Fingerprinting has been a known threat to web privacy for over a decade. Yet, automated detection of fingerprinting methods and scripts has been lacking the properties for protecting web users from such an evolving web threat. Our proposed work aims to provide novel detection methods for browser fingerprinting both at its core, the browser and the evolution of its APIs, and at the page level, via dynamic analysis ofJavaScript. We also propose developing countermeasures that are capable of performing more fine-grained blocking not only at the script level, but also at the API level where an instance of a script/API will be blocked depending on inferring the underlying intent behind executing the script or accessing the API.

Recent years have seen a surge in popularity in smart home IoT products, and with the ongoing pandemic, people are spending more time interacting with such devices. However, it is unclear whether and how these IoT devices affect the security, privacy, and performance of the home network as well as the access network. In this proposal, we focus on developing privacy-preserving IoT analytics to help network providers allocate network resources accordingly and, at the same time, help consumers identify potential anomalous behavior.

In recent years, we have seen a surge in the popularity of smart home Internet of Things (IoT) products, and recent reports show that during the pandemic, many consumers have furnished their homes with more smart devices. Furthermore, with the ongoing pandemic, working from home has increasingly become the norm. We are therefore not only seeing people bring their corporate devices to their home offices but also spending more time interacting with such devices. However, it is unclear whether and how these IoT devices affect the security and privacy of the home network. In this proposal, we focus on developing privacy-preserving IoT analytics to identify potential anomalous device behavior.

The Internet of Things (IoT) has not only transformed myriad homes and various industries, but also started reshaping enterprises. With most enterprises adopting Bring Your Own Device (BYOD) policies, businesses and organizations have started seeing the presence and use of employee-owned IoT devices in the workplace. However, the influx of such IoT devices in the workplace poses a new set of security and privacy challenges for enterprises due to the various types of data they can collect. The goal of our project is to determine the extent to which we can infer the device type and usage pattern of IoT devices through network traffic. Such analysis will involve extracting device fingerprints and behavioral signatures from encrypted traffic.

We live in an increasingly connected world where we spend a large part of our time interacting with a wide range of Internet of Things (IoT) devices. While all these IoT devices provide convenience through automation of appliances, such conveniences often come at the cost of sharing very personal data about our lifestyles. This personal data can then not only be used to serve targeted ads, but can also be misused by repressive governments and cybercriminals. In this project, the PI proposes to analyze the extent to which IoT devices, commonly found in smart homes, leak sensitive information about ourselves.