Welcome to the Center for Computer Security and Society (C2S2)
The Center for Computer Security and Society (C2S2) is an interdisciplinary center based at the University of Michigan. The center is dedicated to the investigation of emerging threats to critical embedded systems and networks, and on the impact of cyber security attacks on critical infrastructure, governments, and sensitive data.
News Feed
The science behind election security
How one professor is working toward more secure voting technology.Hacked voting machine donated to Henry Ford museum
The machine was used by Prof. J. Alex Halderman for election cybersecurity research, and in a demonstration during which then-Senator Kamala Harris voted on it.Andrew Wintenberg awarded Predoctoral Fellowship to support research impacting the safety of smart systems
Wintenberg is developing computer algorithms and tools to improve the security of cyber and cyber-physical systems.Six ECE faculty will help shape the future of semiconductors as part of the JUMP 2.0 program
Elaheh Ahmadi, David Blaauw, Michael Flynn, Hun-Seok Kim, Hessam Mahdavifar, and Zhengya Zhang bring their expertise and creativity to this nationwide undertaking in the area of semiconductors and information & communication technologies.U-M spin-off Agita Labs releases always encrypted computing product
TrustForge, based on U-M research spearheaded by Austin and Bertacco, provides users with the ability to protect data using a process called sequestered encryptionZ. Morley Mao elected IEEE fellow for contributions to performance and security of internet routing and mobile systems
Prof. Mao and her students have played an important role in understanding the efficiency, security, and performance of a number of mobile systems.Five ways to keep vaccine cold storage equipment safe from hackers
A medical security expert outlines the risks and how hospitals can protect themselves.Embracing Risk: Cyber insurance as an incentive mechanism for cybersecurity
This new book by Mingyan Liu offers an engineering and strategic approach to improving cybersecurity through cyber insuranceHer fight for your rights
Could censorship end the internet as we know it? Not if Roya Ensafi can help it.
Less nosy smart speakers
Technology could capture household information without recording speech.
Election lessons from Michigan
Election security expert J. Alex Halderman dissects Antrim County’s election debacle to help future contests go more smoothly.
First IFIP Workshop on Intelligent Vehicle Dependability and Security
The workshop, co-organized by a team including two EECS faculty, focused on ensuring the safety of Level 3 autonomous vehicles, where humans must be ready to take over control.Hacking reality
Microphones that “hear” light; microprocessors that “tell” us secrets; self-driving cars that “see” fake objects; sensors that “feel” the wrong temperature. Our devices are under attack in new, increasingly sophisticated ways. Security researchers at CSE are exploring the limits of hardware and finding new, sobering vulnerabilities in our computers and homes.
After five years, Let’s Encrypt, a non-profit based on tech developed at Michigan, has helped to secure the internet
Today, over 225 million websites are protected by free certificates issued by Let’s Encrypt.
Major side-channel discovery wins NSA contest
The winning paper broke open a new area of investigation in hardware-based data leaks.
Censored Planet: Tracking internet censorship without on-the-ground participation
Censored Planet is releasing technical details for other researchers and for activists.
5 ways Americans can keep their vote secure and accurate
Expert advice for voting in an unprecedented election.
Burn after reading
A self-erasing chip for security and anti-counterfeit tech.
CSE researchers help organize 10th anniversary workshop on internet freedom
Prof. Roya Ensafi and PhD candidate Reethika Ramesh led organizing efforts for USENIX’s Tenth Workshop on Free and Open Communications on the Internet.
$1.8M DARPA project aims to protect cars, trucks and spacecraft from hackers
Ironpatch could head off growing danger of security vulnerabilities in vehicle systems.
New collaboration promises greater innovation in medical device security
The two organizations will connect their membership and partner networks to work on advancing security for life-saving devices.
New remote voting risks and solutions identified
The upcoming presidential election in the middle of a pandemic has jurisdictions exploring new technologies. They’re not secure.
IEEE security conference features six accepted papers from CSE researchers
The projects impact voting systems, physical sensors, integrated circuit fabrication, and multiple microarchitectural side-channel vulnerabilities.
Catching nuclear smugglers: fast algorithm could enable cost-effective detectors at borders
The algorithm can pick out weak signals from nuclear weapons materials, hidden in ordinary radiation sources like fertilizer.
