Develop System Design Methods
group_project
Submitted by William Petullo on Wed, 01/03/2018 - 12:38pm
group_project
Submitted by Sameer Patil on Wed, 01/03/2018 - 12:11pm
The explosion in data gathering has greatly exacerbated existing privacy issues in computing systems and created new ones due to the increase in the scale and the scope of available data as well as the advances in the capabilities of computational data analysis. Software professionals typically have no formal training or education on sociotechnical aspects of privacy. As a result, addressing privacy issues raised by a system is frequently an afterthought and/or a matter of compliance-check during the late phases of the system development lifecycle.
group_project
Submitted by Kemal Akkaya on Wed, 01/03/2018 - 12:09pm
The modernized Smart Grid (SG) is expected to enable several new applications such as dynamic pricing, demand response and fraud detection; however, collection of such fine-grained data raises privacy issues. This project aims to design and implement several novel mechanisms for securing data collection and communication in SG Advanced Metering Infrastructure applications while preserving user privacy when the data are to be accessed.
group_project
Submitted by Long Lu on Wed, 01/03/2018 - 9:59am
Society's dependence on mobile technologies rapidly increases as we entrust mobile applications with more and more private information and capabilities. Existing security research follows a common threat model that treats apps as monolithic entities and only captures attack surface between apps. However, recent research reveals that app internal attacks are emerging quickly as complex entities with conflicting interests are commonly included inside a single app to allow for rich features and fast development.
group_project
Submitted by Yuriy Brun on Wed, 01/03/2018 - 9:56am
Despite an emphasis the security community places on the importance of producing secure software, the number of new security vulnerabilities in software increases every year. This research is based on the assumption that software vulnerabilities are caused by misunderstandings, or lack of knowledge, called blind spots, which the developers experience while they are building systems. When building systems, developers often focus more on functional requirements than on non-functional ones, such as security.
group_project
Submitted by Samuel King on Wed, 01/03/2018 - 9:56am
Computer systems security is an arms race between defenders and attackers that has mainly been confined to software technologies. Increases in the complexity of hardware and the rising number of transistors per chip have created opportunities for hardware-based security threats. Among the most pernicious are malicious hardware footholds inserted at design time, which an attacker can use as the basis of a computer system attack. This project explores of the feasibility of foothold attacks and a fundamental design-time methodology for defending against them.
group_project
Submitted by Norman Sadeh on Tue, 01/02/2018 - 8:44pm
Natural language privacy policies have become a de facto standard to address expectations of notice and choice on the Web. Yet, there is ample evidence that users generally do not read these policies and that those who occasionally do struggle to understand what they read. Initiatives aimed at addressing this problem through the development of machine implementable standards or other solutions that require website operators to adhere to more stringent requirements have run into obstacles, with many website operators showing reluctance to commit to anything more than what they currently do.
group_project
Submitted by Kent Seamons on Tue, 01/02/2018 - 4:27pm
Every time someone uses a phone or computer to connect to an Internet site, software determines whether the connection is safe or being intercepted by attackers. Unfortunately, this software is error-prone, leaving users vulnerable to having their privacy violated or their personal information stolen due to phishing attacks, identity theft, and unauthorized inspection of their encrypted traffic. A number of solutions are being proposed, but the software is fragmented across many platforms and redundantly or incorrectly implemented.
group_project
Submitted by Russell Tessier on Tue, 01/02/2018 - 3:53pm
Field-programmable gate arrays (FPGAs) represent an important computing infrastructure which must be protected from attackers. They are used in a wide variety of applications, including networking routers, satellites, military equipment, and automobiles, among others. The storage of FPGA programming information in memory external to the device creates a natural security weakness which, to date, has primarily been addressed via bitstream encryption.
group_project
Submitted by Michael Goodrich on Tue, 01/02/2018 - 3:18pm
Data structures have a prominent modern computational role, due to their wide applicability, such as in database querying, web searching, and social network analysis. This project focuses on the interplay of data structures with security protocols, examining two different paradigms: the security for data structures paradigm (SD) and the data structures for security paradigm (DS).
