Search Projects: Group Project, 18 Mar 2018

7 results



Visible to the public TC: Small: Increasing The Cost of Malware

As seen by the proliferation of commercial-grade malware, attacking networked applications is a profitable enterprise. There are two advantages malware authors currently have against us. The first advantage is that because users run a diverse set of applications on their systems, anti-virus and anti-malware programs must exhaustively search for specific malware instances across all pieces of software on a system.


Visible to the public TC: Small: Collaborative Research: User-Centric Privacy Control for Collaborative Social Media

Social-networking sites (e.g., Facebook, MySpace, LinkedIn, etc.) and other online collaborative tools have emerged as places where people can post and share information. This information-sharing has many benefits, ranging from practical (e.g., sharing a business document) to purely social (e.g., communicating with distant friends). At the same time, information sharing inevitably poses significant threats to user privacy. In social-networking sites, for example, documented threats range from identity theft to digital stalking and personalized spam.


Visible to the public TC: Small: Enemies from Within: Thwarting Sophisticated Insider Attacks in Wireless Networks

Wireless networks are inherently vulnerable to external and internal network attacks, due to the open nature of the wireless medium and the poor physical security of wireless devices. While external attacks can be neutralized through a combination of cryptography-based measures and robustness mechanisms, internal attacks, which are launched from compromised nodes, are much more sophisticated in nature.


Visible to the public TC: Small: Collaborative Research: Accountability and Identifiability

The World Wide Web and other networked information systems provide enormous benefits by enabling access to unprecedented amounts of information. However, for many years, users have been frustrated by the fact that these systems also create significant problems. Sensitive personal data are disclosed, confidential corporate data are stolen, copyrights are infringed, and databases owned by one government organization are accessed by members of another in violation of government policy.


Visible to the public TC-Small-Virtual Machine Introspection-based Live Forensics for Detection of Malicious Software

Modern malware is used extensively in computer crime and cyber-warfare and poses a serious threat to the cyber-infrastructure of the United States, at the military, civil, and corporate levels. Malware can employ a number of techniques to gain access to needed resources and to prevent detection, including hooking or modifying system calls, adding new system calls, inserting new kernel modules, and directly patching kernel code.


Visible to the public TC: Small: Collaborative Research: Strengthening Forensic Science for Network Investigations

The standard instrumentality for the criminal acquisition and distribution of images and video of child sexual exploitation is peer-to-peer (p2p) networks. Over 160,000 users based in the US are sharing child pornography (CP) using Gnutella alone. Past studies have found that: 21% of CP possessors had images depicting sexual violence to children such as bondage, rape, and torture; 28% had images of children younger than 3 years old; and that 16% of investigations of CP possession ended with discovery of persons who directly victimized children.


Visible to the public TC: Small: Active physical layer fingerprinting of 802.11 and 802.15.4 wireless devices

From the smart grid to healthcare to national security systems, wireless devices are playing an increasing role in technological solutions. Their security and trustworthiness should be a major concern. Fingerprinting is an important technique in the cyber-defender arsenal, because it helps expose deceptions essential to modern multi-step network attacks. We develop methods and tools for wireless physical (PHY) layer testing, thus improving trustworthiness of wireless devices and equipping cyber-defenders with the tools they need to protect wireless networks.