Our research seeks to empower individuals and organizations to control how their data is used. We use techniques from cryptography, programming languages, machine learning, and other areas to both understand and improve the security of computing as practiced today, and as envisioned in the future.

researchgroup
Security Research Group (19 January 2016)
Jack Doerner, Samee Zahur, Mahnush Movahedi, Mohammad Etemad, Haina Li, Weilin Xu, Karen Pan

Everyone is welcome at our research group meetings. To get announcements, join our Slack Group (any @virginia.edu email address can join themsleves, or email me to request an invitation).

Projects

Secure Multi-Party Computation
Obliv-C · MightBeEvil
Practical Secure Computation
Web and Mobile Security
ScriptInspector · SSOScan
Adversarial Machine Learning
EvadeML
Past Projects
Side-Channel Analysis · Perracotta · Splint
N-Variant Systems · Physicrypt · Social Networking APIs

News

O’Reilly Security 2016: Classifiers Under Attack

November 4th, 2016 by David Evans

I gave a talk on Weilin Xu’s work (in collaboration with Yanjun Qi) on evading machine learning classifiers at the O’Reilly Security Conference in New York: Classifiers Under Attack, 2 November 2016.

Machine-learning models are popular in security tasks such as malware detection, network intrusion detection, and spam detection. These models can achieve extremely high accuracy on test datasets and are widely used in practice.

However, these results are for particular test datasets. Unlike other fields, security tasks involve adversaries responding to the classifier. For example, attackers may try to generate new malware deliberately designed to evade existing classifiers. This breaks the assumption of machine-learning models that the training data and the operational data share the same data distribution. As a result, it is important to consider attackers’ efforts to disrupt or evade the generated models.

David Evans provides an introduction to the techniques adversaries use to circumvent machine-learning classifiers and presents case studies of machine classifiers under attack. David then outlines methods for automatically predicting the robustness of a classifier when used in an adversarial context and techniques that may be used to harden a classifier to decrease its vulnerability to attackers.




Demystifying the Blockchain Hype

October 26th, 2016 by David Evans

I gave a talk introducing the blockchain at a meetup hosted by Willow Tree Apps:
Demystifying the Blockchain Hype, 25 October 2016.

Over the past few years, explosive growth in cryptocurrencies (especially Bitcoin), has led to tremendous excitement about blockchains as a powerful tool for just about everything. Without assuming anyprevious background in cryptography, I’ll explain the cryptographic and networking technologies that make blockchains possible, explain why people are so excited about blockchains, but why you shouldn’t believe everything you hear about them.

The slides are below (I believe a recording will also be available soon).




Secure Stable Matching at Scale

August 30th, 2016 by David Evans

Our paper on secure stable matching is now available [PDF, 12 pages]:

Jack Doerner, David Evans, abhi shelat. Secure Stable Matching at Scale. 23rd ACM Conference on Computer and Communications Security (CCS). Vienna, Austria. 24-28 October 2016.

See the OblivC.org site for the code and data. Jack Doerner will present the paper at CCS in October.


Abstract

When a group of individuals and organizations wish to compute a stable matching — for example, when medical students are matched to medical residency programs — they often outsource the computation to a trusted arbiter to preserve the privacy of participants’ preference rankings. Secure multi-party computation presents an alternative that offers the possibility of private matching processes that do not rely on any common trusted third party. However, stable matching algorithms are computationally intensive and involve complex data-dependent memory access patterns, so they have previously been considered infeasible for execution in a secure multiparty context on non-trivial inputs.

We adapt the classic Gale-Shapley algorithm for use in such a context, and show experimentally that our modifications yield a lower asymptotic complexity and more than an order of magnitude in practical cost improvement over previous techniques. Our main insights are to design new oblivious data structures that exploit the properties of the matching algorithms. We then apply our secure computation techniques to the instability chaining algorithm of Roth and Peranson, currently in use by the National Resident Matching Program. The resulting algorithm is efficient enough to be useful at the scale required for matching medical residents nationwide, taking just over 17 hours to complete an execution simulating the 2016 NRMP match with more than 35,000 participants and 30,000 residency slots.


