Transcript New Products Portfolio Review - Institute for Networking and

Networking and Security Research Center
http://nsrc.cse.psu.edu/
Mission: Enabling robust, high performance secure internetworked information systems
Professor Thomas F. La Porta, Director
Department of Computer Science and Engineering
Penn State, 4-26-12
0
Networking and Security Research Center
Networking, security and systems experts
– 22 faculty
– Approximately 60 students
• Ph.D., M.S. and Schreyer Honors College Seniors
• 3 Labs in addition to individual research groups
Diverse Expertise
– Wireless networking and communications
– Software systems
– All aspects of security: networking, protocols, systems, policies, cryptography
Industrial partners, joint projects
– Current: Cisco, IBM, Battelle, Alcatel-Lucent, Hewlett-Packard, Harris
– Accipiter Systems, Boeing, Vocollect, Intel, Motorola, Narus, Raytheon, Sprint, Telcordia,
Lockheed Martin
– Ben Franklin Center of Excellence (2007-2009)
Student placements: A-10 Networks, North Carolina State, Universidad de los Andes,
Virginia Tech, Telcordia
Penn State, 4-26-12
1
NSRC Accomplishments
Research Results
– ~100 refereed publications in 2011
Funding: Over $27M since 2005 (over $5.5M in 2011)
– NSF: Trustworthy Computing (2), Networking, Communication and Information Foundations
– Army Research Lab and UK Ministry of Defence (ITA Program)
– Army Research Lab Network Science CTA
– Army Research Lab (cybersecurity (2))
– Center for Disease Control
– Air Force Office of Scientific Research
– Industrial Funding: over $150K in 2011 (approximately $1.8M in 6 years)
Selected Faculty Appointments in 2011
– EiC of ACM Transactions on Internet Technology
– Executive committee of top IEEE sensor network and protocols conferences
– General Chair of IEEE ICNP
– Associate Editors on 8 publications
Awards
– AT&T Graduate Fellowship (2), Several travel grant awards
Penn State, 4-26-12
2
Organizations: Members and Financial Support
College of Engineering
– Computer Science and Engineering, Electrical Engineering
– Networking, communications, all aspects of security, data mining and privacy
Applied Research Lab
– Wireless technologies, networking, security, information fusion
– Classified programs
Smeal College of Business
– Economic and financial analysis, monitoring, security management, and supply chain apps
Dickinson Law School, School of International Affairs
– Policy, legal implications, applications (voting, Internet privacy, etc.)
Penn State Great Valley
– Engineering Division, Software Engineering Research Group; ultra-large systems, design for
security
Also receive financial support from College of Information Science and Technology
Penn State, 4-26-12
3
Systems and Internet Infrastructure
Security Laboratory (SIIS Lab)
Prof. Trent Jaeger ([email protected])
Operating Systems and Cloud Security, Trustworthy Computing, Software Analysis for
Security
Prof. Patrick McDaniel ([email protected])
Network Security, Critical Infrastructure, Smart-Phone Security, Security Policy, Software
Systems
Prof. Adam Smith ([email protected])
Cryptography, Applied Cryptography, Information Science, Theoretical Computer Science
Funding:
National Science Foundation
ARO/AFRL/IARPA/AFOSR
Battelle, AT&T, Samsung
Raytheon, Telcordia, Lockheed
IBM, HP, Intel
National Institutes of Health
Ongoing Projects:
Systems and Cloud Security
Secure Storage Systems
Language Based Security
Telecommunications Security
Smart Grid Security
Voting Systems
Cryptography & Data Privacy
Recent Awards: PECASE, PSES Outstanding Research
Factoids: Established September 2004 -- Location - 344 IST Building -- Contact
[email protected]
Penn State, 4-26-12
URL: http://siis.cse.psu.edu
4
Mobile Computing and Networking (MCN) Lab
MCN lab conducts research in many areas of wireless networks and mobile
computing, with an emphasis on designing and evaluating mobile systems,
protocols, and applications.
Projects
– smartphones, in-network storage, wireless sensor networks, vehicular networks, wireless network
security, resource management in wireless networks.
Students: 10 PhD, 1 MS, and 1 honor BS student
•
Alumni: 11 PhD, including faculty members at Iowa State
University, Florida International University, Frostburg State
University, and students in Motorola, Cisco, Microsoft.
•
12 MS students went to various companies
Support: NSF (NeTS/NOSS, CT, WN, CNS), Army Research
Lab, Army Research Office, DoD/muri, and companies
such as Cisco, IBM and Narus
Contact: Prof. Guohong Cao, [email protected]
URL: (http://mcn.cse.psu.edu/)
Penn State, 4-26-12
5
Wireless Communication and Networking Laboratory
Faculty: Prof. Aylin Yener, [email protected]
URL: http://wcan.ee.psu.edu
Fundamental research on wireless communication network design
Areas: Energy Harvesting Wireless Networks, Quality-aware
networking, Information Theoretic Security, Interference Networks
Support
• National Science Foundation (NSF)
• Army Research Laboratory, Network Science CTA
10 Members:
1 PostDoc, 7 PhD students, 1 Visiting Prof
Collaborators from the following:
Penn State (NSRC), UMD, UC Berkeley,
Rutgers, USC, UIUC, BBN-Raytheon
Penn State, 4-26-12
6
Scope
Networking and communications: enables ubiquitous connectivity
– Internet and telecommunications, ad hoc and sensor networks
– Information dissemination and quality of information
– Wireless networking, communication and information theory
– Supported by NSF CISE; DoD (ARL, DTRA), industry
Systems and network security: enables secure end-to-end information flow
– Secure platforms, programming languages, distributed systems, privacy, cryptography,
monitoring, security management and architecture, design for security
– Internet, telecommunication and military networks
– Supported by NSF CISE; DoD (AFOSR, ARL), industry
Societal, business, and legal implications: enables impact on policy and deployment
– Privacy, regulation, censorship
– Financial and economic concerns, applications
– Applications and impact considered along with technical designs
Penn State, 4-26-12
7
The Network Science Collaborative
Technology Alliance (CTA)
A Flagship Program for US-ARL and CERDEC
Perform foundational, cross-cutting research on network science
leading to:
– A fundamental understanding of the interplay and common underlying
