Search Projects: Group Project, 1 May 2018

Results 1 - 10 of 27



Visible to the public CT-M: Realizing Verifiable Security Properties on Untrusted Computing Platforms

This project is motivated by the fundamental question of whether it is possible to achieve verifiable end-to-end security properties by adding suitable security mechanisms on top of commercially available applications executing on an untrusted computing platform. A concrete example of such a scenario is provided by a user interacting with a bank's web server using a web browser running SSL.


Visible to the public CT-ISG: An Architecture and Policies for Secure Network-facing Applications

The near ubiquity of Internet access has put a wealth of information and ever-increasing opportunities for social interaction at the fingertips of users. Driving this revolution is the modern web browser, which has evolved from a relatively simple client application designed to display static data into a complex networked operating system tasked with managing many facets of a users online experience. Support for dynamic content, multimedia data, and third-party plug-ins has greatly enriched users experiences at the cost of increasing the complexity of the browser itself.


Visible to the public CT-T: Proactive Techniques for Preserving System Integrity: A Basis for Robust Defense Against Malware

Cyber threats have escalated rapidly over the past decade. "Zero-day attacks" have become significant, delivered increasingly through seemingly innocuous means such as web pages, images, and documents. Malware is rampant, being installed surreptitiously on millions of computers around the world using a combination of spam, phishing, malicious shareware and freeware. Today's defenses use techniques such as signature-based scanning and file integrity monitoring to detect the presence of malware, and then remove them.


Visible to the public CT-ISG: Usable Cyber Trust Indicators

When systems rely on a "human in the loop" to carry out a security-critical function, cyber trust indicators are often employed to communicate when and how to perform that function. Indicators typically serve as warnings or status indicators that communicate information, remind users of information previously communicated, and influence behavior. They include a variety of security- and privacy-related symbols in the operating system status bar or browser chrome, pop-up alerts, security control panels, or symbols embedded in web content.


Visible to the public CT-ISG: Collaborative Research: Router Models and Downscaling Tools for Scalable Security Experiments

It is critical to protect the Internet from attacks such as denial of service, and attacks on inter-domain routing. Although several defenses have been proposed, actual deployments have been limited. A primary reason for this lack of deployment is that most defenses have not been validated under realistic conditions, or at sufficiently large scales. Many attacks also have second-order effects that are not well understood. This is because it is difficult to incorporate all the protocols involved at any reasonable scale in analytical, simulation, or emulation models or testbeds.


Visible to the public CT-ISG: Improving Security and Privacy in Pervasive Healthcare

This research project advances the understanding of security and privacy in pervasive healthcare by testing technological methods of securing implantable medical devices and by evaluating human factors through patient studies. The most fundamental question is how to balance the opposing goals of safety and effectiveness with security and privacy of wireless, implantable medical devices.


Visible to the public Collaborative Research: CT-L: CLEANSE: Cross-Layer Large-Scale Efficient Analysis of Network Activities to SEcure the Internet

Layer-8 attacks (e.g., spam and phishing) are launched from a malicious service platform, e.g., botnet, which consists of a large number of infected machines (or bots). Such an attack platform relies on lower-layer network services to achieve efficiency, robustness, and stealth in communication and attack activities. These services include look-up (e.g., DNS), hosting (e.g., Web servers), and transport (e.g., BGP).

The main research goals and approaches of the CLEANSE project are:


Visible to the public CT-M: Collaborative Research: Securing Dynamic Online Social Networks

Considering the popularity and wide adoption of social network systems and the competitive edge these systems provide, there has been a rapid growth in use of these systems to access, store, and exchange personal attribute information in distributed and/or federated environments and this trend is expected to continue. Efficient, secure, and user-centric techniques are important for the successful deployment of such systems.


Visible to the public CT-ISG: Advanced Techniques to Detect Kernel-Level Rootkits

The integrity of commodity operating system kernels is threatened by rootkits that modify key kernel data structures to achieve a variety of malicious goals. While rootkits have historically been known to affect control data in the kernel, recent work demonstrates rootkits that affect system security by modifying non-control data, such as linked lists used to manage bookkeeping information and metadata used for memory management. Existing techniques fail to detect such rootkits effectively.


Visible to the public CT-ISG: Collaborative Research: Towards Trustworthy Database Systems

Answers to database queries often form the basis for critical decision-making. To improve efficiency and reliability, answers to these queries can be provided by distributed servers close to the querying clients. However, because of the servers' ubiquity, the logistics associated with fully securing them may be prohibitive; moreover, when the servers are run by third parties, the clients may not trust them as much as they trust the original data owners. Thus, the authenticity of the answers provided by servers in response to clients' queries must be verifiable by the clients.