Networking and Security Research Center http://nsrc.cse.psu.edu/ Mission: Enabling robust, high performance secure internetworked information systems Professor Thomas F. La Porta, Director Department of Computer Science and Engineering Penn State, 4-26-12 0 Networking and Security Research Center Networking, security and systems experts – 22 faculty – Approximately 60 students • Ph.D., M.S. and Schreyer Honors College Seniors • 3 Labs in addition to individual research groups Diverse Expertise – Wireless networking and communications – Software systems – All aspects of security: networking, protocols, systems, policies, cryptography Industrial partners, joint projects – Current: Cisco, IBM, Battelle, Alcatel-Lucent, Hewlett-Packard, Harris – Accipiter Systems, Boeing, Vocollect, Intel, Motorola, Narus, Raytheon, Sprint, Telcordia, Lockheed Martin – Ben Franklin Center of Excellence (2007-2009) Student placements: A-10 Networks, North Carolina State, Universidad de los Andes, Virginia Tech, Telcordia Penn State, 4-26-12 1 NSRC Accomplishments Research Results – ~100 refereed publications in 2011 Funding: Over $27M since 2005 (over $5.5M in 2011) – NSF: Trustworthy Computing (2), Networking, Communication and Information Foundations – Army Research Lab and UK Ministry of Defence (ITA Program) – Army Research Lab Network Science CTA – Army Research Lab (cybersecurity (2)) – Center for Disease Control – Air Force Office of Scientific Research – Industrial Funding: over $150K in 2011 (approximately $1.8M in 6 years) Selected Faculty Appointments in 2011 – EiC of ACM Transactions on Internet Technology – Executive committee of top IEEE sensor network and protocols conferences – General Chair of IEEE ICNP – Associate Editors on 8 publications Awards – AT&T Graduate Fellowship (2), Several travel grant awards Penn State, 4-26-12 2 Organizations: Members and Financial Support College of Engineering – Computer Science and Engineering, Electrical Engineering – Networking, communications, all aspects of security, data mining and privacy Applied Research Lab – Wireless technologies, networking, security, information fusion – Classified programs Smeal College of Business – Economic and financial analysis, monitoring, security management, and supply chain apps Dickinson Law School, School of International Affairs – Policy, legal implications, applications (voting, Internet privacy, etc.) Penn State Great Valley – Engineering Division, Software Engineering Research Group; ultra-large systems, design for security Also receive financial support from College of Information Science and Technology Penn State, 4-26-12 3 Systems and Internet Infrastructure Security Laboratory (SIIS Lab) Prof. Trent Jaeger (tjaeger@cse.psu.edu) Operating Systems and Cloud Security, Trustworthy Computing, Software Analysis for Security Prof. Patrick McDaniel (mcdaniel@cse.psu.edu) Network Security, Critical Infrastructure, Smart-Phone Security, Security Policy, Software Systems Prof. Adam Smith (asmith@cse.psu.edu) Cryptography, Applied Cryptography, Information Science, Theoretical Computer Science Funding: National Science Foundation ARO/AFRL/IARPA/AFOSR Battelle, AT&T, Samsung Raytheon, Telcordia, Lockheed IBM, HP, Intel National Institutes of Health Ongoing Projects: Systems and Cloud Security Secure Storage Systems Language Based Security Telecommunications Security Smart Grid Security Voting Systems Cryptography & Data Privacy Recent Awards: PECASE, PSES Outstanding Research Factoids: Established September 2004 -- Location - 344 IST Building -- Contact siislab@cse.psu.edu Penn State, 4-26-12 URL: http://siis.cse.psu.edu 4 Mobile Computing and Networking (MCN) Lab MCN lab conducts research in many areas of wireless networks and mobile computing, with an emphasis on designing and evaluating mobile systems, protocols, and applications. Projects – smartphones, in-network storage, wireless sensor networks, vehicular networks, wireless network security, resource management in wireless networks. Students: 10 PhD, 1 MS, and 1 honor BS student • Alumni: 11 PhD, including faculty members at Iowa State University, Florida International University, Frostburg State University, and students in Motorola, Cisco, Microsoft. • 12 MS students went to various companies Support: NSF (NeTS/NOSS, CT, WN, CNS), Army Research Lab, Army Research Office, DoD/muri, and companies such as Cisco, IBM and Narus Contact: Prof. Guohong Cao, gcao@cse.psu.edu URL: (http://mcn.cse.psu.edu/) Penn State, 4-26-12 5 Wireless Communication and Networking Laboratory Faculty: Prof. Aylin Yener, yener@ee.psu.edu URL: http://wcan.ee.psu.edu Fundamental research on wireless communication network design Areas: Energy Harvesting Wireless Networks, Quality-aware networking, Information Theoretic Security, Interference Networks Support • National Science Foundation (NSF) • Army Research Laboratory, Network Science CTA 10 Members: 1 PostDoc, 7 PhD students, 1 Visiting Prof Collaborators from the following: Penn State (NSRC), UMD, UC Berkeley, Rutgers, USC, UIUC, BBN-Raytheon Penn State, 4-26-12 6 Scope Networking and communications: enables ubiquitous connectivity – Internet and telecommunications, ad hoc and sensor networks – Information dissemination and quality of information – Wireless networking, communication and information theory – Supported by NSF CISE; DoD (ARL, DTRA), industry Systems and network security: enables secure end-to-end information flow – Secure platforms, programming languages, distributed systems, privacy, cryptography, monitoring, security management and architecture, design for security – Internet, telecommunication and military networks – Supported by NSF CISE; DoD (AFOSR, ARL), industry Societal, business, and legal implications: enables impact on policy and deployment – Privacy, regulation, censorship – Financial and economic concerns, applications – Applications and impact considered along with technical designs Penn State, 4-26-12 7 The Network Science Collaborative Technology Alliance (CTA) A Flagship Program for US-ARL and CERDEC Perform foundational, cross-cutting research on network science leading to: – A fundamental understanding of the interplay and common underlying science among social/cognitive, information, and communications networks – Determination of how processes and