Security and Privacy

Could censorship end the internet as we know it? Not if Roya Ensafi can help it.

Technology could capture household information without recording speech.

Election security expert J. Alex Halderman dissects Antrim County’s election debacle to help future contests go more smoothly.

Microphones that “hear” light; microprocessors that “tell” us secrets; self-driving cars that “see” fake objects; sensors that “feel” the wrong temperature. Our devices are under attack in new, increasingly sophisticated ways. Security researchers at CSE are exploring the limits of hardware and finding new, sobering vulnerabilities in our computers and homes.

Today, over 225 million websites are protected by free certificates issued by Let’s Encrypt.

The winning paper broke open a new area of investigation in hardware-based data leaks.

Censored Planet is releasing technical details for other researchers and for activists.

Expert advice for voting in an unprecedented election.

A self-erasing chip for security and anti-counterfeit tech.

Prof. Roya Ensafi and PhD candidate Reethika Ramesh led organizing efforts for USENIX’s Tenth Workshop on Free and Open Communications on the Internet.

Ironpatch could head off growing danger of security vulnerabilities in vehicle systems.

The two organizations will connect their membership and partner networks to work on advancing security for life-saving devices.

The upcoming presidential election in the middle of a pandemic has jurisdictions exploring new technologies. They’re not secure.

The projects impact voting systems, physical sensors, integrated circuit fabrication, and multiple microarchitectural side-channel vulnerabilities.

The algorithm can pick out weak signals from nuclear weapons materials, hidden in ordinary radiation sources like fertilizer.

Zhang is working to improve data security and address important ethical issues related to AI and discriminatory data sets.

Subarno Banerjee uses program analysis to improve software systems’ safety and security.

Vehicles that perceive obstacles that aren’t really there could cause traffic accidents.

Prof. Austin is a creative, outside-the-box thinker who has produced a body of work that has had extraordinary impact in the area of computer architecture.

The team says their framework can scalably and semi-automatically monitor the use of filtering technologies for censorship at global scale.

Researchers carried out the first study on voter behavior with electronic assistive devices, found 93% missed incorrect ballots.

The proposal provides a chip-level safeguard against sensitive data being transmitted after it’s accessed.

A Q&A with J. Alex Halderman, who co-founded the nonprofit organization.

The nation is using inexpensive commodity equipment to block 170K domains on more than 1K privately-owned ISPs.

The newly discovered microphone vulnerability allows attackers to remotely inject inaudible and invisible commands into voice assistants using light.

The new system is designed to save security researchers time and effort spent reverse-engineering the message format of every vehicle they study.

Technology pioneered by Michigan researchers can circumvent many effective website blocking tools

The researchers demonstrated that an adversary could remotely manipulate the temperature sensor measurements without tampering with the targeted system or triggering automatic temperature alarms.

The research generated a chatbot to help users sift through important details in privacy policies.

The research suggests that common blacklist-based prevention systems are ineffective.

The frame in which a human marks out the boundaries of an object makes a huge difference in how well AI software can identify that object through the rest of the video.

The meeting began the commission’s review and assessment of election security in Michigan.

The effort seeks to protect the integrity of every vote.

In congressional testimony, professor urges $370M in federal funding to replace outdated machines.

McDonald works to develop better privacy and security tools for marginalized communities

Censored Planet could provide new insight into the flow of online information

With $7.5M MURI grant, Professor Anthony Grbic is developing metamaterials for a new generation of integrated electromagnetic and photonic systems.

A team of researchers unearthed new data on geographic denial of access to web content in a new paper.

A new special topics course on election cybersecurity gives students an examination of the past, present, and future of US elections.

“The work is an important step towards understanding how to make tradeoffs between usability and security.”

Patches can provide protection.

When it comes to their smartphones, immigrants struggle to apply instinctive caution, according to a study by a team of University of Michigan researchers.

A large quantum computer could retroactively decrypt almost all internet communication ever recorded.

U-M profs weigh new business model, European-style regulation

Professor Alex Halderman and the New York Times staged a mock election to demonstrate voting machine vulnerability.

The vulnerability allows an attacker to manipulate a new intelligent traffic control algorithm and cause severe traffic jams.

In this video, CSE PhD Student Matt Bernhard weighs in on the matter Facebook data harvesting, such as that done by Cambridge Analytica.

