Search Projects: Group Project, March, 2018

Results 71 - 80 of 159

Results

group_project

Visible to the public TC: EAGER: Collaborative Research: Parallel Automated Reasoning

The security of the national computing infrastructure is critical for consumer confidence, protection of privacy, protection of valuable intellectual property, and even national security. Logic-based approaches to security have been gaining popularity, in part because they provide a precise way to describe and reason about the kinds of complexity found in real systems. Perhaps even more importantly, automated reasoning techniques can be used to assist users in navigating this complexity. Despite the promise of automated reasoning, its use in practical applications is still limited.

group_project

Visible to the public TC: EAGER: Binary-based Data Structure Revelation for Memory Forensics

Today's computer users often run programs for which they do not have the source code. In some cases, those programs are viruses or other malware, and it is desirable to understand how they work in order to prevent them from causing further damage or to track down the author. Part of the process of understanding the program (sometimes called "reverse engineering")is to understand how it stores data.

group_project

Visible to the public EAGER: Interfaces to Reduce Human Error in Social Network Access Control Policy Authoring

The growth of the Internet means everyone from system administrators to casual users are regularly confronted with making decisions on how to share data. Research suggests that even experts struggle to make these decisions accurately using current access-control mechanisms. As users start to share information across social and professional applications, usable access-control mechanisms that help prevent such semantic errors are all the more urgent.

group_project

Visible to the public TC: Small: Designing New Authentication Mechanisms using Hardware Capabilities in Advanced Mobile Devices

Authentication is a quintessential problem in computer security. However, most commonly used authentication mechanisms suffer from a variety of shortcomings. Passwords, the most common authentication mechanism, are vulnerable to replay attacks. Physical authentication tokens overcome some of these problems; however, they face deployment and compatibility obstacles.

group_project

Visible to the public TC: Small: Collaborative Research: Symbiosis in Byzantine Fault Tolerance and Intrusion Detection

Two principal components for providing protection in large-scale distributed systems are Byzantine fault-tolerance (BFT) and intrusion detection systems (IDS). BFT is used to implement strictly consistent replication of state in the face of arbitrary failures, including those introduced by malware and Internet pathogens. Intrusion detection relates to a broad set of services that detect events that could indicate the presence of an ongoing attack. IDSs are far from perfect -- they can both miss attacks or misinterpret events as being malicious.

group_project

Visible to the public TC: Small: Higher-Speed Cryptography

Internet users can now use https://www.google.com instead of http://www.google.com, protecting their text searches against espionage and sabotage by network attackers. However, Google still does not support encryption for high-volume data such as images and maps.

group_project

Visible to the public TC: Small: Collaborative Research: Exploration and Validation of Hardware Primitives for Security and Trust

Hardware-level security and trust in many of society's microelectronic-based infrastructures, e.g., transportation, energy, etc., is inadequate. This project investigates chip-level hardware primitives that are designed to improve the security and trust in such systems. In particular, many security mechanisms depend on a secret, unique identifier that is associated with the chip or board in the system. An embedded digital signature inserted by the manufacturer is not secure because it can be extracted by adversaries.

group_project

Visible to the public SHF: Small: Architectural Support for Security in the Many-core Age: Threats and Opportunities

Modern multicore and manycore architectures have a number of new security threats. For example, shared microarchitecture components such as caches, core inter-connection networks, and memory controllers can be exploited for side-channel attacks or denial of service attacks. The evolution of workloads to exploit explicit parallelism will also likely lead to additional new threats. New forms of active viruses and trojans that reside on some cores and attempt to attack other applications are likely to arise.

group_project

Visible to the public TC: Small: Collaborative Research: Formal Security Analysis of Access Control Models and Extensions

Providing restrictive and secure access to resources is a challenging and socially important problem. Security analysis helps organizations gain confidence on the control they have on resources while providing access, and helps them devise and maintain policies. There is a dire need for analysis tools to help administrators ensure security as they make administrative changes to reflect changes in policy. Security analysis of access control is non-trivial for an administrator due to the complexity of reasoning with the beguiling number of possible future scenarios.

group_project

Visible to the public TC: Small: Improving System Security through Virtual Layered File Systems

Desktop computers run many different applications, the compromise of any one of which can compromise the entire desktop given the lack of isolation among applications. Recovering a compromised desktop remains a time consuming task, which typically requires wiping everything and reinstalling the system from scratch. These security issues pose fundamental challenges as desktop computers are relied on for everything from financial transactions to medical records.