parameters in one network affect and are affected by those in other networks – Prediction and control of the individual and composite behavior of these complex interacting networks Resulting in: – Optimized human performance in network-enabled warfare – Greatly enhanced speed and precision for complex military operations $~160M for 10 years Penn State, 4-26-12 8 Network Science CTA Interdisciplinary Research Center (IRC) – led by BBN • Ensure research directions of the three ARCs is focused on fundamental network science issues that are military relevant and achievable; perform basic research Information Networks Academic Research Center (INARC) UIUC • To develop theories, experiments, measurements and metrics, and ultimately predictive models that will anticipate the behavior of information networks Social and Cognitive Networks ARC (SCNARC) - RPI • To develop theory, measures and understanding of social and cognitive networks as applicable to both individual and organizational decision making of networked information systems Two cross-cutting research thrusts • Evolution and Dynamics of Integrated Networks (EDIN) • TRUST in distributed decision making environments Penn State, 4-26-12 9 CNARC Vision Develop foundational techniques to model, analyze, predict and control the behavior of secure tactical communication networks as an enabler for information and command-and-control networks Network is an information source – Understand and optimize operational information content capacity Approach – Understand information needs (context, purpose) – Understand impact of network on information Members – Penn State (Prime) – La Porta (Director), Cao, Yener and Zhu – USC, UC Davis, UC Santa Cruz, CUNY (General Members) – Stanford, NC State, UC Riverside (Subs) $35M for 10 years Penn State, 4-26-12 10 Quality of Information: Research Problem Understand how to control network behaviors so that the capacity of the network to deliver relevant information can be maximized – A formal definition of QoI is needed that considers intrinsic, contextual, and semantic attributes – A unifying theory for QoI-aware inferencing & fusion is required to get most efficiently delivered QoI – Methods to semantically-extract context & purpose of information requested is a key gap – Translation of QoI into quality of data necessary to inform control algorithms Penn State, 4-26-12 11 QoI Parameters from DoD QoIinstrinsic QoIcontextua Metric General Definition Image Correctness Closeness to ground truth Field of view, resolution Freshness Age Capture time Precision Extent of detail Resolution Security Protection of information and source Provenance, authentication, integrity, nonrepudiation, confidentiality Accuracy Specificity relative to need Resolution, field Resolution, of view frame rate, field of view Timeliness Availability Delivery latency Completeness Total relevance to ground truth Field of view Credibility Extent believable Trust in information l Penn State, 4-26-12 Video Resolution Frame rate Field of view, frame rate Text Truthfulness of report Detail of description Ability of reporter Breadth of description 12 Long Term Vision (via a simple example) To understand how to control network behaviors so that networks can adapt to provide required information to answer questions like: Is a small scale operation imminent? Prior knowledge: (i) Bob and Alice are always together; (ii) Jim and Bob are often together when operations are imminent; (iii) We have very little information about Jim’s whereabouts Leverage social networks & inferences (information) to guide query Inferences & possible solutions to question: (i) Find Alice or Bob and we will find Bob (ii) Once we find Bob, look there for Jim (we do not care where Jim is if he is not with Bob) Use semantics to reduce QoI needs (and reduce cognitive load) Selection & transfer of information (i) Determine suitable modes (text message from informant, video, image) (ii) Determine required QoI (accuracy, timeliness and freshness are important, precision is not note the or in finding Bob or Alice) (iii) Map QoI to quality of data for different sources and set network controls Use information-data characteristics & communication characteristics to properly retrieve data Penn State, 4-26-12 13 Examples with an Image Are there more than 100,000 people in Beaver Stadium? How many guards are near the picnic table? Zoom of 1.4MB file File = 1.4MB 17KB when cropped Zoom of 160KB file File = 160KB In both cases the answer is Yes and is accurate within required precision Penn State, 4-26-12 4KB when cropped • Correct answer is 4 in this case, second image does not provide equal precision • Cropping in this case does not reduce completeness, accuracy, or precision, but 14 will improve timeliness QoI Example: Optical Character Recognition Application accuracy vs. compression and data accuracy Compression – shows sensitivity to application accuracy if timeliness is required (amount of data) Error rates – shows sensitivity to application accuracy and impact of forward error correction Penn State, 4-26-12 15 15 QoI QoI OCR Results: Piece-wise Timeliness (QoI = A x T) BER = 0.001 BER = 0.01 Compression quality Compression quality Error correction is required – for high bit error rates, no error control achieves a low QoI Error correction overhead matters – as error correction overhead increases, more compression is needed Conclusion – In this example, Reed-Solomon (255,223) with Q=30 achieves highest QoI Penn State, 4-26-12 16 16 How to use QoI Single flow – given network state, determine maximum QoI and settings to achieve it – given a minimum required QoI, determine if attainable, and settings to achieve it Max QoI Data required to reach QoI Required QoI Multiple flows – given a set of QoI requirements determine surfaces and settings – determine minimum resources required to meet requirements – maximize total amount of information meeting QoI requirements being transferred across the network We call this Operational Information Content Capacity Penn State, 4-26-12 17 17 Generalizing the OICC (with USC, Raytheon BBN) OICC provides fundamentally different insights than Shannon metrics Sum-OICC defines the total maximum achievable performance of the network which is a function of QoI (e.g., accuracy (a), delivery time (d), and reliable