Risk Management

group_project

Visible to the public TWC: Medium: Collaborative: Strengthening Wi-Fi Network Wide

Submitted by Guevara Noubir on Mon, 11/13/2017 - 7:46am

Wi-Fi has emerged as the technology of choice for Internet access. Thus, virtually every smartphone or tablet is now equipped with a Wi-Fi card. Concurrently, and as a means to maximize spectral efficiency, Wi-Fi radios are becoming increasingly complex and sensitive to wireless channel conditions. The prevalence of Wi-Fi networks, along with their adaptive behaviors, makes them an ideal target for denial of service attacks at a large, infrastructure level.

group_project

Visible to the public TWC: TTP Option: Medium: Collaborative: Identifying and Mitigating Trust Violations in the Smartphone Ecosystem

Submitted by Giovanni Vigna on Mon, 11/13/2017 - 7:21am

The adoption of smartphones has steadily increased in the past few years, and smartphones have become the tool with which millions of users handle confidential information, such as financial and health-related data. As a result, these devices have become attractive targets for cybercriminals, who attempt to violate the trust assumptions underlying the smartphone platform in order to compromise the security and privacy of users.

group_project

Visible to the public EAGER: Cybersecurity Transition To Practice (TTP) Acceleration

Submitted by Florence Hudson on Mon, 11/13/2017 - 6:13am

The 2011 Federal Cybersecurity Research and Development Plan cites "Accelerating Transition to Practice (TTP)" as one of five strategic objectives in the Cyber Security and Information Assurance (CSIA) Program Component Area. TTP remains a strategic objective of Agencies which fund cybersecurity research, including NSF. However, the NSF cybersecurity portfolio contains only a small amount of security research that has been transitioned into operational activities.

group_project

Visible to the public EAGER: A Mathematical Model of Privacy Decisions: A Behavioral Economic Perspective

Submitted by Fariborz Farahmand on Mon, 11/13/2017 - 5:57am

When making decisions about information privacy, people do not always act rationally according to their best interests. It is thus important to understand why people express concerns about privacy, but often act contrary to their stated intentions.

group_project

Visible to the public TWC: TTP Option: Small: Automating Attack Strategy Recognition to Enhance Cyber Threat Prediction

Submitted by scyang on Wed, 10/25/2017 - 3:41pm

Network attacks are increasingly complex and fast-evolving. A single attack may use multiple reconnaissance, exploit, and obfuscation techniques. This project investigates how to extract critical attack attributes, synthesize novel attack sequences, and reveal potential threats to critical assets in a timely manner. The project uses machine learning techniques to simultaneously identify new attack types and observed events that could identify those attacks.

group_project

Visible to the public TWC: Small: Securing Smart Power Grids under Data Measurement Cyber Threats

Submitted by Sara Eftekharnejad on Wed, 10/25/2017 - 2:50pm

Power systems are changing with the rapid deployment of remote sensing devices such as Phasor Measurement Units (PMU) and integration of more capable Supervisory Control and Data Acquisition (SCADA) systems. PMU measurements, generated every second, are used by power system operators to make critical decisions. With more utilities adopting PMUs for real-time system monitoring, power systems are exposed to more cyber-threats targeting these devices.

group_project

Visible to the public  TWC: Small: Collaborative: Reputation-Escalation-as-a-Service: Analyses and Defenses

Submitted by Sencun Zhu on Wed, 10/25/2017 - 8:36am

Living in an age when services are often rated, people are increasingly depending on reputation of sellers or products/apps when making purchases online. This puts pressure on people to gain and maintain a high reputation by offering reliable and high-quality services and/or products, which benefits the society at large. Unfortunately, due to extremely high competition in e-commerce or app stores, recently reputation manipulation related services have quickly developed into a sizable business, which is termed Reputation-Escalation-as-a-Service (REaaS).

group_project

Visible to the public TWC: Medium: Collaborative: Security and Privacy for Wearable and Continuous Sensing Platforms

Submitted by Serge Egelman on Wed, 10/25/2017 - 7:50am

This research project studies security and privacy for wearable devices. Wearable computing is poised to become widely deployed throughout society. These devices offer many benefits to end users in terms of realtime access to information and the augmentation of human memory, but they are also likely to introduce new and complex privacy and security problems. People who use wearable devices need assurances that their privacy will be respected, and we also need ways to minimize the potential for wearable devices to intrude on the privacy of bystanders and others.

group_project

Visible to the public TWC: Large: Collaborative: Living in the Internet of Things

Submitted by Tadayoshi Kohno on Tue, 10/24/2017 - 12:51pm

More and more objects used in daily life have Internet connectivity, creating an "Internet of Things" (IoT). Computer security and privacy for an IoT ecosystem are fundamentally important because security breaches can cause real and significant harm to people, their homes, and their community.

group_project

Visible to the public TWC: Frontier: Collaborative: Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives

Submitted by Vern Paxson on Mon, 10/23/2017 - 1:54pm

This project tackles the social and economic elements of Internet security: how the motivations and interactions of attackers, defenders, and users shape the threats we face, how they evolve over time, and how they can best be addressed. While security is a phenomenon mediated by the technical workings of computers and networks, it is ultimately a conflict driven by economic and social issues that merit a commensurate level of scrutiny.