TC

This proposal is developing theoretical foundations as well as algorithms and software for secrecy-preserving reasoning. The key novel idea, rather different from existing work, is to exploit the indistinguishability (as far as the querying agent is concerned) between secret information, on one hand, and incomplete information, on the other hand, under the open world semantics.

In this age of identity theft, Facebook, and TSA screening, protecting confidential information from improper disclosure has emerged as a fundamental issue for trustworthy computing, involving both technical and social dimensions. While it is sometimes possible to stop undesirable information flows completely, it is perhaps more typical that some undesirable flows are unavoidable. For instance an ATM machine that rejects an incorrect PIN thereby reveals that the secret PIN is not the one that was entered.

The objective of the proposed research is to systematically understand, evaluate and contribute towards the problem of membership inference in aggregate data publishing, a generic, novel, and dangerous privacy threat in a wide variety of real-world applications. The main idea proposed to address the problem of membership inference is an information-theoretic model of privacy disclosure as a noisy communication channel.

Unfortunately, cyber crime has become a business today. In contrast to the Internet security situation ten years ago, most of the significant Internet attacks today aim to make a financial profit. A popular and effective choice of criminals today for sending spam, stealing data, and launching attacks are so called bots -- a type of malware that is written with the intent of compromising and taking control of hosts on the Internet. The main distinguishing characteristic of a bot compared to other types of malware is that a bot is able to establish a command and control (C&C) channel.

This project will aid understanding of the emergence of computer security. It will examine key computer-security concepts and approaches in the domains of government, universities, industry, and criminal justice. Project activities include: [A] Conducting 30 detailed Oresearch gradeO oral histories with key figures in the field. Transcripts will be publicly available on the website of the Charles Babbage Institute. [B] Collecting and archiving valuable documentary materials, including reports, correspondence, and grey literature, again to be accessible at CBI.