Carnegie Mellon University CyLab

Carnegie Mellon University's CyLab was founded in 2003 and is one of the largest university-based cy

Operating as usual

Is your privacy really protected with your fitness tracker? A new proposed label could tell you that 03/14/2024

"By having these labels, the hope is that it will raise the bar, because companies are going to be upfront about this.”

CyLab Director Lorrie Cranor chats with Liz Cohen Printup about the Federal Communications Commission’s Cyber Trust Mark program and commission vote. Watch:

Is your privacy really protected with your fitness tracker? A new proposed label could tell you that Smart products can come with security and privacy risks, and it can be hard to find that information yourself. The FCC is now considering labeling these products so you know the ones you can trust.

How to Protect Your Smart Home From Hackers 03/12/2024

“If it costs $5 for a smart plug, most of it is not going toward thinking about security and privacy first.”

In a Wall Street Journal article, CMU Computer Science Department and Software and Societal Systems Department faculty member Yuvraj Agarwal tells Bart Ziegler why U.S. homes with smart devices are tempting targets for a variety of different :

How to Protect Your Smart Home From Hackers Thermostats. Doorbells. Ovens. Everything is connected to the internet these days—and vulnerable to cyberattacks.

03/12/2024

picoCTF: 2024 is officially underway! If you haven't registered yet, it's not too late! Head over to picoCTF.org to sign up and jump into the action.

03/12/2024

CyLaby director Lorrie Cranor along with Yuvraj Agarwal and Omer Akgul joined forces with Consumer Reports to request amendments to the Federal Communications Commission's Cybersecurity Labeling for Internet of Things Order, to be voted on by the this week:https://www.cylab.cmu.edu/_files/documents/cmu-cr-fcc-iot-labels-2024-march-11.pdf

We’re concerned that the current order omits critical privacy and security information and does not do enough to address consumers’ needs. The CyLab/CR letter asks the FCC to amend the order to correct three problems:

1. The FCC order specifies labels on IoT device packaging with QR codes and the US Cyber Trust Mark and assumes that consumers will all scan the QR codes to get more information. However, our research shows that consumers want security and privacy information on product packaging, accessible without scanning. There should be an explicit requirement to include basic information on the product packaging.

2. The FCC order mentions privacy along with security, but does not include any privacy requirements. IoT labels should include basic privacy information important to consumers such as what sensors a device has and what they do with the data they collect.

3. The FCC order includes a list of required information that must be available through the label QR code. That list is missing critical security and privacy items. The FCC should revisit this list to ensure it includes key information.

www.cylab.cmu.edu

Ariel Zetlin-Jones - Automated Exchange Economies 03/11/2024

Watch Ariel Zetlin-Jones, Tepper School of Business faculty member Co-Director of the Carnegie Mellon Secure Blockchain Initiative (SBI), discuss the economic implications of markets at the 2023 CMU Secure Blockchain Summit:

Ariel Zetlin-Jones - Automated Exchange Economies From Carnegie Mellon University's 2023 Secure Blockchain Summit. Ariel Zetlin-Jones, Co-Director of the Carnegie Mellon University Secure Blockchain Initiati...

Anyone can be a victim as fraud losses hit record high 03/08/2024

“If you get any message through any channel that says you should transfer money or buy gift cards, it’s a scam.”

In a TribLive article, Lorrie Cranor, CyLab Director, shares tips with Jack Troy for spotting “shot-in-the-dark” scammers:

Anyone can be a victim as fraud losses hit record high Almost two years ago, Carol Sepesky’s computer went black. The only thing the Monessen resident could see was a message, supposedly from Microsoft, asking her to call customer support. So she did, and paid $600 to someone posing as a company representative to fix her computer. When they asked....

Matt Weinberg - Statistically Undetectable Selfish Mining 03/07/2024

Watch Matt Weinberg, Associate Professor at Princeton Computer Science, discusses his research on incentives within protocols themselves at the 2023 Carnegie Mellon Secure Blockchain Summit.

Professor Weinberg will return to speak at this year’s CMU Secure Blockchain Summit, which takes place April 16-17. Learn more: https://www.cylab.cmu.edu/research/blockchain/secure-blockchain-summit/index.html

Matt Weinberg - Statistically Undetectable Selfish Mining From Carnegie Mellon University's Secure Blockchain Summit. Matt Weinberg, Associate Professor in the Department of Computer Science at Princeton University,...

Internet of Things Security and Privacy Labels Should Empower Consumers – Communications of the ACM 03/04/2024

The Federal Communications Commission's proposed Order to establish a voluntary IoT labeling program calls for binary labels, but it does not specify the label format and all of the elements that should be included.

In a recent column for ACM, CyLab Director Lorrie Cranor, CMU Computer Science Department and Software and Societal Systems Department faculty member Yuvraj Agarwal, and Duke Computer Science faculty member Pardis Emami-Naeini argue for the inclusion of detailed and data collection information on device labels that goes beyond the FCC’s proposed recommendations:

Internet of Things Security and Privacy Labels Should Empower Consumers – Communications of the ACM Membership in ACM includes a subscription to Communications of the ACM (CACM), the computing industry's most trusted source for staying connected to the world of advanced computing.

