Current CNS News

CNS 2024 News


  • Scammers Can Abuse Security Flaws in Email Forwarding to Impersonate High-profile Domains

    Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego.

    The issues researchers uncovered have a broad impact, affecting the integrity of email sent from tens of thousands of domains, including those representing organizations in the U.S. government–such as the majority of U.S. cabinet email domains, including state.gov, as well as security agencies. Key financial service companies, such as Mastercard, and major news organizations, such as The Washington Post and the Associated Press, are also vulnerable.

    It’s called forwarding-based spoofing and researchers found that they can send email messages impersonating these organizations, bypassing the safeguards deployed by email providers such as Gmail and Outlook. Once recipients get the spoofed email, they are more likely to open attachments that deploy malware, or to click on links that install spyware on their machine.

    Such spoofing is made possible by a number of vulnerabilities centered on forwarding emails, the research team found. The original protocol used to check the authenticity of an email implicitly assumes that each organization operates its own mailing infrastructure, with specific IP addresses not used by other domains. But today, many organizations outsource their email infrastructure to Gmail and Outlook. As a result, thousands of domains have delegated the right to send email on their behalf to the same third party. While these third-party providers validate that their users only send email on behalf of domains that they operate, this protection can be bypassed by email forwarding.

    For example, state.gov, the email domain for the Department of State, allows Outlook to send emails on their behalf. This means emails claiming to be from state.gov would be considered legitimate if they came from Outlook’s email servers. As a result, an attacker can create a spoofed email–an email with a fake identity–pretending, for example, to come from the Department of State–and then forward it through their personal Outlook account. Once they do this, the spoofed email will now be treated as legitimate by the recipient, as it is coming from an Outlook email server.

    Alex Liu, a PhD student in the UC San Diego Department of Computer Science and Engineering, led the research.
    Versions of this flaw also exist for five other email providers, including iCloud. The researchers also discovered other smaller issues that impact users of Gmail and Zohomail– a popular email provider in India.

    Researchers reported the issue to Microsoft, Apple and Google but to their knowledge, it has not been fully fixed.

    “That is not surprising since doing so would require a major effort, including dismantling and repairing four decades worth of legacy systems,” said Alex Liu, the paper’s first author and a Ph.D. student in the Jacobs School Department of Computer Science and Engineering at UC San Diego. “While there are certain short-term mitigations that will significantly reduce the exposure to the attacks we have described here, ultimately email needs to stand on a more solid security footing if it is to effectively resist spoofing attacks going forward.”

    The team presented their findings at the 8th IEEE European Symposium on Privacy and Security, July 3 to 7, 2023, in Delft, where the work won best paper.

    Example of a spoofed email attack exploiting open forwarding and relaxed validation for forwarded email from well-known providers

    Different attacks

    Researchers developed four different types of attacks using forwarding.

    For the first three, they assumed that an adversary controls both the accounts that send and forward emails. The attacker also needs to have a server capable of sending spoofed email messages and an account with a third party provider that allows open forwarding.

    The attacker starts by creating a personal account for forwarding and then adds the spoofed address to the accounts’s white list–a list of domains that won’t be blocked even if they don’t meet security standards. The attacker configures their account to forward all email to the desired target. The attacker then forges an email to look like it originated from state.gov and sends the email to their personal Outlook account. Then all the attacker has to do is forward the spoofed email to their target.

    More than 12 percent of the Alexa 100K most popular email domains–the most popular domains on the Internet– are vulnerable to this attack. These include a large number of news organizations, such as the Washington Post, the Los Angeles Times and the Associated Press, as well as domain registrars like GoDaddy, financial services, such as Mastercard and Docusign and large law firms. In addition, 32% of .gov domains are vulnerable, including the majority of US cabinet agencies, a range of security agencies, and agencies working in the public health domain, such as CDC. At the state and local level, virtually all primary state government domains are vulnerable and more than 40% of all .gov domains are used by cities.

    In a second version of this attack, an attacker creates a personal Outlook account to forward spoofed email messages to Gmail. In this scenario, the attacker takes on the identity of a domain that is also served by Outlook, then sends the spoofed message from their own malicious server to their personal Outlook account, which in turn forwards it to a series of Gmail accounts.

