Networking, wireless

group_project

Visible to the public TWC: TTP Option: Medium: Collaborative: Identifying and Mitigating Trust Violations in the Smartphone Ecosystem

Submitted by Giovanni Vigna on Mon, 11/13/2017 - 8:21am

The adoption of smartphones has steadily increased in the past few years, and smartphones have become the tool with which millions of users handle confidential information, such as financial and health-related data. As a result, these devices have become attractive targets for cybercriminals, who attempt to violate the trust assumptions underlying the smartphone platform in order to compromise the security and privacy of users.

group_project

Visible to the public TWC: Small: Collaborative: Towards Energy-Efficient Privacy-Preserving Active Authentication of Smartphone Users

Submitted by Gang Zhou on Mon, 11/13/2017 - 7:54am

Common smartphone authentication mechanisms such as PINs, graphical passwords, and fingerprint scans offer limited security. They are relatively easy to guess or spoof, and are ineffective when the smartphone is captured after the user has logged in. Multi-modal active authentication addresses these challenges by frequently and unobtrusively authenticating the user via behavioral biometric signals, such as touchscreen interaction, hand movements, gait, voice, and phone location.

group_project

Visible to the public TWC: Medium: Limits and Algorithms for Covert Communications

Submitted by Donald Towsley on Tue, 11/07/2017 - 7:03am

Security and privacy are prominent concerns in modern communications. Although cryptographic approaches have been widely studied to protect a message's content from deciphering by an eavesdropper, there are many times when hiding the very existence of the communication is critical. The hiding of communication, termed covert (private) communication, is important in many domains such as covert military operations, and removing the ability of users to be tracked in their everyday activities.

group_project

Visible to the public SaTC-EDU: EAGER: INCUBATE - INjecting and assessing Cybersecurity edUcation with little internal suBject mATter Expertise

Submitted by David Voorhees on Tue, 10/31/2017 - 5:49am

This project will develop novel ways to teach cybersecurity topics. It is challenging for computer science (CS) programs with limited faculty resources to cover the breadth and depth of the discipline. The challenge increases as CS curriculum guidelines places more emphasis on emerging areas such as cybersecurity.

group_project

Visible to the public  TWC: Small: Safeguarding Mobile Cloud Services: New Challenges and Solutions

Submitted by XiaoFeng Wang on Wed, 10/25/2017 - 12:16pm

Mobile cloud technologies have begun to rely heavily on services known as Mobile Back-end as a Service (MBaaS), including push messaging, data synchronization, and mobile identity management. Many of today's popular apps have already integrated push messaging services such as Google Cloud Messaging (GCM), Amazon Device Messaging (ADM), and third parties like Baidu, to enable the apps to receive notifications such as private messages, financial secrets or family members' locations.

group_project

Visible to the public TWC: Small: Exposing Attack Vectors and Identifying Defense Solutions for Data Cellular Networks

Submitted by Zhuoqing Mao on Wed, 10/25/2017 - 11:45am

This project addresses several key emerging security challenges that arise due to the wildly successful large-scale adoption of mobile devices with diverse network capabilities. The novel approach focuses on to understanding how various information that are legitimately and willingly provided by smartphone users due to the requested permissions of downloaded applications can be potentially abused. The second research focus is to identify improvements in the design of cellular network middlebox (e.g., firewall) policies by detailed exposure and explicitly defining the key requirements.

group_project

Visible to the public TWC: Small: Collaborative: Cellular Network Services in Peril: A Perspective on Control-Plane and Data-Plane Design

Submitted by Songwu Lu on Wed, 10/25/2017 - 9:29am

The cellular network is the largest wireless infrastructure deployed today. It offers users mobile Internet access and carrier-grade voice service. Each such service (e.g., data or voice) typically involves operations on both data and control planes. The former transfers service content to users, whereas the latter performs control functions of service instantiation, maintenance, update, and termination. Securing control and data planes is thus critical to mobile network service.

group_project

Visible to the public TWC: Medium: Hardware Trojans in Wireless Networks - Risks and Remedies

Submitted by Yiorgos Makris on Wed, 10/25/2017 - 9:06am

This project investigates the risks instigated by malicious hardware modifications (hardware Trojans) in the nodes of a wireless network and aims to develop remedies, thereby enabling secure deployment and fostering technology trustworthiness. Due to the lack of assurance mechanisms in the globalized integrated circuit (IC) supply chain, hardware Trojans have recently become the topic of intensified concern.

group_project

Visible to the public TTP: Medium: Securing the Wireless Philadelphia Network

Submitted by Steven Weber on Thu, 10/19/2017 - 10:56pm

The Wireless Philadelphia Network (WPN) is a metropolitan?area network (MAN) consisting of thousands of Tropos 5210 wireless mesh routers distributed across the entire city of Philadelphia and connected by a fiber backbone. This project is employing this network as a testbed to investigate three diverse security challenges facing any large-scale wireless network servicing a heterogeneous population.