1Penn State, 4-2-14

Institute of Networking and Security Research http://insr.cse.psu.edu/

Professor Thomas F. La Porta, Director

Department of Computer Science and Engineering

Mission: Enabling robust, high performance secure internetworked information systems

2Penn State, 4-2-14

Institute of Networking and Security Research

Networking, security and systems experts

– 17 faculty

– Approximately 50 students• Ph.D., M.S. and Schreyer Honors College Seniors• 3 Labs in addition to individual research groups

Diverse Expertise

– Wireless networking and communications

– Software systems

– All aspects of security: networking, protocols, systems, policies, cryptography, privacy

Industrial partners, joint projects

– Current sponsors: Cisco, Battelle, AT&T, IBM

– Past: Accipiter Systems, Boeing, Vocollect, Intel, Motorola, Narus, Raytheon, Sprint, Applied Sciences, Lockheed Martin, Alcatel-Lucent, Hewlett-Packard, Harris

– Current joint grants/contracts: Battelle, Cisco, Google, HP, Microsoft, Wave, Applied Sciences, Lockheed Martin, BBN-Raytheon, IBM

– Ben Franklin Center of Excellence (2007-2009)

Student placements: Microsoft Research, Google, Nokia, Univ. of Tennessee, Univ. of Arkansas, Univ. of Waterloo, AMD, Imperial College, Klout, Palo Alto Networks, Oracle, Akamia

3Penn State, 4-2-14

INSR Accomplishments

More than 100 refereed publications in 2013

Funding: Over $35M since 2005 (over $7.5M since 2013)

– National Science Foundation (7)

– Army Research Lab and UK Ministry of Defence (ITA Program)

– Army Research Lab Network Science CTA

– Army Research Lab Cyber Security CRA

– Army Research Office

– CERDEC (2)

– DARPA (2)

– Defense Threat Reduction Agency

– Industrial Funding: over $150K in 2013 (approximately $2M in 8 years)

Awards

– AT&T Graduate Fellowship, Diefenderfer Graduate Fellowship

– Outstanding Research Assistant Award (2)

– PSEAS Outstanding Research Award

– Best Research Artifact Award, 20th International Symposium on the Foundations of Software Engineering

4Penn State, 4-2-14

INSR News

Elevated to Institute

– Original Networking and Security Research Center (NSRC) now an Institute

– Reflects level of productivity and scope of work

Awarded Cyber Security Collaborative Research Alliance by Army Research Lab

– Patrick McDaniel, PI

– 10 years, $48M (more later)

Network Science Collaborative Technology Alliance funded by Army Research Lab renewed

– Additional five years

– Work on Quality of Information started by Penn State is one of four research thrusts (led by Tom La Porta, PI)

5Penn State, 4-2-14

Organizations: Members and Financial Support

College of Engineering

– Computer Science and Engineering, Electrical Engineering

– Networking, communications, all aspects of security, data mining and privacy

Applied Research Lab

– Wireless technologies, networking, security, information fusion

– Classified programs

Dickinson Law School, School of International Affairs

– Policy, legal implications, applications (voting, Internet privacy, etc.)

Penn State Great Valley

– Engineering Division, Software Engineering Research Group; ultra-large systems, design for security

6Penn State, 4-2-14

6

Cyber-Security CRA (cra.psu.edu)

The Collaborative Research Alliance (CRA) is a 10-year, $48 million project funded by the Army Research Laboratory and US Army (CERDEC)

A Collaborative Alliance

– Brings together diverse collection of researchers from academic, military, and industrial organizations to form a critical mass of effort in security, risk analysis, network management, and human factors

– Alliance efforts partitioned into group areas consisting of collaborating members from all partner institutions

– Theories, algorithms and tools will be tested in high performance computing structure hosted at Penn State University and the Army Research Laboratory

