Protect

group_project

Visible to the public EAGER: Collaborative: Towards Understanding the Attack Vector of Privacy Technologies

Advances in privacy-enhancing technologies, including cryptographic mechanisms, standardized security protocols, and infrastructure, significantly improved privacy and had a significant impact on society by protecting users. At the same time, the success of such infrastructure has attracted abuse from illegal activities, including sophisticated botnets and ransomware, and has become a marketplace for drugs and contraband; botnets rose to be a major tool for cybercrime and their developers proved to be highly resourceful.

group_project

Visible to the public EAGER: Collaborative: Toward a Test Bed for Heavy Vehicle Cyber Security Experimentation

Heavy vehicles, such as trucks and buses, are part of the US critical infrastructure and carry out a significant portion of commercial and private business operations. Little effort has been invested in cyber security for these assets. If an adversary gains access to the vehicle's Controller Area Network (CAN), attacks can be launched that can affect critical vehicle electronic components. Traditionally, physical access to a heavy vehicle was required to access the CAN.

group_project

Visible to the public TWC: Medium: Collaborative: Long-term Active User Authentication Using Multi-modal Profiles

This project aims at advancing the state-of-the-art in cybersecurity by developing efficient methods for generating novel biometric signatures and performing active and continuous user authentication. Current authentication procedures typically occur once at the initial log-in stage and involve user proxies such as passwords and smart cards which suffer from several vulnerabilities.

group_project

Visible to the public CRII: SaTC: Robust and Platform Independent Recovery of Design Features from C++ Binaries

Computer software play a ubiquitous role in the modern way of life. Attacks against vulnerable software lead to compromise and loss of financial and personal information. While the application stores and the software manufacturers may strive to provide vulnerability-free software, the onus to defend against attacks and ensure integrity of one?s personal information and resources is on the end-user.

group_project

Visible to the public CRII: SaTC: Rethinking Side Channel Security on Untrusted Operating Systems

Recent advances of isolated execution technologies, especially the emergence of Intel Software Guard eXtension (SGX), revolutionize the model of computer security and empower programs with sensitive data and code to be shielded from untrusted operating systems. However, their security guarantees have not yet been thoroughly investigated against the notorious vector of information leakage side-channel attacks. It is conceivable that side-channel attacks with full control of the underlying operating system are more diverse, efficient and robust than those from unprivileged programs.

group_project

Visible to the public CRII: SaTC: Re-Envisioning Contextual Services and Mobile Privacy in the Era of Deep Learning

Deep Learning (DL)-powered personalization holds great promise to fundamentally transform the way people live, work and travel, but poses high risk to people's individual privacy. This project will address the privacy risks arising in DL-powered contextual mobile services by developing solutions that facilitate the use of personal information while maintaining explicit user control over use of the information.

group_project

Visible to the public TWC: Option: Medium: Measurement-Based Design and Analysis of Censorship Circumvention Schemes

The Internet has become one of the most effective and common means of conveying expression that is likely to be controversial or suppressed. This freedom of expression is threatened by the now widespread practice of Internet censorship by both private and state interests.

group_project

Visible to the public CRII: SaTC: Hardware based Authentication and Trusted Platform Module functions (HAT) for IoTs

Crucial and critical needs of security and trust requirements are growing in all classes of applications such as in automobiles and for wearable devices. Traditional cryptographic primitives are computation-intensive and rely on secrecy of shared or session keys, applicable on large systems like servers and secure databases. This is unsuitable for embedded devices with fewer resources for realizing sufficiently strong security. This research addresses new hardware-oriented capabilities and mechanisms for protecting Internet of Things (IoT) devices.

group_project

Visible to the public CRII: SaTC: Efficient Secure Multiparty Computation of Large-Scale, Complex Protocols

Many challenging real world problems, e.g., voting and blind auction, require computation over sensitive data supplied by multiple mutually-distrustful entities. Elegant cryptographic theories have been developed to solve these problems without relying on a mutually-trusted third party. Practitioners also built prototypes capable of securely computing set intersection, AES encryption, Hamming distance, etc. However, many other applications, such as data mining and running universal machines, are far more complex than what can be supported by the state-of-the-art techniques.

group_project

Visible to the public CRII: SaTC: Computational Correlations: A New Tool for Cryptography

Understanding the computational hardness of securely realizing cryptographic primitives is a fundamental problem in cryptography. One such vital cryptographic primitive is oblivious transfer and understanding the essence of implementing it has significant consequences to cryptography, like bringing secure multi-party computation closer to reality. This research develops a new theory to explore this broad concept, namely the theory of computational correlations.