Collaborative

group_project

Visible to the public SaTC: STARSS: Small: Collaborative: Managing Hardware Security in Three-Dimensional Integrated Circuits

Submitted by Qiaoyan Yu on Wed, 10/11/2017 - 2:08pm

Vertically stacked three-dimensional (3D) integration of semiconductor chips is an emerging technology to ensure continued growth in transistor density and performance of integrated circuits (ICs). Despite the well-characterized advantages and limitations, the hardware security of such circuits has not received much attention. With shrinking number of trusted circuit manufacturers, trustworthiness of electronic devices is a growing concern. Vertical integration brings unexplored and unique challenges in managing hardware security.

group_project

Visible to the public TWC: Medium: Collaborative: Aspire: Leveraging Automated Synthesis Technologies for Enhancing System Security

Submitted by mittal on Wed, 10/11/2017 - 2:06pm

Designing secure systems and validating security of existing systems are hard challenges facing our society. For implementing secure applications, a serious stumbling block lies in the generation of a correct system specification for a security policy. It is non-trivial for both system designers and end users to express their intent in terms of formal logic. Similar challenges plague users' trying to validate security properties of existing applications, such as web or cloud based services, which often have no formal specifications.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: A Linguistically-Informed Approach for Measuring and Circumventing Internet Censorship

Submitted by mittal on Wed, 10/11/2017 - 2:04pm

Internet censorship consists of restrictions on what information can be publicized or viewed on the Internet. According to Freedom House's annual Freedom on the Net report, more than half the world's Internet users now live in a place where the Internet is censored or restricted. However, members of the Internet Freedom community lack comprehensive real-time awareness of where and how censorship is being imposed. The challenges to achieving such a solution include but are not limited to coverage, scalability, adoption, and safety.

group_project

Visible to the public TWC: TTP Option: Large: Collaborative: Towards a Science of Censorship Resistance

Submitted by Phillipa Gill on Wed, 10/11/2017 - 1:58pm

The proliferation and increasing sophistication of censorship warrants continuing efforts to develop tools to evade it. Yet, designing effective mechanisms for censorship resistance ultimately depends on accurate models of the capabilities of censors, as well as how those capabilities will likely evolve. In contrast to more established disciplines within security, censorship resistance is relatively nascent, not yet having solid foundations for understanding censor capabilities or evaluating the effectiveness of evasion technologies.

group_project

Visible to the public TWC: Option: Medium: Collaborative: Authenticated Ciphers

Submitted by Phillip Rogaway on Wed, 10/11/2017 - 1:57pm

OpenSSH reveals excerpts from encrypted login sessions. TLS (HTTPS) reveals encrypted PayPal account cookies. DTLS is no better. EAXprime allows instantaneous forgeries. RFID security has been broken again and again. All of these failures of confidentiality and integrity are failures of authenticated ciphers: algorithms that promise to encrypt and authenticate messages using a shared secret key.

group_project

Visible to the public TWC: Small: Collaborative: Towards Agile and Privacy-Preserving Cloud Computing

Submitted by Peng Liu on Wed, 10/11/2017 - 1:47pm

Cloud computing offers many benefits to users, including increased availability and flexibility of resources, and efficiency of equipment. However, privacy concerns are becoming a major barrier to users transitioning to cloud computing. The privilege design of existing cloud platforms creates great challenges in ensuring the trustworthiness of cloud by granting too much power to the cloud administrators, who could launch serious insider attacks by abusing the administrative privileges.

group_project

Visible to the public SaTC: CORE: Large: Collaborative: Investigating the Susceptibility of the Internet Topology to Country-level Connectivity Disruption and Manipulation

Submitted by Paul Barford on Wed, 10/11/2017 - 12:57pm

Malicious actors such as hackers, terrorists or nation-states can disrupt, intercept or manipulate the Internet traffic of entire countries or regions by targeting structural weaknesses of the Internet. Strategic physical locations exist in the Internet topology. Despite much recent interest and a large body of research on cyber-attack vectors and mechanisms, we lack rigorous tools to reason about how the Internet topology of a country or region exposes its critical communication infrastructure to compromise through targeted attacks.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Energy-Harvested Security for the Internet of Things

Submitted by schaum on Wed, 10/11/2017 - 12:23pm

The Internet of Things integrates the virtual world of computers into real-world applications, leading to better efficiency, economy and an improved quality of life. This requires a huge amount of tiny computers, and this project addresses the challenge of powering those computers in a sustainable manner. Tiny computers can run off harvested energy sources such as solar, vibration and/or temperature gradient. The project objective is to show how such energy-constrained devices can support secure and full Internet connectivity.

group_project

Visible to the public TWC: Medium: Collaborative: Scaling and Prioritizing Market-Sized Application Analysis

Submitted by PMcDaniel on Wed, 10/11/2017 - 12:16pm

The emergence of smartphones and more generally mobile platforms as a vehicle for communication, entertainment, and commerce has led to a revolution of innovation. Markets now provide a dizzying array of applications that inform and aid every conceivable human need or desire. At the same time, application markets allow previously unknown multitudes of application developers access to user devices through fast- tracked software publishing with well-documented consequent security concerns.

group_project

Visible to the public TWC: Small: Collaborative: Spoof-Resistant Smartphone Authentication using Cooperating Wearables

Submitted by Nitesh Saxena on Wed, 10/11/2017 - 11:11am

This research is developing methods that leverage a multitude of sensors embedded in hand-held and wearable devices (e.g., smart watches, smart glasses and brain-computer interfaces) for strong user authentication to smart phones. The current point-of-entry solutions, largely based on weak static credentials, such as passwords or PINs for authentication to smart phones are not sufficient because once such credentials are compromised (which is very likely given the many vulnerabilities of passwords), the attacker may gain unfettered access to the smart phone.