Protect

group_project

Visible to the public TTP: Small: A Kit for Exploring Databases under the Hood for Security, Forensics and Data Recovery

Database Management Systems (DBMS) have been used to store and process data in organizations for decades. Larger organizations use a variety of databases (commercial, open-source or custom-built) for different departments. However, neither users nor Database Administrators (DBAs) know exactly where the data is stored on the system or how it is processed. Most relational databases store internal data using universal principles that can be inferred and captured.

group_project

Visible to the public TC: Small: The Design of Secure Hash Functions and Block Ciphers

While the mathematical study of cryptography has yielded a rich theory, and while the use of cryptography has become quite widespread, there is unfortunately still a significant gap between the theory and practice of cryptography. The goal of this project is to bridge this gap. The emphasis will be on the design and analysis of fundamental cryptographic primitives, such as hash functions and block ciphers, as well as other primitives derived from them, that are practical and yet theoretically sound. Indeed, hash functions and block ciphers are used in almost any cryptographic application.

group_project

Visible to the public TC: Small: Least Privilege Enforcement through Secure Memory Views

The goal of this project is to provide protection against exploits through untrusted third-party software components and against malicious application manipulation. These problems constitute an important class of vulnerabilities in current software, and are tied to a common denominator -- the lack of ability to divide a program and the data manipulated by it in a fine-grained manner and to control the interactions between the resulting constituents.

group_project

Visible to the public TC: Small: Distributed Privacy-Preserving Policy Reconciliation

In order to enable collaboration between different parties it is necessary that the partners reach an agreement on the policy rules that will govern their interaction. While state-of-the-art mechanisms will allow the parties to reconcile their polices, today's policy reconciliation protocols have two main shortcomings. First, they violate privacy since at least one of the parties is required to discloses all its information during the reconciliation process. Second, they generally lack fairness, i.e., the parties' preferences are not recognized.

group_project

Visible to the public Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems

Security and privacy concerns in the increasingly interconnected world are receiving much attention from the research community, policymakers, and general public. However, much of the recent and on-going efforts concentrate on security of general-purpose computation and on privacy in communication and social interactions.

group_project

Visible to the public STARSS: Small: Design of Light-weight RRAM based Hardware Security Primitives for IoT devices

Our society has become increasingly dependent on electronic information exchange between personal devices and the cloud. Unfortunately, the number of identity and secure information leaks is on the rise. Many of the security breaches are due to insecure access channels to the cloud. The security problem is likely to be exacerbated in the Internet-of-Things (IoT) era where billions of devices in our homes, offices and cars are digitally connected.

group_project

Visible to the public Spreading SEEDs: Large-Scale Dissemination of Hands-on Labs for Security Education

This capacity building project seeks to addresses the lack of opportunities for students for experiential learning of Cybersecurity. Although there is no overall shortage of labs anymore, many instructors do not feel comfortable using them in their courses. This project has a potential to help many instructors to provide hands-on learning opportunities to their students. The project is based on the 30 SEED labs, which were developed and tested by the PI over the last ten years and are used by over 150 instructors from 26 countries.

group_project

Visible to the public SHF: Small: Higher-order Contracts for Distributed Applications

Distributed applications (such as web applications and cloud-based applications, where multiple computers cooperate to run the application) are becoming increasingly common. Given the amount of commercial activity and information handled by these distributed applications, it is important that these applications are correct, reliable, and efficient. However, many traditional tools and techniques for programmers cannot be used for distributed applications, making it difficult for programmers to write and debug distributed applications.

group_project

Visible to the public TWC: Small: Collaborative: Secure Data Charging Architecture for Mobile Devices in 3G/4G Cellular Networks: Vulnerabilities and Solutions

Wireless cellular networks serve as an essential cyber-infrastructure for mobile users. Unlike the Internet, cellular networks have adopted usage-based charging, rather than the simpler flat-rate charging. Data-plan subscribers have to pay their data bills based on the consumed traffic volume in 3G/4G networks. Although this metered charging system has been operational and generally successful for years, the security study of such a system remains largely unaddressed.

group_project

Visible to the public SaTC: Small: New Challenges in Functional Encryption

Recent trends in computing have prompted users and organizations to store an increasingly large amount of sensitive data at third party locations in the cloud outside of their direct control. In order to protect this data, it needs to be encrypted. However, traditional encryption systems lack the expressiveness needed for most applications involving big and complex data.