Small

group_project

Visible to the public SaTC: CORE: Small: Preventing Web Side-channel Attacks via Atomic Determinism

Web browsers are vulnerable to side-channel attacks, which usually play an important, first-step role in jump-starting a chain of attacks. For example, a web-level precise clock can help adversaries to break operating system level memory protection mechanisms, such as address-space layout randomization (ASLR). Browser fingerprinting, a variation of web side channels, can be used to obtain users' private information for launching social engineering attacks.

group_project

Visible to the public STARSS: Small: Design of Light-weight RRAM based Hardware Security Primitives for IoT devices

Our society has become increasingly dependent on electronic information exchange between personal devices and the cloud. Unfortunately, the number of identity and secure information leaks is on the rise. Many of the security breaches are due to insecure access channels to the cloud. The security problem is likely to be exacerbated in the Internet-of-Things (IoT) era where billions of devices in our homes, offices and cars are digitally connected.

group_project

Visible to the public SaTC: CORE: Small: Preventing Web Side-channel Attacks via Atomic Determinism

Web browsers are vulnerable to side-channel attacks, which usually play an important, first-step role in jump-starting a chain of attacks. For example, a web-level precise clock can help adversaries to break operating system level memory protection mechanisms, such as address-space layout randomization (ASLR). Browser fingerprinting, a variation of web side channels, can be used to obtain users' private information for launching social engineering attacks.

group_project

Visible to the public TWC: Small: User Behavior Modeling and Prediction in Anonymous Social Networks

Human beings are diverse, and their online behavior is often unpredictable. In today's data-driven world, providers of online services are collecting detailed and comprehensive server-side traces of user activity. These records or logs include detailed, timestamped logs of actions taken by users, often called clickstreams. Given their scale and level of detail, clickstreams present an enormous opportunity for research into user behavioral analysis and modeling.

group_project

Visible to the public STARSS: Small: Collaborative: Physical Design for Secure Split Manufacturing of Ics

The trend of outsourcing semiconductor manufacturing to oversea foundries has introduced several security vulnerabilities -- reverse engineering, malicious circuit insertion, counterfeiting, and intellectual property piracy -- making the semiconductor industry lose billions of dollars. Split manufacturing of integrated circuits reduces vulnerabilities introduced by an untrusted foundry by manufacturing only some of the layers at an untrusted high-end foundry and the remaining layers at a trusted low-end foundry.

group_project

Visible to the public SaTC: CORE: Small: Collaborative: Exploiting Physical Properties in Wireless Networks for Implicit Authentication

The rapid development of information technology not only leads to great convenience in our daily lives, but also raises significant concerns in the field of security and privacy. Particularly, the authentication process, which serves as the first line of information security by verifying the identity of a person or device, has become increasingly critical. An unauthorized access could result in detrimental impact on both corporation and individual in both secrecy loss and privacy leakage.

group_project

Visible to the public SaTC: CORE: Small: Toward Usable and Ubiquitous Trust Initialization and Secure Networking in Wireless Ad Hoc Networks

With billions of smart wireless devices being ubiquitously deployed, safeguarding their networking from cyber attacks has become a challenge. Not only can the devices deployed in a network can be heterogeneous in terms of available computing resources and interfaces, but ordinary users typically have limited technical expertise to perform complicated security configurations. What's more, trust among the devices is often lacking because of the different vendors or distribution channels they have traversed.

group_project

Visible to the public SaTC: NSF-BSF: CORE: Small: Increasing Users' Cyber-Security Compliance by Reducing Present Bias

Despite advances in computer security, there are still situations in which users must manually perform computer security tasks (e.g., rebooting to apply updates). Although many people recognize that these tasks are important, they still procrastinate. Procrastination is often caused by the failure to properly weigh the long-term security benefits against short-term costs and the annoyance of interrupting the primary task.

group_project

Visible to the public SaTC: TTP: Small: Mobile Dynamic Privacy and Security Analysis at Scale

The International Computer Science Institute (ICSI) is developing a framework to automatically detect privacy violations in mobile applications. The project leverages prototype work in augmenting the Android operating system with instrumentation to detect when applications access sensitive user data, what they do with it, and with whom they share it. The project modifies this system to support the analysis of thousands of applications in parallel, through virtualization.

group_project

Visible to the public SaTC: CORE: Small: RUI: Differentially Private Hypothesis Testing

In today's world, private companies, hospitals, governments, and other entities frequently maintain large databases that would be hugely valuable to researchers in many fields. However, privacy concerns prevent these databases from being fully utilized. Differential privacy defines conditions under which information about these databases can be released while provably protecting the privacy of the individuals whose data they contain. This project develops differentially private hypothesis tests.