FC'24 : Financial Cryptography 2024 03/01/2024

Carnegie Mellon University School of Computer Science Ph.D. student Lisa Masserova’s co-authored paper, “Improved YOSO Randomness Generation with Worst-Case Corruptions,” will be presented at Financial Cryptography and Data Security 2024 on March 5. Learn more about FC'24, which features Elaine Shi, Co-Director of CMU’s Secure Blockchain Initiative (SBI), as Co-Program Chair:

FC'24 : Financial Cryptography 2024 Financial Cryptography and Data Security is a major international forum for research, advanced development, education, exploration, and debate regarding information assurance, with a specific focus on commercial contexts. The conference covers all aspects of securing transactions and systems. Origin...

PRESS RELEASE: Future Software Should Be Memory Safe | ONCD | The White House 02/28/2024

A recent White House report calling on the technical community to adopt memory safe-programming languages and formal methods cites research from Professor Bryan Parno of CyLab, the CMU Computer Science Department, and Electrical & Computer Engineering as part of Project Everest, a collaboration with Microsoft Research and Inria. Project Everest has developed strategies for using formal methods to prove code is correct and secure, and applied them to produce high-assurance cryptographic and communication software components.

Learn more about the report below:

PRESS RELEASE: Future Software Should Be Memory Safe | ONCD | The White House Leaders in Industry Support White House Call to Address Root Cause of Many of the Worst Cyber Attacks Read the full report here WASHINGTON – Today, the White House Office of the National Cyber Director (ONCD) released a report calling on the technical community to proactively reduce the attack sur...

02/23/2024

picoCTF:’s 11th annual capture-the-flag hacking competition for middle school, high school, and college students will take place from March 12 through March 26. Learn more about how picoCTF provides students with a gamified way to practice and show off skills, and register for this year’s competition today: https://www.cylab.cmu.edu/news/2024/02/22-picoctf.html

Photos from Carnegie Mellon University CyLab's post 02/19/2024

Many thanks to Rahul Chatterjee, Assistant Professor in Computer Sciences at UW-Madison Dept. of Computer Sciences, for visiting CyLab this afternoon to discuss and safety risks posed by smart home devices as part of our Seminar Series.

02/14/2024

We’re excited to welcome Rahul Chatterjee, Assistant Professor in Computer Sciences at UW-Madison Dept. of Computer Sciences, to the CyLab Seminar series next Monday, Feb. 19 at 12 p.m. ET to discuss privacy and safety risks posed by smart home devices: https://www.cylab.cmu.edu/events/2024/02/19-seminar-chatterjee.html

02/12/2024

Many thanks to Mike Hicks, Senior Principal Scientist at Amazon Web Services and Professor Emeritus at the University of Maryland, for visiting CyLabLab this afternoon and discussing the Cedar policy language and authorization engine as part of our Seminar Series.

AI-generated voices in robocalls can deceive voters. The FCC just made them illegal 02/08/2024

In an AP article, Professor Kathleen M. Carley of the Carnegie Mellon University School of Computer Science and the Software and Societal Systems Department chats with Ali Swenson about today's landmark Federal Communications Commission ruling outlawing robocalls that contain voices generated by :

AI-generated voices in robocalls can deceive voters. The FCC just made them illegal New Hampshire authorities started an investigation into AI robocalls that mimicked President Biden’s voice to discourage voters.

02/08/2024

We’re excited to welcome Mike Hicks, Senior Principal Scientist at Amazon Web Services and Professor Emeritus at the University of Maryland, to the CyLab Seminar series next Monday, February 12 at 12 p.m. ET to discuss the Cedar policy language and authorization engine: https://www.cylab.cmu.edu/events/2024/02/12-seminar-hicks.html

02/08/2024

Congratulations to CyLab and Carnegie Mellon University Electrical & Computer Engineering (ECE) faculty members Giulia Fanti, Guannan Qu, and Aksh*tha Sriraman on being awarded the National Science Foundation (NSF) Faculty Early Career Development (CAREER) Award! Read more about their proposals and research: https://www.cylab.cmu.edu/news/2024/02/07-nsf-career-awards.html

Robert M. Townsend - Innovative Financial Designs Using the New Technologies (Keynote Presentation) 02/01/2024

Watch Robert M. Townsend, Elizabeth & James Killian Professor of Economics at Massachusetts Institute of Technology (MIT), give the keynote presentation at the 2023 Carnegie Mellon University Secure Blockchain Summit. Professor Townsend shares two key examples and discusses general considerations in optimized financial design in the context of new technologies and economic theory.

Keep an eye on our social channels in the coming weeks for more highlights from last year’s summit, as well as updates on CMU’s 2024 Secure Blockchain Summit, coming this spring.

Robert M. Townsend - Innovative Financial Designs Using the New Technologies (Keynote Presentation) Keynote presentation at Carnegie Mellon University's 2023 Secure Blockchain Summit. Robert M. Townsend, Elizabeth & James Killian Professor of Economics at M...