science among social/cognitive, information, and communications networks
– Determination of how processes and parameters in one network affect and
are affected by those in other networks
– Prediction and control of the individual and composite behavior of these
complex interacting networks
Resulting in:
– Optimized human performance in network-enabled warfare
– Greatly enhanced speed and precision for complex military operations
$~160M for 10 years
Penn State, 4-26-12
8
Network Science CTA
Interdisciplinary Research Center (IRC) – led by BBN
• Ensure research directions of the three ARCs is focused on
fundamental network science issues that are military
relevant and achievable; perform basic research
Information Networks Academic Research Center (INARC) UIUC
• To develop theories, experiments, measurements and
metrics, and ultimately predictive models that will
anticipate the behavior of information networks
Social and Cognitive Networks ARC (SCNARC) - RPI
• To develop theory, measures and understanding of social
and cognitive networks as applicable to both individual and
organizational decision making of networked information
systems
Two cross-cutting research thrusts
• Evolution and Dynamics of Integrated Networks (EDIN)
• TRUST in distributed decision making environments
Penn State, 4-26-12
9
CNARC Vision
Develop foundational techniques to model, analyze, predict and control the
behavior of secure tactical communication networks as an enabler for information
and command-and-control networks
Network is an information source
– Understand and optimize operational information content capacity
Approach
– Understand information needs (context, purpose)
– Understand impact of network on information
Members
– Penn State (Prime) – La Porta (Director), Cao, Yener and Zhu
– USC, UC Davis, UC Santa Cruz, CUNY (General Members)
– Stanford, NC State, UC Riverside (Subs)
$35M for 10 years
Penn State, 4-26-12
10
Quality of Information: Research Problem
Understand how to control network behaviors so that the capacity of the
network to deliver relevant information can be maximized
– A formal definition of QoI is needed that considers intrinsic, contextual, and
semantic attributes
– A unifying theory for QoI-aware inferencing & fusion is required to get most
efficiently delivered QoI
– Methods to semantically-extract context & purpose of information requested is
a key gap
– Translation of QoI into quality of data necessary to inform control algorithms
Penn State, 4-26-12
11
QoI Parameters from DoD
QoIinstrinsic
QoIcontextua
Metric
General
Definition
Image
Correctness
Closeness to
ground truth
Field of view, resolution
Freshness
Age
Capture time
Precision
Extent of detail
Resolution
Security
Protection of
information and
source
Provenance, authentication, integrity, nonrepudiation, confidentiality
Accuracy
Specificity
relative to need
Resolution, field Resolution,
of view
frame rate,
field of view
Timeliness
Availability
Delivery latency
Completeness
Total relevance to
ground truth
Field of view
Credibility
Extent believable
Trust in information
l
Penn State, 4-26-12
Video
Resolution
Frame rate
Field of view,
frame rate
Text
Truthfulness
of report
Detail of
description
Ability of
reporter
Breadth of
description
12
Long Term Vision
(via a simple example)
To understand how to control network behaviors so that networks can adapt
to provide required information to answer questions like:
Is a small scale operation imminent?
Prior knowledge:
(i)
Bob and Alice are always together;
(ii)
Jim and Bob are often together when operations are imminent;
(iii) We have very little information about Jim’s whereabouts
 Leverage social networks & inferences (information) to guide query
Inferences & possible solutions to question:
(i)
Find Alice or Bob and we will find Bob
(ii)
Once we find Bob, look there for Jim (we do not care where Jim is if he is not with Bob)
 Use semantics to reduce QoI needs (and reduce cognitive load)
Selection & transfer of information
(i)
Determine suitable modes (text message from informant, video, image)
(ii)
Determine required QoI (accuracy, timeliness and freshness are important, precision is not note the or in finding Bob or Alice)
(iii) Map QoI to quality of data for different sources and set network controls
 Use information-data characteristics & communication characteristics
to properly retrieve data
Penn State, 4-26-12
13
Examples with an Image
Are there more than 100,000 people in
Beaver Stadium?
How many guards are near the picnic
table?
Zoom of
1.4MB file
File = 1.4MB
17KB when
cropped
Zoom of
160KB file
File = 160KB
In both cases the answer is Yes and is
accurate within required precision
Penn State, 4-26-12
4KB when
cropped
• Correct answer is 4  in this case, second
image does not provide equal precision
• Cropping in this case does not reduce
completeness, accuracy, or precision, but
14
will improve timeliness
QoI Example: Optical Character Recognition
Application accuracy vs. compression and data
accuracy
Compression
– shows sensitivity to application accuracy if timeliness is required (amount of data)
Error rates
– shows sensitivity to application accuracy and impact of forward error correction
Penn State, 4-26-12
15
15
QoI
QoI
OCR Results: Piece-wise Timeliness (QoI = A x T)
BER = 0.001
BER = 0.01
Compression quality
Compression quality
Error correction is required
– for high bit error rates, no error control achieves a low QoI
Error correction overhead matters
– as error correction overhead increases, more compression is needed
Conclusion
– In this example, Reed-Solomon (255,223) with Q=30 achieves highest QoI
Penn State, 4-26-12
16
16
How to use QoI
Single flow
– given network state, determine maximum QoI and settings to achieve it
– given a minimum required QoI, determine if attainable, and settings to achieve it
Max QoI
Data required to reach QoI
Required
QoI
Multiple flows
– given a set of QoI requirements determine surfaces and settings
– determine minimum resources required to meet requirements
– maximize total amount of information meeting QoI requirements being transferred
across the network
We call this Operational Information Content Capacity
Penn State, 4-26-12
17
17
Generalizing the OICC
(with USC, Raytheon BBN)
