attacks.

    Cryptography and Privacy Click for more details

    Cryptography and privacy are central areas of research in cyber security. Cryptography aims to protect parties from attackers that attempt to eavesdrop to their communication or modify it. Cutting-edge research in cryptography is also devoted to more advanced features such as secure multiparty computation that allows parties to jointly compute a function of their inputs while making sure their inputs remain private.

    With the proliferation of information technologies and big data analytics, preserving privacy is an increasingly challenging task. One of the main goals of research in data privacy is to protect an individual's personally identifiable information in large databases that contain sensitive information (such as medical records), while preserving the utility of this data (for purposes such as medical research). The main formal mathematical framework developed for this purpose is differential privacy, which is a very active area of research and is also in the initial stages of deployment in practice.

    Data Security Click for more details

    Data security is part of the computer security or cyber security area. It deals with protecting data in databases and in the cloud. We develop cryptography based techniques to protect such data while enforcing different access control policies. The field also includes the topic of protecting the cloud from malware penetration and the topic of security and privacy in Social networks.

    Image Forensics Click for more details

    Visual content, images or videos, dominates our world not only because it is rich (after all, "a picture is worth a thousand words") but because often we tend to believe that "seeing is believing". This approach has been at the basis of statutory procedures also, allowing images to serve as admissible evidence, as long as they are original. But with sophisticated image editing tools such as Photoshop and computer vision techniques such as image inpaintings and augmented reality, seeing is no longer believing and visual content can definitely quality as "fake news". Image forensics attempts to study how to tackle such frauds and in particular, how one can authenticate digital images and other visual content.

    Quantum Cryptography Click for more details

    Cryptography is the science of dealing with adversaries in computational settings. Many times, it turns lemons (intractable computational problems) to lemonade (useful cryptographic protocols, such as encryption schemes). Quantum computing dramatically changes the landscape of cryptography for two distinct reasons: the cryptographic protocols are not secure since the underlying intractable problem becomes tractable for quantum computers; and some tasks that cannot be achieved classically can be achieved using quantum computers due to quantum effects, such as unconditionally secure encryption scheme (Quantum Key-Distribution), and unforgeable quantum money.

    Social Network Analysis Click for more details

    Complex networks in general, and social and technological networks in particular, have become the focus of intense research, mainly due to the widespread availability of data resulting from on-line social networks (OSNs) and other Internet applications. These networks are often characterized by a hierarchical structure, heavy tail degrees distribution, and the small-world property, meaning that the mean distance between pairs of nodes is small relative to the network's size.

    Complex network analysis tools, such as community detection and link analysis algorithms, are used by a wide range of applications. In our cyber security research, we develop and apply tools for complex networks analysis in order to detect malicious entities, such as files, machines, accounts or Internet domains, based on the patterns of their interactions.

    Trust and Reputation Click for more details

    The issue of trust is part of the general cyber security area. It involves technical issues like trusting the authentication process, or trusting a third party for performing secure computations. It also includes social and privacy issues like evaluating the reputation of people profiles or posts in a social network. Recently we conducted research in using reputation models for detecting malicious internet domains.