Develop System Design Methods
group_project
Submitted by Anna Lysyanskaya on Tue, 01/02/2018 - 11:32am
An anonymous credential system allows a user to prove that he/she is authorized without revealing his/her identity, and, further, to obtain additional credentials without revealing additional information. In a traditional anonymous credential system, when demonstrating possession of a credential, it is necessary to reveal its issuer.
group_project
Submitted by fei on Thu, 12/21/2017 - 2:29pm
This project establishes a multimedia-based virtual classroom with a virtual lab teaching assistant for the education of cyber physical system (CPS) security. Such a virtual classroom helps college students in resource-limited rural areas to learn the latest CPS security knowledge via an on-line peer-to-peer learning environment with other students from larger schools.
group_project
Submitted by naumann on Thu, 12/21/2017 - 11:10am
This project is developing tools and techniques for cost-effective evaluation of the trustworthiness of mobile applications (apps). The work focuses on enterprise scenarios, in which personnel at a business or government agency use mission-related apps and access enterprise networks.
group_project
Submitted by Hong Jason on Wed, 12/20/2017 - 6:31pm
The goal of our work is to (a) capture people's expectations and surprises in using mobile apps in a scalable manner, and to (b) summarize these perceptions in a simple format to help people make better trust decisions. Our main idea is analyzing privacy in the form of people's expectations about what an app will and won't do, focusing on where an app breaks people's expectations. We are building an App Scanner that combines automated scanning techniques with crowdsourcing.
group_project
Submitted by jannel on Wed, 12/20/2017 - 6:23pm
The goal of our work is to (a) capture people's expectations and surprises in using mobile apps in a scalable manner, and to (b) summarize these perceptions in a simple format to help people make better trust decisions. Our main idea is analyzing privacy in the form of people's expectations about what an app will and won't do, focusing on where an app breaks people's expectations. We are building an App Scanner that combines automated scanning techniques with crowdsourcing.
group_project
Submitted by Long Lu on Wed, 12/20/2017 - 6:16pm
The cybercriminal community is inarguably more organized, better resourced and more motivated than ever to perpetrate massive-scale computer infections across the Internet. The malware distribution systems that they control and operate are characterized by their use of highly specialized suppliers and commoditized malware services.
group_project
Submitted by Justin Cappos on Wed, 12/20/2017 - 4:52pm
The vast majority of the code in most applications comes from the libraries it imports, rather than the program itself. As a result, hackers often exploit flaws in libraries like glibc or openssl that are used across multiple applications instead of attacking individual flaws in code specific to the application. This makes it easier for an attacker to compromise many applications at once with a single exploit. This work isolates the impact of flaws in a deployed program into the smallest area possible.
group_project
Submitted by enck on Wed, 12/20/2017 - 4:40pm
Mobile browsers are beginning to serve as critical enablers of modern computing. With a combination of rich features that rival their desktop counterparts and strong security mechanisms such as TLS/SSL, these mobile browsers are becoming the basis of many other mobile apps. Unfortunately, the security guarantees provided by mobile browsers and the risks associated with today?s mobile web have not been evaluated in great detail.
group_project
Submitted by Katie Dey on Wed, 12/20/2017 - 2:15pm
Cloud computing offers many benefits to users, including increased availability and flexibility of resources, and efficiency of equipment. However, privacy concerns are becoming a major barrier to users transitioning to cloud computing. The privilege design of existing cloud platforms creates great challenges in ensuring the trustworthiness of cloud by granting too much power to the cloud administrators, who could launch serious insider attacks by abusing the administrative privileges.
group_project
Submitted by Daniel Dougherty on Wed, 12/20/2017 - 2:02pm
Computers and people live in a world governed by policy. At the lowest level, policies determine how information flows within networks; at the highest level, they describe how users' personal information is shared across applications. Of course, end-users, as policy authors, make mistakes: rules can have unintended consequences and multiple policies can interact in ways that their authors didn't intend. Users can benefit from tools to help them understand the policies they write and maintain. Policy analysis refers to rigorous methods for detecting these situations before they cause harm.
