Division of Computer and Network Systems (CNS)
group_project
Submitted by Lujo Bauer on Tue, 05/01/2018 - 1:46pm
This project explores an architecture, mechanisms, and interfaces for helping users manage access control in the digital home. The home is a challenging, yet critical, target for usable security. It requires abstractions that are intuitive for laypeople, interfaces that allow users to manipulate those abstractions, and access-control and storage infrastructure that can support the abstractions.
group_project
Submitted by ckruegel on Tue, 05/01/2018 - 1:38pm
Recent years have witnessed a dramatic change in the goals and modus operandi of malicious hackers. In particular, hackers realized the potential monetary gains associated with Internet fraud. As a result, there has been an integration of sophisticated computer attacks with well-established fraud mechanisms devised by organized crime. This process has created a vibrant underground economy. Recent research has mostly focused on the visible aspects of the underground economy, such as botnets, spam, and phishing.
group_project
Submitted by David Evans on Tue, 05/01/2018 - 1:27pm
A variety of emerging microelectronics applications target portable systems with tight constraints on the related metrics of power, form factor, and longevity. For many of these applications, there are severe constraints on the energy consumption for the electronics in the system. In particular, passive RFID tags rely on power received from readers so low power consumption is necessary to enable long-range reads.
group_project
Submitted by Paul Barford on Tue, 05/01/2018 - 1:07pm
In order to address the continued escalation in the diversity, sophistication and quantity of malicious activity in the Internet, new methods for systematic testing and evaluation of next generation security systems and techniques are required. The objective of this research is to investigate and develop meta-environments for Emulab-based testbeds. A meta-environment is a set of testbed configurations, tools and processes developed for a specific security domain that enables experiments to be conducted in a simplified, realistic and consistent fashion.
group_project
Submitted by Lorrie Cranor on Tue, 05/01/2018 - 1:00pm
When systems rely on a "human in the loop" to carry out a security-critical function, cyber trust indicators are often employed to communicate when and how to perform that function. Indicators typically serve as warnings or status indicators that communicate information, remind users of information previously communicated, and influence behavior. They include a variety of security- and privacy-related symbols in the operating system status bar or browser chrome, pop-up alerts, security control panels, or symbols embedded in web content.
group_project
Submitted by Virgil Gligor on Tue, 05/01/2018 - 12:45pm
This project is motivated by the fundamental question of whether it is possible to achieve verifiable end-to-end security properties by adding suitable security mechanisms on top of commercially available applications executing on an untrusted computing platform. A concrete example of such a scenario is provided by a user interacting with a bank's web server using a web browser running SSL.
group_project
Submitted by Harold Abelson on Tue, 05/01/2018 - 12:41pm
The project on the Theory and Practice of Accountable Systems investigates computational and social properties of information networks necessary to provide reliable assessments of compliance with rules and policies governing the use of information. In prior research, project leaders have demonstrated that achieving basic social policy goals in open information networks will require increased reliance on information accountability through after-the- fact detection of rule violations.
group_project
Submitted by sandhutx on Tue, 05/01/2018 - 11:39am
Considering the popularity and wide adoption of social network systems and the competitive edge these systems provide, there has been a rapid growth in use of these systems to access, store, and exchange personal attribute information in distributed and/or federated environments and this trend is expected to continue. Efficient, secure, and user-centric techniques are important for the successful deployment of such systems.
group_project
Submitted by Yong Guan on Mon, 04/30/2018 - 3:54pm
With the rapid growth of the Internet, online advertisement plays a more and more important role in the advertising market and has become a billion-dollar business ($19.5 billon in 2007). One of the current and widely used revenue models for online advertising is Pay-per-click (PPC), which involves charging for each click based on the popularity of keywords and the number of competing advertisers. However, the pay-per-click model leaves room for individuals or rival companies to generate false clicks (i.e., click fraud) due to the lack of verifiable engagement in PPC requests.
group_project
Submitted by Nikita Borisov on Mon, 04/30/2018 - 3:23pm
This project concerns traffic analysis--the practice of learning sensitive information from communication patterns, rather than their contents. As encryption of data becomes more prevalent, a detailed study of traffic analysis is necessary to understand the threats to privacy that patterns of communication pose, and to design effective countermeasures. Traffic analysis is also important for intrusion detection, to detect attacks and abnormalities that are embedded in encrypted traffic.
