Scientific Foundations

group_project

Visible to the public TWC: Medium: Collaborative: Re[DP]: Realistic Data Mining Under Differential Privacy

Submitted by mvnak on Mon, 10/16/2017 - 5:35pm

The collection and analysis of personal data about individuals has revolutionized information systems and fueled US and global economies. But privacy concerns regarding the use of such data loom large. Differential privacy has emerged as a gold standard for mathematically characterizing the privacy risks of algorithms using personal data. Yet, adoption of differentially private algorithms in industry or government agencies has been startlingly rare.

group_project

Visible to the public CAREER: PROTEUS: A Practical and Rigorous Toolkit for Privacy

Submitted by mvnak on Mon, 10/16/2017 - 5:31pm

Statistical privacy, or the problem of disclosing aggregate statistics about data collected from individuals while ensuring the privacy of individual level sensitive properties, is an important problem in today's age of big data. The key challenge in statistical privacy is that applications for data collection and analysis operate on varied kinds of data, and have diverse requirements for the information that must be kept secret, and the adversaries that they must tolerate.

group_project

Visible to the public TWC: Small: Addressing the challenges of cryptocurrencies: Security, anonymity, stability

Submitted by Arvind Narayanan on Mon, 10/16/2017 - 5:20pm

Secure digital payments are essential for e-commerce and cybersecurity. Cryptocurrencies, which are virtual currencies designed using cryptographic principles, are well suited for digital payments but face several hurdles to adoption for legitimate e-commerce.

group_project

Visible to the public TWC: Small: Imparting Privacy to Biometric Data in Cyberspace

Submitted by Arun Ross on Mon, 10/16/2017 - 5:11pm

Recent work has established the possibility of deriving auxiliary information from biometric data. For example, it has been shown that face images can be used to deduce the health, gender, age and race of a subject; further, face images have been used to link a pseudonymous profile in the Web with a true profile, thereby compromising the privacy of an individual. The objective of this work is to design and implement techniques for imparting privacy to biometric data such as face, fingerprint and iris images.

group_project

Visible to the public TWC: Small: Collaborative: The Master Print: Investigating and Addressing Vulnerabilities in Fingerprint-based Authentication Systems

Submitted by Arun Ross on Mon, 10/16/2017 - 5:06pm

The objective of this project is to investigate the security of fingerprint authentication systems, especially those using partial fingerprints. A number of consumer electronic devices, such as smartphones, are beginning to incorporate fingerprint sensors for user authentication. The sensors embedded in these devices are generally very small and the resulting images are, therefore, limited in size.

group_project

Visible to the public TWC: Medium: Collaborative: Distribution-Sensitive Cryptography

Submitted by Ari Juels on Mon, 10/16/2017 - 4:52pm

Contemporary encryption schemes are almost exclusively distribution-agnostic. Their security properties are independent of the statistical characteristics of plaintexts, and the output of these schemes are ciphertexts that are uniformly distributed bit strings, irrespective of use case. While conceptually simple, such encryption schemes fail to meet basic, real-world requirements and have left longstanding functional gaps in key security applications.

group_project

Visible to the public TWC SBE: Medium: Collaborative: A Socio-Technical Approach to Privacy in a Camera-Rich World

Submitted by Apu Kapadia on Mon, 10/16/2017 - 4:26pm

Cameras are now pervasive on consumer devices, including smartphones, laptops, tablets, and new wearable devices like Google Glass and the Narrative Clip lifelogging camera.

group_project

Visible to the public TWC: Small: Blameworthy Programs: Accountability via Deviance and Causal Determination

Submitted by anupamdatta on Mon, 10/16/2017 - 4:04pm

Security protocols enable useful tasks over untrusted networks. For example, confidential communication over the Internet between users and Web services like Google, Facebook, Amazon and Bank of America rely on protocols like SSL/TLS and the supporting Public Key Infrastructure (PKI). These protocols are designed to provide global security properties like authentication and confidentiality when various parties (e.g., the user, the Web service, and participants in the PKI such as certificate authorities) execute their prescribed programs.

group_project

Visible to the public TWC: Small: Time-Centric Modeling of Correct Behaviors for Efficient Non-intrusive Runtime Detection of Unauthorized System Actions

Submitted by Roman Lysecky on Mon, 10/16/2017 - 3:49pm

Embedded computing systems are found at the heart of medical devices, automotive systems, smartphone, etc. Securing these embedded systems is a significant challenge that requires new methods that address the power, time, and cost requirements under which these systems operate. Because embedded systems must meet precise time requirements, detecting changes in timing can indicate the presence of malware. This research investigates new models for capturing the expected behavior of embedded systems, in which time requirements play a pivotal role.

group_project

Visible to the public CAREER: Automated Analysis of Security Hyperproperties

Submitted by Rohit Chadha on Mon, 10/16/2017 - 3:47pm

Computer programs and cryptographic protocols are increasingly being used to access confidential and private information on the Internet. Due to their complex nature, they often have subtle errors that can be exploited by malicious entities. As security flaws can have serious consequences, it is important to ensure that computer programs and cryptographic protocols achieve their security objectives.