Newsroom
Yao Liu awarded $500,000 NSF Secure and Trustworthy Cyberspace grant
September 15, 2020
CSE Associate Professor Yao Liu received a $500,000 NSF grant from the Secure and Trustworthy Cyberspace (SaTC) program for the project "SaTC: TTP: Small: Creating Content Verification Tools to Protect Document Integrity.”
Adobe's Portable Document Format (PDF) has become the standard for electronic documents.
Academic and collegiate papers, business write-ups and fact sheets, advertisements
for print, and anything else meant to be viewed as a final product make use of the
PDF standard. End users cannot easily change the text of a PDF document, so most come
to expect a degree of integrity present in all PDF documents encountered. Nevertheless,
content masking attacks were discovered against the content integrity of PDF documents
themselves. Specifically, these attacks cause humans to view a masked version of the
content these computer systems read. This project will create techniques and tools
to deal with content masking attacks against document integrity, and has the potential
to significantly impact on the research and engineering effort in the field of document
security, due to the wide use of digital documents in government and commercial entities.
With the substantial security enhancement for PDF content integrity, the project could
promote the wide adoption of PDF content verification tools in today's data loss prevention
systems.
This project will improve the state-of-the-art in document security via creating
a set of defense tools to assure the integrity of documents. The research team aims
at (i) designing a lightweight PDF font verification tool that can effectively verify
the integrity of font files embedded into documents; (ii) understanding the impact
of adversarial machine learning on document integrity; (iii) creating an advanced
content verification tool, which integrates functionalities of random partition, feature
extraction, and decision aggregation, to address content masking attacks leveraging
the adversarial machine learning techniques; and (iv) performing comprehensive evaluation
to ensure the efficiency, reliability, and security of the designed content integrity
verification tools.