UC Riverside Pioneers Cybersecurity Innovations Amid Rising Threats
As the landscape of cyber threats becomes increasingly intricate, researchers at UC Riverside are enhancing digital safety through federally funded initiatives aimed at addressing urgent security issues plaguing the internet. Amit Roy-Chowdhury
Supported by prestigious organizations such as the National Science Foundation and the U.S. Department of Defense, faculty and students from the Marlan and Rosemary Bourns College of Engineering are devising innovative tools designed to unveil concealed vulnerabilities, safeguard private information, and bolster the digital infrastructures that protect everything from personal communications to national security.
Their cutting-edge work highlights the pivotal role of federal funding in fostering research within academia.
“Cybersecurity influences every facet of our existence, from individual privacy to national defense. With the aid of government grants, we are at UC Riverside preparing the next generation of computer scientists and engineers committed to enhancing the safety of the internet and IT systems,” stated Amit Roy-Chowdhury, a distinguished professor and co-director of the UC Riverside Artificial Intelligence Research and Education (RAISE) Institute.
Highlighted Innovations in Cybersecurity
This year, several notable innovations in computer security have been published and presented at renowned conferences:
Safeguarding Data in AI Learning
As artificial intelligence permeates sectors such as healthcare, finance, and government, the preservation of privacy remains imperative. UCR graduate student Hasin Us Sami discovered potential vulnerabilities in conventional methodologies aimed at protecting sensitive information. Hason Us Sami
His research paper, “Gradient Inversion Attacks on Parameter-Efficient Fine-Tuning,” reveals that adversaries can reconstruct private images from a training method known as federated learning, previously regarded as a secure approach. This technique enables users to train AI models on their devices without transmitting raw datasets.
For instance, a consortium of hospitals may wish to collaborate in developing AI models aimed at diagnosing diseases via patient tissue image scans. The findings indicated that attackers could reverse-engineer data from shared information, illustrating how malicious servers could access private images during training using state-of-the-art learning frameworks.
This underscores the pressing necessity for enhanced protective measures. Notably, this work garnered recognition at the prestigious 2025 IEEE/CVF Conference on Computer Vision and Pattern Recognition.
The paper was collaboratively authored by graduate student Swapneel Sen, professors Amit K. Roy-Chowdhury and Srikanth V. Krishnamurthy, and assistant professor Basak Guler. Qing Deng
Revealing Firewall Vulnerabilities
Research led by graduate student Qing Deng scrutinized firewalls, a cornerstone of cybersecurity relied upon by millions. In a study entitled “Beyond the Horizon: Uncovering Hosts and Services Behind Misconfigured Firewalls,” Deng and associates revealed that minor configuration errors could lay the groundwork for cyber intrusions.
By scanning the internet for unusual access points, Deng identified over 2 million hidden services exposed through misconfigured firewalls, ranging from outdated servers to vulnerable home routers.
These overlooked anomalies contribute to what the team has termed an “expanded observable internet,” creating a broader attack surface than previously acknowledged by cybersecurity experts.
This paper was co-authored by graduate students Juefei Pu, Zhaoweo Tan, and professors Zhiyun Qian and Srikanth V. Krishnamurthy.
Identifying Hidden Network Vulnerabilities
For doctoral student Keyu Man, the menace of invisible “side-channel” attacks warrants urgent attention. These insidious attacks exploit subtle anomalies within network protocols, enabling hackers to hijack connections in widely used server types.
In a collaborative paper titled “SCAD: Towards a Universal and Automated Network Side-Channel Vulnerability Detection,” Man introduced a novel tool named Side-ChAnnel Detector, or SCAD, designed to uncover weaknesses in popular operating systems, including Linux and FreeBSD, automatically.
Unlike previous methodologies that required extensive manual labor, SCAD can identify vulnerabilities within a single day of analysis.
Man’s research identified 14 vulnerabilities—seven of which were previously undocumented—that could have facilitated severe cyberattacks. The automation of this process has the potential to transform industry practices in safeguarding critical online infrastructures.
The study’s co-authors include graduate students Zhongjie Wang, Yu Hao, Shenghan Zheng, Xin’an Zhou, Yue Cao, and Professor Zhiyun Qian.
Source link: News.ucr.edu.