    Roughly 1.9 billion users worldwide are vulnerable to this attack.

    Researchers also found variations of this attack that work for four popular mailing list services: Google groups, mailman, listserv and Gaggle.

    The researchers were able to spoof a wide range of email addresses

    Potential solutions

    Researchers disclosed all vulnerabilities and attacks to providers. Zoho patched their issue and awarded the team a bug bounty. Microsoft also awarded a bug bounty and confirmed the vulnerabilities. Mailing list service Gaggle said it would change protocols to resolve the issue. Gmail also fixed the issues the team reported and iCloud is investigating.

    But to truly get to the root of the issue, researchers recommend disabling open forwarding, a process that allows users to configure their account to forward messages to any designated email address without any verification by the destination address. This process is in place for Gmail and Outlook. In addition, providers such as Gmail and Outlook implicity trust high-profile email services, delivering messages forwarded by these emails regardless.

    Providers should also do away with the assumption that emails coming from another major provider are legitimate, a process called relaxed validation policies.

    In addition, researchers recommend that mailing lists request confirmation from the true sender address before delivering email.

    “A more fundamental approach would be to standardize various aspects of forwarding,” the researchers write. “However, making such changes would require system-wide cooperation and will likely encounter many operational issues.”

    Methods

    For each service, researchers created multiple test accounts and used them to forward email to recipient accounts they controlled. They then analyzed the resulting email headers to better understand which forwarding protocol the service used. They tested their attacks on 14 email providers, which are used by 46% of the most popular internet domains and government domains.

    They also created mailing lists under existing services provided by UC San Diego, and by mailing list service Gaggle.

    Researchers only sent spoofed email messages to accounts they created themselves. They first tested each attack by spoofing domains they created and controlled. Once they verified that the attacks worked, they ran a small set of experiments that spoofed emails from real domains. Still, the spoofed emails were only sent to test accounts the researchers created.

    “One fundamental issue is that email security protocols are distributed, optional and independently configured components,” the researchers write. This creates a large and complex attack surface with many possible interactions that cannot be easily anticipated or administrated by any single party.“

    Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy

    Alex Enze Liu, Ariana Mirian, Grant Ho, Geoffrey M. Voelker and Stefan Savage, UC San Diego Department of Computer Science and Engineering

    Gautam Akiwate, Stanford University

    Mattijs Jonker, University of Twente, Netherlands

    Media Contact:
    Ioana Patringenaru – ipatrin@ucsd.edu

  • CNS in 2023: the Annual Research Review

    By Kimberley Clementi

    The Center for Networked Systems (CNS) held its annual CNS Research Review at the UC San Diego Computer Science and Engineering Building on May 4 and 5. Now in its second decade, the invitation-only event introduced leaders from Qualcomm, Microsoft, Google, Cisco, Amazon and six additional industry representatives to the latest research from CNS students and faculty.

    The event included 18 research talks, eight two-minute lightening talks and nine poster presentations. A dinner reception was held at the 15th-floor meeting rooms at Seventh College, overlooking La Jolla’s scenic Black’s Beach. The event was hosted by Stefan Savage and George Porter, CNS co-directors and professors in the Department of Computer Science and Engineering.

    “Our guests enjoy the CNS Research Review because it intersects with real-life challenges in their industries and broadens the depth and breadth of related research.  At the same time, our students benefit from casual conversations with industry leaders,” said CNS Administrative Manager Jennifer Folkestad.

    CNS has expertise across a wide range of applied research areas involving computer networking, systems, security and related policy. In each area, affiliated faculty and students address emerging real-world problems in partnership with member companies. The CNS Research Review mirrors this approach, providing CNS graduate students the opportunity to present a talk to industry guests and elicit insights on the practical problems addressed by their research.

    Over the course of two days, research talks were presented by four CNS affiliated-faculty members: Amy Ousterhout, Geoffrey Voelker, and Earlence Fernandes from CSE and Christian Dameff, MD from the Department of Emergency Medicine. Fifteen CNS/CSE graduate students also gave talks, including (in order of appearance): Amanda Tomlinson, Alex Bellon, Zhiyuan Guo, Enze “Alex” Liu, Caleb Stanford, Zesen “Jason” Zhang, Audrey Randall, Yuhao Zhang, Kabir Nagrecha, Alex Yen, Tianyi Shan, Evan Johnson, Yibo Guo, Keegan Ryan and George Arnold Sullivan.

