1 Penn State, 4-2-14 I N S R Institute of Networking and Security Research Networking, security and systems experts – 17 faculty – Approximately 50 students • Ph.D., M.S. and Schreyer Honors College Seniors • 3 Labs in addition to individual research groups Diverse Expertise – Wireless networking and communications – Software systems – All aspects of security: networking, protocols, systems, policies, cryptography, privacy Industrial partners, joint projects – Current sponsors: Cisco, Battelle, AT&T, IBM – Past: Accipiter Systems, Boeing, Vocollect, Intel, Motorola, Narus, Raytheon, Sprint, Applied Sciences, Lockheed Martin, Alcatel-Lucent, Hewlett-Packard, Harris – Current joint grants/contracts: Battelle, Cisco, Google, HP, Microsoft, Wave, Applied Sciences, Lockheed Martin, BBN-Raytheon, IBM – Ben Franklin Center of Excellence (2007-2009) Student placements: Microsoft Research, Google, Nokia, Univ. of Tennessee, Univ. of Arkansas, Univ. of Waterloo, AMD, Imperial College, Klout, Palo Alto Networks, Oracle, Akamia
Transcript
1 Penn State, 4-2-14
I NS R
Institute of Networking and Security Research
Networking, security and systems experts – 17 faculty – Approximately 50 students
• Ph.D., M.S. and Schreyer Honors College Seniors • 3 Labs in addition to individual research groups
Diverse Expertise – Wireless networking and communications – Software systems – All aspects of security: networking, protocols, systems, policies, cryptography, privacy
– Current joint grants/contracts: Battelle, Cisco, Google, HP, Microsoft, Wave, Applied Sciences, Lockheed Martin, BBN-Raytheon, IBM
– Ben Franklin Center of Excellence (2007-2009)
Student placements: Microsoft Research, Google, Nokia, Univ. of Tennessee, Univ. of Arkansas, Univ. of Waterloo, AMD, Imperial College, Klout, Palo Alto Networks, Oracle, Akamia
2 Penn State, 4-2-14
I NS R
INSR Accomplishments
More than 100 refereed publications in 2013
Funding: Over $35M since 2005 (over $7.5M since 2013) – National Science Foundation (7) – Army Research Lab and UK Ministry of Defence (ITA Program) – Army Research Lab Network Science CTA – Army Research Lab Cyber Security CRA – Army Research Office – CERDEC (2) – DARPA (2) – Defense Threat Reduction Agency – Industrial Funding: over $150K in 2013 (approximately $2M in 8 years)
Awards – AT&T Graduate Fellowship, Diefenderfer Graduate Fellowship – Outstanding Research Assistant Award (2) – PSEAS Outstanding Research Award – Best Research Artifact Award, 20th International Symposium on the Foundations of Software Engineering
3 Penn State, 4-2-14
I NS R
INSR News
Elevated to Institute – Original Networking and Security Research Center (NSRC) now an Institute – Reflects level of productivity and scope of work
Awarded Cyber Security Collaborative Research Alliance by Army Research Lab – Patrick McDaniel, PI – 10 years, $48M (more later)
Network Science Collaborative Technology Alliance funded by Army Research Lab renewed – Additional five years – Work on Quality of Information started by Penn State is one of four research thrusts (led by Tom La Porta, PI)
4 Penn State, 4-2-14
I NS R
Organizations: Members and Financial Support
College of Engineering – Computer Science and Engineering, Electrical Engineering – Networking, communications, all aspects of security, data mining and privacy
Applied Research Lab – Wireless technologies, networking, security, information fusion – Classified programs
Dickinson Law School, School of International Affairs – Policy, legal implications, applications (voting, Internet privacy, etc.)
