Introduction
The University of Georgia is uniquely positioned to significantly enhance education and workforce development, new discovery and statewide knowledge transfer to benefit the State of Georgia and our partners in cybersecurity and defense. The Athens campus of the state’s most comprehensive institution of higher learning is in close geographic proximity to Ft. Gordon, and UGA brings a strong commitment to intercollegiate, intergovernmental and public-private collaboration to this endeavor. Our existing culture of interdisciplinary cooperation and excellent business and government relationships will be well-leveraged as we address together the challenges and opportunities of cyber activities and threats. As further outlined below, the University of Georgia offers key areas of expertise that bring both near-term value to the cybersecurity effort and forward-thinking, futuristic skillsets that will create new strategies, tools and methods that can be broadly integrated to keep our nation one step ahead of its adversaries while maintaining the world’s strongest and most resilient economy. This white paper highlights key strengths of UGA in the field of cybersecurity, including education and workforce training; research and technology transfer; and the use of the University’s existing statewide infrastructure and networks to ensure comprehensive access to cybersecurity activities and information.
I. Education and Workforce Training
UGA educates today’s graduate and undergraduate students to think broadly and strategically while learning the specific skills necessary to address urgent cybersecurity challenges for today and tomorrow.
Modern cybersecurity challenges span disciplines—from computer science to engineering, business and health information, among many other fields. The University of Georgia offers instruction related to cybersecurity in each of these fields while also training students to think holistically so that they can be prepared to meet challenges at the interface of disciplines.
Our Department of Computer Science (CS) within the Franklin College of Arts and Sciences offers a Graduate Certificate in cybersecurity, and it will offer a CS Undergraduate Certificate in Cybersecurity as well. Additionally, the CS Department is developing a Master of Science degree in Cybersecurity.
Current CS courses related to cybersecurity include: Cybersecurity, Computer Networks, Software Security and Cyber Forensics; Advanced Network and Security Systems; Computer Networks and Security Systems; and Privacy-Preserving Data Analysis, among many others.
Our CS faculty members and students have distinguished themselves at the national level. Two CS professors, Drs. Kang Li and Roberto Perdisci, received funding from the National Science Foundation to develop and evaluate challenge-based, hands-on cybersecurity education materials. Their project will provide insights that will make CS education across the nation more relevant, current and impactful. Additionally, the UGA undergraduate security team qualified in the 2016 DARPA Cyber Grand Challenge (CGC) Final competition. The UGA team was one of only seven selected by DARPA (the Defense Advanced Research Projects Agency) from more than 100 teams from the U.S. and abroad.
Like our Department of Computer Science, UGA’s College of Engineering (COE) has experienced significant growth over the past several years. Ninety percent of the nearly 2,000 students in the COE learn the fundamentals of programming. All Computer Systems Engineering students take advanced programming courses in both engineering and computer science, and all Electrical and Electronic Engineering students learn microcomputer programming. Additionally, COE offers related courses in sensors and transducers (data collection), network analysis, and data visualization. COE also recently partnered with industry to introduce two new undergraduate courses in informatics and big data analytics.
UGA’s Institute for Disaster Management—a unit of the College of Public Health directed by Dr. Cham Dallas—offers a number of courses in which cybersecurity is explored in depth: Introduction to Disaster Management, Disaster Management for Health Professionals, Understanding Terrorism and Homeland Security, Disasters & Society, Disaster Policy, International Aspects of Disasters. IDM students engage in disaster modeling exercises at the IDM Emergency Operations Center. Through participation in community disaster simulations, they receive direct, hands-on experience with the causes and progress of disasters and the technology used to track and respond to disaster situations.
UGA’s College of Public Health offers significant training in the impacts of cyberattacks on healthcare organizations and other public health related institutions. CPH students preparing for research careers and other professions receive ethical training regarding the protection of confidentiality, which encompasses maintaining secure electronic records in an environment subject to cyberattacks.
