Visible to the public UIUC SoS Lablet Quarterly Executive Summary - April 2022Conflict Detection Enabled

A. Fundamental Research
High level report of result or partial result that helped move security science forward-- In most cases it should point to a "hard problem". These are the most important research accomplishments of the Lablet in the previous quarter.

 

 

Uncertainty in Security Analysis

  • Based on the Bayesian framework, we developed and solved two important optimization problems in cybersecurity incident response. The first problem computes the optimal containment policy, which minimizes the damage of the attack and the negative consequence of the containment on the network, subjected to uncertainty about the scope of the attack. The second problem uses solutions to the first problem to compute the optimal detection policy, which tells the defender which host to investigate, using which security tool, to maximize the overall effectiveness of the response. The optimal detection policy is continuously revised and updated every time new data about the incident is obtained.

 

An Automated Synthesis Framework for Network Security and Resilience

  • We continue to study the interdependence between the power system and the communication network to improve resilience in critical energy infrastructures, which addresses the resilient architecture hard problem. In the current quarter, our paper "Towards Optimal and Executable Distribution Grid Restoration Planning with a Fine-Grained Power-Communication Interdependency Model” has been published in IEEE Transactions of Smart Grid. In the paper, we formulated the restoration process as a routing problem that schedules the path and action sequence of utility crews that involves repairing damaged components, closing power switches, and enabling communication paths between the control center and remote field devices. We developed a simulation-based method to quantitatively evaluate the restoration process with public reference models of large-scale power systems (e.g., IEEE 123-node system, Ckt-7 system). The experimental results show that our method improves the total restored energy up to 57.6% and reduces the recovery time up to 63% by considering the power-communication interdependency.
  • We continue to develop a simulation-based platform for cyber-physical system resilience and security evaluation, which addresses the resilient architecture and scalability hard problem. In the current quarter, we developed a lightweight virtual time system that integrates precise I/O time for container-based network emulation. We modeled and analyzed the temporal error during I/O operations and develop a barrier-based time compensation mechanism in the Linux kernel. The experimental results show that the temporal error can be reduced from 87.31% to 3.6% and the new system only introduces around 2% overhead of the total execution time. We submitted a manuscript describing this work to ACM SIGSIM-PADS 2022 in March 2022.
  • We continue to explore methods to detect and mitigate attacks caused by IoT botnets in the context of smart grid to address the resilient architecture hard problem. In the current quarter, we formulated a mixed-integer linear programming model to minimize the cost of the IoT bots mitigation by considering the constraints of power supply and demand, hardware resources, and power network topology. We also developed a testbed integrating OpenDSS and Mininet and used it for MAD attack simulation, detection model training, and mitigation method evaluation. Finally, we are working on a case study based on the IIT Campus microgrid to evaluate the effectiveness of the proposed detection and mitigation mechanisms.
  • We have developed a design and evaluation framework for a self-driving “service provider infrastructure” that leverages our prior work on verification and synthesis to address the resilient architecture hard problem. In the current quarter, we continue to focus on network and container orchestration systems (e.g., Kubernetes). Our platform leverages AI planning algorithms to synthesize steps the system needs to take to protect itself against incoming attacks from an intelligent adversary. The team has a collaborative research project on applying model checking to embedded devices and networks. One application is to verify the power system’s full observability policy in phasor measurement unit network design under cyber-attacks and link/device failures.

 

Resilient Control of Cyber-Physical Systems with Distributed Learning

  • We have developed and implemented a nearly sample-optimal algorithm for statistical model checking of markov decision processes. This advances the state of the art in achieving resiliency (hard problem)  as optimal data usage for verification makes the algorithms effective for offline analysis of autonomous system design as well as on board monitoring.
  • We have developed a collection of benchmarks for comparing our approach with existing model checking tools such as Prism, Storm, and Plasma Lab that are also used for security and resiliency analysis of autonomous and cyber-physical systems.

 

 

B. Community Engagement(s)
Research interaction in the community including workshops, seminars, competitions, etc.

  • Matthew Caesar will serve on the Program Committee for USENIX NSDI 2023.
  • Matthew Caesar is serving on the Program Committee for USENIX NSDI 2022.
  • Matthew Caesar is serving as a co-chair for the Networking Channel (https://networkingchannel.eu/), an online talk series for computer networking, systems, and security topics that is a joint initiative between EU's Empower initiative, the National Science Foundation's PAWR office, and ACM SIGCOMM. Talks are held online and are open to all, to provide broad reach into the community.
  • Matthew Caesar is serving as the Sponsor Chair for ACM SIGCOMM 2022.
  • Kevin Jin will serve as a Program Co-chair for ACM SIGSIM-PADS 2023.
  • Kevin Jin is serving on the Program Committee for the International Conference on Computer Communications and Networks (ICCCN) 2022.
  • Kevin Jin is serving on the Program Committee for Workshop on ns-3 (WNS3) 2022.
  • Kevin Jin is serving as a Program Co-chair for ACM SIGSIM-PADS 2022.
  • Sayan Mitra served as the General Chair of HoTSoS 22. April 5-7 2022.
  • Sanjay Shakkottai has conducted a week-long workshop on Causal Inference, January 2022. This was a bootcamp that focused on models for causality, and their applciations to machine learning.
  • Sanjay Shakkottai co-organized a workshop on Machine Learning for Systems, April 2022. This workshop hosted researchers from academia and industryto focus on technical challenges stemming from the deployment of ML pipelines at scale.
  • Geir Dullerud presentation at POSTECH, Korea; “Learning for Safety and Control in Dynamical Systems”, April, 2022.
  • A mini-version of the GRAIC Autonomous racing competition will be demonstrated to the public at the Engineering Open House at Illinois, May 8-9th 2022.