rate (r)) Q(r,a,d) = max r åi=1Qi (ri ,ai ,di ) T T Subject to: r r i 1 i Rate region OICC Region Penn State, 4-26-12 18 Symptotic Scalability (led by BBN Raytheon) Traffic 1 Traffic 2 Avail(W) Framework captures a wide range of real world networks and estimates scalability Residual(R) Blocked(B) Demand(D) B2 D2 B1 D1 R = W – Σj (1 + ϒj) Lj (1 + Τj) Contention factor (CF) Transit factor (TF) Symptotic scalability for “expandable” networks is when R transitions to < 0 – Expressions for symptotic scalability derived for a new scenario by simply finding the new CF and TF (the “signature” of the scenario) – Change Impact Value (CIV): a new metric to uniformly compute the relative parameter impacts – QRF: QoI to Rate function can measure impact of desired QoI on scalability Penn State, 4-26-12 19 Example Quality-to-Rate Functions (with BBN Raytheon, USC) OCR Rate (kbps) Face Recognition Rate (kbps) QoI QoI QoI Determine QRFs for individual applications high variability between applications Motion Detection Rate (kbps) Combine into multi-application QRFs: Penn State, 4-26-12 20 OICC: QoI and Symptotics Consider multi-application QRF function Scalbility 10 Mbps radios 5 Mbps radios QoI Impact of faster radios – Small increase in # of nodes Impact of flexible QoI – Very large increase in # of nodes (orders of magnitude) Penn State, 4-26-12 21 21 Remainder of Slides Overview Research within NSRC Biographies of Faculty Members Penn State, 4-26-12 22 Research Areas: Network Management Recovery from large scale faults • Gather information from around failure • Re-compute shortest paths Cao and La Porta (supported by US ARL ITA and DTRA) – Discovering network topology • Use of inferencing and virtual links to improve estimation of network metrics – Diagnosing faults for services in dynamic networks • Applying network tomography and service layer dependencies to diagnose faults and degradation – Recovery from large scale failures • Two-phase re-routing using fast, targeted information discovery Penn State, 4-26-12 23 Research Areas: Mobile Wireless Networking Max QoI Different solutions deliver different QoI Required QoI Ave resource savings for different required QoI Cao, La Porta and Yener – QoI-Aware networking (US ARL, Harris) - Demo • Defining QoI functions to allow tradeoffs between information metrics • Implementation on smart phones to allow for distributed information gathering – Accommodating channel variations (US ARL) • QoI-Aware scheduling to maximize QoI • Distributed backpressure routing protocols to tradeoff transmission rates and delays – Energy harvesting sensor networks (NSF) • Algorithms for sensor allocation based on expected utility, energy needs and harvesting • Optimizing utility using water filling Penn State, 4-26-12 24 Research Areas: Information Dissemination and Social Networks Social links Predictable mobility Cao, La Porta, Lee and Zhu – Leveraging social networks (US ARL, NSF) • Opportunistic dissemination in mobile networks based on social contact patterns • Leverage social connections to find users infected by worms • Rank popular items using conformer-maverick model – Content distribution and the Cloud (Alcatel-Lucent) • Placement of data in a storage cloud to minimize costs within performance constraints – Semantic labeling of locations in social networks • Overcome difficulty of placing locations in categories Penn State, 4-26-12 25 Research Areas: Interference Management Signals without interference management With interference management La Porta and Yener – Hierarchical networks using femto and macro cells (ARO MURI, NSF) • Optimal placement and power settings of femtocells to maximize capacity • Perform interference alignment at femtocells under QoS constraints of macrocells – Interference alignment for relay networks (NSF) • Examine complex relay networks to eliminate need for full channel state information Penn State, 4-26-12 26 Research Areas: Smartphone Security Jaeger, La Porta, McDaniel and Zhu (supported by NSF) – Android application security • Convert Android bytecode to Java bytecode for analysis – studied over 1,100 apps – Detection overload attacks in SMS • Use SMS conversation statistics to detect abnormal flows for blocking – Inferring inputs on touch screens • Record motion on smartphone inputs to then infer passwords Penn State, 4-26-12 27 Research Areas: Secure Programming Determine security sensitive objects and variables cdg2.pdf Locate security sensitive operations Jaeger, McDaniel and Zhu – Detecting software plagiarism (NSF) • Determine run-time values that cannot be changed by changing code – Locating vulnerabilities in programs (US ARL, NSF, HP Labs) • Information flow: build flow graphs based on how components interact • Name resolution: runtime analysis with models of active adversaries to verify proper checks • Automated hook placement in code to authorize resource access Penn State, 4-26-12 28 Research Areas: Secure Systems Integrity Verification Proxy in Cloud Node Jaeger, McDaniel and Zhu (NSF) – Control systems • Explore dynamic attacks on programmable logic controllers – Verification for services • Cloud computing: overcome hidden details to provide cloud system integrity • Use watermarking to verify worker correctness in MapReduce environments – Crypto-currency • Study of use of decentralized P2P currency (Bitcoin) has shown several anomalies Penn State, 4-26-12 29 Members Faculty Raj Acharya Department/College Computer Science and Engineering (CSE)/College of Engineering (COE) Guohong Cao CSE/COE Chita Das CSE/COE Sean Hallgren CSE/COE Trent Jaeger CSE/COE Thomas La Porta CSE&EE/COE Wang-Chien Lee CSE/COE Patrick McDaniel CSE/COE John Metzner CSE & EE/COE Adam Smith CSE/COE Aylin Yener EE/COE Sencun Zhu CSE/COE and IST Eileen Kane Dickinson Law School Jun Shu Smeal College of Business Russell Barton Smeal College of Business Akhil Kumar Smeal College of Business Susan Xu Smeal College of Business Allan Sonsteby ARL Chris Griffin ARL Gerry Michaud ARL Phil La Plante Great Valley Colin Neill Great Valley Raghu Sangwan Great Valley Penn State, 4-26-12 Expertise QoS Mobility, Distributed systems Network performance Theory, Cryptography Secure operating systems Mobility, Telecommunications Pervasive computing Network Security Reliable data communication Cryptography Wireless