Penn State Great Valley – Engineering Division, Software Engineering Research Group; ultra-large systems, design for security
5 Penn State, 4-2-14
I NS R
5
Cyber-Security CRA (cra.psu.edu) The Collaborative Research Alliance (CRA) is a 10-year, $48
million project funded by the Army Research Laboratory and US Army (CERDEC)
A Collaborative Alliance – Brings together diverse collection of researchers from academic, military, and industrial organizations to form a critical mass of effort in security, risk analysis, network management, and human factors
– Alliance efforts partitioned into group areas consisting of collaborating members from all partner institutions
– Theories, algorithms and tools will be tested in high performance computing structure hosted at Penn State University and the Army Research Laboratory
6 Penn State, 4-2-14
I NS R
Four cross-cutting research thrusts
• Evolution and Dynamics of Integrated Networks
• TRUST in distributed decision making
• Information Processing and Analysis
• Quality of Information for Semantically Adaptive Networks
‒ Vision: Understand how to control network behaviors so that the capacity of the network to deliver relevant information of sufficient quality can be maximized
‒ Treat the network as an Information Source delivering quality information to support decision making
‒ New formal definition of network carrying capacity
‒ Unified theory for QoI-aware information inference & fusion
Collaborative Alliance
• Funded by US Army Research Lab
• Collaborative research with ARL members
Network Science CTA
Commands & Info Requests
Desired Quality of
Information (QoI)
Info of Requisite
or Higher Quality
Fusion of Information
w/known Uncertainty
7 Penn State, 4-2-14
I NS R
Prof. Trent Jaeger ([email protected]) Operating Systems and Cloud Security, Trustworthy Computing, Software Analysis for Security
Prof. Patrick McDaniel ([email protected]) Network Security, Critical Infrastructure, Smart-Phone Security, Security Policy, Software Systems
Prof. Adam Smith ([email protected]) Cryptography, Applied Cryptography, Information Science, Theoretical Computer Science
Ongoing Projects: Systems and Cloud Security
Secure Storage Systems Language Based Security
Telecommunications Security Smart Grid Security
Voting Systems Cryptography & Data Privacy
Funding: National Science Foundation ARO/AFRL/IARPA/AFOSR Battelle, AT&T, Samsung
Raytheon, Telcordia, Lockheed IBM, HP, Intel
National Institutes of Health
Recent Awards: PECASE, PSES Outstanding Research Factoids: Established September 2004 -- Location - 344 IST Building -- Contact [email protected]
URL: http://siis.cse.psu.edu
Systems and Internet Infrastructure !Security Laboratory (SIIS Lab)!
8 Penn State, 4-2-14
I NS R
Mobile Computing and Networking (MCN) Lab
Students: 10 PhDs, 1 MS, and 1 honor BS student • Alumni: 15 PhDs, including faculty members at Iowa State
University, University of Tennessee, University of Arkansas, and students in Google, Qualcomm, Cisco, Microsoft.
• 13 MS students went to various companies
Support: NSF (NeTS/NOSS, CT, WN, CNS), Army Research Lab, Army Research Office, DoD/muri, and companies
Fundamental research on wireless communication network design Areas: Energy Harvesting Wireless Networks, Quality-aware
networking, Information Theoretic Security, Interference Networks
Support • National Science Foundation (NSF) • Army Research Laboratory, Network Science CTA
URL: http://wcan.ee.psu.edu
10 Penn State, 4-2-14
I NS R
Scope
Networking and communications: enables ubiquitous connectivity – Internet and telecommunications, ad hoc and sensor networks – Information dissemination and quality of information – Wireless networking, communication and information theory – Supported by NSF CISE; DoD (ARL, DTRA), industry
Systems and network security: enables secure end-to-end information flow – Secure platforms, programming languages, distributed systems, privacy, cryptography, monitoring, security management and architecture, design for security
– Internet, telecommunication and military networks – Supported by NSF CISE; DoD (AFOSR, ARL), industry
Societal, business, and legal implications: enables impact on policy and deployment – Privacy, regulation, censorship – Financial and economic concerns, applications – Applications and impact considered along with technical designs
11 Penn State, 4-2-14
I NS R
Research Areas: Network Management
Cao and La Porta (supported by ARL ITA and DTRA) – Femtocell deployment
• Algorithms to manage femto power increases coverage by 2x
– Diagnosing of large scale failures • Algorithm that accurately diagnoses massive failures quickly (order of magnitude)
– Robust monitoring • Effective network tomography in the face of failures improves link identifiability by 2x
– Inferring network topologies • Building accurate network topologies (within 5%) with partial information
Diagnosing failures!!