 

 

 

Publications

  • "Towards Optimal and Executable Distribution Grid Restoration Planning with a Fine-Grained Power-Communication Interdependency Model." Xin Liu, Bo Zhang, Bo Chen, Alex Aved, and Dong Jin. IEEE Transactions on Smart Grid, February 2022.
  • Towards a Lightweight VANET Authentication Protocol. Otto Piramuthu, Matthew Caesar, ACM SIGAPP Symposium on Applied Computing, April 2022.
  • Authentication for Real Time Highway Surveillance. Otto Piramuthu, Matthew Caesar, Ling Ren, UAV/VANET, ACM SIGAPP Symposium on Applied Computing, April 2022.
  • PAC Bounds for Generalization using Invariant Representations.
    Advait Parulekar, Karthikeyan Shanmugam, Sanjay Shakkottai. Under submission, 2022.
  • Verifying Controllers with Convolutional Neural Network-based Perception: A Case for Intelligible, Safe, and Precise Abstractions. Chiao Hsieh, Keyur Joshi, Dawei Sun, Yangge Li, Sasa Misailovic, and Sayan Mitra. Under submission, 2022.
  • Asymptotically-Optimal Gaussian Bandits with Side Observations.
    Alexia Atsidakou, Orestis Papadigenopoulos, Constantine Caramanis, Sanjay Shakkottai. Under submission, 2022.
  • NeuReach: Learning Reachability Functions from Simulations.
    Dawei Sun and Sayan Mitra, To appear in the proceedings of Int. Conf. on Tools and Algorithms for Construction and Analysis of Systems (TACAS), 2022. Paper presented in April 2022.
  • Multi-agent Motion Planning from Signal Temporal Logic Specifications.
    Dawei Sun, Jingkai Chen, Sayan Mitra, Chuchu Fan to appear in the proceedings of IEEE Robotics and Automation
    Letters (RA-L), and Intl. Conf. on Robotics and Automation, May 2022.
  • Policy Optimization for Markovian Jump Linear Quadratic Control: Gradient-Based Methods and Global Convergence and Parameter Synthesis for Stochastic Systems using  Optimistic Optimization, Joao Jansch-Porto, Bin Hu, and Geir Dullerud, submitted for review, February 2022.
  • MLEFlow: Learning from His- tory to Improve Load Balancing in Tor, H. Darir, H. Sibai, C.-Y. Cheng, N. Borisov, G.E. Dullerud, and S. Mitra, to appear at Privacy Enhancing Technologies Symposium(PETS), 2022. Also presented at HoToS 2022.
  • Linear Bandit Algorithms with Sublinear Time Complexity, Shuo Yang, Tongzheng Ren, Sanjay Shakkottai, Eric Price, Inderjit Dhillon and Sujay Sanghavi, submitted for review, 2021.
  • Multi-Agent Low-Dimensional Linear Bandits, Ronshee Chawla, Abishek Sankararaman, and Sanjay Shakkottai. Submitted for review, 2021.
  • A Model-free Adversarial Reinforcement Learning Approach for mu Synthesis, by Darioush Keivan, Aaron Havens, Peter Seiler, Geir E. Dullerud, Bin Hu, accepted to appear in Proceedings of American Control Conference(ACC), 2022.
  • Revisiting PGD Attack for Stability Analysis of Large-Scale Nonlinear Systems and Perception-Based Control, by Aaron Havens, Darioush Keivan, Peter Seiler, Geir E. Dullerud, Bin Hu, Submitted for Review, 2022.
  • Low-fidelity Gradient Updates for High-fidelity Reprogrammable Iterative Learning Control,  by Kuan-Yu Tseng,  Jeff S. Shamma, Geir E. Dullerud, accepted to appear in Proceedings of American Control Conference(ACC), 2022

 

 

C. Educational Advances
Impact to courses or curriculum at your school or elsewhere that indicates an increased training or rigor in security research.

  • Matthew Caesar co-organized an online event on the Networking Channel (https://www.networkingchannel.eu): Open educational resources for teaching and learning networking in March 2022. He previously co-chaired an event on improving diversity and inclusion in the systems and networking community on February 2022. He will also co-chair an event on network programmability in April 2022.
  • Kevin Jin, Xiaoliang Wu, and Neil Mcglohon are organizing a Ph.D. colloquium as part of the ACM SIGSIM-PADS conference in June 2022. The Ph.D. colloquium will include a keynote speech, student presentations, and best student paper award competition.
  • Matthew Caesar has undertaken substantial work to update his Internet of Things MOOC, which reaches over 17,000 students, including development of two new laboratory assignments allowing students to explore cybersecurity of Cisco IOS and core networks, as well as AWS IoT and cloud IoT platforms.
  • Matthew Caesar is also teaching CS 437: Internet of Things at the University of Illinois, which covers advanced concepts and security practices in IoT, and which will be taught to about 150 on-campus graduates/undergraduates, as well as about 150 graduate students who are part of the Illinois Masters in Computer Science program, many of whom are software development professionals working in companies across many sectors.