Collaborative

group_project

Visible to the public SaTC-CCRI: Collaborative Research: Sharing Expertise and Artifacts for Reuse through Cybersecurity CommunityHub (SEARCCH)

Cybersecurity research experiments are frequently performed in ad hoc ways, which severely retards scientific progress. Most researchers use a combination of methods and infrastructure to conduct experiments using one-off, painstaking, and error-prone processes that are never shared for reuse and validation. The lack of repeatable, reproducible, and reusable processes and other artifacts limits one's ability to build upon the work of others or to compare solutions.

group_project

Visible to the public SaTC-CCRI: Collaborative Research: Sharing Expertise and Artifacts for Reuse through Cybersecurity CommunityHub (SEARCCH)

Cybersecurity research experiments are frequently performed in ad hoc ways, which severely retards scientific progress. Most researchers use a combination of methods and infrastructure to conduct experiments using one-off, painstaking, and error-prone processes that are never shared for reuse and validation. The lack of repeatable, reproducible, and reusable processes and other artifacts limits one's ability to build upon the work of others or to compare solutions.

group_project

Visible to the public SaTC-CCRI: Collaborative Research: Sharing Expertise and Artifacts for Reuse through Cybersecurity CommunityHub (SEARCCH)

Cybersecurity research experiments are frequently performed in ad hoc ways, which severely retards scientific progress. Most researchers use a combination of methods and infrastructure to conduct experiments using one-off, painstaking, and error-prone processes that are never shared for reuse and validation. The lack of repeatable, reproducible, and reusable processes and other artifacts limits one's ability to build upon the work of others or to compare solutions.

group_project

Visible to the public SaTC-CCRI: Collaborative Research: Sharing Expertise and Artifacts for Reuse through Cybersecurity CommunityHub (SEARCCH)

Cybersecurity research experiments are frequently performed in ad hoc ways, which severely retards scientific progress. Most researchers use a combination of methods and infrastructure to conduct experiments using one-off, painstaking, and error-prone processes that are never shared for reuse and validation. The lack of repeatable, reproducible, and reusable processes and other artifacts limits one's ability to build upon the work of others or to compare solutions.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative Research: Understanding and Mitigating the Privacy and Societal Risks of Advanced Advertising Targeting and Tracking

Advertising now funds most of the popular web sites and internet services: companies often provide their services for free, in exchange for collecting data from their users as they interact with the service. In recent years, the scale and resolution of user data that platforms collect has led to a dramatic increase in the variety of targeting, reporting, measurement, and tracking mechanisms that platforms offer to advertisers.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative Research: Understanding and Mitigating the Privacy and Societal Risks of Advanced Advertising Targeting and Tracking

Advertising now funds most of the popular web sites and internet services: companies often provide their services for free, in exchange for collecting data from their users as they interact with the service. In recent years, the scale and resolution of user data that platforms collect has led to a dramatic increase in the variety of targeting, reporting, measurement, and tracking mechanisms that platforms offer to advertisers.

group_project

Visible to the public TC: Small: Collaborative Research: Securing Multilingual Software Systems

Most real software systems consist of modules developed in multiple programming languages. Different languages differ in their security assumptions and guarantees. Consequently, even if single modules are secure in some language model and with respect to some security policy, there is usually no uniform security guarantee on a whole multilingual system. This project focuses on low-overhead techniques for providing security guarantees to software systems in which type-safe languages such as Java interoperate with native code.

group_project

Visible to the public TC: Medium: Collaborative Research: User-Controllable Policy Learning

This award is funded under the American Recovery and Reinvestment Act of 2009

(Public Law 111-5).

As both corporate and consumer-oriented applications introduce new functionality and increased levels of customization and delegation, they inevitably give rise to more complex security and privacy policies. Yet, studies have repeatedly shown that both lay and expert users are not good at configuring policies, rendering the human element an important, yet often overlooked source of vulnerability.

group_project

Visible to the public TC:Medium:Collaborative Research: Technological Support for Improving Election Processes

This project is developing and evaluating the application of iterative process improvement technology to assure the privacy, security, reliability, and trustworthiness of elections, which are the very cornerstone of democracy. The focus of the project is to locate mismatches between existing voting systems and the processes that are currently using them in the conduct of elections. These mismatches can result in vulnerabilities or inaccuracy in elections. This project demonstrates how to remediate such vulnerabilities through the use of iterative process improvement.

group_project

Visible to the public TC: Medium: Collaborative Research: Novel Forensic Analysis for Crimes Involving Mobile Systems

Our project will significantly advance forensic methods of investigating mobile devices used for trafficking in digital contraband. While current methods and legislation focus heavily on logical identifiers, we will design, evaluate, and deploy new forensic techniques that focus on consistent and trackable characteristics of mobile computing. Additionally, our work will play an important role in understanding the limits of personal privacy in these settings.