Deter

The problem of cyber-security encompasses computer systems of all sizes and affects almost all aspects of our day-to-day lives. This makes it fundamentally important to detect accurately and respond quickly to cyber-threats as they develop. This project aims to develop techniques and tools that can accelerate the process of understanding and responding to new cyber-threats as they develop. The authors of malicious software (malware) usually try to make the malware stealthy in order to avoid detection.

A key property of modern day network environments such as the Internet is the possibility of multiple processes running simultaneously, concurrently and unaware of each other. However, the same property also allows an attacker for a coordinated attack in which an adversary controls many parties, interleaving the executions of the various protocol instances and creating rogue interactions between protocols. With changing network environments and new-emerging paradigms such as cloud computing, we need to assess the threat model in order to capture a broader class of attacks.

Used by hundreds of millions of people every day, online services are central to everyday life. Their popularity and impact make them targets of public opinion skewing attacks, in which those with malicious intent manipulate the image of businesses, mobile applications and products. Website owners often turn to crowdsourcing sites to hire an army of professional fraudsters to paint a fake flattering image for mediocre subjects or trick people into downloading malicious software.

The problem of insecure computing environments has large impacts on society: security breaches lead to violations of privacy, financial frauds, espionage, sabotage, lost productivity, and more. These, in turn, result in vast economic damage. A major reason for the severity of these consequences is that many systems run on top of an insecure operating system kernel. The Linux kernel, a de facto industry standard for embedded, mobile, cloud, and supercomputing environments, is often a target for security attacks.

Every time someone uses a phone or computer to connect to an Internet site, software determines whether the connection is safe or being intercepted by attackers. Unfortunately, this software is error-prone, leaving users vulnerable to having their privacy violated or their personal information stolen due to phishing attacks, identity theft, and unauthorized inspection of their encrypted traffic. A number of solutions are being proposed, but the software is fragmented across many platforms and redundantly or incorrectly implemented.