EAGER

Household Internet-of-Things (IoT) devices are intended to collect information in the home and to communicate with each other, to create powerful new applications that support our day-to-day activities. Existing research suggests that users have a difficult time selecting their privacy settings on such devices. The goal of this project is to investigate how, why and when privacy decisions of household IoT users are suboptimal, and to use the insights from this research to create and test a simple single user interface that integrates privacy settings across all devices within a household.

Cloud storage is currently experiencing explosive growth as more and more businesses and organizations store large amounts of data on cloud servers. Encrypting such data provides security against untrusted servers or malicious intrusions. However, standard encryption has the drawback of compromising functionality and efficiency and it is so strong that its ciphertexts are not searchable. For this reason, searchable encryption (SE) has become an important research area, aimed at providing weaker forms of encryption that balance security, efficiency, and functionality goals.

The 2011 Federal Cybersecurity Research and Development Plan cites "Accelerating Transition to Practice (TTP)" as one of five strategic objectives in the Cyber Security and Information Assurance (CSIA) Program Component Area. TTP remains a strategic objective of Agencies which fund cybersecurity research, including NSF. However, the NSF cybersecurity portfolio contains only a small amount of security research that has been transitioned into operational activities.

Publicly available and searchable genomic data banks could revolutionize clinical and research settings, but privacy concerns about releasing such information are currently preventing its usage. This project aims to address these concerns by providing new mechanisms by which individuals can donate their genomic information to a data bank in such a way that third parties, such as doctors or researchers, querying the data bank are guaranteed to learn only aggregate functions of the population's data that the individuals authorize.

Large-scale distributed denial of service (DDoS) attacks pose an imminent threat to the availability of critical Internet-based operations, as demonstrated by recent incidents that brought down a number of highly popular web services such as Twitter, Spotify and Reddit. While several solutions to counter DDoS attacks have been proposed by both industry and academia, most of the solutions that are currently deployed on the Internet - such as traffic scrubbing - tend to detect and mitigate DDoS attacks close to the victim edge network, once the attack has already caused damage.