Farnam Jahanian - US grants

This research will investigate fault injection techniques for the evaluation and validation of dependable protocols. The project will focus on techniques that can be used to demonstrate three aspects of a target protocol: (i) detection of design or implementation errors, (ii) identification of violations of protocol specifications, and (iii) insight into design decisions made by the implementors. The end goal of the project is the investigation of techniques for testing the fault-tolerance capabilities of dependable protocols and the development of a tool for the experimental evaluation of commercial and prototype protocols. The approach will center around a technique called`script-driven probing and fault injection.` A distributed protocol can be viewed as an abstraction through which a collection of participants communicate by exchanging a set of messages. Hence, no distinction is made between application-level protocols, communication protocols, or device layer protocols. A probe/fault injection (PFI) layer is inserted below a target protocol to filter and to manipulate the messages that are exchanged between participants. The fault injection layer supports the execution of deterministic or randomly-generated test scripts to probe the participants and inject various faults into the system. In particular, by intercepting messages between two layers in a protocol stack, the fault injection layer can delay, drop, reorder, duplicate, and modify messages. Furthermore, it can introduce spontaneous messages into the system to probe the participants and to orchestrate the system execution into a particular path. Since timing constraints are often an important component of the dependability requirements on a system, the intrusiveness of a fault injection mechanism on a target system is a key issue which will be addressed by this research. The educational component of this CAREER project will include `undergraduate mentoring` and `learning via experimentation.` Mentoring exposes students to one-on-one technical interactions with instructors and more senior students. Learning via experimentation has a two pronged effect. It allows students to `practice` how to apply knowledge and to`learn` how to obtain new information. These two aspects of the plan will be formalized into the curriculum with the following educational activities: (1) Refocus the Undergraduate Directed Study to involve junior and senior-level students in some of the ongoing prototyping activities in research projects and in various laboratories on campus; (2) Develop a curriculum track that emphasizes experimentation to enhance learning of software systems concepts.

9806280
Shin, Kang G.
Jahanian, Farnam
The University of Michigan at Ann Arbor

Experimental Software Systems: ADAPTWARE: A Design Framework for Adaptive Real-Time Systems

This project is to design, implement, and evaluate a software framework, called the Adaptware, that consists of architectural support, resource-management mechanisms, and programming abstractions for adapting Quality-of-Service (QoS) to dynamically-fluctuating resource capacity and demands. This framework will reduce the cost and time of real-time software development by providing the infrastructure necessary for building reusable multi-purpose real-time software components. In much the same way as today's consumers can buy software and hardware components from different vendors and construct a computing environment tailored to their needs, this framework can provide the means of building and integrating real-time system components so as to preserve their temporal correctness while making it possible to dynamically compute predictable end-to-end temporal guarantees commensurate with available resources.

We plan to demonstrate the benefits of our framework by building a testbed and executing representative applications on the testbed, drawn from both soft real-time systems such as multimedia, and hard real-time systems such as automated flight. Software development costs of these applications are expected to be reduced significantly by separating real-time application design from resource-capacity assumptions on the target platform, hence facilitating changes in platform capacity, configuration or load. This project is also to demonstrate how our abstraction of platform capacity (away from the programmer) can help build real-time systems that can tolerate a range of violations of their load and failure hypotheses by adapting application QoS dynamically to the resources available.

Collaborative Knowledge-Work Environments for Team
Science: The Space Physics and Aeronomy Research
Collaboratory (SPARC) Project

Project Summary

Interdisciplinary research experience in the collaboratory concept will be used to design, deploy, evaluate, and enlarge the fundamental understanding of collaborative knowledge-work environments. They will focus and inform this research by the creation of a Space Physics and Aeronomy Research Collaboratory (SPARC) of revolutionary scope and power. The work is based on the Upper Atmospheric Research Collaboratory (UARC), in which over a six-year period a team of space physicists, computer scientists, and behavioral scientists evolved a suite of collaboration capabilities to provide rich, real-time access to a wide variety of data and modeling resources. The proposed work on SPARC will significantly extend the power of technology-mediated, distributed knowledge-networking systems. It combines experimental data streams and their interpretation, theoretical models, real-time campaign support, capture mid replay of collaborative sessions, post-hoc analysis workshops, access to archival data and digital libraries, and educational/outreach modules. An important outcome of SPARC for the science community will be a functional and operational space weather predictive capability. Equally important, SPARC will also be a major testbed to further understand and design collaborative knowledge work systems from a merger of social and technical principles.

