Scientific Foundations

group_project

TWC: Small: Privacy Preserving Outlier Detection and Recognition

Submitted by Jaideep Vaidya on Mon, 11/13/2017 - 3:34pm

Big data analytics can revolutionize innovation and productivity across diverse domains. However, this requires sharing or joint analysis of data, which is often inhibited due to privacy and security concerns. While techniques have been developed to enable the safe use of data for analysis, none of these work for the critical task of outlier detection. Outlier detection is one of the most fundamental data analysis tasks, useful in applications as far ranging as homeland security, to medical informatics, to financial fraud.

group_project

TWC: TTP Option: Large: Collaborative: Internet-Wide Vulnerability Measurement, Assessment, and Notification

Submitted by Alex Halderman on Mon, 11/13/2017 - 3:31pm

This project aims to reduce the impact of software vulnerabilities in Internet-connected systems by developing data-driven techniques for vulnerability measurement, assessment, and notification. Recent advances in Internet-wide scanning make it possible to conduct network surveys of the full public IPv4 address space in minutes.

group_project

TWC: Small: Oblivious Cloud Storage Systems, from Theory to Practice --- Simpler, More Efficient, More Robust

Submitted by Huijia Lin on Mon, 11/13/2017 - 12:36pm

Outsourcing storage to the cloud has become more widespread in recent years; however, cloud storage services are constantly exposed to a number of non-trivial adversarial threats. This work addresses security risks arising from the leakage of access patterns, which is the ability of an adversary to detect when the same item is accessed repeatedly on a storage server, which has been shown to substantially impact data privacy.

group_project

TWC: Medium: Collaborative: Seal: Secure Engine for AnaLytics - From Secure Similarity Search to Secure Data Analytics

Submitted by Huijia Lin on Mon, 11/13/2017 - 12:32pm

Many organizations and individuals rely on the cloud to store their data and process their analytical queries. But such data may contain sensitive information. Not only do users want to conceal their data on a cloud, they may also want to hide analytical queries over their data, results of such queries, and data access patterns from a cloud service provider (that may be compromised either from within or by a third party).

group_project

CAREER: Verifiable Outsourcing of Data Mining Computations

Submitted by Hui Wang on Mon, 11/13/2017 - 8:55am

Spurred by developments such as cloud computing, there has been considerable interest in the data-mining-as-a-service (DMaS) paradigm in which a client outsources his/her data mining needs to a third-party service provider. However, this raises a few security concerns. One of the security concerns is that the service provider may return plausible but incorrect mining results to the client.

group_project

SBE TTP: Medium: Securing Cyber Space: Understanding the Cyber Attackers and Attacks via Social Media Analytics

Submitted by Hsinchun Chen on Mon, 11/13/2017 - 8:47am

As society becomes more dependent on cyber infrastructure, the security of networks and information technologies has become a growing concern. Individuals, businesses, and governmental organizations are now common victims of cyber-attacks that seek to steal private data, gain remote control over remote systems, and cause harm to networks and systems through other malicious means. Additionally, critical infrastructures such as smart power grids and communication networks are facing an increasing number of cyber-based threats.

group_project

EAGER: Securing Integrated Circuits Through Realtime Hardware Trojan Detection

Submitted by Ioannis Savidis on Mon, 11/13/2017 - 8:36am

Modifications to integrated circuits (ICs) or the insertion of foreign intellectual property pose a serious threat to U.S. sovereignty, as ICs are found in many consumer electronic devices, including phones, computers, and televisions. More importantly, many commercial and military U.S. assets rely on ICs for computation and management of critical infrastructure such as banking, energy, and defense systems. The primary impact of the proposed work is to improve the security of U.S.

group_project

SaTC: STARSS: ICM: Invariant Carrying Machine for Hardware Assurance

Submitted by Hai Zhou on Mon, 11/13/2017 - 8:00am

Design of complex semiconductor circuits and systems requires many steps, involves hundreds of engineers, and is typically distributed across multiple locations and organizations worldwide. The conventional processes and tools for design of semiconductors can ensure the correctness, that is, the resulting product does what it is supposed to do. However, these processes do not provide confidence about whether the chip is altered such that it provides unauthorized access or control.

group_project

EAGER: Understanding the Strategic Values of Privacy Practices in Organizations

Submitted by Gwendolyn Lee on Mon, 11/13/2017 - 7:52am

As companies collect consumer data in increasingly larger quantity and mine the data more deeply, trade-offs arise with respect to companies' practices about information privacy. A company may choose practices that augment targeted advertisements or services. However, the financial rewards associated with privacy practices are highly uncertain, since they are affected by a company's competition with rivals.

group_project

TWC: Medium: Collaborative: Strengthening Wi-Fi Network Wide

Submitted by Guevara Noubir on Mon, 11/13/2017 - 7:46am

Wi-Fi has emerged as the technology of choice for Internet access. Thus, virtually every smartphone or tablet is now equipped with a Wi-Fi card. Concurrently, and as a means to maximize spectral efficiency, Wi-Fi radios are becoming increasingly complex and sensitive to wireless channel conditions. The prevalence of Wi-Fi networks, along with their adaptive behaviors, makes them an ideal target for denial of service attacks at a large, infrastructure level.