Activity Stream

CMU Science of Security Lablet Research Initiative

webform

Visible to the public Summer 2017 Quarterly Lablet Meeting at CMU

page

Visible to the public CMU QUARTERLY REPORT HIGHLIGHTS

SoS Quarterly Summaries for CMU

2017: January 2017

2016: October 2016, July 2016, April 2016, January 2016

group_project

Visible to the public Real-time Privacy Risk Evaluation and Enforcement

Critical infrastructure is increasingly comprised of distributed, inter---dependent components and information that is vulnerable to sophisticated, multi---stage cyber---attacks. These attacks are difficult to understand as isolated incidents, and thus to improve understanding and response, organizations must rapidly share high quality threat, vulnerability and exploit---related, cyber---security information. However, pervasive and ubiquitous computing has blurred the boundary between work---related and personal data. This includes both the use of workplace computers for p

group_project

Visible to the public Usable Formal Methods for the Design and Composition of Security and Privacy Policies

Security-Metrics-Driven-Evaluation, Design, Development and Deployment. Our research evaluates security pattern selection and application by designers in response to attack patterns. The evaluation is based on formal models of attack scenarios that are used to measure security risk and promote risk reduction strategies based on assurance cases constructed by the analyst. The aim is to improve the usability of formal methods for studying security design and composition.

group_project

Visible to the public Highly Configurable Systems

In highly configurable software systems the configuration space is too big for (re-)certifying every configuration in isolation. In this project, we combine software analysis with network analysis to detect which configuration options interact and which have local effects. Instead of analyzing a system as Linux and SELinux for every combination of configuration settings one by one (>10^2000 even considering compile-time configurations only), we analyze the effect of each configuration option once for the entire configuration space.

file

Visible to the public Insights into Composability from Lablet Research

Abstract

This presentation describes a framework for understanding the hard problem of Composability in the setting of security, along with highlights of lablet research results illustrating recent progress in this area and remaining research challenges.

file

Visible to the public Deploying the Security Behavior Observatory: An Infrastructure for Long-term Monitoring of Client Machines

Abstract: Much of the data researchers usually collect about users' privacy and security behavior comes from short-term studies and focuses on specific, narrow activities. We present a design architecture and deployment of the Security Behavior Observatory (SBO), a client-server infrastructure designed to collect a wide array of data on user and computer security- and privacy-related behavior from a panel of hundreds of participants over several years. The SBO infrastructure had to be carefully designed to fulfill several requirements.

webform

Visible to the public CMU SoSL Quarterly Meeting - July 2014

group_project

Visible to the public Limiting Recertification in Highly Configurable Systems: Analyzing Interactions and Isolation among Configuration Options

In highly configurable systems the configuration space is too big for (re-)certifying every configuration in isolation. In this project, we combine software analysis with network analysis to detect which configuration options interact and which have local effects. Instead of analyzing a system as Linux and SELinux for every combination of configuration settings one by one (>10^2000 even considering compile-time configurations only), we analyze the effect of each configuration option once for the entire configuration space.

group_project

Visible to the public Multi-model run-time security analysis

Our research focuses on creating the scientific foundations to support model-based run-time diagnosis and repair of security attacks. Specifically, our research develops models that (a) scale gracefully with the size of system and have appropriate real-time characteristics for run-time use, and (b) support composition through multi-model analysis. Network models will complement architectural models in two ways: (a) to characterize the organizational context of a system, and (b) to detect anomalies through network representations of architectural behavior.