Division of Computer and Network Systems (CNS)

Web browsers are vulnerable to side-channel attacks, which usually play an important, first-step role in jump-starting a chain of attacks. For example, a web-level precise clock can help adversaries to break operating system level memory protection mechanisms, such as address-space layout randomization (ASLR). Browser fingerprinting, a variation of web side channels, can be used to obtain users' private information for launching social engineering attacks.

Unlawful online business often leaves behind human-readable text traces for interacting with its targets (e.g., defrauding victims, advertising illicit products to intended customers) or coordinating among the criminals involved. Such text content is valuable for detecting various types of cybercrimes and understanding how they happen, the perpetrator's strategies, capabilities and infrastructures and even the ecosystem of the underground business.

This funding renews a Research Experience for Teachers (RET) Site at the University of Nevada, Reno (UNR). The primary objective of this RET Site is to explore unique ways to engage middle and high school teachers in summer research experiences that emphasize cybersecurity. Cybersecurity is an area of national importance that impacts the lives of all citizens. The teachers will spend six weeks in the summer participating in research experiences and developing classroom modules and materials which will be implemented in their classrooms during the academic year.

Today individuals and organizations leverage machine learning systems to adjust room temperature, provide recommendations, detect malware, predict earthquakes, forecast weather, maneuver vehicles, and turn Big Data into insights. Unfortunately, these systems are prone to a variety of malicious attacks with potentially disastrous consequences. For example, an attacker might trick an Intrusion Detection System into ignoring the warning signs of a future attack by injecting carefully crafted samples into the training set for the machine learning model (i.e., "polluting" the model).

People today are faced with many privacy decisions in their daily interactions with mobile devices. In the past decade, researchers have studied the design of many tools and mechanisms, such as privacy nudges, that aim to help individuals make better privacy decisions. But just like decision support tools in other domains, these tools cannot make users perfect decision-makers. Users still make mistakes and regret their privacy decisions later. This project casts a fresh perspective on Privacy-by-Redesign by helping users revisit and rectify past privacy decisions that they may regret.