communications Network Security Internet Law, Policy Supply chain, business Supply chain, business Supply chain, business Supply chain, business Networking and Comm Decision making Networking and Comm Systems, Security Systems, Security Systems, Security 30 Remainder of the day… Dinner – 5:30 at The Tavern Tomorrow IST Building, Room 222 - 8:30 –Faculty talks and wrap-up Penn State, 4-26-12 31 Tom La Porta – Distinguished Professor, CSE Education – PhD, Columbia University, Electrical Engineering Background – Director of Mobile Networking Research at Bell Labs until 2002 Professional Activities – Member, Board of Governors, IEEE Communications Society, 2007-2009 – Director of Magazines, IEEE Communications Society, 2006-2007 – Past Editor-in-Chief, IEEE Applications and Practice Magazine – Founding Editor-in-Chief, IEEE Transactions on Mobile Computing, 2001-2004 – Past Editor-in-Chief, IEEE Personal Communications – General Co-Chair, IEEE ICNP 2011 – Program Co-Chair, IEEE SECON 2010 – General Chair, IEEE MASS, 2008 – Program Chair, IEEE Percom, 2007 – General Co-Chair, Mobiquitous, 2006 – General Co-Chair: ACM Mobicom 2005 Awards – – – – – Expertise – Bell Labs Fellow IEEE Fellow Thomas Alva Edison Patent Award 2007, 2009 Bell Labs Distinguished Technical Staff Award IEEE Computer Society Golden Core Member Mobile networking, wireless networking, secure telecommunication network signaling and control, protocol design Current Support – National Science Foundation – Army Research Lab/UK MoD, ITA Program (IBM Prime) – Army Research Lab NS-CTA Communications Network Center (lead) – ARO – DTRA Penn State, 4-26-12 32 Tom La Porta – Projects • Sensor Information Processing – Mission specific network configuration and data collection – Data dissemination – Quality of information • Mobile Telecommunication Networks – Combat (exploit) threats introduced by interfaces to IP networks • Resource control in ad hoc wireless networks – Utility maximization • Node mobility for Robust Mission-Oriented Sensor Networks – Deployment and relocation strategies for sensors Penn State, 4-26-12 33 Guohong Cao – Professor, CSE Education – PhD, Ohio State University, Computer Science Professional Activities – Associate Editor, IEEE Transactions on Mobile Computing – Associate Editor, IEEE Transactions on Wireless Communications – Guest Editor, IEEE Wireless Communication, special issue on security and privacy in wireless networks, 2010 – – – – – Awards – – – Program chair, IEEE International Symposium on Reliable Distributed Systems (SRDS), 2009 General Chair, Int’l Conf. on Mobile and Ubiquitous Systems (MobiQuitous), 2007 Program co-chair, IEEE Int'l Conf. on mobile ad hoc and sensor networks, 2010 Program co-chair, infocom, 2013 (area chair, 2008, 2010-2012) Program committee of ACM MOBICOM, IEEE INFOCOM, ACM MOBIHOC, IEEE ICNP Presidential Fellowship at the Ohio State University NSF CAREER, 2001 IEEE Fellow, 2011 Expertise – Support – – – – Mobile computing, wireless networks, sensor networks, wireless network security, distributed fault-tolerant computing, resource management and data dissemination in mobile environments NSF (ITR, CAREER, NeTs/NOSS, WN, CT, CNS) Army Research Office PDG/TTC DoD/MURI Penn State, 4-26-12 34 Guohong Cao – Projects • Collaborative Data Access in Mobile Peer-to-Peer Networks – Improves performance in constrained environments through collaboration. • Controllable Node mobility for Mission-Oriented Sensor Networks – Deployment and relocation strategies for sensors • Secure Wireless Sensor Networks – Defend against node compromises; self-healing mechanisms for sensor networks • Data dissemination in vehicular ad hoc networks – Reduce data access delay and exploit mobility pattern to assist data delivery. • A Data-Centric Framework for Target Tacking and Data Dissemination in Sensor Networks – New architecture for wireless sensor networks • Designing Efficient Resource Management Schemes to Support Integrated Services in Mobile Computing Systems – Consider both power issues and QoS issues • Efficient Power Aware Data Access in Pervasive Computing Environment – Consider both single-hop and multi-hop models Penn State, 4-26-12 35 Patrick McDaniel – Professor, CSE Co-Director of the Systems and Internet Infrastructure Security Lab: http://siis.cse.psu.edu Education – PhD, University of Michigan, Electrical Engineering and Computer Science Professional Activities – – – – – – – – – – Program Co-Chair, 2007 and 2008 IEEE Symposium on Security and Privacy, May 2007, May 2008. Program Chair, 15th USENIX Security Symposium, August 2005. Vice-Chair, Security and Privacy Track, 14th World Wide Web Conference (WWW), May 2005. Program Chair, Industry Track, ACM Conference on Computer and Communications Security (CCS), November 2004, 2007. Editor-in-Chief, ACM Transactions on Internet Technology (TOIT), April 2004-present. Associate editor, ACM Transactions on Information and System Security (TISSEC), Summer 2007-present. Associate editor, IEEE Transactions on Software Engineering (TSE), Spring 2007-present. Associate editor, IEEE Transactions on Computers (TC), Spring 2007-present. Area editor—secure systems, , IEEE Security and Privacy Magazine, Spring 2008-present. Program Committee Member (2005): ESORICS, IEEE Symposium on Security and Privacy, ACSAC, ACNS, CCS, CSF, ICIS, ACM EC, SACMAT, SNS, ACNS, USENIX Secuity,USENIX Technical, MobiComl, MobiSys many more Expertise – Systems security, security policy, telecommunications security, network security, smart phone security, digital rights management, digital content and public policy, network management, applied cryptography, privacy Current Support – – – – – – PI, Battelle BGP Security Study (Phase 1), Battelle, $94,400, 2/15/2012-9/30/2012, Collaborators: PSU (McDaniel). co-PI, TC: Medium: Collaborative Research: Building Trustworthy Applications for Mobile Devices, NSF (CNS), $1,386,518 (PSU award $350,000), 8/1/2011-7/31/2014, Collaborators: PSU (McDaniel), Wisconsin (Banerjee, Jha, Swift). PI, Closing the Loop on Security Testing and Security Requirements, Security and Software Engineering Research Center, $31,000, 8/1/2011-7/31/2012. PI, Smart Grid Cyber Security Research, Lockheed Martin, $250,000, 1/1/10-12/16/10. PI, NSF HECURA: Collaborative Research: Secure Provenance in High-End