Search Projects: Group Project, 13 Mar 2018

Results 1 - 10 of 48

Results

group_project

Visible to the public TC: Small: Collaborative Research:Accountability and Identifiability

The World Wide Web and other networked information systems provide enormous benefits by enabling access to unprecedented amounts of information. However, for many years, users have been frustrated by the fact that these systems also create significant problems. Sensitive personal data are disclosed, confidential corporate data are stolen, copyrights are infringed, and databases owned by one government organization are accessed by members of another in violation of government policy.

group_project

Visible to the public TC: Small: Collaborative Research:Models and Techniques for Enterprise Network Security Metrics

This research investigates efficient and effective quantitative risk analytics methods for enterprise network security. The research uses attack graphs, a widely used and well-tested technique for enterprise network security analysis, as the foundation to build a metric model. It aims to produce a theoretically sound model with extensive empirical evaluation on continuous fresh data from production networks.

group_project

Visible to the public EAGER: TC: Collaborative Research: Experimental Study of Accountability in Existing Anonymous Networks

To stop anonymous tools designed for free speech from being abused by criminals, this project investigates practical solutions to trace back criminals while support free speech for benign users, by exploiting two unique perspectives. First, it utilizes the resource advantages of law enforcement to explore the limitations of anonymous tools. As criminals operated from remote locations usually do not have resources to build large-scale systems, they have to rely on existing anonymous tools with third-party resources to hide their traces.

group_project

Visible to the public III: Small: Ensuring Integrity and Authenticity of Outsourced Databases

Due to the complexity and cost associated with managing data, many organizations are looking towards outsourcing their data management services. In recent years especially, Cloud Computing has gained significant interest. Although data outsourcing holds great promise, it raises a number of security and privacy concerns. In particular, since the clients have little or no direct control over the software and hardware that is running at the servers, there is a reluctance to blindly trust the server.

group_project

Visible to the public TC: Small: Data Driven Analysis of Security Attacks in Large Scale Systems

Despite sophisticated monitoring tools for runtime detection of intruders and techniques designed to protect computing systems from a wide range of attacks, attackers continually penetrate even well-protected systems. Attack data from real, large-scale production environments (National Center for Supercomputing Applications (NCSA) at Illinois, in this work) are used as a basis for characterizing and modeling attacker behavior and for uncovering deficiencies of the monitoring infrastructure.

group_project

Visible to the public TC: Small: Collaborative Research: Symbiosis in Byzantine Fault Tolerance and Intrusion Detection

Two principal components for providing protection in large-scale distributed systems are Byzantine fault-tolerance (BFT) and intrusion detection systems (IDS). BFT is used to implement strictly consistent replication of state in the face of arbitrary failures, including those introduced by malware and Internet pathogens. Intrusion detection relates to a broad set of services that detect events that could indicate the presence of an ongoing attack. IDSs are far from perfect -- they can both miss attacks or misinterpret events as being malicious.

group_project

Visible to the public TC: Small: LockBox: Enabling Users to Keep Data Safe

Modern computer security requires bug-free code at every layer of the software stack. But in a world where operating systems and hypervisors are increasingly buggy, it can be dangerous to assume these components are trustworthy. LockBox provides an additional layer of security such that if the operating system or other system management software fails, certain portions of the system remain resistant to attack.

group_project

Visible to the public TC: Small: Securing Programs and Data In Remote and Hostile Environments

Cryptographic protocols lie at the core of sound and trustworthy solutions to protect the integrity and secrecy of data stored in private computers and remote servers; and programs executed on hand held devices and remote host computers. Such protocols are guaranteed to preserve some pre-defined security requirements in the face of malicious attacks.

group_project

Visible to the public TC: Small: Collaborative Research: Formal Security Analysis of Access Control Models and Extensions

Providing restrictive and secure access to resources is a challenging and socially important problem. Security analysis helps organizations gain confidence on the control they have on resources while providing access, and helps them devise and maintain policies. There is a dire need for analysis tools to

group_project

Visible to the public TC: Small: Mining Operating System Semantics: Techniques and Applications

The knowledge about operating system semantics is the foundation for many security applications, including virtual machine introspection, malware detection and analysis, computer forensics, etc. However, the existing techniques for extracting operating system semantics fall short. They perform static analysis on the OS source code, and thus cannot be applied to the closed-source operating systems. The source-code analysis also suffers from the WYSINWYX (i.e., What You See Is Not What You eXecute) problem.