Department of Homeland Security funds new cyber security software

A new cyber security product created by a Mason professor and graduate students was recently released into the commercial market with the help of small local business Kryptowire and the Department of Homeland Security.

The product is software that specializes in brand protection, anti-piracy, analysis and software assurance for mobile applications.

The product was developed at Mason by professor of computer science and Kryptowire CEO Angelos Stavrou and several graduate students.

According to Stavrou, in 2013, the Department of Homeland Security granted Stavrou and his team $250,000 to fund the product.

“[We] provided DHS with evidence that the technology has merits and Kryptowire LLC demonstrated that this technology could be indeed self-supported and commercialized as an enterprise product allowing the further funding and transition of this effort to government agencies,” Stavrou said.

Government and private agencies alike will be able to use the product to search for security vulnerabilities on mobile apps, as well as archive them.

Stavrou went on to say that the product is not an app.

“The technology has two parts: an engine that collects mobile application information and a web portal where analysts can connect and access the information,” Stavrou said. “Analysts can formulate custom queries about mobile applications and use the portal to export and visualize stored information.”

Through Kryptowire, the product was able to enter the commercial market. Located in Fairfax, Virginia, Kryptowire was founded in 2011 by Stavrou and two of his graduate students, Ryan Johnson and Brain Schulte. The DHS offered a second grant, this time to Kryptowire, to help them to continue to produce more products and sell them.

Software like this one are just one small part of Mason’s contribution to the field of cyber security.

“Mason has been on the forefront of developing solutions, both from a technical, management, and policy perspective,” said Christine Pommerening, professor of policy, government and international affairs. “For example, the School of Policy, Government, and International Affairs has cooperated with the Department of Homeland Security on a risk management course for electric utilities. Mason also has the Center for Infrastructure Protection and Homeland Security. And Dr. Sushil Jajodia and his Center for Secure Information Systems was established in 1990 as the first academic center in security at a U.S. university.”

Richard Klimoski, professor of management and psychology, says that students may be particularly susceptible to cyber attacks.

“Students may be especially vulnerable because of the propensity of younger people to be ‘early adopters’ of new technology or social media,” Klimoski said. “They also seem less concerned about personal privacy. All this makes it easier for criminals to take advantage of technical weaknesses of consumer products or devices or of information posted online.”

Pommerening encourages students to strengthen their passwords, as it is the first and best defense for individuals. She went on to say that protecting personal systems and data is as basic as locking the door when leaving home.

Klimoski said that cyber security is a key factor in national security, economic growth, and the well-being of people all over the globe.

Jean-Pierre Auffret, director of the executive degree programs at the Mason School of Business, said tough cyber defenses are necessary in an increasingly technology-dependent world.

“As society becomes more and more reliant on information technology, cyber security likewise becomes more important to protect systems and networks from criminals, activists and even other countries,” Auffret said. “There are risks to critical infrastructure such as electric grid and banking systems, intellectual property including national defense and, increasingly, even cars and home automation.”

While software like the one created by Stavrou and his team are examples of cyber security progress, Auffret believes the U.S. still as a long way to go.

“I think the U.S. has a ways to go on developing a good framework for thinking about cyber security in the foreign policy context,” said Auffret via email.  “For example, there is the challenge of attribution (identifying who has undertaken an attack) and then also the challenge of calibrating and deciding upon a response in light of the range of bilateral issues we might have with a country.”