Xueru Zhang awarded Rackham Predoctoral Fellowship
Zhang is working to improve data security and address important ethical issues related to AI and discriminatory data sets.
Rackham Predoctoral Fellowship for design of robust, reliable and repairable software systems
Subarno Banerjee uses program analysis to improve software systems’ safety and security.
Autonomous vehicles can be fooled to ‘see’ nonexistent obstacles
Vehicles that perceive obstacles that aren’t really there could cause traffic accidents.
Todd Austin Named S. Jack Hu Collegiate Professor of Computer Science and Engineering
Prof. Austin is a creative, outside-the-box thinker who has produced a body of work that has had extraordinary impact in the area of computer architecture.
Real-time monitor tracks the growing use of network filters for censorship
The team says their framework can scalably and semi-automatically monitor the use of filtering technologies for censorship at global scale.
Not enough voters detecting ballot errors and potential hacks, study finds
Researchers carried out the first study on voter behavior with electronic assistive devices, found 93% missed incorrect ballots.
Researchers design new solution to widespread side-channel attacks
The proposal provides a chip-level safeguard against sensitive data being transmitted after it’s accessed.
How Let’s Encrypt doubled the percentage of secure websites in four years
A Q&A with J. Alex Halderman, who co-founded the nonprofit organization.
How Russia’s online censorship could jeopardize internet freedom worldwide
The nation is using inexpensive commodity equipment to block 170K domains on more than 1K privately-owned ISPs.
Researchers take control of Siri, Alexa, and Google Home with lasers
The newly discovered microphone vulnerability allows attackers to remotely inject inaudible and invisible commands into voice assistants using light.
Offensive vehicle security toolbox makes car hacking easier
The new system is designed to save security researchers time and effort spent reverse-engineering the message format of every vehicle they study.
New tool combats evolving internet censorship methods
Technology pioneered by Michigan researchers can circumvent many effective website blocking tools
Year of vulnerability hunting uncovers potential attacks on Intel Chips, RAM
All three of these attacks put users’ privacy at risk, exploiting new routes to sensitive data.Remote attack on temperature sensors threatens safety in incubators and industry
The researchers demonstrated that an adversary could remotely manipulate the temperature sensor measurements without tampering with the targeted system or triggering automatic temperature alarms.
PET Award for making privacy policies easier to read
The research generated a chatbot to help users sift through important details in privacy policies.
Best paper award for analysis of a decade of malware reports
The research suggests that common blacklist-based prevention systems are ineffective.
Computer vision: Finding the best teaching frame in a video for fake video fightback
The frame in which a human marks out the boundaries of an object makes a huge difference in how well AI software can identify that object through the rest of the video.
Michigan’s new Election Security Commission holds inaugural meeting on U-M Campus
The meeting began the commission’s review and assessment of election security in Michigan.
Halderman co-chairs new commission to protect Michigan votes
The effort seeks to protect the integrity of every vote.
Election security: Halderman recommends actions to ensure integrity of US systems
In congressional testimony, professor urges $370M in federal funding to replace outdated machines.
Facebook Fellowship for research on web privacy, security, and censorship
McDonald works to develop better privacy and security tools for marginalized communities
Online censorship detector aims to make the internet a freer place
Censored Planet could provide new insight into the flow of online information
Time-varying metamaterials for next generation communication, sensing, and defense systems
With $7.5M MURI grant, Professor Anthony Grbic is developing metamaterials for a new generation of integrated electromagnetic and photonic systems.
Study reveals new data on region-specific website blocking practices
A team of researchers unearthed new data on geographic denial of access to web content in a new paper.
A secure future for US elections starts in the classroom
A new special topics course on election cybersecurity gives students an examination of the past, present, and future of US elections.
Tyche: A new permission model to defend against smart home hacks
“The work is an important step towards understanding how to make tradeoffs between usability and security.”
Intel processor vulnerability could put millions of PCs at risk
Patches can provide protection.
Undocumented immigrants’ privacy at risk online, on phones
When it comes to their smartphones, immigrants struggle to apply instinctive caution, according to a study by a team of University of Michigan researchers.
Building a security standard for a post-quantum future
A large quantum computer could retroactively decrypt almost all internet communication ever recorded.
Zuckerberg Capitol Hill testimony: Engineering experts offer comments
U-M profs weigh new business model, European-style regulation
‘I hacked an election. So can the Russians.’
