SoS Lablet Annual Report - April 2015 - April 2016

Lablet Annual Report
Purpose: To highlight progress made within the first base year (April 2015 to Present). Information is generally at a higher level which is accessible to the interested public. This will be published in an overall SoS Annual Report to be shared with stakeholders to highlight the accomplishments the Lablets have made over the past year.

A). Lablet Introduction
Please include each of the following:

• General introduction about the Lablet - 1 paragraph
• Team description (universities that are Lablets, Sub-Lablets, and any collaborators) - 1 paragraph
• Overall viewpoint of the progress made over the past year - 1-2 paragraphs

  The UIUC Lablet is contributing broadly to the development of security science while leveraging Illinois expertise in resiliency, which in this context means a system's demonstrable ability to maintain security properties even during ongoing cyber attacks. The Lablet's work draws on several fundamental areas of computing research. Some ideas from fault-tolerant computing can be adapted to the context of security. Strategies from control theory are being extended to account for the high variation and uncertainty that may be present in systems when they are under attack. Game theory and decision theory principles are being used to explore the interplay between attack and defense. Formal methods are being applied to develop formal notions of resiliency. End-to-end system analysis is being employed to investigate resiliency of large systems against cyber attack. The Lablet's work also draws upon ideas from other areas of mathematics and engineering as well.

  The team is comprised of mostly faculty and researchers from the University of Illinois at Urbana-Champaign. Project by project details of the personnel are listed below:

  A Hypothesis of Testing and Framework for Network Security: Illinois: Brighten Godfrey, Matt Caesar, David Nicol, Bill Sanders, Illinois Institute of Technology: Dong (Kevin) Jin

  Data-Driven-Model-Based Decision-Making: Illinois: Bill Sanders, Masooda Bashir, David Nicol, Newcastle University, UK: Aad Van Moorsel

  Data Driven Security Models and Analysis: Illinois: Ravi Iyer, Zbigniew Kalbarczyk and Adam Slagell

  Science of Human Circumvention of Security: Illinois: Tao Xie, University of Southern CaliforniaJim Blythe, University of Pennsylvania: Ross Koppel, Dartmouth College: Sean Smith

  Static-Dynamic Analysis of Security Metrics for Cyber-Physical Systems: Illinois: Sayan Mitra and Geir Dullerud, Rice University: Swarat Chaudhuri

  The Science of Security has many attributes, that range from use and development of scientific techniques in experimental security work, to modeling/mathematical foundations of systems where security and security properties are the object of the reasoning. UIUC contributes principally to the latter category with research that also supports the former category. We study how security properties are shaped by policy at different layers of the network stack, and use that to help define hypotheses that might be empirically tested. We are defining models of cyber-physical systems that allow us to analyze how closely the system is allowed to skirt disaster, a measure of the system's resilience to disturbance. We are developing mathematical models of systems under attack, the attackers, and the defenders, to better understand how well the system is able to maintain required service levels through the attack, and to aid defensive decision-makers. We are applying sophisticated stochastic modeling techniques to describe vast volumes of data within which there are attacks; the models describe correlations between observations that might suggest attacks, and unobservable state that describes the attack. Finally, we are developing models of human behavior that seek to explain the how and why of humans circumventing security mechanisms. In short, the UIUC Science of Security research is exploring foundational mathematical modeling formalisms that quantitatively describe security attributes, and seek to predict those attributes as a function of context and environment.

B). Fundamental Research
High level report of results for each project that helped move security science forward -- in most cases it should point to a "hard problem". - 1 paragraph per project

A Hypothesis of Testing and Framework for Network Security: Illinois: Brighten Godfrey, Matt Caesar, David Nicol, Bill Sanders, Illinois Institute of Technology: Dong (Kevin) Jin

This project is developing the analysis methodology needed to support scientific reasoning about the security of networks, with a particular focus on information and data flow security. The core of this vision is Network Hypothesis Testing Methodology (NetHTM), a set of techniques for performing and integrating security analyses applied at different network layers, in different ways, to pose and rigorously answer quantitative hypotheses about the end-to-end security of a network.

While our work touches on several hard problems, over the last year, our key accomplishments focused on the hard problems of (1) predictive security metrics and (2) scalability. To realize NetHTM, we need the effective evaluation methodologies designed scale to large and complex systems. A key challenge is that the real-world network configuration constrains the level of model abstraction. We made advances in scalable evaluation methodology and platform via the marriage of emulation (within which real network and application protocol stacks are directly executed) and simulation. We used the hybrid platform to realize the network models and the verification algorithms we developed in Year 1, and also studied the impact of various cyber-attacks on network behavior. In addition, we also made progress on developing new metrics and models, such as congestion-freedom property, for modeling and enforcing correct behavior in dynamic networks. We used our model and verification algorithms to develop dynamic control algorithms to preserve those specified properties across time. Several manuscripts describing our work in those two topics have been submitted, including five papers that were published in the leading journal and conference in modeling and simulation in Year 2. We received a best paper award, a best poster award, and a best paper candidate recognition in the 2015 ACM SIGSIM Conference on Principles of Advanced Discrete Simulation (PADS). In addition, an undergraduate student, Mr. Adnan Haider (the second author of the PADS'15 best paper) was named finalist for prestigious CRA Outstanding Undergraduate Researcher Award.

Data-Driven-Model-Based Decision-Making: Illinois: Bill Sanders, Masooda Bashir, David Nicol, Newcastle University, UK: Aad Van Moorsel

Predictive security metrics on complex systems require an analysis of every facet of a system. Typically, this involves studying, among other things, the security policies, attack paths, and autonomous system behavior through rigorous mathematical models that simulate the complete system. An often overlooked, but critical, component in a model such as this is the human element. We have developed and refined the HITOP modeling formalism to create models of human behaviors and decision-making. By considering each user's opportunity, willingness, and capability to perform individual tasks throughout their daily routine, we can examine the pivotal role that good human users play in secure systems. A sound model requires valid model parameters to gather useful results. We have also developed an observed data collection strategy that ensures that useful metrics can be obtained.

Data Driven Security Models and Analysis: Illinois: Ravi Iyer, Zbigniew Kalbarczyk and Adam Slagell

We have continued work on development of scientifically sound data-driven methods and tools for an early attack detection. This year:

(i) We built (and integrated with our security testbed) a framework for generation, replay (in an isolated environment), and analysis of real-world attack variants (i.e., attacks that achieve the same objective as a known attack while bypassing the existing detection mechanisms). We assessed the framework on three real-world attacks for which we generated a total of 648 unique attack variants. Using the generated attack variants we evaluated the detection efficiency of: (i) signature-based detection, using a file hash of known malicious files; (ii) anomaly-based detection, using high-frequency events observed in past attacks as an indicator of future attacks; and (iii) detection based using AttackTagger, a factor graph based approach for preemptive detection of attacks we developed. The results show that AttackTagger detects more than half of the attack variants (up to 75%), whereas the signature-based approach detects 25%, and the frequency-based approach detects up to 33%.

(ii) We employ multi-stage security game with learning to model multi-stage attacks. An attack model is derived from the study on security incident data (to demonstrate the value of reinforcement learning) and accommodates the limited observation of the defender on the attack in progress. A simulation-based experiment demonstrated that despite the relaxed assumptions and restrictions on formulating the game, Naive Q-Learning shows performance comparable to Markov Game when played against players with relatively weak rationality (non-Markov).

Science of Human Circumvention of Security: Illinois: Tao Xie, University of Southern California: Jim Blythe, University of Pennsylvania: Ross Koppel, Dartmouth College: Sean Smith

