1997 — 2002 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Career: Lossless, Near-Lossless and Lossy Plus Lossless Image Compression @ Polytechnic University of New York |
1 |
1998 — 2001 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Us-Turkey Cooperative Research: Sub-Band Decomposition Based Lossless Image Compression Techniques @ Polytechnic University of New York |
1 |
2000 — 2002 |
Memon, Nasir Frankl, Phyllis Gail (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Undergraduate Information Systems Security Laboratory @ Polytechnic University of New York
Computer Science (31) This project establishes an information systems security laboratory at Polytechnic University. The primary goal of the project is to assist in meeting the national demand for qualified security professionals that can help meet the security challenges facing our national information infrastructure. This will be achieved by establishing a laboratory that becomes a national model for an experimentation environment providing hands-on experiences in topics related to information systems security at the undergraduate level.
The proposed laboratory supports a pair of project oriented courses; the first an introductory survey course in computer security and the second, a course in network security. The project adapts laboratory and course material from the Information Systems Security Laboratory (ISSL) at Iowa State University which initially started with an NSF-ILI grant and has subsequently been recognized as center of excellence in information security education by the National Security Agency (NSA). ISSL has agreed to help in the adaptation by sharing their experiences and courseware. The two teams will exchange visits to each other's facilities to facilitate the proposed adaptation.
Polytechnic University will establish a Web site which will include curricula, laboratory manuals, and other course materials. The university is committed to maintaining and updating the site after the completion of the project for national dissemination and use of the models that are developed.
|
1 |
2001 — 2006 |
Memon, Nasir Chiang, Yi-Jen [⬀] Shen, Han-Wei (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Visualization: Integrated Compression and Out-of-Core Techniques For Large Time-Varying Data Visualization @ Polytechnic University of New York
Scientific Visualization is fast becoming a key technology that provides scientists with insights that enable them to steer their numerical simulations towards solving previously unsolvable problems. However, the size of scientific datasets has witnessed exponential growth in the past few years. This sheer size often makes interactive exploration impossible, as only a small portion of data can fit into main memory at a time and the computation cost is often too high to run in real-time. Despite the importance of time-varying datasets, most previous research has focused on the visualization of steady-state data (i.e., data with only a single time step). This project will attack the challenges of large input sizes posed by time-varying data visualization. There are two important and promising research directions towards handling large-scale problems: data compression techniques and out-of-core techniques. This project will develop integrated lossless compression and out-of-core techniques for large time-varying data visualization, including isosurface extraction and direct volume rendering. It will mainly consider the class of irregular-grid volume datasets represented as tetrahedral meshes, which often arises in computational fluid dynamics, partial differential equation solvers, and other fields.
Specifically, the project will develop new lossless compression techniques for vertex coordinates and scalar values for tetrahedral time-varying volume data. It will also develop new out-of-core isosurface extraction and direct volume rendering techniques for tetrahedral time-varying volume data, and integrate the compression and out-of-core visualization techniques together under a unified infrastructure. The expected results would be a collection of new techniques and a unified, proof-of-the-concept visualization system that will minimize the disk space requirement and the visualization rendering time cost. If successful, the system will efficiently support full visualization functionalities (isosurface extraction and volume rendering) for time-varying datasets much larger than can fit in main memory, with performance expected to be independent of the main memory size available.
|
1 |
2002 — 2006 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Us-Turkey Cooperative Research: Steganalysis Techniques For Images and Audio @ Polytechnic University of New York
0218074 Memon
Description: This award is for support of a cooperative project by Professor Nasir Memon, Department of Computer Science, Polytechnic University of New York, Brooklyn, New York, Dr. Bulent Sankur, Department of Electric Engineering, Bogazici University, Istanbul, Turkey and Dr. Ismail Avcibas, Department of Electrical and Electronics Engineering, Uludag University, Bursa, Turkey. They plan to develop new steganalysis techniques for audio and image data. The development of techniques for audio and image steganography and the widespread availability of tools for the same have led to an increased interest in steganalysis techniques for image data. Their approach is based on the hypothesis that hiding a secret message in audio or image data leaves definite artifacts that can be detected using statistical analysis. The steganalyzer is built using multivariate regression on selected audio and image features and a training set of cover and stego images.
Scope: The three scientists, N. Memon, I. Avcibas and B. Sankur have already been collaborating on an international project for three years. The project is expected to lead to joint publications and to the development of software to detect hidden messages in audio signals and image files. The steganalysis tools developed would be of significant benefit to the intelligence community for surveillance and monitoring purposes. The project involves visits between the PIs for short periods and visits by one U.S. graduate student and two Turkish graduate students for longer periods. The proposed plan also involves co-advising of all the graduate students working on the project.
|
1 |
2002 — 2005 |
Memon, Nasir Naumovich, Gleb (co-PI) [⬀] Frankl, Phyllis Gail (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Capacity Building Project in Information Assurance Education @ Polytechnic University of New York
This project develops the graduate level education and research program in information assurance at Polytechnic University by building on an NSF DUE CCLI project for establishment of an undergraduate laboratory in information systems security. The principal long term goals of this project are to assist in meeting the national demand for a cadre of professionals with expertise in information assurance; to create prototype curricular material in graduate information assurance education that will serve as a widely adopted national model; and to establish an information assurance laboratory that becomes a national model for an experimentation environment providing hands-on experiences in topics related to information assurance.
