At the SPRING Lab we perform research related to the design and evaluation of secure and privacy-friendly ICT systems for a wide range of applications. Our main lines of research are the following:

Machine learning in security and privacy

The unstoppable explosion of machine learning algorithms in the recent years also has great impact in security and privacy research. In particular, machine learning is a great asset for security, and devastating for privacy.

At the SPRING Lab we try to understand how we can use machine learning to help designers evaluate their systems design, as well as find principled ways to design defenses against machine learning-based attacks on privacy.

Related publications:

Privacy in crowd sourcing applications

As smart phones become ubiquitous and it becomes easier to collect data for any person, application developers increasingly resort to the “Crowd” to obtain data. This approach has great advantages for developers, it is cheap and results in coverage difficult to obtain otherwise at such low cost. However, when users provide data they implicitly reveal personal information to the application developer (or to everyone when their contributions are published in the form of Open Data).

At the SPRING Lab we work on building tools to enable users to better understand how much information they reveal, and to enable app developers to achieve their goals without endangering the privacy of users that altruistically contribute to the projects.

Related publications:

Anonymous communications

Anonymous communication networks, such as Tor, defend users communications’ against traffic analysis, a form of network surveillance that enables adversaries to learn who communicate with whom, or what data is being exchanged, even when the channel is encrypted.

At the SPRING Lab we work at different levels. On the one hand we study security aspects of deployed systems and investigate means to improve the protection their provide with minimal impact on the deployment. On the other hand we perform fundamental research to better understand the foundations of anonymity in communications that inform systems’ designers.

Related publications:

Location Privacy

A large part of the applications that we use nowadays, from driving directions to social messaging or searches, ride on users location to improve the quality of the service they provide. However, location based services raise important privacy concerns as it has been demonstrated that collecting accurate locations allows to inference a wide range of private information about users.

At the SPRING Lab we work on developing better techniques to quantify location privacy in different applications, as well as on methodologies to design privacy-preserving mechanisms that protect users’ location but provide good usability for location based services.

Related publications:

Privacy engineering methodologies

The privacy concerns stemming from the pervasiveness of on-line services and mobile devices in our daily lives has put Privacy Technologies in the spotlight. Yet, despite the many years of research on these technologies it is still not well understood how to design them, evaluate them, and incorporate them into ICT systems in a systematic manner. This lack of understanding hinders the development of solutions that enable citizens, governments, and corporations to enjoy technological progress without damaging our societal values.

At the SPRING Lab we work on developing tools and methodologies that engineers can use to reason in a systematic manner both about the design and the evaluation of privacy-preserving technologies.

Related publications: