Systems

group_project

Visible to the public SaTC: STARSS: Collaborative: IPTrust: A Comprehensive Framework for IP Integrity Validation

Submitted by Swarup Bhunia on Wed, 10/18/2017 - 11:20am

To reduce production cost while meeting time-to-market constraints, semiconductor companies usually design hardware systems with reusable hardware modules, popularly known as Intellectual Property (IP) blocks. Growing reliance on these hardware IPs, often gathered from untrusted third-party vendors, severely affects the security and trustworthiness of the final system. The hardware IPs acquired from external sources may come with deliberate malicious implants, undocumented interfaces working as hidden backdoor, or other integrity issues.

group_project

Visible to the public SaTC: Hardware-Assisted Methods for Operating System Integrity

Submitted by Vinod Ganapathy on Wed, 10/18/2017 - 11:09am

Operating systems (OS) form the core of the trusted computing base on most computer platforms. The security of a platform therefore crucially relies on the correct and secure operation of its OS. Unfortunately, malicious software such as rootkits infect the OS by compromising the integrity of its code and data, thereby jeopardizing the security of the entire platform.

group_project

Visible to the public TWC: Small: Collaborative: Automated Detection and Repair of Error Handling Bugs in SSL/TLS Implementations

Submitted by Baishakhi Ray on Mon, 10/16/2017 - 6:16pm

Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocols are critical to internet security. However, the software that implements SSL/TLS protocols is especially vulnerable to security flaws and the consequences can be disastrous. A large number of security flaws in SSL/TLS implementations (such as man-in-the-middle attacks, denial-of-service attacks, and buffer overflow attacks) result from incorrect error handling.

group_project

Visible to the public TWC: Medium: Collaborative: Distribution-Sensitive Cryptography

Submitted by Ari Juels on Mon, 10/16/2017 - 4:52pm

Contemporary encryption schemes are almost exclusively distribution-agnostic. Their security properties are independent of the statistical characteristics of plaintexts, and the output of these schemes are ciphertexts that are uniformly distributed bit strings, irrespective of use case. While conceptually simple, such encryption schemes fail to meet basic, real-world requirements and have left longstanding functional gaps in key security applications.

group_project

Visible to the public TWC: Small: Time-Centric Modeling of Correct Behaviors for Efficient Non-intrusive Runtime Detection of Unauthorized System Actions

Submitted by Roman Lysecky on Mon, 10/16/2017 - 3:49pm

Embedded computing systems are found at the heart of medical devices, automotive systems, smartphone, etc. Securing these embedded systems is a significant challenge that requires new methods that address the power, time, and cost requirements under which these systems operate. Because embedded systems must meet precise time requirements, detecting changes in timing can indicate the presence of malware. This research investigates new models for capturing the expected behavior of embedded systems, in which time requirements play a pivotal role.

group_project

Visible to the public CAREER: UCPriv: User-Centric Privacy Management

Submitted by Adam Lee on Mon, 10/16/2017 - 11:15am

To date, the application of quantitative security and privacy metrics metrics has seen its greatest successes when exploring the worst-case properties of a system. That is, given a powerful adversary, to what extent does the system preserve some relevant set of properties? While such analyses allow experts to build systems that are resistant to strong attackers, many deployed systems were not designed in this manner. In fact, there is growing evidence that users' privacy is routinely compromised as a byproduct of using social, participatory, and distributed applications.

group_project

Visible to the public EDU: Collaborative: Educating the Security Workforce through On-Demand Live Competitions

Submitted by Adam Doupe on Thu, 10/12/2017 - 6:28pm

The United States is facing a cyber-security crisis. Recent studies predict a shortfall of 1.5M global information security jobs by 2020. The lack of qualified cyber-security workforce gives rise to high-profile security incidents. In addition, attacks against the nation's critical infrastructure can have devastating effect that go well beyond the financial losses that we are witnessing today.

group_project

Visible to the public EDU: QuaSim: A Virtual Interactive Quantum Cryptography Educator-A Project-based Gamified Educational Paradigm

Submitted by Abhishek Parakh on Thu, 10/12/2017 - 5:58pm

Video-based traffic monitoring systems have been widely used for traffic management, incident detection, intersection control, and public safety operations. Current designs pose critical challenges. First, it relies heavily on human operators to monitor and analyze video images. Second, commercially available computer vision technologies cannot satisfactorily handle severe conditions, such as weather and glare, which significantly impair video image quality.

group_project

Visible to the public TWC: TTP Option: Frontier: Collaborative: MACS: A Modular Approach to Cloud Security

Submitted by Ran Canetti on Thu, 10/12/2017 - 3:13pm

The goal of the Modular Approach to Cloud Security (MACS) project is to develop methods for building information systems with meaningful multi-layered security guarantees. The modular approach of MACS focuses on systems that are built from smaller and separable functional components, where the security of each component is asserted individually, and where the security of the system as a whole can be derived from the security of its components. The project concentrates on building outsourced, cloud-based information services with client-centric security guarantees.