Security
Security involves safeguarding software systems, embedded systems IoT (Internet of Things), mobile systems, and cyber-physical systems from threats such as software vulnerabilities, attacks, and other types of malicious and harmful activity. CISE researchers apply a variety of techniques from a number of fields (program analysis, machine learning, computational social science) to better understand such systems and the way in which people interact with them and misuse them. Research in CISE includes development of automated dynamic malware-analysis techniques and tools to analyze potentially malicious samples. Another line of research involves hardening the security of wireless ingestible and implantable medical devices (IMDs), such as on-demand drug delivery systems and bio-engineered wireless medical sensors, for diagnostic and therapeutic purposes.
CAREER: Toward Securing Emerging Computing Platforms via Large-Scale Dynamic Analysis
The Internet of Things (IoT) is poised to permeate all aspects of our daily lives, from already existing smart home assistants, over increasingly popular industrial applications, to yet to be developed personal health devices. Clearly, these technologies offer exciting and new opportunities, yet the software and devices that comprise the IoT encompass serious security threats. […]
InTrans: Modular Security on an Open Cloud
This project explores the intriguing possibilities that result from the combination of two tools: cryptographic software that distributes any computing task over several machines with strong security guarantees as long as the machines are isolated, and a multi-provider cloud datacenter that offers to any tenant the ability to rent multiple isolated machines that are administered […]
SaTC: CORE: Medium: Collaborative: Taming Memory Corruption with Security Monitors
Modern computing systems are under constant attack by organized crime syndicates, nation-state adversaries, and regular cyber-criminals alike. Among the most damaging attacks are those that exploit so-called memory corruption vulnerabilities which often confer the attacker with access to sensitive information or allow the attacker to execute arbitrary code on the victim’s machine. To counter the […]
How Fitbits, Other Bluetooth Devices Make Us Vulnerable to Tracking
BU researchers found that a third-party algorithm can track the location of some Bluetooth devices In 2018, nearly 3.7 billion new Bluetooth-enabled devices shipped worldwide to consumers. From phones and speakers to thermostats and fridges, home appliances and personal devices including “wearables” are rapidly becoming more connected by Wi-Fi than ever before, creating what’s called […]
EAGER: SaTC: Early-Stage Interdisciplinary Collaboration: Multi-regulation computation
This interdisciplinary project investigates whether existing cryptographic techniques for analyzing siloed data comport with participants’ legal restrictions on data disclosure. Secure multi-party computation (MPC) is a technique from cryptography that allows several participants, each with sensitive information, to analyze their data collectively without ever sharing it. Several companies, governments, and non-profit organizations have adopted MPC […]
In-Situ Malware Containment and Deception through Dynamic In- Process Virtualization
The malware landscape has evolved from the domain of attention-seeking miscreants, into a diverse spectrum ranging from best-effort mass-market malware to highly sophisticated state sponsored attacks using implants, remote access Trojans, and advanced evasion techniques. While existing research mainly focuses on detection, classification, and prevention of various malware threats, this project turns the table on […]
CISE Affiliate Professor Manuel Egele Awarded $750,000 Grant from ONR for Malware Research
Malware is a constant threat in the 21st century. The most common way to deal with a malware infection is to clean the malicious software from a computer or to reinstall its operating system in an effort to restore its original functionality. However, sophisticated malware that steals sensitive information can, upon detection, be repurposed to […]
SaTC: TTP: Small: Modular Platform for Web-based Secure Multi-Party Analytics
This project designs, develops, and applies a modular infrastructure for building web-based applications that allow individuals and organizations to benefit from privacy-preserving data aggregation and analysis in contexts where data sharing is encumbered by confidentiality concerns, legal restrictions, or corporate policies. Today, individuals and organizations face a tension between the explosion of valuable data that […]
EAGER: Design and Exploration of Optical Nanoantenna Technology for Advanced IC Testing and Hardware Security
Non-technical: Today’s integrated circuit (IC) chips are used in practically all consumer electronics, as well as in critical defense technologies and municipal support systems such as power and water supply services. To build these chips, state-of-the-art technologies are used that integrate billions of transistors on a single chip. Currently, we do not have the technological […]
Broadening Participation in Teaching and Research in GENI: A Regional Workshop in May 2016
This project supports hosting a Global Environment for Network innovations (GENI) Regional Workshop (GRW) on May 23, 2016 at Boston University in Boston, Massachusetts. The intent of this GRW is to continue to broaden the GENI user community, introducing new educators and researchers in the northeastern US geographic region to GENI. Four GRWs in total […]