The SPARC project aims to produce a next generation collaboratory that will support a fill range of scientific activities

The topology of the Internet is constantly evolving and dramatic changes in end-to-end reachability have fundamentally changed the way in which malicious software propagates and is detected. At the same time, perimeter firewalls and NAT devices designed to protect networks are becoming porous to many of the threats they were designed to defend against. The end result has been a proliferation of undetected malicious activity inside network perimeters. To combat the rise of threats inside the network and the lack of visibility into sub-networks, this research seeks to construct a set of techniques for building a topologically-accurate map of unused and unreachable addresses (darknets) inside a network, and then using that map to deploy a pervasive detection system. The key insight that enables the approach is integration with routing, policy, and host management systems that already understand part of the address topology. This topology information will be used to construct a high-level map of address usage and then place darknet sensors at thousands of different locations inside the network to detect threats inside the network perimeter and threats outside trying to penetrate in. Using multi-dimensional data mining techniques we will then develop a framework for analyzing the huge volume of data produced by the detectors. In summary, this research effort introduces a novel approach to increase the visibility and effectiveness of Internet threat detection systems by developing methods to automatically discover network topology and use that knowledge to deploy pervasive network sensors that enable new detection capabilities

Layer-8 attacks (e.g., spam and phishing) are launched from a malicious service platform, e.g., botnet, which consists of a large number of infected machines (or bots). Such an attack platform relies on lower-layer network services to achieve efficiency, robustness, and stealth in communication and attack activities. These services include look-up (e.g., DNS), hosting (e.g., Web servers), and transport (e.g., BGP).

The main research goals and approaches of the CLEANSE project are:

1. Control-plane monitoring. Much of the infrastructure for mounting layer-8 attacks involves abuse of the control plane in core network services (e.g., DNS and BGP).
The CLEANSE project develops control-plane anomaly detection sensors that are distributed, online, and real-time.

2. Data-plane monitoring. The project develops new and general network anomaly detection algorithms based on traffic sampling and clustering for monitoring high-speed traffic.

3. Improved security auditing capabilities. The CLEANSE project develops packet "tagging/tainting" techniques to enable tracking and clustering of network traffic flows (e.g., that are generated by the same bot program). The project also develops improved traffic sampling capabilities that are attack-aware and distributed network-wide.

By focusing on monitoring of core network services, the CLEANSE framework can detect future layer-8 attacks and new forms of large-scale malware infections. The project also creates educational contents, including new textbooks and on-line course materials, which directly benefit from the research activities. The CLEANSE project team also work with industry partners (including the ISPs) to organize focused workshops that bring together researchers from academia and practitioners from the industry/ISP, government, and law enforcement agencies to foster the exchange of ideas, data, and technologies.

Intellectual Merit:

The goal of this project, a collaboration between the University of Michigan and Georgia Tech, is stand up a deployed system and associated distributed monitoring and diagnosis algorithms to improve performance, availability, and security of production communication networks. The infrastructure will enable research in two primary settings: network security and network management.

The project provides a unique platform for evaluating systems and algorithms for network management and security that rely on cross-domain visibility. The infrastructure and associated research will enable multidisciplinary research between experts in networking, databases, security, and machine learning. It will provide researchers from these domains both (1) access to real-world network management and security problems from operational networks, thus providing a sound basis for new research problems; and (2) a realistic setting under which they can evaluate their results.

Broader Impact:

The first area of broader impact is in network operations. The infrastructure will be deployed on production networks and will serve as a platform for distributed network monitoring research in both network security and network management. There will be close collaboration with campus network operators at Georgia Tech, the University of Michigan, Southern Crossroads (SOX), and Merit Network. The second area is in education. Students in undergraduate and graduate networking courses at the two universities will be given the ability to run their own monitoring experiments on the infrastructure through a controlled interface. The third area is with regard to NSF goals such as those expressed in Future Internet Design (FIND) and Global Environment for Network Innovations (GENI). The networking community to-date has no infrastructure that facilitates deployment studies of systems and algorithms and the operation of real, production networks. This infrastructure offers a way to bring together different networking and computing communities and explore the hardest management and security problems confronting large-scale networking.

Modern mobile platforms, such as the Google Android and Apple iPhone, are reinventing the mobile landscape by opening up third-party development and by providing sophisticated productivity, communication, and application suites. In addition, mobile devices are increasingly used to store sensitive personal information such as financial and medical data. Mobile environments face a wide range of unique security challenges. First, emerging mobile platforms have vastly different security and trust models. Second, techniques that worked for securing desktops do not transition well to mobile environments because mobile devices are highly resource constrained. Finally, mobile devices have inherently different usability patterns than traditional desktops that impact security.

This project explores a new model for mobile security based on moving the complexity of malware detection to an in-cloud security service rather than performing analysis locally on each mobile device. We will investigate in-cloud security services for mobile devices based on an architecture that consists of a lightweight agent that runs on mobile devices interposing on access of applications and data, and a network service that identifies malicious applications using parallel signature, behavioral, and reputation-based detection engines. Our approach is structured around three objectives: (1) functionality across a wide variety of mobile platforms and security models, (2) minimal on-device CPU, memory, and power resources, and (3) security that adapts to mobile usability patterns. We will work with our industry partners to facilitate the deployment of the techniques and methods developed through this effort on live operational networks.

This award will support student travel for participation in the 2010 International Conference on Dependable Systems and Networks. Traveling to this conference and participating in the conference activities will foster development of skilled researchers in this field which is of national interest.