Medium

group_project

Visible to the public SaTC: CORE: Medium: Situation-Aware Identification and Rectification of Regrettable Privacy Decisions

People today are faced with many privacy decisions in their daily interactions with mobile devices. In the past decade, researchers have studied the design of many tools and mechanisms, such as privacy nudges, that aim to help individuals make better privacy decisions. But just like decision support tools in other domains, these tools cannot make users perfect decision-makers. Users still make mistakes and regret their privacy decisions later. This project casts a fresh perspective on Privacy-by-Redesign by helping users revisit and rectify past privacy decisions that they may regret.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Understanding and Discovering Illicit Online Business Through Automatic Analysis of Online Text Traces

Unlawful online business often leaves behind human-readable text traces for interacting with its targets (e.g., defrauding victims, advertising illicit products to intended customers) or coordinating among the criminals involved. Such text content is valuable for detecting various types of cybercrimes and understanding how they happen, the perpetrator's strategies, capabilities and infrastructures and even the ecosystem of the underground business.

group_project

Visible to the public TWC: Medium: Collaborative: Efficient Repair of Learning Systems via Machine Unlearning

Today individuals and organizations leverage machine learning systems to adjust room temperature, provide recommendations, detect malware, predict earthquakes, forecast weather, maneuver vehicles, and turn Big Data into insights. Unfortunately, these systems are prone to a variety of malicious attacks with potentially disastrous consequences. For example, an attacker might trick an Intrusion Detection System into ignoring the warning signs of a future attack by injecting carefully crafted samples into the training set for the machine learning model (i.e., "polluting" the model).

group_project

Visible to the public SaTC: CORE: Medium: Situation-Aware Identification and Rectification of Regrettable Privacy Decisions

People today are faced with many privacy decisions in their daily interactions with mobile devices. In the past decade, researchers have studied the design of many tools and mechanisms, such as privacy nudges, that aim to help individuals make better privacy decisions. But just like decision support tools in other domains, these tools cannot make users perfect decision-makers. Users still make mistakes and regret their privacy decisions later. This project casts a fresh perspective on Privacy-by-Redesign by helping users revisit and rectify past privacy decisions that they may regret.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Understanding and Discovering Illicit Online Business Through Automatic Analysis of Online Text Traces

Unlawful online business often leaves behind human-readable text traces for interacting with its targets (e.g., defrauding victims, advertising illicit products to intended customers) or coordinating among the criminals involved. Such text content is valuable for detecting various types of cybercrimes and understanding how they happen, the perpetrator's strategies, capabilities and infrastructures and even the ecosystem of the underground business.

group_project

Visible to the public TWC SBE: Medium: Collaborative: Brain Hacking: Assessing Psychological and Computational Vulnerabilities in Brain-based Biometrics

In September of 2015, it was reported that hackers had stolen the fingerprint records of 5.6 million U.S. federal employees from the Office of Personnel Management (OPM). This was a severe security breach, and it is an even bigger problem because those fingerprints are now permanently compromised and the users cannot generate new fingerprints. This breach demonstrates two challenging facts about the current cybersecurity landscape. First, biometric credentials are vulnerable to compromise. And, second, biometrics that cannot be replaced if stolen are even more vulnerable to theft.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Defending against Compromise and Manipulation of Mobile Communities

Many of today's mobile services build mobile communities of users who share their valuable experiences and data. Examples include traffic incidents (Waze), restaurant reviews (Yelp, FourSquare), anonymous social networks (Whisper, Yik Yak), and even dating (Tinder, Bumble). Unfortunately, new threats can compromise and manipulate these communities, using lightweight software to mimic mobile devices. The resesarchers have shown how attackers can eavesdrop on mobile network traffic, learn their patterns, and write software to emulate mobile devices running the application.

group_project

Visible to the public TWC: Medium: Collaborative: Systems, Tools, and Techniques for Executing, Managing, and Securing SGX Programs

The Intel Software Guard Extensions (SGX) is a new technology introduced to make secure and trustworthy computing in a hostile environment practical. However, SGX is merely just a set of instructions. Its software support that includes the OS support, toolchain and libraries, is currently developed in a closed manner, limiting its impact only within the boundary of big companies such as Intel and Microsoft. Meanwhile, SGX does not automatically secure everything and it still faces various attacks such as controlled-side channel and enclave memory corruption.

group_project

Visible to the public TWC SBE: Medium: Collaborative: Dollars for Hertz: Making Trustworthy Spectrum Sharing Technically and Economically Viable

The critical role of spectrum as a catalyst for economic growth was highlighted in the 2010 National Broadband Plan (NBP). A challenge for the NBP is realizing optimal spectrum sharing in the presence of interference caused by rogue transmissions from any source, but particularly secondary users who share the spectrum. This complex problem straddles wireless technology, industrial economics, international standards, and regulatory policy.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Towards Robust Machine Learning Systems

Machine learning techniques, particularly deep neural networks, are increasingly integrated into safety and security-critical applications such as autonomous driving, precision health care, intrusion detection, malware detection, and spam filtering. A number of studies have shown that these models can be vulnerable to adversarial evasion attacks where the attacker makes small, carefully crafted changes to normal examples in order to trick the model into making incorrect decisions.