CORE

group_project

Visible to the public SaTC: CORE: Small: Number-theoretic aspects of lattice cryptology

Submitted by Stephen Miller on Tue, 03/12/2019 - 4:03pm

This award supports research in the mathematical underpinnings of cryptography. Since the late 1970s, widely-used cryptosystems have been developed based on the perceived difficulty of certain mathematical problems. New applications, as well as improvements in attacks on existing cryptosystems, call for a better understanding of these underlying mathematical problems.

group_project

Visible to the public SaTC: CORE: Small: On the Power of Preprocessing and Non-Uniformity

Submitted by Yevgeniy Dodis on Tue, 03/12/2019 - 4:01pm

Today, hash functions are ubiquitous in that they are widely used in almost every cryptographic application. Thus, accurately analyzing their security is of paramount importance. Unfortunately, traditional analyses of hash functions do not take into account the ability of the attacker to perform (possibly expensive but only one-time) preprocessing attacks, which might dramatically speed up the time to repeatedly attack the respective application in real time. For example, the famous rainbow tables preprocessing attack is the most successful and practical approach to crack passwords.

group_project

Visible to the public SaTC: CORE: Small: Hardening Systems Against Low-Rate DDoS Attacks

Submitted by Jelena Mirkovic on Tue, 03/12/2019 - 3:59pm

Low-rate denial-of-service (LRD) attacks deny access to services by depleting some limited resource at the end host or a network device. This makes the device unable to process legitimate clients' traffic. LRD attacks are very challenging to detect and handle at the network level, since they are very low-rate. It makes the attack traffic a needle in a haystack of legitimate traffic. On the other hand, detecting LRD at the application would require changes to many applications, and would only be effective against specific attack variants.

group_project

Visible to the public SaTC: CORE: Small: Securing GNSS-based infrastructures

Submitted by Pau Closas on Tue, 03/12/2019 - 3:40pm

This project develops novel anti-jamming techniques for Global Navigation Satellite Systems (GNSS) that are effective, yet computationally affordable. GNSS is ubiquitous in civilian, security and defense applications, causing a growing dependence on such technology for position and timing purposes, particularly in critical infrastructures. The threat of a potential disruption of GNSS is real and can lead to catastrophic consequences. This project studies methods to secure GNSS receivers from jamming interference, and doing so within size, weight, and power (SWAP) requirements.

group_project

Visible to the public SaTC: CORE: Small: Enabling Systematic Evaluation of the Soundness of Android Security Analysis Techniques

Submitted by Adwait Nadkarni on Tue, 03/12/2019 - 3:37pm

Mobile devices have become the fabric of our current consumer computing landscape, driven by the diverse "apps" they support, which allow users to carry out complex computing tasks. These devices and apps have become deeply personal, and as such have access to privacy-sensitive resources and information. To prevent misuse of this access, it is imperative to understand the challenges in securing mobile apps, and in effect, the true capabilities of current approaches for security analysis.

group_project

Visible to the public SaTC: CORE: Small: Collaborative: Covert/Secret and Efficient Message Transfer in (Mobile) Multi-Agent Environments

Submitted by Joerg Kliewer on Tue, 03/12/2019 - 3:32pm

This project explores secret and efficient (preferably covert) communications by harnessing the resources brought in by smart everyday devices in emerging Internet of Things (IoT) environments. Reliability, efficiency, and secrecy are essential requirements in communication networks. Hiding that communication is even taking place is often crucial in adversarial environments and automatically achieves the increasingly important societal goals of privacy and anonymity.

group_project

Visible to the public SaTC: CORE: Small: Towards Adversarially Robust Machine Learning

Submitted by Aleksander Madry on Tue, 03/12/2019 - 3:30pm

Machine learning has witnessed tremendous progress over the last decade and is rapidly becoming a critical part of key aspects of our lives, from health care and financial services, to the way we evaluate job applications, commute to work, or even use media. This gives rise to a fundamental question: how will all these machine learning solutions fare when applied in real-world settings that are safety-sensitive or even security-critical? Will these solutions be sufficiently reliable and resistant to malicious tampering? These concerns are hardly unjustified.

group_project

Visible to the public SaTC: CORE: Small: Collaborative: Enabling Precise and Automated Insecurity Analysis of Middleware on Mobile Platforms

Submitted by Lannan Luo on Tue, 03/12/2019 - 3:20pm

During the past decade, middleware on mobile platforms (such as the Application Framework in Android and the Core Services layer in iOS) has been flourishing, but the insecurity analysis of such middleware has been lagging behind. For example, while comprehensive studies have been conducted at the application layer of the Android system, there is very limited work analyzing the Android Application Framework (Android Framework, for short), a middleware layer in the Android system.

group_project

Visible to the public SaTC: CORE: Small: Collaborative: A Multi-Layer Learning Approach to Mobile Traffic Filtering

Submitted by M. Zubair Shafiq on Fri, 03/08/2019 - 5:41pm

The mobile ecosystem has become an attractive target for various types of abuses. For instance, many mobile applications leak sensitive user information, such as email addresses and location, which is a privacy issue. Second, attackers routinely disguise malware in seemingly legitimate mobile apps to launch attacks, which poses security threats. Third, many mobile apps and sites push intrusive und undesirable ads, such as auto-play and pop-ups, which harm usability.

group_project

Visible to the public SaTC: CORE: Small: Collaborative: Enabling Precise and Automated Insecurity Analysis of Middleware on Mobile Platforms

Submitted by Qiang Zeng on Fri, 03/08/2019 - 5:38pm

During the past decade, middleware on mobile platforms (such as the Application Framework in Android and the Core Services layer in iOS) has been flourishing, but the insecurity analysis of such middleware has been lagging behind. For example, while comprehensive studies have been conducted at the application layer of the Android system, there is very limited work analyzing the Android Application Framework (Android Framework, for short), a middleware layer in the Android system.