Search Projects: 2018

Results 51 - 60 of 1027

Results

group_project

Visible to the public CT-ISG: Compiler-Enabled Adaptive Security Monitoring on Networked Embedded Systems

Hardware technologies have made steady progress in miniaturization of sensors and computing/communication devices, which has driven a trend towards pervasive computing, which is a way to let computing devices directly interact with the physical world to monitor the natural environment, to provide building safety, and so on.

group_project

Visible to the public Collaborative Research: CT-ISG: Secure Capacity of Wireless Networks

The last decade has witnessed an amazing growth in wireless communications and networking applications. More and more subscribers are relying solely on their wireless communication and computing devices for communicating sensitive information. Preserving the security of wirelessly transmitted information is becoming ever more challenging, yet essential.

group_project

Visible to the public CT-ISG: Dynamic Covert Channels: Generation and Detection of Hidden Messages

The secure transmission of information from a source to a destination is typically handled via encryption algorithms. In many instances, data that may or may not undergo encryption prior to transmission can be manipulated to encode messages. With successful encodings, seemingly innocuous channels, e.g., documents, data streams, audio, video, can operate covertly for secret message transmission in various applications, e.g., collusion in finance, electronic information/auction markets, transaction sequences, advertising applets, simulation.

group_project

Visible to the public CT-ISG: Collaborative Research: A New Approach to Testing and Verification of Security Policies

Policy-based access control is one of the most fundamental and widely used mechanisms for achieving privacy and security at both application and network levels. Given the high importance and delicacy of security policies, ensuring the correctness of these policies is important, and yet difficult. A tiny error in security policies could lead to irreparable, if not tragic, consequences. Therefore, identifying discrepancies between policy specifications and their intended function is a crucial task.

group_project

Visible to the public CT-ISG: Robust and Efficient Tamper-Resistant Software

Increasingly, society relies on software systems to provide vital services. Consequently, it is critically important that this software be protected from unauthorized modification. For example, a malicious user may modify or tamper with a binary to circumvent protection or license mechanisms or introduce vulnerabilities that can be later exploited.

group_project

Visible to the public Collaborative Research: CT-T: Logic and Data Flow Extraction for Live and Informed Malware Execution

Malicious activity on the Internet is a significant threat to both individuals and institutions. Over the past few years, network honeypots have emerged as an important tool for measuring and understanding the details of cyber attacks. The objective of the proposed research is to stimulate the development of next generation Internet security systems and forensic tools based on automated, indepth analysis of malicious activity and malicious software (malware) observed in network honeypots.

group_project

Visible to the public CT-T: Practical Formal Verification By Specification Extraction

Trust in a system can be compromised in many places. Extensive research has been conducted on the development of trustworthy requirements and policies, but those requirements and policies are effective only if they are carried out correctly. Ensuring the absence of implementation flaws by testing is inadequate; testing cannot be exhaustive and thus can miss critical vulnerabilities. Formal verification proof that the system correctly implements its specification and enforces its policies is an attractive alternative.

group_project

Visible to the public CT-ISG: High-Speed Cryptography

Anyone with a moderate amount of skill can intercept Internet mail messages and private web pages to see what they say; can modify messages in transit, changing their content without any trace; and can send fake messages that are indistinguishable from legitimate messages. Cryptography responds to these threats by scrambling and unscrambling packets to protect against forgery and against espionage. An attacker who forges a message can't scramble it in the right way; when legitimate users' computers unscramble the message, they see that it's a forgery and that it should be thrown away.

group_project

Visible to the public CT-ISG: COLLABORATIVE RESEARCH: SecureWORM: Strong Regulatory-Compliant Storage

Digital societies and markets increasingly mandate consistent procedures for the access, processing and storage of information. In the United States alone, over 10,000 such regulations can be found in financial, life sciences, health-care and government sectors, including the Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, and Sarbanes-Oxley Act.

group_project

Visible to the public CT-ISG: Alternate representation of NIDS/NIPS signatures for fast matching

Network intrusion prevention systems (IPSes) play an important role in protecting computers against attacks originating from thenetwork. Signature matching is a performance-critical operation that each IPS must perform: after storing a reassembled TCP-level byte stream or a field of a higher level protocol in a buffer, the IPS needs to decide whether it matches any of the signatures that describe known attacks. This project investigates methods for representingsignatures that allow fast matching, require little memory, and can support complex signatures expressed as regular expressions.