New SaTC Awards Focus on Information Integrity and Cybersecurity


November 16, 2021

Sound decision-making in many aspects of our lives depends on access to accurate and trustworthy information. The integrity of online information has never been more critical as many services and sectors have shifted to a networked, connected infrastructure – a long-term trend accelerated by the ongoing coronavirus pandemic. This shift brings a set of challenges, including the lack of transparency of Internet-based platforms, rapid evolution of dissemination technology, inherent difficulty of predicting human behavior, as well as ethical and safety considerations.

To address these issues, the U.S. National Science Foundation (NSF) has long invested in aspects of computing and communications security through the Secure and Trustworthy Cyberspace (SaTC) program, which takes an interdisciplinary, comprehensive and holistic approach to cybersecurity research and education. For example, over ten years ago, SaTC invested in foundational research regarding security of automotive computing systems, with a focus on whether and how bad actors could take control of such systems remotely via wireless communications. This year, that work was recognized with a Golden Goose Award, which honors federal investments that have gone on to offer large societal benefits. 

Building on this impactful legacy, this year, through SaTC, NSF is investing more than $10 million in four new flagship awards that focus on thwarting and mitigating information manipulation, preventing abuse in private encrypted messaging, and securing web browser operations.

These four flagship awards are complemented by over 100 other SaTC awards made over the past year, for a total investment of nearly $80 million to tackle cybersecurity issues long term. As a whole, these awards reflect SaTC’s vision that cybersecurity is a socio-technical problem that requires cross-disciplinary solutions to the challenges facing American society and the US economy. These projects bring together computer and social scientists to address critical problems including inaccurate online information, vulnerabilities in widely used web browsers, and balancing the benefits and risks of encrypted communications – all necessary to protect the online experience central to modern American life, especially during the pandemic.

“To achieve a reliable cyberspace that enhances our Nation’s economic, security, and socio-technical leadership, requires investments in foundational research that seeks innovative ideas to address cybersecurity and privacy, and result in reliable and resilient computing systems and online services that enhance our digital experiences,” said NSF Program Director Jeremy Epstein.

The new flagship awards are:

Mitigating Online Disinformation

In this project, researchers seek to advance our understanding of online disinformation by applying innovative approaches and collaboration infrastructure to identify disinformation campaigns and communicate those findings to diverse stakeholders in government, industry, media, and the broader public — helping to build societal resilience to this kind of manipulation.

The research has three integrated components: 1) developing models and theories of how disinformation is seeded, cultivated, and spread that consider the sociotechnical nature of the problem; 2) developing and applying innovative, rapid-analysis frameworks for responding to disinformation quickly; and 3) implementing and evaluating the impact of multi-stakeholder collaborations to address disinformation in real time during real-world events.

“Through this research, we aim to enhance scientific understanding of online disinformation and develop methods and collaborative frameworks for rapid response,” said Kate Starbird, Ph.D., principal investigator and associate professor at the University of Washington. “Our team will build and implement workflows for rapidly identifying and analyzing disinformation campaigns and communicating insights to diverse stakeholders in government, industry, media, and the broader public — helping to build societal resilience to this kind of manipulation.”

More information on these awards can be found at:

Rapid-Response Frameworks for Mitigating Online Disinformation (Award: 2120496, University of Washington).

Rapid-Response Frameworks for Mitigating Online Disinformation (Award: 2120098, Stanford University).

Spread of Unsubstantiated Online Information

In this project, researchers will examine how misinformation spreads and the conditions under which people believe it, affecting people’s attitudes, social identities, and actions. This interdisciplinary project will analyze these dynamics in ways that seek to understand the critical processes that lead to belief in unsubstantiated information, helping people make better decisions regarding how they interact with online content. The design will show how manipulative narratives and rhetoric, psychological predispositions, sociocultural attitudes and identities, group affinities, social network structures, and other factors influence who believes misinformation and who rejects or ignores it.

“We are very excited to launch this NSF SaTC project to study how and why beliefs in unsubstantiated information – particularly conspiracy theories – form and spread online,” said Manohar Murthi, Ph.D., principal investigator and associate professor at the University of Miami. “In answering these questions, our ultimate objective is to provide insight and knowledge that can eventually be used to formulate countermeasures to these harmful narratives online.”

