College of Science


At Cal Poly Pomona, our ‘learn-by-doing’ philosophy is center stage. The College of Science is committed to providing hands-on labs and cutting-edge research opportunities for our students. Learning from industry veterans in and out of the classroom, the College of Science provides industry-standard knowledge for students to gain the critical career and lab experience.

Max Wolotsky, Computer Science

Music and Cyber Security

Max researching

Statistics show that over 80 percent of all companies have been successfully hacked. Hackers have effectively damaged, stolen or leaked critical information from vulnerable network systems. It is an all-out war with companies scrambling to secure their organizations.
Given that grim statistic, companies are in high demand for a product that will ensure their company’s data and information will remain secure, even under extraneous circumstances. Nothing is currently available to these companies, but a student at Cal Poly Pomona is in the process of creating a product that can help.

A four-year pursuit by computer science student and member of PolySec cyber security lab Max Wolotsky, who specializes in biometric authentication security and cryptography, has turned what is a market necessary product into reality. With backing from 1Sandia National Laboratories, a facility that researches high-level security applications, Wolotsky believes in his groundbreaking idea, even after repeated failure.
Cryptography is the process of breaking down or writing codes. Biometrics authentication security relies on biological characteristics to verify a person’s identity in order to grant them access into an electronic system.
At this time, no products like this are available on the market. Some are in development, or prototype, stages, but none that are currently available for purchase.
He, under the advisory of Dr. Mohammad Husain, is attempting to create a new biometrics system called the Coercion Resistant Authentication System (CRAS) that, through the “Chill Effect”, will register if a person is being coerced into doing something. If the system registers a state of duress, it will not grant access to the data or resources. Max, with his research supervisor Dr. Husain, recently received a US provisional patent for their work on the CRAS.
“Typically, biometrics are not very secure either,” said Wolotsky. “If the data or information is stolen once then it is gone forever. We are doing something called state dependent biometrics, which measures your heart rate, blood pressure, and other psychological factors. You cannot lie about your physiological state of mind.”
The state dependent system is based on what they call the “Chill Effect” (the feel of having shivers down your spine), which is being tested with a one-minute music clip. They are using music because it creates a dopamine release in the subject’s body. This re-creates the fight-or-flight response where a body has a physiological reaction that cannot be controlled in a threatening situation.
“When a body releases dopamine, it has a natural chemical effect that fundamentally changes your physiology,” said Wolotsky. “These organic chemicals are also affected when one is being threatened. The chemicals would spike and change significantly and there is no amount of conscious control that one could have without them changing.”
Wolotsky has received outside accolades for his research data. Usenex Security has recognized the CRAS project, which is going into its fourth year. Usenex Security gave his CRAS poster presentation a five-star rating at a conference during his sophomore year in 2014.
“Usenex is considered an elite cyber security conference,” said Wolotsky. “People on the board at the conference are the best in the cyber security field. They all gave me great feedback and that is what motivates me to keep going.”
So, with the product still being in the development stages, who would use it?
Anybody could technically use it, but it would serve companies or agencies with a lot to lose in a security breach. The military, banks, or other high-security places would utilize this product because if their information were to be exploited, a great number of people would be affected.
With Sandia collaborating on this project with the PolySec cyber security lab, Wolotsky has all the products that he needs in order to conduct his research. He is using heart rate monitoring watches, a headset that monitors your brain waves, cell phones and special headphones to test his study.
Wolotsky, initially a reluctant student, looks back and is grateful with his decision to pursue his higher education at CPP.
“I was hesitant to go to college,” said Wolotsky. “I could have taken the safe route and taken over my parents business, but I am thankful that I did not go that route.”
Several staff and faculty members that have been instrumental in his journey, but he credits Dr. Husain the most for his perseverance in his research.
“Dr. Husain has been fantastic,” said Wolotsky. “He spent an obscene amount of time with me to ensure that I was continuing my research or my studies. He always had my best interest in mind.”
Dr. Husain is very proud of the progress Wolotsky has made over the years.
“Max in an exemplary student with a rare combination of talent and perseverance,” said Dr. Husain. “The work on CRAS and his additional research at Sandia Labs, are far beyond expected from an undergraduate student.”
Max’s mentor at the Sandia labs, Dr. Elisha Choe, is also very impressed.
“Max has done a great job researching biometric authentication issues,” said Dr. Choe.
After graduation, Wolotsky has plans of attending grad school. He already has offers from top computer science graduate schools, Penn State, Georgia Tech and UC Irvine.
“I want an advisor that will allow me to pursue the kind of research that I find interesting,” said Wolotsky. “I love this research because I do not know if it will or can work, but the adventure and helping secure data is what keeps me motivated.”

[1] "Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation, for the U.S. Department of Energy’s National Nuclear Security Administration under contract DE-AC04-94AL85000."