Small

group_project

Visible to the public SaTC: CORE: Small: Checking Security Checks in OS Kernels

Operating system (OS) kernels play a critical role in computer systems by virtually having complete control over the systems. OS kernels not only manage hardware and system resources, but also provide services and protection. Given these tasks, OS kernels have to process external untrusted inputs and perform complicated operations, both of which are error-prone. To avoid entering into erroneous states, OS kernels tend to enforce a large number of security checks---"if" and "switch" statements that are used to validate states. Unfortunately, security checks themselves are often buggy.

group_project

Visible to the public SaTC: CORE: Small: The Blurring of Non-essential Notifications and Critical Security Warnings: Examining the Problem of Generalization in the Brain

This project measures how decreased attention to frequent software notifications negatively influences peoples' responses to uncommon security warnings that are truly critical. The researchers will use eye tracking equipment to examine this problem by measuring attention to notifications and warnings through eye gaze patterns, and individuals' decisions in response to these messages.

group_project

Visible to the public SaTC: CORE: Small: Collaborative: Understanding and Mitigating Adversarial Manipulation of Content Curation Algorithms

Online social networks (OSNs) have fundamentally transformed how billions of people use the Internet. These users are increasingly discovering books, music bands, TV shows, movies, news articles, products, and other content through posts from trusted users that they follow. All major OSNs have deployed content curation algorithms that are designed to increase interaction and act as the "gatekeepers" of what users see.

group_project

Visible to the public NSF-BSF: SaTC: CORE: Small: Blockchain Fairness

Blockchains provide compelling security properties that enable powerful systems to be constructed without reliance on trusted third parties. Their rise has created successful, multi-billion dollar systems and has had a transformative impact on venture funding and the financial industry. Blockchains as currently designed, though, fail to enforce fairness for their users, meaning equal opportunities for fast transaction processing. The project investigators will seek to address the pervasive fairness deficiencies in blockchain systems.

group_project

Visible to the public SaTC: STARSS: Small: Combined Side-channel Attacks and Mathematical Foundations of Combined Countermeasures

Digital information has become an integral part of our daily lives and there is a growing concern about the security of information. The amount of information that should be kept secure is increasing with the proliferation of high-tech electronics such as smart-phones, tablets, and wearable devices. Accordingly, the number of attacks from malicious parties to obtain the secret information that is stored in a secure (i.e., encrypted) device increases.

group_project

Visible to the public SaTC: CORE: Small: A Secure Processor that Exploits Multicore Parallelism while Protecting Against Microarchitecture State Attacks

Microprocessors are widely deployed in cloud, fog, edge, and mobile computing platforms. In all cases, the economies of scale stem from our ability (through the use of mature virtualization technologies) to host large sets of applications from diverse domains. These applications increasingly operate on private or confidential user data. A major hurdle for exposing and exploiting virtualization capabilities in next generation processors is the lack of a clear vision for how to address the security challenges associated with co-locating applications that share hardware.

group_project

Visible to the public SaTC: CORE: Small: Memory-hard Cryptography

Cryptography provides the basic tools to guarantee confidentiality and integrity of data. It hence plays a pivotal role in securing our digital infrastructure, and in enforcing the right for privacy of individuals. The development of secure cryptographic techniques is however difficult and error-prone, as unknown attack strategies need to be taken into account. To overcome this, modern cryptography advocates the paradigm of provable security, where threat models are precisely formalized using the language of mathematics, and the security of cryptosystems is proved within these models.

group_project

Visible to the public SaTC: CORE: Small: Expanding the Frontiers of Lattice-Based Cryptography

Research and development into quantum computers raises many new challenges for security and privacy. For instance, large-scale quantum computers would compromise much of the cryptography used to secure the Internet today. This project's novelty is in developing new and systematic approaches for constructing advanced cryptographic primitives that remain robust even in the presence of sophisticated quantum adversaries.

group_project

Visible to the public SaTC: CORE: Small: Transforming Non-Malleable Cryptography

This project aims to enhance our understanding of tampering attacks which are one of the most basic ones in cryptography and computer security. A tampering adversary may try to modify data at rest or in transit, which could be devastating to the security of a number of computer systems. The goal of non-malleable cryptography is to develop the tools and techniques required to secure computer systems against such attacks. The project's novelties are in conceptualizing a number of new primitives which can help fight against such attacks in emerging computer systems.

group_project

Visible to the public SaTC: CORE: Small: Detecting and Mitigating Unintended Learning

Machine learning is fueling major advances in biomedical research, natural language processing, image recognition, self-driving vehicles, etc. These advances depend on the continuing availability of data. By assuring the integrity and privacy of both the data and the machine learning models based on this data, this project aims to bring the benefits of machine learning to all data holders. However, machine learning can unintentionally reveal sensitive data such as the identity of specific persons.