Usability

group_project

Visible to the public TWC: Large: Collaborative: Living in the Internet of Things

Submitted by Tadayoshi Kohno on Tue, 10/24/2017 - 12:51pm

More and more objects used in daily life have Internet connectivity, creating an "Internet of Things" (IoT). Computer security and privacy for an IoT ecosystem are fundamentally important because security breaches can cause real and significant harm to people, their homes, and their community.

group_project

Visible to the public TWC SBE: TTP Option: Medium: Collaborative: EPICA: Empowering People to Overcome Information Controls and Attacks

Submitted by Wenke Lee on Mon, 10/23/2017 - 1:48pm

This project studies the security of representative personalized services, such as search engines, news aggregators, and on-line targeted advertising, and identifies vulnerabilities in service components that can be exploited by pollution attacks to deliver contents intended by attackers.

group_project

Visible to the public CAREER: Contextual Protection for Private Data Storage and Retrieval

Submitted by Christopher Kanich on Wed, 10/18/2017 - 6:26pm

This research is building an understanding of what data is useful to attackers and what data is private for its legitimate owners so that security systems can incorporate these values into a data-driven, defense-in-depth approach to securing our digital lives. We are exploiting the fact that both users and attackers must sift through vast amounts of data to find useful information.

group_project

Visible to the public SBE: Small: Continuous Human-User Authentication by Induced Procedural Visual-Motor Biometrics

Submitted by Yong Guan on Wed, 10/18/2017 - 10:29am

Validating a user's identity is one of the fundamental security requirements in cyberspace. Current authentication approaches require people to create and remember secret credentials such as complex passwords, or to possess special hardware authentication tokens. Both are vulnerable to being compromised, or illegally shared. Even worse, authentication is typically supported solely at the start of a session.

group_project

Visible to the public  TWC: Small: User Behavior Modeling and Prediction in Anonymous Social Networks

Submitted by Ben Zhao on Tue, 10/17/2017 - 3:59pm

Human beings are diverse, and their online behavior is often unpredictable. In today's data-driven world, providers of online services are collecting detailed and comprehensive server-side traces of user activity. These records or logs include detailed, timestamped logs of actions taken by users, often called clickstreams. Given their scale and level of detail, clickstreams present an enormous opportunity for research into user behavioral analysis and modeling.

group_project

Visible to the public EAGER: Collaborative: PRICE: Using process tracing to improve household IoT users' privacy decisions

Submitted by Bart Knijnenburg on Tue, 10/17/2017 - 12:54pm

Household Internet-of-Things (IoT) devices are intended to collect information in the home and to communicate with each other, to create powerful new applications that support our day-to-day activities. Existing research suggests that users have a difficult time selecting their privacy settings on such devices. The goal of this project is to investigate how, why and when privacy decisions of household IoT users are suboptimal, and to use the insights from this research to create and test a simple single user interface that integrates privacy settings across all devices within a household.

group_project

Visible to the public TTP: Medium: Democratizing Secure Password Management

Submitted by Ari Juels on Mon, 10/16/2017 - 3:45pm

The theft of passwords and other user credentials from online services has become an epidemic, with password breaches regularly impacting large user populations and leaving both consumers and businesses vulnerable to attack. A number of research results point the way toward methods that could greatly improve the security of password systems. There is thus both an urgent need and a clear opportunity to transform the general state of industry practice in password management. Toward this end, the researchers build an easy-to-deploy password-protection system called PASS.

group_project

Visible to the public TWC SBE: Medium: Collaborative: A Socio-Technical Approach to Privacy in a Camera-Rich World

Submitted by Apu Kapadia on Mon, 10/16/2017 - 3:26pm

Cameras are now pervasive on consumer devices, including smartphones, laptops, tablets, and new wearable devices like Google Glass and the Narrative Clip lifelogging camera.

group_project

Visible to the public TWC SBE: TTP Option: Small: A User-Tailored Approach to Privacy Decision Support

Submitted by alfredkobsa on Mon, 10/16/2017 - 12:50pm

Numerous surveys find that Internet users want to limit the personal data that is being collected about them, as well as control the usage of their data. Existing and proposed regulation in the U.S. accords users such rights, in the form of a "transparency and control" obligation on personal data collectors: users should be informed about the rationale of requests for personal data so that they can make an informed decision on whether or not to disclose their data.