Computing Systems, NSF (CCF), $1,000,000 (PSU award $307,073), 08/1/09-8/31/13, Collaborators: PSU (McDaniel), UIUC (Winslett), Stonybrook (Sion, Zadok). PI, TC: Medium: Collaborative Research: Security Services in Open Telecommunications Networks, NSF (CNS), $1,386,518 (PSU award $594,941), 08/01/09-08/01/12, Collaborators: PSU (McDaniel, La Porta), UPenn (Blaze), Columbia (Schulzrinne). Penn State, 4-26-12 36 Patrick McDaniel – Projects • A Study of Android Application Security – Evaluating application security in online markets. • Multi-vendor Penetration Testing in the Advanced Metering Infrastructure – Horizontal testing of smartgrid equipment • Secure Provenance in High-End Computing Systems – Developing provenance applications for huge/distributed computational environments • Scalable Asynchronous Web Content Attestation – Making integrity measurement services scale to commercial loads • On Attack Causality in Internet-Connected Cellular Networks – Understanding and fixing evolving threats in cellular phone systems • Exploiting Asymmetry in Performance and Security Requirements for I/O in High-end Computing – Exploring performance/security tradeoffs in large-scale distributed storage • An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones – Monitoring smartphone application uses of private data Penn State, 4-26-12 37 Trent Jaeger – Associate Professor, CSE Co-Director of the Systems and Internet Infrastructure Security (SIIS) Lab: http://siis.cse.psu.edu Education – PhD, University of Michigan, Electrical Engineering and Computer Science Professional Activities – – – – – – – Associate Editor, ACM Transactions on Internet Technologies (TOIT) Guest editor, ACM Transactions on Information Systems Security (TISSEC) Program Chair, ACM Computer Security Architectures Workshop (with ACM CCS), 2008 Program Chair, USENIX Workshop on Hot Topics in Security, 2007. Program Chair, Industry Track, ACM Conference on Computer and Communications Security (CCS), 2002. Program Committee Member: IEEE Security and Privacy, USENIX Security, EuroSys, ESORICS, CCS, ACSAC, NDSS, WWW (security), many more Active participant in the Linux security community, including the development of open source code (kernel and systems applications) Expertise – Host security, operating systems, trusted computing, cloud computing, system integrity, source code analysis Current Support – PI, Air Force Office of Sponsored Research (AFOSR), Information Flow Integrity for Systems of Independently-Developed Components, April 2012-March 2015, $729,466 – PI, National Science Foundation (NSF), CNS-1117692, Towards Customer-Centric Utility Computing, September 2011August 2014, $488,000 – PI, Army Research Lab (ARL), Automating Intrusion Monitor Placement for Defensive Mediation in Attack Graphs, October 2011-September 2012, $195,000 – PI, Hewlett-Packard Labs, Towards Mostly-Automatic, System-Wide Integrity Policy Generation, July 2011-June 2012, Innovation Research Program, $75,000 – PI, National Science Foundation, CNS-0905343, Techniques to Retrofit Legacy Code for Security, September 2009September 2013, $1,200,000 – Co-PI, National Science Foundation, CNS-0931914, Establishing Integrity in Dynamic Networks of Cyber Physical Devices, September 2009-September 2013, $600,000 Penn State, 4-26-12 38 Trent Jaeger – Projects • Cloud System Security – • Program Security – • Develop usable and efficient hardware-based integrity measurement mechanisms with the aim of reducing power cost by eliminating unnecessary measurements. Automated Security Policy Generation – • Develop source code analysis approaches and tools to (mostly) automate the addition of security code (e.g., authorization) to legacy applications (in Java and C). Hardware-based Integrity Measurement – • Process Firewall is an efficient mechanism to mediate the system call interface to enforce invariants for protecting processes from attacks in obtaining resources from the system. Retrofitting Security into Legacy Code – • Detect program vulnerabilities to name resolution attacks where an adversary can redirect a victim program to files of the adversary’s choice. 21 previously-unknown vulnerabilities found so far. Operating Systems Security – • Monitor comprehensive integrity of cloud hosts and guest instances in OpenStack cloud system essentially for free (after some initial setup). Develop a method to generate policies that approximate Clark-Wilson integrity by computing the minimal mediation necessary to achieve information flow integrity. Intrusion Monitoring – Find minimal intrusion monitor placements in networks as graph cuts of network flows. Penn State, 4-26-12 39 Adam Smith – Associate Professor, CSE Member, Algorithms and Complexity, Systems and Internet Infrastructure Security (SIIS) groups Education – PhD, M.I.T., Electrical Engineering and Computer Science Professional Activities – – – Associate Editor, IEEE Transactions on Information Theory and Journal of Privacy and Confidentiality Program Committee Member: Crypto, WWW, ACM Electronic Commerce, Theory of Cryptography, RSA - Cryptographer’s Track, SODA, FOCS, … Program Chair: ICITS 2012 Expertise – Cryptography, privacy in statistical databases, quantum computing, information theory Awards – Presidential Early Career Award for Scientists and Engineers (PECASE) – NSF CAREER Award – Microsoft Graduate Fellowship Current Support – PI, CAREER: Rigorous Foundations for Data Privacy, NSF, $400,000 – co-PI, CDI: Integrating Statistical and Computational Approaches to Privacy, NSF, $2,000,000 – co-PI, Quality-of Information-Aware Networks for Tactical Applications (QUANTA), ARL. – Privacy Officer, Penn State Clinical and Translational Science Institute (CTSI), NIH. Penn State, 4-26-12 40 Adam Smith – Projects • Privacy in Statistical Databases – Conceptual tools for rigorous analysis – Design of “robust” algorithms for machine learning and statistical estimation – Attacks based on publicly available information sources – Privacy in Financial Data • Cryptographic Protocols – Secure Function Evaluation: efficient distribution of computation and secret data among mutually untrusting network of participants – Efficient public-key encryption with rigorous security analysis • Key Extraction from Biometrics and Other “Noisy” Secrets – Generation of reliable and