Security in the Wild West of electronic communication takes more than that little yellow picture of a lock on the bottom the Internet browser screen. At DU’s Colorado Research Institute for Security and Privacy (CRISP), research and innovation helps security experts stay a step ahead of hackers.
Since 2004 when a $300,000 National Science Foundation grant planted the seeds for what would become CRISP, the institute has mobilized Rocky Mountain researchers in efforts to combat electronic data theft and abuse, says Professor Ramakrishna Thurimella, who heads the institute.
“More and more, we are doing things electronically,” Thurimella says. “It’s the way we do things; the way we run our lives.”
Under Thurimella, CRISP has added two professors to both teach and study electronic security — Christian Grothoff and Chris GauthierDickey. Through their studies and work with outside experts and students, the institute has pressed for better, real-world security solutions.
Researchers recently forged a relationship with the leaders from the Information Security Studies group at DU’s University College. The collaboration brings a different dimension to the mission of CRISP by providing a practical, hands-on education for working professionals.
The work, Thurimella says, is never done because with each new breakthrough comes a new cadre of would-be thieves and hackers.
“What we say in security is it’s always a game of cat and mouse,” he says. “It’s the white hats versus the black hats.”
Sometimes even research that goes awry teaches valuable lessons, Grothoff says. A DU student erred with a few lines of coding on a computer linked to the University’s network, causing a brief campus-wide outage. Rather than finding fault, Grothoff says he was eager to see what went wrong. The goal is to build a network that is resistant to malicious actions.
“Think of the most complicated piece of engineering that the world has ever done. That’s the Internet,” Grothoff says. “Just think of the complexity of a processor in a single PC, and then link 100 million of those all over the planet.”
For doctoral candidate Jim Treinen, working with researchers at CRISP provides an education that he puts to work at his job with a major computer company. Treinen has worked with Thurimella, developing ways to sift millions of false alarms from real intrusion alerts reported daily by security software.
Treinen, who earned a master’s degree in computer science from DU in 2003, says the work he’s doing with CRISP is fulfilling a calling and propelling him forward with a degree that will open doors to continued research.
“The ultimate goal is to be able to improve intrusion detection. Security is a super hot topic right now,” he says. “It’s sort of like being in law enforcement. You’re doing something that’s actually good.”
Thurimella sees CRISP’s role and work evolving, extending now to work not only with University of College, but also with John Soma, head of the Privacy Foundation at the DU Sturm College of Law, as the ethics and law of what should be private merge with the hard science of what can be kept private.
“So much is changing,” Thurimella says. “This is an exciting field.”