Team for Research in
Ubiquitous Secure Technology

2011 TRUST Research Experiences for Undergraduates

PROGRAM OVERVIEW

The Team for Research in Ubiquitous Secure Technology sponsored 13 undergraduate students to participate in the summer 2011 TRUST REU program. Below are descriptions of the 2011 TRUST-REU research projects and links to each student's or team's research report and poster presentation.

RESEARCH PROJECTS


Michael Ayenson
Worcester Polytechnic Institute

Analysis of FLASH,HTTP, and HTML5 DATA
In August of 2009, we deminstrated that popular websites were using "Flash Cookies" to track some users. Some advertisers had adopted this technology because it allowed persistent tracking even where users had taken steps to avoid web profiling. We also demonstrated "Respawning" on top sites with Flash technology. This allowed sites to reinstantiate http cookies deleted by a user, making tracking more resistant to users' privacy-seeking behaviors. In this follow-up study, we reassess the Flas Cookies landscape and examine a new tracking vector, HTML5 local storage and cache-cookies via etags. We found over 5,600 standard http cookies on popular sites, over 4,900 were from third parties. Google-controlled cookies were present on 97 of the top 100 sites, including popular government websites. Seventeen sites were using HTML5, and seven sites had HTML5 local storage and HTTP Cookies with matching values. Flash Cookies were present on 37 of the top 100 websites. We found 2 sites were respawning cookies, including one site Hulu.com where both flash and cache cookies were employed to make identifiers more persistent.The cache cookie method used etags and is more capable of unique tracking even where all cookies are blocked by the user and "Private Browsing Mode" is enabled.


Patrick Baxter
Clemson University

Automated Election Auditing from DRE Logs
Voting audit logs produced by Direct Recording Electronic (DRE) machines are often unwieldy and unintelligible to a human reader. These logs detail all events recorded on the DREs and include data on ballots cast and post-election procedures. The authors of the paper "Auditing a DRE-Based Election in South Carolina" demonstrated that these logs can be analyzed to uncover both procedural errors and election anomalies. In this study, we replicate the results from the aforementioned paper and develope additional analyses. These include identification of procedural errors by election officials, DRE hardware problems and precinct statistics. We have integrated these reports into a public website that produces a detailed report from the ES&S iVotronic log files. We intend this work to stand as proof-of-concept software for future auditing tools and as an immediately accessible tool to assist those working with election auditing and integrity.



Robert Carlson
California State University, Chico

Privacy Policy Language


Anne Edmundson
Cornell University

Automated Election Auditing from DRE Logs
Voting audit logs produced by Direct Recording Electronic (DRE) machines are often unwieldy and unintelligible to a human reader. These logs detail all events recorded on the DREs and include data on ballots cast and post-election procedures. The authors of the paper "Auditing a DRE-Based Election in South Carolina" demonstrated that these logs can be analyzed to uncover both procedural errors and election anomalies. In this study, we replicate the results from the aforementioned paper and develope additional analyses. These include identification of procedural errors by election officials, DRE hardware problems and precinct statistics. We have integrated these reports into a public website that produces a detailed report from the ES&S iVotronic log files. We intend this work to stand as proof-of-concept software for future auditing tools and as an immediately accessible tool to assist those working with election auditing and integrity.

Jovanni Hernandez
Drexel University

Understanding Web Advertising Privacy Through Browser Instrumentation
A growing number of websites serve tracking content from third party advertisers, advertising networks, advertising exchanges, advertising data providers, and more. Most consumers are unaware of what information is gathered and how it is used. We conducted web crawls with a new browser instrumentation tool to better understand the privacy-related business practices of the largely unregulated and unstudied online advertising ecosystem.

Hector Tosado Jimenez
University of Puerto Rico, Mayaguez

Hector Codes - SoNIC Steganography
The design of this project is to enable the sending of a covert message between 2 communication devices utilizing steganographic techniques. These will allow a message to be sent without a higher level application or a router knowing. This type of network steganography will be achieved using Hector Codes, which the author implemented during a summer internship program, and SoNIC.

Ryan Kaczowka
Youngstown State University

Opt-in Procedures of Web Sites Selling Information to Third Parties

Keishla Ortiz Lopez
University of Puerto Rico, Arecibo

Automated Election Auditing from DRE Logs
Voting audit logs produced by Direct Recording Electronic (DRE) machines are often unwieldy and unintelligible to a human reader. These logs detail all events recorded on the DREs and include data on ballots cast and post-election procedures. The authors of the paper "Auditing a DRE-Based Election in South Carolina" demonstrated that these logs can be analyzed to uncover both procedural errors and election anomalies. In this study, we replicate the results from the aforementioned paper and develope additional analyses. These include identification of procedural errors by election officials, DRE hardware problems and precinct statistics. We have integrated these reports into a public website that produces a detailed report from the ES&S iVotronic log files. We intend this work to stand as proof-of-concept software for future auditing tools and as an immediately accessible tool to assist those working with election auditing and integrity.

