Systems

group_project

Visible to the public SaTC: CORE: Small: Preventing Web Side-channel Attacks via Atomic Determinism

Web browsers are vulnerable to side-channel attacks, which usually play an important, first-step role in jump-starting a chain of attacks. For example, a web-level precise clock can help adversaries to break operating system level memory protection mechanisms, such as address-space layout randomization (ASLR). Browser fingerprinting, a variation of web side channels, can be used to obtain users' private information for launching social engineering attacks.

group_project

Visible to the public CRII: SaTC: Preempting Physical Damage from Control-related Attacks on Smart Grids' Cyber-Physical Infrastructure

Control-related attacks are a severe threat to cyber-physical systems (CPSs) such as smart grids, because they can introduce catastrophic physical damage by using malicious control commands crafted in a legitimate format. While current research efforts have focused on detecting malicious commands that lead to physical damage, the investigator proposes to preemptively prevent the damage by disrupting and misleading adversaries' preparation before they issue the malicious commands.

group_project

Visible to the public SaTC: NSF-BSF: CORE: Small: Attacking and Defending the Lifespan of Mobile and Embedded Flash Storage

This project explores approaches to attack and defend the lifespan of flash storage in small mobile devices. While the project focuses on smartphones, the research is applicable to any small flash-based device that allows users to install applications, including smart watches, Internet-of-Things (IoT) devices, computerized medical equipment, and computer-managed critical infrastructure. It is well understood that, over time, writing to flash storage will physically wear out the device. This problem is considered a nonissue with respect to enterprise Solid State Drives (SSDs).

group_project

Visible to the public  EDU: Collaborative: Using Virtual Machine Introspection for Deep Cyber Security Education

Cybersecurity is one of the most strategically important areas in computer science, and also one of the most difficult disciplines to teach effectively. Historically, hands-on cyber security exercises helped students reinforce basic concepts, but most of them focused on user level attacks and defenses. Since OS kernels provide the foundations to the applications, any compromise to OS kernels will lead to an entirely untrusted computing. Therefore, it is imperative to teach students the practice of kernel level attacks and defenses.

group_project

Visible to the public SaTC-EDU: EAGER: Peer Instruction for Cybersecurity Education

Engineering a secure IT system, in addition to technical skills, requires a particular mindset focused on using cybersecurity solutions effectively against sophisticated and stealthy cyber attacks. The traditional lecture-centric style of teaching has failed to deliver that mindset, which is the direct result of an over-emphasis on specific technical skills (with limited lifespan and insufficient technical depth), abstract rather than deeply technical examination of fundamental concepts, and an impatience in developing broader analytical skills.

group_project

Visible to the public TWC: TTP Option: Small: Collaborative: SRN: On Establishing Secure and Resilient Networking Services

Almost every organization depends on cloud-based services. The backend of cloud-based services are designed for multiple tenants and reside in data centers spread across multiple physical locations. Network security and security management are major hurdles in such a complex, shared environment. This research investigates mitigating the security challenges by taking a moving target defense (MTD) approach.

group_project

Visible to the public  TWC: Medium: Language-Hardware Co-Design for Practical and Verifiable Information Flow Control

Current cloud computing platforms, mobile computing devices, and embedded devices all have the security weakness that they permit information flows that violate the confidentiality or integrity of information. This project explores an integrated approach in which software and hardware are co-designed with strong, comprehensive, verifiable security assurance. The goal is to develop a methodology for designing systems in which all forms of information flow are tracked, at both the hardware and software levels, and between these levels.

group_project

Visible to the public TWC: Small: Practical Assured Big Data Analysis in the Cloud

The use of "cloud technologies" presents a promising avenue for the requirements of big data analysis. Security concerns however represent a major impediment to the further adoption of clouds: through the sharing of cloud resources, an attack succeeding on one node can tamper with many applications sharing that node.

group_project

Visible to the public Forum on Cyber Resilience

This project provides support for a National Academies Roundtable, the Forum on Cyber Resilience. The Forum will facilitate and enhance the exchange of ideas among scientists, practitioners, and policy makers concerned with the resilience of computing and communications systems, including the Internet, critical infrastructure, and other societally important systems.

group_project

Visible to the public TWC: Small: Developing Advanced Digital Forensic Tools Based on Network Stack Side Channels

This project is developing the next generation of network measurement tools for penetration testers, digital forensics experts, and other cybersecurity professionals who sometimes need to know more about the Internet or a specific network. It is developing techniques based on TCP/IP side channel inferences, where it is possible to infer something about a remote machine's view of the network based on the use of shared, limited resources.