Systems

group_project

Visible to the public  EDU: Collaborative: Using Virtual Machine Introspection for Deep Cyber Security Education

Cybersecurity is one of the most strategically important areas in computer science, and also one of the most difficult disciplines to teach effectively. Historically, hands-on cyber security exercises helped students reinforce basic concepts, but most of them focused on user level attacks and defenses. Since OS kernels provide the foundations to the applications, any compromise to OS kernels will lead to an entirely untrusted computing. Therefore, it is imperative to teach students the practice of kernel level attacks and defenses.

group_project

Visible to the public SaTC-EDU: EAGER: Peer Instruction for Cybersecurity Education

Engineering a secure IT system, in addition to technical skills, requires a particular mindset focused on using cybersecurity solutions effectively against sophisticated and stealthy cyber attacks. The traditional lecture-centric style of teaching has failed to deliver that mindset, which is the direct result of an over-emphasis on specific technical skills (with limited lifespan and insufficient technical depth), abstract rather than deeply technical examination of fundamental concepts, and an impatience in developing broader analytical skills.

group_project

Visible to the public TWC: TTP Option: Small: Collaborative: SRN: On Establishing Secure and Resilient Networking Services

Almost every organization depends on cloud-based services. The backend of cloud-based services are designed for multiple tenants and reside in data centers spread across multiple physical locations. Network security and security management are major hurdles in such a complex, shared environment. This research investigates mitigating the security challenges by taking a moving target defense (MTD) approach.

group_project

Visible to the public  TWC: Medium: Language-Hardware Co-Design for Practical and Verifiable Information Flow Control

Current cloud computing platforms, mobile computing devices, and embedded devices all have the security weakness that they permit information flows that violate the confidentiality or integrity of information. This project explores an integrated approach in which software and hardware are co-designed with strong, comprehensive, verifiable security assurance. The goal is to develop a methodology for designing systems in which all forms of information flow are tracked, at both the hardware and software levels, and between these levels.

group_project

Visible to the public TWC: Small: Practical Assured Big Data Analysis in the Cloud

The use of "cloud technologies" presents a promising avenue for the requirements of big data analysis. Security concerns however represent a major impediment to the further adoption of clouds: through the sharing of cloud resources, an attack succeeding on one node can tamper with many applications sharing that node.

group_project

Visible to the public Forum on Cyber Resilience

This project provides support for a National Academies Roundtable, the Forum on Cyber Resilience. The Forum will facilitate and enhance the exchange of ideas among scientists, practitioners, and policy makers concerned with the resilience of computing and communications systems, including the Internet, critical infrastructure, and other societally important systems.

group_project

Visible to the public TWC: Small: Developing Advanced Digital Forensic Tools Based on Network Stack Side Channels

This project is developing the next generation of network measurement tools for penetration testers, digital forensics experts, and other cybersecurity professionals who sometimes need to know more about the Internet or a specific network. It is developing techniques based on TCP/IP side channel inferences, where it is possible to infer something about a remote machine's view of the network based on the use of shared, limited resources.

group_project

Visible to the public TWC: TTP Option: Small: Collaborative: Scalable Techniques for Better Situational Awareness: Algorithmic Frameworks and Large-Scale Empirical Analyses

Attacks on computer networks are an all too familiar event, leaving operators with little choice but to deploy a myriad of monitoring devices to ensure dependable and stable service on the networks they operate. However, as networks grow bigger and faster, staying ahead of the constant deluge of attack traffic is becoming increasingly difficult. A case in point is the attacks on enterprise name servers that interact with the Domain Name System (DNS). These name servers are critical infrastructure, busily translating human readable domain names to IP addresses.

group_project

Visible to the public Breakthrough: Collaborative: Secure Algorithms for Cyber-Physical Systems

Modern systems such as the electric smart grid consist of both cyber and physical components that must work together; these are called cyber-physical systems, or CPS. Securing such systems goes beyond just cyber security or physical security into cyber-physical security. While the threats multiply within a CPS, physical aspects also can reduce the threat space. Unlike purely cyber systems, such as the internet, CPS are grounded in physical reality.

group_project

Visible to the public TWC: Small: Side Channels through Lower-Level Caches: Attacks, Defenses and Security Metrics

In cache-based side-channel attacks, an attacker with no special privileges or physical access can extract secrets from a victim process by observing its memory accesses through a shared cache. Such attacks have been demonstrated on a number of platforms, and represent a dangerous and open threat. This project explores side-channel attacks on the shared lower-level-caches (LLCs) in modern CPUs.