Visible to the public SoS Quarterly Summary Report - NCSU - January 2015

Lablet Summary Report
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.

A). Fundamental Research
High level report of result or partial result that helped move security science foward-- In most cases it should point to a "hard problem".

  • [Reiter] Designed a formal optimization framework that captures tradeoffs across scalability, network load, and latency as a way for addressing challenges in offloading network intrusion prevention systems (NIPS) processing to compute clusters. Developed an implementation that avoids modifications to NIPS hardware. Our evaluations on realistic topologies show that our implementation can reduce the maximum load by up to 10x while increasing the latency only by 2%.
  • [Roberts, St. Amant] Developed a cognitive model of transcription typing in the ACT-R cognitive framework. Developed a methodology for collecting data from users typing under a variety of cognitive conditions and varying familiarity (muscle-memory learning) and collected data from approximately 50 participants.
  • [Mayhorn, Murphy-Hill] Developed a template for data analyses to assess how novices conceptualize security-related terms as a basis for understanding security decision making by novices (and potential errors of judgment). Collected data from eight security experts recruited at the SoSL Community Meeting held on October 24. 2014 (additional experts being recruited).
  • [Berglund, Doyle, Singh] Formulated hypotheses relating the liveness, robustness, and resilience of a normative system (as dependent variables) with the nature of interactions, monitorability of norm violations, the nature of the sanctioning mechanisms employed (as independent variables). Developed a second version of a simulation approach to help address these hypotheses in an academic computing scenario.
  • [Meneely, Williams] Showed that our Defense in Depth metrics provide fine-grained information about the risk of a system based on what attackers can reach. Specifically, change in method calls measure how subsystems integrate, and affect the attack surface. Applied the metrics to individual releases of a case study for an evolutionary analysis, producing an actionable approach.
  • [Sullivan, Vouk, Al-Shaer] Developed a classification of quantitative resilience metrics and approaches by studying resiliency in various domains including intrusion tolerance, reliability, fault diagnosis, and reactive control systems along with metrics for various system aspects that contribute to systems resilience.

B). Community Interaction
Work to explain or extend scientific rigor in the community culture. Workshops, Seminars, Competitions, etc.

  • A Community Meeting with local industry was held on October 24, 2014. Students presented their work to local industry vial short presentations and posters. As we have done before, we adopted the Pecha Kucha format in which each presentation consists of 20 slides that advance automatically after 20 seconds. This leads to a more dynamic style of presentation where the key motivations and contributions are sharpened in focus.


C. Educational
Any changes to curriculum at your school or elsewhere that indicates an increased training or rigor in security research.

  • A student seminar series was held over the Fall 2014 Semester. In this series, students supported by the lablet presented their research plans as well as draft papers (prior to submission for peer review). Faculty and students comments on these presentations with a special emphasis on the scientific components of the research described.