Protect

group_project

Visible to the public STARSS: Small: New Attack Vectors and Formal Security Analysis for Integrated Circuit Logic Obfuscation

Submitted by Siddharth Garg on Wed, 10/18/2017 - 4:15pm

Reverse engineering of integrated circuits (ICs) has become a major concern for semiconductor design companies since services to depackage, delayer and image an IC can be used to extract the underlying design. IP theft of this nature has not only economic impact due to IP theft, but also compromises the security of ICs used in military and critical infrastructure.

group_project

Visible to the public STARSS: Small: Collaborative: Zero-Power Dynamic Signature for Trust Verification of Passive Sensors and Tags

Submitted by Shantanu Chakraba... on Wed, 10/18/2017 - 4:13pm

As passive tagging technologies like RFID become more economical and ubiquitous, it can be envisioned that in the future, millions of sensors integrated with these tags could become an integral part of the next generation of smart infrastructure and the overall concept of internet-of-things. As a result, securing these passive assets against data theft and counterfeiting would become a priority, reinforcing the importance of the proposed dynamic authentication techniques.

group_project

Visible to the public TWC: Medium: Collaborative: Broker Leads for Privacy-Preserving Discovery in Health Information Exchange

Submitted by Carl Gunter on Wed, 10/18/2017 - 3:18pm

Support for research on distributed data sets is challenged by stakeholder requirements limiting sharing. Researchers need early stage access to determine whether data sets are likely to contain the data they need. The Broker Leads project is developing privacy-enhancing technologies adapted to this discovery phase of data-driven research. Its approach is inspired by health information exchanges that are based on a broker system where data are held by healthcare providers and collected in distributed queries managed by the broker.

group_project

Visible to the public TWC: Small: Complexity Assumptions for Cryptographic Schemes

Submitted by Boaz Barak on Wed, 10/18/2017 - 1:35pm

This project investigates the foundational computational underpinnings of secure systems. Cryptographic constructions such as encryption, signatures, and more rely for their security on the conjectured computational difficulty of certain problems. For example, many public key encryption currently in use would be broken if someone discovered an efficient algorithm to factor large integers. Unfortunately, the current state of art is that we are unable to prove that these problems are truly hard, and so need to rely on unproven conjectures.

group_project

Visible to the public SBE TWC: Small: Collaborative: Privacy Protection in Social Networks: Bridging the Gap Between User Perception and Privacy Enforcement

Submitted by Bo Luo on Wed, 10/18/2017 - 1:29pm

Online social networks, such as Facebook, Twitter, and Google+, have become extremely popular. They have significantly changed our behaviors for sharing information and socializing, especially among the younger generation. However, the extreme popularity of such online social networks has become a double-edged sword -- while promoting online socialization, these systems also raise privacy issues.

group_project

Visible to the public SBE: Small: Continuous Human-User Authentication by Induced Procedural Visual-Motor Biometrics

Submitted by Yong Guan on Wed, 10/18/2017 - 11:29am

Validating a user's identity is one of the fundamental security requirements in cyberspace. Current authentication approaches require people to create and remember secret credentials such as complex passwords, or to possess special hardware authentication tokens. Both are vulnerable to being compromised, or illegally shared. Even worse, authentication is typically supported solely at the start of a session.

group_project

Visible to the public SaTC: STARSS: Collaborative: IPTrust: A Comprehensive Framework for IP Integrity Validation

Submitted by Swarup Bhunia on Wed, 10/18/2017 - 11:20am

To reduce production cost while meeting time-to-market constraints, semiconductor companies usually design hardware systems with reusable hardware modules, popularly known as Intellectual Property (IP) blocks. Growing reliance on these hardware IPs, often gathered from untrusted third-party vendors, severely affects the security and trustworthiness of the final system. The hardware IPs acquired from external sources may come with deliberate malicious implants, undocumented interfaces working as hidden backdoor, or other integrity issues.

group_project

Visible to the public SaTC: Hardware-Assisted Methods for Operating System Integrity

Submitted by Vinod Ganapathy on Wed, 10/18/2017 - 11:09am

Operating systems (OS) form the core of the trusted computing base on most computer platforms. The security of a platform therefore crucially relies on the correct and secure operation of its OS. Unfortunately, malicious software such as rootkits infect the OS by compromising the integrity of its code and data, thereby jeopardizing the security of the entire platform.

group_project

Visible to the public TWC: Medium: Collaborative: Development and Evaluation of Next Generation Homomorphic Encryption Schemes

Submitted by Berk Sunar on Tue, 10/17/2017 - 5:37pm

Fully homomorphic encryption (FHE) is a promising new technology that enables an untrusted party to efficiently compute directly on ciphertexts. For instance, with FHE a cloud server without access to the user's encrypted content can still provide text search services. An efficient FHE scheme would significantly improve the security of sensitive user data stored and processed on cloud servers. Significant progress has been made in bringing FHE proposals closer to practice.

group_project

Visible to the public TWC: Medium: Micro-Policies: A Framework for Tag-Based Security Monitors

Submitted by Benjamin Pierce on Tue, 10/17/2017 - 5:33pm

Current cybersecurity practice is inadequate to defend against the security threats faced by society. Unlike physical systems, present-day computers lack supervising safety interlocks to help prevent catastrophic failures. Worse, many exploitable vulnerabilities arise from the violation of well-understood safety and security policies that are not enforced due to perceived high performance costs. This project aims to demonstrate how language design and formal verification can leverage emerging hardware capabilities to engineer practical systems with strong security and safety guarantees.