CORE

group_project

Visible to the public SaTC: CORE: Small: Checking Security Checks in OS Kernels

Operating system (OS) kernels play a critical role in computer systems by virtually having complete control over the systems. OS kernels not only manage hardware and system resources, but also provide services and protection. Given these tasks, OS kernels have to process external untrusted inputs and perform complicated operations, both of which are error-prone. To avoid entering into erroneous states, OS kernels tend to enforce a large number of security checks---"if" and "switch" statements that are used to validate states. Unfortunately, security checks themselves are often buggy.

group_project

Visible to the public SaTC: CORE: Small: The Blurring of Non-essential Notifications and Critical Security Warnings: Examining the Problem of Generalization in the Brain

This project measures how decreased attention to frequent software notifications negatively influences peoples' responses to uncommon security warnings that are truly critical. The researchers will use eye tracking equipment to examine this problem by measuring attention to notifications and warnings through eye gaze patterns, and individuals' decisions in response to these messages.

group_project

Visible to the public SaTC: CORE: Small: Collaborative: Understanding and Mitigating Adversarial Manipulation of Content Curation Algorithms

Online social networks (OSNs) have fundamentally transformed how billions of people use the Internet. These users are increasingly discovering books, music bands, TV shows, movies, news articles, products, and other content through posts from trusted users that they follow. All major OSNs have deployed content curation algorithms that are designed to increase interaction and act as the "gatekeepers" of what users see.

group_project

Visible to the public NSF-BSF: SaTC: CORE: Small: Blockchain Fairness

Blockchains provide compelling security properties that enable powerful systems to be constructed without reliance on trusted third parties. Their rise has created successful, multi-billion dollar systems and has had a transformative impact on venture funding and the financial industry. Blockchains as currently designed, though, fail to enforce fairness for their users, meaning equal opportunities for fast transaction processing. The project investigators will seek to address the pervasive fairness deficiencies in blockchain systems.

group_project

Visible to the public SaTC: CORE: Medium: Protecting Confidentiality and Integrity of Deep Neural Networks against Side-Channel and Fault Attacks

Deep learning (DL) has become a foundational means for solving diverse problems ranging from computer vision, natural language processing, digital surveillance to finance and healthcare. Security of the deep neural network (DNN) inference engines and trained DNN models on various platforms have become one of the biggest challenges in deploying artificial intelligence. Confidentiality breaches of the DNN model can facilitate manipulations of the DNN inference, resulting in potentially devastating consequences.

group_project

Visible to the public SaTC: CORE: Small: A Secure Processor that Exploits Multicore Parallelism while Protecting Against Microarchitecture State Attacks

Microprocessors are widely deployed in cloud, fog, edge, and mobile computing platforms. In all cases, the economies of scale stem from our ability (through the use of mature virtualization technologies) to host large sets of applications from diverse domains. These applications increasingly operate on private or confidential user data. A major hurdle for exposing and exploiting virtualization capabilities in next generation processors is the lack of a clear vision for how to address the security challenges associated with co-locating applications that share hardware.

group_project

Visible to the public SaTC: CORE: Small: Memory-hard Cryptography

Cryptography provides the basic tools to guarantee confidentiality and integrity of data. It hence plays a pivotal role in securing our digital infrastructure, and in enforcing the right for privacy of individuals. The development of secure cryptographic techniques is however difficult and error-prone, as unknown attack strategies need to be taken into account. To overcome this, modern cryptography advocates the paradigm of provable security, where threat models are precisely formalized using the language of mathematics, and the security of cryptosystems is proved within these models.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Cryptographic Data Protection in Modern Systems

Continuing major breaches and security compromises of computer systems motivate a promising new approach to data protection: encrypt the data so that even if stolen, it will be useless to the attacker, yet reveal just enough information about the data so that commodity systems such as databases and Web servers can still operate on it. This is called property-revealing encryption (PRE), and has already found its way to academic and commercial products that protect sensitive data in cloud services.

group_project

Visible to the public SaTC: CORE: Medium: Collaborative: Presentation-attack-robust biometrics systems via computational imaging of physiology and materials

Many physical characteristics, such as face, fingerprints, and iris as well as behavioral characteristics such as voice, gait, and keystroke dynamics, are believed to be unique to an individual. Hence, biometric analysis offers a reliable solution to the problem of identity verification. It is now widely acknowledged that biometric systems are vulnerable to manipulation where the true biometric is falsified using various attack strategies; such attacks are referred to as Presentation Attacks (PAs).

group_project

Visible to the public SaTC: CORE: Medium: Implicit One-handed Mobile User Authentication by Induced Thumb Biometrics on Touch-screen Handheld Devices

People often store private and sensitive data on their mobile devices, and the security of these devices is essential. This project advances and develops a new process for verifying a user's legitimate right to access a mobile device. Existing research has not made this process very usable for many people who lack dexterity or the use of both hands. This research aims to design and develop a method for one-handed authentication on a touch-screen mobile handheld device. The objective is to improve both security and usability of authentication.