• Leverage cluster information (topography) • Use greedy algorithms for coarse grain estimate • Use positive symptoms to refine
12 Penn State, 4-2-14
I NS R
Research Areas: Wireless Networking
Zhu, Cao, and La Porta – Trust management in tactical networks (ARL CTA with IBM and BBN Raytheon)
• Partial mutual revocation evaluates accuser and accused
– Infrastructure facilitated tactical networks (CERDEC) • Special DTN-network that leverages intermittent connectivity with servers
– Cognitive radio networks (NSF) • Channel assignments to reduce network partitions • Spectrum-aware data caching and replication
– Predicting next places (ARL CTA with BBN Raytheon) • Leveraging periodicity in mobility and various semantic information to inform next place prediction
Network structure!!
• Groups of nodes that have local connectivity • Groups have intermittent connectivity with the backbone network • Groups come into contact with each other due to mobility
13 Penn State, 4-2-14
I NS R
Research Areas: Information Transfer
Cao, La Porta, and McDaniel – Resource Allocation (ARL CTA/ITA)
• Stochastic resource allocation to support decision making • Distributed back-pressure protocols: partial information
– Network coding in DTNs (NSF, CERDEC) • Leveraging intermittent connectivity and network coding
– Social networks with diverse connectivity (ARL CTA) • Identify and leverage transient connected components
– Security (NSF) • Security by diversity – multi-channel communication
– Quality of Information (ARL CTA) • Video-analytics trade-off QoI for bandwidth
Video-analytics!!
• Extract information at end devices and report meta-data, not video • Processing at end-point may not be able to extract all features in real-time • Trade-off between bandwidth and QoI
14 Penn State, 4-2-14
I NS R
Research Areas: Smartphones
Cao, McDaniel and Zhu – Energy optimization (NSF/ARL CTA)
• Use traffic aggregation and proxies that are compatible with cellular energy models – Android (NSF, Google)
• Static analysis for inter-component communication increases precision for finding vulnerable points
• Analysis relating permissions to libraries finds security concerns – Inferring inputs on touch screens (NSF)
• Record motion on smartphone inputs to then infer passwords
Proxies!!
Using proxies allows traffic aggregation and more efficient use of high-energy network states
15 Penn State, 4-2-14
I NS R
Research Areas: Secure Systems
Jaeger, McDaniel – Securing the cloud (NSF)
• Build and enforce a cloud behavior model: low overhead, greatly reduced TCB
– Locating vulnerabilities in programs (NSF, HP Labs, AFOSR, CERDEC) • Protecting kernel code integrity with instruction-level instrumentation • Preventing resource access attacks: use process firewalls • Hook placement in code to enforce authorization policies
16 Penn State, 4-2-14
I NS R
Members
Faculty Department/College Expertise Raj Acharya Computer Science and
Engineering (CSE)/College of Engineering (COE)
QoS
Guohong Cao CSE/COE Mobility, Distributed systems Sean Hallgren CSE/COE Theory, Cryptography Trent Jaeger CSE/COE Secure operating systems Thomas La Porta CSE&EE/COE Mobility, Telecommunications Wang-Chien Lee CSE/COE Pervasive computing Patrick McDaniel CSE/COE Network Security John Metzner CSE & EE/COE Reliable data communication Adam Smith CSE/COE Cryptography Aylin Yener EE/COE Wireless communications Sencun Zhu CSE/COE and IST Network Security Eileen Kane Dickinson Law School Internet Law, Policy Allan Sonsteby ARL Networking and Comm Chris Griffin ARL Decision making Gerry Michaud ARL Networking and Comm Mike Hohnka ARL Networking and Comm Bruce Einfalt ARL Networking and Comm Phil La Plante Great Valley Systems, Security Colin Neill Great Valley Systems, Security Raghu Sangwan Great Valley Systems, Security