Professor Alex Halderman and the New York Times staged a mock election to demonstrate voting machine vulnerability.
Michigan researchers discover vulnerabilities in next-generation connected vehicle technology
The vulnerability allows an attacker to manipulate a new intelligent traffic control algorithm and cause severe traffic jams.
CSE PhD student Matt Bernhard on the Facebook data breach
In this video, CSE PhD Student Matt Bernhard weighs in on the matter Facebook data harvesting, such as that done by Cambridge Analytica.
Can sound be used as a weapon? 4 questions answered
What happened to people inside the U.S. Embassy in Havana?
Cuba ‘sonic attacks’: A covert accident?
‘We’ve demonstrated a scenario in which the harm might have been unintentional.’
Chat tool simplifies tricky online privacy policies
Automated chatbot uses artificial intelligence to weed through fine print
A shoe-box-sized chemical detector
Powered by a broadband infrared laser, the device can zero in on the ‘spectral fingerprint region’.
FCC repeals net neutrality: Engineering experts offer comments
A long-standing tenet of the internet was overturned today.
An armed robber’s Supreme Court case could affect all Americans’ digital privacy for decades to come
How much can your cellphone reveal about where you go?
Manos Kapritsos and collaborators win USENIX security paper award
Their paper introduces a new programming language and tool called Vale that supports flexible, automated verification of high-performance assembly code.
Prof. J. Alex Halderman testifies in front of senate intelligence committee on secure elections
His remarks focused on vulnerabilities in the US voting system and a policy agenda for securing the system against the threat of hacking.
Smartphone security hole
‘Open port’ backdoors are common.
Behzad Yektakhah earns paper award for research in seeing through walls
Yektakhah’s system improves on the speed, portability, and accuracy of many commercial models
Sonic cyber attacks show security holes in ubiquitous sensors
Michigan Engineering researchers discuss and demonstrate the sound-based attacks they leveled at the accelerometers found in everyday electronics.
Professor to Congress: ‘Internet of Things security is woefully inadequate’
Michigan Engineering professor Kevin Fu spoke in front of congress on Nov. 16, 2016.
Peter Honeyman receives USENIX Test of Time Award
The USENIX Test of Time Awards recognizes papers presented at its respective conference from at least 10 years ago that have had a lasting impact on their fields.
Several Michigan Papers Presented at 2016 USENIX Security Symposium
A total of five papers authored by CSE researchers were presented.Researchers David Adrian and Alex Halderman receive Pwnie Award for work on DROWN attack
DROWN allows attackers to break encryption used to protect HTTPS websites and read or steal sensitive communications.
With over 7 million certificates issued, Let’s Encrypt aims to secure the entire web
In order to bring HTTPS to everyone, Prof. Halderman joined forces in 2012 with colleagues at Mozilla and the Electronic Frontier Foundation to found Let’s Encrypt, a non-profit certificate authority with the mission of making the switch to HTTPS vastly easier.
Two Michigan papers win top awards at IEEE Security and Privacy Symposium
One of the paper describes and demonstrates a malicious hardware backdoor. The other demonstrated security failings in a commercial smart home platform.
Michigan and Verisign researchers demonstrate new man-in-the-middle WPAD query attack
New security ramifications exist when laptops and smartphones configured for enterprise systems are used outside the enterprise in the realm of the wider web.
Hacking into homes: Security flaws found in SmartThings connected home system
New vulnerabilities form when hardware like electronic locks, thermostats, ovens, sprinklers, lights and motion sensors are networked and set up to be controlled remotely.
Passwords, privacy and protection: Can Apple meet FBI’s demand without creating a ‘backdoor’?
Prof. H.V. Jagadish sheds light on current issues regarding data privacy and technology.
Secure your website now: Let’s Encrypt enters Public Beta
Let’s Encrypt allows anyone to request a free website security certificate without needing an invitation.
Michigan Researchers Win the 2016 Applied Networking Research Prize
In their paper, the researchers present the first report on global adoption rates of SMTP email security extensions.
