Computer Systems & Networking
This project presents TIMO, the first WiFi receiver that can decode in the presence of high-power unknown cross-technology interference. Traditionally, researchers have addressed cross-technology interference by dynamically searching for and switching to unused frequencies. We approach the problem from a different perspective: can one operate in already used frequencies in the presence of potentially unknown interferers? We build a new cognitive framework for the unlicensed band which allows multi-antenna devices to work in used frequencies.
This project presents tamper-evident pairing, the first wireless pairing protocol that works in-band, with no pre-shared keys, and protects against MITM attacks. The main innovation is a new key exchange message constructed in a manner that ensures an adversary can neither hide the fact that a message was transmitted, nor alter its payload without being detected. Thus, any attempt by an adversary to interfere with the key exchange translates into the pairing devices detecting either invalid pairing messages or an unacceptable increase in the number of such messages.
Wireless communication has become an intrinsic part of modern implantable medical devices (IMDs). Recent work, however, has demonstrated that wireless connectivity can be exploited to compromise the confidentiality of IMDs’ transmitted data or to send unauthorized commands to IMDs—even commands that cause the device to deliver an electric shock to the patient. The key challenge in addressing these attacks stems from the difficulty of modifying or replacing already-implanted IMDs.
BotLab is a platform that continually monitors and analyzes the behavior of spam-oriented botnets. BoLab gathers multiple real-time streams of information about botnets taken from distinct perspectives. By combining and analyzing these streams, BoLab can produce accurate, timely, and comprehensive data about spam botnet behavior.
Traceroute has long had a fundamental limitation that affects all these applications: it does not provide reverse path information. In this project, we address this longstanding limitation by building a reverse traceroute tool. Our tool provides the same information as traceroute, but for the reverse path, and it works in the same case as traceroute, when the user may lack control of the destination.
Computer systems are often difficult to understand and debug. A common way of gaining insight into a system's behavior is to inspect execution logs. Unfortunately, manual inspection of logs is an arduous process. We have developed a tool called Synoptic that helps developers by inferring a concise and accurate system model, in the form of a finite state machine, from execution logs. Synoptic processes the logs that most systems already produce, and it requires developers only to specify a set of regular expressions for parsing the logs. Synoptic models have been used to find new bugs, increase developer confidence in the correctness of their code, and help developers better understand their programs.
The SPARTA project (Static Program Analysis for Reliable Trusted Apps) is building a toolset to verify the security of mobile phone applications.
Mobile devices are easily lost or stolen, compromising data and privacy. We have designed a new file system for mobile devices, called Keypad, which provides an audit trail that indicates which files were (or were not) accessed following device loss and lets users disable file reading post-loss, even in the absence of network connectivity. A Keypad paper was presented at the EuroSys Conference, April 2011 and won the Best Student Paper Award. Faculty: Gribble, Kohno, Levy.