Transcript id_overview3-31-14.ppt

I N
S R
Institute of Networking and Security Research
http://insr.cse.psu.edu/
Mission: Enabling robust, high performance secure internetworked information systems
Professor Thomas F. La Porta, Director
Department of Computer Science and Engineering
Penn State, 4-2-14
0
Institute of Networking and Security Research
I N
S R
Networking, security and systems experts
– 17 faculty
– Approximately 50 students
• Ph.D., M.S. and Schreyer Honors College Seniors
• 3 Labs in addition to individual research groups
Diverse Expertise
– Wireless networking and communications
– Software systems
– All aspects of security: networking, protocols, systems, policies, cryptography, privacy
Industrial partners, joint projects
– Current sponsors: Cisco, Battelle, AT&T, IBM
– Past: Accipiter Systems, Boeing, Vocollect, Intel, Motorola, Narus, Raytheon, Sprint, Applied
Sciences, Lockheed Martin, Alcatel-Lucent, Hewlett-Packard, Harris
– Current joint grants/contracts: Battelle, Cisco, Google, HP, Microsoft, Wave, Applied Sciences,
Lockheed Martin, BBN-Raytheon, IBM
– Ben Franklin Center of Excellence (2007-2009)
Student placements: Microsoft Research, Google, Nokia, Univ. of Tennessee, Univ. of
Arkansas, Univ. of Waterloo, AMD, Imperial College, Klout, Palo Alto Networks, Oracle,
Akamia
Penn State, 4-2-14
1
INSR Accomplishments
I N
S R
More than 100 refereed publications in 2013
Funding: Over $35M since 2005 (over $7.5M since 2013)
– National Science Foundation (7)
– Army Research Lab and UK Ministry of Defence (ITA Program)
– Army Research Lab Network Science CTA
– Army Research Lab Cyber Security CRA
– Army Research Office
– CERDEC (2)
– DARPA (2)
– Defense Threat Reduction Agency
– Industrial Funding: over $150K in 2013 (approximately $2M in 8 years)
Awards
– AT&T Graduate Fellowship, Diefenderfer Graduate Fellowship
– Outstanding Research Assistant Award (2)
– PSEAS Outstanding Research Award
– Best Research Artifact Award, 20th International Symposium on the Foundations of Software
Engineering
Penn State, 4-2-14
2
INSR News
I N
S R
Elevated to Institute
– Original Networking and Security Research Center (NSRC) now an Institute
– Reflects level of productivity and scope of work
Awarded Cyber Security Collaborative Research Alliance by Army Research Lab
– Patrick McDaniel, PI
– 10 years, $48M (more later)
Network Science Collaborative Technology Alliance funded by Army Research Lab renewed
– Additional five years
– Work on Quality of Information started by Penn State is one of four research thrusts (led by Tom
La Porta, PI)
Penn State, 4-2-14
3
Organizations: Members and Financial Support
I N
S R
College of Engineering
– Computer Science and Engineering, Electrical Engineering
– Networking, communications, all aspects of security, data mining and privacy
Applied Research Lab
– Wireless technologies, networking, security, information fusion
– Classified programs
Dickinson Law School, School of International Affairs
– Policy, legal implications, applications (voting, Internet privacy, etc.)
