Cross Cutting Thrusts
Matt Fredrikson's research is directed at understanding fundamental security and privacy issues that lead to failures in real systems. Some of the key outstanding challenges in this area lie in figuring out why promising theoretical approaches oftentimes do not translate into effective defenses. Much of his work is concerned with developing formal analysis techniques that provide insight into the problems that might exist in a system, building countermeasures that give provable guarantees, and measuring the effectiveness of these solutions in real settings. Most of his current research focuses on issues of privacy and data confidentiality. To an even greater extent than with other security issues, our scientific understanding of this area lags far behind the need for rigorous defensive strategies. He believe that in order to reason effectively about privacy in software systems, we need application-specific ways to characterize and limit adversarial uncertainty and inference.
"Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures". M. Fredrikson, S. Jha, T. Ristenpart. 2015 ACM Conference on Computer and Communications Security (CCS).
"Surreptitiously Weakening Cryptographic Systems". B. Schneier, M. Fredrikson, T. Kohno, T. Ristenpart. Cryptology ePrint Archive, Report 2015/097, February 2015.
"Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing". M. Fredrikson, E. Lantz, S. Jha, S. Lin, D. Page, T. Ristenpart. 2014 Usenix Security Symposium (Best Paper Award).
"Z0: An Optimizing Distributing Zero-Knowledge Compiler". M. Fredrikson, B. Livshits. 2014 Usenix Security Symposium.
"On the Practical Exploitability of Dual EC in TLS Implementations". S. Checkoway, M. Fredrikson, R. Niederhagen, M. Green, T. Lange, T. Ristenpart, D. J. Bernstein, J. Maskiewicz, H. Shacham. 2014 Usenix Security Symposium.
"MoRePriv: Mobile OS Support for Application Personalization and Privacy". D. Davidson, M. Fredrikson, B. Livshits. 2014 Annual Computer Security Applications Conference (ACSAC).
"Satisfiability Modulo Counting: A New Approach for Analyzing Privacy Properties". M. Fredrikson, S. Jha. 2014 Joint Meeting of Computer Science Logic and Logic in Computer Science (CSL-LICS).
"Efficient Runtime Policy Enforcement Using Counterexample-Guided Abstraction Refinement". M. Fredrikson, R. Joiner, S. Jha, T. Reps, P. Porras, H. Saidi and V. Yegneswaran. Computer Aided Verification 2012 (CAV).
"Towards Enforceable Data-Driven Privacy Policies". M. Fredrikson, D. Davidson, S. Jha, B. Livshits
2011 Workshop on Web 2.0 Security and Privacy (W2SP).
"Dynamic Behavior Matching: A Complexity Analysis and New Approximation Algorithms". M. Fredrikson, M. Christodorescu, S. Jha". 2011 Conference on Automated Deduction (CADE).