OICC provides fundamentally different insights than Shannon metrics
Sum-OICC defines the total maximum achievable performance of the network which is
a function of QoI (e.g., accuracy (a), delivery time (d), and reliable rate (r))
Q(r,a,d) = max r åi=1Qi (ri ,ai ,di )
T

T
Subject to:
r r
i 1 i
Rate region
OICC Region
Penn State, 4-26-12
18
Symptotic Scalability
(led by BBN Raytheon)
Traffic 1
Traffic 2
Avail(W)
Framework captures a wide range of real world networks and estimates scalability
Residual(R)
Blocked(B)
Demand(D)
B2
D2
B1
D1
R = W – Σj (1 + ϒj) Lj (1 + Τj)
Contention
factor (CF)
Transit
factor (TF)
Symptotic scalability for “expandable” networks is when R transitions to < 0
– Expressions for symptotic scalability derived for a new scenario by simply finding
the new CF and TF (the “signature” of the scenario)
– Change Impact Value (CIV): a new metric to uniformly compute the relative
parameter impacts
– QRF: QoI to Rate function can measure impact of desired QoI on scalability
Penn State, 4-26-12
19
Example Quality-to-Rate Functions
(with BBN Raytheon, USC)
OCR
Rate (kbps)
Face Recognition
Rate (kbps)
QoI
QoI
QoI
Determine QRFs for individual applications
 high variability between applications
Motion Detection
Rate (kbps)
Combine into multi-application QRFs:
Penn State, 4-26-12
20
OICC: QoI and Symptotics
Consider multi-application QRF function
Scalbility
10 Mbps radios
5 Mbps radios
QoI
Impact of faster radios
– Small increase in # of nodes
Impact of flexible QoI
– Very large increase in # of nodes (orders of magnitude)
Penn State, 4-26-12
21
21
Remainder of Slides
Overview Research within NSRC
Biographies of Faculty Members
Penn State, 4-26-12
22
Research Areas: Network Management
Recovery from large scale faults
• Gather information from around failure
• Re-compute shortest paths
Cao and La Porta (supported by US ARL ITA and DTRA)
– Discovering network topology
• Use of inferencing and virtual links to improve estimation of network metrics
– Diagnosing faults for services in dynamic networks
• Applying network tomography and service layer dependencies to diagnose faults and
degradation
– Recovery from large scale failures
• Two-phase re-routing using fast, targeted information discovery
Penn State, 4-26-12
23
Research Areas: Mobile Wireless Networking
Max QoI
Different solutions deliver
different QoI
Required
QoI
Ave resource savings for
different required QoI
Cao, La Porta and Yener
– QoI-Aware networking (US ARL, Harris) - Demo
• Defining QoI functions to allow tradeoffs between information metrics
• Implementation on smart phones to allow for distributed information gathering
– Accommodating channel variations (US ARL)
• QoI-Aware scheduling to maximize QoI
• Distributed backpressure routing protocols to tradeoff transmission rates and delays
– Energy harvesting sensor networks (NSF)
• Algorithms for sensor allocation based on expected utility, energy needs and harvesting
• Optimizing utility using water filling
Penn State, 4-26-12
24
Research Areas: Information Dissemination and
Social Networks
Social links
Predictable mobility
Cao, La Porta, Lee and Zhu
– Leveraging social networks (US ARL, NSF)
• Opportunistic dissemination in mobile networks based on social contact patterns
• Leverage social connections to find users infected by worms
• Rank popular items using conformer-maverick model
– Content distribution and the Cloud (Alcatel-Lucent)
• Placement of data in a storage cloud to minimize costs within performance constraints
– Semantic labeling of locations in social networks
• Overcome difficulty of placing locations in categories
Penn State, 4-26-12
25
Research Areas: Interference Management
Signals without
interference
management
With
interference
management
La Porta and Yener
– Hierarchical networks using femto and macro cells (ARO MURI, NSF)
• Optimal placement and power settings of femtocells to maximize capacity
• Perform interference alignment at femtocells under QoS constraints of macrocells
– Interference alignment for relay networks (NSF)
• Examine complex relay networks to eliminate need for full channel state information
Penn State, 4-26-12
26
Research Areas: Smartphone Security
Jaeger, La Porta, McDaniel and Zhu (supported by NSF)
– Android application security
• Convert Android bytecode to Java bytecode for analysis – studied over 1,100 apps
– Detection overload attacks in SMS
• Use SMS conversation statistics to detect abnormal flows for blocking
– Inferring inputs on touch screens
• Record motion on smartphone inputs to then infer passwords
Penn State, 4-26-12
27
Research Areas: Secure Programming
Determine security
sensitive objects
and variables
cdg2.pdf
Locate security
sensitive operations
Jaeger, McDaniel and Zhu
– Detecting software plagiarism (NSF)
• Determine run-time values that cannot be changed by changing code
– Locating vulnerabilities in programs (US ARL, NSF, HP Labs)
• Information flow: build flow graphs based on how components interact
• Name resolution: runtime analysis with models of active adversaries to verify proper
checks
• Automated hook placement in code to authorize resource access
Penn State, 4-26-12
28
Research Areas: Secure Systems
Integrity Verification Proxy in Cloud Node
Jaeger, McDaniel and Zhu (NSF)
– Control systems
• Explore dynamic attacks on programmable logic controllers
– Verification for services
• Cloud computing: overcome hidden details to provide cloud system integrity
• Use watermarking to verify worker correctness in MapReduce environments
– Crypto-currency
• Study of use of decentralized P2P currency (Bitcoin) has shown several anomalies
Penn State, 4-26-12
29
Members
Faculty
Raj Acharya
Department/College
Computer Science and
Engineering (CSE)/College
of Engineering (COE)
Guohong Cao
CSE/COE
Chita Das
CSE/COE
Sean Hallgren
CSE/COE
Trent Jaeger
CSE/COE
Thomas La Porta CSE&EE/COE
Wang-Chien Lee CSE/COE
Patrick McDaniel CSE/COE
John Metzner
CSE & EE/COE
Adam Smith
CSE/COE
Aylin Yener
EE/COE
Sencun Zhu
CSE/COE and IST
Eileen Kane
Dickinson Law School
Jun Shu
Smeal College of Business
Russell Barton
Smeal College of Business
Akhil Kumar
Smeal College of Business
Susan Xu
Smeal College of Business
Allan Sonsteby
ARL
Chris Griffin
ARL
Gerry Michaud
ARL
Phil La Plante
Great Valley
Colin Neill
Great Valley
Raghu Sangwan Great Valley
