"Protecting User Security and Privacy in Emerging Platforms"

Location: The Iribe Center, Room 4105

Speaker:
Yuan Tian
Assistant Professor of Computer Science, University of Virginia

Abstract:
The evolution of apps on new platforms such as mobile devices, the web and the Internet of Things are bringing more functionality and convenience.

However, these new platforms also expose users to security and privacy risks. For example, the Internet of Things devices use sensors and machine learning to provide richer functionality, but these features may violate users’ security and privacy. Researchers and developers are putting a great deal of effort into protecting users, but unauthorized information leakage is still rampant, especially when new features or new techniques are introduced. To resolve these problems, I am working on changing the way platform designers think about designing secure systems, educating the developers about the system implementations, and creating technological solutions to facilitate better security decision-making.

In this talk, I’ll present my example projects in the thrusts of (1) Identify and understand new threats, as well as (2) design and implement secure and privacy-preserving systems. In the first thrust, I will use voice-controlled devices as an example to show how we identify new security and privacy threats on the devices powered by machine learning. Our proposed solutions for the new threats have been adopted by the device vendors. In the second thrust, I introduce our efforts in building secure and privacy-preserving systems for the Internet of Things. I performed program analysis to discover problems of current permission systems in third-party apps on the Internet of Things.

With the insights from the program analysis and natural language processing, I propose principles and implementing a privacy preserving system to share the least privileged information to third-party apps without affecting their functionality. In general, I hope to bring low-level privacy enhancements to users through thorough design, efficient implementation, and usable interface.

Speaker Bio:
Yuan Tian is an assistant professor of computer science at the University of Virginia.

Before joining UVA, she obtained her Ph.D. from Carnegie Mellon University in 2017, and interned at Microsoft Research, Facebook, and Samsung Research.

Tian's research interests involve security and privacy and its interactions with computer systems, machine learning, and human-computer interaction. Her current research focuses on developing new technologies for protecting user privacy, particularly in the areas of mobile systems and the Internet of Things.

Her work has generated real-world impact as countermeasures and design changes have been integrated into platforms (such as Android, Chrome, SmartThings, Azure, and iOS), and also impacted the security recommendations of standard organizations such as Internet Engineering Task Force (IETF) and World Wide Web Consortium (W3C).

Tian is a recipient of a NSF CRII award 2019, Amazon AI Faculty Fellowship 2019, CSAW Best Security Paper Award 2019, Rising Stars in EECS 2016 and Black Hat Future Female Leaders in Cyber Security 2015.

Her research has appeared in top-tier venues in security and systems. Her projects have been covered by media outlets such as IEEE Spectrum, Forbes, Fortune, Wired, and Telegraph.