We continue to study people's approaches to cyber security, and their use of authentication methods for accessing websites, their organization's databases, and the Internet (primarily hard problem 5, "Understanding and Accounting for Human Behavior," but also pertaining to problems 1, 2, and 3). We focus especially on passwords as a prime method in the context of this trust (or suspicion or distrust). Use of passwords, adherence to password guidelines, and circumvention of password rules (e.g., sharing, writing them down on available files) are also excellent reflections of people's understanding, misunderstandings, and beliefs about personal and organizational efforts to protect individual and enterprise-level information. In addition, we are building and testing DASH agent models and beginning to test a mechanical Turk experiment/simulation to further examine users' use of passwords, workarounds, cyber trust, and strategies---measurements from the Turk experiment provide base calibration for the DASH model. We have developed a new version of DASH in python that improves ease of development. We are also working with researchers at the University of Pennsylvania who have developed methods to learn agent behavior from observational data. To date, our results include constructing a semiotic frameowork for circumvention, validating our basic DASH model by reproducing behavior found in ground-truth human surveys, and duplication in our simulation of a version of "uncanny descent", in which making constraints on passwords more complex can decrease overall security. Last, we continue to administer two surveys: one on users' understanding of cybersecurity processes and their modes of circumvention; and one on security administrators' understanding of cybersecurity processes and their rationales for security policies and decisions. Also, to study people's trust in cyber security, especially mobile app security, we focus on collecting and analyzing UI text information faced by mobile app users to enable them to make informed decisions on mobile app security.

Static-Dynamic Analysis of Security Metrics for Cyber-Physical Systems: Illinois: Sayan Mitra and Geir Dullerud, Rice University: Swarat Chaudhuri

Addressing the hard problem of developing predictive security metrics, in this collaborative project, we have formulated the general problem of controller synthesis in the presence of resource constrained adversaries; namely, given an adversary of a certain class, parametrized according to the quantifiable resources available to them, we are creating a methodology to assess the worst-case potential impact and performance degradation of a control system from a threat of this class. We have developed a sound and complete algorithm for solving this problem, for the special case of control systems with linear and monotonic dynamics and adversary resources characterized by their signal energy. The approach used to develop the algorithms brings together ideas from robust control and recent developments in syntax-guided program synthesis. Using our algorithms we are able to synthesize controllers that are provably resilient to certain threat classes; in addition, we are also able to characterize the states of the systems in terms of their vulnerability levels. We have also continued our work on characterizing the trade-off between privacy and performance in cyber-physical systems, particularly in cases where strategic preferences which govern dynamics are to be protected.

As a part of the community development activities, we organized the First Workshop on Science of Security of Cyber-Physical Systems as a part of the CPSWeek event held in Vienna this year. The workshop generated vibrant discussion; it was attended by around 20 researchers from across the world; leading experts from MIT, CMU, UCLA, Oxford, and KTH presented technical lectures about challenges in securing CPS and participated in panel discussions. It can be expected that several new collaborative initiatives will result from this workshop.

C). Publications
Please list all publications published in the base year starting in April 2015 to present.

