Tag Archive for: Engineering

Engineering faculty-researcher awarded grant to decrease computer chip vulnerabilities

/in


Michael Zuzak, a faculty-researcher at Rochester Institute of Technology, is one of a growing field of engineers looking to improve computer chip security during manufacturing. Current solutions focus on securing specific regions of the chip design. This leaves the larger architecture vulnerable to compromise. Zuzak’s work to secure the entire chip could prevent piracy and help protect intellectual property.

“To get chips fabricated, you have to send the entire design to the manufacturer. Ultimately what we want to protect is what the company considers high value. We want to allocate security to more sensitive, unique parts of the system. The hope is that we will have the ability to prevent intellectual property theft during the entire semiconductor fabrication,” said Zuzak, an assistant professor of computer engineering in RIT’s Kate Gleason College of Engineering.

Zuzak received a two-year National Science Foundation grant to use the developmental practice of logic obfuscation to enable system-wide security during the manufacturing and testing of integrated circuits, also referred to as computer chips.

Global manufacturing companies mass produce integrated circuits. For fabrication, these companies are given extensive design files that can be counterfeited, pirated, or modified. This threatens “high-trust” applications such as healthcare and defense. Logic obfuscation was developed to mitigate threats. The proposed project will develop a design space modeling framework to automatically identify obfuscation configurations capable of system-wide security.

Zuzak is an expert in hardware security and methods to design and manufacture secure and reliable electronic systems. Hiding functionality during the production process is a way to ensure that the design cannot be modified or counterfeited.

“We’ve gotten very good at locking specific parts of the chip. What I am looking at is how we distribute obfuscation optimally throughout the full system to secure it as a whole rather than just specific modules within the chip,” said Zuzak, who is developing AI-driven algorithms to perform security assessments of the physical design that are resistant to…

Source…

Elastio uses reverse engineering to better understand increasingly sophisticated ransomware

/in


Ransomware is on the minds of most corporations today, with a big concern about the impact of getting hit on day-to-day operations. Various solutions have emerged to help mitigate those headaches, including when it comes to cloud-native and cloud services.

The operating model in the cloud is much different than it is on-prem, according to Najaf Husain (pictured), founder and chief executive officer of Elastio Software Inc. That means there’s a very different strategy in place when it comes to technologies in the cloud to make things work, scale and be cost-performant for customers.

“We started out with the cloud in mind. All our technologies [are] focused on the cloud,” Husain said. “We work today on Amazon, you’ll see us go to multiple clouds soon — namely Azure, [Google Cloud Platform], the big triumvirate — but that’s where we start. Usually, the personas we focus on are the cloud security folks. Also, the infrastructure people get involved as well because it’s data. So, we’re kind of in between both of them.”

Husain spoke with theCUBE industry analyst John Furrier at the “Cybersecurity” AWS Startup Showcase event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the secret sauce of Elastio’s solutions and technology, along with the problems it aims to solve. (* Disclosure below.)

Knowing what’s in the data

Elastio is available out of the AWS Marketplace and works with a lot of Microsoft Corp. partners currently. The company also has a team that works with customers directly to get them deployed, with the product installed in 10 minutes through a cloud formation template, according to Husain.

“One thing that’s very unique about what we do, everything’s operated in the customer VPC,” he said. “So, it lives in the customer account, so the data never leaves that account. That’s a very important component of the platform.”

When it comes to Elastio’s core technologies, there are several areas at play, including the company’s deep inspection, its data integrity engine, and its ability to finally detect ransomware, malware and corruption inside data, according to…

Source…

Earning A Master’s In Computer Engineering – Forbes Advisor

/in


Editorial Note: We earn a commission from partner links on Forbes Advisor. Commissions do not affect our editors’ opinions or evaluations.

If you work in the computer technology or engineering field and already have a bachelor’s degree, a master’s in computer engineering can help you qualify for higher-level positions or even a doctoral program, if that’s your goal.

But with the vast selection of master’s degrees out there for tech professionals, how do you know if a master’s in computer engineering is right for you?

In this article, we cover everything you need to know about computer engineering master’s degrees, including admission requirements, common coursework, specializations and career options. Read on to learn more.

What Is a Master’s in Computer Engineering?

A master’s in computer engineering prepares you to work in various technical careers or to pursue a doctoral degree. A computer engineering master’s helps you develop in-depth knowledge of subjects like computer networks and communications principles, hardware, software and computer architecture.

As a computer engineering master’s student, you may need to choose a specialization or concentration, which focuses your studies on a specific area of the field. You should also expect to meet practicum requirements, such as a thesis or project. These often involve in-depth research on an area of interest.

A master’s in computer engineering typically requires around 30 credits and takes two years of full-time study to complete.

Admission Requirements for a Computer Engineering Master’s Degree

Below we list common admission requirements for a computer engineering master’s degree. Standards vary by program but often include the following:

  • Application
  • Bachelor’s degree
  • Transcripts demonstrating a minimum GPA
  • Prerequisite coursework
  • Statement of purpose
  • Résumé
  • Letters of recommendation
  • GRE or GMAT scores
  • English proficiency

Specializations for a Master’s in Computer Engineering

Computer engineering programs may allow you to specialize in a niche area of study. Specialization offerings vary among programs but may include:

Hardware and Computer…

Source…

Social Engineering Gains Lead to Spiraling Breach Costs

/in


A full three-quarters of data breaches in the last year (74%) involved the human element, mainly caused by employees either falling for social engineering attacks or making errors, with some misusing their access maliciously.

Social engineering incidents have almost doubled since last year to account for 17% of all breaches, according to Verizon’s 2023 Data Breach Investigations Report (DBIR) released June 6 (which analyzed more than 16,312 security incidents, of which 5,199 were confirmed data breaches). The report noted that this preponderance of human fallacy within incidents comes along with findings that the median cost of a ransomware attack has doubled since last year, reaching into the million-dollar range. The evidence taken together points to a gaping need for organizations to get in control of the security basics — or else face a spiraling cycle of inflation when it comes to data breach costs.

Chris Novak, managing director of cybersecurity consulting at Verizon Business, noted that in order to rein in the trend, organizations need to focus on three things: employee security hygiene, implementing true multifactor authentication, and collaboration across organizations on threat intelligence. The first is perhaps the most impactful issue, he said.

“The fundamentals need to improve, and organizations need to be focusing on cyber hygiene,” he said, during a press event in Washington DC. “It’s probably the least sexy recommendation I can give you, but it is one of the most fundamentally important things that we see organizations still missing, and of all shapes and sizes. And it’s usually because they want to focus on the new flashy technology in the industry, and they forget the basics.”

Financially Motivated External Attackers Double Down on Social Engineering

In addition to social engineering growing in volume, the median amount stolen from these attacks hit $50,000 this past year, according to the DBIR. Overall, there were 1,700 incidents that fell into the social media bucket, 928 with confirmed data disclosure.

Phishing and “pretexting,” i.e. impersonation of the sort commonly used in business email compromise (BEC) attacks, dominated the social engineering scene, the…

Source…