Scientific Foundations

group_project

Visible to the public TWC: Medium: Collaborative: Automated Formal Analysis of Security Protocols with Private Coin Tosses

Submitted by Rohit Chadha on Mon, 10/16/2017 - 3:44pm

Computerized systems are present in various aspects of modern society. These systems are used to access and share confidential information. Such sharing is achieved through cryptographic protocols which often employ randomization to introduce unpredictability in their behavior to achieve critical security objectives and make it difficult for the malicious adversaries to infer the underlying execution of the participants.

group_project

Visible to the public TWC: Small: Design and Analysis of Symmetric Key Ciphers

Submitted by Andrew Klapper on Mon, 10/16/2017 - 3:39pm

Pseudorandom sequences (PRS) exhibit a statistical randomness and are widely used in applications where randomness is needed and PRS generation can be effectively done. Many everyday applications in digital computing and communication require randomness to operate correctly. For example, these include secure network communications, global positioning systems, and even weather prediction simulations. Yet, few general generators of high quality pseudorandom sequences are known.

group_project

Visible to the public TWC: Small: PERMIT: Privacy-Enabled Resource Management for IoT Networks

Submitted by asarwate on Mon, 10/16/2017 - 3:33pm

This project investigates how privacy can be used to inform the design and management of future data sensing systems. Networked systems that collect data about individuals will play an increasingly important role in our lives, with applications including industrial monitoring and control, "smart" homes/cities, and personalized health care. These systems will gather private information about individuals, which creates many coupled engineering challenges.

group_project

Visible to the public TWC: Small: Linking the Unlinkable: Design, Analysis, and Implementation of Network Flow Fingerprints for Fine-grained Traffic Analysis

Submitted by Amir Houmansadr on Mon, 10/16/2017 - 3:00pm

Network traffic analysts are currently unable to link network flows across wide area networks to determine the origin of a network traffic flow, which is critical in understanding sources of attacks. This project is developing a novel technique for linking network flows, called flow fingerprinting, that could help help network defenders identify the origin of a network-based attack or help law enforcement track the source of criminal activity. The work could also reveal weaknesses that must be addressed in systems that protect users online anonymity.

group_project

Visible to the public CAREER: Sustainable Censorship Resistance Systems for the Next Decade

Submitted by Amir Houmansadr on Mon, 10/16/2017 - 2:57pm

The Internet enables people around the world to communicate, fostering free speech, a free press, and democracy. For billions of people, however, the freedom to communicate via the Internet is regulated, monitored and restricted by governments or corporations. To combat such censorship, researchers have designed and deployed a variety of censorship circumvention systems. Unfortunately, such systems have been designed based on ad hoc heuristics (rather than on solid, theoretical foundations) and can be defeated by typical state-level censors.

group_project

Visible to the public EAGER: Collaborative: PRICE: Using process tracing to improve household IoT users' privacy decisions

Submitted by alfredkobsa on Mon, 10/16/2017 - 1:54pm

Household Internet-of-Things (IoT) devices are intended to collect information in the home and to communicate with each other, to create powerful new applications that support our day-to-day activities. Existing research suggests that users have a difficult time selecting their privacy settings on such devices. The goal of this project is to investigate how, why and when privacy decisions of household IoT users are suboptimal, and to use the insights from this research to create and test a simple single user interface that integrates privacy settings across all devices within a household.

group_project

Visible to the public TWC SBE: TTP Option: Small: A User-Tailored Approach to Privacy Decision Support

Submitted by alfredkobsa on Mon, 10/16/2017 - 1:50pm

Numerous surveys find that Internet users want to limit the personal data that is being collected about them, as well as control the usage of their data. Existing and proposed regulation in the U.S. accords users such rights, in the form of a "transparency and control" obligation on personal data collectors: users should be informed about the rationale of requests for personal data so that they can make an informed decision on whether or not to disclose their data.

group_project

Visible to the public EAGER: Unattended/Automated Studies of Effects of Auditory Distractions on Users Performing Security-Critical Tasks

Submitted by alfredkobsa on Mon, 10/16/2017 - 1:47pm

User errors or delays while performing security-critical tasks can lead to undesirable or even disastrous consequences. The impact of both accidental and intentional distractions on users in such situations has received little investigation. In particular, it is unclear whether and how sensory stimuli (e.g., sound or light) influence users' behavior and trigger mistakes. Better understanding of the effects of such distractions can lead to increased user awareness and countermeasures.

group_project

Visible to the public TWC: Small: Collaborative: A Unifying Framework For Theoretical and Empirical Analysis of Secure Communication Protocols

Submitted by Alexandra Boldyreva on Mon, 10/16/2017 - 1:15pm

Many networking protocols have been designed without security in mind, and many cryptographic schemes have been designed without practical deployments in mind. Moreover, most of security-enhanced communication protocols still lack the provable-security treatment and hence the security guarantees. This project aims at bridging the gap between protocol design, implementation, deployment, and security guarantees by developing a novel general security framework that facilitates the provable-security analyses of practical networking protocols.

group_project

Visible to the public SBE: Medium: Collaborative: Understanding and Exploiting Visceral Roots of Privacy and Security Concerns

Submitted by Acquisti Alessandro on Mon, 10/16/2017 - 12:29pm

Human beings have evolved to detect and react to threats in their physical environment, and have developed perceptual systems selected to assess these physical stimuli for current, material risks. In cyberspace, the same stimuli are often absent, subdued, or deliberately manipulated by malicious third parties. Hence, security and privacy concerns that would normally be activated in the offline world may remain muted, and defense behaviors may be hampered.