More information on these awards can be found at:

Multi-Disciplinary Analyses of the Nature and Spread of Unsubstantiated Information Online. (Award: 2123618, University of Miami)

Multi-Disciplinary Analyses of the Nature and Spread of Unsubstantiated Information Online. (Award: 2123635, Indiana University)

Preventing Abuse in Encrypted Communication Platforms

This work will develop new trust and safety approaches to enable secure and trustworthy communications that preserve privacy while mitigating abuses. Researchers will address the immense challenge of mitigating abuse in communication services where interactions between the parties are private and fully encrypted. The encryption used by such services makes detecting and blocking harmful content extremely difficult, allowing certain platforms to be used for harmful and illegal purposes such as organizing violent activities or sharing child sexual abuse materials.

The project aims to provide (1) technical advances in developing novel cryptographic tools and techniques to support mitigation of abuse; (2) human-centered advances in understanding perceptions and expectations of privacy and abuse mitigation, as well as creating novel designs for individual and community interactions; and (3) legal, policy, and regulatory advances to support and enable these abuse-mitigating features.

“We’re really excited to have brought together a cross-disciplinary team to research how to better mitigate abuse in the context of private, encrypted messaging. Our goal is to empower users and those they designate with new tools to combat abuse, and to do so by designing new privacy-preserving technologies that consider a diversity of stakeholder input,” said Thomas Ristenpart, Ph.D., principal investigator and associate professor at Cornell University.

Privacy-Preserving Abuse Prevention for Encrypted Communications Platforms. (Award: 2120651, Cornell University)

Privacy-Preserving Abuse Prevention for Encrypted Communications Platforms. (Award: 2120497, University of Washington)

Improving JavaScript to Enhance Our Online Experiences

A key element of web browsers is called a Just-In-Time compiler (JIT), which is designed to speed up webpage loading and functionality. But JavaScript JITs can – and have been – exploited by attackers to target vulnerable users. The goal of this research is to build and deploy more secure JavaScript JITs. Bugs in JavaScript JITs have emerged as the single largest threat to web platform security and the most dangerous attack surface of web-connected devices. To tackle this challenge, investigators will develop new techniques, frameworks, and principles that (1) help browser developers build JIT compilers that are provably secure and (2) don't incur the high costs and development timelines traditionally associated with high-assurance software. If successful, this project will improve security for the hundreds of millions of people who surf the web every day.

“Everyday users are being targeted by malware that takes advantage of bugs in browser JavaScript compilers. Through this project, we will bring together experts in security, programming languages, compilers, and formal verification to build JavaScript compilers that can eliminate such attacks by design,” said Hovav Shacham, Ph.D., principal investigator and professor of computer science at the University of Texas at Austin.

Building and Deploying a Verified JavaScript Runtime. (Award Abstract # 2120642, University of Texas at Austin)

Building and Deploying a Verified JavaScript Runtime. (Award Abstract # 2120696, University of California San Diego)

Taken together, these large-scale SaTC investments, along with others in the program portfolio, help broaden and advance cybersecurity. In particular, the ubiquity of computing systems in so many of today’s economic and societal interactions calls for new techniques that move beyond prior technology-focused views of cybersecurity in terms of “access control” and into broader views of how human trust in social and economic interactions can best be supported by the underlying computing and communications infrastructure that mediates them.

 

The U.S. National Science Foundation propels the nation forward by advancing fundamental research in all fields of science and engineering. NSF supports research and people by providing facilities, instruments and funding to support their ingenuity and sustain the U.S. as a global leader in research and innovation. With a fiscal year 2023 budget of $9.5 billion, NSF funds reach all 50 states through grants to nearly 2,000 colleges, universities and institutions. Each year, NSF receives more than 40,000 competitive proposals and makes about 11,000 new awards. Those awards include support for cooperative research with industry, Arctic and Antarctic research and operations, and U.S. participation in international scientific efforts.

mail icon Get News Updates by Email 

Connect with us online
NSF website: nsf.gov
NSF News: nsf.gov/news
For News Media: nsf.gov/news/newsroom
Statistics: nsf.gov/statistics/
Awards database: nsf.gov/awardsearch/

Follow us on social
Twitter: twitter.com/NSF
Facebook: facebook.com/US.NSF
Instagram: instagram.com/nsfgov