Campus News in Brief

Student awarded scholarship from (ISC)² Foundation

Carnegie Mellon is proud to announce that Pratibha Anjali Dohare is the recipient of a $40,000 cybersecurity scholarship from the International Information Systems Security Certification Consortium (ISC)² Foundation.

The scholarship will help Dohare with her studies in the masters of science in information technology-information security at Carnegie Mellon’s Information Networking Institute.

“I intend to utilize this scholarship in enhancing my knowledge in the field of cybersecurity and forensics during my studies at CMU’s INI, with an aim to merge the processes of prevention and investigation through development of an intrusion prevention and detection system. Cybersecurity is more than one individual step — it is a process built upon a cycle of key attributes: learning, monitoring, analyzing, deciding, and responding — before the whole cycle of learning begins again,” said Dohare in the press release.

Cybersecurity attacks are becoming more frequent with the increasing usage of computer systems for both economic and social means. As young adults become more experienced with social media, experts believe many are participating in unsafe practices on the Web.

To be eligible for the scholarship, applicants must be at least undergraduate sophomores by August of the calendar year, when scholarships are awarded.
Students must also be academically eligible to continue at their educational institutions while pursuing their degrees.

CMU research shows inkblots improve password security

Computer scientists at Carnegie Mellon have created a password system that will use inkblots to provide extra protection when passwords are stolen from websites.

The Generating panOptic Turing Tests to Tell Computers and Humans Apart (GOTCHA) password system would be able to further protect important accounts.

A user first chooses a password, and a computer creates numerous multicolored inkblots. The user would then describe each inkblot with a text phrase that would be stored in random order with the password. In the future, upon signing in, a user would have to match phrases with their respective inkblots.

While this may sound like a simple security system, it is near impossible for a computer to solve. In a press release, Jeremiah Blocki, a Ph.D. computer science student who helped develop GOTCHA, said, “These are puzzles that are easy for a human to solve, but hard for a computer to solve, even if it has the random bits used to generate the puzzle.”

Blocki developed GOTCHA along with Manuel Blum, professor of computer science, and Anupam Datta, associate director of computer science and electrical and computer engineering.

GOTCHA would be helpful with security breaches of websites from which millions of user passwords are stolen — a problem that has affected companies like LinkedIn, Sony, and Gawker. The system would ensure that a sophisticated computer program would be unable to crack an account.