Prepared by

U S C PA RT N E R I N G O V E R V I E W: C y b e r s e c u r i t y

A B O U T U S

Our mission is to maximize the translation of USC research into products for public benefit

through licenses, collaborations and the promotion of entrepreneurship and innovation.

Web: http://stevens.usc.edu

Facebook: USC Stevens Center for Innovation

Twitter: @USCStevens

Instagram: @USCStevens

3

TA B L E O F C O N T E N T S

Introduction to USC Cybersecurity Research 4USC Information Sciences Institute 5Secure Your IoT Network & Prevent Breaches and Intrusions 6 Network Security 6 Cyber-Physical System Security 8 Authentication 9Enhance Data Integrity for You and Your Clients 10 Cryptography 11 Big Data Analytics, Social Networks and Data Privacy 11Manage Your Security Resources and Operations 13 Decision and Risk Analysis 13Test & Evaluate Your Defense 14Available Technologies for Licensing 15About USC Stevens Center for Innovation 16

4

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

Introduction

Cybersecurity is a critical global concern with threats to information and operational security that can affect everyday life; from government infrastructures to various industry sectors such as finance, high-tech, healthcare, and retail. In the Internet of Things (“IoT”) space, tens of billions connected devices are vulnerable to cyber attacks due to the lack of consistent privacy and security standardization among IoT products, and due to IoT data providing a lucrative business asset that attracts hackers. Addressing these challenges requires innovative technological solutions to accurately detect threats, to effectively protect the integrity of hardware, software, and network services, and to manage the human components of cybersecurity.

USC has a long, distinguished history of research in cybersecurity with industry and government partners on the frontier of its challenges. USC’s leadership in cybersecurity in combination with collaborative public and private partnerships will advance solutions to counter the newest and most pressing cyber threats to our economy and national security. The Information Sciences Institute (ISI) at USC Viterbi School of Engineering is a premier research institute that excels in the research and development of advanced information processing, computing, and communications technologies.

USC recognizes that collaborative public and private partnerships are needed to overcome cyber threats and the USC Stevens Center for Innovation welcomes the opportunity to discuss the breadth and depth of USC’s unparalleled resources focused on cybersecurity research and related technologies with respect to licensing and impactful partnering opportunities.

P a r t n e r i n g w i t h U S C re s e a rc h c a n h e l p y o u :

SECUREyour IoT network &

PREVENT breaches & intrusions

MANAGEyour security resources & operations

ENHANCEdata integrity for you & your clients

TEST & EVALUATEyour defense

5

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

USC Information Sciences Institute (ISI)

45 years advancing research in information and computing sciences:

• Experimental cybersecurity research• Characterizing the behaviors of individuals and communities

in social media• Trusted electronics• Adiabatic quantum computing• Grid computing• Design and implementation of the Internet’s domain name

system• Voice-over-IP technology• Fabless foundries• Polymorphic robots• Statistical machine translation• Rhetorical structure theory

Industry Partners Include: Lockheed Martin, Northrop Grummany, Raytheon, and Leidos

With its strong reputation from leadership in big data, cyberse-curity, computer science, and informatics, ISI joined the Northrop Grumman Cybersecurity Research Consortium in 2013. The Con-sortium addresses some of the world’s leading cyber problems, including attribution in cyberspace, supply chain risk, and securing critical infrastructure networks.

Premkumar Natarajan, Ph.D.Michael Keston Executive Director, USC Information Sciences InstituteVice Dean of Engineering, USC Viterbi School of EngineeringResearch Professor of Computer Science

$73 million in 2015 budget and growing

Notable Federally Funded Programs at ISI

CAUSE – Cyber Attack Automated Unconven-tional Sensor Environment (Funded by IARPA). Applying advancements in big data, open source information, and threat intelligence gathering to anticipate and respond to cyber attacks before they happen. ISI is one of four organizations among BAE Systems, Leidos, and Charles River Analytics, and the only academic institution, selected for the program.

