Mission: Enabling robust, high performance secure internetworked information systems

and Schreyer Honors College Seniors • 3 Labs in addition to individual research groups Diverse Expertise – Wireless networking and communications – Software systems – All aspects of secu

Networking and Security Research Center

http://nsrc.cse.psu.edu/

Professor Thomas F La Porta, Director Department of Computer Science and Engineering Mission: Enabling robust, high performance secure internetworked information systems

Networking and Security Research Center

Networking, security and systems experts

– 22 faculty

– Approximately 60 students

• Ph.D., M.S and Schreyer Honors College Seniors

• 3 Labs in addition to individual research groups

Diverse Expertise

– Wireless networking and communications

– Software systems

– All aspects of security: networking, protocols, systems, policies, cryptography

Industrial partners, joint projects

– Current: Cisco, IBM, Battelle, Alcatel-Lucent, Hewlett-Packard, Harris

– Accipiter Systems, Boeing, Vocollect, Intel, Motorola, Narus, Raytheon, Sprint, Telcordia,

Lockheed Martin

– Ben Franklin Center of Excellence (2007-2009)

Student placements: A-10 Networks, North Carolina State, Universidad de los Andes, Virginia Tech, Telcordia

NSRC Accomplishments

Research Results

– ~100 refereed publications in 2011

Funding: Over $27M since 2005 (over $5.5M in 2011)

– NSF: Trustworthy Computing (2), Networking, Communication and Information Foundations

– Army Research Lab and UK Ministry of Defence (ITA Program)

– Army Research Lab Network Science CTA

– Army Research Lab (cybersecurity (2))

– Center for Disease Control

– Air Force Office of Scientific Research

– Industrial Funding: over $150K in 2011 (approximately $1.8M in 6 years)

Selected Faculty Appointments in 2011

– EiC of ACM Transactions on Internet Technology

– Executive committee of top IEEE sensor network and protocols conferences

– General Chair of IEEE ICNP

– Associate Editors on 8 publications

Awards

–

Organizations: Members and Financial Support

College of Engineering

– Computer Science and Engineering, Electrical Engineering

– Networking, communications, all aspects of security, data mining and privacy

Applied Research Lab

– Wireless technologies, networking, security, information fusion

– Classified programs

Smeal College of Business

– Economic and financial analysis, monitoring, security management, and supply chain apps

Dickinson Law School, School of International Affairs

– Policy, legal implications, applications (voting, Internet privacy, etc.)

Penn State Great Valley

– Engineering Division, Software Engineering Research Group; ultra-large systems, design for security

Also receive financial support from College of Information Science and Technology

Prof Trent Jaeger (tjaeger@cse.psu.edu)

Operating Systems and Cloud Security, Trustworthy Computing, Software

Analysis for Security

Prof Patrick McDaniel (mcdaniel@cse.psu.edu)

Network Security, Critical Infrastructure, Smart-Phone Security, Security Policy,

Software Systems

Prof Adam Smith (asmith@cse.psu.edu)

Cryptography, Applied Cryptography, Information Science, Theoretical

Computer Science

Ongoing Projects:

Systems and Cloud SecuritySecure Storage Systems Language Based SecurityTelecommunications Security

Smart Grid SecurityVoting SystemsCryptography & Data Privacy

Funding:

National Science FoundationARO/AFRL/IARPA/AFOSRBattelle, AT&T, Samsung Raytheon, Telcordia,

LockheedIBM, HP, IntelNational Institutes of Health

Recent Awards: PECASE, PSES Outstanding Research

Systems and Internet Infrastructure 

Security Laboratory (SIIS Lab)

Mobile Computing and Networking (MCN) Lab

Students: 10 PhD, 1 MS, and 1 honor BS student

• Alumni: 11 PhD, including faculty members at Iowa State University, Florida International University, Frostburg State University, and students in Motorola, Cisco, Microsoft

• 12 MS students went to various companies

Support: NSF (NeTS/NOSS, CT, WN, CNS), Army Research Lab, Army Research Office, DoD/muri, and companies such as Cisco, IBM and Narus

MCN lab conducts research in many areas of wireless networks and mobile computing, with an emphasis on designing and evaluating mobile systems,

protocols, and applications.

Projects

– smartphones, in-network storage, wireless sensor networks, vehicular networks, wireless network security, resource management in wireless networks.

