EAGER

Web Application Frameworks, such as Google Web Toolkit (GWT) and Rails are being widely used nowadays because of numerous advantages they offer their users. A growing concern is whether such tools introduce security vulnerabilities during the translations they perform. Translation validation is an approach that allows one to verify the correctness of a translation rather than that of a translator.

As the use of mobile, wireless computing devices continues to grow, so does concern with assuring that communications within these wireless networks is not vulnerable to various kinds of attacks. Physical-layer Network Coding (PNC) was developed as a means for improving communication in wireless networks. This project will conduct exploratory research to determine whether and how the use of PNC can be exploited to detect attacks. The work is organized into three tasks.

This research considers a scenario in which a piece of software needs to be protected against an attacker (the man-at-the-end, MATE) who has physical access to the software and so is able to inspect, modify, and execute it. The goal is to prevent the attacker from extracting sensitive information from the software, to prevent him from making changes to the behavior of the software, or, at least, to detect and report when such attacks are underway.

As the amount of digital information explodes, two new trends are emerging. First, data is increasingly being stored and managed in the "cloud", an untrusted trove of computing power and storage space for rent. Second, computer devices (e.g., cars, cell phones, medical implants) are everywhere and continuously exchanging messages.

The research provides a method to detect and mitigate the insider threat. Currently insider threat detection is focused only on the malicious person attempting to harm the organization. Most employees seek to assist their employers. Very few people want to hurt the business providing their livelihood. However, many employees take risks (sometimes very serious risks) on the network. We simultaneous help the benevolent employee and detect the malicious one.