Cyber threats have grown exponentially as the modern web and powerful AI systems have proliferated. We’re designing systems to secure the hybrid cloud and AI for sensitive datasets to ensure organizations can continue to operate safely and securely.
At Security Research, we are working to protect systems in the always-on, mission-critical world of the cloud today. We focus on threat management and security for hybrid cloud data and AI, and are establishing technologies to detect threats and resolve them across the cloud landscape. We analyze security of deployed systems at scale to identify 0-day vulnerabilities proactively.
We’re researching novel ways to secure the cloud and AI using the latest cryptographic innovations including fully homomorphic encryption services leading to AI for encrypted data, allowing organizations to wield the power of AI on sensitive data. Our research takes a full-stack approach ranging from hardware-based security mechanisms to security of cloud-native applications. We’re working on securing the systems of tomorrow, too, with scalable decentralized identity and data architectures, software supply-chain security and quantum-safe cryptography.
- Cloud Security: Infrastructure and ApplicationsAdvancing the system integrity of cloud systems in mission-critical situations.
- CryptographyBuilding the next generation of private, authenticated, and confidential communication cyrtopgraphy tools.
- Data and AI SecurityDesigning systems to monitor and protect sensitive data for robust and secure AI systems on the hybrid cloud.
- Security Analysis at ScaleBuilding trusted systems that can proactively help organizations defend against advanced cyber attacks.
- Threat ManagementBuilding the next wave of tools to help security teams detect and deflect against advanced cybersecurity threats.
- Trusted Decentralized SystemsLeveraging decentralization to enable cross-enterprise identity, business asset exchange and optimized supply chains.
Tools + code
IBM Fully Homomorphic Encryption Toolkits
Toolkits for MacOS, iOS, Android and Linux based on IBM’s HeLib that enables computation possible on fully encrypted data. Each toolkit includes sample programs and IDE integration making it easier to write FHE-based code.View project ↗
Libtpms-based Trusted Platform Module (TPM) emulator with socket, character device, and Linux CUSE interface.View project ↗
AI Privacy Toolkit
A toolkit for tools and techniques related to the privacy and compliance of AI models.View project ↗
Hyperledger Fabric Smart Client
A Fabric client-side component that simplifies the development of Fabric-based distributed application, enabling developers to focus on the business processes and not the blockchain technicalities.View project ↗
Tool to analyze speculative execution attacks and mitigations.View project ↗
Kestrel Threat Hunting Language
Kestrel threat hunting language provides an abstraction for threat hunters to focus on the high-value and composable threat hypothesis development instead of specific realization of hypothesis testing with heterogeneous data sources, threat intelligence, and public or proprietary analytics.View project ↗
Tornjak is a UI and management layer for brokering human access to one or more SPIRE deployments.View project ↗
Jeffrey Burdges, Luca De Feo2021Eurocrypt 2021
Romain Gay, Aayush Jain, et al.2021Eurocrypt 2021
Andrea Mambretti, Alexandra Sandulescu, et al.2021EuroS&P 2021
Jonathan Bootle, Alessandro Chiesa, et al.2021CRYPTO 2021
Vadim Lyubashevsky, Ngoc Khanh Nguyen, et al.2021CRYPTO 2021
Yuwei Li, Shouling Ji, et al.2021USENIX Security 2021
- See more of our work on Security