Computing is undergoing a significant shift. First, the explosive growth of the Internet of Things (IoT) enables users to interact with computing systems and physical environments in novel ways through perceptual interfaces (e.g., microphones and cameras). Second, machine learning algorithms collect huge amounts of data and make critical decisions on new computing systems. While these trends bring unprecedented functionality, they also drastically increase the number of untrusted algorithms, implementations, interfaces, and the amount of private data processed by them, endangering user security and privacy. To regulate these security and privacy issues, privacy regulations such as GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act) went into effect. However, there is a huge gap between the desired high-level security/privacy/ethical properties (from regulations, specifications, users’ expectations) and low-level real implementations.
To bridge the gap, my work aims to change how platform architects design secure systems, assist developers by detecting security and privacy violation of implementations and build usable and scalable privacy-preserving systems. In this talk, I will present how my group designs principled solutions to ensure modern and emerging computing platforms' security and privacy. In this talk, I will introduce two developer tools we build to detect security and privacy violations. Using the tools, we found large numbers of policy violations in healthcare voice applications and security property violations in IoT messaging protocol implementations. Additionally, I will discuss our recent work on scalable privacy-preserving machine learning.
Yuan Tian is an Assistant Professor of Computer Science at the University of Virginia. Before joining UVA, she obtained her Ph.D. from Carnegie Mellon University in 2017 and interned at Microsoft Research, Facebook, and Samsung Research. Her research interests involve security and privacy and its interactions with computer systems, machine learning, and human-computer interaction. Her current research focuses on developing new computing platforms with strong security and privacy features, particularly in the Internet of Things and mobile systems. Her work has real-world impacts as countermeasures and design changes have been integrated into platforms (such as Android, Chrome, Azure, and iOS), and also impacted the security recommendations of standard organizations such as the Internet Engineering Task Force (IETF). She is a recipient of Google Research Scholar Award 2021, Facebook Research Award 2021, NSF CAREER award 2020, NSF CRII award 2019, Amazon AI Faculty Fellowship 2019, CSAW Best Security Paper Award 2019, and Rising Stars in EECS 2016. Her research has appeared in top-tier venues in security, machine learning, and systems. Her projects have been covered by media outlets such as IEEE Spectrum, Forbes, Fortune, Wired, and Telegraph.