UIUC SoS Lablet Quarterly Executive Summary - July 2019

A. Fundamental Research
High level report of result or partial result that helped move security science forward-- In most cases it should point to a "hard problem". These are the most important research accomplishments of the Lablet in the previous quarter.

[Project: An Automated Synthesis Framework for Network Security Resilience] We have begun a collaboration with AT&T, which operates one of the largest networks in the world, to customize and deploy our technology in their environments. AT&T faces some unique challenges which will require custom solutions for their environment. In particular, AT&T runs application-centric networks, composed of both traditional networking elements and application services. To perform verification and synthesis in these networks, we are developing extensions to verify application-level semantics across the network. The operator can specify end-to-end requirements on application behavior, which are analyzed across the entire network. For this to work, our system requires extensions to analyze application-level properties, as well as information about how each device or application component in the network manipulates data flow. We plan to incorporate these extensions into our design, and work with AT&T to implement and deploy the resulting system into their network.

[Project: A Monitoring Fusion and Response Framework to Provide Cyber Resiliency] We have begun work on an approach to explicitly protect monitoring infrastructures against monitor compromise through defensive monitor placement, in a manner that does not require changing intrusion and incident analysis mechanisms already in place. We are developing a methodology to examine a system and network monitoring infrastructure in the context of incident and intrusion detection to quantify susceptibility to monitor compromise and suggest changes to the monitoring that can improve the resiliency of the monitoring infrastructure. As part of this work, we are methodically examining the motives an attacker might have to compromise monitors and the types of compromise that can occur, and considering the effects of each type of compromise on incident detection ability.

[Project: Uncertainty in Security Analysis] We are preparing for the next phase which is to embed the developed security model in a risk assessment framework. More specifically, we are systematically surveying the literature on risk assessment in SCADA systems to identify the common approaches, their abilities and limitations. The lessons learned will help us build our own risk assessment framework.

[Project: Resilient Control of Cyber-Physical Systems with Distributed Learning] Two PhD students at UIUC have been recruited and are dedicating their research time to the project.  We have formulated a new direction of scientific enquiry into safety and security analysis of systems. The point of departure from existing literature is that we explore the relative value of data and models in assessing how well a system meets its requirements.  One PhD student at UT has recently joined the research effort.

[Project: A Human-Agent-Focused Approach to Security Modeling] We wrote a position paper on why quantitative cyber security modeling is important and how it should be done. We believe that, once published, the paper will help introduce those who are unfamiliar with modeling to the advantages of quantitative modeling approaches for security, teach them how to do it and common pitfalls to avoid. We are currently in the process of identifying an appropriate venue for the paper.

B. Community Engagement(s)
Research interaction in the community including workshops, seminars, competitions, etc.

Publications

1. Christopher Hannon and Dong Jin, “Bitcoin Payment-Channels for Resource Limited IoT Devices”, 2019 International Conference on Omni-Layer Intelligent Systems (COINS), Crete, Greece, May 5-7, 2019.
2. Hoang Hai Nguyen, Kartik Palani, and David M. Nicol, "Extensions of Network Reliability Analysis", IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2019), Portland, OR, June 24-27, 2019.
3. Mohammad Noureddine, Amanda Hsu, Matthew Caesar, Fadi A. Zaraket, and William H. Sanders, “P4 AIG: Circuit-Level Verification of P4 Programs”, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2019), Portland, OR, June 24-27, 2019.
4. Jiaqi Yan, Guanhua Yan, and Dong Jin, “Classifying Malware Represented as Control Flow Graphs using Deep Graph Convolutional Neural Network.” IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Portland, OR, June 24-27, 2019
5. Xiaoliang Wu, Jiaqi Yan and Dong Jin. "Virtual-Time-Accelerated Emulation for Blockchain Network and Application Evaluation." 2019 ACM SIGSIM Conference on Principles of Advanced Discrete Simulation (PADS), Chicago, IL June 3-5, 2019
6. Christopher Hannon, Jiaqi Yan, Dong Jin and Yuan-An Liu, "A Distributed Virtual Time System on Embedded Linux for Evaluating Cyber-Physical Systems.", 2019 ACM SIGSIM Conference on Principles of Advanced Discrete Simulation (PADS), Chicago, IL, June 3-5,  2019, Best Paper Award
7. C. Cheh, U. Thakore, B. Chen, W.G. Temple, and W.H. Sanders, “Leveraging Physical Access Logs to Identify Tailgating: Limitations and Solutions”, European Dependable Computing Conference, Naples, Italy, September 17-20, 2019, to appear.

C. Educational Advances
Impact to courses or curriculum at your school or elsewhere that indicates an increased training or rigor in security research.

• PI Mitra’s new course Principles of Safe Autonomy at University of Illinois came to a successful conclusion in May. The course takes a deep dive into the seminal topics in object recognition, learning, localization, decision making, path planning, control, and safety verification. 25 students from ECE and CS are completed the course. The course team has designed 6 New programming assignments involving topics such as lane detection, road-sign recognition with deep neural networks, localization with particle filters, decision making with reinforcement learning, path planning with rapidly expanding random trees, and safety verification using simulation-driven proofs. The students used a high-fidelity, commercial-grade vehicle simulator (Righthook) for testing their programming assignments. Galois Inc. sponsored prizes for student projects. Find out more about the safe autonomy course and the student projects at https://publish.illinois.edu/safe-autonomy/
• Kevin Jin has been appointed as the Director of the new Master of Cybersecurity Program in the College of Science at Illinois Institute of Technology (https://science.iit.edu/programs/graduate/master-cybersecurity-mcybcode).  The program will serve as one more platform to disseminate the educational and research outcomes of our Science of Security projects.
   
• Kevin Jin and Chen Chen (Argonne National Lab) submitted a tutorial titled "Electric Power System Resilience" to the 2019 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm) and the tutorial is accepted by the conference.
   
• We organized a Ph.D. colloquium as part of the ACM SIGSIM-PADS conference. The Ph.D. colloquium include a career panel, poster session, student presentations, and a meeting with editors. We received 20+ submissions and 15 students were selected to present their work, among which 5 US-based Ph.D. students received the NSF student travel grant. The event has provided mentoring and educational opportunities to the young researchers, thus contributing to equipping them with tools that support their career success.
   
• Kevin Jin gave a full-day tutorial on “Cyber Security and Resilience of Cyber-Physical Systems” in the Internet of Things (IoT) Systems Research Center at the University of Wisconsin Madison, June 2019
   
• Matthew Caesar has created a new class on Internet of Things at UIUC. The class contains extensive coverage of security in this important domain. The class is slated for public release this fall on Coursera’s Massive Online Open Course (MOOC) platform. The course will be open for enrollment by anyone, even people not attending the University of Illinois. Most lecture content and labs have been created and the course is approximately 35% filmed.
   
• Matthew Caesar also continues to refine his Networking Laboratory class, targeting release for Spring 2020. He has developed a new set of Cybersecurity lectures for his class, covering important topics, and educating students how to improve security of common networking deployments.