RAVEN – Rapid Analysis of Various Emerging Nanoelectronics (Funded by IARPA). ISI has been awarded a $30.9M contract to develop tools capable of imaging the smallest of features in silicon IC chips to ensure that these chips are free of manufacturing defects.

The Big K: Automatically Discovering the Most Informative Factors in Social Phenome-na (Funded by DARPA). Analyzing large-scale data on human behavior based on ubiquitous sensors and computing to enable researchers to automatically disentangle diverse factors behind human behavior in a principled, data-driven way.

6

NETWORK SECURITY

Center for Computer Systems Security (CCSS)The CCSS conducts research in technologies supporting confidentiality, integrity, resiliency, privacy, intrusion detec-tion and response, and survivability of critical infrastructure. The Center works to encourage development, adoption, evaluation, and integration of security technologies with applications and core network and operating system services, and promote understanding and integration of security policy management and enforcement technologies for distrib-uted systems. Among its current research activities, CCSS researchers have studied resilience to cyber attack in critical infrastructure systems including the power grid and oil and gas extraction. USC, through the CCSS was designated as a DHS and NSA center of academic excellence in information assurance research.

Clifford Neuman, Ph.D.Director, USC Center for Computer Systems SecurityAssociate Director, USC Informatics ProgramAssociate Professor of Computer Science PracticeUSC Information Sciences Institute (ISI)USC Viterbi School of Engineering

Information Sciences Institute – Internet and Networked Systems DivisionThe Internet and Networked Systems Division explores sensor networks and cybersecurity, along with network infra-structure, design and simulation, among other thrusts. Researchers emphasize both theory and practice across a wide range of technologies and potential uses. For example, current initiatives include research, development and appli-cations in security test beds; cyber infrastructure for self-sustaining sensor networks; and Internet measurement and monitoring. The Division’s principal focus areas are: Internet infrastructure and network architecture; networked systems cybersecurity, cyber-physical systems and the smart grid, network simulation, protocol design, traffic and performance modeling; congestion control, high-speed communications and embedded systems.

John Wroclawski, M.S.Director, Internet and Networked Systems DivisionUSC Information Sciences Institute (ISI)

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

Secure Your IoT Network & Prevent Breaches and Intrusions

7

NETWORK SECURITY (CONTINUED)

Information Sciences Institute – Secure and Robust Electronics (SURE) CenterCybersecurity systems require both hardware and software assurance to be effective. The SURE Center’s main goal is to achieve electronic hardware safety by seeking to investigate and address state-of-the-art manufacturing complexities that significantly have compromised four key aspects of chip production: trust, security, resilience and reliability. Trust is defined as assurance that hardware is what it is supposed to be, no more and no less. Security involves ensuring that chips cannot be hacked or counterfeited. Resilience concerns error tolerance, or ability to withstand harsh environments in space or from ground-based radiation. Reliability centers on ensuring chips don’t wear out prematurely. As experi-enced industry collaborators, the SURE Center also aims to accelerate the scale, pace and impact of hardware robust-ness and security technology development.

Matthew French, MEDirector, Secure and Robust Electronics (SURE) CenterDeputy Director, Computational Systems and Technology USC Information Sciences Institute (ISI)

John HeidemannAt ISI, Dr. Heidemann leads the Analysis of Network Traffic Lab, studying how large Internet topology and traffic data in-form network reliability, security, protocols and critical services. He has research expertise in network measurement and topology, computer networking systems, embedded networking and location-aware computing, Internet / World Wide Web, network simulation, computer operating systems and stackable design of computer file systems.

John Heidemann, Ph.D. Research Professor of Computer Science, USC Viterbi School of EngineeringSenior Project Leader, Computer Networks

Kai HwangDr. Hwang’s research contributions cover the areas of scalable multiprocessors, distributed RAID for clusters, multicore processors, trust management, grid job scheduling, P2P reputation systems, distributed intrusion detection systems, benchmark evaluation of supercomputers, cloud computing, virtualization support and Internet worm containment.

