Researchers design new solution to widespread side-channel attacks
The proposal provides a chip-level safeguard against sensitive data being transmitted after it’s accessed.
How Let’s Encrypt doubled the percentage of secure websites in four years
A Q&A with J. Alex Halderman, who co-founded the nonprofit organization.
How Russia’s online censorship could jeopardize internet freedom worldwide
The nation is using inexpensive commodity equipment to block 170K domains on more than 1K privately-owned ISPs.
Researchers take control of Siri, Alexa, and Google Home with lasers
The newly discovered microphone vulnerability allows attackers to remotely inject inaudible and invisible commands into voice assistants using light.
Year of vulnerability hunting uncovers potential attacks on Intel Chips, RAMAll three of these attacks put users’ privacy at risk, exploiting new routes to sensitive data.
Remote attack on temperature sensors threatens safety in incubators and industry
The researchers demonstrated that an adversary could remotely manipulate the temperature sensor measurements without tampering with the targeted system or triggering automatic temperature alarms.
New attack on autonomous vehicle sensors creates fake obstacles
Up to this point, no attacks had been discovered targeting a car’s LiDAR system—but a major new finding from researchers at the University of Michigan has demonstrated what that might look like.
Best paper award for analysis of a decade of malware reports
The research suggests that common blacklist-based prevention systems are ineffective.
New chip stops hacks before they start
MORPHEUS can encrypt and reshuffle code thousands of times faster than human and electronic hackers.
Michigan’s new Election Security Commission holds inaugural meeting on U-M Campus
The meeting began the commission’s review and assessment of election security in Michigan.
Halderman co-chairs new commission to protect Michigan votes
The effort seeks to protect the integrity of every vote.
Election security: Halderman recommends actions to ensure integrity of US systems
In congressional testimony, professor urges $370M in federal funding to replace outdated machines.
Study reveals new data on region-specific website blocking practices
A team of researchers unearthed new data on geographic denial of access to web content in a new paper.
A secure future for US elections starts in the classroom
A new special topics course on election cybersecurity gives students an examination of the past, present, and future of US elections.
Tyche: A new permission model to defend against smart home hacks
“The work is an important step towards understanding how to make tradeoffs between usability and security.”
Intel processor vulnerability could put millions of PCs at risk
Patches can provide protection.
Undocumented immigrants’ privacy at risk online, on phones
When it comes to their smartphones, immigrants struggle to apply instinctive caution, according to a study by a team of University of Michigan researchers.
Mingyan Liu, 2018 Distinguished University Innovator, talks about her company and data science commercialization
Mingyan Liu, recipient of the 2018 Distinguished Innovator of the Year award, gave a talk about her startup company and participated on a panel discussing data science commercialiation.
Building a security standard for a post-quantum future
A large quantum computer could retroactively decrypt almost all internet communication ever recorded.
Zuckerberg Capitol Hill testimony: Engineering experts offer comments
U-M profs weigh new business model, European-style regulation
‘I hacked an election. So can the Russians.’
Professor Alex Halderman and the New York Times staged a mock election to demonstrate voting machine vulnerability.
Inaugural ECE Willie Hobbs Moore Alumni Lecture: Dr. Isaac R. Porche III
Porche discussed the changing definition of war and how information is playing a greater role than ever.
Michigan researchers discover vulnerabilities in next-generation connected vehicle technology
The vulnerability allows an attacker to manipulate a new intelligent traffic control algorithm and cause severe traffic jams.
CSE PhD student Matt Bernhard on the Facebook data breach
In this video, CSE PhD Student Matt Bernhard weighs in on the matter Facebook data harvesting, such as that done by Cambridge Analytica.
Unhackable computer under development with $3.6M DARPA grant
The researchers say they’re making an unsolvable puzzle: ‘It’s like if you’re solving a Rubik’s Cube and every time you blink, I rearrange it.’
The art of cyber war with Isaac Porche
Porche shares the global state of cyber warfare, and how his time at Michigan led him to the front lines.
Chris Peikert Receives TCC Test of Time Award for work in lattice cryptography
Prof. Peikert and his co-author received the award at the Fifteenth Theory of Cryptography Conference for their paper on efficient collision-resistant hashing on cyclic lattices.
Manos Kapritsos and collaborators win USENIX security paper award
Their paper introduces a new programming language and tool called Vale that supports flexible, automated verification of high-performance assembly code.
BugMD: automatic mismatch diagnosis for bug triaging
Bugs that are not caught before a product is released can cost companies billions of dollars.
Prof. J. Alex Halderman testifies in front of senate intelligence committee on secure elections
His remarks focused on vulnerabilities in the US voting system and a policy agenda for securing the system against the threat of hacking.
Smartphone security hole
‘Open port’ backdoors are common.
Open ports act as security wormholes into mobile devices
Researchers have for the first time characterized a widespread vulnerability in the software that runs on mobile devices.
Mingyan Liu: Confessions of a pseudo data scientist
Liu’s most recent research involves online learning, modeling of large-scale internet measurement data, and incentive mechanisms for security games.
Peter Honeyman receives USENIX Test of Time Award
The USENIX Test of Time Awards recognizes papers presented at its respective conference from at least 10 years ago that have had a lasting impact on their fields.
Researchers David Adrian and Alex Halderman receive Pwnie Award for work on DROWN attack
DROWN allows attackers to break encryption used to protect HTTPS websites and read or steal sensitive communications.
With over 7 million certificates issued, Let’s Encrypt aims to secure the entire web
In order to bring HTTPS to everyone, Prof. Halderman joined forces in 2012 with colleagues at Mozilla and the Electronic Frontier Foundation to found Let’s Encrypt, a non-profit certificate authority with the mission of making the switch to HTTPS vastly easier.
Two Michigan papers win top awards at IEEE Security and Privacy Symposium
One of the paper describes and demonstrates a malicious hardware backdoor. The other demonstrated security failings in a commercial smart home platform.
U-M cyber security startup purchased by FICO
Analytic software company FICO of San Jose, Calif., bought QuadMetrics to help in its development of a FICO Enterprise Security Score.
Michigan and Verisign researchers demonstrate new man-in-the-middle WPAD query attack
New security ramifications exist when laptops and smartphones configured for enterprise systems are used outside the enterprise in the realm of the wider web.
Fighting cyber crime with data analytics
QuadMetrics offers a pair of services to help companies both assess the effectiveness of their security and decide the best way to allocate (or increase) their security budget.
Hacking into homes: Security flaws found in SmartThings connected home system
Startup founded by U-M assoc. professor gets NSF grant
Healthcare security company Virta Laboratories, Inc. has received a $750,000 grant from the National Science Foundation Small Business Innovation Research (SBIR) program.
Security Flaw in New South Wales Puts Thousands of Online Votes at Risk
Yi-Chin Wu receives ProQuest Distinguished Dissertation Award for research in network security
Her dissertation focused on “opacity,” which captures whether a given secret of the system can be inferred by intruders who observe the behavior of the system.
Yang Liu receives Best Applications Paper Award for cyber security research in phishing
His paper detailed his use of big data analysis to solve a major problem of cyber security.
Parinaz Naghizadeh, Researcher in economic network security, is named a Barbour Scholar
Parinaz’s research is in combining communications with economics to assess the security of a network and then apply that to cyber-insurance contracts.