7Penn State, 4-2-14

Four cross-cutting research thrusts

• Evolution and Dynamics of Integrated Networks

• TRUST in distributed decision making

• Information Processing and Analysis

• Quality of Information for Semantically Adaptive Networks

‒ Vision: Understand how to control network behaviors so that the capacity of the network to deliver relevant information of sufficient quality can be maximized

‒ Treat the network as an Information Source delivering quality information to support decision making

‒ New formal definition of network carrying capacity

‒ Unified theory for QoI-aware information inference & fusion

Collaborative Alliance

• Funded by US Army Research Lab

• Collaborative research with ARL members

Network Science CTA

Commands &Info Requests

Desired Quality of

Information (QoI)

Info of Requisite

or Higher Quality

Fusion of Information

w/known Uncertainty

8Penn State, 4-2-14

Prof. Trent Jaeger (tjaeger@cse.psu.edu)

Operating Systems and Cloud Security, Trustworthy Computing, Software Analysis for Security

Prof. Patrick McDaniel (mcdaniel@cse.psu.edu)Network Security, Critical Infrastructure, Smart-Phone Security, Security Policy, Software Systems

Prof. Adam Smith (asmith@cse.psu.edu)Cryptography, Applied Cryptography, Information Science, Theoretical Computer Science

Ongoing ProjectsOngoing Projects:

Systems and Cloud SecuritySecure Storage Systems Language Based Security

Telecommunications SecuritySmart Grid Security

Voting SystemsCryptography & Data Privacy

FundingFunding:

National Science FoundationARO/AFRL/IARPA/AFOSR

Battelle, AT&T, Samsung Raytheon, Telcordia,

LockheedIBM, HP, Intel

National Institutes of Health

Recent Awards: Recent Awards: PECASE, PSES Outstanding ResearchPECASE, PSES Outstanding Research

Factoids: Factoids: Established September 2004 -- Location - 344 IST Building -- Contact siislab@cse.psu.edu

URL: http://siis.cse.psu.edu

Systems and Internet Infrastructure Systems and Internet Infrastructure Security Laboratory (SIIS Lab)Security Laboratory (SIIS Lab)

9Penn State, 4-2-14

Mobile Computing and Networking (MCN) Lab

Students: 10 PhDs, 1 MS, and 1 honor BS student• Alumni: 15 PhDs, including faculty members at Iowa State

University, University of Tennessee, University of Arkansas, and students in Google, Qualcomm, Cisco, Microsoft.

• 13 MS students went to various companies

Support: NSF (NeTS/NOSS, CT, WN, CNS), Army Research Lab, Army Research Office, DoD/muri, and companies

such as Cisco, IBM and Narus

Contact: Prof. Guohong Cao, gcao@cse.psu.edu

MCN lab conducts research in many areas of wireless networks and mobile computing, with an emphasis on designing and evaluating mobile systems,

protocols, and applications.

Projects

– Smartphones, in-network storage, wireless security, wireless sensor networks, vehicular networks, resource management in wireless networks.

URL: (http://mcn.cse.psu.edu/)

10Penn State, 4-2-14

10 Members:

1 PostDoc, 7 PhD students, 1 Visiting Prof

Collaborators from the following:

Penn State (NSRC), UMD, UC Berkeley, Rutgers, USC, UIUC, BBN-Raytheon

Wireless Communication and Networking Laboratory

Faculty: Prof. Aylin Yener, yener@ee.psu.edu

Fundamental research on wireless communication network designAreas: Energy Harvesting Wireless Networks, Quality-aware

networking, Information Theoretic Security, Interference Networks

Support• National Science Foundation (NSF)• Army Research Laboratory, Network Science CTA

URL: http://wcan.ee.psu.edu

11Penn State, 4-2-14

Scope

Networking and communications: enables ubiquitous connectivity

– Internet and telecommunications, ad hoc and sensor networks

– Information dissemination and quality of information

– Wireless networking, communication and information theory

– Supported by NSF CISE; DoD (ARL, DTRA), industry

Systems and network security: enables secure end-to-end information flow

– Secure platforms, programming languages, distributed systems, privacy, cryptography, monitoring, security management and architecture, design for security

