Mathematics and statistics
group_project
Submitted by scyang on Wed, 10/25/2017 - 4:41pm
Network attacks are increasingly complex and fast-evolving. A single attack may use multiple reconnaissance, exploit, and obfuscation techniques. This project investigates how to extract critical attack attributes, synthesize novel attack sequences, and reveal potential threats to critical assets in a timely manner. The project uses machine learning techniques to simultaneously identify new attack types and observed events that could identify those attacks.
group_project
Submitted by Stephen Miller on Wed, 10/25/2017 - 9:12am
Cryptography is a fundamental part of cybersecurity, both in designing secure applications as well as understanding how truly secure they really are. Traditionally, the mathematical underpinnings of cryptosystems were based on difficult problems involving whole numbers (most famously, the apparent difficulty of factoring a product of two unknown primes back into those prime factors). More recently, several completely new types of cryptography have been proposed using the mathematical properties of lattices.
group_project
Submitted by Daniel Bernstein on Mon, 10/23/2017 - 7:45pm
OpenSSH reveals excerpts from encrypted login sessions. TLS (HTTPS) reveals encrypted PayPal account cookies. DTLS is no better. EAXprime allows instantaneous forgeries. RFID security has been broken again and again. All of these failures of confidentiality and integrity are failures of authenticated ciphers: algorithms that promise to encrypt and authenticate messages using a shared secret key.
group_project
Submitted by Dan Boneh on Mon, 10/23/2017 - 7:26pm
The Center for Encrypted Functionalities (CORE) tackles the deep and far-reaching problem of general-purpose "program obfuscation," which aims to enhance cybersecurity by making an arbitrary computer program unintelligible while preserving its functionality.
group_project
Submitted by Steven Weber on Thu, 10/19/2017 - 10:56pm
The Wireless Philadelphia Network (WPN) is a metropolitan?area network (MAN) consisting of thousands of Tropos 5210 wireless mesh routers distributed across the entire city of Philadelphia and connected by a fiber backbone. This project is employing this network as a testbed to investigate three diverse security challenges facing any large-scale wireless network servicing a heterogeneous population.
group_project
Submitted by Yaoyun Shi on Thu, 10/19/2017 - 10:48pm
The problem of ensuring that computer hardware is not surreptitiously malicious is a growing concern. The case of random number generators (RNGs) is particularly important because random numbers are foundational to information security. All current solutions in practice require trusting the hardware, and are therefore vulnerable to hardware attacks. This project explores a quantum-based solution to hardware security by designing and implementing a new class of RNGs that can prove their own integrity to the user.
group_project
Submitted by Cedric Langbort on Wed, 10/18/2017 - 6:05pm
As cyber-socio-physical and infrastructure systems are increasingly relying on data and integrating an ever-growing range of disparate, sometimes unconventional, and possibly untrusted data sources, there is a growing need to consider the problem of estimation in the presence of strategic and/or self-interested sensors. This class of problems, called "strategic information transmission" (SIT), differs from classical fault-tolerant estimation since the sensors are not merely failing or malfunctioning, but are actively trying to mislead the estimator for their own benefit.
group_project
Submitted by Boaz Barak on Wed, 10/18/2017 - 1:35pm
This project investigates the foundational computational underpinnings of secure systems. Cryptographic constructions such as encryption, signatures, and more rely for their security on the conjectured computational difficulty of certain problems. For example, many public key encryption currently in use would be broken if someone discovered an efficient algorithm to factor large integers. Unfortunately, the current state of art is that we are unable to prove that these problems are truly hard, and so need to rely on unproven conjectures.
group_project
Submitted by Theodore Allen on Wed, 10/18/2017 - 11:33am
Researchers have found that over 90% of successful cyber attacks exploit vulnerabilities that could have been fixed with available patches. Vulnerabilities can be weak passwords or software with bugs on personal computers, mobile devices, or printers. Yet, decision-making about manually applying patches is difficult. First, a substantial fraction of vulnerabilities are fixed each month by automatic patching. Second, applying patches can have side-effects, making software unusable. Third, organizations have limited abilities to estimate the profit from applying patches.
group_project
Submitted by Abhishek Parakh on Thu, 10/12/2017 - 5:58pm
Video-based traffic monitoring systems have been widely used for traffic management, incident detection, intersection control, and public safety operations. Current designs pose critical challenges. First, it relies heavily on human operators to monitor and analyze video images. Second, commercially available computer vision technologies cannot satisfactorily handle severe conditions, such as weather and glare, which significantly impair video image quality.
