Medium

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: REVELARE: A Hardware-Supported Dynamic Information Flow Tracking Framework for IoT Security and Forensics

Submitted by Jedidiah Crandall on Tue, 03/05/2019 - 5:01pm

Smart and connected devices, also known as Internet of Things (IoT) devices, are now an integral part of our daily lives. These devices are found in cars, phones, watches, appliances, home security systems, and in critical applications, such as utilities and in the biomedical industry. The convenience provided by IoT devices comes with unique security and privacy concerns. Because of the shortened time-to-market and the fierce competition among companies, security has not been treated as a priority in these devices.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Enforcement of Geofencing Policies for Commercial Unmanned Aircraft Systems

Submitted by Ryan Gerdes on Tue, 03/05/2019 - 4:57pm

The adoption of services and applications that rely on Unmanned Aircraft Systems (UAS) is expected to continue its acceleration for the foreseeable future. Such services and applications include search and rescue, crop monitoring, real-time traffic monitoring, critical infrastructure inspections, and others.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Threat-Aware Defense: Evaluating Threats for Continuous Improvement

Submitted by Mathias Payer on Tue, 03/05/2019 - 3:45pm

Adversaries are outpacing developers in the race to find program vulnerabilities. Where programmers have to find all potential software flaws in their programs and determine whether they are exploitable across all deployments to prevent vulnerabilities, adversaries need only find one software flaw that enables them to achieve their goals in any one deployment. Current techniques to rid programs of vulnerabilities cannot find all such flaws due to the complexity of modern software and their deployments.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: REVELARE: A Hardware-Supported Dynamic Information Flow Tracking Framework for IoT Security and Forensics

Submitted by Daniela Oliveira on Tue, 03/05/2019 - 3:43pm

Smart and connected devices, also known as Internet of Things (IoT) devices, are now an integral part of our daily lives. These devices are found in cars, phones, watches, appliances, home security systems, and in critical applications, such as utilities and in the biomedical industry. The convenience provided by IoT devices comes with unique security and privacy concerns. Because of the shortened time-to-market and the fierce competition among companies, security has not been treated as a priority in these devices.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: REVELARE: A Hardware-Supported Dynamic Information Flow Tracking Framework for IoT Security and Forensics

Submitted by Xuetao Wei on Tue, 03/05/2019 - 3:40pm

Smart and connected devices, also known as Internet of Things (IoT) devices, are now an integral part of our daily lives. These devices are found in cars, phones, watches, appliances, home security systems, and in critical applications, such as utilities and in the biomedical industry. The convenience provided by IoT devices comes with unique security and privacy concerns. Because of the shortened time-to-market and the fierce competition among companies, security has not been treated as a priority in these devices.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Rethinking Access Pattern Privacy: From Theory to Practice

Submitted by George Kollios on Tue, 03/05/2019 - 3:35pm

When a program accesses data stored in memory, disk, or on a remote server, its access patterns can leak information about the secret inputs and data. There has been decades of work that investigated how to make a program "oblivious", such that its access patterns leak nothing about the secret inputs or data. Past techniques, however, incur a considerable performance overhead. This project conceives and investigates new, relaxed notions of access pattern privacy, and discovers new algorithms that achieve such notions of privacy with little to no overhead.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Towards Robust Machine Learning Systems

Submitted by Neil Gong on Tue, 03/05/2019 - 3:20pm

Machine learning techniques, particularly deep neural networks, are increasingly integrated into safety and security-critical applications such as autonomous driving, precision health care, intrusion detection, malware detection, and spam filtering. A number of studies have shown that these models can be vulnerable to adversarial evasion attacks where the attacker makes small, carefully crafted changes to normal examples in order to trick the model into making incorrect decisions.

group_project

Visible to the public SaTC: CORE: Medium: Towards Mechanized Proofs of Composable Security Properties

Submitted by Alley Stoughton on Tue, 03/05/2019 - 3:16pm

Securing computing systems is a formidable task that becomes harder as systems become more complex, widespread and intertwined with our daily lives. This is especially true for protection mechanisms that use cryptographic schemes and protocols. This interdisciplinary project strives to combine two complementary approaches to analyzing the security of complex protocols. The first is modularity: The ability to deduce the security of a complex system from the security of its simpler components.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Understanding Security in the Software Development Lifecycle: A Holistic, Mixed-Methods Approach

Submitted by Michelle Mazurek on Tue, 02/26/2019 - 6:17pm

As software now pervades nearly every aspect of modern life, securing software is widely acknowledged as a critical problem. Although significant effort has gone into identifying flaws in software, as well as developing tools, libraries, and processes for detecting and mitigating these flaws during software development and maintenance, security problems remain pervasive.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Threat-Aware Defense: Evaluating Threats for Continuous Improvement

Submitted by Trent Jaeger on Tue, 02/26/2019 - 12:50pm

Adversaries are outpacing developers in the race to find program vulnerabilities. Where programmers have to find all potential software flaws in their programs and determine whether they are exploitable across all deployments to prevent vulnerabilities, adversaries need only find one software flaw that enables them to achieve their goals in any one deployment. Current techniques to rid programs of vulnerabilities cannot find all such flaws due to the complexity of modern software and their deployments.