Activities include: revising existing graduate level courses in information assurance to incorporate hands-on practical laboratory based experiences that supplement the theory and principles currently being taught in the classroom; developing new graduate level courses that complement the existing courses and result in a comprehensive curriculum in information assurance; establishing a laboratory consisting of heterogeneous platforms and multiple interconnected networks to facilitate hands-on experimentation and project work in issues related to information assurance; and developing a graduate level certication program in information assurance that focuses both on principles and practice needed to build and maintain a secure information systems infrastructure. The project also includes a detailed evaluation and dissemination plan.
|
1 |
2002 — 2008 |
Memon, Nasir Naumovich, Gleb (co-PI) [⬀] Frankl, Phyllis Gail (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Scholarship For Service in Information Assurance @ Polytechnic University of New York
This scholarship for service proposal supports three 2-year cohorts of students, 15 undergraduate and 10 graduate students. The program is based upon a strong information assurance curriculum in place combined with extensive faculty interaction with the scholarship students. Students will be closely monitored and mentored to ensure that their education meets the goals of the program to produce highly qualified federal employees in information assurance.
|
1 |
2002 — 2005 |
Wu, Xiaolin [⬀] Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
An Algorithmic Study of Optimal Multiresolution Quantization and Joint Source-Channel Coding @ Polytechnic University of New York
ABSTRACT 0208678 Xiaolin Wu and Nasir Memon Polytechnic Univ of NY
An Algorithmic Study of Optimal Multiresolution Quantization and Joint Source-Channel Coding
In this research project the investigators will develop algorithms to improve service quality of video and audio streaming over switched networks, wired or wireless, in adverse network conditions such as congestion, delay, and packet loss. The idea is to have graceful degradation in quality of service rather than outright stoppage of audio and video playback, when the effective transmission rate drops. This will significantly enrich users' experience with IP-based multimedia services.
The research consists of two inter-connected studies: optimal multiresolution (progressively refinable) quantization (MRQ), and uneven error-protected packetization (UEPP) of scalable source code streams generated by MRQ. The investigators' main objective is to develop efficient algorithms for optimal MRQ design, and for optimal bit allocation between scalable source codes of MRQ and forward error correction codes. Their approach differs from the existing rich body of literature on joint source-channel coding and on MRQ in that the problem is treated as one of combinatorial optimization, rather than resorting to continuous Lagrangian optimization. The investigators will classify various optimization problems related to MRQ design and joint source-channel coding by their innate computational tractability, and develop either globally optimal algorithms for those that are solvable in polynomial time, or heuristic algorithms for those that are NP-hard. In order to obtain efficient algorithms for MRQ and UEPP, discrete structures of the underlying objective functions of optimization will be explored, which in turn may offer new insights into these problems of increasing interest and immediate relevance to internet and wireless communications.
|
1 |
2003 — 2010 |
Choudhary, Alok (co-PI) [⬀] Narahari, Bhagirath (co-PI) [⬀] Simha, Rahul [⬀] Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Itr: a Hardware/Compiler Co-Design Approach to Software Protection @ George Washington University
ITR: A Compiler-Hardware Co-Design Approach to Software Protection
PI's: Rahul Simha, Bhagi Narahari, Alok Choudhary, Nasir Memon
Abstract:
The growing area of software protection aims to address the problems of code understanding and code tampering along with related problems such as authorization. This project will combine novel techniques in the areas of compilers, architecture, and software security to provide a new, efficient, and tunable approach to some problems in software protection. The goal is to address a broad array of research issues that will ultimately enable design tools such as compilers to assist system designers in managing the tradeoffs between security and performance.
The main idea behind the proposed approach is to hide code sequences (keys) within instructions in executables that are then interpreted by supporting FPGA (Field Programmable Gate Array) hardware to provide both a "language" (the code sequences) and a "virtual machine within a machine" (the FPGA) that will allow designers considerable flexibility in providing software protection. Thus, by using long sequences and PKI to exchange a secret key with the FPGA while also encrypting the executable with that secret key, a system can be positioned at the high-security (but low-performance) end of the spectrum. Similarly, as will be explained in the proposal, by using shorter sequences and selective encryption, one can achieve high-performance with higher security than is possible with systems that rely only on obscurity.
|
0.93 |
2003 — 2005 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Collaborative Research: Graphical Passwords: Design, Analysis and Human Factors @ Polytechnic University of New York
1) Abstract ===========
Proposal Number: CCR-0310793, CCR-0310490, CCR-0310159 and CCR-0310571
TITLE: Graphical Passwords -- Design, Analysis, and Human Factors
PI: J.C. Birget and Dawei Hong (Rutgers-Camden),
Co-PIs:
S. Man (Southwest State U., Minnesota), N. Memon (Polytechnic U., Brooklyn), S. Wiedenbeck (Drexel).
Abstract:
Humans are not good at remembering alpha-numeric passwords, if the passwords are complicated enough to be secure. Graphical passwords seem easier to remember and to use. Here, an image is displayed and the user chooses a few places in the image. To log in, the user has to click close to these places again. Older systems use preprocessed images with predefined click regions, among which a user has to choose. The investigators designed systems that allow users to choose any points as click points, and that allow users to import their own images. The investigators invented a ``robust discretization'' of images; this enables users to produce exactly the same discrete password even though they cannot click on exactly the same pixels at each login. Passwords are vulnerable to ``shoulder surfing'', which consists of a user being observed, or filmed, during login. The investigators designed password systems that are immune to shoulder surfing.
One of the objectives of this proposal is a human factors study, concerning learnability, memorability, speed, security (unsafe practices), and user satisfaction of graphical password systems. A second objective is to design new graphical password systems, based on curves, movement, and three-dimensional scenes, as well as to design ``bundles'' of passwords that a user can use on different accounts, and that are easy to remember (and distinguish) as a group. New robust discretization algorithms and probabilistic analyses of the security of graphical password systems will be developed.
|
1 |
2004 — 2007 |
Memon, Nasir Ross, Keith (co-PI) [⬀] Naumovich, Gleb (co-PI) [⬀] Frankl, Phyllis Gail (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Collaborative Research: a Virtual Network Security Laboratory @ Polytechnic University of New York
This project creates a virtual laboratory in information assurance that is shared by a consortium of institutions. This laboratory can be configured remotely, allowing the consortium partners to set up the laboratory for their projects, and used remotely so that students from the consortium partners can use the lab without physical travel. The project also includes work that strengthens or adds to the information assurance work at each of the consortium partners, which include several minority-serving institutions.
|
1 |
2005 — 2010 |
Memon, Nasir Bronnimann, Herve (co-PI) [⬀] Karri, Ramesh (co-PI) [⬀] Naumovich, Gleb (co-PI) [⬀] Frankl, Phyllis Gail (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Cyber Corps Program At Polytechnic University @ Polytechnic University of New York
This project is extending the current Scholarship for Service (SFS) program at Polytechnic University. It is leveraging the resources and improving the infrastructure generated by the current SFS program. The project is supporting an educational program that relies on a number of high-quality courses in the area of information assurance (IA), participation in research projects supervised by faculty, hands-on experience both at Polytechnic University and during summer internships, and state of the art infrastructure for IA research. The graduates of this program are becoming valuable members of the federal work force in charge of protecting information and technological infrastructure of our country. Polytechnic has been a host University to the SFS program since September 2002 and has graduated 25 students as of May 2005.
Intellectual merit: The nature of the SFS program is primarily educational. This project is using the infrastructure and environment to prepare high-quality information assurance professionals who can be effective in protecting the information technology infrastructure of the Federal government. Polytechnic is innovating in information assurance education, in particular placing a stronger emphasis on research projects by the SFS students. This effort is sharpening the students' ability for creative thinking, making them better information assurance professionals.
Broader impact: The SFS program at Polytechnic is training information assurance professionals for positions in agencies of the Federal government. Using knowledge and skills obtained in the program, the graduates are well prepared to meet challenges of protecting the information and infrastructure resources of the United States. The SFS program at Polytechnic is continuing to attract female students at a higher percentage than the larger Polytechnic student population. Further, the revised program is enhancing outreach efforts to continue to broaden participation. These efforts include an alumni mentoring program, an assessment and evaluation component, and partnerships with NY city industry, government and voluntary organizations.
|
1 |
2007 — 2010 |
Horwitch, Mel Wein, Joel Memon, Nasir Skelton, Carl Yarmish, Gavriel (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Cpath Cb: Community Building Project: Virtualized Gaming as a Pathway to Enhanced Understanding of Complex Networked Systems @ Polytechnic University of New York
Proposal Number: 0722279 P/I: Joel Wein Institution: Polytechnic University of New York
Title: CPATH CB: Community Building Project: Virtualized Gaming as a Pathway to Enhanced Understanding of Complex Networked Systems
The focus of this project is on building community around educating undergraduates in complex distributed networks and systems. The educational goal is to produce graduates who can design, implement, and manage networked distributed systems. The community building goal is to involve project partners in defining best ways to accomplish the educational goals.
Using multi-player, digital game immersion as a vehicle, a community of innovators (including educators from computer and information science, management science, digital media, gaming, and social sciences) will define learning experiences for students in computing. The goal of the community building effort is to create novel approaches to teaching computer science students to build distributed applications for a global economy.
A difficult educational hurdle, identified by this team of researchers, is providing students with a real hands-on experience. To address this, the project team will build essential components of a virtual environment and toolset in order to facilitate a gaming environment. In addition the team will leverage a small amount of internal funding to facilitate their effort to:
1. Produce two prototype gaming environments (one troubleshooting scenario and one system building scenario), 2. Conduct preliminary experiments with them at Polytechnic University and Brooklyn College, and, 3. Organize a regional workshop that will bring together a diverse group of educators to discuss applications of gaming in teaching about complex computer systems.
This project addresses an important area of national need, the education of future computing practitioners who are able to develop and manage large-scale distributed systems. The outcomes of the project will permit educators to expose their students to realistic platforms so that students may gain experience with complex, distributed and networked systems projects in a globally competitive market.
|
1 |
2007 — 2010 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Ct-Isg Security and Privacy of Biometric Templates: Theory and Practice @ Polytechnic University of New York
The main objective of this project is to develop simple, practical and provably effective cryptographic techniques for the security and privacy of biometric data. The proposed research will formulate rigorous notions of security and privacy for real world biometric data, which may be continuous and with complex similarity measures. This will be done by developing error-tolerant techniques that can be applied to achieve the targeted security and privacy requirements. The proposed approach is mainly based on recent devel- opments in error-tolerant cryptography centered around the idea of a secure sketch. In fact, well known error tolerant schemes like fuzzy commitment and fuzzy vault can be considered as special cases of the general notion of secure sketch. The secure sketch framework is a promising approach for protecting biometric data. Not only is it more amenable to combination with signal processing techniques for application to real biometric data, but it also provides provable security under reasonable assumptions. The techniques developed will be implemented and an investigation of their performance in terms of false accepts and false rejects will be carried out along with and analysis of the trade-off between the performance and the security. Practical cryptographic protocols for biometric applications under a variety of threat models will also be developed. Furthermore, techniques to enhance security using multimodal biometrics and/or multi-factor schemes will be studied.
|
1 |
2008 — 2011 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Collaborative Proposal: An Extensible Software Platform For a Virtual Cyber Security Laboratory @ Polytechnic University of New York
Computer Science (31)
In this collaborative project, five institutions are developing courseware for teaching computer network security. The courseware comprises an open source software platform for a virtual cyber security laboratory and accompanying lab assignments and is based on prior NSF-funded projects at two of the institutions. The laboratory materials being developed give students hands-on experiences in cyber security courses.
The courseware being developed makes it easy for other institutions to create their own virtual laboratories with very little hardware and requires minimal maintenance and administration cost. The courseware is extensible so others can augment it with specialized modules.
With respect to critical information infrastructure protection, the project results in increased national capacity for education, new entrants to the information security workforce, and increased national research and development capabilities.
|
1 |
2009 — 2014 |
Nissenbaum, Helen (co-PI) [⬀] Memon, Nasir Ghose, Anindya (co-PI) [⬀] Karri, Ramesh (co-PI) [⬀] Zimmerman, Rae (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Aspire: An Sfs Program For Interdisciplinary Research and Education
Interdisciplinary (99)
The project ASPIRE at the Polytechnic University of New York prepares a cadre of SFS scholars who can integrate technical, legal, financial, and behavioral aspects into practical, cost effective solutions that people can depend on; who can help develop laws and public policies relating to information security and privacy that properly reflect the capabilities, limitations, and implications of technology. A graduate from the ASPIRE program is able to translate the foundational principles of security and privacy into information technologies based on a deep understanding of societal, economic, behavioral and public policy implications and requirements.
To ensure success of this vision, ASPIRE includes: an inter-disciplinary education and research agenda; training to identify and solve security and privacy problems from technical, legal, ethical, policy, and business perspectives; a sense of community by means of a buddy system, quarterly boot camps and weekly meetings; and a community service to mentor middle school students and to help non-profit organizations with their IT security problems. The ASPIRE team consists of researchers from NYU-Poly, and other schools in NYU with diverse expertise in areas that include Computer Science; Electrical and Computer Engineering; Public Policy; Law, Ethics and Politics; Economics and Business; and Psychology.
NYU has a large number (60%) of women students and ASPIRE partners with local and national minority institutions to recruit high quality fellows. The partners include the National Action Council for Minorities in Engineering, National Society for Black Engineers, Society of Hispanic Professional Engineers and the Society for Women Engineers.
|
1 |
2009 — 2012 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Collaborative Project: Participatory-Based Approach On Teaching and Learning Biometric Security and Privacy @ Polytechnic University of New York
Computer Science (31)
This collaborative project improves undergraduate education and student learning in the area of biometric security and privacy. The specific objectives of this project are: (A) to develop courseware modules that focus on three topics: (i) biometric technologies, (ii) privacy, and (iii) techniques for privacy preserving biometric security; and (B) to explore the notion of connective and collective intelligence grounded on peer collaboration and competition for promoting active learning, and through which to identify the conditions under which the courseware materials are effective to create a positive impact on undergraduate learning in biometric security and privacy.
A unique characteristic of this project is to engage students to actively contribute selected case studies and problem solutions to be accumulated and included in the learning guide. Engaging in the active contribution of content materials is significant in two regards. First, it allows the courseware to capture the collective intelligence that reflects diverse viewpoints on usable biometric security and privacy expectation. Second, engaging students in the process of contribution requires them to connect knowledge and information sources to achieve connective intelligence.
This project produces three deliverables: (A) a student learning guide on the concepts, principles, and technologies on biometric security and privacy; (B) biometric data and privacy preserving biometric data retrieval software; and (C) lab manuals for experiments that help students gain hands-on experience on the biometric data and technologies, their applications, and their privacy implications.
|
1 |
2010 — 2017 |
Nissenbaum, Helen (co-PI) [⬀] Memon, Nasir Ghose, Anindya (co-PI) [⬀] Karri, Ramesh (co-PI) [⬀] Zimmerman, Rae (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Igert: Inspire: Information Security and Privacy: An Interdisciplinary, Research and Education Program
This Integrative Graduate Education and Research Training (IGERT) award supports the development of a graduate training program in information security and privacy. Trainees will learn to translate the foundational principles of security and privacy into information technologies based on a deep understanding of social, economic, behavioral and public policy implications and requirements. The program will produce a cadre of technologists and scientists who can integrate technical, legal, financial, and psychological knowledge into practical solutions.
The program has at its core a new paradigm for building trustworthy systems, where technical security issues are seen only as one spoke in a wheel, along with equally important legal, social, psychological, policy, and economics issues. Trainees with this interdisciplinary background will join academia, industry, create new companies and drive public policy. A unique bridging program with local and national minority serving institutions and organizations will ensure that the program recruits and retains a diverse set of trainees.
IGERT is an NSF-wide program intended to meet the challenges of educating U.S. Ph.D. scientists and engineers with the interdisciplinary background, deep knowledge in a chosen discipline, and the technical, professional, and personal skills needed for the career demands of the future. The program is intended to catalyze a cultural change in graduate education by establishing innovative new models for graduate education and training in a fertile environment for collaborative research that transcends traditional disciplinary boundaries.
|
1 |
2011 — 2014 |
Kapila, Vikram (co-PI) [⬀] Memon, Nasir Karri, Ramesh (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Collaborative Project: Building Cybersecurity Capacity by Means of a National High School Digital Forensics Challenge
This is a collaborative project involving the Polytechnic University of New York (NSF Award No. 1129459) and CUNY New York City College of Technology (NSF Award No. 1128869).
This SFS Capacity Building project is engaging high school students in cybersecurity-related activities and inspiring them to pursue higher studies in this important area. The project is creating a nationwide high school forensics challenge, which attracts thousands of students to get first-hand experience learning and working on security-related issues. In order to help the student participants, the project is training a cadre of high school teachers to mentor and coach teams that take part in the challenge and thereby to facilitate the integration of cybersecurity topics into high school curricula. The project is also creating a portal of Web resources for high school students, to facilitate their engagement in self-learning activities in the area of cybersecurity.
The evaluation component of the project aims to answer the more difficult questions related to impact. Namely, does the creation of a contest lead to an increased number of students pursuing higher education in STEM disciplines? Does it stimulate creative thinking? Does it broaden participation? Does participation in a cybersecurity competition enhance students' interest in cybersecurity, computer science, mathematics, and science? Do competition participants enroll in computer science programs at college in higher proportion than their peers?
The project includes collaboration with a minority serving institution in order to increase the participation of women and minorities. The project is specifically recruiting 10 women and minority teachers to attend the summer boot camp and is inviting 10 groups of women and minority teachers and their students to attend the Cyber Security Awareness Week (CSAW) award ceremony. These two activities contribute to the formation of a network of personal, educational, and professional ties, provide young students with role models, and lead to fruitful mentoring relationships and research.
|
1 |
2012 — 2016 |
Isbister, Katherine (co-PI) [⬀] Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Twc: Medium: Collaborative: Towards Secure, Robust, and Usable Gesture-Based Authentication
This project investigates the feasibility of secure, robust, and usable gesture-based authentication as an alternative to traditional alphanumeric passwords and biometrics. It is motivated by the rapid increase in authentication-related security breaches and by the emergence of new human-computer interfaces. While the breaches have demonstrated the seriousness of the issue, two emerging types of gesture-based interfaces, multi-touch (smartphones, tablets) and camera-based (Kinect), offer a unique opportunity for robust solution.
The benefit of gesture-based authentication over a purely-biometric one lies in the fact that it combines involuntary biometric features (e.g., hand shape), that are irrevocable, with user-controlled voluntary characteristics that can be easily changed. Three research thrusts are being pursued: 1) gesture recognition algorithms (search for robust gesture features, their compact representation, and reliable classification algorithms), 2) human factors (study of uniqueness, repeatability, ergonomics, device dependence of gestures, and gesture complexity) and 3) security considerations (evaluation of authentication performance under a range of performance measures and different threat models).
A successful completion of this research will catalyze the development and adoption of next-generation authentication methods that are critically needed at the personal, institutional, and governmental levels. As the price paid (time, money, and resources) to repair a security breach can be astounding, this project will have substantial societal impact by increasing the sense of security and reducing breach-related costs. At educational level, this project is involved in middle and high school outreach at Boston University as well as the annual cybsersecurity competition CSAW at NYU-Poly.
|
1 |
2012 — 2018 |
Memon, Nasir Karri, Ramesh (co-PI) [⬀] Cappos, Justin Frankl, Phyllis Gail (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Building Cyber Security Capacity in Two Year and Four Year Colleges
This project at the Polytechnic University of New York (NYU-Poly) is training a cadre of two-year and four-year faculty in cyber security. The faculty, who are recruited from urban inner-cities with socially diverse, economically disadvantaged, and underrepresented students, engage in an intensive six-week summer cyber-security course and also participate in on-going, cutting-edge cyber-security research projects with their mentors from NYU-Poly. The program provides the faculty with arc of experience starting from knowledge acquisition in the summer workshop, application and integration of the knowledge in a research project, transmission of this knowledge as they teach their classes, mentoring of their student teams for the Capture the Flag challenge, and finally the culmination of their experience in the national Capture the Flag challenge conducted by NYU-Poly that attracts thousands of students. Faculty develop and hone their research, communication, and presentation skills, which are critical to their professional growth and success. The faculty are introduced to a topic of critical national need and mentored to develop and offer courses that, in turn, introduce their students to concepts and challenges in cyber security. The project team is disseminating the results of project through the competitions and the TeachEngineering digital library, for adoption by others.
|
1 |
2012 — 2024 |
Memon, Nasir Karri, Ramesh (co-PI) [⬀] Cappos, Justin Frankl, Phyllis Gail (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Aspire: An Sfs Program For Interdisciplinary Research and Education (Renewal)
This project aims to build on and extend the success of the current Scholarship for Service (SFS) program at Polytechnic Institute of New York University (NYU-Poly) and take it on a path towards self-sustainability. It leverages and improves the resources and infrastructure generated by the current SFS program to prepare a cadre of SFS scholars who can tackle security and privacy problems from multiple viewpoints. The program instills a cybersecurity mindset that looks beyond just technology while approaching problems. The project supports an educational program that relies on a number of high-quality courses in the area of information assurance (IA), participation in research projects supervised by faculty, hands-on experience both at NYU-Poly and during summer internships, and state of the art infrastructure for IA research. In addition to providing technical skills and research experiences, the program nurtures and develops leadership and communication skills, and good citizenship. The proposed project has an important mission of preparing cybersecurity professionals for positions in agencies of the Federal, state, local and tribal government. Using knowledge and skills obtained in the program, the graduates are well prepared to meet challenges of protecting the information and infrastructure resources of our Nation.
