Cybersecurity Workforce

group_project

Visible to the public TWC: Small: System Infrastructure for SMM-based Runtime Integrity Measurement

Submitted by Karen Karavanic on Tue, 11/14/2017 - 11:11am

The World Wide Web and computer "clouds" have become widely used, and are interwoven into many activities of daily life, from shopping to socializing to education. But the data center servers that are the backbone of this richly connected world remain vulnerable to malicious software ("malware"). Over the past decade, attacks have increased in number and sophistication, motivated by both financial and political goals. The results include consumer concerns about identify theft and fraudulent charges, corporate concerns about millions of dollars in losses, and potential defense concerns.

group_project

Visible to the public STARSS: Small: Collaborative: Physical Design for Secure Split Manufacturing of ICs

Submitted by Jeyavijayan Rajen... on Tue, 11/14/2017 - 9:55am

The trend of outsourcing semiconductor manufacturing to oversea foundries has introduced several security vulnerabilities -- reverse engineering, malicious circuit insertion, counterfeiting, and intellectual property piracy -- making the semiconductor industry lose billions of dollars. Split manufacturing of integrated circuits reduces vulnerabilities introduced by an untrusted foundry by manufacturing only some of the layers at an untrusted high-end foundry and the remaining layers at a trusted low-end foundry.

group_project

Visible to the public TWC: Medium: Collaborative: Development and Evaluation of Next Generation Homomorphic Encryption Schemes

Submitted by Jeffrey Hoffstein on Tue, 11/14/2017 - 9:43am

Fully homomorphic encryption (FHE) is a promising new technology that enables an untrusted party to efficiently compute directly on ciphertexts. For instance, with FHE a cloud server without access to the user's encrypted content can still provide text search services. An efficient FHE scheme would significantly improve the security of sensitive user data stored and processed on cloud servers. Significant progress has been made in bringing FHE proposals closer to practice.

group_project

Visible to the public EDU:Collaborative: VACCS - Visualization and Analysis for C Code Security

Submitted by Jean Mayo on Tue, 11/14/2017 - 5:51am

The proposed project will develop Visualization and Analysis of C Code Security (VACCS) tool to assist students with learning secure code programming. The proposal addresses the critical issue of learning secure coding through the development of a system for analyzing and visualizing C code and associated learning materials. VACCS will utilize static and dynamic program analysis to detect security vulnerabilities and warn programmers about the potential errors in their code.

group_project

Visible to the public TWC: TTP Option: Large: Collaborative: Internet-Wide Vulnerability Measurement, Assessment, and Notification

Submitted by Alex Halderman on Mon, 11/13/2017 - 3:31pm

This project aims to reduce the impact of software vulnerabilities in Internet-connected systems by developing data-driven techniques for vulnerability measurement, assessment, and notification. Recent advances in Internet-wide scanning make it possible to conduct network surveys of the full public IPv4 address space in minutes.

group_project

Visible to the public EAGER: Understanding the Strategic Values of Privacy Practices in Organizations

Submitted by Gwendolyn Lee on Mon, 11/13/2017 - 7:52am

As companies collect consumer data in increasingly larger quantity and mine the data more deeply, trade-offs arise with respect to companies' practices about information privacy. A company may choose practices that augment targeted advertisements or services. However, the financial rewards associated with privacy practices are highly uncertain, since they are affected by a company's competition with rivals.

group_project

Visible to the public TWC: Medium: Collaborative: Strengthening Wi-Fi Network Wide

Submitted by Guevara Noubir on Mon, 11/13/2017 - 7:46am

Wi-Fi has emerged as the technology of choice for Internet access. Thus, virtually every smartphone or tablet is now equipped with a Wi-Fi card. Concurrently, and as a means to maximize spectral efficiency, Wi-Fi radios are becoming increasingly complex and sensitive to wireless channel conditions. The prevalence of Wi-Fi networks, along with their adaptive behaviors, makes them an ideal target for denial of service attacks at a large, infrastructure level.

group_project

Visible to the public TWC: Small: A Moving Target Approach to Enhancing Machine Learning-Based Malware Defense

Submitted by Guanhua Yan on Mon, 11/13/2017 - 7:34am

The ever-growing malware threats call for effective, yet efficient, mitigation techniques. Machine learning offers a promising solution to malware defense due to the scalability and automation that it brings. Machine learning techniques are however not a panacea for advanced malware attacks where cyber criminals can carefully craft malware features to evade detection. The root cause of such attacks can be attributed to the passive nature of existing machine learning-based malware defense systems.

group_project

Visible to the public EDU: Development and Analysis of a Cybersecurity Education Game

Submitted by Gregory White on Mon, 11/13/2017 - 7:31am

The project involves the design and development of pedagogical games to introduce cybersecurity and cyber safety concepts to students in grades K-6. It will engage students with activities demonstrating the relevance of cybersecurity to the world around them; challenge students with creative puzzle-solving exercises; and will analyze the effectiveness of age-appropriate cybersecurity games to introduce cybersecurity knowledge. A major aspect of this project is the dissemination of cybersecurity principles to elementary school students.

group_project

Visible to the public EDU: Collaborative: HACE Lab: An Online Hardware Security Attack and Countermeasure Evaluation Lab

Submitted by Fareena Saqib on Mon, 11/13/2017 - 5:53am

This project addresses the need to train students, researchers, and practitioners on diverse hardware security and trust issues as well as emergent solutions. The primary goal is establishing a set of hardware security courseware and enabling adoption of these courseware through the development of an online Hardware Attack and Countermeasure Evaluation (HACE) Lab.