Cyber attacks pose one of the greatest threats to global security today. Clearly, novel solutions to detect and prevent these attacks, as well as to safeguard the global cyber sphere, are urgently needed.
Understanding this challenge, the Israel Prime Minister's Office approached TAU's Major General (ret.) Prof. Isaac Ben-Israel in 2011 to review Israeli national cyber policy. Prof. Ben-Israel's subsequent report, which included the recommendation of positioning Israel as one of the top five global powers in cyber expertise by 2015, was adopted. That led to the establishment of the Israel National Cyber Bureau, with Prof. Ben-Israel as the founding director.
Simultaneously, Tel Aviv University was also expending significant resources to strengthen its own position in the field. The University's cyber group of computer scientists, engineers and national security specialists were advancing pioneering research and transferring their knowledge to decision makers in the government and to security technology firms. TAU breakthroughs were attracting national and international partners, and prestigious academic collaborations with the likes of MIT and Johns Hopkins.
TAU was already uniquely positioned to lead the proposed academy cyber research effort, which is an integral part of Israel's bigger national initiative.
- The TAU Yuval Ne'eman Workshop in Science, Technology and Security was continuing its work to keep cyber research at the forefront of Israel’s natural security strategy. Reports produced by Workshop research fellows regularly land on the desks of government and business decision-makers.
- The Senior Cyber Forum, an offshoot of the Yuval Ne'eman Workshop, brings together the top 100 CEOs and VP of Israeli cyber security companies — including Microsoft, Google, HP, etc. — with TAU researchers, government representatives and VC managers. This is a unique tool, ideal for breaking down traditional barriers among universities, business and industry, and government.
- Internally, the University's resolve to advance multidisciplinary research was tearing down boundaries between disciplines and enabling scientists and engineers and business and policy experts to work together to find fresh solutions to complex problems.
- TAU was in the early stages of a five-year commitment to bring home outstanding Israeli academic stars in the cyber field. Since the effort began, TAU has been more successful than any other Israeli academic institution — in cyber security in particular; and in bringing new faculty home in general.
The yield from that commitment has been significant. 30+ groups across five faculties, school and departments have launched and conducted some of the world's most compelling cyber security investigations into cloud computing, networks, image and video recognition, cryptographic building blocks, securing software and hardware, policy initiatives, legal issues, public security and user behavior. A partial list of current projects is included below.
Prof. Ran Canetti is investigating methods that will verify complex outsourced computations that are being used by multiple-cloud providers as long as at least one of those clouds is providing a correct answer — verifiability assuming a little bit of trust. The Canetti team has developed a method that guarantees a correct answer, even if all other cloud servers are in collusion.
Prof. Amir Averbuch has developed critical infrastructure that can find meaningful geometric representations of both normal and deviant behavior in cloud and networking data. The methodology trains the system to extract heterogeneous features, identify the various normal profiles and then find the patterns that deviate from them. The application is in beta testing at NOKIA, the Government of Israel, Applied Materials, Cisco and Check Point Systems.
Prof. Yuval Shavitt is improving the accuracy of IP geolocation databases, which is often critical to identifying the source of a cyber attack, either in real time or in post-mortem analysis. Existing IP geolocation databases still have a lot of errors — some in the range of thousands of miles.
Dr. Eran Tromer and his team are developing an improved alternative to Bitcoin. That is, a privacy-preserving digital currency that enables instantaneous payments across the Internet without any central trusted body, thus avoiding a single point of failure, and without compromising the privacy of consumers and merchants.
Image and Video Recognition
Prof. Yehuda Afek is working to build algorithms that will recognize faces in unconstrained videos. While related to face recognition in still images, video has its own unique characteristics and requirements. Several methods have been suggested and a few benchmark data sets have been assembled. But there's still a sizable gap between actual application needs and current state-of-the-art. The Afek team is developing novel set-to-set similarity measures that employ multiple classifiers and multiple descriptors to capture the appearance of an individual's face as depicted in a video clip. These new methods are shown to achieve significantly better performance than all existing methods, even under the most challenging and uncontrolled conditions.
Dr. Alex Bronstein is studying theoretical and computational tools for 3D face recognition. The goal is to develop efficient localization, recognition and pose estimation of deformable, articulated and entangled 3D geometric objects in cluttered scenes with high levels of noise and occlusions. Possible applications: autonomous vehicle navigation through debris and analysis of georadar and similar data.
Cryptographic Building Blocks
Dr. Benny Applebaum is building ultra-fast, highly efficient cryptographic functions — encryption schemes and digital signatures — that can be implemented by computationally weak devices, such as smartphones, smart cards or RFIDs,* while still providing security.
Prof. Yuval Shavitt is devising algorithms that can detect malware — the general term for hostile software designed to disrupt computer operation, gather sensitive information or gain access to private computer systems. These novel algorithms can detect independent, seemingly random activity, as well as malicious activity done in conjunction with legitimate activity.
Dr. Eran Tromer and his team are studying acoustic information leakage, where noise made by common computers reveals information about the secret data they are operating on. The team has discovered that computer sound recorded by special microphones or even regular cellphones can be analyzed to reveal secret encryption keys. They're evaluating the extent of the risk and working with developers to mitigate them.
Prof. Avishai Wool is working to defend cars, trucks and buses against cyber attacks. Today, vehicles have between 20 and 30 computerized systems, all connected via a communication network that typically uses the CAN-bus protocols. That is, an area network designed to allow microcontrollers and devices to communicate without a host computer. New research has shown that the network environments are vulnerable to theft, vandalism and electronic surveillance.
Prof. Isaac Ben-Israel and his group are investigating how a state can influence ideas and perceptions of reality using various social network platforms and developing a model that can be implemented by governments and other organizations to achieve national objectives.
Prof. Nathan Intrator is using advanced machine learning tools to characterize the typical behavior of different users in an organization to detect anomalies in their behavior even when they perform within their authorized range of activities. Internal users who work behind firewalls and other protection systems may pose the biggest threat — even with no ill intent.
* Radio-frequency identification (RFID) is the wireless non-contact use of RE electromagnetic fields to transfer data for the purposes of automatically identifying and tracking tags attached to objects, i.e. to prevent shoplifting.