Division of Computer and Network Systems (CNS)
group_project
Submitted by Wensheng Zhang on Mon, 03/18/2019 - 1:31pm
Cloud-based storage services are gaining increasing popularity for their attractive pay-as-you-go model and high availability, reliability and economic efficiency. Meanwhile, there is an increasing privacy consciousness among users regarding this storage paradigm. While encryption provides some protection for data privacy, it cannot protect data access patterns, which can reveal private information about cloud storage clients.
group_project
Submitted by Baishakhi Ray on Mon, 03/18/2019 - 1:03pm
Semantic security bugs cause serious vulnerabilities across a wide range of software. For example, in a recent incident, attackers exploited a semantic security bug in Apache Struts to steal sensitive personal data of up to 143 million customers from Equifax servers. In fact, such vulnerabilities are quite common in practice. The total number of Common Vulnerabilities and Exposure Identifiers (CVEs) assigned to different types of semantic security bugs exceeds 2,000 just this year alone.
group_project
Submitted by danadach on Mon, 03/18/2019 - 1:02pm
Current technology for securing Internet traffic relies on cryptographic protocols that are based on the presumed difficulty of two mathematical problems - the factorization problem and the discrete logarithm problem. However, the emerging technology of quantum computers - a type of computer that leverages the laws of quantum mechanics to perform certain computations faster than classical computers - can efficiently solve both of these problems and thus effectively attack the respective cryptographic protocols.
group_project
Submitted by Wujie Wen on Mon, 03/18/2019 - 12:58pm
Deep neural networks (DNNs) are finding applications in wide-ranging applications such as image recognition, medical diagnosis and self-driving cars. However, DNNs suffer from a security threat: decisions can be misled by adversarial inputs crafted by adding human-imperceptible perturbations into normal inputs during training of DNN model. Defending against adversarial attacks is challenging due to multiple attack vectors, unknown adversary's strategies and cost.
group_project
Submitted by Zhanpeng Jin on Mon, 03/18/2019 - 12:54pm
In September of 2015, it was reported that hackers had stolen the fingerprint records of 5.6 million U.S. federal employees from the Office of Personnel Management (OPM). This was a severe security breach, and it is an even bigger problem because those fingerprints are now permanently compromised and the users cannot generate new fingerprints. This breach demonstrates two challenging facts about the current cybersecurity landscape. First, biometric credentials are vulnerable to compromise. And, second, biometrics that cannot be replaced if stolen are even more vulnerable to theft.
group_project
Submitted by Bogdan Carbunar on Mon, 03/18/2019 - 12:49pm
The pressure to succeed in online, peer-review websites has created a black market for search rank fraud. Fraud workers, who may control hundreds of user accounts, connect with product developers through crowdsourcing sites, then, from the accounts that they control, post fake activities, ratings, and reviews for site-owners' products. Most peer-review systems use fraud detection to filter out fake activities, but fraud nevertheless persists.
group_project
Submitted by Jean-Francois Biasse on Mon, 03/18/2019 - 12:30pm
This award supports research into the security of a new family of cryptosystems based on a mathematical structure called isogenies of elliptic curves. The research will also include the development of new isogeny-based protocols. These protocols are among the front runners in the process of replacement of the current public key primitives by alternatives that will be secure against attacks by quantum computers. The transition towards a quantum-safe cyberspace is an immediate priority for the cryptography community.
group_project
Submitted by Jules Polonetsky on Mon, 03/18/2019 - 12:24pm
The Future of Privacy Forum Education and Innovation Foundation (FPF EIF) is establishing the Applied Privacy Research Coordination Network (Applied Privacy RCN) to support the transition of academic privacy research to commercial practice by providing ongoing, structured networking and opportunities for privacy scholars to meet industry leaders involved in their research areas and develop working partnerships. The Applied Privacy RCN will promote new knowledge, techniques and practices to better protect individual privacy.
group_project
Submitted by Jie Yang on Mon, 03/18/2019 - 12:17pm
Using mobile devices to authenticate a person's identity, both for access to the device itself and as a platform for verifying access to other nearby devices, is an important problem to address in building secure and private computing systems. This proposal seeks to improve voice recognition as an authentication tool by developing physical models of people's vocal tracts that uniquely affect how individual people produce sounds.
group_project
Submitted by Ben Zhao on Mon, 03/18/2019 - 11:55am
Many of today's mobile services build mobile communities of users who share their valuable experiences and data. Examples include traffic incidents (Waze), restaurant reviews (Yelp, FourSquare), anonymous social networks (Whisper, Yik Yak), and even dating (Tinder, Bumble). Unfortunately, new threats can compromise and manipulate these communities, using lightweight software to mimic mobile devices. The resesarchers have shown how attackers can eavesdrop on mobile network traffic, learn their patterns, and write software to emulate mobile devices running the application.
