Grant Year: 2020

January 27, 2021

Privacy Controls for Always-Listening Devices

Intelligent voice assistants and the microphone-equipped Internet of Things devices that support them are very convenient but carry significant privacy risks. Newer and future devices extend these risks by listening all the time — beyond a few specific keywords. The goal of our research is to develop privacy controls for…

January 14, 2020

How Do Vulnerable Patients Understand Data Privacy as It Pertains to mHealth Interventions?

As mobile health (mHealth) interventions have the potential to acquire a dominant role in safety-net healthcare settings, there are many challenges to data privacy that need to be considered. Users with marginalized backgrounds have a greater risk of experiencing more detrimental consequences of privacy and security breaches to mHealth apps…

January 14, 2020

Keystone: An Open Framework for Architecting TEEs

Trusted execution environments (TEEs) are found in a range of devices — from embedded sensors to cloud servers — and encompass a range of cost, power constraints, and security threat model choices. On the other hand, each of the current vendor-specific TEEs makes a fixed set of trade-offs, with little…

January 14, 2020

Law Enforcement Access to Digital Data: Understanding the Everyday Processes

During criminal investigations, U.S. law enforcement agencies often seek evidence held by third-party businesses. Many of these companies have established policies on how to respond to law enforcement requests for information. How do government agencies navigate these policies? This project studies this question through semi-structured interviews with investigators and prosecutors…

January 14, 2020

Measuring and Defending Against New Trends in Nation-State Surveillance of Dissidents

Targeted nation-state hacking against dissidents’ devices and online accounts is a growing problem with significant real-world consequences for targets, including physical harm. While initial research efforts have mapped out part of the ecosystem of these attacks, attackers are increasingly “going dark” by adapting their tools and techniques to compromise target…

January 14, 2020

Novel Metrics for Robust Machine Learning

Although deep neural networks (DNNs) have achieved impressive performance in several applications, they also exhibit several well-known sensitivities and security concerns that can emerge for a variety of reasons, including adversarial attacks, backdoor attacks, and lack of fairness in classification. Hence, it is important to better understand these risks in…

January 14, 2020

Obscuring Authorship: Neural Methods for Adversarial Stylometry and Text-Based Differential Privacy

The continual improvement of models for author attribution—the task of inferring the author of an anonymized document—indicates potential benefits but also substantial risks in the context of privacy and cybersecurity. Such improvements pose particular threats to whistleblowers and other individuals who might have strong political or security-related reasons for wanting…

January 14, 2020

Secure Machine Learning

We will study how to harden machine learning classifiers against adversarial attack. We will explore general mechanisms for making deep-learning classifiers more robust against attack, with a special focus on security for autonomous vehicles. Current schemes fail badly in the presence of an attacker who is trying to fool or…

January 14, 2020

Secure Authentication in Blockchain Environments

Bitcoin and blockchain systems brought us to the brink of a technological revolution: these systems allow us to bypass the need for centralized trusted entities to run protocols on a large scale. However, the decentralized nature of these systems brings unique challenges, including user authentication. While cryptography provides strong solutions…

January 14, 2020

Examining The Third-Party Tracking Ecosystem

Many mobile apps and online services use “third-party trackers,” which send data about specific user behaviors to various other companies. The purposes of these transmissions can include profiling individual users to target them with specific ads, amassing personal information to sell to data brokers, or monitoring activities to identify how…