Protect

group_project

Visible to the public EAGER: Identifying Security Critical Properties of a Processor

Submitted by Cynthia Sturton on Mon, 10/23/2017 - 6:17pm

This project focuses on shoring up the security vulnerabilities that exist in computer processors. Just like in software, bugs in hardware present vulnerabilities that can be exploited by determined attackers. Prior work has developed a method whereby the processor monitors itself and sends an alert to software whenever dangerous, anomalous behavior is observed. The question of what constitutes dangerous behavior is an open one, and tackling it is the goal of this research.

group_project

Visible to the public CRII: SaTC: Detecting Security Vulnerabilities in Instruction Set Architectures

Submitted by Cynthia Sturton on Mon, 10/23/2017 - 6:15pm

The interaction between computer processors -- the hardware at the heart of our computers, tablets, and phones -- and software -- apps, web browsers, and other applications -- is governed by an Instruction Set Architecture (ISA). The ISA is the specification that defines how the processor will respond to commands from the software. It is large and complex, too large for a person to understand and reason about all the interactions between different parts completely. As a result, security vulnerabilities exist in the ISA.

Outcomes Report URL: 
https://www.research.gov/research-portal/appmanager/base/desktop?_nfpb=true&_win...
group_project

Visible to the public TWC: Small: Managing User-Level Compromises in Enterprise Networks

Submitted by Craig Shue on Mon, 10/23/2017 - 6:09pm

Organizations need to protect their computer systems from attackers. They often group their own computers into risk pools to reduce threat propagation and monitor the communication between these groups. Unfortunately, this boundary monitoring is unable to see traffic within groups and, since each monitor is segmented, they cannot form a holistic picture of the entire network. Finally, modern approaches must examine network traffic in isolation, without the ability to know what action on the originating computer caused it.

group_project

Visible to the public TWC: Frontier: Collaborative: CORE: Center for Encrypted Functionalities

Submitted by Susan Hohenberger on Mon, 10/23/2017 - 1:57pm

The Center for Encrypted Functionalities (CORE) tackles the deep and far-reaching problem of general-purpose "program obfuscation," which aims to enhance cybersecurity by making an arbitrary computer program unintelligible while preserving its functionality.

group_project

Visible to the public TWC: Frontier: Collaborative: Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives

Submitted by Vern Paxson on Mon, 10/23/2017 - 1:54pm

This project tackles the social and economic elements of Internet security: how the motivations and interactions of attackers, defenders, and users shape the threats we face, how they evolve over time, and how they can best be addressed. While security is a phenomenon mediated by the technical workings of computers and networks, it is ultimately a conflict driven by economic and social issues that merit a commensurate level of scrutiny.

group_project

Visible to the public TWC SBE: TTP Option: Medium: Collaborative: EPICA: Empowering People to Overcome Information Controls and Attacks

Submitted by Wenke Lee on Mon, 10/23/2017 - 1:48pm

This project studies the security of representative personalized services, such as search engines, news aggregators, and on-line targeted advertising, and identifies vulnerabilities in service components that can be exploited by pollution attacks to deliver contents intended by attackers.

group_project

Visible to the public TTP: Medium: Securing the Wireless Philadelphia Network

Submitted by Steven Weber on Thu, 10/19/2017 - 9:56pm

The Wireless Philadelphia Network (WPN) is a metropolitan?area network (MAN) consisting of thousands of Tropos 5210 wireless mesh routers distributed across the entire city of Philadelphia and connected by a fiber backbone. This project is employing this network as a testbed to investigate three diverse security challenges facing any large-scale wireless network servicing a heterogeneous population.

group_project

Visible to the public STARSS: TTP Option: Small: A Quantum Approach to Hardware Security: from Theory to Optical Implementation

Submitted by Yaoyun Shi on Thu, 10/19/2017 - 9:48pm

The problem of ensuring that computer hardware is not surreptitiously malicious is a growing concern. The case of random number generators (RNGs) is particularly important because random numbers are foundational to information security. All current solutions in practice require trusting the hardware, and are therefore vulnerable to hardware attacks. This project explores a quantum-based solution to hardware security by designing and implementing a new class of RNGs that can prove their own integrity to the user.

group_project

Visible to the public STARSS: Small: Trapdoor Computational Fuzzy Extractors

Submitted by Srini Devadas on Thu, 10/19/2017 - 9:39pm

Fuzzy extractors convert biometric data into reproducible uniform random strings, and make it possible to apply cryptographic techniques for biometric security. They are used to encrypt and authenticate user data with keys derived from biometric inputs. This research investigates how hardware security primitives can have provable cryptographic properties, a connection which is largely lacking in currently available hardware primitives.

group_project

Visible to the public STARSS: Small: Collaborative: Specification and Verification for Secure Hardware

Submitted by saseshia on Thu, 10/19/2017 - 4:04pm

There is a growing need for techniques to detect security vulnerabilities in hardware and at the hardware-software interface. Such vulnerabilities arise from the use of untrusted supply chains for processors and system-on-chip components and from the scope for malicious agents to subvert a system by exploiting hardware defects arising from design errors, incomplete specifications, or maliciously inserted blocks.