CRII

group_project

Visible to the public CRII: SaTC: A System for Privacy Management in Ubiquitous Environments

As mobile and network technologies proliferate, so does society's awareness of the vulnerability of private data within cyberspace. Protecting private information becomes specially important, since researchers estimate that 87% of Americans can be identified by name and address, if their zip code, gender, and birthday are known to intruders. The goal of this proposal will be to develop a new set of verification tools, algorithms, and interfaces that enable secure, effective and unobtrusive management of users' private information.

group_project

Visible to the public CRII: SaTC: A Language Based Approach to Hybrid Mobile App Security

The last few years have seen an explosive growth in the share of hybrid mobile apps worldwide, coinciding with the increasing ubiquity of HTML5. Hybrid app frameworks allow mobile developers to design app code using web technologies alone, and supply native and bridge code (APIs for accessing device resources) necessary for instant porting to several mobile platforms.

group_project

Visible to the public CRII: SaTC CPS: RUI: Cyber-Physical System Security in Implantable Insulin Injection Systems

Increasingly medical devices are dependent on software and the wireless channel for their operations, which also pose new vulnerabilities to their safe, dependable, and trustworthy operations. Medical devices such as implantable insulin pumps, which are in wide use today, continuously monitor and manage a patient's diabetes without the need for frequent daily patient interventions. These devices, not originally designed against cyber security threats, must now mitigate these threats.

group_project

Visible to the public CRII: CPS SaTC: Securing Smart Cyberphysical Systems against Man-in-the-Middle Attacks

Cyber-physical systems have increasingly become top targets for hackers around the world. We are also seeing proliferation of internet-connected critical infrastructures that allow for easy monitoring, visualization, and control. In February 2013, US president signed an executive order "Improving Critical Infrastructure Cybersecurity" that underscores the urgent need for securing such critical infrastructure against malicious attacks.

group_project

Visible to the public CRII: SaTC: Improving Computer Security Technologies through Analyzing Security Needs and Practices of Journalists

Advances in digital communication technologies, and their proliferation in recent decades, have had a remarkable impact on journalism. Security weaknesses in these technologies have put journalists and their sources increasingly at risk, hindering efforts at investigative reporting, transparency, and whistleblowing. Because of their willingness to be early adopters, and to openly communicate their issues, journalists provide an opportunity to identify security issues and requirements in new communication methods.

group_project

Visible to the public CRII: SaTC: Energy Efficient Participatory Data Collection Schemes and Context-Aware Incentives for Trustworthy Crowdsensing via Mobile Social Networks

In a crowdsensing system, energy efficient data collection is a primary concern for mobile sensing service providers (i.e., mobile users offering sensing as a service via built-in sensors on their mobile devices) in order to maximize battery life whereas trustworthiness is a primary concern for the end users. The proposed research will simultaneously address energy-efficient data collection and context-aware incentives to both minimize power consumption and maximize data trustworthiness.

group_project

Visible to the public CRII: SaTC: Empirical and Analytical Models for the Deployment of Software Updates in Large Vulnerable Populations

Software vulnerabilities are an important vector for malware delivery. The software updating mechanisms, responsible for deploying the vulnerability patches, are in a race with the cyber attackers seeking to exploit the vulnerabilities. Moreover, these updating mechanisms have multiple, potentially conflicting, design goals, as they must quickly deploy patches on millions of hosts worldwide, must not overburden the users, and must avoid breaking dependencies in the deployment environment.

group_project

Visible to the public CRII: SaTC: Analyzing and verifying the security of TCP stacks under multi-entity interactions

The objective of this project is to strengthen the Transmission Control Protocol (TCP), a ubiquitous core Internet protocol, under emerging threat models to make it robust and secure enough to serve the needs of 'smart' technologies in communications, automobiles, medical devices, and other devices that touch our lives every day. It is terrifying to imagine that a smart car could fail to report an accident automatically due to a denial of service attack on its TCP connections, or a smart medical device could fail to report a patient's change in condition.