CAREER

Viruses, worms, and other self-propagating malware remain significant ongoing security threats to almost all sectors of the nation's cyber-infrastructure, including government, business, and home consumers. The escalating rate of new malware appearances increasingly threatens to outpace the defense community's ability to maintain effective detection systems. This is in part because many malware detection algorithms identify malicious software based on syntactic features.

As mobile phones become capable of performing increasingly complex and sensitive tasks, the loss, theft or destruction of such devices represents one of the most significant classes of security problems. This research improves the security of data stored on and generated by these devices by breaking the mandatory binding between mobile phones and hardware. In particular, this work limits the damage associated with this class of vulnerabilities not to the value of the data they transport but to the cost of the device itself.

Embedded systems currently rely on local and often insecure state retention for process control and subsequent forensic analysis. As critical embedded control systems (e.g., smart grids, SCADA) generate increasing amounts of data and become ever more connected to other systems, secure retention and management of that data is required. Attacks such as Stuxnet show that SCADA and other systems comprising critical infrastructure are vulnerable to the compromise of controllers and sensing devices, as well as falsification of data to circumvent anomaly detection mechanisms.

The goal of this project is to create the algorithms, frameworks, and systems for defending the open web ecosystem from emerging threats. This project aims to (i) analyze malicious tasks and behaviors of crowdturfers; (ii) detect malicious tasks on crowdsourcing platforms by developing novel malicious task detectors; (iii) design and build a task blacklist; (iv) uncover the ecosystem of crowdturfers and detect crowdturfers; (v) combine crowdturfer detection approaches with other malicious participants detection approaches.

This project takes a new approach to problems involving sensitive data, by focusing on rigorous mathematical modeling and characterization of the value of private information. By focusing on quantifying the loss incurred by affected individuals when their information is used -- and quantifying the attendant benefits of such use -- the approaches advanced by this work enable concrete reasoning about the relative risks and rewards of a wide variety of potential computations on sensitive data.