Search Projects: Group Project, 2018

Results 11 - 20 of 874

Results

group_project

Visible to the public Contextual Integrity for Computer Systems

Despite the success of Contextual Integrity (see project "Operationalizing Contextual Integrity"), its uptake by computer scientists has been limited due to the philosophical framework not meeting them on their terms. In this project we will both refine Contextual Integrity (CI) to better fit the problems computer scientists face and to express it in the mathematical terms they expect.

group_project

Visible to the public Governance for Big Data

Privacy governance for Big Data is challenging--data may be rich enough to allow the inference of private information that has been removed, redacted, or minimized. We must protect against both malicious and accidental inference, both by data analysts and by automated systems. To do this, we are extending existing methods for controlling the inference risks of common analysis tools (drawn from literature on the related problem of nondiscriminatory data analysis). We are coupling these methods with auditing tools such as verifiably integral audit logs.

group_project

Visible to the public Securing Safety-Critical Machine Learning Algorithms

Machine-learning algorithms, especially classifiers, are becoming prevalent in safety and security-critical applications. The susceptibility of some types of classifiers to being evaded by adversarial input data has been explored in domains such as spam filtering, but with the rapid growth in adoption of machine learning in multiple application domains amplifies the extent and severity of this vulnerability landscape.

group_project

Visible to the public Model-Based Explanation For Human-in-the-Loop Security

Effective response to security attacks often requires a combination of both automated and human-mediated actions. Currently we lack adequate methods to reason about such human-system coordination, including ways to determine when to allocate tasks to each party and how to gain assurance that automated mechanisms are appropriately aligned with organizational needs and policies.

group_project

Visible to the public Monitoring, Fusion, and Response for Cyber Resilience

We believe that diversity and redundancy can help us prevent an attacker from hiding all of his or her traces. Therefore, we will strategically deploy diverse security monitors and build a set of techniques to combine information originating at the monitors. We have shown that we can formulate monitor deployment as a constrained optimization problem wherein the objective function is the utility of monitors in detecting intrusions.

group_project

Visible to the public Uncertainty in Security Analysis

Cyber-physical system (CPS) security lapses may lead to catastrophic failure. We are interested in the scientific basis for discovering unique CPS security vulnerabilities to stepping-stone attacks that penetrate through network of intermediate hosts to the ultimate targets, the compromise of which leads to instability, unsafe behaviors, and ultimately diminished availability. Our project advances this scientific basis through design and evaluation of CPS, driven by uncertainty-aware formalization of system models, adversary classes, and security metrics.

group_project

Visible to the public Automated Synthesis Framework For Network Security and Resilience

We propose to develop the analysis methodology needed to support scientific reasoning about the resilience and security of networks, with a particular focus on network control and information/data flow. The core of this vision is an automated synthesis framework (ASF), which will automatically derive network state and repairs from a set of specified correctness requirements and security policies.

group_project

Visible to the public Principles of Secure BootStrapping for IoT

This project seeks to aid developers in designing and implementing protocols for establishing mutual trust between users, Internet of Things (IoT) devices, and their intended environment through identifying principles of secure bootstrapping, including tradeoffs among security objectives, device capabilities, and usability.

group_project

Visible to the public Predicting the Difficulty of Compromise through How Attackers Discover Vulnerabilities

The goal of this project is to aid security engineers in predicting the difficulty of system compromises through the development and evaluation of attack surface measurement techniques based upon attacker-centric vulnerability discovery processes.

group_project

Visible to the public Multi-model Test Bed for the Simulation-based Evaluation of Resilience

We have developed the SURE platform, a modeling and simulation integration testbed for evaluation of resilience for complex CPS [1]. Our previous efforts resulted in a web-based collaborative design environment for attack-defense scenarios supported by a cloud-deployed simulation engine for executing and evaluating the scenarios. The goal of this project is to extend these design and simulation capabilities for better understanding the security and resilience aspects of CPS systems.