Submitted by Heather Lucas on Fri, 11/25/2016 - 11:35am
Critical infrastructure is increasingly comprised of distributed, inter---dependent components and information that is vulnerable to sophisticated, multi---stage cyber---attacks. These attacks are difficult to understand as isolated incidents, and thus to improve understanding and response, organizations must rapidly share high quality threat, vulnerability and exploit---related, cyber---security information. However, pervasive and ubiquitous computing has blurred the boundary between work---related and personal data. This includes both the use of workplace computers for p
Submitted by Travis Breaux on Mon, 03/30/2015 - 10:20pm
Security-Metrics-Driven-Evaluation, Design, Development and Deployment. Our research evaluates security pattern selection and application by designers in response to attack patterns. The evaluation is based on formal models of attack scenarios that are used to measure security risk and promote risk reduction strategies based on assurance cases constructed by the analyst. The aim is to improve the usability of formal methods for studying security design and composition.
Submitted by Pfeffer Juergen on Fri, 03/27/2015 - 10:23am
In highly configurable software systems the configuration space is too big for (re-)certifying every configuration in isolation. In this project, we combine software analysis with network analysis to detect which configuration options interact and which have local effects. Instead of analyzing a system as Linux and SELinux for every combination of configuration settings one by one (>10^2000 even considering compile-time configurations only), we analyze the effect of each configuration option once for the entire configuration space.
This presentation describes a framework for understanding the hard problem of Composability in the setting of security, along with highlights of lablet research results illustrating recent progress in this area and remaining research challenges.
Abstract: Much of the data researchers usually collect about users' privacy and security behavior comes from short-term studies and focuses on specific, narrow activities. We present a design architecture and deployment of the Security Behavior Observatory (SBO), a client-server infrastructure designed to collect a wide array of data on user and computer security- and privacy-related behavior from a panel of hundreds of participants over several years. The SBO infrastructure had to be carefully designed to fulfill several requirements.
Submitted by Pfeffer Juergen on Tue, 03/25/2014 - 8:08am
In highly configurable systems the configuration space is too big for (re-)certifying every configuration in isolation. In this project, we combine software analysis with network analysis to detect which configuration options interact and which have local effects. Instead of analyzing a system as Linux and SELinux for every combination of configuration settings one by one (>10^2000 even considering compile-time configurations only), we analyze the effect of each configuration option once for the entire configuration space.
Submitted by Pfeffer Juergen on Tue, 03/25/2014 - 7:57am
Our research focuses on creating the scientific foundations to support model-based run-time diagnosis and repair of security attacks. Specifically, our research develops models that (a) scale gracefully with the size of system and have appropriate real-time characteristics for run-time use, and (b) support composition through multi-model analysis. Network models will complement architectural models in two ways: (a) to characterize the organizational context of a system, and (b) to detect anomalies through network representations of architectural behavior.
Noninterference defines a program to be secure if changes to high-security inputs cannot alter low-security outputs thereby indirectly stating the epistemic property that no low-security principal acquires knowledge of high-security data. We consider a directly epistemic account of information-flow control focusing on the knowledge flows engendered by the program's execution. Storage effects are of primary interest, since principals acquire and disclose knowledge from the execution only through these effects. The information-flow properties of the individual effectful acti
