Systems

group_project

Visible to the public TWC: Small: A platform for enhancing security of binary code

Submitted by Ramasubramanian S... on Thu, 10/12/2017 - 12:56pm

Cyberattacks are enabled by software vulnerabilities that allow attackers to plant software exploits. As old vulnerabilities are found and fixed, attackers continue to find new ones. As a result, software vendors, system administrators and security professionals have come to rely increasingly on techniques that insert additional code into software for detecting and/or blocking cyber attacks in progress.

group_project

Visible to the public NSFSaTC-BSF: TWC: Small: Practical Plausibly Deniable Encryption through Low-Level Storage Device Behavior

Submitted by Radu Sion on Wed, 10/11/2017 - 1:25pm

Plausibly deniable encryption is the ability to hide that given data is on a device, whether the ability exists to decrypt it, or even that the data exists. Plausible deniability is a powerful property to protect data on devices the user has lost physical control over, such as protecting consumers from accidental mass disclosures of private data through misplaced devices. This issue is of particular concern for anyone who travels internationally with sensitive data, including human rights workers, diplomats, military personnel, or even business travelers.

group_project

Visible to the public TTP: Medium: A Campus Pilot For A Privacy-Enabled Cloud Storage, Search, and Collaboration Portal for Education

Submitted by Radu Sion on Wed, 10/11/2017 - 1:23pm

As higher education institutions consider moving services to the cloud to save costs and improve collaboration, significant challenges to successful large-scale adoption still exist. Institutions are unwilling to risk cloud deployment because provable technological defenses have thus far been lacking. Control over sensitive data is relinquished without the institution's knowledge, liability is shifted and data breach risks are significantly increased. Further, regulatory-sensitive data has become an increasingly attractive target.

group_project

Visible to the public TWC: TTP Option: Large: Collaborative: Towards a Science of Censorship Resistance

Submitted by Phillipa Gill on Wed, 10/11/2017 - 12:58pm

The proliferation and increasing sophistication of censorship warrants continuing efforts to develop tools to evade it. Yet, designing effective mechanisms for censorship resistance ultimately depends on accurate models of the capabilities of censors, as well as how those capabilities will likely evolve. In contrast to more established disciplines within security, censorship resistance is relatively nascent, not yet having solid foundations for understanding censor capabilities or evaluating the effectiveness of evasion technologies.

group_project

Visible to the public TWC: Small: Collaborative: Towards Agile and Privacy-Preserving Cloud Computing

Submitted by Peng Liu on Wed, 10/11/2017 - 12:47pm

Cloud computing offers many benefits to users, including increased availability and flexibility of resources, and efficiency of equipment. However, privacy concerns are becoming a major barrier to users transitioning to cloud computing. The privilege design of existing cloud platforms creates great challenges in ensuring the trustworthiness of cloud by granting too much power to the cloud administrators, who could launch serious insider attacks by abusing the administrative privileges.

group_project

Visible to the public GREPSEC III: Underrepresented Groups in Security Research

Submitted by tbenzel on Wed, 10/11/2017 - 1:16am

This proposal provides funding for the third GREPSEC: Underrepresented Groups in Security Research workshop, which will held in May 2017, in San Jose CA. This day-and-a-half-long workshop intended for women and underrepresented minorities in computer security and privacy, will be co-located with the IEEE Computer Society's Security and Privacy Symposium, the premier conference in security.

group_project

Visible to the public EDU: Developing Open Authentic Case Studies for a MS in Cybersecurity Capstone Course

Submitted by Grandon Gill on Wed, 10/11/2017 - 12:36am

The project will develop a case method capstone course for a new multidisciplinary Master's degree program in Cybersecurity at the University of South Florida (USF). It extends a project that focused on developing a capstone course for an undergraduate program employing the case method pedagogy. That study demonstrated the feasibility of building a course entirely around discussions of local case studies and demonstrated positive learning outcomes using a variety of instruments.

group_project

Visible to the public EDU: Collaborative: Using Virtual Machine Introspection for Deep Cyber Security Education

Submitted by zlin61 on Wed, 10/11/2017 - 12:31am

Cybersecurity is one of the most strategically important areas in computer science, and also one of the most difficult disciplines to teach effectively. Historically, hands-on cyber security exercises helped students reinforce basic concepts, but most of them focused on user level attacks and defenses. Since OS kernels provide the foundations to the applications, any compromise to OS kernels will lead to an entirely untrusted computing. Therefore, it is imperative to teach students the practice of kernel level attacks and defenses.

group_project

Visible to the public EDU: Collaborative: Integrating Embedded Systems Security into Computer Engineering and Science Curricula

Submitted by Ning Weng on Tue, 10/10/2017 - 11:42am

With the advancement of technologies, networked devices become ubiquitous in the society. Such devices are not limited to traditional computers and smart phones, but are increasingly extended to cover a wide variety of embedded systems (ES), such as sensors monitoring bridges, electronics controlling the operation of automobiles and industrial equipment, home medicine devices that are constantly reporting patient health information to doctors.

group_project

Visible to the public EAGER: Collaborative: Algorithmic Framework for Anomaly Detection in Interdependent Networks

Submitted by Nina Fefferman on Tue, 10/10/2017 - 11:40am

Modern critical infrastructure relies on successful interdependent function among many different types of networks. For example, the Internet depends on access to the power grid, which in turn depends on the power-grid communication network and the energy production network. For this reason, network science researchers have begun examining the robustness of critical infrastructure as a network of networks, or a multilayer network. Research in network anomaly detection systems has focused on single network structures (specifically, the Internet as a single network).