CS Professors Claim Major Awards

The Computer Science department has been busy this spring with several exciting new research grants.

 

Professors Salvatore Stolfo and Steve Bellovin were awarded a five-year $1.9 million grant by the Air Force Office of Scientific Research to investigate new methods to measure, quantify, and evaluate the security of the complex systems we depend upon today. They will develop metrics that can be used to objectively compare and evaluate alternative designs and the security of the systems. To do this, they plan to explore three different types of metrics focusing on understanding the impact of multiple layers of defense, using attack complexity to measure security, and using systematic experiments to construct meaningful metrics. The goal, they say, is to enable designers to evaluate system designs more quantitatively, and produce designs that can be more meaningfully evaluated.

 

In addition, Stolfo and his Ph.D. candidate Ang Cui recently won a two-year Department of Homeland Security contract for $720,000 to investigate and evaluate techniques to detect and defend against advanced malware threats to the Internet routing infrastructure. A recent study published by Stolfo’s Intrusion Detection Lab (IDS) demonstrates that there are a large number of unsecured embedded systems on the Internet, primarily routers, that are trivially vulnerable to exploitation with little to no effort. “As of December 2011,” says Stolfo, “there are 1.4 million vulnerable devices in easy reach of even the most unsophisticated attacker.”

 

Stolfo’s lab will fully develop and deploy an experimental system that injects intrusion detection functionality within the firmware of a router that senses the unauthorized modification of router firmware. “This technology may be developed and deployed as a sensor in an early attack warning system,” he adds, “but it may also be implemented to prevent firmware modifications.” The work is based upon thesis research by Cui and a team of project students.

 

Stolfo has also been appointed to the National Academies’ Panel on Digitization and Communications Science, where he joins Keren Bergman, Charles Batchelor Professor of Electrical Engineering and department chair. This committee is charged with assisting the Army in assessing and improving the quality of its communications and information systems research and development efforts. 

 

Professors Stephen A. Edwards and Martha Kim were awarded a $1.2 million NSF grant to improve parallel computing, which, they say, may be the central problem facing computer science in the 21st century.

 

“While the sequential model has served us well,” Edwards notes, “its inefficiency has been brought into sharp focus by the availability of billion-transistor chips, which are greatly underutilized yet power-hungry when running sequential algorithms.”

 

Their project is targeted at improving the programmability and efficiency of distributed memory systems, a key issue in the execution of parallel algorithms. They aim to develop compiler optimization algorithms to configure and orchestrate parallel memory systems that can utilize such parallel computational resources.

 

“Judicious and efficient data movement is the linchpin of parallel computing,” says Kim. “This project attacks that challenge head on, establishing the constructs and algorithms necessary for hardware and software to efficiently manipulate data together.”

 

“This research,” adds Edwards, “will lay the groundwork for the next generation of storage architectures, instruction sets, compilers, and programming paradigms—the bedrock of today's mainstream computing.”

 

Professor Gail E. Kaiser was awarded a three-year NSF grant for $894,582 to investigate techniques for detecting coding errors in software when the correct outputs are unknown. Conventional software testing assumes it is possible to check whether each output is correct for the set of test inputs. “Even though,” she says, “for some software, it’s not known what the correct output should be for some inputs, it’s still important to detect coding errors in that software, so they can be fixed.” This problem arises frequently for machine learning, simulation, and optimization applications, often in programs that were written in order to find the answer in the first place.

 

“As these kinds of applications are frequently used in public infrastructure and biomedical research,” says Kaiser, “it is critical to detect and fix errors before a calamity occurs.”