• Vijay Kothari, Jim Blythe, Sean Smith and Ross Koppel, "Measuring the Security Impacts of Password Policies Using Cognitive Behavioral Agent Based Modeling", Symposium and Bootcamp on the Science of Security (HotSoS 2015), April 21-22, 2015.
• John C. Mace, Charles Morisset, and Aad van Moorsel, "Modelling User Availability in Workflow Resiliency Analysis", Symposium and Bootcamp on the Science of Security (HotSoS 2015), April 2015.
• Phuong Cao, Eric Badger, Zbigniew Kalbarczyk, Ravishankar Iyer, Alexander Withers and Adam Slagell, "Towards an Unified Security Testbed and Security Analytics Framework", Symposium and Bootcamp for the Science of Security (HotSoS 2015), April 21-22, 2015.
• Sean Smith, Ross Koppel, Jim Blythe and Vijay Kothari, "Mismorphism: A Semiotic Model of Computer Security Circumvention", Symposium and Bootcamp on the Science of Security (HotSoS 2015), April 21-22, 2015.
• T. Xie, J. Bishop, N. TIllmann and J. de Halleux, "Gamifying Software Security Education and Training via Secure Coding Duels in Code Hunt", Symposium and Bootcamp on the Science of Security (HotSoS 2015), April 21-22, 2015.
• Phuong Cao, Eric Badger, Zbigniew Kalbarczyk, Ravishankar Iyer and Adam Slagell, "Preemptive Intrusion Detection: Theoretical Framework and Real-World Measurements", Symposium and Bootcamp for the Science of Security (HotSoS 2015), April 21-22, 2015.
• Wenxuan Zhou, Matthew Caesar, Brighten Godfrey, and Dong Jin, "Enforcing Generalized Consistency Properties in Software-Defined Networks", 12th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2015), May 4-6, 2015.
• Wei Yang, Xusheng Xiao, Benjamin Andow, Sihan Li, Tao Xie, and William Enck, "AppContext: Differentiating Malicious and Benign Mobile App Behavior Under Context", International Conference on Software Engineering (ICSE 2015), Florence, Italy, May 16-24, 2015.
• Zhenqi Huang, Chuchu Fan, Alexandru Mereacre, Sayan Mitra, and Marta Kwiatkowska, "Simulation-based Verification of Caidiac Pacemakers with Guaranteed Coverage", Special Issue of IEEE Design and Test, June 2015.
• Jiaqi Yan and Dong Jin, "A Virtual Time System for Linux-container-based Emulation of Software-defined Networks", ACM SIGSIM Conference on Principles of Advanced Discrete Simulation, London, UK, June 10-12, 2015. Finalist for Best Paper Award
• Ning Liu, Adnan Haider, Xian-He Sun and Dong Jin, "FatTreeSim: Modeling a Large-scale Fat-Tree Network for HPC Systems and Data Centers Using Parallel and Discrete Even Simulation", ACM SIGSIM Conference on Principles of Advanced Discrete Simulation, London, UK, June 10-12, 2015. Best Paper Award
• Ning Liu, Xian-He Sun, and Dong Jin, "On Massively Parallel Simulation of Large-Scale Fat-Tree Networks for HPC Systems and Data Centers", ACM SIGSIM Conference on Principles of Advanced Discrete Simulation, London, UK, June 10-12, 2015. Best Poster Award
• Jiaqi Yan and Dong Jin, "VT-Mininet: Virtual-time-enabled Mininet for Scalable and Accurate Software-Define Network Emulation", ACM SIGCOMM Symposium on Software Defined Networking Research (SOSR 2015), Santa Clara, CA, June 17-18, 2015.
• Sean Smith, Ross Koppel, Jim Blythe, and Vijay Kothari, "Mismorphism: A Semiotic Model of Computer Security and Security and Circumvention", 9th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2015), Levos, Greece, July 1-3, 2015.
• Xusheng Xiao, Nikolai Tillmann, Manuel Fahndrich, Johnathan de Halleux, Michal Moskal, and Tao Xie, "User-Aware Privacy Control via Extended Static-Information-Flow Analysis", Automated Software Engineering Journal, volume 22, issue 3, September 2015.
• John C. Mace, Charles Morisset, and Aad van Moorsel, "Impact of Policy Design on Workflow Resiliency Computation Time", Quantitative Evaluation of Systems (QEST 2015), Madrid, Spain, September 1-3, 2015.
