Congratulations to Prof. Dr. Ada Lerner on a successful final defense!
A team of researchers in the Allen School’s Privacy & Security Research Lab have developed a new system, SeaGlass, which could bring more transparency and accountability to cell-phone surveillance. SeaGlass is capable of detecting anomalies in the cellular network that may indicate the presence of surveillance devices called IMSI-catchers (also known as cell-site simulators or Stingrays), which track individuals through their International Mobile Subscriber Identity by posing as a legitimate cell tower.
WIRED magazine recently talked to the researchers about SeaGlass and their hope that the findings contribute to the public discourse. From the article:
“Law enforcement’s use of the surveillance devices known as stingrays, fake cell towers that can intercept communications and track phones, remains as murky as it is controversial, hidden in non-disclosure agreements and cloak-and-dagger secrecy. But a group of Seattle researchers has found a new method to track those trackers: by recruiting ridesharing vehicles as surveillance devices of their own.
“For two months last year, researchers at the University of Washington paid drivers of an unidentified ridesharing service to keep custom-made sensors in the trunks of their cars, converting those vehicles into mobile cellular data collectors.”
The article explains how the information gathered by those mobile data collectors was analyzed to identify irregularities in the network compared to normal cell tower behavior, which could indicate that a surveillance device is active in the area. By using off-the-shelf parts and deploying the system on fleet vehicles that cover a lot of ground during their normal course of business, the researchers demonstrated SeaGlass to be an inexpensive and unobtrusive way to map the cellular landscape.
During the pilot, the system detected three anomalies in the greater Seattle area that piqued the team’s interest. Although the results do not offer conclusive proof of an IMSI-catcher, they do provide a good starting point for further exploration — and for an overdue conversation about surveillance practices.
“Up until now the use of IMSI-catchers around the world has been shrouded in mystery, and this lack of concrete information is a barrier to informed public discussion,” Ph.D. student Peter Ney said in a UW News release. “Having additional, independent and credible sources of information on cell-site simulators is critical to understanding how — and how responsibly — they are being used.”
The team, which also includes Allen School research scientist Ian Smith, Ph.D. student Gabriel Cadamuro, and professor Tadayoshi Kohno, hopes that its work will contribute to a more robust public debate over cell-phone surveillance. They describe in detail the SeaGlass technology and results of the pilot in a paper that will be published this month in the Proceedings on Privacy Enhancing Technologies.
“SeaGlass is a promising technology that — with wider deployment — can be used to help empower citizens and communities to monitor this type of surveillance,” said Smith. “This issue is bigger than one team of researchers. We’re eager to push this out into the community and find partners who can crowdsource more data collection and begin to connect the dots in meaningful ways.”
Congratulations to Dr. Paul Vines on a successful final defense!
Security Lab PhD student Eric Zeng gave a great Quals Talk today at the Allen School, describing his work studying end user security and privacy concerns with smart homes. The Quals project and talk — along with all the relevant coursework — fulfill a major milestone along the path to a PhD. Eric will be presenting a similar talk at the Symposium on Usable Privacy and Security (SOUPS) in July. Congratulations Eric!
Today Security Lab PhD student Kiron Lebeck presented at the 38th IEEE Symposium on Security & Privacy (Oakland) in San Jose, CA. Kiron presented his paper “Security Augmented Reality Output”, describing a design for an augmented reality platform that mitigates risks from buggy or malicious application output (e.g., virtual content that obscures a user’s view of important physical world objects, like oncoming cars, or that startles a user). This work was done in collaboration with Security Lab undergraduate researcher Kimberly Ruth and faculty members Yoshi Kohno and Franzi Roesner. Congrats Kiron on a great presentation!
Read the full research paper here and learn more about the UW Security Lab’s efforts on security and privacy for emerging augmented reality platforms here. This work was also recently covered by Science.
Security Lab undergraduate researcher Kimberly Ruth spoke today at UW’s Undergraduate Research Symposium. Kimberly discussed her work on security and privacy for emerging augmented reality technologies, in collaboration with Security Lab PhD student Kiron Lebeck and lab co-directors Professors Yoshi Kohno and Franzi Roesner, which will also appear later this month at the IEEE Symposium on Security and Privacy (Oakland) 2017. Great talk, Kimberly!
Members of the security lab visited Paris, France this week for the 2nd IEEE European Symposium on Security and Privacy (Euro S&P).
At the conference, security lab alumna Gennie Gebhart (now at the Electronic Frontier Foundation) presented her work with faculty member Yoshi Kohno and an anonymous co-author on “Internet Censorship in Thailand: User Practices and Potential Threats”. Read the full paper here.
Security lab PhD student Eric Zeng presented “Confidante: Usable Encrypted Email – A Case Study With Lawyers and Journalists”, collaborative work with PhD student Ada Lerner and faculty member Franzi Roesner. Read the full paper here and check out the Confidante encrypted email tool and source code here.
Congratulations to Security Lab undergraduate researcher Kimberly Ruth for winning a Scholarship for Women Studying Information Security (SWSIS)! In fact, Kimberly is the first winner of the program’s first named scholarship, the Rebecca Gurley Bace SWSIS Scholarship. The SWSIS program provides scholarships of up to $10,000 for women studying for their Bachelors and Masters degrees in fields relating to information security. Kimberly’s research focuses on security and privacy for emerging augmented reality systems. Read the official award citation here. Congratulations again, Kimberly!
Congratulations to UW Security Lab undergraduate Kimberly Ruth for winning the coveted Mary Gates Research Scholarship! The Mary Gates Scholarship is a highly competitive scholarship intended to facilitate the research experience of University of Washington undergraduate students. Kimberly is actively conducting research at the intersection of augmented reality and computer security, a research area led by security lab faculty member Franziska Roesner. In fact, Kimberly is a co-author of an upcoming paper on that topic, to appear at this year’s IEEE Symposium on Security and Privacy in May 2017. Kimberly conducted that research during her freshman and sophmore years at UW. Her paper, co-authored with her PhD student mentor Kiron Lebeck and her faculty advisors Franziska Roesner and Yoshi Kohno, will appear on the UW Augmented Reality and Security page soon. Congratulations Kimberly!!