2022 News

Congratulations to Syed Badruddoja, who is currently a PhD student in Network Security Lab. His co-authored paper (Syed Badruddoja, Ram Dantu, Yanyan He, Abiola Salau, Kritagya Upadhyay, and Mark Thompson, “Making Smart Contracts Predict and Scale”) has received the best research paper award at the Fourth International Conference on Blockchain Computing and Applications (BCCA 2022), September 4-6, 2022, San Antonio, Texas, USA. After all the presentations (40 accepted papers), the organizers announced the best paper award.

Once again, congratulations to Syed and all the authors, great teamwork!

Our team has received the top research paper award in IEEE Transactions on Intelligent Transportation Systems (research paper award for 2010-2019) spanning over a decade and among thousands of transaction papers: Mohamed Fazeen; Brandon Gozick; Ram Dantu; Moiz Bhukhiya; Marta C. González, “Safe Driving Using Mobile Phones,” IEEE Transactions on Intelligent Transportation Systems, vol. 13, no. 3, pp. 1462-1468, Sept. 2012. (Google Scholar Citations: 337)

For more information (IEEE award announcement), please refer to: IEEE ITSS

You can also watch the related video on YouTube

Lotfi ben Othmane from UNT faculty is giving a tutorial session during 2022 IEEE Secure Development (SecDev) Conference, which is ​a​ ​venue​ ​for​ ​presenting​ ​ideas,​ ​research,​ ​and​ ​experience​​about​ ​how​ ​to​ ​develop​ ​secure systems. SecDev focuses on theory,​ ​techniques,​​and​ ​tools​ ​to ​“build​ ​security​ ​in” to​ ​existing​ ​and​ ​new​ ​computing​​systems, and does not focus on simply discovering​ ​the​ ​absence​ ​of​ ​security.​The​ ​goal of SecDev​ ​is​ ​to encourage​ ​and​ ​disseminate​ ​ideas​ ​for​ ​secure​​system​ ​development​ ​among​ ​academia,​ ​industry, and​ ​government.​ ​It​ ​aims​​to bridge ​the​ ​gap​ ​between​ ​constructive​ ​security​ ​research​ ​and​ ​practice and​ to ​enable​ ​the real-world​ ​impact​ ​of security research in​ ​the​ ​long​​run. ​Developers​ ​have​ ​valuable​ ​experiences​ ​and​ ​ideas​ ​that​ ​can​ ​inform​​academic research,​ ​and​ ​researchers​ ​have​ ​concepts,​ ​studies,​ ​and​ ​even​​code​ ​and​ ​tools​ ​that​ ​could​ ​benefit developers.​ ​Great​ ​SecDev​ ​contributions​​could​ ​come​ ​from​ ​attendees​ ​of​ ​industrial​ ​conferences like​ ​AppSec and​​RSA;​ ​from​ ​attendees​ ​of​ ​academic​ ​conferences​ ​like IEEE​ ​S&P,​ ​IEEE​​CSF,​ ​USENIX​ ​Security, CCS, ​​NDSS, PLDI,​ ICSE, ​FSE,​ ​ISSTA,​ ​SOUPS, HOST,​​and​ ​others;​ ​and​ ​from newcomers.

Tutorial: Threat Modeling of Cloud-based IT-solutions.
Lotfi ben Othmane (University of North Texas); Heinrich Gantenbein (Microsoft Industry Solutions); Hasan Yasar (Carnegie Mellon University); Simone Curzi (Microsoft Industry Solutions); Altaz Valani (Security Compass); Arun Prabhakar (Boston Consulting Group); Robert Cuddy (HCL Technologies)

Topic: The tutorial aims to train the participants to apply a threat modeling process to identify potential threats to given cloud-based systems and prioritize countermeasures.

As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in software from Microsoft, Google, and Apple.

While this figure represents a decrease from the year before, when a staggering 81 zero-days were weaponized, it still represents a significant uptick in recent years of threat actors leveraging unknown security flaws to their advantage.