Visible to the public CMU SoS Lablet Quarterly Executive Summary - October 2018Conflict Detection Enabled

Submitted by Jamie Presken on Thu, 09/13/2018 - 1:34pm

A. Fundamental Research
High level report of result or partial result that helped move security science forward-- In most cases it should point to a "hard problem". These are the most important research accomplishments of the Lablet in the previous quarter.

Safer blockchain transactions (Aldrich). The blockchain distributed ledger system has been proposed to support transactions in a distributed manner, with replicated shared state. Hackers have exploited security vulnerabilities in existing blockchain programs. To address this, we are designing a new language, Obsidian, using principles of user-centered design. Obsidian uses the technical approaches of typestate (expressing both the types of objects and their state in a way that supports static reasoning) and linearity (to avoid loss or duplication of tracked assets). These are intended to support stronger safety guarantees than current approaches for programming blockchain systems.

Improving explanations for neural networks (Bauer). We have made significant progress implementing a framework for explaining the predictions made by deep neural networks, and incorporating it into a graphical tool for use by researchers and practitioners. Explanations may identify the network-internal factors that cause misclassifications, and we leverage this capability to make progress on the hard problems above. We also believe that certain types of explanations can comprise a runtime defense, with a human in the loop, by exposing cases where predictions appear to be "made for the wrong reasons." Our approach to explanations allows analysts to parameterize queries of network behavior on the aspect being explained, the set of samples in question, and the portion of the network under study, and our tool gains flexibility by exposing these as options. While this tool is useful for our activities on the project, we plan to release it as an open-source project, as well as a more limited interactive web application, for other researchers as well.

Resiliency with observability (Garlan). The adversarial nature of the security domain, and Advanced Persistent Threats (APTs) in particular, poses unresolved challenges to the design of self-adaptive systems, such as defending against multiple types of attackers with different goals and capabilities. In this interaction, the observability of each side is an important and under-investigated issue in the self-* domain. We have proposed a model of APT defense that elevates observability as a first-class concern. We evaluate this model by showing how an informed approach that uses observability improves the defender's utility compared to a uniform random strategy, as well as demonstrated how the approach can enable robust planning through sensitivity analysis, can inform observability related architectural design decisions, and can scale to realistically long time horizons. This work builds on techniques to learn strategies for online games. To support experimentation, we developed parsers and feature extractors to pull out the interesting information from the state and make it feasible to use inverse reinforcement learning (IRL) to learn the action policies. We were then able to use, test, and analyze a Python IRL algorithm to demonstrate that it could indeed learn different strategies for different players. We then implemented several explanation algorithms on top of the policies/strategies to be able to summarize the differences in strategies automatically.

 

B. Community Engagement(s)
Research interaction in the community including workshops, seminars, competitions, etc.

With non-Lablet sponsorship, the CMU Institute for Software Research (ISR) in the School of Computer Science supported a Research Experience for Undergraduates with a focus on Software Engineering (REUSE) in Summer 2018. The REUSE program target US undergraduate students, and include several students with interest in software security.

CU will host a quarterly meeting of the SoS Lablet community in October 2018.

 

C. Educational Advances
Impact to courses or curriculum at your school or elsewhere that indicates an increased training or rigor in security research.

The top-rated undergraduate program in computer science at Carnegie Mellon (https://www.csd.cs.cmu.edu/academics/undergraduate/overview) now has a Concentration in Security and Privacy. This concentration was developed over a period of several years, was recently approved, and is now accepting its initial cohort of students. Details regarding the program are on the web (http://isri.cmu.edu/education/undergrad/secpriv/index.html).

Groups: