Protect

Safely managing the release of data containing confidential information about individuals is a problem of great societal importance. Governments, institutions, and researchers collect data whose release can have enormous benefits to society by influencing public policy or advancing scientific knowledge. But dissemination of these data can only happen if the privacy of the respondents' data is preserved or if the amount of disclosure is limited.

This project develops a holistic approach to sociotechnical system security that combines innovations in both criminology and engineering/computer science. We design unified sociotechnical security models that capture how sociotechnical intrusions against social as well as technical aspects of the system (i.e., modeled as hidden sequences of system security states) result in observed hard data such as security sensor alerts and soft data produced by human/social sensors such as reports about slow machines.

The project develops new technologies for continual, web-scale measurement and rapid defenses against emerging threats to web privacy and security arising from third-party tracking. It draws from the fields of web security, systems, measurement, statistics, and machine learning. The outputs of this project will enable website administrators to find and fix a large class of privacy and security problems. They will help improve existing browser privacy tools.

Attacks on software applications such as email readers and web browsers are common. These attacks can cause damages ranging from application malfunction, loss of private data, to a complete takeover of users' computers. One effective strategy for limiting the damage is to adopt the principle of least privilege in application design: the application is split into several protection domains and each domain is given only the necessary privileges to perform its task.

Embedded systems currently rely on local and often insecure state retention for process control and subsequent forensic analysis. As critical embedded control systems (e.g., smart grids, SCADA) generate increasing amounts of data and become ever more connected to other systems, secure retention and management of that data is required. Attacks such as Stuxnet show that SCADA and other systems comprising critical infrastructure are vulnerable to the compromise of controllers and sensing devices, as well as falsification of data to circumvent anomaly detection mechanisms.