Eleven School of Computer Science (SCS) students competed in phase one of Demo Day at Georgia Tech’s Cyber Security Summit on September 27. Showcasing research posters, the 16 entrants were all vying for the chance to win up to $125,000 in startup funding, grants, and mentorship toward commercializing their work.

Although the Institute for Information Security & Privacy hosts Demo Day in the spring semester, the summit was the first opportunity for students to receive feedback on research from industry professionals and investors.

“It’s a good way to say involved in the cybersecurity community,” said Stacey Truex, a SCS Ph.D. student who competed with her project on privacy-preserving decision tree ensembles. “You aren’t going to accomplish anything just staring at your computer on your own.”

Summit attendees voted on the most compelling projects, with the top three receiving $500 cash and immediate advancement to the spring competition. The winners were Majid Ahmadi’s Tackling Cybersecurity Threats in Smart Grids, Karim Farhat’s Internet of Things Security Management Dashboard, and CS student Tony Zhaocheng Tan’s Phish or Fish: Tackling Phishing as a Usability Problem.

The 16 other competitors can still advance to the final round if they attend six coaching sessions between now and April. Some SCS research highlights:

-Privacy Preserving Deep Learning by SCS Ph.D. student Lei Yu: Deep learning has led to breakthroughs in AI from speech recognition to game playing — but by going through big data that often contain sensitive personal information. Yu’s neural network model preserves data privacy by applying differential privacy techniques to training algorithms while stay maintaining accuracy.

-RAIN: Redefinable Attack Investigation with On-Demand Inter-process Information Flow Tracking by SCS Ph.D. student Yang Ji: Detecting advanced cyber attacks requires detailed and accurate investigation. The RAIN system is a precise and fine-grained way to analyze cybercrime because it goes down the instruction level while still maintaining runtime efficiency.

-PrivacyZone: A High Performance and Light-Weight Location Privacy System in the Era of Internet of Things by SCS Ph.D. student Emre Yigitoglu:  Location data is sensitive and continuous location exposure opens the door for potential misuse such as inference about a user’s medical conditions. For example, if a person visited the hospital a lot, location data could expose they might be ill. PrivacyZone provide a suite of algorithms for constructing personalized privacy zones and enforcing privacy protection for mobile users

-Automating Open-Source Software Risk Management with OSSSanitizer by SCS Ph.D. student Ruian Duan: Open-source software eases development for thousands of mobile and desktop applications, but also increases security and legal risks. OSSSanitizer pulls open-source software together from public sources like GitHub or NVD and combs through for license violations or zero day vulnerabilities. The tool’s unique hierarchical indexing makes it accurate and scalable.

-Phish or Fish: Tackling Phishing as a Usability Problem by undergraduate Tony Zhaocheng Tan: Phishing is often the start of many big breaches, like the Democratic National Convention hack. This project is working with the Office for Information Technology to prevent users from falling for phishing scams by replacing external links with an interstitial page containing site-specific information. This empowers users to make an informed decision about whether a website is safe to visit.

-rtCaptcha: A Real-Time Captcha Based Liveness Detection System by SCS Ph.D. Erkam Uzun: Facial and voice recognition are the future of security but can still be easy to evade using deep learning. rtCaptcha introduces the common screening feature of Captchas to this process, which stalls machines from breaching.