Penn State, 4-26-12
Expertise
QoS
Mobility, Distributed systems
Network performance
Theory, Cryptography
Secure operating systems
Mobility, Telecommunications
Pervasive computing
Network Security
Reliable data communication
Cryptography
Wireless communications
Network Security
Internet Law, Policy
Supply chain, business
Supply chain, business
Supply chain, business
Supply chain, business
Networking and Comm
Decision making
Networking and Comm
Systems, Security
Systems, Security
Systems, Security
30
Remainder of the day…
Dinner – 5:30 at The Tavern
Tomorrow
IST Building, Room 222 - 8:30
–Faculty talks and wrap-up
Penn State, 4-26-12
31
Tom La Porta – Distinguished Professor, CSE
Education
–
PhD, Columbia University, Electrical Engineering
Background
–
Director of Mobile Networking Research at Bell Labs until 2002
Professional Activities
–
Member, Board of Governors, IEEE Communications Society, 2007-2009
–
Director of Magazines, IEEE Communications Society, 2006-2007
–
Past Editor-in-Chief, IEEE Applications and Practice Magazine
–
Founding Editor-in-Chief, IEEE Transactions on Mobile Computing, 2001-2004
–
Past Editor-in-Chief, IEEE Personal Communications
–
General Co-Chair, IEEE ICNP 2011
–
Program Co-Chair, IEEE SECON 2010
–
General Chair, IEEE MASS, 2008
–
Program Chair, IEEE Percom, 2007
–
General Co-Chair, Mobiquitous, 2006
–
General Co-Chair: ACM Mobicom 2005
Awards
–
–
–
–
–
Expertise
–
Bell Labs Fellow
IEEE Fellow
Thomas Alva Edison Patent Award 2007, 2009
Bell Labs Distinguished Technical Staff Award
IEEE Computer Society Golden Core Member
Mobile networking, wireless networking, secure telecommunication network signaling and control, protocol design
Current Support
–
National Science Foundation
–
Army Research Lab/UK MoD, ITA Program (IBM Prime)
–
Army Research Lab NS-CTA Communications Network Center (lead)
–
ARO
–
DTRA
Penn State, 4-26-12
32
Tom La Porta – Projects
•
Sensor Information Processing
– Mission specific network configuration and data collection
– Data dissemination
– Quality of information
•
Mobile Telecommunication Networks
– Combat (exploit) threats introduced by interfaces to IP networks
•
Resource control in ad hoc wireless networks
– Utility maximization
•
Node mobility for Robust Mission-Oriented Sensor Networks
– Deployment and relocation strategies for sensors
Penn State, 4-26-12
33
Guohong Cao – Professor, CSE
Education
– PhD, Ohio State University, Computer Science
Professional Activities
– Associate Editor, IEEE Transactions on Mobile Computing
– Associate Editor, IEEE Transactions on Wireless Communications
– Guest Editor, IEEE Wireless Communication, special issue on security and privacy in wireless networks, 2010
–
–
–
–
–
Awards
–
–
–
Program chair, IEEE International Symposium on Reliable Distributed Systems (SRDS), 2009
General Chair, Int’l Conf. on Mobile and Ubiquitous Systems (MobiQuitous), 2007
Program co-chair, IEEE Int'l Conf. on mobile ad hoc and sensor networks, 2010
Program co-chair, infocom, 2013 (area chair, 2008, 2010-2012)
Program committee of ACM MOBICOM, IEEE INFOCOM, ACM MOBIHOC, IEEE ICNP
Presidential Fellowship at the Ohio State University
NSF CAREER, 2001
IEEE Fellow, 2011
Expertise
–
Support
–
–
–
–
Mobile computing, wireless networks, sensor networks, wireless network security, distributed fault-tolerant
computing, resource management and data dissemination in mobile environments
NSF (ITR, CAREER, NeTs/NOSS, WN, CT, CNS)
Army Research Office
PDG/TTC
DoD/MURI
Penn State, 4-26-12
34
Guohong Cao – Projects
•
Collaborative Data Access in Mobile Peer-to-Peer Networks
– Improves performance in constrained environments through collaboration.
•
Controllable Node mobility for Mission-Oriented Sensor Networks
– Deployment and relocation strategies for sensors
•
Secure Wireless Sensor Networks
– Defend against node compromises; self-healing mechanisms for sensor networks
•
Data dissemination in vehicular ad hoc networks
– Reduce data access delay and exploit mobility pattern to assist data delivery.
•
A Data-Centric Framework for Target Tacking and Data Dissemination in Sensor
Networks
– New architecture for wireless sensor networks
•
Designing Efficient Resource Management Schemes to Support Integrated Services
in Mobile Computing Systems
– Consider both power issues and QoS issues
•
Efficient Power Aware Data Access in Pervasive Computing Environment
– Consider both single-hop and multi-hop models
Penn State, 4-26-12
35
Patrick McDaniel – Professor, CSE
Co-Director of the Systems and Internet Infrastructure Security Lab: http://siis.cse.psu.edu
Education
–
PhD, University of Michigan, Electrical Engineering and Computer Science
Professional Activities
–
–
–
–
–
–
–
–
–
–
Program Co-Chair, 2007 and 2008 IEEE Symposium on Security and Privacy, May 2007, May 2008.
Program Chair, 15th USENIX Security Symposium, August 2005.
Vice-Chair, Security and Privacy Track, 14th World Wide Web Conference (WWW), May 2005.
Program Chair, Industry Track, ACM Conference on Computer and Communications Security (CCS), November 2004, 2007.
Editor-in-Chief, ACM Transactions on Internet Technology (TOIT), April 2004-present.
Associate editor, ACM Transactions on Information and System Security (TISSEC), Summer 2007-present.
Associate editor, IEEE Transactions on Software Engineering (TSE), Spring 2007-present.
Associate editor, IEEE Transactions on Computers (TC), Spring 2007-present.
Area editor—secure systems, , IEEE Security and Privacy Magazine, Spring 2008-present.
Program Committee Member (2005): ESORICS, IEEE Symposium on Security and Privacy, ACSAC, ACNS, CCS, CSF, ICIS, ACM
EC, SACMAT, SNS, ACNS, USENIX Secuity,USENIX Technical, MobiComl, MobiSys many more
Expertise
–
Systems security, security policy, telecommunications security, network security, smart phone security, digital rights management,
digital content and public policy, network management, applied cryptography, privacy
Current Support
–
–
–
–
–
–
PI, Battelle BGP Security Study (Phase 1), Battelle, $94,400, 2/15/2012-9/30/2012, Collaborators: PSU (McDaniel).
co-PI, TC: Medium: Collaborative Research: Building Trustworthy Applications for Mobile Devices, NSF (CNS), $1,386,518 (PSU
award $350,000), 8/1/2011-7/31/2014, Collaborators: PSU (McDaniel), Wisconsin (Banerjee, Jha, Swift).