FTC Visit

August 18th, 2016 by David Evans

Great to visit our former student Joseph Calandrino at the Federal Trade Commission in DC, where he is now a Research Director.

Denis Nekipelov and I gave a joint talk there about using secure multi-party computation techniques to enable data analyses across sensitive, divided data sets in the room where the FTC commissioners meet.



Denis Nekipelov, Joseph Calandrino, David Evans, Devesh Ravel


Private Multi‑Party Machine Learning

August 18th, 2016 by David Evans

I’m co-organizing a workshop to be held in conjunction with NIPS on Private Multi‑Party Machine Learning, along with Borja Balle, Aurélien Bellet, Adrià Gascón. The one-day workshop will be held Dec 9 or Dec 10 in Barcelona.

NIPS workshops are different from typical workshops attached to computer security conferences, with lots of invited talks (and we have some great speakers lined up for PMPML16), but there is also an opportunity for researchers to submit short papers to be presented at the workshop either as short talks or posters.




Insecure by Default? Authentication Services in Popular Web Frameworks

August 15th, 2016 by David Evans

Hannah Li presented a poster at USENIX Security Symposium on how popular web frameworks perform authentication.



Insecure by Default? Authentication Services in Popular Web Frameworks
[Abstract (PDF)] [Poster (PDF)]

The work studies how different design choices made by web frameworks impact the security of web applications built by typical developers using those frameworks, with a goal of understanding the usability and performance trade-offs that lead frameworks to adopt insecure defaults, and develop alternatives that lead to better security without sacrificing the needs of easy initial development and deployment.


Open Source Echo

July 3rd, 2016 by David Evans

Kevin Zhao is working on building an open source “Amazon echo” personal voice assistant (using Jasper).

His first post about it is here: Building The Open Source Amazon Echo-Jasper.




ShanghaiTech Symposium

June 25th, 2016 by David Evans

I went to Shanghai for the ShanghaiTech Symposium on Information Science and Technology. ShanghaiTech was only founded three years ago, but has made tremendous progress and recruited a talented group of faculty and students.


Zheng Zhang and Haibo Chen

Hao Bai

For the Symposium, I presented a tutorial introduction to secure multi-party computation (focused towards systems researchers), and an invited talk on Memory for Data-Oblivious Computation. Was a special honor to be able to speak about MPC applications build using Yao’s protocol following Andrew Yao’s opening keynote.

Thanks a bunch to Hao Chen for inviting me to the Symposium!


Aarhus Workshop on Theory and Practice of Secure Multiparty Computation

June 5th, 2016 by David Evans

I’m back from the Workshop on Theory and Practice of Secure Multiparty Computation are Aarhus University in Denmark. Aarhus is a great city for biking – you can rent bikes (with trailers for children), and bike down the coast from the old city, past the beach, and to the countryside, all on a bikes-only roadway.

Highlight of the workshop was unquestionably the musical performance by Ivan Damgård, Claudio Orlandi, and Marcel Keller:



I gave a talk on circuit structures and Square-Root ORAM:

abhi shelat also presented on Jack Doerner’s work on private stable matching.





After the workshop, we had a family visit to Legoland (about an hour by train and bus from Aarhus). Photo albums: Aarhus, Legoland.


SRG at Oakland 2016

May 25th, 2016 by David Evans

At the IEEE Symposium on Security and Privacy in San Jose, CA, Samee Zahur presented on Square-Root ORAM and Anant, Jack, and Sam presented posters.



Anant Kharkar
Evading Web Malware Classifiers using Genetic Programming


Jack Doerner
Secure Gale-Shapley: Efficient Stable Matching for Multi-Party Computation


Samuel Havron
Secure Multi-Party Computation as a Tool for Privacy-Preserving Data Analysis