Dissertation Defense: W. Brad Moore
Candidate Name: W. Brad Moore
Major: Computer Science
Advisor: Micah Sherr, Ph.D.
Title: Privacy Preservation in the Presence of Advanced Persistent Threats
Over the past few decades, two important aspects of computer systems have evolved that have changed the landscape of computing. First, they have become enormously more powerful, and thus useful for more tasks for more people. Second, their operation has become less burdensome on those who would benefit from their use---computing devices of all types and purposes have become simpler to use. These advancements, though invaluable to the success of computing, have had side-effects: for computers to become both more powerful and easier to operate for the lay user, the complexity of underlying systems has had to increase immensely. Seemingly straightforward operations end up now entail layers of code to execute, of which the user has awareness. As a result, guaranteeing privacy or even determining what, if any, guarantees can be made about privacy has become increasingly difficult.
Furthermore, the Edward Snowden leaks and other similar revelations have made it clear that if an opportunity exists to exploit or clandestinely monitor a device or system, there are likely adversaries working to do so. This has been shown to be the case from the highest level network activity to the lowest level device component firmware. To ensure privacy for a computer user, not only must one ensure network communication is protected from monitoring, but also that the private data was not compromised before it was transmitted in the first place. For example, anonymous and encrypted communication is of significantly diminished utility if an adversary has control of your hard drive firmware.
In this thesis, I look at how privacy for computer users has changed recently, from the highest to the lowest levels of communication in computing. At the highest level, I look at communications across the internet, to applications such as encrypted Voice-over-IP and anonymity networks that shuffle general traffic to conceal network connections. I discuss shortcomings in these applications, and present practical improvements to each. I look at ways to increase the performance of current anonymity networks by adding incentive programs. I then look at VoIP, another example of internet communication that is often advertised as being secure, yet leaks information. In this case, I explore methods of preventing data leakage while maintaining network and audio performance. A key contribution of this thesis is the introduction of a Networked Privacy Stack that considers security and privacy of information across multiple components of computation and communication.
While this examination of privacy at key levels of the network stack is useful, it is not possible to ensure privacy through measures that address only communication security---information must be protected well before it comes into contact with any network. As such, this thesis also explores new methods for software attestation. I devise new methods for detecting attempted exfiltration of information via covert timing channels. Finally, I devise a new integrity measure to prevent malicious code from masquerading as legitimate, expected code.
Friday, April 22, 2016 at 12:45pm to 2:30pm
St. Mary's Hall, 326
3700 Reservoir Road, N.W., Washington