Small

group_project

Visible to the public TWC: Small: Collaborative: Multi-Layer Approaches for Securing Enhanced AMI Networks against Traffic Analysis Attacks

Submitted by Mohamed Mahmoud on Mon, 10/09/2017 - 4:32pm

The U.S. power grid is being replaced with a smart grid, a complex network of intelligent electronic devices, distributed generators, and dispersed loads, which requires communication networks for management and coordination. Advanced metering infrastructure (AMI) networks are one part of the smart grid to provide two-way communications between smart meters at the consumers' side and the utility companies. AMI networks allow utilities to collect power consumption data at high frequency rates.

group_project

Visible to the public TTP: Small: Network-Level Security Posture Assessment and Predictive Analytics: From Theory to Practice

Submitted by Mingyan Liu on Mon, 10/09/2017 - 4:30pm

This project addresses the following two key questions in cyber security: (1) how is the security condition of a network assessed, and (2) to what extent can we predict data breaches or other cyber security incidents for an organization. The ability to answer both questions has far-reaching social and economic impact. Recent data breaches such as those at Target, JP Morgan, Home Depot, Office of Personnel Management (OPM), and Anthem Healthcare, to name just a few, highlight the increasing social and economic impact of such cyber security incidents.

group_project

Visible to the public TWC: Small: Understanding Network Level Malicious Activities: Classification, Community Detection and Inference of Security Interdependence

Submitted by Mingyan Liu on Mon, 10/09/2017 - 4:20pm

This goal of this project is development of a formal method to quantitatively assess the security posture of large networks and assign them a numeric score. Large networks are made up of a collection of individual machines, which exhibit more stable behavior and features as a group than at the IP level, where each host is inspected separately. Networks at an aggregate level thus carry more predictive power, enabling a more robust and accurate policy design.

group_project

Visible to the public SaTC: CORE: Small: Foundations of Applied Cryptography

Submitted by Mihir Bellare on Mon, 10/09/2017 - 4:14pm

Currently, on an almost weekly basis there are reports on security breaches which expose private information such as passwords or credit card numbers to cyber criminals. In order to address this problem, this project develops theoretical foundations and cryptographic approaches, and analyzes these new mechanisms.

group_project

Visible to the public TWC: Small: Subversion-Resistant Cryptography

Submitted by Mihir Bellare on Mon, 10/09/2017 - 4:12pm

This work aims to effectively address security concerns while maintaining the privacy of individuals and corporations. The project analyzes subversive attacks, develops defenses and deterrents, creates privacy tools and software, and increases awareness and expertise through teaching, mentoring and involvement of students in research.

group_project

Visible to the public EAGER: A Generalized Framework for Securing Heterogeneous Multicore Architectures

Submitted by Michel Kinsy on Mon, 10/09/2017 - 2:44pm

This project envisions a mixed-security system where some components are trusted while others are not-trusted. This includes both hardware and software. The target hardware platform is a heterogeneous multicore system-on-a-chip where some hardware cores are trusted and other cores are untrusted. The applications executing on this multicore substrate are similarly made out of tasks where some tasks require secure execution and other tasks may be unsecured. The problem is highly relevant to so-called "Internet of Things" systems built from trusted and untrusted components.

group_project

Visible to the public TWC: Small: Combating Environment-aware Malware

Submitted by Michail Polychron... on Mon, 10/09/2017 - 2:41pm

Tools for dynamic detection of malicious software ("malware"), such as antivirus software, often create a protected "analysis environment" (or "sandbox") in which to test suspicious software without risk to the computer system. Malware authors have responded by developing environment-awareness techniques, to enable their malware to recognize and behave differently in a sandbox environment, thereby evading detection. Authors of defense software are endeavoring to ensure that analysis environments exhibit realistic characteristics.

group_project

Visible to the public TWC: Small: Virtual Private Social Networks

Submitted by angelos on Mon, 10/09/2017 - 1:25pm

Social networking services have been transformed from one-stop websites, to social interaction platforms deeply integrated with third-party websites, applications, and even operating systems. As prominent examples, social plugins such as Facebook's Like and Google's +1 buttons enable websites to offer personalized content and allow their visitors to seamlessly share and interact with their social circles, while Facebook and Twitter support is already integrated in iOS 6.

group_project

Visible to the public EAGER: Collaborative: Mapping Privacy and Surveillance Dynamics in Emerging Mobile Ecosystems: Practices and Contexts in the Netherlands and US

Submitted by Michael Zimmer on Mon, 10/09/2017 - 1:21pm

The increasing ubiquity of mobile technologies creates unique privacy and surveillance challenges for users. These problems are global, but the way users, organizations, and governments approach these challenges varies based on cultural norms around privacy. This cross-cultural project evaluates how mobile users in the U.S. and the Netherlands think about and make decisions about their privacy when using mobile apps.

group_project

Visible to the public TWC: Small: Accelerating Cryptographic Protocols with Reconfigurable Hardware

Submitted by Michael Walfish on Mon, 10/09/2017 - 1:18pm

This project is motivated by several observations. First, a number of cryptographic protocols have recently made the transition from pure theory to proof-of-concept instantiations. Second, in these instantiations, the remaining obstacles to genuine practicality seem amenable to hardware acceleration. An example is verifiable computation (one party is given assurance that another computed correctly); in this kind of protocol, computations are represented using a circuit formalism, and there are parallelizable cryptographic operations (modular exponentiation, etc.).