CORE

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: New Directions in Public-Key and Identity-Based Encryption

Developments in public-key encryption (PKE) and identity-based encryption (IBE) have revolutionized the field of cryptography and secure communication in general. PKE allowed remote parties to establish secure channels in front of eavesdropping adversaries, and led to public-key directories storing parties' public-keys. The stronger primitive of IBE eliminated the need for a large public-key directory, though this comes at the cost of trusting a central private-key generation authority.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: New Directions in Public-Key and Identity-Based Encryption

Developments in public-key encryption (PKE) and identity-based encryption (IBE) have revolutionized the field of cryptography and secure communication in general. PKE allowed remote parties to establish secure channels in front of eavesdropping adversaries, and led to public-key directories storing parties' public-keys. The stronger primitive of IBE eliminated the need for a large public-key directory, though this comes at the cost of trusting a central private-key generation authority.

group_project

Visible to the public SaTC: CORE: Medium: Knowledge Work and Coordination to Improve O&M and IT Collaboration to Keep Our Buildings Smart AND Secure

Government organizations, businesses, and universities are increasingly adding Internet of Things (IoT) devices, such as room occupancy sensors, into their buildings. As these sensors are connected to the internet and networked to building technology (such as heating and lights), an attacker could shut down a building or steal sensitive information.

group_project

Visible to the public SaTC: CORE: Small: New Techniques for Optimizing Accuracy in Differential Privacy Applications

Differential Privacy is an important advance in the modern toolkit for protecting privacy and confidentiality. It allows organizations such as government agencies and private companies to collect data and publish statistics about it without leaking personal information about people -- no matter how sophisticated an attacker is. The project's novelties are in the careful design of new differentially private tools that provide more accurate population statistics while maintaining strong privacy guarantees.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: User-Centered Deployment of Differential Privacy

Differential privacy (DP) has been accepted as the de facto standard for data privacy in the research community and beyond. Both companies and government agencies are trying to deploy DP technologies. Broader deployments of DP technology, however, face challenges. This project aims to understand the needs of different stakeholders in data privacy, and to develop algorithms and software to enable broader deployment of private data sharing.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: User-Centered Deployment of Differential Privacy

Differential privacy (DP) has been accepted as the de facto standard for data privacy in the research community and beyond. Both companies and government agencies are trying to deploy DP technologies. Broader deployments of DP technology, however, face challenges. This project aims to understand the needs of different stakeholders in data privacy, and to develop algorithms and software to enable broader deployment of private data sharing.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: User-Centered Deployment of Differential Privacy

Differential privacy (DP) has been accepted as the de facto standard for data privacy in the research community and beyond. Both companies and government agencies are trying to deploy DP technologies. Broader deployments of DP technology, however, face challenges. This project aims to understand the needs of different stakeholders in data privacy, and to develop algorithms and software to enable broader deployment of private data sharing.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: RADAR: Real-time Advanced Detection and Attack Reconstruction

There has been a rapid escalation of targeted cyber-attacks, called Advanced Persistent Threats (APTs), on high-profile enterprises. These skilled attacks routinely bypass widely deployed protection mechanisms. Existing second-line cyber defenses (e.g., intrusion detection systems) are helpful, but they often generate a flood of information that overwhelms cyber analysts. Moreover, analysts lack the tools to piece together attack fragments spanning multiple applications and/or hosts.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: RADAR: Real-time Advanced Detection and Attack Reconstruction

There has been a rapid escalation of targeted cyber-attacks, called Advanced Persistent Threats (APTs), on high-profile enterprises. These skilled attacks routinely bypass widely deployed protection mechanisms. Existing second-line cyber defenses (e.g., intrusion detection systems) are helpful, but they often generate a flood of information that overwhelms cyber analysts. Moreover, analysts lack the tools to piece together attack fragments spanning multiple applications and/or hosts.

group_project

Visible to the public SaTC: CORE: Small: Reasoning about dependencies and information flow in dynamic code

This project aims to investigate software whose code can change during its execution. Such code is ubiquitous in modern systems. For example, all modern web browsers contain a component, known as a JIT compiler, that creates or modifies code during execution. Reasoning about relationships between the code that carries out the runtime modifications, and the code that is created or modified as a result, is important for a number of software security applications. For example, bugs in a JIT compiler can result in vulnerabilities that can be exploited by hackers.