Protect

group_project

Visible to the public EAGER: Collaborative: Computational Cognitive Modeling of User Security and Incentive Behaviors

Submitted by Anton Dahbura on Mon, 10/16/2017 - 2:56pm

User behavior is a critical element in the success or failure of computer security protections. The field of Human Security Informatics (HSI) combines security informatics and human-computer interaction design to learn how the design of a human-computer interface can affect the security of a computer system. This research project is contributing to the scientific foundations of HSI by modeling how multitasking users behave when making security-critical decisions.

group_project

Visible to the public TWC: Small: Time-Centric Modeling of Correct Behaviors for Efficient Non-intrusive Runtime Detection of Unauthorized System Actions

Submitted by Roman Lysecky on Mon, 10/16/2017 - 2:49pm

Embedded computing systems are found at the heart of medical devices, automotive systems, smartphone, etc. Securing these embedded systems is a significant challenge that requires new methods that address the power, time, and cost requirements under which these systems operate. Because embedded systems must meet precise time requirements, detecting changes in timing can indicate the presence of malware. This research investigates new models for capturing the expected behavior of embedded systems, in which time requirements play a pivotal role.

group_project

Visible to the public CAREER: Automated Analysis of Security Hyperproperties

Submitted by Rohit Chadha on Mon, 10/16/2017 - 2:47pm

Computer programs and cryptographic protocols are increasingly being used to access confidential and private information on the Internet. Due to their complex nature, they often have subtle errors that can be exploited by malicious entities. As security flaws can have serious consequences, it is important to ensure that computer programs and cryptographic protocols achieve their security objectives.

group_project

Visible to the public TWC: Medium: Collaborative: Automated Formal Analysis of Security Protocols with Private Coin Tosses

Submitted by Rohit Chadha on Mon, 10/16/2017 - 2:44pm

Computerized systems are present in various aspects of modern society. These systems are used to access and share confidential information. Such sharing is achieved through cryptographic protocols which often employ randomization to introduce unpredictability in their behavior to achieve critical security objectives and make it difficult for the malicious adversaries to infer the underlying execution of the participants.

group_project

Visible to the public TWC: Small: Design and Analysis of Symmetric Key Ciphers

Submitted by Andrew Klapper on Mon, 10/16/2017 - 2:39pm

Pseudorandom sequences (PRS) exhibit a statistical randomness and are widely used in applications where randomness is needed and PRS generation can be effectively done. Many everyday applications in digital computing and communication require randomness to operate correctly. For example, these include secure network communications, global positioning systems, and even weather prediction simulations. Yet, few general generators of high quality pseudorandom sequences are known.

group_project

Visible to the public TWC: Small: PERMIT: Privacy-Enabled Resource Management for IoT Networks

Submitted by asarwate on Mon, 10/16/2017 - 2:33pm

This project investigates how privacy can be used to inform the design and management of future data sensing systems. Networked systems that collect data about individuals will play an increasingly important role in our lives, with applications including industrial monitoring and control, "smart" homes/cities, and personalized health care. These systems will gather private information about individuals, which creates many coupled engineering challenges.

group_project

Visible to the public EAGER: Towards a Better Understanding of Group Privacy in Social Media Community Detection

Submitted by Abbadi El on Mon, 10/16/2017 - 2:27pm

Much of human communication is now mediated by online social networks. Twitter, Facebook, and Youtube now compete for our collective attention in much the same way as television, radio, and newspapers did for previous generations. But contemporary online social media are qualitatively different from media of the past. Online communication leaves a record of who said what to whom, when, and on what topic.

group_project

Visible to the public CAREER: Sustainable Censorship Resistance Systems for the Next Decade

Submitted by Amir Houmansadr on Mon, 10/16/2017 - 1:57pm

The Internet enables people around the world to communicate, fostering free speech, a free press, and democracy. For billions of people, however, the freedom to communicate via the Internet is regulated, monitored and restricted by governments or corporations. To combat such censorship, researchers have designed and deployed a variety of censorship circumvention systems. Unfortunately, such systems have been designed based on ad hoc heuristics (rather than on solid, theoretical foundations) and can be defeated by typical state-level censors.

group_project

Visible to the public EAGER: Unattended/Automated Studies of Effects of Auditory Distractions on Users Performing Security-Critical Tasks

Submitted by alfredkobsa on Mon, 10/16/2017 - 12:47pm

User errors or delays while performing security-critical tasks can lead to undesirable or even disastrous consequences. The impact of both accidental and intentional distractions on users in such situations has received little investigation. In particular, it is unclear whether and how sensory stimuli (e.g., sound or light) influence users' behavior and trigger mistakes. Better understanding of the effects of such distractions can lead to increased user awareness and countermeasures.

group_project

Visible to the public TWC: Small: Collaborative: A Unifying Framework For Theoretical and Empirical Analysis of Secure Communication Protocols

Submitted by Alexandra Boldyreva on Mon, 10/16/2017 - 12:15pm

Many networking protocols have been designed without security in mind, and many cryptographic schemes have been designed without practical deployments in mind. Moreover, most of security-enhanced communication protocols still lack the provable-security treatment and hence the security guarantees. This project aims at bridging the gap between protocol design, implementation, deployment, and security guarantees by developing a novel general security framework that facilitates the provable-security analyses of practical networking protocols.