Transition to Practice

group_project

Visible to the public EAGER: Privacy in Citizen Science: An Emerging Concern for Research and Practice

Submitted by kshilton on Tue, 12/05/2017 - 10:31pm

Citizen science is a form of collaboration where members of the public participate in scientific research. Citizen science is increasingly facilitated by a variety of wireless, cellular and satellite technologies. Data collected and shared using these technologies may threaten the privacy of volunteers. This project will discover factors which lead to, or allieviate, privacy concerns for citizen science volunteers.

Outcomes Report URL: 
https://www.research.gov/research-portal/appmanager/base/desktop?_nfpb=true&_win...
group_project

Visible to the public TWC: Small: Online tracking: Threat Detection, Measurement and Response

Submitted by Arvind Narayanan on Mon, 12/04/2017 - 8:21pm

The project develops new technologies for continual, web-scale measurement and rapid defenses against emerging threats to web privacy and security arising from third-party tracking. It draws from the fields of web security, systems, measurement, statistics, and machine learning. The outputs of this project will enable website administrators to find and fix a large class of privacy and security problems. They will help improve existing browser privacy tools.

group_project

Visible to the public ETHICS OF DATA AGGREGATION: PRIVACY, TRUST, AND FAIRNESS

Submitted by Kirsten Martin on Tue, 11/21/2017 - 6:55am

This project closely examines data aggregation to understand what types of aggregation are normatively and descriptively important to individuals and how do different types and degree of aggregation impact individual trust. This proposed research would advance knowledge and understanding within the study of big data, trust, and business ethics. Initial investigations into data aggregation have been technical to ensure accuracy and diminish unwanted bias.

group_project

Visible to the public CAREER: Securing Critical Infrastructure with Autonomously Secure Storage

Submitted by Kevin Butler on Tue, 11/21/2017 - 6:47am

Embedded systems currently rely on local and often insecure state retention for process control and subsequent forensic analysis. As critical embedded control systems (e.g., smart grids, SCADA) generate increasing amounts of data and become ever more connected to other systems, secure retention and management of that data is required. Attacks such as Stuxnet show that SCADA and other systems comprising critical infrastructure are vulnerable to the compromise of controllers and sensing devices, as well as falsification of data to circumvent anomaly detection mechanisms.

group_project

Visible to the public TWC SBE: Small: Protecting the Online Privacy of Users of Social Networks

Submitted by Keith Ross on Tue, 11/21/2017 - 6:39am

It is generally recognized that protecting online privacy is important, with modern society manifesting this concern in many ways. Preliminary research indicates that third parties, with modest crawling and computational resources, and employing simple data mining heuristics, can potentially combine online services and publicly available information to create detailed profiles of the users living in any targeted geographical area.

group_project

Visible to the public TWC: TTP Option: Medium: Collaborative: MALDIVES: Developing a Comprehensive Understanding of Malware Delivery Mechanisms

Submitted by Long Lu on Mon, 11/20/2017 - 7:04am

The cybercriminal community is inarguably more organized, better resourced and more motivated than ever to perpetrate massive-scale computer infections across the Internet. The malware distribution systems that they control and operate are characterized by their use of highly specialized suppliers and commoditized malware services.

group_project

Visible to the public TWC: Large: Collaborative: Computing Over Distributed Sensitive Data

Submitted by Marco Gaboardi on Mon, 11/20/2017 - 6:47am

Information about individuals is collected by a variety of organizations including government agencies, banks, hospitals, research institutions, and private companies. In many cases, sharing this data among organizations can bring benefits in social, scientific, business, and security domains, as the collected information is of similar nature, of about similar populations. However, much of this collected data is sensitive as it contains personal information, or information that could damage an organization's reputation or competitiveness.

group_project

Visible to the public TWC: Medium: Leakage of Communications Signatures: Analysis of Eavesdropping Attacks and Proactive Countermeasures

Submitted by Marwan Krunz on Tue, 11/14/2017 - 12:43pm

As society continues to depend on the rapidly expanding wireless ecosystem, we are challenged with serious threats related to user privacy, data confidentiality, and critical system availability. A significant portion of these threats is attributed to the broadcast nature of wireless transmissions. Using commodity radio hardware, unauthorized parties can easily eavesdrop on over-the-air transmissions and breach the privacy of communicating users by tracking their whereabouts and movements, and inferring their associations, health state, and preferences.

group_project

Visible to the public TWC: Medium: Collaborative: Active Security

Submitted by Jonathan Smith on Tue, 11/14/2017 - 12:35pm

Computer and network security is currently challenged by the need to secure diverse network environments including clouds and data-centers, PCs and enterprise infrastructures. This diversity of environments is coupled to increased attack sophistication. Today's tools for securing network and computing infrastructures can be painstakingly composed and configured using available components, but fail to automatically learn from their environment and actively protect it.

group_project

Visible to the public TWC: Small: Secure Near Field Communications between Mobile Devices

Submitted by Kai Zeng on Tue, 11/14/2017 - 12:20pm

By the end of this decade, it is estimated that Internet of Things (IoT) could connect as many as 50 billion devices. Near Field Communication (NFC) is considered as a key enabler of IoT. Many useful applications are supported by NFC, including contactless payment, identification, authentication, file exchange, and eHealthcare, etc. However, securing NFC between mobile devices faces great challenges mainly because of severe resource constraints on NFC devices, NFC systems deployed without security, and sophisticated adversaries.