PI, Closing the Loop on Security Testing and Security Requirements, Security and Software Engineering Research Center, $31,000,
8/1/2011-7/31/2012.
PI, Smart Grid Cyber Security Research, Lockheed Martin, $250,000, 1/1/10-12/16/10.
PI, NSF HECURA: Collaborative Research: Secure Provenance in High-End Computing Systems, NSF (CCF), $1,000,000 (PSU
award $307,073), 08/1/09-8/31/13, Collaborators: PSU (McDaniel), UIUC (Winslett), Stonybrook (Sion, Zadok).
PI, TC: Medium: Collaborative Research: Security Services in Open Telecommunications Networks, NSF (CNS), $1,386,518 (PSU
award $594,941), 08/01/09-08/01/12, Collaborators: PSU (McDaniel, La Porta), UPenn (Blaze), Columbia (Schulzrinne).
Penn State, 4-26-12
36
Patrick McDaniel – Projects
•
A Study of Android Application Security
– Evaluating application security in online markets.
•
Multi-vendor Penetration Testing in the Advanced Metering Infrastructure
– Horizontal testing of smartgrid equipment
•
Secure Provenance in High-End Computing Systems
– Developing provenance applications for huge/distributed computational environments
•
Scalable Asynchronous Web Content Attestation
– Making integrity measurement services scale to commercial loads
•
On Attack Causality in Internet-Connected Cellular Networks
– Understanding and fixing evolving threats in cellular phone systems
•
Exploiting Asymmetry in Performance and Security Requirements for I/O in High-end
Computing
– Exploring performance/security tradeoffs in large-scale distributed storage
•
An Information-Flow Tracking System for Realtime Privacy Monitoring on
Smartphones
– Monitoring smartphone application uses of private data
Penn State, 4-26-12
37
Trent Jaeger – Associate Professor, CSE
Co-Director of the Systems and Internet Infrastructure Security (SIIS) Lab: http://siis.cse.psu.edu
Education
–
PhD, University of Michigan, Electrical Engineering and Computer Science
Professional Activities
–
–
–
–
–
–
–
Associate Editor, ACM Transactions on Internet Technologies (TOIT)
Guest editor, ACM Transactions on Information Systems Security (TISSEC)
Program Chair, ACM Computer Security Architectures Workshop (with ACM CCS), 2008
Program Chair, USENIX Workshop on Hot Topics in Security, 2007.
Program Chair, Industry Track, ACM Conference on Computer and Communications Security (CCS), 2002.
Program Committee Member: IEEE Security and Privacy, USENIX Security, EuroSys, ESORICS, CCS, ACSAC, NDSS,
WWW (security), many more
Active participant in the Linux security community, including the development of open source code (kernel and systems
applications)
Expertise
–
Host security, operating systems, trusted computing, cloud computing, system integrity, source code analysis
Current Support
–
PI, Air Force Office of Sponsored Research (AFOSR), Information Flow Integrity for Systems of Independently-Developed
Components, April 2012-March 2015, $729,466
–
PI, National Science Foundation (NSF), CNS-1117692, Towards Customer-Centric Utility Computing, September 2011August 2014, $488,000
–
PI, Army Research Lab (ARL), Automating Intrusion Monitor Placement for Defensive Mediation in Attack Graphs,
October 2011-September 2012, $195,000
–
PI, Hewlett-Packard Labs, Towards Mostly-Automatic, System-Wide Integrity Policy Generation, July 2011-June 2012,
Innovation Research Program, $75,000
–
PI, National Science Foundation, CNS-0905343, Techniques to Retrofit Legacy Code for Security, September 2009September 2013, $1,200,000
–
Co-PI, National Science Foundation, CNS-0931914, Establishing Integrity in Dynamic Networks of Cyber Physical
Devices, September 2009-September 2013, $600,000
Penn State, 4-26-12
38
Trent Jaeger – Projects
•
Cloud System Security
–
•
Program Security
–
•
Develop usable and efficient hardware-based integrity measurement mechanisms with the aim of
reducing power cost by eliminating unnecessary measurements.
Automated Security Policy Generation
–
•
Develop source code analysis approaches and tools to (mostly) automate the addition of security
code (e.g., authorization) to legacy applications (in Java and C).
Hardware-based Integrity Measurement
–
•
Process Firewall is an efficient mechanism to mediate the system call interface to enforce
invariants for protecting processes from attacks in obtaining resources from the system.
Retrofitting Security into Legacy Code
–
•
Detect program vulnerabilities to name resolution attacks where an adversary can redirect a victim
program to files of the adversary’s choice. 21 previously-unknown vulnerabilities found so far.
Operating Systems Security
–
•
Monitor comprehensive integrity of cloud hosts and guest instances in OpenStack cloud system
essentially for free (after some initial setup).
Develop a method to generate policies that approximate Clark-Wilson integrity by computing the
minimal mediation necessary to achieve information flow integrity.
Intrusion Monitoring
–
Find minimal intrusion monitor placements in networks as graph cuts of network flows.
Penn State, 4-26-12
39
Adam Smith – Associate Professor, CSE
Member, Algorithms and Complexity, Systems and Internet Infrastructure Security (SIIS) groups
Education
– PhD, M.I.T., Electrical Engineering and Computer Science
Professional Activities
–
–
–
Associate Editor, IEEE Transactions on Information Theory and Journal of Privacy and
Confidentiality
Program Committee Member: Crypto, WWW, ACM Electronic Commerce, Theory of
Cryptography, RSA - Cryptographer’s Track, SODA, FOCS, …
Program Chair: ICITS 2012
Expertise
– Cryptography, privacy in statistical databases, quantum computing, information theory
Awards
– Presidential Early Career Award for Scientists and Engineers (PECASE)
– NSF CAREER Award
– Microsoft Graduate Fellowship
Current Support
– PI, CAREER: Rigorous Foundations for Data Privacy, NSF, $400,000
– co-PI, CDI: Integrating Statistical and Computational Approaches to Privacy, NSF, $2,000,000
– co-PI, Quality-of Information-Aware Networks for Tactical Applications (QUANTA), ARL.
– Privacy Officer, Penn State Clinical and Translational Science Institute (CTSI), NIH.
