Past CAST Research Projects

Mitigating Ransomware Attacks by Leveraging Isolation Techniques

Bo Chen, Dipankar Dasgupta

Ransomware has been in the news a lot lately as governments, corporations and individual computer users grapple with how best to protect themselves from those who want to take their data hostage. Drs. Dipankar Dasgupta and Bo Chen of CAST say paying the ransom doesn’t guarantee you’ll get your data back. “And even worse,” says Chen, “it encourages ransomware makers to improve their attacks.” If computer users periodically back up their data using external storage media or public cloud services, ransomware attacks aren’t an issue. However, says Dasgupta, “Because people don’t think it will happen to them, or because it takes time, effort, and money to back up data to another drive or the cloud, many people don’t bother.” The results can be disastrous with companies and individuals having to choose between the difficult and often fruitless attempt to recover encrypted data or paying hundreds or thousands of dollars in Bitcoin, the untraceable cyber-currency. Chen and Dasgupta’s goal is to make backup easier by developing a self-contained backup system. Chen says, “The idea is to use free space on the computer, itself, to store backup data and disguise it using special isolation techniques and cryptographic secrets so that it can’t be detected by the ransomware.” Such a solution will significantly reduce the risk of ransomware attacks, potentially saving companies millions of dollars in lost time and productivity, not to mention the ransom money they will no longer be tempted to pay.

Senior Hospital Administrators' Challenges on Emerging Cyber Security in Healthcare: An Exploratory Study using Q-Methodology

Soumitra Bhuyan, Marian Levy, Dipankar Dasgupta

Protecting the privacy of patients and the security of health care data is becoming increasingly difficult as new cybersecurity threats emerge. Drs. Soumitra Bouyan, Marian Levy, and Dipankar Dasgupta of the CAST Cluster believe the first step to creating viable solutions to obtain an accurate assessment of the concerns of senior hospital administrators. To achieve this goal, they are using an advanced statistical method called Q-methodology to systematically identify, categorize, and assess the adminsitrators’ opinions and concerns about information privacy and security. “With this information, we will be in a much better position to create effective tools that can empower health care workers and mitigate the challenges of healthcare information security,” says Dr. Bouyan. These tools might include interdisciplinary workshops at the UofM in healthcare cyber security to increase awareness and competencies among the healthcare workforce.

Securing Online Review Platforms: An Anomaly Detection Framework Using Advanced Machine-Learning

Naveen Kumar, Deepak Venugopal

Drs. Naveen Kumar and Deepak Venugopal, working within the cybersecurity cluster CAST, are studying the automated response behavior of business owners. “Our goal is to use machine learning to detect anomalies in these responses,” Venugopal says. Machine learning involves the ability of a computer to recognize and “learn” patterns so that anomalies or outliers can be flagged. “The benefits are three-fold,” Kumar says. “Consumers can have more confidence that the responses they get from businesses are genuine. Online platforms can improve their credibility and reputations. And business owners can better understand the potentially damaging effects of responding ineffectively to online reviews.”

Collaborative Monitoring of Moving Target Defense Mechanisms for Cloud Computing

Sajjan Shiva

Investigation and Testing of Cyber Security in Protective Relay System of Smart Power Distribution Grid

Mohd Hasan Ali, Dipankar Dasgupta

Exploring Cyber Security Issues and Solution for Energy Storage at Smart Microgrid System

Mohd Hasan Ali, Dipankar Dasgupta

Protecting Data Security in Smart Internet-of-Things (IoT) Environments

Lan Wang

Impact of Privacy Data Events on Consumer

George Deitz, Mehdi Amini, Subhash Jha

Design of Gamification for Information Security Awareness and Compliance: An Empirical Study in the Context of Phishing Emails

William Kettinger, Jong Lee, Chen Zhang

Corporate Governance Effectiveness and Cyber Security Risk Assessment and Management

Zabi Rezaee, Joseph Zhang