Kai Hwang, Ph.D. Director, USC Scalable Computing Research LaboratoryProfessor of Electrical Engineering and Computer ScienceUSC Viterbi School of Engineering

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

8

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

CYBER-PHYSICAL SYSTEM SECURITY

Center for Cyber-Physical Systems and the Internet of Things (CCI)The CCI brings together more than 30 USC faculty members with expertise in networks, machine learning, data management, optimization, software and systems engineering, transportation, manufacturing, robotics, and cyber-security. The Center works to develop fundamental understanding and innovative technologies to bridge the gap between the cyber and physical worlds through the seamless connectivity provided by IoT. CCI aims to address key societal challenges including enhancing urban living through smart infrastructure and connected communities, and securing cyber-physical systems.

Bhaskar Krishnamachari, Ph.D.Associate Professor and Ming Hsieh Faculty Fellow in Electrical EngineeringDirector, Center for Cyber-Physical Systems and the Internet of ThingsDirector, Autonomous Networks Research GroupMing Hsieh Department of Electrical EngineeringDepartment of Computer Science (Joint Appointment)USC Viterbi School of Engineering

Viktor K. PrasannaProfessor Prasanna leads the integrated optimizations efforts at the USC-Chevron Center of Excellence for Research and Academic Training on Interactive Smart Oilfield Technologies at USC and the demand response optimizations in the LA Smart Grid project. His research interests include high performance computing, parallel and distributed systems, reconfigurable computing, cloud computing and smart energy systems. Professor Prasanna’s recent work in cybersecurity includes developing a strategic resource availability management system to improve CPS security in smart grids and a system for real-time threat detection in CPS.

Viktor K. Prasanna, Ph.D.Charles Lee Powell Chair in EngineeringDirector, Center for Energy Informatics (CEI)Director, Computer Engineering DivisionProfessor of Electrical Engineering, Computer Engineering Divisionand Professor of Computer Science, USC Viterbi School of Engineering

9

AUTHENTICATION

Clifford NeumanDr. Neuman is one of the principal authors of the Kerberos authentication system. Kerberos provides real-time authentica-tion of users (or processes acting on behalf of users) to service providers and it optionally supports real-time authentication of servers to users. Kerberos can be used to establish an authenticated communication channel between parties, protect-ing the integrity of the channel, and optionally protecting the privacy of the communication. The Kerberos authentication system is included and deployed with almost all networked operating systems including Linux and Microsoft Windows.

Clifford Neuman, Ph.DDirector, USC Center for Computer Systems SecurityAssociate Director, USC Informatics ProgramAssociate Professor of Computer Science PracticeUSC Information Sciences Institute (ISI)USC Viterbi School of Engineering

Jelena MirkovicDr. Mirkovic is an expert in network security. Her current research focuses on password-based authentication, botnets, de-nial-of-service attacks and privacy. Additionally, she is working on methodologies to improve security experimentation on network testbeds, like DETERLab.

Jelena Mirkovic, Ph.DProject Leader, USC Information Sciences Institute (ISI)Research Assistant Professor of Computer ScienceUSC Viterbi School of Engineering

Media Communications LabThe Media Communications Lab is devoted to theoretical studies and practical applications of multimedia data process-ing, communication and networking technologies. Current research activities of the lab include: multimedia data com-pression, audiovisual content analysis, abstraction and management, graphic modeling and rendering, machine learning, and computer vision. One of the Lab’s research topics related to cyber security is deep learning for splicing image/video detection and localization.

C.-C. Jay Kuo, Ph.DDirector of USC Media Communications Lab (MCL)Professor of Electrical EngineeringJoint Appointment in the Department of Computer Science and Department of MathematicsUSC Viterbi School of Engineering

Joseph GreenfieldGreenfield’s domain specialization is in computer security and digital forensics. While at USC, he has developed ten cours-es in the fields of information security and digital forensics in addition to building two academic minors: Applied Computer Security and Digital Forensics. His research lies in the realm of peer-to-peer forensics, digital forensic imaging techniques and computer security and forensics education.

