SoS Quarterly Summary Report July to September 2015 - October 2015

Lablet Summary Report
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.

A). Fundamental Research
High level report of result or partial result that helped move security science foward-- In most cases it should point to a "hard problem".

[Sanders, Bashir, Nicol and Van Moorsel] We are currently in the process of writing a paper that summarizes our findings for the past year. In the summer of 2015, we were joined by an undergraduate intern that performed a literature review on the subject of human behavior in cyber-security from a psychological perspective. Such an approach will help enrich our work with basic social and cultural theories that we used to enrich the presentation and the discussion of our case study results.

[Xie, Blythe, Koppel, Smith] Sean Smith and students are working with neurologists to study brain patterns when trying to remember passwords under several scenarios, e.g., change entirely, add a special character, and use your regular method of password selection. We are also working with special ceramic tools and mirrors that allow people to type onto a keyboard while seeing what they are typing. The fMRI allows us to examine stress levels and amount of energy required for each task.

[Godfrey, Caesar, Nicol, Sanders Jin] We continued work on developing a database model of network behavior, and prepared a draft publication on our work on modeling virtualized networks, which is now in submission to USENIX NSDI 2016.

[Iyer, Kalbarczyk] We performed a simulation-based experiment to evaluate the effectiveness of applying reinforcement learning for security games using the attack model derived from NCSA security incident data.

[Mitra, Dullerud, Chaudhuri] We have applied the previously developed verification and synthesis algorithms for synthesizing exploits using dynamics in electricity networks. Developed sound and complete algorithm for synthesizing controller and inductive proofs of those controllers. Implementing software tool. Developing quadcopter model and hardware platform for experimentation with synthesized controller.

B). Community Interaction
Work to explain or extend scientific rigor in the community/culture. Workshops, Seminars, Competitions, etc.

Presentations

• Brighten Godfrey, "A Hypothesis of Testing and Framework for Network Security", Information Trust Institute Joint Trust and Security/Science of Security Seminar, September 15, 2015. A recording of the talk can be found: https://www.iti.illinois.edu/seminarsevents/iti-trust-and-security-seminar-tss
• Bill Sanders, "Accounting for User Behavior in Predictive Cyber Security Models", NSA SoS Quarterly Meeting, July 14-15, 2015.
• Ross Koppel, "Progress, Problems, Publications, Plans and Promises of the Group Studying Passwords and Cyber Security Circumvention", NSA SoS Quarterly Meeting, July 14-15, 2015.
• Zachary J. Estrada, presented paper, "Dynamic VM Dependability Monitoring Using Hypervisor Probes," at 11th European Dependable Computing Conference- Dependability in Practice, EDCC 2015, Paris, France, September 7-11, 2015.
• Vijay Kothari, presented poster, "Mismorphism and Circumvention", New England Security Day, University of Massachusetts, Amherst, September 17, 2015.
• Patrick McDaniel, "Seven Years of Mobile Smartphone Security", Science of Security Speaker Series, September 24, 2015.

Other Community Interaction

[UIUC SoS Lablet] We have changed the format of our Bi-Weekly Research Meeting. We are now sharing a time slot with the Information Trust Institute's Trust and Security Seminar Series time slot. Combining these two seminars will increase the audience for both which will allow the SoS faculty and students more opportunity to share their research with others at Illinois.

[UIUC SoS Lablet] Five speakers have been scheduled for the 2015-2016 SoS Speaker Series. Patrick McDaniel was the first speaker of the series held on September 24 his talk was well received by the audience of around 45 people. The series is heavily advertised throughout the University and we plan to continue the strong attendance for the next 4 speakers.

[Mitra, Dullerud, Chaudhuri] We have proposed to organize a Workshop entitled "Science of Security for Cyber-Physical Systems" (SOSCYPS) to be held as part of the CPS Week 2016 to be held in April 2016. CPSWeek is the main annual event for the cyberphysical systems community. It consists of 4 major international conferences: ACM International Conference on Hybrid Systems: Computation and Control (HSCC), ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS), ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN), IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS), and several other workshops and tutorials.

C. Educational
Any changes to curriculum at your school or elsewhere that indicates an increased training or rigor in security research.

[Xie, Blythe, Koppel, Smith] Ross Koppel is developing a course on the ethnography of organizational workflow and cyber workarounds. That course will involve approximately 20 students interviewing workers about password circumvention and ways of accessing information that is not part of official policy. These findings will help to continue our work of discovering ways well-indented workers create vulnerabilities in cyber security.

[Xie, Blythe, Koppel, Smith] PI Xie is designing teaching materials on Code Hunt (https://www.codehunt.com/) released by Microsoft Research for teaching and training students on software security. The teaching materials incorporate educational gamification to teach students on improving their software security skills. Some initial designs are described in the HotSoS 2015 poster paper.

[Godfrey, Caesar, Nicol, Sanders Jin] Kevin Jin is teaching an undergraduate-level computer security course, CS458 Information Security, Fall 2015, at the Illinois Institute of Technology. He has revisited the curriculum of the course to include some of the research results of this project, e.g., network security.

[UIUC SoS Lablet] Three undergraduate and one graduate intern have completed the UIUC SoS Lablet Summer Internship Program. The worked on their own research projects guided by SoS faculty. The internship program concluded with a poster session which was attended by 50 Illinois researchers. We hope to submit some of the posters to HotSoS 2016.