secret keys/passwords from biometric data • Quantum Information and Cryptography – Understand and limit the use of quantum information processing to break deniability and zero-knowledge in cryptographic protocols Penn State, 4-26-12 41 Sencun Zhu – Associate Professor, CSE and IST Education – Ph.D. in Information Technology from George Mason University (Aug. 2004) Recent Professional activities – Program Co-Chair: ACM SASN’06. – TPC member: ACM WiSec’09, 10, 11, Oakland’10, NDSS’11… – Treasurer: ACM CCS’07, ’08, ’09, ‘10, AsicCCS’10. – Associate Editor: International Journal of Distributed Sensor Networks, ICST Transactions on Security and Safety . Research Interest – Network and systems security – Ad hoc and sensor network security – Social network security and privacy – Code security Current Support – NSF CAREER Award, ARL Penn State, 4-26-12 42 Sencun Zhu – Current Projects Security for Cellular Network – Malware/Spyware detection –Application permission analysis for smartphones –Security mechanisms for mobile sensing Online Social Network Security & Privacy – Minor online safety and cyberbullying detection – OSN worm detection – Offensive language filtering Trust management in MANET – Trust revocation based on partial mutual suicide – Trust propagation and aggregation with inconsistent information Software Security – Software plagiarism detection based on system call sequence/graph based birthmarks – Algorithm plagiarism detection – Malicious javascript code detection Penn State, 4-26-12 43 Sean Hallgren – Assistant Professor, CSE Education – Ph.D. in Computer Science, U.C. Berkeley Professional Activities – Editorial board, Theoretical Computer Science Background – Senior Research Scientist and head of Quantum Information Technology, NEC Labs – NSF Mathematical Sciences Postdoctoral Fellowship, Caltech Department of Computer Science and the Institute for Quantum Information Expertise – Quantum computation, quantum algorithms Support – NSF (PECASE Award), ARO Projects – Algorithms for quantum computers – Security of classical cryptosystems against quantum attacks Penn State, 4-26-12 44 Aylin Yener – Professor, EE Wireless Communications and Networking Laboratory: WCAN@PSU Education – PhD, Wireless Information Network Laboratory (WINLAB), Rutgers University Selected Awards – NSF CAREER Award, 2003 – DARPA ITMANET (Young Investigator), 2006 – PSEAS Outstanding Research Award, 2010 Selected Professional Activities – Treasurer/ Board of Governors, IEEE Information Theory Society – Editorial Advisory Board IEEE Wireless Communications – Founder and General chair, Annual School of Information Theory 2008-2010 – Symposia Technical Program Chair: IEEE VTC 2012, PIMRC 2010, ICC 2009, ICC 2008 … Research Areas – Wireless Communications: Relay networks, MIMO, Femtocells; Green Communications: Energy Harvesting Wireless Networks, Information Security, Content-aware wireless networking Current Support – NSF: • CNS Cognition, Cooperation, Competition in Wireless Networks • CNS Secure Capacity of Wireless Networks • CIF Interactive Security • CNS Rechargeable Networks – ARL: Network Science CTA Penn State, 4-26-12 45 Aylin Yener – Projects • Quality-aware networking – Design principles for networks that are content-quality aware. – Operational information content capacity of multi-genre (e.g. comm+social) networks • Green Wireless Networks – Design principles of wireless networks composed of energy harvesting transmitters and receivers. • Multi-tier Cellular Networks – Distributed interference management for Cooperative MIMO Femtocell Networks – Interference Alignment • Secure physical layer design for multiuser systems/wireless networks. – Information theoretic security. – Security for heterogeneous ad hoc networks. • Relay networks/Hybrid networks and cooperative communications – Interference networks – User cooperation strategies, multiuser relay networks. – Multi-way relaying Penn State, 4-26-12 46 Chita Das - Professor, CSE Education – Ph.D., University of Louisiana Background – IIT Kharagpur (India) – Joined Penn State in 1986 Awards – IEEE Fellow – Best Paper Awards (ICPP, ICDCS, PRDC) – CSE Dept Teaching Award Expertise – communication networks & communication mechanisms; resource management (scheduling); QoS support in clusters and Internet; mobile computing; performance evaluation; parallel distributed computer architectures; clusters; fault-tolerant computing Support – NSF (scheduling, QoS, Infrastructure), Unisys (performance) Penn State, 4-26-12 47 Chita Das - Projects • Dynamic Quarantine of Unresponsive TCP Flows – Detect and isolate non-conforming TCP flows • Adaptive AQM Schemes for Internet and Wireless Networks – Improve performance of Internet and limited wireless networks • QoS Provisioning in InfiniBand Architecture (IBA) for System Area Networks – Design and analysis of IBA-style SANs • Scalable and Efficient Scheduling Techniques for Clusters – Aims at developing practical scheduling techniques for large clusters • Performance Analysis with Commercial Workloads – Analysis of TPC-C workloads • Design of Cluster-based Datacenters – Design of 3-tier data centers on cluster platforms • Design and Analysis of System-on-Chip (SoC) Interconnects – Design of on-chip interconnects considering area, power and reliability constraints Penn State, 4-26-12 48 Wang-Chien Lee – Associate Professor, CSE Education – PhD, Ohio State University Background – 1996 - 2001, GTE/Version Research Laboratories, Inc. – Research group: Pervasive Data Access Research Group (http://www.cse.psu.edu/pda) Awards – Excellence Award: GTE/Verizon Laboratories Incorporated (1997, 1999, 2000). – Achievement Award: GTE/Verizon Laboratories Incorporated (1999). Professional Activities – Guest Editor, IEEE Transaction on Computer, IEEE Personal Communication Magazine, ACM Mobile Networks and Applications (MONET), ACM Wireless Networks (WINET) – PC/General Chair: Int’l Conf. on Mobile Data Access (1999); Int’l Workshop on Pervasive Computing (2000); Int’l Workshop on Wireless Networks and Mobile Computing (2000/2001). Int’l Workshop on Peer-to-Peer Information Management (2006); Int’l Conf. on Scalable Information Systems (2007); Int’l Conf. on Mobile Data Management (2009); Int’l Conf. on Database Systems and Advanced Applications (2011); – Industrial Program