Research

Jun 24th, 2020
The Nature of Cyber Threats & The Road to Cyber Security Regulation
  • social sciences
  • social sciences

Global efforts to regulate cyberspace in the context of international security are challenged by fundamentally different perceptions on the nature of cyber conflict by the world’s greatest cyber-powers: China, Russia, and the United States. This study explores the most critical aspects of cyberspace regulation that each cyber power attribute and perceives, that have prevented gaining further progress after the failure of the 2016-2017 Group of Governmental Experts, that was set to formally establish negotiations on cyberspace regulation.

Accordingly, the first part of the study explores the cybersecurity strategy of the cyber powers and its integration into their overall national security strategy. Doing so will allow a better understanding of the dominant causes of tensions and disputes over global cyberspace regulation that ultimately create an imbalance that is difficult to reconcile. We analyze the most critical cyber-related aspects that each cyber power provides by its national security strategy, and its implementation, on issues such as sovereignty, global governance structure, and critical infrastructure protection, and cyberwar.

The second part of the study focuses on the identification of the cyber powers’ minimal necessary shared perceptions that will set the basis for reinvigorating a productive dialog on an effective global cybersecurity regulation mechanism. By bridging the cyber powers’ related perceptual differences, we will suggest an initial model for a global cybersphere regime. Inspired by existing global security regimes in the weapons of mass destruction realm, the suggested model will seek to establish a strategic equilibrium among the cyber powers by balancing between each side’s national security interests and the potential gains derived from a stable and agreed upon global cyber regulation mechanism.

Research

Jun 24th, 2020
DeepFuzzing: Breaking the Limits of Traditional Fuzzers with Deep Learning
  • computers
  • computers

Fuzzing is an  automated testing process of a computer software,  during which  the tested software is provided  and run with automatically generated inputs, also called seeds, with the aim of triggering unexpected behaviors. Since enumerating all possible inputs is infeasible for most software, the fuzzers input generation mechanism must emphasize the generation of inputs that are likely to trigger a novel behavior that was never seen before and discount inputs that would lead to a behavior that was already encountered. We  consider  the  problem  of  “Greybox  Fuzzing”,  e.g  effectively fuzzing  an endpoint  software while guided by the softwares code lines coverage. Our approach incorporates three deep learning models, which are learned concurrently and online while the AI-powered fuzzer runs. The first network predicts the correct code coverage map for a given software input, serving as a differentiable model of the execution process of the given software. The second model generates additional useful seeds that are likely to demonstrate new execution paths of the software. A third network, which is a GAN discriminator, helps to make sure that the samples created by the generator appear valid. Our method is expected to greatly increases the effectiveness of the fuzzer as measured by:(i) the number of bugs found during the process, (ii) the number of code lines that were ultimately covered and (iii) the number of newly discovered execution paths of the software.

Research

Dec 10th, 2018
Automatically Verifying User Kernel Extensions

Prof. Mooly Sagiv, School of Computer Science, Tel Aviv University;

Prof. Noam Rinetzky, School of Computer Science, Tel Aviv University;

Dr. Aurojit Panda, Department of Computer Science, NYU;

Research

Dec 10th, 2018
Secure Shared Learning in Healthcare: Inference of Hospital Infection Risks

Prof. Benny Chor, School of Computer Science, Tel-Aviv University;

Prof. Galia Rahav, Sackler Faculty of Medicine, Tel Aviv University and Sheba Medical Center;

Dr. Adi Akavia,  Center for Cyber Law and Policy, Haifa University;

Prof. Zohar Yakhini, Efi Arazi School of Computer Science, IDC;

 

 

Research

Dec 10th, 2018
Memory Access Safety-Checking Tools for Programs that Share Memory with Devices

Dr. Adam Morrison, Blavatnik School of Computer Science, Tel Aviv University;

Dr. Dan Tsafrir,  Department of Computer Science, Technion;

Research

Dec 10th, 2018
Competition and Incentives for Information Exchange Regarding Cyber Security

Dr. Noam Shamir, Coller School of Management, Tel Aviv University;

Dr. Hyoduk Shin, Associate Professor, Rady School of Management, UC San Diego;

Tel Aviv University makes every effort to respect copyright. If you own copyright to the content contained
here and / or the use of such content is in your opinion infringing, Contact us as soon as possible >>