• John C. Mace, Charles Moisset, and Aad van Moorsel, "Resiliency Variance in Workflows with Choice", International Workshop on Software Engineering for Resilient Systems (SERENCE 2015), Paris, France, September 7-8, 2015.
• Z.J. Estrada, C. Pham, Z. Kalbarczyk, R.K. Iyer, and L. Yan, "Dynamic VM Dependability Monitoring Using Hypervisor Probes", 11th European Dependable Computing Conference-Dependability in Practice (EDCC 2015), Paris, France, September 7-11, 2015.
• Huoran Li, Xuanzhe Liu, Tao Xie, Kaigui Bian, Xuan Lu, Felix Xiaozhu Lin, Qiaozhu Mei, and Feng Feng, "Characterizing Smartphone Usage Patterns from Millions of Android Users", 2015 Internet Measurement Conference (IMC 2015), Tokyo, Japan, October 28-30, 2015.
• Maurice Heemels, Geir Dullerud, and Andrew Teel, "L2-gain Analysis for a Class of Hybrid Systems with Applications to Reset and Event-triggered Control: A Lifting Approach", IEEE Transactions on Automatic Control, issue 99, November 20, 2015.
• Harold Thimbleby and Ross Koppel, "The Healthtech Declaration", IEEE Security and Privacy, volume 13, issue 6, pages 82-84, November/December 2015.
• Dong Jin and David Nicol, "Parallel Simulation and Virtual-machine-based Emulation of Software-defined Networks", ACM Transactions on Modeling and Computer Simulation, volume 26, issue 1, December 2015.
• Ken Keefe and William H. Sanders, "Reliability Analysis with Dynamic Reliability Block Diagrams in the Mobius Modeling Tool", 9th EAI International Conference on Performance Evaluation Methodologies and Tools (VALUETOOLS 2015), Berlin, Germany, December 14-16, 2015.
• Zhenqi Huang, Yu Wang, Sayan Mitra, and Geir Dullerud, "Controller Synthesis for Linear Time-varying Systems with Adversaries", IEEE International Conference on Decision and Control (CDC 2015), Osaka, Japan, December 15-18, 2015.
• Maurice Heemels, Geir Dullerud, and Andrew Teel, "A Lifting Approach to L2-gain Analysis of Periodic Event-triggered and Switching Sampled-data Control Systems", IEEE International Conference on Decision and Control (CDC 2015), Osaka, Japan, December 15-18, 2015.
• Key-whan Chung, Charles A. Kamhoua, Kevin A. Kwiat, Zbigniew T. Kalbarczyk and Ravishankar K. Iyer, "Game Theory with Learning for Cyber Security Monitoring", IEEE High Assurance Systems Engineering Symposium (HASE 2016), Orlando, FL, January 7-9, 2016.
• Anduo Wang, Xueyuan Mei, Jason Croft, Matthew Caesar, and Brighten Godfrey, "Ravel: A Database-Defined Network", ACM SIGCOMM Symposium on Software Defined Networking Research (SOSR 2016), Santa Clara, CA, March 13-17, 2016.
• Phuong Cao, Eric Badger, Zbigniew Kalbarczyk, and Ravishankar Iyer, "A Framework for Generation, Replay and Analysis of Real-World Attack Variants", Symposium and Bootcamp on the Science of Security (HotSoS 2016), Pittsburgh, PA, April 20-21, 2016.
• Hui Lin, Homa Alemzadeh, Daniel Chen, Zbigniew Kalbarczyk, and Ravishankar K. Iyer, "Safety-critical Cyber-physical Attacks: Analysis, Detection, and Mitigation", Symposium and Bootcamp on the Science of Security (HotSoS 2016), Pittsburgh, PA, April 20-21, 2016.
• Zhenqi Huang, Yu Wang, Sayan Mitra, and Geir Dullerud, "Controller Synthesis for Linear Time-varying Systems with Adversaries", Symposium and Bootcamp on the Science of Security (HotSoS 2016), Pittsburgh, PA, April 20-21, 2016.
• Sihan Li, Xusheng Xiao, Blake Bassett, Tao Xie, and Nikolai Tillmann, "Measuring Code Behavioral Similarity for Programming and Software Engineering Education", 38th International Conference on Software Engineering (ICSE 2016), Software Engineering Education and Training track, Austin, TX, May 14-22, 2016, to appear.
• Benjamin Andow, Adwait Nadkarni, Blake Bassett, William Enck, and Tao Xie, "A Study of Grayware on Google Play", Workshop on Mobile Security Technologies (MoST 2016) held in conjunction with IEEE Symposium on Security and Privacy, San Jose, CA, May 26, 2016, to appear.

