Collaborative

group_project

Visible to the public EDU: Collaborative: Using Virtual Machine Introspection for Deep Cyber Security Education

Cybersecurity is one of the most strategically important areas in computer science, and also one of the most difficult disciplines to teach effectively. Historically, hands-on cyber security exercises helped students reinforce basic concepts, but most of them focused on user level attacks and defenses. Since OS kernels provide the foundations to the applications, any compromise to OS kernels will lead to an entirely untrusted computing. Therefore, it is imperative to teach students the practice of kernel level attacks and defenses.

group_project

Visible to the public TWC SBE: Medium: Collaborative: Brain Hacking: Assessing Psychological and Computational Vulnerabilities in Brain-based Biometrics

In September of 2015, it was reported that hackers had stolen the fingerprint records of 5.6 million U.S. federal employees from the Office of Personnel Management (OPM). This was a severe security breach, and it is an even bigger problem because those fingerprints are now permanently compromised and the users cannot generate new fingerprints. This breach demonstrates two challenging facts about the current cybersecurity landscape. First, biometric credentials are vulnerable to compromise. And, second, biometrics that cannot be replaced if stolen are even more vulnerable to theft.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Defending against Compromise and Manipulation of Mobile Communities

Many of today's mobile services build mobile communities of users who share their valuable experiences and data. Examples include traffic incidents (Waze), restaurant reviews (Yelp, FourSquare), anonymous social networks (Whisper, Yik Yak), and even dating (Tinder, Bumble). Unfortunately, new threats can compromise and manipulate these communities, using lightweight software to mimic mobile devices. The resesarchers have shown how attackers can eavesdrop on mobile network traffic, learn their patterns, and write software to emulate mobile devices running the application.

group_project

Visible to the public EDU: Collaborative: Using Virtual Machine Introspection for Deep Cyber Security Education

Cybersecurity is one of the most strategically important areas in computer science, and also one of the most difficult disciplines to teach effectively. Historically, hands-on cyber security exercises helped students reinforce basic concepts, but most of them focused on user level attacks and defenses. Since OS kernels provide the foundations to the applications, any compromise to OS kernels will lead to an entirely untrusted computing. Therefore, it is imperative to teach students the practice of kernel level attacks and defenses.

group_project

Visible to the public TWC: Medium: Collaborative: Systems, Tools, and Techniques for Executing, Managing, and Securing SGX Programs

The Intel Software Guard Extensions (SGX) is a new technology introduced to make secure and trustworthy computing in a hostile environment practical. However, SGX is merely just a set of instructions. Its software support that includes the OS support, toolchain and libraries, is currently developed in a closed manner, limiting its impact only within the boundary of big companies such as Intel and Microsoft. Meanwhile, SGX does not automatically secure everything and it still faces various attacks such as controlled-side channel and enclave memory corruption.

group_project

Visible to the public EAGER: Collaborative: Secure and Trustworthy Cyberphysical Microfluidic Systems

This project's overarching goal is to ensure the security and trustworthiness of cyber-physical microfluidic systems (CPMS). Microfluidic systems are devices that handle small volumes of fluids and are usually coupled with "cyber" elements such as sensors and intelligent control algorithms to improve performance and reliability. CPMS are coming of age in an era of rampant cybersecurity issues, and novel security and trust solutions are the need of the hour.

group_project

Visible to the public EAGER: Collaborative: Secure and Trustworthy Cyberphysical Microfluidic Systems

This project's overarching goal is to ensure the security and trustworthiness of cyber-physical microfluidic systems (CPMS). Microfluidic systems are devices that handle small volumes of fluids and are usually coupled with "cyber" elements such as sensors and intelligent control algorithms to improve performance and reliability. CPMS are coming of age in an era of rampant cybersecurity issues, and novel security and trust solutions are the need of the hour.

group_project

Visible to the public EAGER: Collaborative: Secure and Trustworthy Cyberphysical Microfluidic Systems

This project's overarching goal is to ensure the security and trustworthiness of cyber-physical microfluidic systems (CPMS). Microfluidic systems are devices that handle small volumes of fluids and are usually coupled with "cyber" elements such as sensors and intelligent control algorithms to improve performance and reliability. CPMS are coming of age in an era of rampant cybersecurity issues, and novel security and trust solutions are the need of the hour.

group_project

Visible to the public STARSS: Small: Collaborative: Physical Design for Secure Split Manufacturing of Ics

The trend of outsourcing semiconductor manufacturing to oversea foundries has introduced several security vulnerabilities -- reverse engineering, malicious circuit insertion, counterfeiting, and intellectual property piracy -- making the semiconductor industry lose billions of dollars. Split manufacturing of integrated circuits reduces vulnerabilities introduced by an untrusted foundry by manufacturing only some of the layers at an untrusted high-end foundry and the remaining layers at a trusted low-end foundry.

group_project

Visible to the public Synergy: Collaborative: CPS-Security: End-to-End Security for the Internet of Things

Computation is everywhere. Greeting cards have processors that play songs. Fireworks have processors for precisely timing their detonation. Computers are in engines, monitoring combustion and performance. They are in our homes, hospitals, offices, ovens, planes, trains, and automobiles. These computers, when networked, will form the Internet of Things (IoT). The resulting applications and services have the potential to be even more transformative than the World Wide Web. The security implications are enormous. Internet threats today steal credit cards.