Division of Computer and Network Systems (CNS)
group_project
Submitted by Robert Knake on Wed, 08/07/2019 - 11:16am
The idea of extracting information out of cyber incidents that can be used to prevent other, similar incidents at other organizations has often been compared to creating a National Transportation Safety Board (NTSB) for cybersecurity incidents. This project would further this idea by holding a workshop engaged in exploring the barriers to information sharing and data use among organizations, the possible costs and rewards of such a board, the steps required for implementation through policy proposals, and alternative mechanisms, other than a security incident sharing board.
group_project
Submitted by Liyue Fan on Wed, 08/07/2019 - 11:11am
The publication of image data captured by ubiquitous surveillance devices, such as traffic cameras and security surveillance cameras, would greatly benefit various communities and enable many applications. However, sharing image data with untrusted parties would raise privacy concern due to potential sensitive content, like identities and activities that may be in the images. Standard image obfuscation techniques, such as pixelation and blurring, do not provide effective privacy preservation for people or objects represented in the data.
group_project
Submitted by Ryan Ellis on Wed, 08/07/2019 - 11:11am
Bug bounty programs were once a novel way to encourage security researchers to report vulnerabilities. They are now common. Hundreds of organizations--from car manufactures to the Department of Defense--now operate bug bounty programs that purchase flaws from independent vulnerability researchers. Yet, while bug bounty programs are widely viewed as a promising strategy for reducing software attack surfaces, unsolved social and technological issues can limit the efficacy of these programs.
group_project
Submitted by denis on Wed, 08/07/2019 - 11:07am
Many online platforms use economic mechanisms to estimate the best ways to match consumers and businesses with products and services. Effective matches may require using personal consumer data but doing so may intrude on consumers' privacy. This project will use formal concepts of privacy to analyze the use of personal information in mechanism design.
group_project
Submitted by ensafi on Wed, 08/07/2019 - 11:06am
The Internet's size and complexity make it difficult to understand what happens to network packets as they travel from source to destination. Internet service providers and governments sometimes interfere with users' online activities, further complicating this task. This project advances the scientific understanding of network interference detection by developing new methods to remotely measure the manipulation of Internet traffic, such as attempts to censor, tamper with, and monitor users' online activities.
group_project
Submitted by aiping on Wed, 08/07/2019 - 11:03am
This project integrates advances in data science and key findings from psychological research to improve the prediction of trust in information on social media by modeling the psychological phenomenon known as the memory illusion. The memory illusion refers to memory errors that people make to remember information as an outcome of interpreting and making inferences from their past experience. This project will use social media data to examine the memory illusion with online information, and to understand how it is associated with people's trust in information on social media.
group_project
Submitted by xxiao007 on Wed, 08/07/2019 - 11:03am
Mobile applications (i.e., apps) are becoming critical parts in our daily life. While these apps provide better customized services using users' personal data, certain behavior of the apps is less than desirable or harmful. For example, if an app's user interface (UI) has no texts or images to indicate that it will access users' personal data (e.g., GPS data), but the app discloses users' personal data when an action is performed (e.g., pressing a button), then red flags should be raised.
group_project
Submitted by ujjwal.guin@aubur... on Wed, 08/07/2019 - 10:58am
Due to the prohibitive costs of semiconductor manufacturing, most computer chip design companies outsource their production to offshore foundries. As many of these chips may be manufactured in environments of limited trust, problems of the piracy of intellectual property (IP) and the overproduction of integrated circuits (ICs) have emerged in recent years. This project focuses on designing a secure logic locking technique to enable protection against untrusted IC manufacturing. The developed solution is resistant to all known attacks.
group_project
Submitted by Brendan Saltaform... on Wed, 08/07/2019 - 10:33am
Advanced persistent threat (APT) campaigns are increasingly targeting mobile devices deployed across corporations, governments, and financial institutions. Unfortunately, prohibitively slow responses to even high-profile APT attacks have shown that authorities lack the capability to quickly investigate ongoing attacks (in a matter of hours or days rather than months).
group_project
Submitted by jblocki on Wed, 08/07/2019 - 9:54am
Recent data breaches have exposed billions of user passwords to the dangerous threat of an offline password attacker who attempts to guess each user's password by brute force. Because an offline attacker can validate each password guess by itself using stolen password hashes from a data breach it is not possible to "lock out" an offline attacker after several incorrect guesses. The attacker is limited only by the computational resources necessary to mount a brute-force attack.