Computer Scientists Win Best Paper Award at ACM Conference on CCS for Exposing the Vulnerabilities of the Diffie-Hellman Key Exchange
Diffie-Hellman is a popular algorithm used for encrypted communications, including emails VPNs, HTTPS, and other protocols where a client and server negotiate a shared secret key for communication
J. Alex Halderman and Collaborators Receive NSF Cybersecurity Award to Develop Rapid-Response Architecture
This project strives to positively impact the availability and reliability of the Internet and provide the security community with tools, platforms, and comprehensive vulnerability measurement data.
Virta Labs Introduces PowerGuard™
Virta Laboratories was co-founded in part by Prof. Kevin Fu and former CSE postdoctoral researcher Denis Foo Kune.
Thomas Chen earns NSF Graduate Research Fellowship for research in artificial neural networks for computer vision
Thomas and his group are working to improve upon artificial neural network design through a process called sparse coding.
Security Flaw in New South Wales Puts Thousands of Online Votes at Risk
Securing Internet voting requires solving some of the hardest problems in computer security, and even the smallest mistakes can undermine the integrity of the election result.
Yi-Chin Wu receives ProQuest Distinguished Dissertation Award for research in network security
Her dissertation focused on “opacity,” which captures whether a given secret of the system can be inferred by intruders who observe the behavior of the system.
Computer science researchers aim to securely encrypt every website
A project is underway which will offer a free, automated, and easy process for converting webservers from HTTP to HTTPS that is implemented with a single command.
Computer Scientists Win Best Paper Award at 2014 ACM Internet Measurement Conference
The research team performed a comprehensive, measurement-based analysis of the impact of the recent Heartbleed vulnerability.
Yelin Kim wins Best Student Paper Award at ACM Multimedia 2014 for research in facial emotion recognition
She computationally measures, represents, and analyzes human behavior data to illuminate fundamental human behavior and emotion perception, and develop natural human-machine interfaces.
Kamal Sarabandi elected President of IEEE Geoscience and Remote Sensing Society
The IEEE Geoscience and Remote Sensing Society is a remote sensing organization with more than 3700 members around the globe.
Becky Peterson awarded DARPA Young Faculty Award to investigate new materials for power semiconductor devices
Prof. Peterson’s findings could be used in wireless sensing and actuation systems, including those that deal with monitoring of the environment and medical conditions.
Pallab Bhattacharya to receive 2015 IEEE David Sarnoff Award
Since coming to the University in 1984, Prof. Bhattacharya has pioneered several important technological advances.
Shrinking the size of optical systems, exponentially
The researchers believe that metasurfaces could one day be used to completely control the phase, amplitude, and polarization of light.
Iranian internet censorship system profiled for first time
When GPS fails, this speck of an electronic device could step in
The research group developed special fabrication processes that allows them to stack and bond seven different devices in layers.
New laser shows what substances are made of; could be new eyes for military
By shining the laser on a target and analyzing the reflected light, researchers can tell the chemical composition of the target.
After Newtown: A new use for a weapons-detecting radar?
The technology could potentially identify a hidden weapon from a distance in less than a second.
James McCullagh receives Best Student Paper Award for research to keep bridges safe
McCullagh is working to develop energy harvesting devices and circuits to power wireless sensor nodes which can monitor bridge health.
Michael Bailey receives Research Faculty Recognition Award from OVPR
His research is focused on the security and availability of complex distributed systems.Computer scientists win Best Paper Award at 21st USENIX Security Symposium
Halderman’s “Securing Digital Democracy” opens on Coursera
Computer scientists named runners up for PET Award
Duo of CSE Alums Form and Grow Security Company in Ann Arbor
Serial entrepreneur Dug Song (CS BS 1997) and recent alum Jon Oberheide (CSE PhD 2011) founded security firm Duo Security in early 2010 and have rapidly grown their company to serve over 500 customers in 40+ countries around the world.
Researchers demonstrate firewall vulnerability in cell network
J. Alex Halderman to Teach Course on Electronic and Internet Voting through Coursera
The 5-week course will provide the technical background and public policy foundation that today’s citizens need to understand the electronic voting debate.Prof. J. Alex Halderman featured in PBS story on the security of internet voting
CSE Alum Jon Oberheide Named One of Forbes’ 30 Under 30 in Technology
‘Perfect black’ coating can render a 3D object flat, raises intriguing dark veil possibility in astronomy
The carbon nanotube carpet is about half the thickness of a sheet of paper and absorbs 99.9 percent of the light that hits it.