Combating Hackers and Network Attacks: Keeping the Cyber World More Secure Through Computer Science
Issues like internet privacy, computer hacking and other forms of cyber security have become serious everyday concerns among the public and the U.S. government, making the research and expertise of computer scientists, such as Micah Sherr, even more important.
At Georgetown University, where Micah serves as Distinguished Associate Professor in the Computer Science Department and director of the Georgetown Institute for Information Assurance, his academic endeavors cover timely areas of cyber security, including privacy-preserving technologies, electronic voting, wiretap systems, network intrusion detection, and network security. In these pursuits, he has also participated in two large-scale studies of electronic voting machine systems, and helped to disclose numerous architectural vulnerabilities in U.S. election systems. His current research examines the security properties of legally authorized wiretap (interception) systems and investigating methods for achieving scalable, high-performance anonymous routing.
A noted researcher in his field, Micah is co-author of a recent study (completed with fellow computer scientists from Georgetown University and UC Berkeley) in which it was demonstrated how computer devices such as smartphones can be attacked through hidden voice commands that are not understandable to humans.
“Voice command systems are becoming more widely used on devices,“ says Micah. “The attack we envision as most feasible is that someone has a YouTube video of kittens, or something popular like that, and in the background, there’s something that says, open a URL.” If an attacker can make your phone open a particular website, he explains, that website could have malware on it.
“So a possible scenario could be that a million people watch a kitten video, and 10,000 of them have their phones nearby and 5,000 of those phones obey the attacker’s voice commands and load a URL with malware on it,” Micah says. “Then you have 5,000 smartphones under an attacker’s control.” To demonstrate the potential for such attacks, he and his co-authors used their expertise in speech recognition systems to construct audio recordings that can be understood as speech by computers but lack the necessary resolution for human comprehension.
“We learned in the study that if you remove those parts and keep everything else, you get something that a computer can still understand but the human brain cannot,” he explains.
Micah, who has received numerous National Science Foundation grants for his work, earned his B.S.E., M.S.E., and Ph.D. degrees from the University of Pennsylvania. He is also a recipient of the NSF CAREER award.
For more information, please visit https://security.cs.georgetown.edu/~msherr/