The Georgia Tech Information Security Center (GTISC) focuses on research, education and outreach programs for securing information technology based systems. The growing scale and sophistication of threats against such systems and our increasing reliance on them creates new challenges that require better understanding of emerging threats and novel ways to counter them. Achieving effective information security in the context of real-world problems is the vision of GTISC and it serves as a catalyst for developing programs that can help realize it. Because GTISC is a Georgia Tech-wide center, its affiliated faculty come from several units, including the College of Computing, School of Electrical and Computer Engineering, Sam Nunn School of International Affairs, Georgia Tech Research Institute (GTRI) and the Office of Information Technology (OIT). GTISC has developed new research initiatives that span multiple units, and center faculty have worked closely with our industry partners. Our research output in terms of high quality publications in top conferences and new grants and contracts awarded in the past year provide concrete evidence of our leadership position in this important field. At the same time, our educational programs continue to grow and GTISC was again designated by the National Security Agency as a center of academic excellence in information assurance education (CAE-R) in the research category in 2009. The GTISC Security Summit has become an effective way for outreach and broader engagement with Atlanta’s sizable information security community.
GTISC is viewed as a leader in several key research areas in information security. Novel strategies that can help detect emerging cyber security threats and techniques for countering large-scale attacks are areas where work done at the center has had major impact in the past several years. The CLEANSE project is conducting research in areas such as botnet detection, malware analysis and broader challenges associated with monitoring of large-scale systems. The CISEC laboratory explores security challenges for converged communication, including mobile device security and security of cellular and wireless networks. The MedVault project, jointly with Childrens’ Healthcare of Atlanta, is focusing on security and privacy of electronic medical records, including user-centric access control and detection of potentially anomalous access patterns. Other projects in areas such as cryptography, virtualization security, embedded software security, privacy and information quality are indicative of the significant breadth and depth of GTISC research programs.