Joseph Greenfield, M.S. Associate Professor of Information Technology PracticeUSC Viterbi School of Engineering

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

10

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

Enhance Data Integrity for You and Your ClientsCRYPTOGRAPHY

Kevin KnightDr. Knight is an expert in artificial intelligence, cryptography and code breaking. His research interests include artificial intelligence, natural language processing, machine translation, machine learning, automata theory and decipherment.

Kevin Knight, Ph.D.Research Assistant Professor of Computer Science, USC Viterbi School of EngineeringProject Leader, Natural Language Group, Intelligent Systems Division, USC Information Sciences Institute (ISI)

Muhammad NaveedDr. Naveed’s research is focused on working on computer security and applied cryptography, including developing methodology for processing encrypted data.

Muhammad Naveed, Ph.D.Assistant Professor, Department of Computer ScienceUSC Viterbi School of Engineering

Leonard AdlemanAs a Turing awardee, Professor Adleman is most famous for his contribution to the RSA algorithm (named after him, Rivest and Shamir) published in 1978 under the title “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems.” RSA is an algorithm that allows data to be encrypted; it is one of the bedrocks of security on the Internet. He is also known for his work in number theory; his primality tests and algorithms for discrete logarithms are among his many contributions. Dr. Adleman’s research interests include algorithms, computational complexity, computer viruses, cryptography, DNA computing, immunology, molecular biology, number theory and quantum computing.

Leonard Adleman, Ph.D.Holder of the Henry Salvatori Distinguished Chair in Computer ScienceProfessor of Computer ScienceUSC Viterbi School of EngineeringUSC Dornsife College of Letters, Arts & Sciences

Center for Quantum Information Science & TechnologyQuantum information science and technology is an emerging interdisciplinary academic discipline concerned with the study of the new possibilities quantum mechanics offers for the acquisition, transmission and processing of information. Quantum computers are predicted to solve classically intractable tasks such as breaking cryptographic codes, efficiently search large databases and efficiently simulate quantum dynamics. Quantum cryptography is anticipated to offer uncondi-tional security. The Center’s mission is to advance fundamental experimental and theoretical knowledge in relevant areas of engineering and physical science.

Daniel Lidar, Ph.D.Professor of Electrical Engineering, Chemistry and PhysicsUSC Viterbi School of EngineeringDirector, USC Center for Quantum Information Science & TechnologyScientific Director, USC-Lockheed Martin Quantum Computing

11

BIG DATA ANALYTICS, SOCIAL NETWORKS, AND DATA PRIVACY

Information Sciences Institute - Informatics Systems Research DivisionThe Informatics Division explores the intersection of healthcare and informatics. The research work of this division fo-cuses on grid computing, information security, service-oriented architecture, knowledge engineering, and imaging and medical informatics. The Information Sciences Institute also leads the national Biomedical Informatics Research Network for online collaboration and data analysis.

Carl Kesselman, Ph.D.Director, Information Sciences Institute - Informatics Systems Research DivisionProfessor, Department of Industrial and Systems Engineering, USC Viterbi School of Engineering

Aram GalstyanDr. Galstyan’s current research focuses on various problems at the intersection of machine learning, information theory, and statistical physics. His research includes both theoretical effort and more application-oriented work geared toward describing various real-world phenomena, in areas such as computational social sciences, forecasting and bioinformat-ics. His research has been supported by various U.S. funding agencies, including NSF, NIH, DARPA, IARPA, and ARO.

Aram Galstyan, Ph.D.Research Director, Machine Intelligence and Data Science, USC Information Sciences Institute (ISI)Research Associate Professor, Computer Science DepartmentUSC Viterbi School of Engineering

Kristina LermanDr. Lerman is an expert in social media and network analysis and machine learning. Her current work revolves around deciphering the structure and dynamics of social media and crowdsourcing platforms, such as Twitter, Digg, Facebook, and Stack Exchange among others. Her research objectives include: automatically organizing collective knowledge, dis-covering the structure of user-generated communities, predicting emerging trends and group behavior and identifying the role of cognitive constraints in online interactions.

