Causality/ Blame assignment for security violations: My dissertation is titled `Interaction-aware Actual Causation: A Building Block for Accountability in Security Protocols.'
In this work I formalized a logic-based definition to determine
causes of violations on
security logs in multi-agent
systems. As an application, I analyzed
causes of failures of authentication protocols for public key certification. In this project, I combined viewpoints on causation from philosophical, theoretical, security and privacy-centric perspectives.
Collaborators: Anupam Datta, Deepak Garg, Dilsun Kaynar, Arunesh Sinha
Linking attacks: Identified background
information and database characteristics that
enable de- anonymization. Determined provable
mathematical bounds showing amount of de-
anonymization possible. Evaluated theoretical
assumptions empirically on an `anonymized'
Collaborators: Anupam Datta, Arunesh Sinha
Privacy of court records: Analyzed privacy
implications of moving court records online on individual privacy
using a philosophical/legal framework to analyze information
flows. Demonstrated that cost of information retrieval is significantly lower online as compared to physical records. Identified factors which contribute to differences.
Collaborators: Anupam Datta, Helen Nissenbaum, Amanda Conley
Privacy of property records: Evaluated the level of
privacy protection provided by removal of `Search by name' feature
in Allegheny property assessment database through user studies.
Collaborators: Lorrie Cranor, Manya Sleeper
Research Intern, Microsoft
Research, Cambridge, UK, Summer
Mentors: Cedric Fournet, Olya Ohrimenko
Demonstrated information leakage via composition attacks on MapReduce computations in datasets containing sensitive information. Determined a solution that mitigates composition attacks.
Research Intern, Symantec Research Labs, Mountain View, CA, Summer 2013
Mentors: Sanjay Sawhney, Sharada Sundaram, Darren Shou
Automated compliance with privacy laws for unstructured data. Developed a method for specifying and enforcing privacy laws and rules for access control in enterprises. Lead author on a white paper for best practices in compliance with US privacy laws.
Research Intern, D-ITET, ETH Zurich, Switzerland, Spring 2008
Mentor: Bernhard Plattner, Computer Engineering and Networks Laboratory
Proposed two approaches for enhancing security of field-based routing protocol (for wireless ad-hoc routing). Integrated these approaches with existing security mechanisms. Thesis can be found here.
Research Intern, Indian Institute of Technology, Mumbai, India, Summer 2007
Mentor: Abhay Karandikar, Department of Electrical Engineering
Evaluated performance of O-DRR scheduler in presence of TCP sources in WiMAX on the basis of fairness in allocation of slots. Analyzed BE, rtPS and nrtPS traffic in contention for scheduling.