Division of Computer and Network Systems (CNS)
group_project
Submitted by Somesh Jha on Mon, 08/26/2019 - 3:26pm
Differential privacy (DP) has been accepted as the de facto standard for data privacy in the research community and beyond. Both companies and government agencies are trying to deploy DP technologies. Broader deployments of DP technology, however, face challenges. This project aims to understand the needs of different stakeholders in data privacy, and to develop algorithms and software to enable broader deployment of private data sharing.
group_project
Submitted by Ramasubramanian S... on Mon, 08/26/2019 - 2:54pm
There has been a rapid escalation of targeted cyber-attacks, called Advanced Persistent Threats (APTs), on high-profile enterprises. These skilled attacks routinely bypass widely deployed protection mechanisms. Existing second-line cyber defenses (e.g., intrusion detection systems) are helpful, but they often generate a flood of information that overwhelms cyber analysts. Moreover, analysts lack the tools to piece together attack fragments spanning multiple applications and/or hosts.
group_project
Submitted by V. Venkatakrishnan on Mon, 08/26/2019 - 2:47pm
There has been a rapid escalation of targeted cyber-attacks, called Advanced Persistent Threats (APTs), on high-profile enterprises. These skilled attacks routinely bypass widely deployed protection mechanisms. Existing second-line cyber defenses (e.g., intrusion detection systems) are helpful, but they often generate a flood of information that overwhelms cyber analysts. Moreover, analysts lack the tools to piece together attack fragments spanning multiple applications and/or hosts.
group_project
Submitted by debray on Mon, 08/26/2019 - 2:44pm
This project aims to investigate software whose code can change during its execution. Such code is ubiquitous in modern systems. For example, all modern web browsers contain a component, known as a JIT compiler, that creates or modifies code during execution. Reasoning about relationships between the code that carries out the runtime modifications, and the code that is created or modified as a result, is important for a number of software security applications. For example, bugs in a JIT compiler can result in vulnerabilities that can be exploited by hackers.
group_project
Submitted by aviv on Mon, 08/26/2019 - 1:58pm
This CAREER research focuses on human factors in authentication using mobile devices. Mobile authentication is a crucial component of authentication, especially as mobile devices become ever more connected to the broader security ecosystem. A major concern is how users authenticate as they use their devices over months or years. This research will involve empirical studies of the choices and actions users take over time. Qualitative and quantitative measures will be employed to better understand user mental models, perceptions, and behaviors related to mobile authentication.
group_project
Submitted by Yanfang Ye on Tue, 08/13/2019 - 12:12pm
As the Internet becomes increasingly ubiquitous, it offers a low-risk harbor for cybercrime -- illegal activities such as hacking and online scams. Cybercrime is increasingly enabled by an online underground ecosystem, within which are anonymous forums and so-called dark web platforms for cybercriminals to exchange knowledge and trade in illicit products and services.
group_project
Submitted by Mingyan Liu on Tue, 08/13/2019 - 11:54am
This project aims to tackle some of the most significant challenges facing the design and adoption of risk-informed cyber insurance policies; these challenges include cyber risk interdependence, correlated risk and value-at-risk, and a fast-changing threat landscape. The research has the potential to bring about a paradigm shift in the design of cyber insurance policies so that they are used as effective economic and incentive mechanisms consistent with cyber risk realities; in doing so it also introduces new ways of thinking about cybersecurity in a holistic, risk management context.
group_project
Submitted by Bo Chen on Tue, 08/13/2019 - 11:52am
Mainstream mobile computing devices, such as, smart phones and tablets, currently rely on remote backups for data recovery upon failures. For example, an iPhone periodically stores a recent snapshot to iCloud, that can get restored if needed. Such a commonly used "off-device" backup mechanism, however, suffers from a fundamental limitation, namely, the backup in the remote server is not always synchronized with data stored in the local device.
group_project
Submitted by Maggie Cheng on Tue, 08/13/2019 - 11:49am
The project will investigate human factors in network security. The security of network systems relies on proper protection from not only known vulnerabilities, but also new vulnerabilities resulting from unexpected human behavior. The project will directly address a user's situational behavior and its consequence on network security. It engages in the challenges of modeling decision-making process and integrating it in the human-network interaction.
group_project
Submitted by Stephanie Singer on Tue, 08/13/2019 - 11:26am
Election officials need evidence-based, scientifically valid tools to routinely assess the quality of election systems, including technical and human factors. Whether initiated by the election administrators or by the parties to an election, election investigation is expensive and must be well prioritized to be most effective. The project plans to provide tools for prioritizing investigations for election officials and others. The expected outcome is increased robustness of the mechanisms protecting elections that can give Americans more justified confidence in election results.
