The PITS lab focuses on the impact and applications of probability theory and information theory to cybersecurity. The lab's cybersecurity scope is broad and cross-disciplinary, with applications spanning privacy metrics and practical privacy solutions, cyber-physical system security and applications to the power generation and distribution grid, secure information dissemination in social networks and user privacy and manipulation, perfectly secure key establishment, physically-unclonable functions, and procedural-bias-enhanced biometric user authentication.
For information dissemination in social networks, the PITS lab is conducting cross-disciplinary efforts to accurately model information-based user interaction in human networks, with the end goal of defining manipulation and differentiating it from legitimate influence. Such models can serve a variety of goals, from predicting viral trends to optimizing budget-constrained advertising, and to containing malicious misinformation.
In the area of privacy, the PITS lab is investigating privacy metrics in the context of imperfect adversarial knowledge, as well as practical solutions to navigating the privacy-utility tradeoff in various contexts.
To address the security of cyber-physical systems, the PITS lab is studying the impact of stealthy attacks on cyber-physical systems, when the attacker, and possibly the controller, have imperfect information about the system model.
In the area of biometric authentication, the PITS lab is investigating computer-induced procedural biases as a means of enhancing the performance of established continuous biometric authentication algorithms.
In the past, the PITS lab has developed practical protocols for non-traditional key establishment based on common randomness harvested from networking metadata in ad-hoc wireless networks. As a part of the same effort, the lab developed efficient methods for calculating the theoretical bounds for the secret-key capacity of complex sources of randomness, representable as sibling hidden Markov processes.
In the area of physically-unclonable functions (PUFs), the PITS lab exposed for the first time the discharge inversion effect (DIE) in SRAM-based PUFs. If not well controlled for when learning the SRAM statistics necessary for fuzzy extraction, the DIE has the potential to cause catastrophic failure in authentication or randomness generation applications.