SCI - Research

Cybersecurity research at the Secure Computing Institute is performed within its core and affiliate research labs. These efforts are spread across theoretical and practical cybersecurity and privacy, including topics such as software supply chain security, cellular and telecommunications security, mobile and IoT platform and application security and privacy, Web security and privacy, cloud security, software security, quantum-resistant cryptography, blockchain security and privacy, and symmetric multi-party computation. See the below laboratory websites for more information.

Core Research Labs

Wolfpack Security and Privacy Research (WSPR) Lab	Secure Software Supply Chain Center (S3C2)
Hardware and Embedded Cybersecurity Research (HECTOR) Lab	Secure Advanced Computer Architecture (SACA) Group
North Carolina Partnership for Cybersecurity Excellence (NC-PaCE)

Research Areas

Cellular and Telephone Network Security

The world has a fundamental reliance on the cellular and telphony system for secure communication and the establishment of indentity. Our work is actively studying security risks in telephony systems, ranging from understanding robocalls to insecure VoIP systems. This work integrates knowledge from fields as diverse as signal processing and digital communications; data science, machine learning, and statistics; cryptography; program analysis; reverse engineering; and Internet and telephone networks.

Faculty Contacts: Brad Reaves

Cloud Security

A significant amount of computation and storage is outsourced to public clouds. Our research seeks to design novel security architectures that provide enhanced security capabilities cloud environments. For example, we have proposed novel types of introspection using hypervisors that create new opportunities for forensics. We have also leveraged the elasticity and emphemeral natures of cloud computing to provide better resiliency to network-based attacks.

Faculty Contacts: William Enck, Douglas Reeves

Cryptography

The Crypto Group focuses on designing protocols for advanced cryptographic tasks such as zero-knowledge proofs and secure computation, and applying them to enhance privacy in emerging technologies (e.g., blockchain). Our main activities are:

• Designing cryptographic protocols for enhancing anonymity of users with application to privacy-preserving blockchain transactions.
• Designing cryptographic building blocks that offer composable security guarantees, and can be plugged securely in complex systems.
• Designing cryptographic protocols that are agnostic to any specific hardness assumptions and can be instantiated with Post-Quantum secure primitives.

Faculty Contacts: Alessandra Scafuro

Federated Learning

Federated learning is a machine learning paradigm in which a user or an organization cooperates with its peers, aiming to improve the learning performance without sacrificing the privacy of its own dataset. Our recent research focuses on designing federated learning schemes that are resilient to Byzantine attacks and model inversion attacks while maintaining the learning performance.

Faculty Contacts: Chau-Wai Wong

Hardware Security

Hardware is the root of trust in computing systems. We explore how this root can be compromised with advanced cyber attacks and related mitigation techniques. Our efforts include side-channel analysis, fault injection attacks, physical uncloanable functions, supply chain security and trusted hardware for AI/ML.

Faculty Contacts: Aydin Aysu, Chau-Wai Wong

IoT Security

Internet of Things (IoT) devices represent a significant security challenge due to their heterogeneity, scale, and resource constraints. Our research has taken a network-based approach to defending IoT smart home users, proposing novel frameworks for enhanced transparency and protection. Through these investigations, we have also discover fundamental design flaws in the ways in which smart home devices report telemetry and state, leading to ways in which attackers can blind and confuse smart home devices used for physical security.

Faculty Contacts: Anupam Das, William Enck, Brad Reaves

Mobile Security

Mobile devices are a primary computing platform for many users, if not their only platform. Our search has significantly enhanced the state of mobile platform and application security through the development of novel analysis tools and new architecture that provide enhanced protections. These efforts include both static and dynamic program analysis tools for Android applications to discover malware, privacy infrigements, and vulnerabilities. We have also targeted the platforms themselves, using static program analysis of the Android platform to discover missing or incorrect access control checks, as well as using reverse engineering to extract and formally model access control in iOS. Finally, we have also proposed generalized security frameworks for adapting the Android platform, as well as methods to incorporate strong Information Flow Control (IFC) guarantees.

