Systems

group_project

Visible to the public TWC: Medium: Collaborative: Measurement and Analysis Techniques for Internet Freedom on IP and Social Networks

This project studies Internet censorship using novel measurement techniques, ranging from low-level packet filtering on Internet Protocol (IP) networks to high-level censorship of social media content. Collectively these techniques can provide greater situational awareness of censorship dynamics. The project focuses on a suite of advanced inference techniques for when ?direct observation?

group_project

Visible to the public TWC: Frontier: Collaborative: Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives

This project tackles the social and economic elements of Internet security: how the motivations and interactions of attackers, defenders, and users shape the threats we face, how they evolve over time, and how they can best be addressed. While security is a phenomenon mediated by the technical workings of computers and networks, it is ultimately a conflict driven by economic and social issues that merit a commensurate level of scrutiny.

group_project

Visible to the public TWC: Small: Managing User-Level Compromises in Enterprise Networks

Organizations need to protect their computer systems from attackers. They often group their own computers into risk pools to reduce threat propagation and monitor the communication between these groups. Unfortunately, this boundary monitoring is unable to see traffic within groups and, since each monitor is segmented, they cannot form a holistic picture of the entire network. Finally, modern approaches must examine network traffic in isolation, without the ability to know what action on the originating computer caused it.

group_project

Visible to the public TWC: Frontier: Collaborative: Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives

This project tackles the social and economic elements of Internet security: how the motivations and interactions of attackers, defenders, and users shape the threats we face, how they evolve over time, and how they can best be addressed. While security is a phenomenon mediated by the technical workings of computers and networks, it is ultimately a conflict driven by economic and social issues that merit a commensurate level of scrutiny.

group_project

Visible to the public CAREER: At-scale Analysis of Issues in Cyber-Security and Software Engineering

One of the most significant challenges in cybersecurity is that humans are involved in software engineering and inevitably make security mistakes in their implementation of specifications, leading to software vulnerabilities. A challenge to eliminating these mistakes is the relative lack of empirical evidence regarding what secure coding practices (e.g., secure defaults, validating client data, etc.), threat modeling, and educational solutions are effective in reducing the number of application-level vulnerabilities that software engineers produce.

group_project

Visible to the public TWC: TTP Option: Small: Investigating Stealthy Hardware Trojans

Many systems ranging from consumer electronics to military equipment are dependent on integrated circuits (ICs). Thus, if the underlying IC in a system is maliciously manipulated by a hardware trojan, then the security of the entire system can be compromised. This project investigates hardware Trojans that do not rely on additional logic to affect security.

group_project

Visible to the public TWC: Medium: Collaborative: Retrofitting Software for Defense-in-Depth

The computer security community has long advocated the concept of building multiple layers of defense to protect a system. Unfortunately, it has been difficult to realize this vision in the practice of software development, and software often ships with inadequate defenses, typically developed in an ad hoc fashion.

group_project

Visible to the public TWC: Medium: Apollo: An Architecture for Scalable Verifiable Computing

Cloud computing enables computationally limited parties to outsource the storage of, and computation on, massive amounts of data. Such outsourced computations, however, might be performed incorrectly, due to implementation errors or malicious behavior. Protocols for verifiable computation allow an untrusted server performing such computations to also provide succinct proofs that the returned results are correct.

group_project

Visible to the public  STARSS: Small: Automatic Synthesis of Verifiably Secure Hardware Accelerators

Specialized hardware accelerators are growing in popularity across the computing spectrum from mobile devices to datacenters. These special-purpose hardware engines promise significant improvements in computing performance and energy efficiency that are essential to all aspects of modern society. However, hardware specialization also comes with added design complexity and introduces a host of new security challenges, which have not been adequately explored.

group_project

Visible to the public CRII: SaTC: Energy Efficient Participatory Data Collection Schemes and Context-Aware Incentives for Trustworthy Crowdsensing via Mobile Social Networks

In a crowdsensing system, energy efficient data collection is a primary concern for mobile sensing service providers (i.e., mobile users offering sensing as a service via built-in sensors on their mobile devices) in order to maximize battery life whereas trustworthiness is a primary concern for the end users. The proposed research will simultaneously address energy-efficient data collection and context-aware incentives to both minimize power consumption and maximize data trustworthiness.