Data science

group_project

Visible to the public TWC: Medium: Collaborative: Seal: Secure Engine for AnaLytics - From Secure Similarity Search to Secure Data Analytics

Submitted by Feifei Li on Mon, 11/13/2017 - 7:09am

Many organizations and individuals rely on the cloud to store their data and process their analytical queries. But such data may contain sensitive information. Not only do users want to conceal their data on a cloud, they may also want to hide analytical queries over their data, results of such queries, and data access patterns from a cloud service provider (that may be compromised either from within or by a third party).

group_project

Visible to the public  STARSS: Small: GC@Scale: Synthesis, optimization, and implementation of Garbled Circuits for Scalable Privacy-Preserving Computing

Submitted by Farinaz Koushanfar on Mon, 11/13/2017 - 7:00am

Computing on sensitive data is a standing challenge central to several modern-world applications. Secure Function Evaluation (SFE) allows mistrusting parties to jointly compute an arbitrary function on their private inputs without revealing anything but the result. The GC@Scale project focuses on novel scalable methods for addressing SFE, which directly translate to stronger cryptography and security for myriads of tasks with sensitive data.

group_project

Visible to the public TWC: TTP Option: Small: Automating Attack Strategy Recognition to Enhance Cyber Threat Prediction

Submitted by scyang on Wed, 10/25/2017 - 4:41pm

Network attacks are increasingly complex and fast-evolving. A single attack may use multiple reconnaissance, exploit, and obfuscation techniques. This project investigates how to extract critical attack attributes, synthesize novel attack sequences, and reveal potential threats to critical assets in a timely manner. The project uses machine learning techniques to simultaneously identify new attack types and observed events that could identify those attacks.

group_project

Visible to the public TWC: TTP Option: Medium: Collaborative: MALDIVES: Developing a Comprehensive Understanding of Malware Delivery Mechanisms

Submitted by Vinod Yegneswaran on Wed, 10/25/2017 - 4:34pm

The cybercriminal community is inarguably more organized, better resourced and more motivated than ever to perpetrate massive-scale computer infections across the Internet. The malware distribution systems that they control and operate are characterized by their use of highly specialized suppliers and commoditized malware services.

group_project

Visible to the public TWC: Small: Privacy Preserving Cooperation among Microgrids for Efficient Load Management on the Grid

Submitted by Yuan Hong on Wed, 10/25/2017 - 12:14pm

Smart grid integrates sensors and communication infrastructure into the existing power grid to enable operational intelligence. The concept of microgrid is emerging in conjunction with the smart grid wherein small segments of the grid can be isolated into self-sufficient islands to feed their own demand load with their local energy, e.g., wind, solar.

group_project

Visible to the public TWC: Medium: Collaborative: Security and Privacy for Wearable and Continuous Sensing Platforms

Submitted by Serge Egelman on Wed, 10/25/2017 - 8:50am

This research project studies security and privacy for wearable devices. Wearable computing is poised to become widely deployed throughout society. These devices offer many benefits to end users in terms of realtime access to information and the augmentation of human memory, but they are also likely to introduce new and complex privacy and security problems. People who use wearable devices need assurances that their privacy will be respected, and we also need ways to minimize the potential for wearable devices to intrude on the privacy of bystanders and others.

group_project

Visible to the public TWC: Medium: Collaborative: Scaling and Prioritizing Market-Sized Application Analysis

Submitted by Somesh Jha on Wed, 10/25/2017 - 8:47am

The emergence of smartphones and more generally mobile platforms as a vehicle for communication, entertainment, and commerce has led to a revolution of innovation. Markets now provide a dizzying array of applications that inform and aid every conceivable human need or desire. At the same time, application markets allow previously unknown multitudes of application developers access to user devices through fast- tracked software publishing with well-documented consequent security concerns.

group_project

Visible to the public TWC: Medium: Collaborative: HIMALAYAS: Hierarchical Machine Learning Stack for Fine-Grained Analysis of Malware Domain Groups

Submitted by Vinod Yegneswaran on Wed, 10/25/2017 - 7:58am

The domain name system (DNS) protocol plays a significant role in operation of the Internet by enabling the bi-directional association of domain names with IP addresses. It is also increasingly abused by malware, particularly botnets, by use of: (1) automated domain generation algorithms for rendezvous with a command-and-control (C&C) server, (2) DNS fast flux as a way to hide the location of malicious servers, and (3) DNS as a carrier channel for C&C communications.

group_project

Visible to the public TWC: Medium: Collaborative: Extending Smart-Phone Application Analysis

Submitted by Somesh Jha on Wed, 10/25/2017 - 7:50am

This research is focused on the creation of new techniques and algorithms to support comprehensive analysis of Android applications. We have developed formally grounded techniques for extracting accurate models of smartphone applications from installation images. The recovery formalization is based on TyDe, a typed meta-representation of Dalvik bytecode (the code structure used by the Android smartphone operating system).

group_project

Visible to the public TWC SBES: Medium: Utility for Private Data Sharing in Social Science

Submitted by Daniel Kifer on Mon, 10/23/2017 - 11:29pm

One of the keys to scientific progress is the sharing of research data. When the data contain information about human subjects, the incentives not to share data are stronger. The biggest concern is privacy - specific information about individuals must be protected at all times. Recent advances in mathematical notions of privacy have raised the hope that the data can be properly sanitized and distributed to other research groups without revealing information about any individual. In order to make this effort worthwhile, the sanitized data must be useful for statistical analysis.