John Mela
Youngstown State University

Generating Attack Traffic using DETERLab in an Emulation-Simulation Environment
The inclusion of attack traffic into the Command and Control Wind Tunnel (C2WT) tool suite with network emulation capability was achieved by integration with the back-end of the Security Experimentation Environment (SEER) workbench. "SEER integrates various tools for configuring and executing experiments and provides a user-friendly interface for experimenters to use the tools." We wrap a Java application around an executable used by SEER to create attack traffic in the emulation. The addition of this application allows us to generate attacks at varying intensities. We can produce traffic at types of flat rate, ramp up, ramp down and ramp pulse. The existing Java code used to coordinate communication between entities in the simulation and emulation is tied together by Run-Time Infrastructure (RTI) implemented on a Publish/Subscribe system. RTI is an extension of High Level Architecture (HLA) and is responsible for time synchronization between the emulation and simulation environments. Time synchronization is required due to the in-congruent passage of time between these environments. Although the in depth analysis and solution to the time synchronization problem is beyond the scope of this paper, resources exist for further explanation. We extend the C2WT code to communicate attack commands to the emulated network. Extending the existing code allows for the future possibility of simulated attackers. In order to test our implementation, we create a simple application which instructs the emulation to perform four attacks of each type listed above. We monitor traffic using SEER to confirm that the application is doing what it should be.

AnaMaria Quevedo
Miami Dade College

Automated Election Auditing from DRE Logs
Voting audit logs produced by Direct Recording Electronic (DRE) machines are often unwieldy and unintelligible to a human reader. These logs detail all events recorded on the DREs and include data on ballots cast and post-election procedures. The authors of the paper "Auditing a DRE-Based Election in South Carolina" demonstrated that these logs can be analyzed to uncover both procedural errors and election anomalies. In this study, we replicate the results from the aforementioned paper and develope additional analyses. These include identification of procedural errors by election officials, DRE hardware problems and precinct statistics. We have integrated these reports into a public website that produces a detailed report from the ES&S iVotronic log files. We intend this work to stand as proof-of-concept software for future auditing tools and as an immediately accessible tool to assist those working with election auditing and integrity.

Cody Rigney
Youngstown State University

Third Party Information Sharing Disclosure Practices

Samuel Rodriguez
University of Puerto Rico, Mayaguez

Automated Election Auditing from DRE Logs
Voting audit logs produced by Direct Recording Electronic (DRE) machines are often unwieldy and unintelligible to a human reader. These logs detail all events recorded on the DREs and include data on ballots cast and post-election procedures. The authors of the paper "Auditing a DRE-Based Election in South Carolina" demonstrated that these logs can be analyzed to uncover both procedural errors and election anomalies. In this study, we replicate the results from the aforementioned paper and develope additional analyses. These include identification of procedural errors by election officials, DRE hardware problems and precinct statistics. We have integrated these reports into a public website that produces a detailed report from the ES&S iVotronic log files. We intend this work to stand as proof-of-concept software for future auditing tools and as an immediately accessible tool to assist those working with election auditing and integrity.

Dietrich Wambach
University of Wyoming

Analysis of FLASH,HTTP, and HTML5 DATA
In August of 2009, we deminstrated that popular websites were using "Flash Cookies" to track some users. Some advertisers had adopted this technology because it allowed persistent tracking even where users had taken steps to avoid web profiling. We also demonstrated "Respawning" on top sites with Flash technology. This allowed sites to reinstantiate http cookies deleted by a user, making tracking more resistant to users' privacy-seeking behaviors. In this follow-up study, we reassess the Flas Cookies landscape and examine a new tracking vector, HTML5 local storage and cache-cookies via etags. We found over 5,600 standard http cookies on popular sites, over 4,900 were from third parties. Google-controlled cookies were present on 97 of the top 100 sites, including popular government websites. Seventeen sites were using HTML5, and seven sites had HTML5 local storage and HTTP Cookies with matching values. Flash Cookies were present on 37 of the top 100 websites. We found 2 sites were respawning cookies, including one site Hulu.com where both flash and cache cookies were employed to make identifiers more persistent.The cache cookie method used etags and is more capable of unique tracking even where all cookies are blocked by the user and "Private Browsing Mode" is enabled.