Chair: International Conference on Mobile Data Management (2001-2002). – Steering Committee: International Conference on Mobile Data Management – TPC Member (2006): ICNP, ICDE, ICDCS, SAC, DASFAA, INFOSCALE, PERCOM Expertise – Pervasive Computing, Wireless Networks, Network Services, Data Management, TMN Current & Past Support – NSF, ARDA, GENUITY, RGC (Hong Kong) Penn State, 4-26-12 49 Wang-Chien Lee - Projects • Location-Based Information Access in Pervasive Computing – Investigate new ways of indexing and caching spatial data in support of location based services in pervasive computing environments. • Semantic Small World: A Multi-Dimensional Overlay Network – Design of a multi-dimensional overlay network, called semantic small world (SSW), that facilitates efficient semantic based search in P2P systems. – SSW is adaptive to distribution of data and locality of interest; is very resilient to failures; and has great load balancing property. •Location-Aware Wireless Sensor Networks – Design of a suite of protocols, algorithms and services to provide energy-aware, time-efficient, robust and scalable location-aware wireless sensor networks. – Tackled research issues include communication collisions, communication voids, packet losses, location errors, scalability, service latency and validity of services. • Automata-Based XML Access Control for Networked Computing – Design of a new XML access control mechanism, called QFILTER, for Internet-scale networked information systems. • Secure Wireless Data Broadcast – Development of new air indexing and key management techniques to address the security concerns in wireless data broadcast systems. 50 Penn State, 4-26-12 John Metzner - Professor, CSE and EE Education – Eng. Sc. D., New York University Background – Acting director of the Computer Engineering Program in Electrical Engineering (two years) – Acting Dean, School of Engineering and Computer Science, Oakland University, Rochester 1974-1980 – Professor, Electrical Engineering, Wayne State University, Detroit, Michigan – Associate Professor, Electrical Engineering New York University – Associate Professor, Polytechnic Institute of New York – Research Scientist, Electrical Engineering Department, New York University Awards – IEEE Fellow – Fellowships: Link Aviation, National Science Foundation, David Sarnoff – IEEE Computer Society Distinguished Speaker/Visitor Expertise – ARQ protocols for reliable and efficient data communication, methods for efficient comparison of remote replicated data files, efficient reliable and secure multicasting, improved utilization of ALOHA in multi-access, error correction techniques, efficient use of wireless network resources Support – Many previous grants from NSF Penn State, 4-26-12 51 John Metzner - Projects • Vector and packet symbol decoding – Discovered a new packet-symbol decoding method for reliable communication despite errors, deletions, out-of order packet receptions, no sequence numbers and no per-packet error detection. Working on extending idea to very long codes, convolutional codes. – Method discovered for enhanced and simpler burst error correction of vector symbol codes. – Applications to multi-reception code combining with vector symbol codes • Reliable multicasting – Efficient methods of gathering acknowledgments with a tree topology and a virtual ring – Improved efficiency by cooperation of local network stations Ultra wideband or light traffic ALOHA – Increased value of hop-by-hop versus end-to-end error control in multicasting. • Multi-user networks – Improved efficiency by cooperation of local network stations Ultra wideband or light traffic ALOHA – Reliable communication from a mobile to a network of cooperating base stations or to other stations in an Ad Hoc network for minimal interference and energy utilization. – Window controls and acknowledgment protocols for efficient multi-path wireless routing to a base station or multi-base network. • Secure Reliable Multicasting (SAM) – Simple acknowledgment and key changing for combined secure and reliable multicast in moderate size groups Penn State, 4-26-12 52 Raj Acharya – Head and Professor, CSE Education – PhD, University of Minnesota, Mayo Graduate School of Medicine Background – Research Scientist, Mayo Clinic – Research Scientist, GE (Thomson) – Faculty Fellow, Night Vision Laboratory, Fort Belvoir, Washington, D.C. – NASA-ASEE Faculty Fellow, Johnson Space Center, Houston, TX – Director, Advanced Laboratory for Information Systems and Analysis Professional Activities – General Chair, SPIE International Conference on Physiology and Function from Multidimensional Images – Co-Chair, IEEE Workshop on Biomedical Image Analysis – General Chair, SPIE Conference on Biomedical Image Processing – Associate Editor, International Journal of Computerized Medical Imaging and Graphics Expertise – Net-centric computing, resource management for ad hoc networks, information fusion, bioinformatics, data mining Support – NSF ITR Penn State, 4-26-12 53 Allan Sonsteby – Associate Director Applied Research Laboratory Education – PhD, The Pennsylvania State University, Electrical Engineering Background – Industry, Government, and Academia Professional Activities – Futures panel for Undersecretary of Defense for Intelligence – Chairman, NATO SCI-106 (U. S. Representative) – 2000 – 2003 – Chairman, NATO SCI-030 (U. S. Representative) – 1997 – 1999 – Member, Institute of Electrical and Electronics Engineers (IEEE) – Member, U. S. Government Low Probability of Intercept Communications Committee – Member, Eta Kappa Nu (EE Honor Society) – U. S. Representative to NATO Research Study Group-106 “Vulnerabilities of Mobile Tactical Communication Systems” – U. S. Representative to NATO Research Study Group-030 “Communications-EW Control and Coordination” – Eta Kappa Nu – GTE Corporation Graduate Fellowship Recipient Awards Expertise – Signal processing, Geolocation/Target tracking Support – Manages approximately $42M annually of research sponsored by Government and Industry Penn State, 4-26-12 54 Christopher Griffin, Research Associate, ARL/PSU Education – PhD, Penn State University, Operations Research Background – Staff scientists Oak Ridge National Laboratory – Seven years as staff engineer Penn State Applied Research Laboratory Awards – Wigner Fellow (Oak