Penn State, 4-26-12
40
Adam Smith – Projects
•
Privacy in Statistical Databases
– Conceptual tools for rigorous analysis
– Design of “robust” algorithms for machine learning and statistical estimation
– Attacks based on publicly available information sources
– Privacy in Financial Data
•
Cryptographic Protocols
– Secure Function Evaluation: efficient distribution of computation and secret data
among mutually untrusting network of participants
– Efficient public-key encryption with rigorous security analysis
•
Key Extraction from Biometrics and Other “Noisy” Secrets
– Generation of reliable and secret keys/passwords from biometric data
•
Quantum Information and Cryptography
– Understand and limit the use of quantum information processing to break deniability
and zero-knowledge in cryptographic protocols
Penn State, 4-26-12
41
Sencun Zhu – Associate Professor, CSE and IST
Education
– Ph.D. in Information Technology from George Mason University
(Aug. 2004)
Recent Professional activities
– Program Co-Chair: ACM SASN’06.
– TPC member: ACM WiSec’09, 10, 11, Oakland’10, NDSS’11…
– Treasurer: ACM CCS’07, ’08, ’09, ‘10, AsicCCS’10.
– Associate Editor: International Journal of Distributed Sensor Networks, ICST
Transactions on Security and Safety .
Research Interest
– Network and systems security
– Ad hoc and sensor network security
– Social network security and privacy
– Code security
Current Support
– NSF CAREER Award, ARL
Penn State, 4-26-12
42
Sencun Zhu – Current Projects
Security for Cellular Network
– Malware/Spyware detection
–Application permission analysis for smartphones
–Security mechanisms for mobile sensing
Online Social Network Security & Privacy
– Minor online safety and cyberbullying detection
– OSN worm detection
– Offensive language filtering
Trust management in MANET
– Trust revocation based on partial mutual suicide
– Trust propagation and aggregation with inconsistent information
Software Security
– Software plagiarism detection based on system call sequence/graph based
birthmarks
– Algorithm plagiarism detection
– Malicious javascript code detection
Penn State, 4-26-12
43
Sean Hallgren – Assistant Professor, CSE
Education
– Ph.D. in Computer Science, U.C. Berkeley
Professional Activities
– Editorial board, Theoretical Computer Science
Background
– Senior Research Scientist and head of Quantum Information Technology, NEC
Labs
– NSF Mathematical Sciences Postdoctoral Fellowship, Caltech Department of
Computer Science and the Institute for Quantum Information
Expertise
– Quantum computation, quantum algorithms
Support
– NSF (PECASE Award), ARO
Projects
– Algorithms for quantum computers
– Security of classical cryptosystems against quantum attacks
Penn State, 4-26-12
44
Aylin Yener – Professor, EE
Wireless Communications and Networking Laboratory: WCAN@PSU
Education
– PhD, Wireless Information Network Laboratory (WINLAB), Rutgers University
Selected Awards
– NSF CAREER Award, 2003
– DARPA ITMANET (Young Investigator), 2006
– PSEAS Outstanding Research Award, 2010
Selected Professional Activities
– Treasurer/ Board of Governors, IEEE Information Theory Society
– Editorial Advisory Board IEEE Wireless Communications
– Founder and General chair, Annual School of Information Theory 2008-2010
– Symposia Technical Program Chair: IEEE VTC 2012, PIMRC 2010, ICC 2009, ICC 2008 …
Research Areas
– Wireless Communications: Relay networks, MIMO, Femtocells; Green Communications: Energy
Harvesting Wireless Networks, Information Security, Content-aware wireless networking
Current Support
– NSF:
• CNS Cognition, Cooperation, Competition in Wireless Networks
• CNS Secure Capacity of Wireless Networks
• CIF Interactive Security
• CNS Rechargeable Networks
– ARL: Network Science CTA
Penn State, 4-26-12
45
Aylin Yener – Projects
•
Quality-aware networking
– Design principles for networks that are content-quality aware.
– Operational information content capacity of multi-genre (e.g. comm+social)
networks
•
Green Wireless Networks
– Design principles of wireless networks composed of energy harvesting
transmitters and receivers.
•
Multi-tier Cellular Networks
– Distributed interference management for Cooperative MIMO Femtocell
Networks
– Interference Alignment
•
Secure physical layer design for multiuser systems/wireless networks.
– Information theoretic security.
– Security for heterogeneous ad hoc networks.
•
Relay networks/Hybrid networks and cooperative communications
– Interference networks
– User cooperation strategies, multiuser relay networks.
– Multi-way relaying
Penn State, 4-26-12
46
Chita Das - Professor, CSE
Education
– Ph.D., University of Louisiana
Background
– IIT Kharagpur (India)
– Joined Penn State in 1986
Awards
– IEEE Fellow
– Best Paper Awards (ICPP, ICDCS, PRDC)
– CSE Dept Teaching Award
Expertise
– communication networks & communication mechanisms; resource management
(scheduling); QoS support in clusters and Internet; mobile computing; performance
evaluation; parallel distributed computer architectures; clusters; fault-tolerant
computing
Support
– NSF (scheduling, QoS, Infrastructure), Unisys (performance)
Penn State, 4-26-12
47
Chita Das - Projects
•
Dynamic Quarantine of Unresponsive TCP Flows
– Detect and isolate non-conforming TCP flows
•
Adaptive AQM Schemes for Internet and Wireless Networks
– Improve performance of Internet and limited wireless networks
•
QoS Provisioning in InfiniBand Architecture (IBA) for System Area Networks
– Design and analysis of IBA-style SANs
•
Scalable and Efficient Scheduling Techniques for Clusters
– Aims at developing practical scheduling techniques for large clusters
•
Performance Analysis with Commercial Workloads
– Analysis of TPC-C workloads
•
Design of Cluster-based Datacenters
– Design of 3-tier data centers on cluster platforms
•
Design and Analysis of System-on-Chip (SoC) Interconnects
– Design of on-chip interconnects considering area, power and reliability constraints
Penn State, 4-26-12
48
Wang-Chien Lee – Associate Professor, CSE
Education
– PhD, Ohio State University
Background
– 1996 - 2001, GTE/Version Research Laboratories, Inc.
– Research group: Pervasive Data Access Research Group (http://www.cse.psu.edu/pda)
Awards
– Excellence Award: GTE/Verizon Laboratories Incorporated (1997, 1999, 2000).
– Achievement Award: GTE/Verizon Laboratories Incorporated (1999).