– Internet, telecommunication and military networks

– Supported by NSF CISE; DoD (AFOSR, ARL), industry

Societal, business, and legal implications: enables impact on policy and deployment

– Privacy, regulation, censorship

– Financial and economic concerns, applications

– Applications and impact considered along with technical designs

12Penn State, 4-2-14

Research Areas: Network Management

Cao and La Porta (supported by ARL ITA and DTRA)

– Femtocell deployment• Algorithms to manage femto power increases coverage by 2x

– Diagnosing of large scale failures• Algorithm that accurately diagnoses massive failures quickly (order of magnitude)

– Robust monitoring• Effective network tomography in the face of failures improves link identifiability by 2x

– Inferring network topologies• Building accurate network topologies (within 5%) with partial information

Diagnosing failures

• Leverage cluster information (topography)• Use greedy algorithms for coarse grain estimate• Use positive symptoms to refine

13Penn State, 4-2-14

Research Areas: Wireless Networking

Zhu, Cao, and La Porta– Trust management in tactical networks (ARL CTA with IBM and BBN Raytheon)

• Partial mutual revocation evaluates accuser and accused

– Infrastructure facilitated tactical networks (CERDEC)• Special DTN-network that leverages intermittent connectivity with servers

– Cognitive radio networks (NSF)• Channel assignments to reduce network partitions• Spectrum-aware data caching and replication

– Predicting next places (ARL CTA with BBN Raytheon)• Leveraging periodicity in mobility and various semantic information to inform next place prediction

Network structure

• Groups of nodes that have local connectivity• Groups have intermittent connectivity with the backbone network• Groups come into contact with each other due to mobility

14Penn State, 4-2-14

Research Areas: Information Transfer

Cao, La Porta, and McDaniel

– Resource Allocation (ARL CTA/ITA)• Stochastic resource allocation to support decision making• Distributed back-pressure protocols: partial information

– Network coding in DTNs (NSF, CERDEC)• Leveraging intermittent connectivity and network coding

– Social networks with diverse connectivity (ARL CTA)• Identify and leverage transient connected components

– Security (NSF)• Security by diversity – multi-channel communication

– Quality of Information (ARL CTA)• Video-analytics trade-off QoI for bandwidth

Video-analytics

• Extract information at end devices and report meta-data, not video• Processing at end-point may not be able to extract all features in real-time• Trade-off between bandwidth and QoI

15Penn State, 4-2-14

Research Areas: Smartphones

Cao, McDaniel and Zhu – Energy optimization (NSF/ARL CTA)

• Use traffic aggregation and proxies that are compatible with cellular energy models

– Android (NSF, Google)• Static analysis for inter-component communication increases precision for finding vulnerable points• Analysis relating permissions to libraries finds security concerns

– Inferring inputs on touch screens (NSF)• Record motion on smartphone inputs to then infer passwords

Proxies

Using proxies allows traffic aggregation and more efficient use of high-energy network states

16Penn State, 4-2-14

Research Areas: Secure Systems

Jaeger, McDaniel

– Securing the cloud (NSF)• Build and enforce a cloud behavior model: low overhead, greatly reduced TCB

– Locating vulnerabilities in programs (NSF, HP Labs, AFOSR, CERDEC)• Protecting kernel code integrity with instruction-level instrumentation• Preventing resource access attacks: use process firewalls• Hook placement in code to enforce authorization policies

17Penn State, 4-2-14

Members

18Penn State, 4-2-14

Remainder of the day…

Cisco Innovative Challenge Award Presentation

Dinner – 5:30 at The Tavern

TomorrowIST Building, Room 333 - 9:00

–Faculty talks and wrap-up