Systems

group_project

Visible to the public TWC: Medium: Handling a Trillion Unfixable Flaws on Billions of Internet-of-Things

The Internet-of-Things (IoT) has quickly moved from concept to reality, with estimates that the number of deployed IoT devices will rise to 25 billion in 2020. However, studies show that many IoT devices have serious security vulnerabilities. Moreover, the limitations of IoT devices and scale of networks of IoT devices often make traditional IT security approaches impractical.

group_project

Visible to the public TWC: Medium: Collaborative: Systems, Tools, and Techniques for Executing, Managing, and Securing SGX Programs

The Intel Software Guard Extensions (SGX) is a new technology introduced to make secure and trustworthy computing in a hostile environment practical. However, SGX is merely just a set of instructions. Its software support that includes the OS support, toolchain and libraries, is currently developed in a closed manner, limiting its impact only within the boundary of big companies such as Intel and Microsoft. Meanwhile, SGX does not automatically secure everything and it still faces various attacks such as controlled-side channel and enclave memory corruption.

group_project

Visible to the public TWC: Medium: Collaborative: Security and Privacy for Wearable and Continuous Sensing Platforms

This research project studies security and privacy for wearable devices. Wearable computing is poised to become widely deployed throughout society. These devices offer many benefits to end users in terms of realtime access to information and the augmentation of human memory, but they are also likely to introduce new and complex privacy and security problems. People who use wearable devices need assurances that their privacy will be respected, and we also need ways to minimize the potential for wearable devices to intrude on the privacy of bystanders and others.

group_project

Visible to the public TWC: Medium: Collaborative: Retrofitting Software for Defense-in-Depth

The computer security community has long advocated the concept of building multiple layers of defense to protect a system. Unfortunately, it has been difficult to realize this vision in the practice of software development, and software often ships with inadequate defenses, typically developed in an ad hoc fashion.

group_project

Visible to the public TWC: Large: Collaborative: Living in the Internet of Things

More and more objects used in daily life have Internet connectivity, creating an "Internet of Things" (IoT). Computer security and privacy for an IoT ecosystem are fundamentally important because security breaches can cause real and significant harm to people, their homes, and their community.

group_project

Visible to the public TWC: Small: Automated Security Testing for Applications Integrating Third-Party Services

Modern web and mobile applications increasingly rely on code and services from multiple parties, including services that provide security-critical functions like authentication, payments, and sharing. Developers often make mistakes in integrating these services into their applications that lead to serious security vulnerabilities. These integration failures are mainly due to failures to understand and ensure assumptions necessary for secure use of the external service.

group_project

Visible to the public SaTC: An Architecture for Restoring Trust in Our Personal Computing Systems

Computers today are so complex and opaque that a user cannot possibly hope to know, let alone trust, everything occurring within the machine. While software security techniques help ensure the integrity of user computations, they are only as trustworthy as the underlying hardware. Even though many proposals provide some relief to the problem of hardware trust, the user must ultimately rely on the assurances of other parties. This work restores hardware trust through a simple, small, and slow pluggable hardware element.

group_project

Visible to the public CAREER: Bridging the Semantic Gap in Virtualization-based Security Solutions via Collaboration between Guest OS and Virtual Machine

In the last ten years virtual machines (VMs) have been extensively used for security-related applications, such as intrusion detection systems, malicious software (malware) analyzers and secure logging and replay of system execution. A VM is high-level software designed to emulate a computer's hardware. In the traditional usage model, security solutions are placed in a VM layer, which has complete control of the system resources. The guest operating system (OS) is considered to be easily compromised by malware and runs unaware of virtualization.