UGA Terry College of Business graduates in Management of Information Systems (MIS) are sought after for a variety of cybersecurity careers. This past year, over a dozen graduates accepted security-related positions such Risk Advisory Consultant, IT Risk Consultant, Cyber Risk Services Consultant, Cybersecurity Consulting Associate, and Forensic Tech. The hiring companies included PricewaterhouseCoopers (PwC), EY, KPMG, Deloitte and Crowe Horwath.
One of the most innovative cybersecurity offerings in the Terry College of Business is “Cybersecurity and Information Systems Governance, Risk, and Compliance,” an upper-level class offered every semester to MIS students. The course incorporates a variety of hands-on learning experiences, including a weekly group conference call with PwC-Atlanta Cybersecurity, Privacy, & IT Risk professionals and a semester long group case study with PwC. Additionally, students learn to have a “security/risk” mindset, covering systems thinking, governance, enterprise frameworks, cybersecurity and IP protection, regulation and compliance, solutions to security threats, audit and controls, and business continuity and disaster recovery. Students actively engage with current security issues and public, well-known breaches and learn the different types of breaches that occur, how to mitigate risks, and an overview of securing client systems and networks.
Within UGA’s College of Education, which produces more than 1,200 new graduates each year, all Learning, Design, and Technology courses, which are taken by preservice teachers from across the college, address preK-12 student privacy and data security. The size and excellence of our College of Education provide the state with a valuable site to anchor a critical component to cybersecurity – teaching the teachers.
In addition to the discipline-specific informatics offerings noted above, the campus-wide Georgia Informatics Institutes—housed in the College of Engineering but open to the entire University—offers an informatics core curriculum that will serve as the basis for the graduate Informatics Certificate, a credential that signifies expertise in data collection, data analysis and data security. A new undergraduate minor in informatics is in development, as well, and it will prepare students from across campus to securely leverage big data to address challenges in a variety of fields.
II. Research, Scientific Collaboration and Partnerships for Discovery
UGA’s collaborative and interdisciplinary research expands the frontiers of knowledge in cybersecurity and related fields
Leading-edge Research
The University of Georgia has long been a leader in informatics, with more than 160 faculty members whose research leverages big data to boost the productivity of businesses and enhance privacy and cybersecurity, among many other applications. Cybersecurity in particular has seen significant growth in research activity over the past several years, as the need to protect critical information and infrastructure becomes more acute.
In CS, Drs. Roberto Perdisci, Kang Li and Kyu Lee have active grants in cybersecurity, and collaboration with Georgia Tech is already underway. Research endeavors include “Exposing and Mitigating Cross-Channel Attacks that Exploit the Convergence of Telephony and the Internet,” “AMICO: Accurate Behavior- Based Detection of Malware Downloads,” “Passive and active DNS monitoring tools for detection and tracking the evolution of malicious domain names” and “CAREER: Automatic Learning of Adaptive Network-Centric Malware Detection Models.” These projects underscore the critical research in cybersecurity done at UGA and within USG.
Since joining UGA, Dr. Perdisci has secured more than $2,000,000 of extramural funding. His currently active externally funded projects include two grants from NSF, including the NSF CAREER Award noted above, a grant from the federal Department of Homeland Security, and an incoming grant from DARPA. Dr. Perdisci has recently published several works in the most highly ranked cybersecurity conferences, and
he has produced more than 30 publications, 12 of which appeared in the most prestigious and selective academic computer security conferences.
Kyu Lee is engaged on a project from DARPA Transparent computing: “TRACE: Tracing and Analysis of Causality of Enterprise-level.” Kang Li’s “Detecting Flaws in Virtual Devices by Conformance Checking”, funded by NSF, will result in additional advances in cybersecurity.
Best Paper Awards have gone to nearly a dozen UGA researchers for the two research publications: “Forwarding-Loop Attacks in Content Delivery Networks” in the proceedings of the 23th Annual Network and Distributed System Security Symposium and “PeerRush: Mining for Unwanted P2P Traffic,” in the proceedings of the 10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment.These international honors highlight the far-reaching impact of the research conducted at UGA and the high regard with which our faculty members are held.
