Search for tag: "institute for information security & privacy"

Seyedhamed Ghavamnia - Temporal System Call Specialization for Attack Surface Reduction

Attack surface reduction through the removal of unnecessary application features and code is a promising technique for improving security without incurring any additional overhead. Recent software…

From  Kathryn Gentilello on October 21st, 2020 5 plays 0  

Shachee Mishra - Multi-layer API Specialization for Attack Surface Reduction

Code reuse attacks have been a threat to software security since the introduction of non-executable memory protections. Despite significant advances in various types of additional defenses, such as…

From  Kathryn Gentilello on October 7th, 2020 5 plays 0  

Danny Y. Huang - Watching IoTs that Watch Us

Many consumers today are increasingly concerned about IoT security and privacy. There is much media hype about home cameras being hacked or voice assistants eavesdropping on conversations. However,…

From  Kathryn Gentilello on October 3rd, 2020 5 plays 0  

Brian Kondracki - Meddling Middlemen: Empirical Analysis of the Risks of Data-Saving Mobile Browsers

Mobile browsers have become one of the main mediators of our online activities. However, as web pages continue to increase in size and streaming media on-the-go has become commonplace, mobile data…

From  Kathryn Gentilello on September 22nd, 2020 11 plays 0  

Kevin Bock - Automating the Discovery of Censorship Evasion Strategies

Researchers and censoring regimes have long engaged in a cat-and-mouse game, leading to increasingly sophisticated censorship techniques and methods to evade them. Unfortunately, censors have long…

From  Kathryn Gentilello on September 18th, 2020 4 plays 0  

Nicholas Weaver - Reflections on Internet Surveillance

Six years ago Edward Snowden leaked a massive trove of internal NSA documents detailing the operation of the US government’s electronic surveillance system. The overall systems described a…

From  Timothy Hynes on April 27th, 2020 80 plays 0  

Wanrong Zhang - Differentially Private Change-point Detection

The change-point detection problem seeks to identify distributional changes in streams of data. Increasingly, tools for change-point detection are applied in settings where data may be highly…

From  Kathryn Gentilello on March 12th, 2020 34 plays 0  

Sharbani Pandit - Fighting Voice Spam with a Virtual Assistant

Telephony has been a trusted channel in the past but technological advances have exposed it to abuse that is perpetrated by fraudsters and criminals. Mass robocalls, call source spoofing and voice…

From  Kathryn Gentilello on February 24th, 2020 28 plays 0  

Michael D. Brown - The Impact of Compiler-Based Performance Optimizations on Security

The security impacts of compiler-based software optimizations are typically not considered during their design and implementation. As a result, a number of well-intentioned compiler optimizations…

From  Kathryn Gentilello on February 17th, 2020 36 plays 0  

Hong Hu - Space Wars: Exploiting Program (in)Variants for Software Security

The ever-increasing code base of modern software inevitably introduces vulnerabilities which enable attackers to construct sophisticated exploits and compromise our computer systems. Control-flow…

From  Kathryn Gentilello on February 6th, 2020 19 plays 0  

Luong Nguyen - Hardware Trojan detection using the backscattering side channel

Integrated circuits (IC) have become an integral aspect of our lives. Thus, the problem of ensuring authenticity and trust for ICs is critically important, especially for sensitive fields such as…

From  Kathryn Gentilello on February 3rd, 2020 11 plays 0  

Omar Alrawi - Security Evaluation of Home-Based IoT Deployments

Home-based IoT devices have a bleak reputation regarding their security practices. On the surface, the insecurities of IoT devices seem to be caused by integration problems that may be addressed by…

From  Kathryn Gentilello on November 22nd, 2019 31 plays 0  

Nader Sehatbakhsh - Leveraging Side-Channel Signals for Security and Trust

With the proliferation of computing systems in our world, from servers to internet-of-things devices, side-channel signals have become significantly more available and accessible to measure and…

From  Kathryn Gentilello on November 18th, 2019 34 plays 0  

Alexandra Boldyreva - Secure Communication Channel Establishment: TLS 1.3 (Over TCP Fast Open) vs. QUIC

Secure channel establishment protocols such as TLS are some of the most important cryptographic protocols, enabling the encryption of Internet traffic. Reducing the latency (the number of…

From  Kathryn Gentilello on November 13th, 2019 31 plays 0