Develop System Design Methods
group_project
Submitted by Long Lu on Mon, 11/20/2017 - 7:04am
The cybercriminal community is inarguably more organized, better resourced and more motivated than ever to perpetrate massive-scale computer infections across the Internet. The malware distribution systems that they control and operate are characterized by their use of highly specialized suppliers and commoditized malware services.
group_project
Submitted by Marco Gaboardi on Mon, 11/20/2017 - 6:47am
Information about individuals is collected by a variety of organizations including government agencies, banks, hospitals, research institutions, and private companies. In many cases, sharing this data among organizations can bring benefits in social, scientific, business, and security domains, as the collected information is of similar nature, of about similar populations. However, much of this collected data is sensitive as it contains personal information, or information that could damage an organization's reputation or competitiveness.
group_project
Submitted by Mariana Raykova on Mon, 11/20/2017 - 6:40am
Secure computation allows users to collaboratively compute any program on their private data, while ensuring that they learn nothing beyond the output of the computation. Existing protocols for secure computation primarily rely on a boolean-circuit representation for the program being evaluated, which can be highly inefficient. This project focuses on developing secure-computation protocols in the RAM model of computation. Particularly challenging here is the need to ensure that memory accesses are oblivious, and do not leak information about private data.
group_project
Submitted by Katrina Ligett on Mon, 11/20/2017 - 6:37am
This project takes a new approach to problems involving sensitive data, by focusing on rigorous mathematical modeling and characterization of the value of private information. By focusing on quantifying the loss incurred by affected individuals when their information is used -- and quantifying the attendant benefits of such use -- the approaches advanced by this work enable concrete reasoning about the relative risks and rewards of a wide variety of potential computations on sensitive data.
group_project
Submitted by Mark Jones on Tue, 11/14/2017 - 12:53pm
This project is investigating the potential for language-based security techniques in the construction of low-level systems software. The specific focus is on the development of an open, capability-enhanced microkernel whose design is based on seL4, a "security enhanced" version of the L4 microkernel that was developed, by a team in Australia, as the first fully verified, general purpose operating system.
group_project
Submitted by Marten van Dijk on Tue, 11/14/2017 - 12:45pm
Recent years have shown the fallacy of Certificate Authorities (CAs); insiders are able to steal master signing keys and impersonate certificates, exploitation of system vulnerabilities and other means of infiltration allow attackers to gain access to CAs and copy their keys, etc. At stake is the mere survival of public key infrastructures as trust in them is bootstrapped from trust in certificates that bind public keys to known identities. The current attack surface exposed by CAs makes trust in their issued certificates questionable.
group_project
Submitted by Marwan Krunz on Tue, 11/14/2017 - 12:43pm
As society continues to depend on the rapidly expanding wireless ecosystem, we are challenged with serious threats related to user privacy, data confidentiality, and critical system availability. A significant portion of these threats is attributed to the broadcast nature of wireless transmissions. Using commodity radio hardware, unauthorized parties can easily eavesdrop on over-the-air transmissions and breach the privacy of communicating users by tracking their whereabouts and movements, and inferring their associations, health state, and preferences.
group_project
Submitted by Kai Zeng on Tue, 11/14/2017 - 12:20pm
By the end of this decade, it is estimated that Internet of Things (IoT) could connect as many as 50 billion devices. Near Field Communication (NFC) is considered as a key enabler of IoT. Many useful applications are supported by NFC, including contactless payment, identification, authentication, file exchange, and eHealthcare, etc. However, securing NFC between mobile devices faces great challenges mainly because of severe resource constraints on NFC devices, NFC systems deployed without security, and sophisticated adversaries.
group_project
Submitted by Joan Feigenbaum on Tue, 11/14/2017 - 11:44am
Freedom and openness of the Internet are under threat. Government censors in non-democratic countries are deploying network filters to block sources of uncensored information, suppress dissent, and prevent citizens from using the Internet to exercise their human rights such as freedom of speech and freedom of assembly.
group_project
Submitted by Jianping Fan on Tue, 11/14/2017 - 11:35am
The objective of this project is to investigate a comprehensive image privacy recommendation system, called iPrivacy (image Privacy), which can efficiently and automatically generate proper privacy settings for newly shared photos that also considers consensus of multiple parties appearing in the same photo. Photo sharing has become very popular with the growing ubiquity of smartphones and other mobile devices.
