Protect

group_project

Visible to the public TWC: TTP Option: Large: Collaborative: Towards a Science of Censorship Resistance

Submitted by Nicholas Feamster on Tue, 10/10/2017 - 12:09pm

The proliferation and increasing sophistication of censorship warrants continuing efforts to develop tools to evade it. Yet, designing effective mechanisms for censorship resistance ultimately depends on accurate models of the capabilities of censors, as well as how those capabilities will likely evolve. In contrast to more established disciplines within security, censorship resistance is relatively nascent, not yet having solid foundations for understanding censor capabilities or evaluating the effectiveness of evasion technologies.

group_project

Visible to the public TC: Large: Collaborative Research: Facilitating Free and Open Access to Information on the Internet

Submitted by Nicholas Feamster on Tue, 10/10/2017 - 12:05pm

This project develops methods to provide citizens information about technologies that obstruct, restrict, or tamper with their access to information. Internet users need an objective, independent, third-party service that helps them determine whether their Internet service provider or government is restricting access to content, specific protocols, or otherwise degrading service. Towards this goal, we are (1) monitoring attempts to block or manipulate Internet content and communications; and (2) evaluating various censorship circumvention mechanisms in real-world deployments}.

group_project

Visible to the public TWC: Small: Collaborative: The Master Print: Investigating and Addressing Vulnerabilities in Fingerprint-based Authentication Systems

Submitted by Nasir Memon on Tue, 10/10/2017 - 11:55am

The objective of this project is to investigate the security of fingerprint authentication systems, especially those using partial fingerprints. A number of consumer electronic devices, such as smartphones, are beginning to incorporate fingerprint sensors for user authentication. The sensors embedded in these devices are generally very small and the resulting images are, therefore, limited in size.

group_project

Visible to the public TWC: Medium: Collaborative: Black-Box Evaluation of Cryptographic Entropy at Scale

Submitted by Nadia Heninger on Tue, 10/10/2017 - 11:21am

The ability to generate random numbers -- to flip coins -- is crucial for many computing tasks, from Monte Carlo simulation to secure communications. The theory of building such subsystems to generate random numbers is well understood, but the gap between theory and practice is surprisingly wide. As built today, these subsystems are opaque and fragile. Flaws in these subsystems can compromise the security of millions of Internet hosts.

group_project

Visible to the public TWC: Small: Collaborative: An Iterative Approach to Secure Computation

Submitted by Muthuramakrishn V... on Tue, 10/10/2017 - 11:16am

Secure multi-party computation (SMC) allows several mutually untrusting parties to perform joint computations while keeping their inputs private. This project develops new techniques for constructing two-party secure computation protocols with low communication overhead. Building on the PIs prior work for constructing special-purpose secure computation protocols for greedy algorithms, this project aims to develop new techniques that exploit the algorithmic structure of a function in order to develop more efficient secure computation protocols.

group_project

Visible to the public TWC: Medium: Collaborative: Exposing and Mitigating Cross-Channel Attacks that Exploit the Convergence of Telephony and the Internet

Submitted by Mustaque Ahamad on Mon, 10/09/2017 - 5:09pm

Rapid advances in technology now enable simultaneous access to both telephony and Internet services from smart phone devices that people carry with them at all times. Although this convergence of telephony with the Internet offers many benefits, it also provides cyber criminals the ability to develop increasingly sophisticated attacks that combine resources from both the telephony and Internet channels.

group_project

Visible to the public CAREER: Exo-Core: An Architecture to Detect Malware as Computational Anomalies

Submitted by tiwari on Mon, 10/09/2017 - 4:36pm

Applications that run on billions of mobile devices backed by enormous datacenters hold the promise of personal, always-on healthcare; of intelligent vehicles and homes; and thus of a healthier, more efficient society. It is imperative to make such applications secure by protecting their integrity and keeping their data confidential. However, malicious programs (``malware'') today can subvert the best software-level defenses by impersonating benign processes on mobile devices or by attacking victim processes through the hardware on shared datacenter servers.

group_project

Visible to the public TWC: Small: Collaborative: Multi-Layer Approaches for Securing Enhanced AMI Networks against Traffic Analysis Attacks

Submitted by Mohamed Mahmoud on Mon, 10/09/2017 - 4:32pm

The U.S. power grid is being replaced with a smart grid, a complex network of intelligent electronic devices, distributed generators, and dispersed loads, which requires communication networks for management and coordination. Advanced metering infrastructure (AMI) networks are one part of the smart grid to provide two-way communications between smart meters at the consumers' side and the utility companies. AMI networks allow utilities to collect power consumption data at high frequency rates.

group_project

Visible to the public TWC: Small: Subversion-Resistant Cryptography

Submitted by Mihir Bellare on Mon, 10/09/2017 - 4:12pm

This work aims to effectively address security concerns while maintaining the privacy of individuals and corporations. The project analyzes subversive attacks, develops defenses and deterrents, creates privacy tools and software, and increases awareness and expertise through teaching, mentoring and involvement of students in research.

group_project

Visible to the public EDU: Collaborative: Enhancing Education in Genetic Privacy with Integration of Research in Computer Science and Bioinformatics

Submitted by Xintao Wu on Mon, 10/09/2017 - 3:13pm

The era of personal genomics, where genetic information is ubiquitously available for research, clinical practice or personal curiosity, is quickly approaching. At the same time, there is a growing concern of genetic privacy and the existing educational resources are focused mostly on legal, regulatory or ethical issues in personal genomics.