D). Community Engagements
Briefly describe your Lablets community outreach efforts to extend scientific rigor in the community/culture. For example, list workshops, seminars, competitions, etc. that your Lablet has accomplished since April 2015 to present.

UIUC Lablet team has put forth outreach efforts throughout the Science of Security community. We changed our bi-weekly research meeting format by sharing the time slot with the Information Trust Institute's Trust and Security Seminar Series thus increasing to a university wide audience. We have brought in 7 distinguished speakers from both academia and industry. We sponsored the SoS Cyber-Physical Systems Workshop in conjunction with CPS Week.

UIUC ITI Trust and Security/SoS Lablet Research Seminars

• September 15, 2015, Brighten Godfrey, "A Hypothesis Testing Framework for Network Security"
• October 6, 2015, Eric Badger, "Scalable Data Analytics Pipeline for Real-Time Attack Detection: Design, Validation, and Deployment in a Honey Pot Environment"
• October 20, 2015, Mohammad Noureddine, "Accounting for User Behavior in Predictive Cyber Security Models"
• November 3, 2015, Zhenqi Huang and Yu Wang, "SMT-Based Controller Synthesis for Linear Dynamical Systems with Adversary"
• January 26, 2016, Tao Xie, "User Expectations in Mobile App Security"
• March 1, 2016, Wing Lam, "Towards Preserving Mobile Users' Privacy in the Context of Utility Apps"
• March 15, 2016, Dong (Kevin) Jin, "Towards a Secure and Resilient Industrial Control Systems with Software-Defined Networking"
• April 26, 2016, Zhenqi Huang and Yu Wang, "Static-Dynamic Analysis of Security Metrics for Cyber-Physical Systems"
• May 3, 2016, Phuong Cao, "Preemptive Intrusion Detection - Practical Experience and Detection Framework"

SoS Quarterly Meetings

• July 2015, NSA SoS Quarterly Meeting, Ross Koppel, "Progress, Problems, Publications, Plans and Promises of the Group Studying Passwords and Cyber Security Circumvention"
• July 2015, NSA SoS Quarterly Meeting, Bill Sanders "Accounting for User Behavior in Predictive Cyber Security Models"
• October 2015, NSA SoS Quarterly Meeting, Sayan Mitra, "Model-based Analysis and Synthesis for Security of Control Systems"
• October 2015, NSA SoS Quarterly Meeting, Eric Badger, "Scalable Data Analytics Pipeline for Validation of Real-Time Attack Detection
• February 2016, NSA SoS Quarterly Lablet Meeting, Tao Xie, "User Expectations in Mobile App Security"

SoS Speaker Series

• April 2, 2015, Somesh Jha, University of Wisconsin, "Thoughts on Retrofitting Legacy Code for Security"
• September 24, 2015, Patrick McDaniel, Pennsylvania State University, "Seven Years for Mobile Smpartphone Security"
• October 16, 2015, Paul Barford, University of Wisconsin, "Methods and Characteristics of Fraud in Online Advertising"
• November 13, 2015, Niels Provos, Google, Inc., "Security at Scale"
• February 9, 2016, J. Alex Halderman, University of Michigan, "Logjam: Diffie-Hellman, Discrete Logs, the NSA, and You"
• March 30, 2016, Srdjan Capkun, ETH Zurich Institute of Information Security, "Security Positioning: From GPS to IoT Applications"
• April 12, 2016: Patrick Traynor, University of Florida, "Who Do I Think You Are? Challenges and Opportunities in Telephony Authentication"