Faculty Contacts: William Enck, Brad Reaves

Network Security

Our rearch seeks to better understand network security through a combination of empirical measurements and novel network architectural defenses. For example, we used Software Defined Networking (SDN) to build distribured information flow protections for enterprises, as well as new models for adaptively isolating IoT smart home devices.

Faculty Contacts: William Enck, Brad Reaves, Douglas Reeves

Privacy

Our research covers a broad array of privacy topics in computing. Recent efforts have focused on privacy in mobile and Internet of Things (IoT) devices. In the mobile domain, we have used static and dynamic program analysis to study how applications abuse privacy sensitive information that is made available by the operating system (sometimes unintionally). We have also used Natural Language Processing (NLP) to infer text input semantics as well as sharing and collection practices in privacy policies. In the IoT domain, we have built network frameworks to study privacy implications of smart home devices, as well as novel defenses for end users.

faculty contacts: Anupam Das, William Enck, Brad Reaves

Secure Hardware Architectures

With all the challenges for securing a trustworthy supply chain, paired with the new computing paradigms (e.g., cloud and edge computing), computing systems are challenged with a large attack surface. Thus, reducing the trusted compute base (TCB) to as minimal as possible would minimize the risks of data leakage and attacks. However, solutions that aim to limit the TCB to the processor chip or even a smaller hardware enclave (e.g., as in Intel’s SGX) require hardware changes and can lead to significant performance degradation. Moreover, some of these supports are incompatible with future memory technologies and system architectures. Accordingly, in this research focus, we aim to rethink the designs and architectures of future computing systems to combat various threats efficiently. Moreover, we investigate new threats enabled by employing new architectures and technologies, and how to best defend against them.

faculty contacts: Amro Awad

Software Supply Chain Security

The modern world relies on digital innovation in almost every human endeavor including critical infrastructure. Digital innovation has accelerated substantially as software is increasingly built on top of many layers of reusable abstractions, including libraries, frameworks, cloud infrastructure, artificial intelligence (AI) modules, and others, giving rise to software supply chains where software projects depend on and build upon other software projects. Software developers did not anticipate how the software supply chain would become a deliberate attack vector. The software industry has moved from passive adversaries finding and exploiting vulnerabilities contributed by honest, well-intentioned developers to a new generation of software supply chain attacks where attackers aggressively implant vulnerabilities directly into infrastructure software (e.g., libraries, tools) and infect build and deployment pipelines. Our NSF-funded Secure Software Supply Chain Center (S3C2) is a large-scale, multi-institution research enterprise with the vision that the software industry can rapidly innovate with confidence in the security of its software supply chain.

Faculty Contacts: William Enck, Alexandros Kapravelos, Brad Reaves, Dominik Wermke, Laurie Williams

Vulnerability Analysis

Our research uses static and dynamic analysis to discover vulnerabilities in software applications and platforms. These efforts commonly include static program analysis, reverse engineering, and formally modeling of security requirements (e.g., access control logic). For example, we have studied flaws in access control policy and enforcement logic in both the Android and iOS mobile platforms, discovering over a dozen CVEs. We have also perform large scale studies of software ecosystems (e.g., GitHub) to better understand the types of vulnerabilities that these environments introduce (e.g., exposing secrets within code).

Faculty Contacts: William Enck, Brad Reaves, Laurie Williams

Web Security and Privacy

Our research seeks to better understand how the web works and evolves over time and how we can make it more secure for the users. Research efforts range from designing a secure browser architecture to measuring and understanding large-scale Internet attacks. Also we are working on building instrumented browsers that can enable us to explore ways in which online trackers are evolving and coming up with new ways to track our digital footprint.

Faculty Contacts: Anupam Das, Alexandros Kapravelos