Dr. Jaewoo Lee is developing creative tools for analyzing privacy-enhanced data through a project titled “Concerns about privacy are barriers to collecting system usage data and utilizing them to identify system vulnerabilities.” The goal of this project is to develop new tools that account for the noise and extract useful statistical information from data.
Given the increasing depth of expertise in the field, the CS Department is deploying a UGA Cybersecurity Center to create new research synergies.
The Georgia Informatics Institutes (GII) for Research and Education are housed in the College of Engineering and open to the entire campus. The GII infuses informatics research and education across disciplines. Dr. Kyle Johnsen, Associate Professor of Engineering and GII Director, researches simulation-based training, natural interfaces, human-computer interaction, virtual reality, and other areas with implications for cybersecurity.
The Institute for Resilient and Sustainable Systems (IRIS) is housed in COE and includes faculty members from more than nine academic units across campus. IRIS focuses on ensuring that physical and man-made systems are resilient to fast- and slow-timescale perturbations such as targeted attacks.
Additional COE research on power grid analysis and security is industry funded. NSF funds research on network communication and security; cyber-physical system resiliency; data visualization. COE’s Dr. Zion Tse conducts industry-funded research on the security of Bluetooth-enabled medical devices such as, insulin pumps, personal care devices. Additionally, research on facial recognition and biometrics is DARPA-funded. NSF and NIFA fund research on sensors, sensor network.
In August of 2017, the Management of Information Systems (MIS) department of the Terry College of Business (Terry) will welcome Dr. Weifeng Li, who focuses on cybersecurity research that is driven by statistical models, particularly in Natural Language Processing (NLP) and Machine Learning (ML). Weifeng’s research concentrates on developing social media analytics to study cybercriminal communities, such as the online black market. His research interests also include cybercriminal interaction analysis, cybercrime attribution, and emerging threat detection. He collaborates with both academia and industry on a number of research projects, and he has extended his research to Chinese online black markets through partnerships with scholars from a leading research institute in China.
Dr. Debabroto (Dave) Chatterjee, Associate Professor in Terry’s MIS department, has expertise in the various facets of enterprise information technology (IT) governance and leadership – from technology sense-making to implementation and change management, data governance, internal controls, information security, and performance measurement.
UGA’s Center for International Trade and Security (CITS) in the School of Public and International Affairs focuses on security related to chemical, biological, radiological, and nuclear threats. Scott Jones, Director of CITS, has had preliminary discussions to initiate a cybersecurity program at CITS. CITS has also been in discussion with the College of Engineering regarding possible technology-policy cybersecurity projects. The School of Law and Terry College of Business are other possible partners.
SPIA’s Jason Anastasopoulos has research interests related to unique cybersecurity challenges that state control of federal elections poses for elections moving forward, especially since all elections will eventually be conducted using voting machines (or perhaps even online). Another SPIA researcher worked on the team that published a study in the Journal of Global Security Studies that sits at the intersection of politics and cybersecurity, “Repression, Education and Politically Motivated Denial of Service Attacks.”
Big data has the potential to make health care more efficient and cost-effective, but it also creates new threats to information security. To address these issues and others, CPH has created the Health Informatics Institute (HII). In addition to creating a hub for interdisciplinary interactions among faculty with active research programs in health informatics, the HII is developing state-of-the-science courses and mentoring opportunities to prepare the next generation of innovators in health informatics. The HII also engages with the wider community to gain pragmatic insight about applying health informatics tools and capabilities to understand and address real-world problems.
With the expansion of its instructional offerings and the completion of its emergency operations teaching facility, the impact of the program on UGA students generally and for those seeking careers in the field has dramatically increased.
