Deter

Current cloud based systems enable distributed access to both information and computational resources. In this setting, it is imperative to have secure communication, and powerful and expensive cryptographic techniques have been proposed to address this issue. A severely limiting factor, however, is that these methods for securely accessing or processing data between participating parties can result in communication overheads when processing large amounts of data.

Whether it is on their smartphones, in their browsers or on social networks, people are confronted with an increasingly unmanageable number of privacy settings. What is needed is a new, more scalable paradigm that empowers them to regain control over the collection and use of their data. This is particularly the case for mobile apps people download on their smartphones. These apps have been shown to collect and share a wide variety of sensitive data, with users unable to keep up.

The proposed project will develop Visualization and Analysis of C Code Security (VACCS) tool to assist students with learning secure code programming. The proposal addresses the critical issue of learning secure coding through the development of a system for analyzing and visualizing C code and associated learning materials. VACCS will utilize static and dynamic program analysis to detect security vulnerabilities and warn programmers about the potential errors in their code.

Cybersecurity is one of the most strategically important areas in computer science, and also one of the most difficult disciplines to teach effectively. Historically, hands-on cyber security exercises helped students reinforce basic concepts, but most of them focused on user level attacks and defenses. Since OS kernels provide the foundations to the applications, any compromise to OS kernels will lead to an entirely untrusted computing. Therefore, it is imperative to teach students the practice of kernel level attacks and defenses.

This project develops methods to provide citizens information about technologies that obstruct, restrict, or tamper with their access to information. Internet users need an objective, independent, third-party service that helps them determine whether their Internet service provider or government is restricting access to content, specific protocols, or otherwise degrading service. Towards this goal, we are (1) monitoring attempts to block or manipulate Internet content and communications; and (2) evaluating various censorship circumvention mechanisms in real-world deployments}.