Medium

group_project

Visible to the public TWC: Medium: Collaborative: Seal: Secure Engine for AnaLytics - From Secure Similarity Search to Secure Data Analytics

Submitted by Huijia Lin on Wed, 08/07/2019 - 8:03pm

Many organizations and individuals rely on the cloud to store their data and process their analytical queries. But such data may contain sensitive information. Not only do users want to conceal their data on a cloud, they may also want to hide analytical queries over their data, results of such queries, and data access patterns from a cloud service provider (that may be compromised either from within or by a third party).

group_project

Visible to the public SaTC: CORE: Medium: Protecting Confidentiality and Integrity of Deep Neural Networks against Side-Channel and Fault Attacks

Submitted by Yunsi Fei on Wed, 08/07/2019 - 6:56pm

Deep learning (DL) has become a foundational means for solving diverse problems ranging from computer vision, natural language processing, digital surveillance to finance and healthcare. Security of the deep neural network (DNN) inference engines and trained DNN models on various platforms have become one of the biggest challenges in deploying artificial intelligence. Confidentiality breaches of the DNN model can facilitate manipulations of the DNN inference, resulting in potentially devastating consequences.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Cryptographic Data Protection in Modern Systems

Submitted by David Cash on Wed, 08/07/2019 - 6:39pm

Continuing major breaches and security compromises of computer systems motivate a promising new approach to data protection: encrypt the data so that even if stolen, it will be useless to the attacker, yet reveal just enough information about the data so that commodity systems such as databases and Web servers can still operate on it. This is called property-revealing encryption (PRE), and has already found its way to academic and commercial products that protect sensitive data in cloud services.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Presentation-attack-robust biometrics systems via computational imaging of physiology and materials

Submitted by Vishal Patel on Wed, 08/07/2019 - 4:52pm

Many physical characteristics, such as face, fingerprints, and iris as well as behavioral characteristics such as voice, gait, and keystroke dynamics, are believed to be unique to an individual. Hence, biometric analysis offers a reliable solution to the problem of identity verification. It is now widely acknowledged that biometric systems are vulnerable to manipulation where the true biometric is falsified using various attack strategies; such attacks are referred to as Presentation Attacks (PAs).

group_project

Visible to the public SaTC: CORE: Medium: Implicit One-handed Mobile User Authentication by Induced Thumb Biometrics on Touch-screen Handheld Devices

Submitted by Lina Zhou on Wed, 08/07/2019 - 4:25pm

People often store private and sensitive data on their mobile devices, and the security of these devices is essential. This project advances and develops a new process for verifying a user's legitimate right to access a mobile device. Existing research has not made this process very usable for many people who lack dexterity or the use of both hands. This research aims to design and develop a method for one-handed authentication on a touch-screen mobile handheld device. The objective is to improve both security and usability of authentication.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Toward Enforceable Data Usage Control in Cloud-based IoT Systems

Submitted by Ning Zhang on Wed, 08/07/2019 - 4:16pm

In the upcoming evolution of the Internet of Things (IoT), it is anticipated that billions of devices will be connected to the Internet. While IoT promises a more connected and smarter world, this pervasive large-scale data collection, storage, sharing, and analysis raise many privacy concerns. In the current IoT ecosystem, IoT service providers have full control of the collected user data. They use the data for smart IoT system and device control. They could also use the data for other purposes not consented to by the users.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Toward Enforceable Data Usage Control in Cloud-based IoT Systems

Submitted by Wenjing Lou on Wed, 08/07/2019 - 4:13pm

In the upcoming evolution of the Internet of Things (IoT), it is anticipated that billions of devices will be connected to the Internet. While IoT promises a more connected and smarter world, this pervasive large-scale data collection, storage, sharing, and analysis raise many privacy concerns. In the current IoT ecosystem, IoT service providers have full control of the collected user data. They use the data for smart IoT system and device control. They could also use the data for other purposes not consented to by the users.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Doctor WHO: Investigation and Prevention of Online Content Management System Abuse

Submitted by Brendan Saltaform... on Wed, 08/07/2019 - 4:03pm

Over half of the world's 1.8 billion websites run on Content Management Systems (CMS). Unfortunately, CMS deployments make easy targets for attackers, as they are built from an amalgam of layered software and interpreters, with varying degrees of network and system permissions, which execute on an Internet-facing web server.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Doctor WHO: Investigation and Prevention of Online Content Management System Abuse

Submitted by kyuhlee on Wed, 08/07/2019 - 4:00pm

Over half of the world's 1.8 billion websites run on Content Management Systems (CMS). Unfortunately, CMS deployments make easy targets for attackers, as they are built from an amalgam of layered software and interpreters, with varying degrees of network and system permissions, which execute on an Internet-facing web server.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Doctor WHO: Investigation and Prevention of Online Content Management System Abuse

Submitted by Yonghwi Kwon on Wed, 08/07/2019 - 3:53pm

Over half of the world's 1.8 billion websites run on Content Management Systems (CMS). Unfortunately, CMS deployments make easy targets for attackers, as they are built from an amalgam of layered software and interpreters, with varying degrees of network and system permissions, which execute on an Internet-facing web server.