Successes and Failures applying
to SaTC/TWC/TC/CT
Nikita Borisov
University of Illinois at UrbanaChampaign
My SaTC Experience
• First PI experience in 2006
• Four funded projects through some version of
SaTC
– Vulnerability signatures in intrusion detection
– Security and privacy in building automation
– Network traffic analysis
– Anonymous communications (CAREER)
• About as many rejections
• Half dozen panels
Vulnerability Signatures
• Traditional signatures in intrusion detection:
recognize attack
– E.g., “AAAA….AAAA?idapi.ida” for CodeRed
• Too specific:
– CodeRed II used “NNNN….NNNN?idapi.ida”
• Vulnerability signatures: recognize attack
vector
• Challenge: faithfully reconstruct application
parsing state with high performance
Behind the Proposal
• Genesis: internship at Microsoft Research as
graduate student
• Development:
– Identify basic research challenges
– Create evaluation strategy
• Collaboration:
– Two senior co-PIs / mentors
Building Automation
• Newer buildings use networked sensors and
controls for lights, doors, HVAC, etc.
• Opportunity for applications that enrich
inhabitants’ lives
• Woefully insecure
• Challenge: design interface that enables
applications while preserving important
privacy and security constraints
Behind the Proposal
• Genesis: Class project on applications for
building automation
• Development:
– Identify general principles that can be applied in
this setting
• Collaboration:
– My co-instructor in the course
Traffic Analysis
• Encrypted network traffic contains patterns:
packet sizes, timings, counts, …
• Side channel that reveals information
– User identity
– Password characters
– Web page content
– VoIP phrases
• Challenge: Rigorous, systematic understanding
of attacks and defenses
Behind the Proposal
• Genesis: Attack paper on network watermarking
schemes
• Development:
– Identify several important problems
– Formulate fundamental theoretic questions
– Connect them to experimental validation plan
• Collaboration:
– Co-author from attack paper
– Another communications expert
– Senior mentor
Anonymous Communications
• Internet communication leaks metadata about
interests, relationships, behavior, etc.
• This information is (ab)used by ISPs, employers,
advertisers, intelligence agencies, repressive
regimes, …
• Anonymity networks, such as Tor help protect
metadata, but at a large performance cost
• Challenge: creating scalable, high-performance
overlay networks while minimizing leaked
information
Behind the Proposal
• Genesis: PhD work, followed by several years
of research
• Development:
– Detailed description of next few research papers
• Collaboration:
– Support letters from foreign collaborator
Lessons from Rejections
• SaTC panelists are notorious skeptics!
– Your job to convince them your approach will
work and be secure
• Missing related work can be a killer
– Spend twice as much time as you think you need
• Avoid being too broad
Closing Thoughts
• Get thee on a panel!
– Can’t beat first-hand experience
– PMs often struggle to fill slots
• Get co-PIs with prior SaTC successes
– Can be helpful even at a low commitment level
• Enjoy the experience!
– Even unfunded proposals have payoffs