Scientific Foundations

group_project

Visible to the public TWC: Small: Workflows and Relationships for End-to-End Data Security in Collaborative Applications

Submitted by Dominic Duggan on Tue, 11/07/2017 - 5:56am

Access control refers to mechanisms for protecting access to confidential information, such as sensitive medical data. Management of access control policies, in applications that involve several collaborating parties, poses several challenges. One of these is in ensuring that each party in such a collaboration only obtains the minimal set of access permissions that they require for the collaboration. In a domain such as healthcare, it may be critical that access be minimized in this way, rather than allowing all parties equal access to the sensitive information.

group_project

Visible to the public TWC: Small: Benchmarking Testing Methods for Access Control Policies

Submitted by Dianxiang Xu on Tue, 11/07/2017 - 5:32am

Access control policies specify which users may perform which actions on which resources within which environments. Defective policies may have serious impacts, allowing unintended access (e.g., bank account withdrawals by a stranger) or preventing critical legitimate access (e.g., a doctor cannot view her patient's x-ray). As computer systems become more complex, policy defects have become more common.

group_project

Visible to the public TWC: TTP Option: Small: Automating Attack Strategy Recognition to Enhance Cyber Threat Prediction

Submitted by scyang on Wed, 10/25/2017 - 3:41pm

Network attacks are increasingly complex and fast-evolving. A single attack may use multiple reconnaissance, exploit, and obfuscation techniques. This project investigates how to extract critical attack attributes, synthesize novel attack sequences, and reveal potential threats to critical assets in a timely manner. The project uses machine learning techniques to simultaneously identify new attack types and observed events that could identify those attacks.

group_project

Visible to the public TWC: TTP Option: Medium: Collaborative: MALDIVES: Developing a Comprehensive Understanding of Malware Delivery Mechanisms

Submitted by Vinod Yegneswaran on Wed, 10/25/2017 - 3:34pm

The cybercriminal community is inarguably more organized, better resourced and more motivated than ever to perpetrate massive-scale computer infections across the Internet. The malware distribution systems that they control and operate are characterized by their use of highly specialized suppliers and commoditized malware services.

group_project

Visible to the public TWC: TTP Option: Medium: Collaborative: MALDIVES: Developing a Comprehensive Understanding of Malware Delivery Mechanisms

Submitted by V. Venkatakrishnan on Wed, 10/25/2017 - 3:31pm

The cybercriminal community is inarguably more organized, better resourced and more motivated than ever to perpetrate massive-scale computer infections across the Internet. The malware distribution systems that they control and operate are characterized by their use of highly specialized suppliers and commoditized malware services.

group_project

Visible to the public TWC: TTP Option: Large: Collaborative: Towards a Science of Censorship Resistance

Submitted by Vern Paxson on Wed, 10/25/2017 - 3:25pm

The proliferation and increasing sophistication of censorship warrants continuing efforts to develop tools to evade it. Yet, designing effective mechanisms for censorship resistance ultimately depends on accurate models of the capabilities of censors, as well as how those capabilities will likely evolve. In contrast to more established disciplines within security, censorship resistance is relatively nascent, not yet having solid foundations for understanding censor capabilities or evaluating the effectiveness of evasion technologies.

group_project

Visible to the public TWC: Small: Towards Trustworthy Access Control Policies

Submitted by sdstoller on Wed, 10/25/2017 - 3:03pm

Getting access control policies right is challenging, especially in large organizations. This project is developing techniques and tools to support efficient and trustworthy administration of Attribute-Based Access Control (ABAC) policies. ABAC is a flexible, high-level, and increasingly popular security policy framework.

group_project

Visible to the public  TWC: Small: Time Advantage-based Key Establishment Protocols for Low-cost Wireless Networked Systems

Submitted by Yong Guan on Wed, 10/25/2017 - 2:58pm

The essence of information assurance resides in the ability of the legitimate communication parties to establish and maintain an advantage over their adversary. Most often, such an advantage is in the form of a secret key. The high costs associated with standard key establishment protocols motivate the recent surge of less conventional protocols, which derive the legitimate parties' advantage from physical features (the adversary may have a worse channel than the legitimate receiver) or from correlated sources of randomness (accelerometer readings when two devices are shaken together).

group_project

Visible to the public TWC: Small: Theory and Practice of Tweakable-Blockcipher-Based Cryptography

Submitted by Thomas Shrimpton on Wed, 10/25/2017 - 2:54pm

Blockciphers are the basic building block of shared-key cryptography. However, for certain important cryptographic goals, like building encryption schemes, the interface presented by blockciphers is limiting. A more modern primitive, the tweakable blockcipher (TBC), is often a better fit. Like a blockcipher, a TBC takes as input a secret key, a block of data and the tweak which is an additional input which provides variability to the TBC's input-output behavior without having to change the secret key.

group_project

Visible to the public TWC: Small: Self-Service Cloud Computing

Submitted by Vinod Ganapathy on Wed, 10/25/2017 - 2:46pm

Cloud computing poses significant risks to the security of client data. Virtual Machine Monitors (VMMs) that underlie cloud systems typically have all-powerful administrative domains that can be exploited or misused to snoop on client virtual machines (VMs) and steal/modify their data. Moreover, although virtual machine technology enables several novel security services that clients may wish to use, such services are privileged and must be implemented within the administrative domain.