What happened to people inside the U.S. Embassy in Havana?

‘We’ve demonstrated a scenario in which the harm might have been unintentional.’

Automated chatbot uses artificial intelligence to weed through fine print

Powered by a broadband infrared laser, the device can zero in on the ‘spectral fingerprint region’.

A long-standing tenet of the internet was overturned today.

How much can your cellphone reveal about where you go?

Their paper introduces a new programming language and tool called Vale that supports flexible, automated verification of high-performance assembly code.

His remarks focused on vulnerabilities in the US voting system and a policy agenda for securing the system against the threat of hacking.

‘Open port’ backdoors are common.

Yektakhah’s system improves on the speed, portability, and accuracy of many commercial models

Michigan Engineering researchers discuss and demonstrate the sound-based attacks they leveled at the accelerometers found in everyday electronics.

Michigan Engineering professor Kevin Fu spoke in front of congress on Nov. 16, 2016.

The USENIX Test of Time Awards recognizes papers presented at its respective conference from at least 10 years ago that have had a lasting impact on their fields.

DROWN allows attackers to break encryption used to protect HTTPS websites and read or steal sensitive communications.

In order to bring HTTPS to everyone, Prof. Halderman joined forces in 2012 with colleagues at Mozilla and the Electronic Frontier Foundation to found Let’s Encrypt, a non-profit certificate authority with the mission of making the switch to HTTPS vastly easier.

One of the paper describes and demonstrates a malicious hardware backdoor. The other demonstrated security failings in a commercial smart home platform.

New security ramifications exist when laptops and smartphones configured for enterprise systems are used outside the enterprise in the realm of the wider web.

New vulnerabilities form when hardware like electronic locks, thermostats, ovens, sprinklers, lights and motion sensors are networked and set up to be controlled remotely.

Prof. H.V. Jagadish sheds light on current issues regarding data privacy and technology.

Let's Encrypt allows anyone to request a free website security certificate without needing an invitation.

In their paper, the researchers present the first report on global adoption rates of SMTP email security extensions.

Diffie-Hellman is a popular algorithm used for encrypted communications, including emails VPNs, HTTPS, and other protocols where a client and server negotiate a shared secret key for communication

This project strives to positively impact the availability and reliability of the Internet and provide the security community with tools, platforms, and comprehensive vulnerability measurement data.

Virta Laboratories was co-founded in part by Prof. Kevin Fu and former CSE postdoctoral researcher Denis Foo Kune.

Thomas and his group are working to improve upon artificial neural network design through a process called sparse coding.

Securing Internet voting requires solving some of the hardest problems in computer security, and even the smallest mistakes can undermine the integrity of the election result.

Her dissertation focused on “opacity,” which captures whether a given secret of the system can be inferred by intruders who observe the behavior of the system.

A project is underway which will offer a free, automated, and easy process for converting webservers from HTTP to HTTPS that is implemented with a single command.

The research team performed a comprehensive, measurement-based analysis of the impact of the recent Heartbleed vulnerability.

She computationally measures, represents, and analyzes human behavior data to illuminate fundamental human behavior and emotion perception, and develop natural human-machine interfaces.

The IEEE Geoscience and Remote Sensing Society is a remote sensing organization with more than 3700 members around the globe.

Peterson’s findings could be used in wireless sensing and actuation systems, including those that deal with monitoring of the environment and medical conditions.

Since coming to the University in 1984, Bhattacharya has pioneered several important technological advances.

The researchers believe that metasurfaces could one day be used to completely control the phase, amplitude, and polarization of light.

The research group developed special fabrication processes that allows them to stack and bond seven different devices in layers.

By shining the laser on a target and analyzing the reflected light, researchers can tell the chemical composition of the target.

The technology could potentially identify a hidden weapon from a distance in less than a second.

McCullagh is working to develop energy harvesting devices and circuits to power wireless sensor nodes which can monitor bridge health.

Serial entrepreneur Dug Song (CS BS 1997) and recent alum Jon Oberheide (CSE PhD 2011) founded security firm Duo Security in early 2010 and have rapidly grown their company to serve over 500 customers in 40+ countries around the world.

The carbon nanotube carpet is about half the thickness of a sheet of paper and absorbs 99.9 percent of the light that hits it.