Visible to the public SoS Quarterly Summary Report - NCSU - July 2014Conflict Detection Enabled

Lablet Summary Report
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.

A). Fundamental Research
High level report of result or partial result that helped move security science foward-- In most cases it should point to a "hard problem".

  • Vouk and Williams have observed that a combination of back-to-back testing and "classical" acceptance testing is able to detect zero-day attacks (in a case-study on the three most popular web-servers over last five years). These observations are important to understanding and modeling Resilient Architectures.
  • Mayhorn and Murphy-Hill developed the procedure and stimuli for an experiment that will enable assessing whether the mental models of novices, experts (e.g., IT personnel--red teams), and hackers differ from one another.
  • Proctor and Li have
    • Designed a Google Chrome browser extension to protect against phishing attacks. When a user tries to visit a suspicious website and enter information, this browser extension will warn the user about the potential risk.
    • Designed an initial study, "Browser Extension to Prevent Phishing Attack", to evaluate in everyday computer use whether this browser extension is effective and usable. This study represents an initial step in evaluating the roles of implicit and explicit cognitive processes in decisions about possible deception.
  • Vouk and Subramani found that 65 to 75% of the Fedora security problems are epistemic in nature. This suggests that vulnerability avoidance and elimination processes for this product may need to be improved. An agile approach to part of that (testing) is presented.
  • Al-Shaer, Sullivan, and Vouk have
    • Investigated types of errors humans make when developing open source software. This should help in understanding what resiliency requirements and processes ought to be emphasized.
    • Explored approaches to structuring generalized concepts, such as survivability requirements, in constructive logic. The challenge is to capture the notion of a survivability requirement in a general manner while provided for the rigorous specialization of the general concept to specific system instances.
    • Produced an initial demonstration of the use of Coq typeclasses (and framework code synthesized from such representations) to produce a first formal model of a general framework for reasoning about non-functional properties and tradeoffs among them in systems in general.
  • Reiter has developed techniques to express requirements for enforcing policies on network traffic in large networks and then solving those requirements to determine the nodes at which policies should be enforced on which kinds of traffic.
  • Enck and Gu have reated an initial taxonomy of existing isolation techniques for the investigation of smart isolation. The goal is to advance the science of security by understanding the principles of isolation and identifying limitations of existing isolation techniques.


B). Community Interaction
Work to explain or extend scientific rigor in the community culture. Workshops, Seminars, Competitions, etc.

  • Carver facilitated the kick-off workshop for the International Research Network for the Science of Security (IRN-SoS) during Hot-SoS'14. Sixteen people participated in this kick-off workshop.
  • The NCSU Lablet held a Summer Workshop for PIs and students on May 22 - 23, 2014. The workshop agenda can be found at http://research.csc.ncsu.edu/security/lablet/events/2014-summer-workshop.
  • Wilson has provided statistical consulting and guidance to members of several NCSU Lablet projects.
  • McGowen presented the NCSU lablet evaluation plan to the other SoS lablets at the Quarterly PI meeting July 1-2, 2014 at CMU. Several other NCSU Lablet researchers participated in the meeting activities.
  • Carver, McGowen, and Wright have begun developing guidelines for designing rigorous, defensible SoS research experiments and projects and additional guidelines for reporting the results of SoS research in a strong, scientific manner independent of the reporting venue.


C. Educational
Any changes to curriculum at your school or elsewhere that indicates an increased training or rigor in security research.