Billy Lau
University of Michigan
Publications 1
#1Billy Lau (Georgia Institute of Technology)H-Index: 3
#2Simon P. Chung (Georgia Institute of Technology)H-Index: 10
Last.Alexandra Boldyreva (Georgia Institute of Technology)H-Index: 26
view all 6 authors...
Users are increasingly storing, accessing, and exchanging data through public cloud services such as those provided by Google, Facebook, Apple, and Microsoft. Although users may want to have faith in cloud providers to provide good security protection, the confidentiality of any data in public clouds can be violated, and consequently, while providers may not be "doing evil," we can not and should not trust them with data confidentiality. To better protect the privacy of user data stored in the c...
#1Tielei Wang (Georgia Institute of Technology)H-Index: 12
#2Yeongjin Jang (Georgia Institute of Technology)H-Index: 10
Last.Wenke Lee (Georgia Institute of Technology)H-Index: 67
view all 6 authors...
While Apple iOS has gained increasing attention from attackers due to its rising popularity, very few large scale infections of iOS devices have been discovered because of iOS' advanced security architecture. In this paper, we show that infecting a large number of iOS devices through botnets is feasible. By exploiting design flaws and weaknesses in the iTunes syncing process, the device provisioning process, and in file storage, we demonstrate that a compromised computer can be instructed to ins...
#1Billy LauH-Index: 3
#2Simon P. ChungH-Index: 10
Last.Alexandra BoldyrevaH-Index: 26
view all 6 authors...
Oct 1, 2011 in PASSAT (Privacy, Security, Risk and Trust)
#1Billy Lau (UM: University of Michigan)H-Index: 1
#2Atul Prakash (UM: University of Michigan)H-Index: 34
Last.Venkatanathan Annamalai (UM: University of Michigan)H-Index: 1
view all 3 authors...
The weakest link in secure web site access is often the end-host. Any malicious software installed there, or a runtime browser compromise, can lead to theft of critical information which is stored locally. Today's state-of-the-art in host-based intrusion detection and prevention systems has not succeeded in eradicating this problem. In this paper, we introduce an orthogonal solution: a system that guarantees the confidentiality of sensitive documents produced during web transactions, even on a c...
#1Kevin Borders (UM: University of Michigan)H-Index: 13
#2Eric Vander Weele (UM: University of Michigan)H-Index: 2
Last.Atul Prakash (UM: University of Michigan)H-Index: 34
view all 4 authors...
Protecting confidential information is a major concern for organizations and individuals alike, who stand to suffer huge losses if private data falls into the wrong hands. One of the primary threats to confidentiality is malicious software on personal computers, which is estimated to already reside on 100 to 150 million machines. Current security controls, such as firewalls, anti-virus software, and intrusion detection systems, are inadequate at preventing malware infection. This paper introduce...