Ridge National Laboratory) Expertise – Data fusion, control theory, social network analysis Support – Office of Naval Research – Intelligence Advanced Research Projects Agency – U.S. Government – Oak Ridge National Laboratory Internal Research and Development Penn State, 4-26-12 55 Christopher Griffin-Projects • Learning and Prediction for Enhanced Readiness and Decision Making (LEPERD) – Apply non-linear hybrid statistical methods to the problem of track learning and anomaly detection. – Test results on live data sets provided by sponsor and scrapped from the open source. • Combined Hierarchical Environment for Tracking Anomalies with Hybrid Statistics (CHEETAH) – Enhance work done in LEPERD to use categorical data of the type found in ship manifests. – Create a prototype anomaly detection system and test at appropriate field location. • Deep Social Network Analysis – Extend beyond classical social network analysis by integrating message internal data. – Formalize social science theories in mathematical equations and algorithms and apply them to detecting patterns within human networks. Penn State, 4-26-12 56 Jun Shu – Assistant Professor, SC&IS, Smeal Education – PhD, University of California at Berkeley, Industrial Engineering and Operations Research Professional Activities – Program co-Chair, INFORMS TELECOM National Conference, 2005 – Program co-chair, INFORMS National Conference E-Business Section, 2006 Grants – – – IBM Research Grant 2004 Smeal Research Grants 2005-2008 NSF Grant 2007 Expertise – Network Management and Pricing – Supply Chain Management – Management of Information Systems – Game Theory Industry Experience – MCI – Cisco – Rockwell Semiconductor Penn State, 4-26-12 57 Jun Shu – Research Projects • Piecemeal Hybrid P2P Networks for Large Scale Content Distribution – How to deliver 30,000 TV Channels with excellent quality to customers and scalable infrastructure requirement to providers? • Supply Chain Execution Control via Individualized Trace Data – How to manage an execution process over networks with large volumes of real-time trace data? • Service Family Design – How to design and provision services like we do in product family design? • Compatibility Standards through Collaboration – How to decide which standards to invest in at the early stage of a technology adoption? Penn State, 4-26-12 58 Phil Laplante–Professor, Software Engineering Education – PhD (Computer Science), Stevens Institute of Technology Background – Software Engineer, Singer-Kearfott Navigation Systems – Member, Technical Staff, Bell Labs Software Quality Assurance Center – CTO, Eastern Technology Council – Registered Professional Engineer (Pennsylvania) – Certified Software Development Professional Professional Activities – Chair, Software Engineering Professional Licensure Exam Development Committee – Administrative Committee, IEEE Reliability Society – Editor (Software Engineering), ACM Computing Reviews – Editorial Board, Advances in Software Engineering – Associate Editor, IT Professional Expertise – Requirements Engineering, Software Testing, Software Project Management. Support – Analytical Graphics – Primavera Software Penn State, 4-26-12 59 Colin Neill – Associate Professor, Software Engineering Education – PhD, University of Wales, Software and Systems Engineering Professional Activities – Associate Editor-in-Chief, Innovations in Systems and Software Engineering: A NASA Journal – Member, Advisory Board, International Journal of Advanced Manufacturing Technology. – General Chair, ASQ National Quality Month Symposium on Software and Systems Quality, 2007 – Program committee of ICECCS 2006, NASA/IEEE SEW 2002-2007. Expertise – Software engineering; software architecture, requirements engineering, system quality, system complexity Previous Support – British Aerospace, Systems & Equipment – Rover Cars – EPSRC, UK Penn State, 4-26-12 60 Colin Neill – Projects • Driving Architectural Design from Business and Technical Goals – Ensuring architectures embody systemic qualities reflecting both business and technical goals • Agile and Distributed Software Development – Hybrid processes that allow flexibility and agility without loss of comprehension in global development • Strategic Refactoring and Design Repair – Repairing legacy systems that have evolved and eroded. • Software Engineering Best Practices – Monitoring and assessing the common and best practices employed in industry. • Analysis of Large and Ultra-Large Software Systems – A methodology for measuring and monitoring software complexity that can be used to effectively manage software systems so they do not become overly complex. Penn State, 4-26-12 61 Raghu Sangwan– Associate Professor, Software Engineering Education – PhD, Temple University, Computer and Information Sciences Professional Activities – General Chair, Working IEEE/IFIP Conference on Software Architecture, 2011 – Program Committee, International Workshop on Requirements Engineering Visualization, 2006 – 2009, IEEE International Conference on Global Software Engineering, 2006 – 2009, Working IEEE/IFIP Conference on Software Architecture, 2006 – 2009, International Conference on the Quality of Software Architecture, 2008 – 2009 – Reviewer, IEEE Software, Journal of Software and Systems, Journal of Software Process: Improvement and Practice, Computing Reviews. Expertise – Analysis, design, and development of large scale software-intensive systems, and automatic and semi-automatic approaches to assessment of their quality and complexity Previous Support – Siemens Corporate Research – Software Engineering Institute, Carnegie Mellon University Penn State, 4-26-12 62 Raghu Sangwan – Projects • Software architecture analysis and design – Quality-based approaches to creating software-intensive systems – Integrating quality-based approaches into mainstream software systems design methodologies • Characterizing essential and incidental complexity – Multidimensional approaches to studying structural complexity in softwareintensive systems – Development methodologies and their influence on structural complexity of software-intensive systems • Architecture drift and erosion – Software evolutionary studies revealing system decay – Strategies for preventing architecture drift and erosion leading to system decay Penn State, 4-26-12 63