Professional Activities
– Guest Editor, IEEE Transaction on Computer, IEEE Personal Communication Magazine, ACM
Mobile Networks and Applications (MONET), ACM Wireless Networks (WINET)
– PC/General Chair: Int’l Conf. on Mobile Data Access (1999); Int’l Workshop on Pervasive
Computing (2000); Int’l Workshop on Wireless Networks and Mobile Computing (2000/2001). Int’l
Workshop on Peer-to-Peer Information Management (2006); Int’l Conf. on Scalable Information
Systems (2007); Int’l Conf. on Mobile Data Management (2009); Int’l Conf. on Database Systems
and Advanced Applications (2011);
– Industrial Program Chair: International Conference on Mobile Data Management (2001-2002).
– Steering Committee: International Conference on Mobile Data Management
– TPC Member (2006): ICNP, ICDE, ICDCS, SAC, DASFAA, INFOSCALE, PERCOM
Expertise
– Pervasive Computing, Wireless Networks, Network Services, Data Management, TMN
Current & Past Support
– NSF, ARDA, GENUITY, RGC (Hong Kong)
Penn State, 4-26-12
49
Wang-Chien Lee - Projects
• Location-Based Information Access in Pervasive Computing
– Investigate new ways of indexing and caching spatial data in support of location based
services in pervasive computing environments.
• Semantic Small World: A Multi-Dimensional Overlay Network
– Design of a multi-dimensional overlay network, called semantic small world (SSW), that
facilitates efficient semantic based search in P2P systems.
– SSW is adaptive to distribution of data and locality of interest; is very resilient to failures; and
has great load balancing property.
•Location-Aware Wireless Sensor Networks
– Design of a suite of protocols, algorithms and services to provide energy-aware, time-efficient,
robust and scalable location-aware wireless sensor networks.
– Tackled research issues include communication collisions, communication voids, packet
losses, location errors, scalability, service latency and validity of services.
• Automata-Based XML Access Control for Networked Computing
– Design of a new XML access control mechanism, called QFILTER, for Internet-scale
networked information systems.
• Secure Wireless Data Broadcast
– Development of new air indexing and key management techniques to address the security
concerns in wireless data broadcast systems.
50
Penn State, 4-26-12
John Metzner - Professor, CSE and EE
Education
– Eng. Sc. D., New York University
Background
– Acting director of the Computer Engineering Program in Electrical Engineering (two years)
– Acting Dean, School of Engineering and Computer Science, Oakland University, Rochester
1974-1980
– Professor, Electrical Engineering, Wayne State University, Detroit, Michigan
– Associate Professor, Electrical Engineering New York University
– Associate Professor, Polytechnic Institute of New York
– Research Scientist, Electrical Engineering Department, New York University
Awards
– IEEE Fellow
– Fellowships: Link Aviation, National Science Foundation, David Sarnoff
– IEEE Computer Society Distinguished Speaker/Visitor
Expertise
– ARQ protocols for reliable and efficient data communication, methods for efficient comparison of
remote replicated data files, efficient reliable and secure multicasting, improved utilization of
ALOHA in multi-access, error correction techniques, efficient use of wireless network resources
Support
– Many previous grants from NSF
Penn State, 4-26-12
51
John Metzner - Projects
•
Vector and packet symbol decoding
– Discovered a new packet-symbol decoding method for reliable communication despite errors,
deletions, out-of order packet receptions, no sequence numbers and no per-packet error
detection. Working on extending idea to very long codes, convolutional codes.
– Method discovered for enhanced and simpler burst error correction of vector symbol codes.
– Applications to multi-reception code combining with vector symbol codes
•
Reliable multicasting
– Efficient methods of gathering acknowledgments with a tree topology and a virtual ring
– Improved efficiency by cooperation of local network stations Ultra wideband or light traffic
ALOHA
– Increased value of hop-by-hop versus end-to-end error control in multicasting.
•
Multi-user networks
– Improved efficiency by cooperation of local network stations Ultra wideband or light traffic
ALOHA
– Reliable communication from a mobile to a network of cooperating base stations or to other
stations in an Ad Hoc network for minimal interference and energy utilization.
– Window controls and acknowledgment protocols for efficient multi-path wireless routing to a base
station or multi-base network.
•
Secure Reliable Multicasting (SAM)
– Simple acknowledgment and key changing for combined secure and reliable multicast in
moderate size groups
Penn State, 4-26-12
52
Raj Acharya – Head and Professor, CSE
Education
– PhD, University of Minnesota, Mayo Graduate School of Medicine
Background
– Research Scientist, Mayo Clinic
– Research Scientist, GE (Thomson)
– Faculty Fellow, Night Vision Laboratory, Fort Belvoir, Washington, D.C.
– NASA-ASEE Faculty Fellow, Johnson Space Center, Houston, TX
– Director, Advanced Laboratory for Information Systems and Analysis
Professional Activities
– General Chair, SPIE International Conference on Physiology and Function from Multidimensional
Images
– Co-Chair, IEEE Workshop on Biomedical Image Analysis
– General Chair, SPIE Conference on Biomedical Image Processing
– Associate Editor, International Journal of Computerized Medical Imaging and Graphics
Expertise
– Net-centric computing, resource management for ad hoc networks, information fusion,
bioinformatics, data mining
Support
– NSF ITR
Penn State, 4-26-12
53
Allan Sonsteby – Associate Director
Applied Research Laboratory
Education
–
PhD, The Pennsylvania State University, Electrical Engineering
Background
–
Industry, Government, and Academia
Professional Activities
–
Futures panel for Undersecretary of Defense for Intelligence
–
Chairman, NATO SCI-106 (U. S. Representative) – 2000 – 2003
–
Chairman, NATO SCI-030 (U. S. Representative) – 1997 – 1999
–
Member, Institute of Electrical and Electronics Engineers (IEEE)
–
Member, U. S. Government Low Probability of Intercept Communications Committee
–
Member, Eta Kappa Nu (EE Honor Society)
–
U. S. Representative to NATO Research Study Group-106 “Vulnerabilities of Mobile Tactical Communication Systems”
–
U. S. Representative to NATO Research Study Group-030 “Communications-EW Control and Coordination”
–
Eta Kappa Nu
–
GTE Corporation Graduate Fellowship Recipient
Awards
Expertise
–
Signal processing, Geolocation/Target tracking
Support
–
Manages approximately $42M annually of research sponsored by Government and Industry
Penn State, 4-26-12
54
Christopher Griffin, Research Associate, ARL/PSU
Education
– PhD, Penn State University, Operations Research
Background
– Staff scientists Oak Ridge National Laboratory
– Seven years as staff engineer Penn State Applied Research Laboratory
Awards
– Wigner Fellow (Oak Ridge National Laboratory)
Expertise
– Data fusion, control theory, social network analysis
Support
– Office of Naval Research
– Intelligence Advanced Research Projects Agency
– U.S. Government
– Oak Ridge National Laboratory Internal Research and Development
Penn State, 4-26-12
55
Christopher Griffin-Projects
•
Learning and Prediction for Enhanced Readiness and Decision Making (LEPERD)
– Apply non-linear hybrid statistical methods to the problem of track learning and
anomaly detection.