Kristina Lerman, Ph.D.Research Associate Professor of Computer ScienceUSC Viterbi School of EngineeringProject Team Lead, USC Information Sciences Institute

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

12

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

BIG DATA ANALYTICS, SOCIAL NETWORKS, AND DATA PRIVACY (CONTINUED)

Aleksandra KorolovaDr. Korolova’s research interests are in developing and deploying algorithms and technologies that enable data-driven innovations while preserving privacy. She currently focuses on applications in the web search, advertising, and social network domains.

Aleksandra Korolova, Ph.D.WiSE Gabilan Assistant Professor of Computer ScienceUSC Viterbi School of Engineering

Marshall’s School of Business - Institute for Communication Technology ManagementThe Institute for Communications Technology Management (CTM) is dedicated to improving our understanding of the impact technology has on business practices and our approach to market research. CTM has studied how trust and pri-vacy affect a customer’s willingness to engage with parties across the Internet. We found that companies that engage in trust-building behaviors engage with their employees and customers in ways that produce more revenue, and increase transaction volume and efficiency. CTM’s efforts to deepen this understanding will grow in importance as technologies such as IoT, Virtual Personas and Artificial Intelligence become more capable and commonplace.

Gerard PowerAssistant Professor of Clinical Marketing and Executive Director, Institute for Communications Technology ManagementUSC Marshall School of Business

Daniel E. O’LearyProfessor O’Leary is an expert on analytics, artificial intelligence, big data, knowledge management and emerging technologies in business settings. Much of his previous research and experience has focused on issues associated with security, privacy and ethics, and the interaction with big data, knowledge discovery and artificial intelligence. O’Leary was among the first to explore the interaction between knowledge discovery and issues of privacy, resulting in notions of “privacy preservation” and was part of the original team that developed the “Systemic Security Management Frame-work” later adapted by ISACA. In particular, his research has investigated a number of issues including reengineering security, intrusion – detection systems for security, security in expert systems, privacy issues in knowledge discovery and data mining, big data and privacy, privacy concerns associated with continuous monitoring systems and ethics for big data and analytics.

Daniel E. O’Leary, Ph.D.Professor of Accounting, Leventhal School of AccountingProfessor, Information and Operations ManagementDirector of Advanced Technologies in Information Systems ProgramUSC Marshall School of Business

13

Manage Your Security Resources and Operations

DECISION AND RISK ANALYSIS

USC Center for Risk and Economic Analysis of Terrorism Events (CREATE)The mission of CREATE is to improve the nation’s security through the development of advanced models and tools for the evaluation of the risks, costs and consequences of terrorism and to guide economically viable investments in home-land security. CREATE conducts the integrated research in these areas: decision analysis, risk assessment, game theory, stochastic and control, risk perception & communication, economic assessment, operations research and countering violent extremism. Through these research areas, the Center provides a comprehensive research and development program that creates models, tools, evaluation methods, software, targeted analyses and communication protocols to enhance the operations of homeland security agencies, making them more efficient and effective at improving the nation’s security.

Detlof Von Winterfeldt, Ph.D.Director, Center for Risk and Economic Analysis of Terrorism Events (CREATE)Professor of Industrial and Systems Engineering, USC Viterbi School of EngineeringProfessor of Public Policy and Management, USC Price School of Public Policy

Teamcore Research GroupCybersecurity relies on both technology and humans and has thus increasingly become a socio-technical issue; therefore one major aspect of Teamcore’s work will be its exploration of human behavior models and tests using human sub-ject experiments. In consultation the U.S. Air Force Academy, Teamcore developed a model to determine the optimal assignment of incoming security alerts to on-duty cybersecurity experts at any given time; this model can help increase both the efficiency and effectiveness of cybersecurity experts on detecting cyber-attacks. An intelligent adversary will try to exploit the weaknesses of the defender’s allocation of on-duty cybersecurity experts based on their varying levels of expertise. Teamcore researchers use game theory to capture the interactions between the defender and the attacker while taking domain features (i.e. varying level of defender’s security expertise) into account when devising the best personnel assignment strategy for the defender.

