Security and Privacy Research at Illinois

Honey Badger BFT is the first asynchronous consensus protocol for the post-Bitcoin world. Unlike the other protocols you've heard of, like Raft, Paxos, and PBFT, our new protocol makes progress whenever messages are delivered, regardless of how long they are delayed. HoneyBadgerBFT just doesn't care about the timeliness of the underlying network!
Bitcoin is the most well known cryptocurrency, but there are hundreds of competitors. It is built on top of a peer-to-peer network, consisting of thousands of nodes. What is the topology of this network? Is it vulnerable to attacks? These questions can best be answered by measuring the network. We build and deploy experiments using Coinscope, a platform for connecting to, monitoring, and actively interacting with cryptocurrency networks.
The University of Illinois at Urbana-Champaign (Illinois) established an academic consortium to perform multidisciplinary R&D whose objective is to support the Energy Sector Control Systems Working Group's Roadmap's of resilient Energy Delivery Systems (EDS). The consortium focuses on resiliency and security of the cyber components of EDS. The cybersecurity of power grids and oil & gas refinery and pipeline operations has been a subject of attention in the media, and has been addressed in legislation, standards, and executive actions. Moreover, there is growing awareness that the industry must move beyond cybersecurity to cyber and physical resiliency to ensure that EDS sustain critical functions in the presence of disruptive events arising from attacks, accidents, or errors, and rapidly recover from disruptions to full functionality.
Our group is currently applying machine-learning to features obtained from externally observed data to forecast cyber-security incidents against the entities in the EDS (Energy Delivery System) sector, as well as the sector as a whole. This builds on related work by the activity lead that demonstrated related concepts forecasting cyber incidents outside EDS, which developed models using features from Internet-scale measurements of heterogeneous networks.
Personalized information services on the Internet have an often-overlooked but inherent weakness: their underlying algorithms rely on inputs from the Internet, which is an open environment that provides attackers with opportunities to compromise the integrity of input data and affect the output. Such input pollution attacks represent serious threats to our society; for example, they may compromise the integrity of e-commerce and even our political process. This is a comprehensive research effort involving security, systems, networking, human-computer interaction and usability, machine learning and natural language processing, and policy. Our primary goals are to 1) study the security of representative personalized services and on-line targeted advertising, and identify vulnerabilities in service components that can be exploited by pollution attacks; 2) develop defense-in-depth countermeasures to block cross-site forgery request schemes, detect anomalies in browsing behaviors and information contents that are indicative of pollution attacks, alert users and guide them to repair profiles, and incentivize the industry to provide more transparency and protection.
With the ongoing exhaustion of free address pools at the registries serving the global demand for IPv4 address space, scarcity has become reality. Networks in need of address space can no longer get more address allocations from their respective registries. Our research elaborates on how the current ecosystem of IPv4 address space has evolved since the standardization of IPv4, leading to the rather complex and opaque scenario we face today. We study the evolution in address space management as well as address space use patterns, identifying key factors of the scarcity issues. Our goal is to characterize the possible solution space to overcome these issues and open the perspective of address blocks as virtual resources, which involves issues such as differentiation between address blocks, the need for resource certification, and issues arising when transferring address space between networks.
Recent advances in Internet-wide scanning make it possible to conduct network surveys of the full public IPv4 address space in minutes. Our research applies these measurement techniques to comprehensively identify systems that suffer from vulnerabilities and automatically take steps to help affected system operators correct the problems. In order to accomplish this, our project explores three interconnected classes of security research questions in network vulnerability measurement, vulnerability assessment, and vulnerability notification.
Security vulnerabilities have wide reaching social and economic impacts, and the improvements to security education realized by this project will bring multiple benefits to Intel and to society at large. The course will lead to a pipeline of better-trained graduates from the University of Illinois who will be able to develop, maintain, and use secure system in a variety of job roles. The course will also result in a greater number of security specialists with the preparation needed to advance the state of the art in the field.