Develop System Design Methods
group_project
Submitted by Ari Juels on Mon, 10/16/2017 - 3:45pm
The theft of passwords and other user credentials from online services has become an epidemic, with password breaches regularly impacting large user populations and leaving both consumers and businesses vulnerable to attack. A number of research results point the way toward methods that could greatly improve the security of password systems. There is thus both an urgent need and a clear opportunity to transform the general state of industry practice in password management. Toward this end, the researchers build an easy-to-deploy password-protection system called PASS.
group_project
Submitted by Anna Squicciarini on Mon, 10/16/2017 - 2:48pm
On-line sharing of images has become a key enabler of users' connectivity. Various types of images are shared through social media to represent users' interests and experiences. While extremely convenient and socially valuable, this level of pervasiveness introduces acute privacy concerns. First, once shared images may go anywhere, as copying / resharing images is straightforward. Second, the information disclosed through an image reveals aspects of users' private lives, affecting both the owner and other subjects in the image.
group_project
Submitted by Rohit Chadha on Mon, 10/16/2017 - 2:44pm
Computerized systems are present in various aspects of modern society. These systems are used to access and share confidential information. Such sharing is achieved through cryptographic protocols which often employ randomization to introduce unpredictability in their behavior to achieve critical security objectives and make it difficult for the malicious adversaries to infer the underlying execution of the participants.
group_project
Submitted by asarwate on Mon, 10/16/2017 - 2:33pm
This project investigates how privacy can be used to inform the design and management of future data sensing systems. Networked systems that collect data about individuals will play an increasingly important role in our lives, with applications including industrial monitoring and control, "smart" homes/cities, and personalized health care. These systems will gather private information about individuals, which creates many coupled engineering challenges.
group_project
Submitted by Amir Houmansadr on Mon, 10/16/2017 - 2:00pm
Network traffic analysts are currently unable to link network flows across wide area networks to determine the origin of a network traffic flow, which is critical in understanding sources of attacks. This project is developing a novel technique for linking network flows, called flow fingerprinting, that could help help network defenders identify the origin of a network-based attack or help law enforcement track the source of criminal activity. The work could also reveal weaknesses that must be addressed in systems that protect users online anonymity.
group_project
Submitted by Amir Houmansadr on Mon, 10/16/2017 - 1:57pm
The Internet enables people around the world to communicate, fostering free speech, a free press, and democracy. For billions of people, however, the freedom to communicate via the Internet is regulated, monitored and restricted by governments or corporations. To combat such censorship, researchers have designed and deployed a variety of censorship circumvention systems. Unfortunately, such systems have been designed based on ad hoc heuristics (rather than on solid, theoretical foundations) and can be defeated by typical state-level censors.
group_project
Submitted by alfredkobsa on Mon, 10/16/2017 - 12:50pm
Numerous surveys find that Internet users want to limit the personal data that is being collected about them, as well as control the usage of their data. Existing and proposed regulation in the U.S. accords users such rights, in the form of a "transparency and control" obligation on personal data collectors: users should be informed about the rationale of requests for personal data so that they can make an informed decision on whether or not to disclose their data.
group_project
Submitted by Acquisti Alessandro on Mon, 10/16/2017 - 11:29am
Human beings have evolved to detect and react to threats in their physical environment, and have developed perceptual systems selected to assess these physical stimuli for current, material risks. In cyberspace, the same stimuli are often absent, subdued, or deliberately manipulated by malicious third parties. Hence, security and privacy concerns that would normally be activated in the offline world may remain muted, and defense behaviors may be hampered.
group_project
Submitted by Adam Lee on Mon, 10/16/2017 - 10:15am
To date, the application of quantitative security and privacy metrics metrics has seen its greatest successes when exploring the worst-case properties of a system. That is, given a powerful adversary, to what extent does the system preserve some relevant set of properties? While such analyses allow experts to build systems that are resistant to strong attackers, many deployed systems were not designed in this manner. In fact, there is growing evidence that users' privacy is routinely compromised as a byproduct of using social, participatory, and distributed applications.
group_project
Submitted by RDingledine on Fri, 10/13/2017 - 1:42pm
Large-scale Internet censorship prevents citizens of many parts of the world from accessing vast amounts of otherwise publicly available information. The recognition and publication of these censorship events have aided in motivating the development of new privacy-enhancing technologies to circumvent the censor. We argue that as circumvention technologies improve and the cost of detecting their use increases, adversaries that are intent on restricting access to information will seek out alternative techniques for disruption.