Milind Tambe, Ph.D.Director of Teamcore Research GroupCo-Director, Center on Artificial Intelligence for SocietyProfessor of Computer Science and Industrial and Systems EngineeringUSC Viterbi School of Engineering

Center for Interdisciplinary Decisions and Ethics (DECIDE)The mission of the Center for Interdisciplinary Decisions and Ethics (DECIDE) is to enhance the research and practice of a decision making on a personal, enterprise, societal, and public policy level, and to increase sensitivity towards ethi-cal considerations in these areas. The Center provides state-of-the-art tools on decision making under uncertainty and multiple objectives in a variety of areas including technology, security, public policy, and climate change. The center is a joint program of the Viterbi School of engineering and the Price School of Public Policy.

Ali Abbas, Ph.D.Director, Center for Interdisciplinary Decisions and Ethics (DECIDE)Professor of Industrial and Systems Engineering and Public PolicyUSC Viterbi School of EngineeringUSC Price School of Public Policy

R E S E A R C H AT U S C : C Y B E R S E C U R I T YR E S E A R C H AT U S C : C Y B E R S E C U R I T Y

14

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

Test & Evaluate Your Defense

CYBER DEFENSE TECHNOLOGY EXPERIMENTAL RESEARCH LABORATORY (DETERlab)

The DETERLab is a state-of-the-art scientific computing facility for cybersecurity researchers en-gaged in research, development, discovery, experimentation, and testing of innovative cybersecurity technology. DETERLab is a shared test bed providing a platform for research in cybersecurity and serving a broad user community, including academia, industry, and government. It enables users to conduct repeatable, medium-scale Internet emulation experiments in malicious code and a wide range of other network security issues. To date, DETERLab-based projects have included behavior analysis and defensive technologies including DDoS attacks, worm and botnet attacks, encryption, pattern detection, and intrusion-tolerant storage protocols. The next generation of cyber experi-

mentation capabilities is in the early stages of development under the Cyber Experimentation of the Future (CEF) pro-gram. Advanced experimental infrastructure will include support for cyber-physical, IoT and human agents.

Terry Benzel, MBADeputy Director for the Computer Networks Division, USC Information Sciences Institute (ISI)Project lead, Cyber Defense Technology Experimental Research (DETER)

15

Av a i l a b l e Te c h n o l o g i e s f o r L i c e n s i n g

Tech ID # Technology Title2014-300 Discovering Structure in High-Dimensional Data Through Correlation Explanation

3849 Energy Efficient Network Reconfiguration for Mostly-Off Sensor Networks3862 Low-power Acoustic Modem for Defense Underwater Sensor Networks

09-464 OPCGuard: Process Control Server security configuration and monitoring13-283 Real-time Prediction of Online Social Network Behavior12-521 An Information-Theoretic Method to Identify Spam in Social Media

2017-072 Techniques to Evaluate and Enhance Cognitive Performance08-360 Minimizing Hazards to the SCE Power Grid

2016-094 Low Overhead Apparatus to Detect and Correct Radiation Effects 12-300 Method of Measuring Accurate Dynamic Power Consumption of Integrated Components and

Sub-circuits

R E S E A R C H AT U S C : C Y B E R S E C U R I T Y

16

U S C S T E V E N S : C O R P O R AT E E N G A G E M E N T

CorporatePartneringLife Cycle

TYPES OF ENGAGEMENT- Involvement with researchers- Student-oriented engagement- Access to resources- Involvement with centers of expertise and schools- Economic development

TYPES OF RELATIONSHIPS- Sponsored Research- Licensing- Incubator access- New Co. creation- Equity investment- Flexible, multi-faceted

USC Stevens

Contact the USC Stevens Center for Innovation

Lawrence Lau, MBA Associate Director, Corporate Collaborations, Physical & Information Sciences laul@usc.edu, (213) 821-0947