Small

group_project

Visible to the public SaTC: CORE: Small: Reasoning about dependencies and information flow in dynamic code

Submitted by debray on Mon, 08/26/2019 - 3:44pm

This project aims to investigate software whose code can change during its execution. Such code is ubiquitous in modern systems. For example, all modern web browsers contain a component, known as a JIT compiler, that creates or modifies code during execution. Reasoning about relationships between the code that carries out the runtime modifications, and the code that is created or modified as a result, is important for a number of software security applications. For example, bugs in a JIT compiler can result in vulnerabilities that can be exploited by hackers.

group_project

Visible to the public SaTC: CORE: Small: Checking Security Checks in OS Kernels

Submitted by Kangjie Lu on Tue, 08/13/2019 - 9:42am

Operating system (OS) kernels play a critical role in computer systems by virtually having complete control over the systems. OS kernels not only manage hardware and system resources, but also provide services and protection. Given these tasks, OS kernels have to process external untrusted inputs and perform complicated operations, both of which are error-prone. To avoid entering into erroneous states, OS kernels tend to enforce a large number of security checks---"if" and "switch" statements that are used to validate states. Unfortunately, security checks themselves are often buggy.

group_project

Visible to the public SaTC: CORE: Small: The Blurring of Non-essential Notifications and Critical Security Warnings: Examining the Problem of Generalization in the Brain

Submitted by Anthony Vance on Tue, 08/13/2019 - 9:39am

This project measures how decreased attention to frequent software notifications negatively influences peoples' responses to uncommon security warnings that are truly critical. The researchers will use eye tracking equipment to examine this problem by measuring attention to notifications and warnings through eye gaze patterns, and individuals' decisions in response to these messages.

group_project

Visible to the public SaTC: CORE: Small: Collaborative: Understanding and Mitigating Adversarial Manipulation of Content Curation Algorithms

Submitted by Rachel Greenstadt on Tue, 08/13/2019 - 9:37am

Online social networks (OSNs) have fundamentally transformed how billions of people use the Internet. These users are increasingly discovering books, music bands, TV shows, movies, news articles, products, and other content through posts from trusted users that they follow. All major OSNs have deployed content curation algorithms that are designed to increase interaction and act as the "gatekeepers" of what users see.

group_project

Visible to the public NSF-BSF: SaTC: CORE: Small: Blockchain Fairness

Submitted by Ari Juels on Thu, 08/08/2019 - 10:28am

Blockchains provide compelling security properties that enable powerful systems to be constructed without reliance on trusted third parties. Their rise has created successful, multi-billion dollar systems and has had a transformative impact on venture funding and the financial industry. Blockchains as currently designed, though, fail to enforce fairness for their users, meaning equal opportunities for fast transaction processing. The project investigators will seek to address the pervasive fairness deficiencies in blockchain systems.

group_project

Visible to the public SaTC: STARSS: Small: Combined Side-channel Attacks and Mathematical Foundations of Combined Countermeasures

Submitted by Selcuk Kose on Wed, 08/07/2019 - 7:56pm

Digital information has become an integral part of our daily lives and there is a growing concern about the security of information. The amount of information that should be kept secure is increasing with the proliferation of high-tech electronics such as smart-phones, tablets, and wearable devices. Accordingly, the number of attacks from malicious parties to obtain the secret information that is stored in a secure (i.e., encrypted) device increases.

group_project

Visible to the public SaTC: CORE: Small: A Secure Processor that Exploits Multicore Parallelism while Protecting Against Microarchitecture State Attacks

Submitted by Omer Khan on Wed, 08/07/2019 - 6:52pm

Microprocessors are widely deployed in cloud, fog, edge, and mobile computing platforms. In all cases, the economies of scale stem from our ability (through the use of mature virtualization technologies) to host large sets of applications from diverse domains. These applications increasingly operate on private or confidential user data. A major hurdle for exposing and exploiting virtualization capabilities in next generation processors is the lack of a clear vision for how to address the security challenges associated with co-locating applications that share hardware.

group_project

Visible to the public SaTC: CORE: Small: Memory-hard Cryptography

Submitted by Stefano Tessaro on Wed, 08/07/2019 - 6:45pm

Cryptography provides the basic tools to guarantee confidentiality and integrity of data. It hence plays a pivotal role in securing our digital infrastructure, and in enforcing the right for privacy of individuals. The development of secure cryptographic techniques is however difficult and error-prone, as unknown attack strategies need to be taken into account. To overcome this, modern cryptography advocates the paradigm of provable security, where threat models are precisely formalized using the language of mathematics, and the security of cryptosystems is proved within these models.

group_project

Visible to the public SaTC: CORE: Small: Expanding the Frontiers of Lattice-Based Cryptography

Submitted by David Wu on Wed, 08/07/2019 - 4:22pm

Research and development into quantum computers raises many new challenges for security and privacy. For instance, large-scale quantum computers would compromise much of the cryptography used to secure the Internet today. This project's novelty is in developing new and systematic approaches for constructing advanced cryptographic primitives that remain robust even in the presence of sophisticated quantum adversaries.

group_project

Visible to the public SaTC: CORE: Small: Transforming Non-Malleable Cryptography

Submitted by Vipu Goyal on Wed, 08/07/2019 - 4:20pm

This project aims to enhance our understanding of tampering attacks which are one of the most basic ones in cryptography and computer security. A tampering adversary may try to modify data at rest or in transit, which could be devastating to the security of a number of computer systems. The goal of non-malleable cryptography is to develop the tools and techniques required to secure computer systems against such attacks. The project's novelties are in conceptualizing a number of new primitives which can help fight against such attacks in emerging computer systems.