URL: (http://mcn.cse.psu.edu/)

10 Members:

1 PostDoc, 7 PhD students, 1 Visiting Prof

Collaborators from the following:

Penn State (NSRC), UMD, UC Berkeley, Rutgers, USC, UIUC, BBN-Raytheon

Wireless Communication and Networking Laboratory

Fundamental research on wireless communication network design

Areas: Energy Harvesting Wireless Networks, Quality-aware networking, Information Theoretic Security, Interference Networks

Support

• National Science Foundation (NSF)

• Army Research Laboratory, Network Science CTA

URL: http://wcan.ee.psu.edu

Networking and communications: enables ubiquitous connectivity

– Internet and telecommunications, ad hoc and sensor networks

– Information dissemination and quality of information

– Wireless networking, communication and information theory

– Supported by NSF CISE; DoD (ARL, DTRA), industry

Systems and network security: enables secure end-to-end information flow

– Secure platforms, programming languages, distributed systems, privacy, cryptography,

monitoring, security management and architecture, design for security

– Internet, telecommunication and military networks

– Supported by NSF CISE; DoD (AFOSR, ARL), industry

Societal, business, and legal implications: enables impact on policy and deployment

– Privacy, regulation, censorship

– Financial and economic concerns, applications

– Applications and impact considered along with technical designs

The Network Science Collaborative

Technology Alliance (CTA)

A Flagship Program for US-ARL and CERDEC

Perform foundational, cross-cutting research on network science

leading to:

– A fundamental understanding of the interplay and common underlying science among social/cognitive, information, and communications networks

– Determination of how processes and parameters in one network affect and

are affected by those in other networks

– Prediction and control of the individual and composite behavior of these

complex interacting networks

Resulting in:

– Optimized human performance in network-enabled warfare

– Greatly enhanced speed and precision for complex military operations

Interdisciplina ry Research Cen ter

Social/Cogniti ve Network ARC

Information Networks AR C

Communicatio ns Networks AR C

Interdisciplinary Research Center (IRC) – led by BBN

• Ensure research directions of the three ARCs is focused on

fundamental network science issues that are military

relevant and achievable; perform basic research

Information Networks Academic Research Center (INARC) -

UIUC

• To develop theories, experiments, measurements and

metrics, and ultimately predictive models that will anticipate

the behavior of information networks

Social and Cognitive Networks ARC (SCNARC) - RPI

• To develop theory, measures and understanding of social

and cognitive networks as applicable to both individual and

organizational decision making of networked information

systems

Two cross-cutting research thrusts

• Evolution and Dynamics of Integrated Networks (EDIN)

• TRUST in distributed decision making environments

Network Science CTA

CNARC Vision

Develop foundational techniques to model, analyze, predict and control the

behavior of secure tactical communication networks as an enabler for information and command-and-control networks

Network is an information source

– Understand and optimize operational information content capacity

Approach

– Understand information needs (context, purpose)

– Understand impact of network on information

Members

– Penn State (Prime) – La Porta (Director), Cao, Yener and Zhu

– USC, UC Davis, UC Santa Cruz, CUNY (General Members)

– Stanford, NC State, UC Riverside (Subs)

Quality of Information: Research Problem

Understand how to control network behaviors so that the capacity of the

network to deliver relevant information can be maximized

– A formal definition of QoI is needed that considers intrinsic, contextual, and

semantic attributes

– A unifying theory for QoI-aware inferencing & fusion is required to get most

efficiently delivered QoI

– Methods to semantically-extract context & purpose of information requested is

a key gap

– Translation of QoI into quality of data necessary to inform control algorithms

QoI Parameters from DoD

QoI instrinsic Correctness Closeness to

ground truth Field of view, resolution Truthfulness of reportFreshness Age Capture time

Precision Extent of detail Resolution Resolution

Frame rate Detail of descriptionSecurity Protection of

information and source

Provenance, authentication, integrity, repudiation, confidentiality

non-QoI contextual Accuracy Specificity

relative to need Resolution, field of view Resolution, frame rate,

field of view

Ability of reporter

Timeliness Availability Delivery latencyCompleteness Total relevance to

ground truth Field of view Field of view, frame rate Breadth of description

Long Term Vision

(via a simple example)

Prior knowledge:

(i) Bob and Alice are always together;

(ii) Jim and Bob are often together when operations are imminent;

(iii) We have very little information about Jim’s whereabouts

 Leverage social networks & inferences (information) to guide query

Inferences & possible solutions to question:

(i) Find Alice or Bob and we will find Bob

(ii) Once we find Bob, look there for Jim (we do not care where Jim is if he is not with Bob)

 Use semantics to reduce QoI needs (and reduce cognitive load)

Selection & transfer of information

(i) Determine suitable modes (text message from informant, video, image)

(ii) Determine required QoI (accuracy, timeliness and freshness are important, precision is not -

note the or in finding Bob or Alice) (iii) Map QoI to quality of data for different sources and set network controls

 Use information-data characteristics & communication characteristics

to properly retrieve data

To understand how to control network behaviors so that networks can adapt

to provide required information to answer questions like:

Is a small scale operation imminent?

Examples with an Image

Are there more than 100,000 people in

• Correct answer is 4  in this case, second

image does not provide equal precision

Zoom of 1.4MB file

17KB when cropped

Zoom of 160KB file 4KB when cropped

QoI Example: Optical Character Recognition

Application accuracy vs compression and data

OCR Results: Piece-wise Timeliness (QoI = A x T)

BER = 0.01

BER = 0.001

Error correction is required

– for high bit error rates, no error control achieves a low QoI

Error correction overhead matters

– as error correction overhead increases, more compression is needed

Conclusion

– In this example, Reed-Solomon (255,223) with Q=30 achieves highest QoI

Compression quality Compression quality

How to use QoI

Single flow

– given network state, determine maximum QoI and settings to achieve it

– given a minimum required QoI, determine if attainable, and settings to achieve it

Multiple flows

– given a set of QoI requirements determine surfaces and settings

– determine minimum resources required to meet requirements

– maximize total amount of information meeting QoI requirements being transferred across the network

We call this Operational Information Content Capacity

Require

d QoI

Generalizing the OICC

(with USC, Raytheon BBN)

OICC provides fundamentally different insights than Shannon metrics

Q(r,a,d)  maxr i T1Qi( ri, ai, di)

r r

T

  1

Subject to:

Sum-OICC defines the total maximum achievable performance of the network which is

a function of QoI (e.g., accuracy (a), delivery time (d), and reliable rate (r))

Rate region

OICC Region

Symptotic Scalability

(led by BBN Raytheon)

Framework captures a wide range of real world networks and estimates scalability

Demand(D) Blocked(B) Residual(R)

D1 B1 D2

B2 Traffic 1

Transit factor (TF)

Symptotic scalability for “expandable” networks is when R transitions to < 0

– Expressions for symptotic scalability derived for a new scenario by simply finding the new CF and TF (the “signature” of the scenario)

– Change Impact Value (CIV): a new metric to uniformly compute the relative

parameter impacts

– QRF: QoI to Rate function can measure impact of desired QoI on scalability

Example Quality-to-Rate Functions

(with BBN Raytheon, USC)

Determine QRFs for individual applications

 high variability between applications

Combine into multi-application QRFs:

Consider multi-application QRF function

OICC: QoI and Symptotics

Impact of faster radios

– Small increase in # of nodes

Impact of flexible QoI

– Very large increase in # of nodes (orders of magnitude)

10 Mbps radios

5 Mbps radios

Remainder of Slides

Overview Research within NSRC

Biographies of Faculty Members

Research Areas: Network Management

Cao and La Porta (supported by US ARL ITA and DTRA)

• Use of inferencing and virtual links to improve estimation of network metrics

• Applying network tomography and service layer dependencies to diagnose faults and degradation

• Two-phase re-routing using fast, targeted information discovery

Recovery from large scale faults

• Gather information from around failure

• Re-compute shortest paths

Research Areas: Mobile Wireless Networking

Cao, La Porta and Yener

• Defining QoI functions to allow tradeoffs between information metrics

• Implementation on smart phones to allow for distributed information gathering

• QoI-Aware scheduling to maximize QoI

• Distributed backpressure routing protocols to tradeoff transmission rates and delays

different QoI

Research Areas: Information Dissemination and

Social Networks

Cao, La Porta, Lee and Zhu

• Opportunistic dissemination in mobile networks based on social contact patterns

• Leverage social connections to find users infected by worms

• Rank popular items using conformer-maverick model

• Placement of data in a storage cloud to minimize costs within performance constraints

• Overcome difficulty of placing locations in categories

Social links

Predictable mobility

Research Areas: Interference Management

La Porta and Yener

• Optimal placement and power settings of femtocells to maximize capacity

• Perform interference alignment at femtocells under QoS constraints of macrocells

• Examine complex relay networks to eliminate need for full channel state information

Signals without interference management

With interference management

Research Areas: Smartphone Security

Jaeger, La Porta, McDaniel and Zhu (supported by NSF)

• Convert Android bytecode to Java bytecode for analysis – studied over 1,100 apps

• Use SMS conversation statistics to detect abnormal flows for blocking

• Record motion on smartphone inputs to then infer passwords

Research Areas: Secure Programming

Jaeger, McDaniel and Zhu

• Determine run-time values that cannot be changed by changing code

• Information flow: build flow graphs based on how components interact

• Name resolution: runtime analysis with models of active adversaries to verify proper

Determine security sensitive objects and variables

Locate security sensitive operations

Determine security sensitive objects and variables Locate security sensitive operations

Jaeger, McDaniel and Zhu (NSF)

• Explore dynamic attacks on programmable logic controllers

• Cloud computing: overcome hidden details to provide cloud system integrity

• Use watermarking to verify worker correctness in MapReduce environments

• Study of use of decentralized P2P currency (Bitcoin) has shown several anomalies

Research Areas: Secure Systems

Integrity Verification Proxy in Cloud Node

Members

Remainder of the day…

Dinner – 5:30 at The Tavern

Tomorrow

IST Building, Room 222 - 8:30

–Faculty talks and wrap-up