CPH’s Global Health Institute (GHI) facilitates international public health research which typically involves the collection and transfer of protected health information, requiring significant attention to cybersecurity. The College’s Institute for Disaster Management (IDM) is engaged in a wide range of situational research projects requiring a knowledge of cybersecurity issues, tools and systems.
Extensive Industry Partnerships
COE faculty members currently partner with Southern Company on power grid analysis and with Siemens on Digital transformation & informatics. Additionally, there have been numerous hires in data analytics & informatics by GE Power Systems.
Intel awarded a grant to Drs. Kang Li and Roberto Perdisci for collaboration with Intel Science and Technology Center. In the past years, Dr. Li has served as external board director for multiple cybersecurity related startup companies, including ISC, Conformics, and 360 Security. He also has served as a consultant for security research groups at Samsung North America, Cisco Systems, and Intel.
Dr. Perdisci is has a strong record of technology transfer. For example, he has received funding from theUS Department of Homeland Security under the DHS Transition to Practice program. This grant of $350,000 was awarded to support the transition to market of a defense system, called AMICO, that Dr. Perdisci and his research group created to defend critical computer networks from malicious software. The AMICO system is now being used by the Information Security Office of UGA Enterprise Information Technology Services (EITS) to detect malware infections within UGA’s campus network and to promptly alert affected network users. In addition, a new technology invented by Dr. Perdisci and funded in part by
NSF, called WebWitness, has been recently licensed by UGARF to Damballa (now Core Security), a network security company based in Atlanta
Dr. Perdisci also has collaborated with other start-ups in the Atlanta area, such as Pindrop Security, and with larger security companies, such as Trend Micro.
The Assistant Secretary for Preparedness and Response (U.S. ASPR) and the Georgia Department of Public Health fund Institute for Disaster Management (IDM) exercises at Georgia hospitals, nursing homes, and other components of the healthcare system. The ability of cybersecurity lapses or intrusions to cause havoc in the emergency response system, and the appropriate responses to these potential events are critical support functions that are tested and evaluated by UGA in its oversight of these exercises.
In the Washington, DC region, IDM organized a major exercise last summer involving the impact of a cybersecurity-induced collapse of the power grid in the Capitol Region, with an emphasis on the impact to the healthcare industry. All of the hospitals in the Capitol Region were covered by the exercise, and it was found that the healthcare community was not able to meet the 72-hour period of expected capability of hospitals to continue operating off the power grid. The Institute is planning additional exercises to test health care system resilience after power grid collapse.
III. Deployment Statewide and Beyond
With its statewide network of Public Service and Outreach resources, UGA is uniquely positioned to prepare Georgia’s business community and municipalities to address cybersecurity challenges.
Extensive Statewide Networks
Public Service and Outreach (PSO) at the University of Georgia has extensive statewide networks to immediately deploy training and technical assistance related to cybersecurity. More than 500 PSO and Cooperative Extension faculty and staff work across Georgia with partners in business, state and local government, and non-profits. UGA’s outreach programs provide technical assistance, training, and applied research on complex issues to people and communities in all 159 counties.
UGA has begun engaging Georgia’s small business community on cybersecurity. This is critical since more than 93 percent of all companies in Georgia are small businesses, and cyber criminals and state actors have specifically identified the unprepared small businesses as an entry point to connect digitally with larger corporate and government vendors/customers. Next spring, UGA’s Small Business Development Center (SBDC) will pilot a CyberStrength 2017 seminar in Columbus to help small businesses understand the threats posted by cybersecurity issues and help them develop or strengthen their cybersecurity plan. The SBDC also provides information and resources for small businesses on this issue online at
https://www.georgiasbdc.org/preparedness/technology-preparedness/cyber/.
UGA’s Carl Vinson Institute of Government manages training for the Georgia Management Information Systems (GMIS) association, which is composed of local and state government IT professionals. Topics are discussed with their training board and then added to the schedule in what is known as the Geek Track, a four-day program focused on IT challenges which includes cybersecurity.