CyLab Partner Testimonials 01/29/2024

Here at CyLab, we are redefining security in this increasingly connected world with forward-thinking, rigorous academic research. Through our corporate and institutional partners program, our researchers partner with government and industry to advance research and education in and . Learn more about our partner program by hearing directly from some of our corporate partner representatives:

CyLab Partner Testimonials Hear from several corporate partner representatives about how they feel about their partnership with CyLab.To learn more about CyLab partnerships, visit http...

Photos from Carnegie Mellon University CyLab's post 01/28/2024

Thanks to everyone who stopped by CLP-Main (Oakland) today to celebrate International Data Privacy Day with the CMU Software and Societal Systems Department and Carnegie Library of Pittsburgh!

Fake Biden robocall ‘tip of the iceberg’ for AI election misinformation 01/25/2024

In an article from The Hill, Professor Kathleen M. Carley of the Carnegie Mellon University School of Computer Sciencecand the Software and Societal Systems Department speaks with Rebecca Klar about the fake Biden robocall in New Hampshire and its implications for future -generated misinformation:

Fake Biden robocall ‘tip of the iceberg’ for AI election misinformation A digitally altered message created to sound like President Biden urging New Hampshire residents not to vote in Tuesday’s primary added fuel to calls for regulation of artificial intelligence (AI) …

01/22/2024

Many thanks to Professor Lei Li of the Language Technologies Institute at Carnegie Mellon University for sharing his research on attacks and robust watermarking for generative this afternoon as part of our CyLab Seminar Series.

Shaping the future: A dynamic taxonomy for AI privacy risks 01/18/2024

A team of researchers including Professor Sauvik Das of the CMU Human-Computer Interaction Institute and CyLab recently systematized the risks that intersect , data protection, and . Check out IAPP's summary of their findings, courtesy of Henrique Fabretti Moraes and Maria Beatriz Previtali:

Shaping the future: A dynamic taxonomy for AI privacy risks Opice Blum's Henrique Fabretti Moraes and Maria Beatriz Previtali discuss a taxonomy for evaluating privacy risks on AI systems.

Want your school to be the top-listed School/college in Pittsburgh?

Click here to claim your Sponsored Listing.

Creating trust

CyLab brings together experts from a variety of disciplines across the University to collaborate on cutting-edge research and educate the next generation of security and privacy professionals. Everything we do is fueled by our passion to create a world in which technology can be trusted.

Learn more: https://www.cylab.cmu.edu/

Videos (show all)

CyLab envisions the future of IoT device security and privacy labels
On Friday, CyLab and the CMU Software and Societal Systems Department hosted Carnegie Mellon's annual International Data...
Happy New Year!As we move into 2023 and reflect on the past two decades, we want to thank all of our partners, students,...
Happy holidays, everyone! We wish you all a safe, secure, merry, and bright 2022.❄️⛄️
A Privacy Infrastructure for the Internet of Things
Cylab's David Brumley has been called the “Nick Saban” of cybersecurity
Support picoCTF
Data Privacy Day 2018
Support picoCTF
Support picoCTF
Carnegie Mellon's hacking team aims for unprecedented win at D...

Location

Telephone

Address


4720 Forbes Avenue
Pittsburgh, PA
15213
Other Pittsburgh schools & colleges (show all)
Duquesne University Liberal Arts Duquesne University Liberal Arts
600 Forbes Avenue
Pittsburgh, 15282

We are the McAnulty College and Graduate School of Liberal Arts. Diversify your thinking. Reimagine our world.

Carnegie Mellon University Carnegie Mellon University
Pittsburgh

A private, global research university. One of the world's most renowned educational institutions.

Tepper School of Business at Carnegie Mellon Tepper School of Business at Carnegie Mellon
Pittsburgh

The Tepper School consistently ranks among the top business schools in the world. The school’s legacy

The Rachel Carson Institute The Rachel Carson Institute
Woodland Road
Pittsburgh, 15232

The Rachel Carson Institute is part of the School of Sustainability and the Environment at Chatham University

University of Pittsburgh Library System University of Pittsburgh Library System
Hillman Library, 3960 Forbes Avenue, Oakland
Pittsburgh, 15260

The ULS stands at the center of intellectual life at Pitt, fostering connections and knowledge creation and dissemination that help faculty, students, and researchers from around the world to excel in research, scholarship, and creative expression.

Barco Law Library Barco Law Library
3900 Forbes Avenue
Pittsburgh, 15260

The Barco Law Library

Entertainment Technology Center Entertainment Technology Center
700 Technology Drive
Pittsburgh, 15219

The ETC is the premiere professional graduate program for interactive entertainment as it’s applied across a variety of fields. The ETC balances educational goals, professional development, and engaging experiences; or Learn, Work, and Play.

Pitt Business, University of Pittsburgh Pitt Business, University of Pittsburgh
4200 Fifth Avenue
Pittsburgh, 15260

Official page of the University of Pittsburgh Joseph M. Katz Graduate School of Business.

Point Park University Alumni Point Park University Alumni
201 Wood Street
Pittsburgh, 15222

We want to be your biggest fan! Let's Connect, use #pointparkalumni to share your success!