Collaborative

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Understanding and Discovering Illicit Online Business Through Automatic Analysis of Online Text Traces

Unlawful online business often leaves behind human-readable text traces for interacting with its targets (e.g., defrauding victims, advertising illicit products to intended customers) or coordinating among the criminals involved. Such text content is valuable for detecting various types of cybercrimes and understanding how they happen, the perpetrator's strategies, capabilities and infrastructures and even the ecosystem of the underground business.

group_project

Visible to the public EDU: Collaborative: Integrating Embedded Systems Security into Computer Engineering and Science Curricula

With the advancement of technologies, networked devices become ubiquitous in the society. Such devices are not limited to traditional computers and smart phones, but are increasingly extended to cover a wide variety of embedded systems (ES), such as sensors monitoring bridges, electronics controlling the operation of automobiles and industrial equipment, home medicine devices that are constantly reporting patient health information to doctors.

group_project

Visible to the public TWC: Medium: Collaborative: Efficient Repair of Learning Systems via Machine Unlearning

Today individuals and organizations leverage machine learning systems to adjust room temperature, provide recommendations, detect malware, predict earthquakes, forecast weather, maneuver vehicles, and turn Big Data into insights. Unfortunately, these systems are prone to a variety of malicious attacks with potentially disastrous consequences. For example, an attacker might trick an Intrusion Detection System into ignoring the warning signs of a future attack by injecting carefully crafted samples into the training set for the machine learning model (i.e., "polluting" the model).

group_project

Visible to the public EAGER: TWC: Collaborative: iPrivacy: Automatic Recommendation of Personalized Privacy Settings for Image Sharing

The objective of this project is to investigate a comprehensive image privacy recommendation system, called iPrivacy (image Privacy), which can efficiently and automatically generate proper privacy settings for newly shared photos that also considers consensus of multiple parties appearing in the same photo. Photo sharing has become very popular with the growing ubiquity of smartphones and other mobile devices.

group_project

Visible to the public EDU: Collaborative: Using Virtual Machine Introspection for Deep Cyber Security Education

Cybersecurity is one of the most strategically important areas in computer science, and also one of the most difficult disciplines to teach effectively. Historically, hands-on cyber security exercises helped students reinforce basic concepts, but most of them focused on user level attacks and defenses. Since OS kernels provide the foundations to the applications, any compromise to OS kernels will lead to an entirely untrusted computing. Therefore, it is imperative to teach students the practice of kernel level attacks and defenses.

group_project

Visible to the public TWC SBE: Medium: Collaborative: Brain Hacking: Assessing Psychological and Computational Vulnerabilities in Brain-based Biometrics

In September of 2015, it was reported that hackers had stolen the fingerprint records of 5.6 million U.S. federal employees from the Office of Personnel Management (OPM). This was a severe security breach, and it is an even bigger problem because those fingerprints are now permanently compromised and the users cannot generate new fingerprints. This breach demonstrates two challenging facts about the current cybersecurity landscape. First, biometric credentials are vulnerable to compromise. And, second, biometrics that cannot be replaced if stolen are even more vulnerable to theft.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Defending against Compromise and Manipulation of Mobile Communities

Many of today's mobile services build mobile communities of users who share their valuable experiences and data. Examples include traffic incidents (Waze), restaurant reviews (Yelp, FourSquare), anonymous social networks (Whisper, Yik Yak), and even dating (Tinder, Bumble). Unfortunately, new threats can compromise and manipulate these communities, using lightweight software to mimic mobile devices. The resesarchers have shown how attackers can eavesdrop on mobile network traffic, learn their patterns, and write software to emulate mobile devices running the application.

group_project

Visible to the public EDU: Collaborative: Using Virtual Machine Introspection for Deep Cyber Security Education

Cybersecurity is one of the most strategically important areas in computer science, and also one of the most difficult disciplines to teach effectively. Historically, hands-on cyber security exercises helped students reinforce basic concepts, but most of them focused on user level attacks and defenses. Since OS kernels provide the foundations to the applications, any compromise to OS kernels will lead to an entirely untrusted computing. Therefore, it is imperative to teach students the practice of kernel level attacks and defenses.

group_project

Visible to the public TWC: Medium: Collaborative: Systems, Tools, and Techniques for Executing, Managing, and Securing SGX Programs

The Intel Software Guard Extensions (SGX) is a new technology introduced to make secure and trustworthy computing in a hostile environment practical. However, SGX is merely just a set of instructions. Its software support that includes the OS support, toolchain and libraries, is currently developed in a closed manner, limiting its impact only within the boundary of big companies such as Intel and Microsoft. Meanwhile, SGX does not automatically secure everything and it still faces various attacks such as controlled-side channel and enclave memory corruption.

group_project

Visible to the public EAGER: Collaborative: Secure and Trustworthy Cyberphysical Microfluidic Systems

This project's overarching goal is to ensure the security and trustworthiness of cyber-physical microfluidic systems (CPMS). Microfluidic systems are devices that handle small volumes of fluids and are usually coupled with "cyber" elements such as sensors and intelligent control algorithms to improve performance and reliability. CPMS are coming of age in an era of rampant cybersecurity issues, and novel security and trust solutions are the need of the hour.