CAREER

group_project

Visible to the public  CAREER: Research and Education: Number Theory, Geometry and Cryptography

Submitted by Katherine Stange on Tue, 11/14/2017 - 10:59am

This project advances the understanding of number theory, geometry, and cryptography. Number theory and geometry are among the oldest and most central topics in mathematics, while their application to cryptography underlies modern cybersecurity. The project focuses on the relationships between number-theoretic information and geometric structures such as elliptic curves, circle packings, and lattices.

group_project

Visible to the public CAREER: Towards Provably-Secure Design of Integrated Circuits

Submitted by Jeyavijayan Rajen... on Tue, 11/14/2017 - 9:58am

The production of computer chips has universally moved offshore in recent years, reducing design complexity and fabrication cost. But these benefits come at the expense of security: An attack anywhere along the supply chain can insert malicious components into an integrated circuit, pirate its design or counterfeit it. These attacks, which are exceedingly difficult to detect, jeopardize the computer industry, undermine national security, and put critical infrastructure in danger.

group_project

Visible to the public CAREER: Securing Applications From Compromised System Software

Submitted by John Criswell on Tue, 11/14/2017 - 6:11am

In an ideal world, secure software would be built as a set of mutually distrusting components that work together to accomplish goals. However, modern software is not built this way; rather, it heavily trusts a component called the operating system kernel. Fortunately, there are new methods of isolating programs from each other and from the OS kernel to minimize the damage caused if an attacker compromises a critical component. However, such solutions are too slow and are vulnerable to sophisticated implicit information flow attacks.

group_project

Visible to the public CAREER: Security Applications of DRAM Cell Decay Effects

Submitted by Jakub Szefer on Mon, 11/13/2017 - 3:53pm

This research project develops ideas and designs that can be used to fingerprint or authenticate computer hardware, to generate cryptographic keys, or form basis of new security protocols, all leveraging the physical properties of the computer hardware. Especially, the focus of this research is on commodity memories found in today's computers, and the work advances fundamental understanding of how the physical properties of memories can be used in computer security.

group_project

Visible to the public CAREER: Obfuscation from a Complexity Theoretic Perspective

Submitted by Huijia Lin on Mon, 11/13/2017 - 12:38pm

Obfuscation schemes are highly desirable tools for transforming programs into unintelligible ones while preserving functionality. However, so far, there lack obfuscation schemes with well-founded security guarantees. The main objective of this project is addressing this gap, by developing new approaches for designing obfuscation schemes based on standard, well-studied, assumptions. Another objective is using obfuscation as a versatile tool to enable a wide range of cryptographic and security applications.

group_project

Visible to the public CAREER: Verifiable Outsourcing of Data Mining Computations

Submitted by Hui Wang on Mon, 11/13/2017 - 8:55am

Spurred by developments such as cloud computing, there has been considerable interest in the data-mining-as-a-service (DMaS) paradigm in which a client outsources his/her data mining needs to a third-party service provider. However, this raises a few security concerns. One of the security concerns is that the service provider may return plausible but incorrect mining results to the client.

group_project

Visible to the public CAREER: Binary and Virtualization Centric Malware Defense

Submitted by Heng Yin on Mon, 11/13/2017 - 8:22am

Malicious software (malware) has become a major threat to computer security and will continue to be a central theme for computer security research for decades. This project takes a binary and virtualization centric approach to effectively and efficiently defeat malware using both online and offline analysis. Offline malware analysis aims to extract knowledge about the inner-workings for a newly discovered malware instance or software exploit, for the purpose of building up proper defense against similar attacks.

group_project

Visible to the public CAREER: Towards Secure Augmented Reality Platforms

Submitted by Franziska Roesner on Mon, 11/13/2017 - 6:36am

Augmented reality (AR) technologies -- which overlay digitally generated information on a user's perception of the physical world -- are at the cusp of commercial viability, appearing in platforms like Microsoft HoloLens, Magic Leap, Meta, and automotive windshields. Though these technologies offer great potential benefits, they also raise new and serious computer security and privacy risks. This project focuses on investigating and addressing security and privacy issues due to the virtual output (visual, audio, or haptic feedback) that AR applications generate.

group_project

Visible to the public CAREER: Practical Oblivious Computation

Submitted by Elaine Shi on Thu, 11/09/2017 - 5:45am

The explosion of digital data carries a wealth of opportunities. The ability to collect and mine data at scale continues to enable new applications and transform our lives. However, privacy concerns are seen as a major hurdle towards data sharing and analytics. This project develops a practical framework for "oblivious computation", which allows general computation over sensitive data, but without disclosing the data.

group_project

Visible to the public CAREER: Transformative Approaches for Hardware Obfuscation Protection, Attacks, and Assessment

Submitted by Domenic Forte on Tue, 11/07/2017 - 5:52am

Electronic computing hardware forms the foundation of modern information systems and cyber infrastructure. However, the unavoidable involvement of untrusted parties who can insert malicious circuits (i.e., hardware Trojans), steal intellectual property (IP), and produce counterfeits have made hardware more vulnerable to cyber-attacks.