Penn State Great Valley
– Engineering Division, Software Engineering Research Group; ultra-large systems, design for
security
Penn State, 4-2-14
4
Cyber-Security CRA (cra.psu.edu)
I N
S R
The Collaborative Research Alliance (CRA) is a 10-year,
$48 million project funded by the Army Research
Laboratory and US Army (CERDEC)
A Collaborative Alliance
– Brings together diverse collection of researchers from
academic, military, and industrial organizations to form a critical
mass of effort in security, risk analysis, network management,
and human factors
– Alliance efforts partitioned into group areas consisting of
collaborating members from all partner institutions
– Theories, algorithms and tools will be tested in high
performance computing structure hosted at Penn State
University and the Army Research Laboratory
Penn State, 4-2-14
5
5
I N
S R
Network Science CTA
Four cross-cutting research thrusts
•
Evolution and Dynamics of Integrated Networks
•
TRUST in distributed decision making
•
Information Processing and Analysis
•
Quality of Information for Semantically Adaptive Networks
‒
‒
Vision: Understand how to control network behaviors so
that the capacity of the network to deliver relevant
information of sufficient quality can be maximized
Treat the network as an Information Source delivering
quality information to support decision making
‒
New formal definition of network carrying capacity
‒
Unified theory for QoI-aware information inference &
fusion
Commands &
Info Requests
Desired
Quality of
Information
(QoI)
Fusion of
Information
w/known
Uncertainty
Info of
Requisite
or
Higher
Quality
Collaborative Alliance
•
Funded by US Army Research Lab
•
Collaborative research with ARL members
Penn State, 4-2-14
6
I N
Systems and Internet Infrastructure
Security Laboratory (SIIS Lab) S R
Prof. Trent Jaeger ([email protected])
Operating Systems and Cloud Security, Trustworthy Computing, Software Analysis for
Security
Prof. Patrick McDaniel ([email protected])
Network Security, Critical Infrastructure, Smart-Phone Security, Security Policy, Software
Systems
Prof. Adam Smith ([email protected])
Cryptography, Applied Cryptography, Information Science, Theoretical Computer Science
Funding:
National Science Foundation
ARO/AFRL/IARPA/AFOSR
Battelle, AT&T, Samsung
Raytheon, Telcordia, Lockheed
IBM, HP, Intel
National Institutes of Health
Ongoing Projects:
Systems and Cloud Security
Secure Storage Systems
Language Based Security
Telecommunications Security
Smart Grid Security
Voting Systems
Cryptography & Data Privacy
Recent Awards: PECASE, PSES Outstanding Research
Factoids: Established September 2004 -- Location - 344 IST Building -- Contact
[email protected]
Penn State, 4-2-14
URL: http://siis.cse.psu.edu
7
Mobile Computing and Networking (MCN) Lab
I N
S R
MCN lab conducts research in many areas of wireless networks and mobile
computing, with an emphasis on designing and evaluating mobile systems,
protocols, and applications.
Projects
– Smartphones, in-network storage, wireless security, wireless sensor networks, vehicular networks,
resource management in wireless networks.
Students: 10 PhDs, 1 MS, and 1 honor BS student
•
Alumni: 15 PhDs, including faculty members at Iowa State
University, University of Tennessee, University of Arkansas,
and students in Google, Qualcomm, Cisco, Microsoft.
•
13 MS students went to various companies
Support: NSF (NeTS/NOSS, CT, WN, CNS), Army Research
Lab, Army Research Office, DoD/muri, and companies
such as Cisco, IBM and Narus
Contact: Prof. Guohong Cao, [email protected]
URL: (http://mcn.cse.psu.edu/)
Penn State, 4-2-14
8
I N
Wireless Communication and Networking Laboratory
S R
Faculty: Prof. Aylin Yener, [email protected]
URL: http://wcan.ee.psu.edu
Fundamental research on wireless communication network design
Areas: Energy Harvesting Wireless Networks, Quality-aware
networking, Information Theoretic Security, Interference Networks
Support
• National Science Foundation (NSF)
• Army Research Laboratory, Network Science CTA
10 Members:
1 PostDoc, 7 PhD students, 1 Visiting Prof
Collaborators from the following:
Penn State (NSRC), UMD, UC Berkeley,
Rutgers, USC, UIUC, BBN-Raytheon
Penn State, 4-2-14
9
Scope
I N
S R
Networking and communications: enables ubiquitous connectivity
– Internet and telecommunications, ad hoc and sensor networks
– Information dissemination and quality of information
– Wireless networking, communication and information theory
– Supported by NSF CISE; DoD (ARL, DTRA), industry
Systems and network security: enables secure end-to-end information flow
– Secure platforms, programming languages, distributed systems, privacy, cryptography,
monitoring, security management and architecture, design for security
– Internet, telecommunication and military networks
– Supported by NSF CISE; DoD (AFOSR, ARL), industry
