Adversarial Gaussian Process Regression In Sensor Network
BIO
Yi Li is a PhD student in Computer Science at the Vanderbilt University, EECS Department. Please email yi.li@vanderbilt.edu to contact Yi.
ABSTRACT
CPS systems routinely employ custom off-the-shelf (COTS) applications and binaries to realize their overall system goals. COTS applications for CPS are typically programmed using unsafe languages, like C/C++ or assembly. Such programs are often plagued with memory and other vulnerabilities that attackers can exploit to compromise the system.
There are many issues that need to be explored and resolved to provide security in this environment. For instance; (a) different systems may desire distinct and customizable levels of protection (for the same software), (b) different systems may have varying tolerances to the performance and/or timing penalties imposed by existing security solutions, and hence a solution applicable in one case may not be appropriate to a different system, (c) multiple solutions to the same vulnerability/attack may impose varying levels of security and performance penalties. Such tradeoffs and comparisons with other potential solutions are typically unknown or unavailable to users, and (d) solutions to newly discovered attacks and improvements to existing solutions continue to be devised. There is currently no efficient mechanism to retrofit existing application binaries with new security patches with minimal disruption to system operation.
The goal of this research is to design a mechanism to: (a) analyze and quantify the level of security provided and performance penalty imposed by different solutions to various security risks affecting native binaries, and (b) to study and build an architecture that can efficiently and adaptively patch vulnerabilities or retrofit COTS applications with chosen security mechanisms with minimal disruption.
Successful completion of this project will result in:
CPS systems routinely employ custom off-the-shelf (COTS) applications and binaries to realize their overall system goals. COTS applications for CPS are typically programmed using unsafe languages, like C/C++ or assembly. Such programs are often plagued with memory and other vulnerabilities that attackers can exploit to compromise the system.
There are many issues that need to be explored and resolved to provide security in this environment. For instance; (a) different systems may desire distinct and customizable levels of protection (for the same software), (b) different systems may have varying tolerances to the performance and/or timing penalties imposed by existing security solutions, and hence a solution applicable in one case may not be appropriate to a different system, (c) multiple solutions to the same vulnerability/attack may impose varying levels of security and performance penalties. Such tradeoffs and comparisons with other potential solutions are typically unknown or unavailable to users, and (d) solutions to newly discovered attacks and improvements to existing solutions continue to be devised. There is currently no efficient mechanism to retrofit existing application binaries with new security patches with minimal disruption to system operation.
The goal of this research is to design a mechanism to: (a) analyze and quantify the level of security provided and performance penalty imposed by different solutions to various security risks affecting native binaries, and (b) to study and build an architecture that can efficiently and adaptively patch vulnerabilities or retrofit COTS applications with chosen security mechanisms with minimal disruption.
BIO
Yi Li is a PhD student in Computer Science at the Vanderbilt University, EECS Department. Please email yi.li@vanderbilt.edu to contact Yi.
ABSTRACT
BIO
Shelby Allen is a research scientist focusing on software assurance at the Georgia Tech Research Institute.
ABSTRACT
The demands of software analysis outpace manual analyst capabilities, and automated solutions are not yet sophisticated enough to replace manual analysts. This research examines efficient collaborations between human and machine for vulnerability discovery.
BIO
Daniel Clouse
Education: Phd Universal Algebra, Binghamton University 2002
Work Experience: DoD R&D, Applied Research Mathematician 2002 - Present
ABSTRACT
ABSTRACT
The Machine Intelligence Directed Attack Simulator (MIDAS) is a platform for researchers to experiment with machine learning attacks and defense.