|
1 |
2013 — 2016 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Collaborative Research: Eager: Enhancing the Cyber Security Workforce - the Human Angle
The proposed study provides extensive new data in two scarcely examined research areas. The first is the overall impact that cyber competitions have on enhancing the cybersecurity workforce. There is widespread anecdotal evidence of the benefits of individual competitions, but a large-scale, carefully constructed study is needed to determine outcomes and causal relationships. Additionally, it is the first thorough examination of the psychological characteristics of people interested in cybersecurity. Related research has examined the personality traits of IT professionals, the cognitive styles of computer "hackers," and the academic abilities associated with success in STEM programs. However, no studies have focused exclusively on the cybersecurity field. The findings hold promise to transform existing ideas about the types of people who are qualified and willing to pursue careers in cybersecurity. Increasing the number of trained cybersecurity professionals is crucial to the continued success of both public and private enterprises. Competitions, such as NYU-Poly's digital "Capture the Flag" challenge, represent a promising approach towards accomplishing that goal using hands-on competition as a stimulus for learning. However, in order to improve the efficacy of future challenges, it is first necessary to examine the impact of past endeavors. Competitions present a unique opportunity to explore the psyche of individuals who have already displayed an interest in cybersecurity. Examining that population provides insight into the reasons why certain qualified individuals pursue careers in cybersecurity, while others do not. Such insight can also serve as an invaluable guide for the organizers of future efforts aimed at attracting a larger number of talented individuals to the cybersecurity workforce.
|
1 |
2014 — 2017 |
Memon, Nasir Nov, Oded [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Eager: Exploring Spear-Phishing: a Socio-Technical Experimental Framework
A safe and productive society increasingly depends on a safe and trustworthy cyberspace. However, extensive research has repeatedly shown that the human factor is often the weakest part in cyberspace, and that users of information systems are often exposed to great risks when they respond to credible-looking emails. Thus, spear phishing attacks - which attempt to get personal or confidential information from users through well-targeted deceptive emails - represent a particularly severe security threat.
Addressing this threat, in this project we use a combination of surveys and experiments to examine the psychological, educational and cultural factors that contribute to the users' vulnerability and response to spear phishing attacks, and their ability to detect deception. An important aspect of the project is an in vivo, multi-site setting: studies are conducted in university and commercial enterprise setting, as well as across different cultures - in all cases using realistic spear phishing email attacks. Using a three-dimensional experimental design, in this cross-disciplinary research project we (i) identify the underlying factors for the success of different spear phishing attack strategies; (ii) develop novel types of cyber-defenses that are tailored to users' idiosyncratic characteristics; (iii) validate the usefulness of personality-targeted defense in a comparative, multi-organizational, real-world settings; and (iv) develop a new, collaborative avenue for cross-disciplinary research of social scientists and computer scientists.
|
1 |
2014 — 2018 |
Memon, Nasir Cappos, Justin |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Ret in Engineering and Computer Science Site: Research Experience and Training in Cyber Security For Pre-College Teachers
This funding establishes a new Research Experience for Teachers (RET) Site at Polytechnic University of New York (NYU-Poly). The primary objective of this RET site is to engage high school teachers in cyber security related activities and involve them in introducing a topic of critical national need to students. The project will introduce a cadre of teachers to the basic concepts of cyber security and engage them in ongoing research projects at NYU-Poly. The teachers and their students will participate in a nationwide high school forensics challenge. The NYU-Poly RET team has an outstanding track record of achievements in cyber security research, education, outreach, capacity building, and K-12 educational initiatives. The team plans to provide research and professional development opportunities to teachers from urban, inner city schools and broadly disseminate the curricular materials the teachers design to bring the cyber-security topics and their research into classrooms in the greater New York City area. Thus the project will develop a community of teachers and students who are passionate about cyber security.
The project is abundant in intellectual strengths anchored by a research area this is compelling and relevant to all citizens and by an exceptional faculty team that has demonstrated expertise in both research and K-12 outreach. The site features projects that are teacher accessible as well as connected to current research and practice. The RET site includes sound evaluation and dissemination plans that may provide models for secondary cyber security education, filling an important disciplinary gap. The project could help establish a sustainable/scalable pathway to an abundant group of US computer scientists proficient in the next generation of cyber security concepts and techniques.
The project also has many broader impacts. The project will provide professional development to teachers from urban, inner-city high schools with socially diverse, economically disadvantaged, and underrepresented student populations. Teachers will develop and hone their research, communication, and presentation skills, all of which are essential to their professional growth and success. The project will build the technical capacity of teachers so they are capable of developing and deploying cyber security topics at their schools. The project team will disseminate the results of the project through the TeachEngineering digital library, tutorials, and course materials for adoption by others.
|
1 |
2014 — 2017 |
Memon, Nasir Guo, Zhan Zhu, Quanyan [⬀] De Leon, Francisco Zimmerman, Rae (co-PI) [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Rips: Type I: a Meta-Network System Framework For Resilient Analysis and Design of Interdependent Critical Infrastructures
Interdependencies between critical infrastructure systems and processes exacerbate the consequences of initial failure, lead to cascading effects, and compound the propagation of damage. The project enhances the fundamental understanding of interdependent critical infrastructures (ICIs) by providing theoretical guidelines. The framework developed in the project serves as the basis of future computing for a multi-infrastructure modeling, design and simulation platform. This framework interfaces existing software tools for individual infrastructures and enables engineering design and public policy analysis. In addition, the quantitative methodologies developed in this project bridge the disciplines of engineering, computer science, social and economic sciences, and create a new interdisciplinary paradigm that provides a holistic view towards ICI resilience planning and design.