Societal, business, and legal implications: enables impact on policy and deployment
– Privacy, regulation, censorship
– Financial and economic concerns, applications
– Applications and impact considered along with technical designs
Penn State, 4-2-14
10
I N
S R
Research Areas: Network Management
Diagnosing failures
• Leverage cluster information
(topography)
• Use greedy algorithms for
coarse grain estimate
• Use positive symptoms to
refine
Cao and La Porta (supported by ARL ITA and DTRA)
– Femtocell deployment
• Algorithms to manage femto power increases coverage by 2x
– Diagnosing of large scale failures
• Algorithm that accurately diagnoses massive failures quickly (order of magnitude)
– Robust monitoring
• Effective network tomography in the face of failures improves link identifiability by 2x
– Inferring network topologies
• Building accurate network topologies (within 5%) with partial information
Penn State, 4-2-14
11
I N
S R
Research Areas: Wireless Networking
Network structure
• Groups of nodes that have
local connectivity
• Groups have intermittent
connectivity with the backbone
network
• Groups come into contact with
each other due to mobility
Zhu, Cao, and La Porta
– Trust management in tactical networks (ARL CTA with IBM and BBN Raytheon)
• Partial mutual revocation evaluates accuser and accused
– Infrastructure facilitated tactical networks (CERDEC)
• Special DTN-network that leverages intermittent connectivity with servers
– Cognitive radio networks (NSF)
• Channel assignments to reduce network partitions
• Spectrum-aware data caching and replication
– Predicting next places (ARL CTA with BBN Raytheon)
• Leveraging periodicity in mobility and various semantic information to inform next place prediction
Penn State, 4-2-14
12
I N
S R
Research Areas: Information Transfer
Video-analytics
• Extract information at end devices and
report meta-data, not video
• Processing at end-point may not be able
to extract all features in real-time
• Trade-off between bandwidth and QoI
Cao, La Porta, and McDaniel
– Resource Allocation (ARL CTA/ITA)
• Stochastic resource allocation to support decision making
• Distributed back-pressure protocols: partial information
– Network coding in DTNs (NSF, CERDEC)
• Leveraging intermittent connectivity and network coding
– Social networks with diverse connectivity (ARL CTA)
• Identify and leverage transient connected components
– Security (NSF)
• Security by diversity – multi-channel communication
– Quality of Information (ARL CTA)
• Video-analytics trade-off QoI for bandwidth
Penn State, 4-2-14
13
I N
S R
Research Areas: Smartphones
Proxies
Using proxies allows traffic
aggregation and more efficient
use of high-energy network states
Cao, McDaniel and Zhu
– Energy optimization (NSF/ARL CTA)
• Use traffic aggregation and proxies that are compatible with cellular energy models
– Android (NSF, Google)
• Static analysis for inter-component communication increases precision for finding
vulnerable points
• Analysis relating permissions to libraries finds security concerns
– Inferring inputs on touch screens (NSF)
• Record motion on smartphone inputs to then infer passwords
Penn State, 4-2-14
14
Research Areas: Secure Systems
I N
S R
Jaeger, McDaniel
– Securing the cloud (NSF)
• Build and enforce a cloud behavior model: low overhead, greatly reduced TCB
– Locating vulnerabilities in programs (NSF, HP Labs, AFOSR, CERDEC)
• Protecting kernel code integrity with instruction-level instrumentation
• Preventing resource access attacks: use process firewalls
• Hook placement in code to enforce authorization policies
Penn State, 4-2-14
15
I N
S R
Members
Faculty
Raj Acharya
Department/College
Computer Science and
Engineering (CSE)/College
of Engineering (COE)
Guohong Cao
CSE/COE
Sean Hallgren
CSE/COE
Trent Jaeger
CSE/COE
Thomas La Porta CSE&EE/COE
Wang-Chien Lee CSE/COE
Patrick McDaniel CSE/COE
John Metzner
CSE & EE/COE
Adam Smith
CSE/COE
Aylin Yener
EE/COE
Sencun Zhu
CSE/COE and IST
Eileen Kane
Dickinson Law School
Allan Sonsteby
ARL
Chris Griffin
ARL
Gerry Michaud
ARL
Mike Hohnka
ARL
Bruce Einfalt
ARL
Phil La Plante
Great Valley
Colin Neill
Great Valley
Raghu Sangwan Great Valley
Penn State, 4-2-14
Expertise
QoS
Mobility, Distributed systems
Theory, Cryptography
Secure operating systems
Mobility, Telecommunications
Pervasive computing
Network Security
Reliable data communication
Cryptography
Wireless communications
Network Security
Internet Law, Policy
Networking and Comm
Decision making
Networking and Comm
Networking and Comm
Networking and Comm
Systems, Security
Systems, Security
Systems, Security
16
Remainder of the day…
I N
S R
Cisco Innovative Challenge Award Presentation
Dinner – 5:30 at The Tavern
Tomorrow
IST Building, Room 333 - 9:00
–Faculty talks and wrap-up
Penn State, 4-2-14
17