The 10th Annual Best Scientific Cybersecurity Paper Competition recognizes the best foundational cybersecurity paper published in 2021. The winning paper, “Verifying Hyperproperties with Temporal Logic of Actions (TLA),” authored by Leslie Lamport and Fred B. Schneider, from Microsoft Research and Cornell University respectively, answers a key question: How can you ensure that a computer algorithm is correct?
Published at the 2021 IEEE Computer Security Foundations Symposium, the paper states that the myriad security tools available typically examine specific pieces of code rather than an algorithm itself. In lieu of this approach, Lamport and Schneider propose that in order to verify algorithm (and potentially system) accuracy, one could look at the theoretic and practical breakthroughs.
Lamport and Schneider show how to confirm that an algorithm satisfies certain hyperproperties which are needed to capture correctness. Hyperproperties are sets of properties which can express security policies, such as secure information flow, that properties alone cannot. These must be understood in terms of multiple runs of a program, such as whether the value of one variable predicts something about the value of another—that is, whether information is leaking.
The winning paper captures the transformative breakthrough that these hyperproperties can be formulated using the Temporal Logic of Actions (TLA), which is a way to describe systems in a single mathematic formula. This connection to an established toolset enables hyperproperties to be studied in future cybersecurity research and development.
“This paper is one of the best examples in the ten years of the competition that highlights the pinnacle of practical cybersecurity research: advancements that are anchored on strong foundational work,” National Security Agency’s (NSA) Director of Research, Mr. Gil Herrera, remarked.
A second paper, “Defensive Technology Use by Political Activists during the Sudanese Revolution,” written by Alaa Daffalla, Lucy Simko, Tadayoshi Kohno, and Alexandru G. Bardas, of Cornell University, George Washington University, the University of Washington, and the University of Kansas respectively, is being recognized with an honorable mention. Their paper investigates the practices of 13 Sudanese activists and how technology can be used in times of political strife. The authors examine computer and privacy needs while operating under an oppressive regime. This paper was also presented at the 2021 IEEE Symposium on Security and Privacy.
This year’s 10th Annual Best Scientific Cybersecurity Paper Competition received 28 public nominations for consideration, and the winner was chosen by Mr. Herrera working with a group of distinguished experts including the following: Whitfield Diffie, Cybersecurity Advisor; Dan Geer, In-Q-Tel; Eric Grosse, Cybersecurity Advisor; Paul Kocher, Independent Researcher; John Launchbury, Galois, Inc; Carrie Gates, Bank of America; Sean Peisert, Lawrence Berkeley National Laboratory; Phil Venables, Google; Arun Vishwanath, Cybersecurity Advisor; Mary Ellen Zurko, MIT Lincoln Laboratory; and, Radia Perlman, DELL EMC.
The 11th Annual Best Scientific Cybersecurity Paper Competition will accept nominations until April 15, 2023 for papers published in 2022. Winners will be announced at the end of 2023. For more details about the competition and how to nominate papers, please visit the competition’s homepage.