The main focus of this project is to develop a meta-network system framework that captures the physical, cyber and human dependencies within an individual infrastructure and across multiple ICIs and to assess their effects on the outcomes of disastrous events. This theoretical framework considers feedback loops, cascading chains of failures and self-aggravating effects. The identification of network structures or motifs provides insights on the design of resilient ICIs and allows for the quantification of metrics relevant to resilience. The techniques for finding multi-resolution representations of meta-network models provide a system modeling platform that is appropriate not only for designing engineering resilient solutions but also for examining socio-economic policies and communication protocols in the context of organizational behaviors. An event-driven and network-based reliability model provides quantitative metrics such as hitting time and mean time to failure. Control and game theory capture risks and uncertainty and assist in the design of risk-sensitive and robust resilient planning schemes for ICIs.
|
1 |
2015 — 2018 |
Zimmerman, Rae (co-PI) [⬀] Memon, Nasir Ozbay, Kaan (co-PI) [⬀] Zhu, Quanyan [⬀] |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Crisp: Type 1: Reductionist and Integrative Approaches to Improve the Resiliency of Multi-Scale Interdependent Critical Infrastructure
Critical infrastructures are evolving to be more diverse and increasingly connected. The growing complexity creates convoluted dependencies and interdependencies between infrastructures arising from cyber-physical, geographical, supply-and-demand, and human-in-the-loop relationships between different components of the system. Understanding these interactions requires a reductionist and an integrative approach. The reductionist approach focuses on studying the characteristics of four fundamental classes of dependency links, while the integrative approach uses them as building blocks to establish a holistic network framework to capture the interdependencies of the infrastructure systems. This bottom-up methodology provides a systematic way to generate an integrated and multi-scale view of a system of systems, enabling the identification and quantitative characterization of unanticipated interdependencies through feedback loops. The overarching goal of this project is to improve the resiliency of interdependent infrastructures, enabling them to recover from disruptive events and disturbances within an acceptable amount of time and cost.
The proposed research will expand the knowledge base of such interdependencies by adopting both reductionist and integration approach to create a bottom-up methodology to provide fundamental principles to understand interdependencies. The project aims to classify and characterize four fundamental classes of dependencies using principles from physical laws, communications theory, supply chain theory, and game and economic theory. In addition, the project will develop automated scalable vertical and horizontal compositional techniques to form a holistic interdependency network model to investigate the fundamental tradeoff between heterogeneous measures, and the tradeoff between pre-event and post-event measures. The analysis of these relationships will lead to an optimal design of a multi-scale resilience mechanism, which will be applied to case study scenarios of Staten Island during Superstorm Sandy and a nuclear power plan accident such as the one that occurred in Fukushima, Japan.
|
1 |
2016 — 2018 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Edu: Cyber Girls: Teacher Training and School-Based Cyber Security Education For High School Girls
The main objective of this two-year project is to develop, implement, and study an intervention that increases cybersecurity awareness and proficiency among high school teachers and exposes high school girls to cybersecurity activities and careers. This objective is spurred by the growing need for cybersecurity professionals coupled with the under-representation of women in this field. The Bureau of Labor Statistics reports that 18% of cybersecurity specialists are women. There has been increasing awareness that any scalable and sustainable effort to grow the workforce in cybersecurity cannot ignore pre-college students, indicating a need for more effective programs and support for high school aged children, especially girls. However, little is known about what it takes to engage adolescent girls in cybersecurity and combat the dramatic shortage of women in the field. This research study will generate evidence based knowledge about successful cybersecurity professional development for high school teachers and effective cybersecurity instruction for adolescent girls. The results will help other districts and schools justify the use of similar intervention models so that their teachers can break the barriers of stereotype threat and engage and retain girls in the cyber security field.
More specifically, this innovative cybersecurity intervention includes the following: (1) A cybersecurity training program for high school teachers; (2) A curriculum made up of hands on, collaborative and ability building activities that help high school teachers introduce their female students to concepts and challenges of cybersecurity within single-sex school-based settings; (3) A female mentor network for high school girls and teachers, field trips that expose girls to opportunities in the field and involvement in a nation-wide high school forensics challenge that attracts thousands of students passionate about cybersecurity; (4) Ongoing technical assistance for teachers implementing the curriculum in order to ensure sustainability of the program in the partnering schools; Over the course of two years, at least 150 girls from 3-6 high schools in New York with racially, ethnically, and socioeconomically diverse student populations will be recruited to participate in the intervention. A quasi-experimental design, using a control group and pre-post tests in each school, will be utilized to examine the success of the intervention. Additionally, a qualitative research design will be utilized to document the process of learning that takes place and the experiences of the students. The impact on, and experience of, teachers in the program will also be studied using a pre-post test quantitative and qualitative research design. This mixed methods study will gauge impact and effectiveness in order to improve future efforts and to produce an evidence-based model for engaging girls in cybersecurity, which can be disseminated nationally.
|
1 |
2016 — 2019 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Twc: Small: Collaborative: the Master Print: Investigating and Addressing Vulnerabilities in Fingerprint-Based Authentication Systems
The objective of this project is to investigate the security of fingerprint authentication systems, especially those using partial fingerprints. A number of consumer electronic devices, such as smartphones, are beginning to incorporate fingerprint sensors for user authentication. The sensors embedded in these devices are generally very small and the resulting images are, therefore, limited in size. To compensate for the limited size, these devices often acquire multiple partial impressions (templates) of a single finger during enrollment to ensure that at least one of them will successfully match with the image obtained from the user during authentication. In some cases, the user may even be allowed to enroll multiple fingers, and the templates pertaining to these multiple fingers are associated with the same identity (i.e., one user). A user is deemed to be successfully authenticated if the partial fingerprint obtained during authentication matches with any one of the stored templates.
