Visible to the public CMU SoS Lablet Quarterly Executive Summary - January 2021Conflict Detection Enabled

Submitted by Jamie Presken on Wed, 01/06/2021 - 2:26pm

A. Fundamental Research
High level report of result or partial result that helped move security science forward-- In most cases it should point to a "hard problem". These are the most important research accomplishments of the Lablet in the previous quarter.

Jonathan Aldrich

Obsidian: A Language for Secure-by-Construction Blockchain Programs

Blockchains have been proposed to support transactions on distributed, shared state, but hackers have exploited security vulnerabilities in existing programs. Aldrich et al. are working with the World Bank to develop a parametric insurance platform on the Blockchain with Obsidian to address the need for stable insurance markets to respond to severe weather events, such as floods or droughts.

 

Lujo Bauer

Securing Safety-Critical Machine Learning Algorithms

Bauer et al. developed a new approach to train ensembles of classifiers to better resist attempts to create malicious inputs that would be misclassified. Similar to n-version programming, this approach relies on the assumption that each classifier will make mistakes independently of the others. This assumption does not hold for many ML classifiers, and the innovation in our work is in how we train classifiers to be more purposefully diverse, particularly under adversarial conditions.

 

Lorrie Cranor

Characterizing user behavior and anticipating its effects on computer security with a Security Behavior Observatory

Cranor et al. are studying the Security Behavior Observatory (SBO) dataset to understand how users practice security at-home, including their experiences with password breaches and web browsing patterns.

 

David Garlan

Model-Based Explanation For Human-in-the-Loop Security

Garlan et al. are contributing an explainable planning approach to agent-based decision-making, based on contrastive explanation, that enables the agent to communicate its preference for the different planning objectives.

 

Joshua Sunshine

Security Science Research Experience for Undergraduates

The Security Science Research Experience for Undergraduates funded five students to work with Carnegie Mellon researchers in Summer 2020.

 

  • Emma Hogan, Siena College, "picoCTF Cybersecurity & Education."
  • Alexander Billups, Pennsylvania State University at Johnstown, "Secuirty Requirements."
  • Sang Heon Choi, Rose Hullman College, "Safe and Robust Human-Machine Interfaces."
  • Timothy Mou, "Nominal Wyvern: Adapting Dependent Object Types for Decidable Subtyping."
  • Reed Oei, University of Illinois at Urbana Champagne, "Psamathe: A DSL for Safe Blockchain Assets."
Groups: