EAGER

group_project

Visible to the public EAGER: SaTC: Early-Stage Interdisciplinary Collaboration: Understanding group digital security practices

Grassroots groups seek to protect their digital security but also to be transparent and open, and to affirm their legitimacy and authority. This research will examine how organizations and groups shape the ways they balance what may be conflicting needs to avoid censure and harassment while being open enough to encourage trust and participation. The research will examine the role of organizational structure and digital security practices, and to uncover processes, practices, or behaviors that increase or reduce security threats to online groups.

group_project

Visible to the public EAGER: SaTC: Early-Stage Interdisciplinary Collaboration: Multi-regulation computation

This interdisciplinary project investigates whether existing cryptographic techniques for analyzing siloed data comport with participants' legal restrictions on data disclosure. Secure multi-party computation (MPC) is a technique from cryptography that allows several participants, each with sensitive information, to analyze their data collectively without ever sharing it.

group_project

Visible to the public EAGER: SaTC: Early-Stage Interdisciplinary Collaboration: Designing Trustworthy and Transparent Information Platforms

Defined as openness to the information creation and reporting process, transparency is a way for information institutions that have an online presence to reconnect with citizens and establish their legitimacy. This research will conduct a series of design investigations to illuminate the critical new phenomenon of transparency to rebuild public trust in one such information institution--journalistic organizations. Marrying mass communications research with human-centered computing, this research will take a novel interdisciplinary approach to answer the following questions.

group_project

Visible to the public SaTC-EDU: EAGER: Peer Instruction for Cybersecurity Education

Engineering a secure IT system, in addition to technical skills, requires a particular mindset focused on using cybersecurity solutions effectively against sophisticated and stealthy cyber attacks. The traditional lecture-centric style of teaching has failed to deliver that mindset, which is the direct result of an over-emphasis on specific technical skills (with limited lifespan and insufficient technical depth), abstract rather than deeply technical examination of fundamental concepts, and an impatience in developing broader analytical skills.

group_project

Visible to the public EAGER: TWC: Collaborative: iPrivacy: Automatic Recommendation of Personalized Privacy Settings for Image Sharing

The objective of this project is to investigate a comprehensive image privacy recommendation system, called iPrivacy (image Privacy), which can efficiently and automatically generate proper privacy settings for newly shared photos that also considers consensus of multiple parties appearing in the same photo. Photo sharing has become very popular with the growing ubiquity of smartphones and other mobile devices.

group_project

Visible to the public EAGER: Protecting Data Access Pattern Privacy in Hybrid Cloud Storage Systems

Cloud-based storage services are gaining increasing popularity for their attractive pay-as-you-go model and high availability, reliability and economic efficiency. Meanwhile, there is an increasing privacy consciousness among users regarding this storage paradigm. While encryption provides some protection for data privacy, it cannot protect data access patterns, which can reveal private information about cloud storage clients.

group_project

Visible to the public SaTC: CORE: EAGER: Finding Semantic Security Bugs with Pseudo-Oracle Testing

Semantic security bugs cause serious vulnerabilities across a wide range of software. For example, in a recent incident, attackers exploited a semantic security bug in Apache Struts to steal sensitive personal data of up to 143 million customers from Equifax servers. In fact, such vulnerabilities are quite common in practice. The total number of Common Vulnerabilities and Exposure Identifiers (CVEs) assigned to different types of semantic security bugs exceeds 2,000 just this year alone.

group_project

Visible to the public EAGER: SaTC: Post-Quantum Indifferentiability

Current technology for securing Internet traffic relies on cryptographic protocols that are based on the presumed difficulty of two mathematical problems - the factorization problem and the discrete logarithm problem. However, the emerging technology of quantum computers - a type of computer that leverages the laws of quantum mechanics to perform certain computations faster than classical computers - can efficiently solve both of these problems and thus effectively attack the respective cryptographic protocols.

group_project

Visible to the public EAGER: Invisible Shield: Can Compression Harden Deep Neural Networks Universally Against Adversarial Attacks?

Deep neural networks (DNNs) are finding applications in wide-ranging applications such as image recognition, medical diagnosis and self-driving cars. However, DNNs suffer from a security threat: decisions can be misled by adversarial inputs crafted by adding human-imperceptible perturbations into normal inputs during training of DNN model. Defending against adversarial attacks is challenging due to multiple attack vectors, unknown adversary's strategies and cost.

group_project

Visible to the public EAGER: An Open Mobile App Platform to Support Research on Fraudulent Reviews

The pressure to succeed in online, peer-review websites has created a black market for search rank fraud. Fraud workers, who may control hundreds of user accounts, connect with product developers through crowdsourcing sites, then, from the accounts that they control, post fake activities, ratings, and reviews for site-owners' products. Most peer-review systems use fraud detection to filter out fake activities, but fraud nevertheless persists.