This project is investigating the possibility of generating a "Master Print," a synthetic or real partial fingerprint that serendipitously matches with a large number of partial impressions pertaining to multiple users. This is akin to having a Master Password that can unlock a diverse set of user accounts. In this regard, the following tasks are being conducted: (a) Analyzing the vulnerability of fingerprint authentication systems that use partial fingerprints by developing methods to generate Master Prints; (b) Models for computing the distinctiveness or uniqueness of partial fingerprints compared to full prints; (c) Methods for mitigating the vulnerability associated with the adversarial use of Master Prints.
|
1 |
2017 — 2019 |
Memon, Nasir Dolan-Gavitt, Brendan |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Eager: Collaborative Research: E-Witness: Preserve and Prove Forensic Soundness of Digital Evidence
This project seeks to explore the challenges of developing E-Witness - a system that allows civilians to use their smart devices to collect forensically sound multimedia evidence. In order to be considered authentic and forensically sound, a digital evidence needs to have a proof of being untampered and the time and location of the event needs to be attested in a way that it is immutable. Such research on forensically sound and anonymous evidence gathering is hard due to various challenging requirements: user friendly application interface, unbiased, collusion-resistant and privacy-preserving time-stamping service as well as accurate location attestation. The effectiveness of each aspect needs to be proved to build a robust system. The overarching reward of this project is its ability to record and validate facts in real-time while bringing forensic accountability to such collected evidence.
The building blocks of E-Witness consist of: (a) a secure smart phone application, (b) a time-stamping service implemented as a public blockchain maintained by individual miners, and (c) a location-attestation service that provides confidence on the truthfulness of the location reported by the evidence device. A prototype will be developed and performance analysis will be performed over a testbed deployment to ensure correctness of all components of the system. A pilot study involving University users will be performed to identify the challenges of a large-scale deployment.
|
1 |
2019 — 2022 |
Memon, Nasir |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Cif: Small: End to End Security-Oriented Optimization of Image Acquisition Pipelines
Ensuring integrity of digital images is one of the most challenging problems of our times. Increasing capabilities of digital media editing software has spawned a torrent of shocking manipulation examples, including the infamous DeepFakes which has been deemed a looming challenge for privacy, democracy, and national security. Many solutions proposed to-date have fallen short and can be rendered ineffective with very simple post-processing. In particular, strong compression applied by social networks and photo sharing services render existing authentication protocols unreliable. Moreover, increasing adoption of deep learning and computational photography in imaging processors in digital cameras creates new challenges even in native photo authentication. This project will use modern machine learning techniques to pursue security-oriented design of image acquisition and distribution workflows to ensure that image integrity and provenance can be assured, thereby addressing an emerging problem in this social-media driven world.
This project seeks to tackle: 1) optimization of the imaging pipeline to facilitate reliable forensic analysis in the most challenging conditions; 2) design of training protocols that generalize to various authentication problems; 3) optimization of the entire acquisition and distribution workflow, including both the imaging processor and lossy compression. Preliminary experiments indicate that by exploiting feedback from post-distribution forensic analysis, the imaging pipeline can be modified to facilitate content authentication. A neural imaging pipeline can learn to introduce imperceptible artifacts, akin to digital watermarks, which significantly increase manipulation detection accuracy, from 45% to over 90%. Further gains will result from the explorations on this project along the thrusts noted above.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
|
1 |
2021 — 2022 |
Memon, Nasir Jain, Shweta Ramansenthil, Kumar |
N/AActivity Code Description: No activity code was retrieved: click on the grant title for more information |
Pfi-Tt: a System to Secure and Verify Location, Time, Metadata, and Authenticity of Digital Images and Videos @ Cuny John Jay College of Criminal Justice
The broader impact/commercial potential of this Partnerships for Innovation - Technology Translation (PFI-TT) project is in creating transparency in business transactions that involve data (image and videos) that have news, forensic and evidentiary value. As the technology to manipulate images and create fake videos has become more accessible, the public trust of photos and videos as evidence has been eroding. This project combats this problem by creating a process to prove that images are not fake or manipulated. This is achieved by a secure application that can be used to capture images or videos and instantly register a proof of origin (location, time, and metadata) and forensic identification of the data on the blockchain. This process may restore trust in any business transaction which uses photos or videos as evidence. The commercial value is to both public entities such as in law enforcement and in service businesses required to store images for proof of delivery, inspection, completion of work, etc. Finally, this technology helps online news agencies to enable public verification of news stories, restoring public trust on local digital news platforms. The proposed project builds a system to store proof of origin of data on a blockchain-backed storage system, creating a chain of custody that begins at the time of data creation (such as when a smart phone or camera is used to record a video or take a picture). The process seeks to differentiate between verifiable media and fake media, the latter of which may combat misinformation in online platforms. The intellectual merit is in the development of a novel perceptual hashing algorithm that can achieve 98% precision in detecting tampered images from a mix of original and compressed or enhanced copies; a smart contract that supports confidentiality and integrity of the data and the auditability and accountability of the storage system, while allowing erasure of data to support the Right to be Forgotten. The technology also develops a novel database auditing process to solve the paradox between openness of a public blockchain and data producer’s right to privacy. The goal of this research and development project is to build an end-to-end platform that supports media registration and verification to support the business logic for a variety of public and private entities.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
|
0.903 |