Division of Computer and Network Systems (CNS)

group_project

Visible to the public CAREER: Securing Cyberspace: Gaining Deep Insights into the Online Underground Ecosystem

As the Internet becomes increasingly ubiquitous, it offers a low-risk harbor for cybercrime -- illegal activities such as hacking and online scams. Cybercrime is increasingly enabled by an online underground ecosystem, within which are anonymous forums and so-called dark web platforms for cybercriminals to exchange knowledge and trade in illicit products and services.

group_project

Visible to the public EAGER: Theory and Practice of Risk-Informed Cyber Insurance Policies: Risk Dependency, Risk Aggregation, and Active Threat Landscape

This project aims to tackle some of the most significant challenges facing the design and adoption of risk-informed cyber insurance policies; these challenges include cyber risk interdependence, correlated risk and value-at-risk, and a fast-changing threat landscape. The research has the potential to bring about a paradigm shift in the design of cyber insurance policies so that they are used as effective economic and incentive mechanisms consistent with cyber risk realities; in doing so it also introduces new ways of thinking about cybersecurity in a holistic, risk management context.

group_project

Visible to the public EAGER: Enabling Secure Data Recovery for Mobile Devices against Malicious Attacks

Mainstream mobile computing devices, such as, smart phones and tablets, currently rely on remote backups for data recovery upon failures. For example, an iPhone periodically stores a recent snapshot to iCloud, that can get restored if needed. Such a commonly used "off-device" backup mechanism, however, suffers from a fundamental limitation, namely, the backup in the remote server is not always synchronized with data stored in the local device.

group_project

Visible to the public EAGER: Factoring User Behavior into Network Security Analysis

The project will investigate human factors in network security. The security of network systems relies on proper protection from not only known vulnerabilities, but also new vulnerabilities resulting from unexpected human behavior. The project will directly address a user's situational behavior and its consequence on network security. It engages in the challenges of modeling decision-making process and integrating it in the human-network interaction.

group_project

Visible to the public EAGER: Data Science for Election Verification

Election officials need evidence-based, scientifically valid tools to routinely assess the quality of election systems, including technical and human factors. Whether initiated by the election administrators or by the parties to an election, election investigation is expensive and must be well prioritized to be most effective. The project plans to provide tools for prioritizing investigations for election officials and others. The expected outcome is increased robustness of the mechanisms protecting elections that can give Americans more justified confidence in election results.

group_project

Visible to the public CAREER: Practical Control Engineering Principles to Improve the Security and Privacy of Cyber-Physical Systems

This project focuses on tackling the security and privacy of Cyber-Physical Systems (CPS) by integrating the theory and best practices from the information security community as well as practical approaches from the control theory community. The first part of the project focuses on security and protection of cyber-physical critical infrastructures such as the power grid, water distribution networks, and transportation networks against computer attacks in order to prevent disruptions that may cause loss of service, infrastructure damage or even loss of life.

group_project

Visible to the public SaTC: CORE: Small: Checking Security Checks in OS Kernels

Operating system (OS) kernels play a critical role in computer systems by virtually having complete control over the systems. OS kernels not only manage hardware and system resources, but also provide services and protection. Given these tasks, OS kernels have to process external untrusted inputs and perform complicated operations, both of which are error-prone. To avoid entering into erroneous states, OS kernels tend to enforce a large number of security checks---"if" and "switch" statements that are used to validate states. Unfortunately, security checks themselves are often buggy.

group_project

Visible to the public SaTC: CORE: Small: The Blurring of Non-essential Notifications and Critical Security Warnings: Examining the Problem of Generalization in the Brain

This project measures how decreased attention to frequent software notifications negatively influences peoples' responses to uncommon security warnings that are truly critical. The researchers will use eye tracking equipment to examine this problem by measuring attention to notifications and warnings through eye gaze patterns, and individuals' decisions in response to these messages.

group_project

Visible to the public SaTC: CORE: Small: Collaborative: Understanding and Mitigating Adversarial Manipulation of Content Curation Algorithms

Online social networks (OSNs) have fundamentally transformed how billions of people use the Internet. These users are increasingly discovering books, music bands, TV shows, movies, news articles, products, and other content through posts from trusted users that they follow. All major OSNs have deployed content curation algorithms that are designed to increase interaction and act as the "gatekeepers" of what users see.

group_project

Visible to the public SaTC: Expanding Research Frontiers with a Next-Generation Anonymous Communication Experimentation (ACE) Framework

The ability to expand research frontiers through system deployment has been hindered by a lack of experimentation frameworks that can be used to safely and accurately evaluate new algorithms and network protocols at scale. This is particularly true for anonymous communication systems, which are generally understood to be among the most secure ways to communicate online, but are difficult to experiment with because (1) they are designed to be resistent to observation and (2) experiments must be crafted very carefully to ensure they do not endanger the systems' users.