Lablet Presentations—Quarterly Lablet Meeting at CMU, July 2015

 

 
SoS Logo

Lablet Presentations

Quarterly Lablet Meeting at CMU

July 2015

The Science of Security (SoS) quarterly Lablet meeting, sponsored by NSA, was hosted by the Carnegie Mellon University Lablet on July 14 and 15, 2015.  Quarterly meetings are held to share research, coordinate, present interim findings, and stimulate thought and discussion about the Science of Security.  Two panel sessions produced lively discussions about the nature of the Science of Security and the developing Science of Privacy.  Each Lablet presented an update about its ongoing research that included a description of active projects, the number of researchers involved, papers published, the hard problems addressed, and future work.

University of Illinois Urbana Champaign (UIUC)

Dave Nicol and Bill Sanders, UIUC co-PIs, presented their overview.  UIUC is actively engaged in five projects addressing metrics (primary), human behavior, and policy and resiliency.  These projects are looking at data driven models of attacker behavior, human circumvention of security, and data driven model-based decision making.

The UIUC lablet has generated 21 publications.  Two received best paper awards and one as best poster award at the conferences where they were presented.  20 students are supported.

Nicol described the “model centric” focus at Illinois to both develop data driven predictive models and to test and verify them.  Their attacker test bed is a key tool for this work, both for software and cyber physical systems.

Illinois hosted the 2015 Hot SoS Conference in April and has reached out to new students through a graduate Science of Security seminar and providing summer internships to graduate students.  The four summer interns were a diverse group from two other universities.  Their work will be presented in the poster session at Hot SoS 2016.

(ID#: 15-6132)

University of Maryland, College Park (UMD)

The Lablet PI, Jonathan Katz, presented UMD’s overview.   UMD currently has 20 faculty, including 15 at Maryland from the departments of Computer Science, Electrical and Computer Engineering, Information Science, Criminology, and reliability engineering.  In addition, they have five5 collaborators at other universities.   

The ten projects currently underway support more than 15 PhD students and have generated more than a dozen publications.  These efforts include workshops on data driven approaches to security and privacy.  Their strengths, according to Katz, are human behavior and policy-governed collaboration and  security metrics.

Katz highlighted three projects.  The first looked at management of Public Key Interfaces.  The big issue for PKIs is revocation-what happens to them when no longer useful or needed?  ‘The second looks at understanding how users process security advice and how they process it.  How, for example, do they decide whose advice to take?  How do they process it?  UMD addresses these questions through semi-structured interviews, the using the preliminary results to refine their questions.  These refined tools then are used to determine the credibility of sources.  The third project looks at the development of empirical models for vulnerability exploits.  Using real world attack data, they look at vulnerability count and attack surface and the exercised attack surface and have determined that fewer than 40% of known vulnerabilities are exploited.  One interesting conclusion offered is that there are fewer exploited vulnerabilities as we go forward with new generations and versions of software.

(ID#: 15-6133)

Carnegie Mellon University (CMU)

Prof. Travis Breaux presented the CMU overview.  CMU is focused on the hard problem of composability and human behavior.   The Lablet supports ten students and four post-doctoral research positions.

Fifteen faculty and senior researchers participate along with seven collaborating universities.  Within CMU, seven departments and three colleges are involved.  Eleven projects are underway and seven major papers have been published to date.

Breaux described the CMU research focus on the hard problems of human factors and composability, which he defined as modular systems that don’t have to be reviewed; their security properties are known and will be retained when used to assemble or build more complex structures.  There are addressing the problem through modeling.  The challenge is to address both complexity and modularity.   Humans are a big challenge.  The Lablet hosts the Security Observatory Laboratory (SOL).  The SOL is collecting behavioral data from users to identify missing knowledge about how people react or interact with security. 

(ID#: 15-6134))

North Carolina State University (NCSU)

Prof. Laurie Williams, NCSU’s PI, offered the NCSU overview.  NCSU is working on research projects addressing issues in resilience, policy, metrics, and human factors. Vulnerability and resilience prediction projects include  data flow-based detectors, scalable enforcement of network security policies that are resilient, resiliency requirement writing, design and testing,  assessment of security problems in open source software, and smart isolation in large-scale production computing infrastructures.

Some of the areas Williams highlighted included policy, human factors, and metrics.  On policy, she cited work on formal specifications and analysis of critical norms and policies and scientific understanding of policy complexity-human study on firewall complexity.  Work on human factors includes  warning of phishing attacks and identifying them, information processing analysis of online deception detection (work being done by collaborating university Purdue), and leveraging cognitive function effects on input device analytics, e.g., eye tracking and keystrokes.  Metrics are one of the keys to a scientific understanding of security.  The Lablet’s work looks specifically at including attack surface and defense in depth and systematization of knowledge from intrusion detection models.

NCSU’s research has generated twenty publications with another nine undergoing peer and editorial review.  Their collaboration has engaged 55 authors and 13 institutions.

The Lablet hosted an NSA strategy meeting on the Science of Privacy.  This workshop shared hard problem strategy and research methods on this emerging topic.

(ID#: 15-6135)

 


Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.