Division of Computer and Network Systems (CNS)
group_project
Submitted by Alley Stoughton on Tue, 03/05/2019 - 2:16pm
Securing computing systems is a formidable task that becomes harder as systems become more complex, widespread and intertwined with our daily lives. This is especially true for protection mechanisms that use cryptographic schemes and protocols. This interdisciplinary project strives to combine two complementary approaches to analyzing the security of complex protocols. The first is modularity: The ability to deduce the security of a complex system from the security of its simpler components.
group_project
Submitted by tripakis on Tue, 03/05/2019 - 1:45pm
Computer networking and the internet have revolutionized our societies, but are plagued with security problems which are difficult to tame. Serious vulnerabilities are constantly being discovered in network protocols that affect the work and lives of millions. Even some protocols that have been carefully scrutinized by their designers and by the computer engineering community have been shown to be vulnerable afterwards. Why is developing secure protocols so hard?
group_project
Submitted by Michelle Mazurek on Tue, 02/26/2019 - 5:17pm
As software now pervades nearly every aspect of modern life, securing software is widely acknowledged as a critical problem. Although significant effort has gone into identifying flaws in software, as well as developing tools, libraries, and processes for detecting and mitigating these flaws during software development and maintenance, security problems remain pervasive.
group_project
Submitted by Trent Jaeger on Tue, 02/26/2019 - 11:50am
Adversaries are outpacing developers in the race to find program vulnerabilities. Where programmers have to find all potential software flaws in their programs and determine whether they are exploitable across all deployments to prevent vulnerabilities, adversaries need only find one software flaw that enables them to achieve their goals in any one deployment. Current techniques to rid programs of vulnerabilities cannot find all such flaws due to the complexity of modern software and their deployments.
group_project
Submitted by Yaacov Nissim on Tue, 02/26/2019 - 11:44am
When a program accesses data stored in memory, disk, or on a remote server, its access patterns can leak information about the secret inputs and data. There has been decades of work that investigated how to make a program "oblivious", such that its access patterns leak nothing about the secret inputs or data. Past techniques, however, incur a considerable performance overhead. This project conceives and investigates new, relaxed notions of access pattern privacy, and discovers new algorithms that achieve such notions of privacy with little to no overhead.
group_project
Submitted by Elaine Shi on Tue, 02/26/2019 - 11:42am
When a program accesses data stored in memory, disk, or on a remote server, its access patterns can leak information about the secret inputs and data. There has been decades of work that investigated how to make a program "oblivious", such that its access patterns leak nothing about the secret inputs or data. Past techniques, however, incur a considerable performance overhead. This project conceives and investigates new, relaxed notions of access pattern privacy, and discovers new algorithms that achieve such notions of privacy with little to no overhead.
group_project
Submitted by Krzysztof Gaj on Tue, 02/26/2019 - 11:34am
Quantum computers are believed to have a potential to perform specialized calculations beyond the reach of any supercomputer in existence today, threatening today's major public-key cryptography standards. Post-Quantum Cryptography (PQC) is devoted to the design and analysis of cryptographic algorithms that are resistant against any known attacks using quantum computers, but by themselves can be implemented using classical computing platforms, based on current semiconductor technologies.
group_project
Submitted by Serge Egelman on Tue, 02/26/2019 - 11:31am
Current user-facing computer systems apply a "notice and consent" approach to managing user privacy: the user is presented with a privacy notice and then must consent to its terms. Decades of prior research show that this approach is unmanageable: policies are vague, ambiguous, and often include legal terms that make them very difficult to understand, if they are even read at all.
group_project
Submitted by Siddharth Garg on Tue, 02/26/2019 - 11:20am
Artificial intelligence (AI) is poised to revolutionize the world in fields ranging from technology to medicine, physics and the social sciences. Yet as AI is deployed in these domains, recent work has shown that systems may be vulnerable to different types of attacks that cause them to misbehave; for instance, attacks that cause an AI system to recognize a stop sign as a speed-limit sign.
group_project
Submitted by reiter on Tue, 02/26/2019 - 11:12am
Machine learning algorithms are increasingly part of everyday life: they help power the ads that we see while browsing the web, self-driving aids in modern cars, and even weather prediction and critical infrastructure. We rely on these algorithms in part because they perform better than alternatives and they can be easy to customize to new applications. Many machine learning algorithms also have a big weakness: it is difficult to understand how and why they compute the answers they provide.