The Certified Government Chief Information Officers (CG-CIO) certification that the Vinson Institute offers requires a session on cybersecurity that covers security protocols, common mistakes by employees that impact cybersecurity and post security breech actions. For local elected officials, the Vinson Institute offers a Technology Solutions course that includes information on cybersecurity. Finally, the institute coordinates
city and county manager training and has a technology literacy course planned for this spring.
In addition to the trainings noted above, the Vinson Institute has provided technical assistance and security audits for local governments and regional commissions in response to cybersecurity issues. These activities include ensuring firewalls, security protocols, processes are in place for security. Vinson also provides a secure infrastructure for many state agencies, with examples such as the property database for Georgia Building Authority, natural resources and historic sites for DNR, and the Juvenile Justice Data Clearinghouse.
Additional Opportunities
SBDC reaches 4,110 clients annually for consulting work and another 3,324 in its training programs. The Vinson Institute touches 25,000 state and local government officials annually through training, including city and county managers, IT directors, elections officials and others. The network is in place to quickly deploy enhanced cybersecurity training and technical assistance for governmental policy makers and professional staff and business people. Likewise UGA’s Fanning Institute for Leadership Development and Archway Partnership have community-based networks in place that can easily be deployed.
Vinson is working with the Department of Economic Development workforce division to help address workforce gaps. Cybersecurity was identified as one of the areas of focus as part of the Governor’s High Demand Career Initiative (HDCI). Establishing more internship opportunities with companies and developing more rapid and stackable training and education models are priorities for the department. Vinson can help communities develop a cybersecurity career path that aligns the education programs in a community with the needs of local employers. Additionally, The Georgia Center for Continuing Education could support the HDCI by offering entry-level training to teach courses that are part of the cybersecurity career pathway being developed by the USG and the HDCI cybersecurity taskforce.
Special note: UGA’s Senior Service Fellowship Program with the Department of Defense
In November 2016, UGA joined a highly prestigious group of U.S. war colleges and universities that offer approved select fellowship and training programs to senior service fellows from the Army War College in the Department of the Army.
Two distinct fellowship programs approved to be offered by UGA in partnership with the Department of Defense pertain to and address pressing national security issues. In both programs, Senior Service Fellows selected by the Department of Defense will spend ten months at UGA immersed in faculty-mentored research with the opportunity to audit graduate level courses.
The first program is the Army War College Fellowship in Infectious Disease and Population Health. This program combines UGA’s national excellence in infectious diseases research with signature work being done in population health to develop safeguards to control the spread of diseases. This program encompass biomedical and computer sciences, research policy, and supervised study in the handling of pathogens through the Franklin College of Arts and Sciences, College of Veterinary Medicine, and the School of Public and International Affairs.
The second program is the Army War College Fellowship in Global Food Security and Agrosecurity. This program is based in the University of Georgia’s College of Agricultural and Environmental Sciences and combines agricultural science and food system infrastructure, policy and security.
Approved partners with the Department of Defense to offer other senior service fellowship programs relating to national security include several U.S. war colleges (Army War College, National War College, Eisenhower School for National Security and Resource Strategy, Naval War College, Air War College, Marine Corps War College and the Joint Advanced Warfighting School) and universities (Tufts University, Duke University, Stanford University, Harvard University, Carnegie Mellon University, Massachusetts Institute of Technology, Yale University, Columbia University, Notre Dame University, Georgetown University, Syracuse University, Georgia Tech, University of Texas, and the University of Washington).
Conclusion
Today’s cybersecurity challenges demand a broad-based, interdisciplinary response. Targeted instruction, research and outreach programs in cybersecurity at the University of Georgia exist in a broader environment where on-campus collaboration and partnerships with government, industry and other institutions are valued and encouraged.
UGA looks forward to being an integral partner on this issue and stands ready to be a committed member on a team of university, industry, government and military partners who will be equally dedicated to keeping America second-to-none in this critical arena.