Other Presentations

• April 2015, Symposium and Bootcamp on the Science of Security (HotSoS), invited tutorial, Jim Blythe and Sean Smith: "Understanding and Accounting for Human Behavior"
• April 2015, Human Factors and Ergonomics in Health Care: Improving Outcomes (HFES), Ross Koppel, Sean W. Smith, and Harold Thimbleby: "What You See Is What You See: Misinforming Displays in Electronic Health Care Records and Medical Devises"
• April 2015, Dagstuhl, Assuring Resilience, Security and Privacy for Flexible Networked Systems and Organizations: Sean W. Smith: "Trust Challenges in Massive Multi-organization Distributed Systems"
• May 2015, 37th International Conference on Software Engineering (ICSE 2015), Wei Yang: "AppContext: Differentiating Malicious and Benign Mobile App Behavior Under Context"
• June 2015, ACM SIGCOMM Symposium on SDN Research (SOSR 2015), software demo: Raval: Orchestrating Software-Defined Networks
• July 2015, International Symposium on Human Aspects of Information Security and Assurance, Sean Smith: "Mismorphism: A Semiotic Model of Computer Security Circumvention"
• September 2015, New England Security Day, University of Massachusetts, Amherst, Vijay Korthari: Mismorphism and Circumvention
• October 2015, invited tutorial, NSF Interdisciplinary Workshop on Statistical NLP and Software Engineering, Tao Xie: "Software Mining and Software Datasets"
• October 2015, tutorial, 2015 Annual ACM Conference on Systems, Programming Languages, and Applications: Software for Humanity, Tao Xie: "Software Analytics: Achievements and Challenges"
• November 2015, demonstration of the security testbed for attack replay and testing of attack detection techniques at The International Conference for High Performance Computing, Networking, Storage and Analysis (SC2015)
• November 2015, St. Lawrence University, Sean Smith: "Circumvention: Why Do Good People Do Bad Things, and What Can We Do About It"
• November 2015, invited talk, Washington State University, Tao Xie: "Text Analytics for Mobile App Security and Beyond"
• December 2015, Holy Cross College, Sean Smith: "Circumvention: Why Do Good People Do Bad Things, and What Can We Do About It"
• December 2015, Society for Risk Analysis, Jim Blythe: "A Toolkit for Exploring the Impact of Human Behavior on Cybersecurity through Multi-agent Simulations"
• December 2015, IEEE International Conference on Decision and Control, Zhenqi Huang: "Controller Synthesis for Linear Time-varying Systems with Adversaries"
• December 2015, Technical University of Vienna, Sayan Mitra: "Parametrized Verification of Distributed Systems"
• December 2015, PhD preliminary examination, Zhenqi Huang: "Compositional Verification and Security of Cyber-physical Systems"
• January 2016, University of Central Florida, Department of Computer Science Spring 2016 Distinguished Speaker Series, David Nicol, "Quantitative Analysis of Stepping Stone Access to Cyber-Physical Assets"
• April 2016, Symposium and Bootcamp on the Science of Security (HotSoS 2016), invited tutorial, Tao Xie and William Enck: "Text Analytics for Security"

Workshops

• Science of Security for Cyber-Physical Systems (SoSCYPS 2016), April 11, 2016 in conjunction with CPS Week 2016, Vienna, Austria.
• Workshop on Science of Security through Software-Defined Networking (SoSSDN 2016), June 16-17 at the Illinois Institute of Technology in Chicago, IL.

E). Educational
Briefly describe any changes to curriculum at your school or elsewhere that indicates an increased training or rigor in security research that your Lablet has accomplished since April 2015 to present.

David Nicol's graduate seminar course ECE 598, the Science of Computer Security started at the University of Illinois at Urbana-Champaign in Spring 2015. The security of computers, communications, and data is of great concern to our society. Decades of research have produced solutions to a variety isolated problems, some of which have been produced using techniques that are recognizable as "scientific", others of which appear to be ad-hoc. There is a growing sentiment in the community that research in security should be conducted when possible on a scientific or engineering basis. This course examines the questions of what might constitute a science of security, framing the questions around five "hard areas" proposed by the NSA: Composition, Policy, Metrics, Resiliency, and Human Factors. The students will read and present papers from the literature that exemplify a scientific approach to security, and write essays on the questions raised by the course. The course is intended for graduate students interested in trustworthy systems research.

Tao Xie is designing teaching materials on Code Hunt (https://www.codehunt.com/) released by Microsoft Research for teaching and training students on software security. The teaching materials incorporate educational gamification to teach students on improving their software security skills. Some initial designs are described in the HotSoS 2015 poster paper.

Kevin Jin has developed a new graduate-level course, CS558 Advanced Computer Security at the Illinois Institute of Technology. A key topic in this course is network security, which will cover some of the research results of this project.

Brighten Godfrey co-taught a Coursera online course on Cloud Networking this past fall. Roughly 30,000 students were enrolled. The course included a segment on network security for the cloud, particularly with respect to network virtualization.

Five students have accepted positions as SoS summer interns. The students are from Tennessee State University, North Texas University, and the University of Illinois at Urbana-Champaign. We are working on an educational program that will be in conjunction with other internship programs within the UIUC College of Engineering.