Users routinely access cloud services through third-party apps on smartphones by giving apps login credentials (i.e., a username and password). Unfortunately, users have no assurance that their apps will properly handle this sensitive information. In this paper, we describe the design and implementation of ScreenPass, which significantly improves the security of passwords on touchscreen devices. ScreenPass secures passwords by ensuring that they are entered securely, and uses taint-tracking to monitor where apps send password data. The primary technical challenge addressed by ScreenPass is guaranteeing that trusted code is always aware of when a user is entering a password. ScreenPass provides this guarantee through two techniques. First, ScreenPass includes a trusted software keyboard that encourages users to specify their passwords' domains as they are entered (i.e., to tag their passwords). Second, ScreenPass performs optical character recognition (OCR) on a device's screenbuffer to ensure that passwords are entered only through the trusted software keyboard.
SocialLeaks is a Facebook application that helps you monitor who has access to your Facebook friendships. Even if you allow only your friends to view your friend list, many other people can view some of your connections through your friends' friend lists. SocialLeaks is designed to help us better understand this issue and to help you keep tabs on who can view your friendships.
Online social networks (OSNs) are immensely popular, but their centralized control of user data raises important privacy concerns. Confidant provides a decentralized OSN framework which preserves user privacy while still enables scalable data processing. Confidant hooks the interface of Facebook in order to split data storage from it and leave it only for update notifications. Social relationships are exploited so that servers controlled by most trustworthy friends provide clear-text storage for the user's OSN data, which enables scalable data-processing framework. A light-weighted and free cloud service is introduced to help maintain data consistency and server availability. Sponsored by the National Science Foundation under grant IIS-0916649.
Vis-à-Vis is a decentralized framework for OSNs based on the privacy-preserving notion of a VIS. A VIS is a personal virtual machine running in a paid compute utility. In Vis-à-Vis, a person stores her data on her own VIS, which arbitrates access to that data by others. VISs self-organize into overlay networks corresponding to social groups. We focus on preserving the privacy of location information in this project while the distributed tree structure can be generalized to store other sensitive OSN data.
Built a distributed 3-D database optimized for storing and searching objects in a 3-D virtual environment. The system relies on CouchDB for key-value storage, Lounge for cluster management, and GeoCouch for R-Tree indexing and special range queries.
Develop a Web Crowler to collect view infomation of YouTube videos, in order to verify the popularity distribution of YouTube videos is according to Power Law.
DNSLogger is a tool to record DNS usage by different processes in Windows or Linux system through API hooking. We Used it to give the statistics of DNS usages of normal users and analyze the DNS lookups of several malwares.
Evaluate three parallel programming models: CUDA, Pthreads and MPI by implemeting 3-D correlation algorithm under the three different parallel computing models.
Every user in the conference sends two video streams with standard definition (SD) and lower definition (CIF) which are captured and sampled respectively from the user's camcorder. At the same time it could select to display one SD video and many CIF videos sent by other users. The combination of SD and CIF videos solves the scalability problem caused by the limited decoding capabilities of end hosts. Bandwidth is guaranteed by the backbone IP multicast network. Developed based on Windows DirectShow Framework.
Designed congestion control algorithms and evaluated them through both NS2 simulations and video conferencing experiments. Sponsored by the Natural Science Foundation of China (No. 60703052).
Extended Shim6 protocol and optimized cost-performance ratio for multi-homing site users using transmission statistic information gathered from TCP layer. Evaluated through NS2 simulation.
Develop a network measurement tool for IPv6 SSM through socket programming on FC Linux/Free BSD platforms. It detects and calculates the loss, delay, jitter, and disorder of packages via IPv6 SSM by deploying a number of distributed beacons over the whole backbone network. The measurement results are updated to the centralized management webpage. Part of the CNGI Project CNGI-04-13-2T.