Research

Modern computing systems are sprawling and complex, creating many opportunities for would-be intruders to break-in and remain undetected. Attackers can now dwell inside of networks for months or years before being noticed, as evidenced by numerous high-profile data breaches in the news. Our research seeks to empower system defenders by improving the ways in which we audit computers, allowing them to understand and react to attacks before serious damage is inflicted. A key technique we leverage in this work isf data provenance, which iteratively parses low-level events (e.g., Process A read File 1) into a causal dependency graph that describes the entire history of system execution. These graphs allow security analysts to identify the root causes of suspicious activities through causal analysis, and can also be used to improve automated intrusion detection systems.

Recent Papers:

Consumer Device Security

Spanning smart phones and the Internet of Things, consumer-oriented computing devices are diverse and pervasive. While these technologies create unprecedented opportunity for innovation, they also expose novel attack surfaces that must be better understood in order to provide adequate protection to end users. Our work in this space is two fold: first, to reason about the security challenges created by consumer devices, but also to identify ways in which these technologies can be leveraged to address the broader goals of computer security. Our recent achievements in this area include helping to protect the privacy of athletes that use fitness tracking devices, uncovering new vulnerabilities in voice-activated IoT devices, and introducing new methods of detecting misbehaving commercial drones.

Recent Papers:

Network and Communications Security

An increasing proportion of the global economy is dependent on the security of network communications and infrastructures. Unfortunately, these security properties are violated with alarming frequency due to implementation errors or developer confusion, or because systems are made use of in unanticipated ways. This research seeks to better understanding this breakdown between theory and practice, and identify ways to restore correct functionality in vulnerable networked systems. To this end, our work has considered the security challenges surrounding Software Defined Networks (SDN), the ubiquitous TLS/HTTPS protocols, and legacy telecommunications infrastructure.

Recent Papers:

USB and Peripheral Device Security

The Universal Serial Bus (USB), introduced in the 1990’s, has lived up to its name in becoming the world standard for connecting peripheral devices to computers. The newest iteration of USB, Type-C, is even the exclusive means of connecting to new Apple MacBooks and Google smartphones. Unfortunately, due to its popularity USB is also a popular target for attackers, who have incorporated USB devices into threats ranging from social engineering to signal injection. The goal of our research into space is to better understand the increasingly-complex threats posed by USB peripherals and to develop effective defenses against these attacks.