– Test results on live data sets provided by sponsor and scrapped from the open source.
•
Combined Hierarchical Environment for Tracking Anomalies with Hybrid Statistics
(CHEETAH)
– Enhance work done in LEPERD to use categorical data of the type found in ship
manifests.
– Create a prototype anomaly detection system and test at appropriate field location.
•
Deep Social Network Analysis
– Extend beyond classical social network analysis by integrating message internal data.
– Formalize social science theories in mathematical equations and algorithms and apply
them to detecting patterns within human networks.
Penn State, 4-26-12
56
Jun Shu – Assistant Professor, SC&IS, Smeal
Education
– PhD, University of California at Berkeley, Industrial Engineering and Operations Research
Professional Activities
– Program co-Chair, INFORMS TELECOM National Conference, 2005
– Program co-chair, INFORMS National Conference E-Business Section, 2006
Grants
–
–
–
IBM Research Grant 2004
Smeal Research Grants 2005-2008
NSF Grant 2007
Expertise
–
Network Management and Pricing
–
Supply Chain Management
–
Management of Information Systems
–
Game Theory
Industry Experience
– MCI
– Cisco
– Rockwell Semiconductor
Penn State, 4-26-12
57
Jun Shu – Research Projects
•
Piecemeal Hybrid P2P Networks for Large Scale Content Distribution
– How to deliver 30,000 TV Channels with excellent quality to customers and scalable
infrastructure requirement to providers?
•
Supply Chain Execution Control via Individualized Trace Data
– How to manage an execution process over networks with large volumes of real-time
trace data?
•
Service Family Design
– How to design and provision services like we do in product family design?
•
Compatibility Standards through Collaboration
– How to decide which standards to invest in at the early stage of a technology
adoption?
Penn State, 4-26-12
58
Phil Laplante–Professor, Software Engineering
Education
– PhD (Computer Science), Stevens Institute of Technology
Background
– Software Engineer, Singer-Kearfott Navigation Systems
– Member, Technical Staff, Bell Labs Software Quality Assurance Center
– CTO, Eastern Technology Council
– Registered Professional Engineer (Pennsylvania)
– Certified Software Development Professional
Professional Activities
– Chair, Software Engineering Professional Licensure Exam Development Committee
– Administrative Committee, IEEE Reliability Society
– Editor (Software Engineering), ACM Computing Reviews
– Editorial Board, Advances in Software Engineering
– Associate Editor, IT Professional
Expertise
– Requirements Engineering, Software Testing, Software Project Management.
Support
– Analytical Graphics
– Primavera Software
Penn State, 4-26-12
59
Colin Neill – Associate Professor, Software Engineering
Education
– PhD, University of Wales, Software and Systems Engineering
Professional Activities
– Associate Editor-in-Chief, Innovations in Systems and Software Engineering: A NASA Journal
– Member, Advisory Board, International Journal of Advanced Manufacturing Technology.
– General Chair, ASQ National Quality Month Symposium on Software and Systems Quality, 2007
– Program committee of ICECCS 2006, NASA/IEEE SEW 2002-2007.
Expertise
–
Software engineering; software architecture, requirements engineering, system quality, system
complexity
Previous Support
– British Aerospace, Systems & Equipment
– Rover Cars
– EPSRC, UK
Penn State, 4-26-12
60
Colin Neill – Projects
•
Driving Architectural Design from Business and Technical Goals
– Ensuring architectures embody systemic qualities reflecting both business and
technical goals
•
Agile and Distributed Software Development
– Hybrid processes that allow flexibility and agility without loss of comprehension in
global development
•
Strategic Refactoring and Design Repair
– Repairing legacy systems that have evolved and eroded.
•
Software Engineering Best Practices
– Monitoring and assessing the common and best practices employed in industry.
•
Analysis of Large and Ultra-Large Software Systems
– A methodology for measuring and monitoring software complexity that can be used to
effectively manage software systems so they do not become overly complex.
Penn State, 4-26-12
61
Raghu Sangwan– Associate Professor, Software Engineering
Education
– PhD, Temple University, Computer and Information Sciences
Professional Activities
– General Chair, Working IEEE/IFIP Conference on Software Architecture, 2011
– Program Committee, International Workshop on Requirements Engineering
Visualization, 2006 – 2009, IEEE International Conference on Global Software
Engineering, 2006 – 2009, Working IEEE/IFIP Conference on Software Architecture,
2006 – 2009, International Conference on the Quality of Software Architecture, 2008
– 2009
– Reviewer, IEEE Software, Journal of Software and Systems, Journal of Software
Process: Improvement and Practice, Computing Reviews.
Expertise
– Analysis, design, and development of large scale software-intensive systems, and
automatic and semi-automatic approaches to assessment of their quality and
complexity
Previous Support
– Siemens Corporate Research
– Software Engineering Institute, Carnegie Mellon University
Penn State, 4-26-12
62
Raghu Sangwan – Projects
•
Software architecture analysis and design
– Quality-based approaches to creating software-intensive systems
– Integrating quality-based approaches into mainstream software systems
design methodologies
•
Characterizing essential and incidental complexity
– Multidimensional approaches to studying structural complexity in softwareintensive systems
– Development methodologies and their influence on structural complexity of
software-intensive systems
•
Architecture drift and erosion
– Software evolutionary studies revealing system decay
– Strategies for preventing architecture drift and erosion leading to system
decay
Penn State, 4-26-12
63