Division of Computer and Network Systems (CNS)
group_project
Submitted by John Mitchell on Thu, 05/03/2018 - 12:06pm
Modern organizations, such as businesses, non-profits, government agencies, and universities, collect and use personal information from a range of sources, shared with specific expectations about how it
group_project
Submitted by Samuel King on Tue, 05/01/2018 - 4:40pm
The near ubiquity of Internet access has put a wealth of information and ever-increasing opportunities for social interaction at the fingertips of users. Driving this revolution is the modern web browser, which has evolved from a relatively simple client application designed to display static data into a complex networked operating system tasked with managing many facets of a users online experience. Support for dynamic content, multimedia data, and third-party plug-ins has greatly enriched users experiences at the cost of increasing the complexity of the browser itself.
group_project
Submitted by Kevin Fu on Tue, 05/01/2018 - 4:29pm
This research project advances the understanding of security and privacy in pervasive healthcare by testing technological methods of securing implantable medical devices and by evaluating human factors through patient studies. The most fundamental question is how to balance the opposing goals of safety and effectiveness with security and privacy of wireless, implantable medical devices.
group_project
Submitted by reiter on Tue, 05/01/2018 - 4:22pm
Layer-8 attacks (e.g., spam and phishing) are launched from a malicious service platform, e.g., botnet, which consists of a large number of infected machines (or bots). Such an attack platform relies on lower-layer network services to achieve efficiency, robustness, and stealth in communication and attack activities. These services include look-up (e.g., DNS), hosting (e.g., Web servers), and transport (e.g., BGP).
The main research goals and approaches of the CLEANSE project are:
group_project
Submitted by Anna Squicciarini on Tue, 05/01/2018 - 4:12pm
Considering the popularity and wide adoption of social network systems and the competitive edge these systems provide, there has been a rapid growth in use of these systems to access, store, and exchange personal attribute information in distributed and/or federated environments and this trend is expected to continue. Efficient, secure, and user-centric techniques are important for the successful deployment of such systems.
group_project
Submitted by Vinod Ganapathy on Tue, 05/01/2018 - 4:05pm
The integrity of commodity operating system kernels is threatened by rootkits that modify key kernel data structures to achieve a variety of malicious goals. While rootkits have historically been known to affect control data in the kernel, recent work demonstrates rootkits that affect system security by modifying non-control data, such as linked lists used to manage bookkeeping information and metadata used for memory management. Existing techniques fail to detect such rootkits effectively.
group_project
Submitted by George Kollios on Tue, 05/01/2018 - 3:58pm
Answers to database queries often form the basis for critical decision-making. To improve efficiency and reliability, answers to these queries can be provided by distributed servers close to the querying clients. However, because of the servers' ubiquity, the logistics associated with fully securing them may be prohibitive; moreover, when the servers are run by third parties, the clients may not trust them as much as they trust the original data owners. Thus, the authenticity of the answers provided by servers in response to clients' queries must be verifiable by the clients.
group_project
Submitted by Salil Vadhan on Tue, 05/01/2018 - 3:54pm
While modern research in cryptography has transformed a significant portion of computer security from an art into a science, ultimately the security guarantees for all current cryptographic protocols (encryption, digital signatures, etc.) rely on conjectures, such as the intractability of factoring large integers is intractable or of finding collisions in certain "hash functions". The possibility that these conjectures are false (as was recently discovered for some popular hash functions) is a genuine threat to cybersecurity.
group_project
Submitted by Anna Lysyanskaya on Tue, 05/01/2018 - 3:45pm
As records of individuals' activities become increasingly computerized and linked, privacy becomes an ever more challenging problem. It is especially challenging when legitimate security needs require the ability to link different transactions and even obtain details about the individuals involved. The focus of this project is on cryptographic technologies that achieve a compromise: transaction records should be anonymous until special circumstances (such as wrong-doing on the part of a particular individual, or an emergency that requires special measures) arise.
group_project
Submitted by Ramasubramanian S... on Tue, 05/01/2018 - 3:30pm
Cyber threats have escalated rapidly over the past decade. "Zero-day attacks" have become significant, delivered increasingly through seemingly innocuous means such as web pages, images, and documents. Malware is rampant, being installed surreptitiously on millions of computers around the world using a combination of spam, phishing, malicious shareware and freeware. Today's defenses use techniques such as signature-based scanning and file integrity monitoring to detect the presence of malware, and then remove them.
