Division of Computer and Network Systems (CNS)

group_project

Visible to the public SaTC: CORE: Medium: Implicit One-handed Mobile User Authentication by Induced Thumb Biometrics on Touch-screen Handheld Devices

People often store private and sensitive data on their mobile devices, and the security of these devices is essential. This project advances and develops a new process for verifying a user's legitimate right to access a mobile device. Existing research has not made this process very usable for many people who lack dexterity or the use of both hands. This research aims to design and develop a method for one-handed authentication on a touch-screen mobile handheld device. The objective is to improve both security and usability of authentication.

group_project

Visible to the public SaTC: CORE: Small: Expanding the Frontiers of Lattice-Based Cryptography

Research and development into quantum computers raises many new challenges for security and privacy. For instance, large-scale quantum computers would compromise much of the cryptography used to secure the Internet today. This project's novelty is in developing new and systematic approaches for constructing advanced cryptographic primitives that remain robust even in the presence of sophisticated quantum adversaries.

group_project

Visible to the public SaTC: CORE: Small: Transforming Non-Malleable Cryptography

This project aims to enhance our understanding of tampering attacks which are one of the most basic ones in cryptography and computer security. A tampering adversary may try to modify data at rest or in transit, which could be devastating to the security of a number of computer systems. The goal of non-malleable cryptography is to develop the tools and techniques required to secure computer systems against such attacks. The project's novelties are in conceptualizing a number of new primitives which can help fight against such attacks in emerging computer systems.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Toward Enforceable Data Usage Control in Cloud-based IoT Systems

In the upcoming evolution of the Internet of Things (IoT), it is anticipated that billions of devices will be connected to the Internet. While IoT promises a more connected and smarter world, this pervasive large-scale data collection, storage, sharing, and analysis raise many privacy concerns. In the current IoT ecosystem, IoT service providers have full control of the collected user data. They use the data for smart IoT system and device control. They could also use the data for other purposes not consented to by the users.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Toward Enforceable Data Usage Control in Cloud-based IoT Systems

In the upcoming evolution of the Internet of Things (IoT), it is anticipated that billions of devices will be connected to the Internet. While IoT promises a more connected and smarter world, this pervasive large-scale data collection, storage, sharing, and analysis raise many privacy concerns. In the current IoT ecosystem, IoT service providers have full control of the collected user data. They use the data for smart IoT system and device control. They could also use the data for other purposes not consented to by the users.

group_project

Visible to the public SaTC: CORE: Small: Detecting and Mitigating Unintended Learning

Machine learning is fueling major advances in biomedical research, natural language processing, image recognition, self-driving vehicles, etc. These advances depend on the continuing availability of data. By assuring the integrity and privacy of both the data and the machine learning models based on this data, this project aims to bring the benefits of machine learning to all data holders. However, machine learning can unintentionally reveal sensitive data such as the identity of specific persons.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Doctor WHO: Investigation and Prevention of Online Content Management System Abuse

Over half of the world's 1.8 billion websites run on Content Management Systems (CMS). Unfortunately, CMS deployments make easy targets for attackers, as they are built from an amalgam of layered software and interpreters, with varying degrees of network and system permissions, which execute on an Internet-facing web server.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Doctor WHO: Investigation and Prevention of Online Content Management System Abuse

Over half of the world's 1.8 billion websites run on Content Management Systems (CMS). Unfortunately, CMS deployments make easy targets for attackers, as they are built from an amalgam of layered software and interpreters, with varying degrees of network and system permissions, which execute on an Internet-facing web server.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Doctor WHO: Investigation and Prevention of Online Content Management System Abuse

Over half of the world's 1.8 billion websites run on Content Management Systems (CMS). Unfortunately, CMS deployments make easy targets for attackers, as they are built from an amalgam of layered software and interpreters, with varying degrees of network and system permissions, which execute on an Internet-facing web server.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Taming Memory Corruption with Security Monitors

Modern computing systems are under constant attack by organized crime syndicates, nation-state adversaries, and regular cyber-criminals alike. Among the most damaging attacks are those that exploit so-called memory corruption vulnerabilities which often confer the attacker with access to sensitive information or allow the attacker to execute arbitrary code on the victim's machine. To counter the threat posed by memory corruption vulnerabilities, this project will research and develop new defensive capabilities realized through the joint design of hardware and software.