Protect

group_project

Visible to the public SBE: Small: Collaborative: Improving Security Behavior of Employees in Cyberspace through Evidence-based Malware Reports and E-Learning Materials

As the use of Web applications has increased, malicious content and cyber attacks are rapidly increasing in both their frequency and their sophistication. For unwary users and their organizations, social media sites such as Tumblr, Facebook, MySpace, Twitter, and LinkedIn pose a variety of serious security risks and threats. Recent studies show that social media sites are more in use for delivering malware than were previously popular methods of email delivery. Because of this, many organizations are looking for ways to implement effective security policies.

group_project

Visible to the public TWC: Small: Collaborative: Practical Security Protocols via Advanced Data Structures

Data structures have a prominent modern computational role, due to their wide applicability, such as in database querying, web searching, and social network analysis. This project focuses on the interplay of data structures with security protocols, examining two different paradigms: the security for data structures paradigm (SD) and the data structures for security paradigm (DS).

group_project

Visible to the public TWC: Small: Towards Stealth Networks: Fundamental Limits and Algorithms for Stealth Communications

The widespread development of communication networks has profoundly transformed our society, resulting in a significant increase in productivity and efficiency. However, the benefits of this increased connectivity are today also counterbalanced by the ease with which malicious individuals can interfere or tamper with sensitive data and information. The past decade has thus witnessed a growing concern for the issues of privacy, confidentiality, and integrity of communications.

group_project

Visible to the public TWC: Small: Deker: Decomposing Commodity Kernels for Verification

The problem of insecure computing environments has large impacts on society: security breaches lead to violations of privacy, financial frauds, espionage, sabotage, lost productivity, and more. These, in turn, result in vast economic damage. A major reason for the severity of these consequences is that many systems run on top of an insecure operating system kernel. The Linux kernel, a de facto industry standard for embedded, mobile, cloud, and supercomputing environments, is often a target for security attacks.

group_project

Visible to the public EAGER: Defending Against Visual Cyberbullying Attacks in Emerging Mobile Social Networks

Adolescents have fully embraced social networks for socializing and communicating. However, cyberbullying has become widely recognized as a serious social problem, especially for adolescents using social networks. Also, cyberbullying techniques change rapidly. Perpetrators can use the camera-capacity of their mobile devices to bully others through making and distributing harmful pictures or videos of their victims via mobile social networks.

group_project

Visible to the public EAGER: Toward Transparency in Public Policy via Privacy-Enhanced Social Flow Analysis with Applications to Ecological Networks and Crime

Recent improvements in computing capabilities, data collection, and data science have enabled tremendous advances in scientific data analysis. However, the relevant data are often highly sensitive (e.g., Census records, tax records, medical records). This project addresses an emerging and critical scientific problem: Privacy concerns limit access to raw data that might reveal information about individuals. Techniques to "sanitize" such data (e.g., anonymization) could have negative impact on the quality of the scientific results that use the data.

group_project

Visible to the public EAGER: Privacy Compliance by Design: Ideation Techniques to Facilitate System Design Compliant with Privacy Laws and Regulations

The explosion in data gathering has greatly exacerbated existing privacy issues in computing systems and created new ones due to the increase in the scale and the scope of available data as well as the advances in the capabilities of computational data analysis. Software professionals typically have no formal training or education on sociotechnical aspects of privacy. As a result, addressing privacy issues raised by a system is frequently an afterthought and/or a matter of compliance-check during the late phases of the system development lifecycle.

group_project

Visible to the public TWC TTP: Small: Collaborative: Privacy-Preserving Data Collection and Access for IEEE 802.11s-Based Smart Grid Applications

The modernized Smart Grid (SG) is expected to enable several new applications such as dynamic pricing, demand response and fraud detection; however, collection of such fine-grained data raises privacy issues. This project aims to design and implement several novel mechanisms for securing data collection and communication in SG Advanced Metering Infrastructure applications while preserving user privacy when the data are to be accessed.

group_project

Visible to the public TWC: Small: STRUCT: Enabling Secure and Trustworthy Compartments in Mobile Applications

Society's dependence on mobile technologies rapidly increases as we entrust mobile applications with more and more private information and capabilities. Existing security research follows a common threat model that treats apps as monolithic entities and only captures attack surface between apps. However, recent research reveals that app internal attacks are emerging quickly as complex entities with conflicting interests are commonly included inside a single app to allow for rich features and fast development.