Develop System Design Methods
group_project
Submitted by Jian Ren on Tue, 11/14/2017 - 10:01am
As passive tagging technologies like RFID become more economical and ubiquitous, it can be envisioned that in the future, millions of sensors integrated with these tags could become an integral part of the next generation of smart infrastructure and the overall concept of internet-of-things. As a result, securing these passive assets against data theft and counterfeiting would become a priority, reinforcing the importance of the proposed dynamic authentication techniques.
group_project
Submitted by Jeyavijayan Rajen... on Tue, 11/14/2017 - 9:55am
The trend of outsourcing semiconductor manufacturing to oversea foundries has introduced several security vulnerabilities -- reverse engineering, malicious circuit insertion, counterfeiting, and intellectual property piracy -- making the semiconductor industry lose billions of dollars. Split manufacturing of integrated circuits reduces vulnerabilities introduced by an untrusted foundry by manufacturing only some of the layers at an untrusted high-end foundry and the remaining layers at a trusted low-end foundry.
group_project
Submitted by Jessica Fridrich on Tue, 11/14/2017 - 9:46am
The project focuses on advancing the field of digital image steganography -- a covert way of communication in which information is hidden in other objects, such as digital media files, to assure privacy. For a secure steganographic system, it should be impossible to prove the presence of hidden data. Achieving this level of security in practice is extraordinarily difficult because digital media is hard to describe using statistical models with accuracy necessary to guarantee perfect security.
group_project
Submitted by Jeffrey Hoffstein on Tue, 11/14/2017 - 9:43am
Fully homomorphic encryption (FHE) is a promising new technology that enables an untrusted party to efficiently compute directly on ciphertexts. For instance, with FHE a cloud server without access to the user's encrypted content can still provide text search services. An efficient FHE scheme would significantly improve the security of sensitive user data stored and processed on cloud servers. Significant progress has been made in bringing FHE proposals closer to practice.
group_project
Submitted by Jon Solworth on Tue, 11/14/2017 - 6:02am
The modern web experience is dynamic, providing users with a highly responsive interface through which to interact with the world. Today's mechanisms allow servers---even those which are controlled by an attacker---to download arbitrary programs into a user's browser. It is extraordinarily difficult to secure the web browser (and its user) against attack in this scenario. While tools and techniques are useful to analyze and restrict downloaded code, they are by their very nature incomplete. As a result, the security of web services relies on a series of ad hoc, service-provided techniques.
group_project
Submitted by Jean Mayo on Tue, 11/14/2017 - 5:51am
The proposed project will develop Visualization and Analysis of C Code Security (VACCS) tool to assist students with learning secure code programming. The proposal addresses the critical issue of learning secure coding through the development of a system for analyzing and visualizing C code and associated learning materials. VACCS will utilize static and dynamic program analysis to detect security vulnerabilities and warn programmers about the potential errors in their code.
group_project
Submitted by Jay McCarthy on Tue, 11/14/2017 - 5:49am
Online security relies on communication protocols that establish trust and authentication. New protocols are created regularly, such as when Software-as-a-Service companies expose their software through new Web services. In the ideal case, network engineers and protocol experts collaborate to develop a protocol: one responsible for its efficiency and the other for its security. Unfortunately, this ideal is rarely realized.
group_project
Submitted by Jaideep Vaidya on Mon, 11/13/2017 - 4:00pm
Social networks provide many benefits, but also give rise to serious concerns regarding privacy. Indeed, since privacy protections are not intrinsically incorporated into the underlying technological framework, user data is still accessible to the social network and is open to misuse. While there have been efforts to incorporate privacy into social networks, existing solutions are not sufficiently lightweight, transparent, and functional, and therefore have achieved only limited adoption.
group_project
Submitted by Jaideep Vaidya on Mon, 11/13/2017 - 3:34pm
Big data analytics can revolutionize innovation and productivity across diverse domains. However, this requires sharing or joint analysis of data, which is often inhibited due to privacy and security concerns. While techniques have been developed to enable the safe use of data for analysis, none of these work for the critical task of outlier detection. Outlier detection is one of the most fundamental data analysis tasks, useful in applications as far ranging as homeland security, to medical informatics, to financial fraud.
group_project
Submitted by Giovanni Vigna on Mon, 11/13/2017 - 7:21am
The adoption of smartphones has steadily increased in the past few years, and smartphones have become the tool with which millions of users handle confidential information, such as financial and health-related data. As a result, these devices have become attractive targets for cybercriminals, who attempt to violate the trust assumptions underlying the smartphone platform in order to compromise the security and privacy of users.