    Event Webpage: https://cns.ucsd.edu/events/event/announcing-the-cns-research-review-may-4-and-5-2023/

    https://cse.ucsd.edu/about/news/cns-2023-annual-research-review

  • CNS Faculty Member Honored for Excellence in Semiconductor Design Research

    CNS faculty member Tajana Šimunić Rosing, a leading researcher in accelerating big data in hardware using both novel machine learning techniques, such as hyperdimensional computing, and in- and near-memory and storage processing, will receive the 2022 University Research Award from the Semiconductor Industry Association (SIA) and the Semiconductor Research Corporation (SRC).

    CNS Faculty Member Tajana Rosing

    SIA and SRC present the University Research Awards annually to professors who demonstrate excellence in advancing research in semiconductor technology and design. Rosing, the Fratamico Endowed Chair in the Department of Computer Science and Engineering, was honored on November 17 in San Jose for excellence in design research. She is the first woman to receive this award since its inception in 1995.

    Full Story

  • José Santana Sosa: First Recipient of Two Alan Turing Memorial Scholarships

    By Kimberley Clementi

    José Santana Sosa, a UC San Diego senior majoring in computer science, has received the 2022-2023 Alan Turing Memorial Scholarship from the Center for Networked Systems (CNS). He has also been named the inaugural recipient of CNS’s first ever Alan Turing Memorial Teradata Scholarship. This makes Santana Sosa the first student to receive both scholarships for a single school year.

    Pictured (l-r): CNS Co-Director George Porter, Recipient José Santana Sosa, CNS Co-Director Stefan Savage (Photo Credit: Alex Matthews)
    CNS established the Alan Turing Memorial Scholarships to honor the memory of Alan Turing, the co-founder of computer science and a World War II era mathematician and cryptanalyst whose contributions to code breaking accelerated the Allied victory. After the war, Turing was persecuted for his orientation as a gay man. He died by suicide in 1954.

    “Winning this scholarship is a great honor that deeply humbles me,” said Santana Sosa. “I am privileged to be part of this effort to bring visibility to the LGBTQ+ community and how impactful we have been throughout history.”

    José Santana Sosa (Photo Credit: Alex Matthews)
    Santana Sosa, who moved to the United States from Venezuela, views the dual awards as validation of his many years of hard work. Prior to transferring to UC San Diego, Santana Sosa graduated from community college with an associate degree in mathematics. He recently interned with Apple in software engineering and with LPL Financial in technology and cyber security and, at one time, worked in an immigration law office helping others on their path to citizenship.

    “Being an immigrant, Latinx, gay, first-generation transfer student, I understand how important and challenging it is to present your full, intersecting-self in academic and professional spaces. I am passionate about easing and supporting the way for others who are on a similar path,” said Santana Sosa.

    Santana Sosa’s dedication to advancing underrepresented populations in science, technology, engineering and mathematics (STEM) is more than just talk. Currently, he is active in two engineering student organizations that support diversity in STEM: Society of Hispanic Professional Engineers (SHPE) and Out in STEM (oSTEM).

    As Santana Sosa continues his CSE studies, he intends to prioritize human-centered design, developing software that solves and prevents problems for vulnerable populations. He hopes his contributions will disrupt the bias and inequality in computing and technology and improve the lives of individuals in marginalized groups. Santana Sosa also aspires to become a community college professor.

    The Alan Turing Memorial Scholarship and the Alan Turing Memorial Teradata Scholarship are open to undergraduates who are active supporters of the LGBTQIA+ community and majoring in computer science, computer engineering, public policy, communications, and other programs touching on networked systems. They are awarded to students based on academic merit, with a preference for those with demonstrated financial need.

    In February 2020, CNS reached its endowment goal of $250,000 for the Alan Turing Memorial Scholarship, for an annual award of $10,000. In 2021, the Teradata Corporation donated $50,000 to endow a second scholarship, the Alan Turing Memorial Teradata Scholarship, which gives an additional annual award of $2,000.

    CSE is committed to diversity, equity, and inclusion efforts (DEI). Those interested in supporting scholarships related to those efforts can contact Jennie Morrow at jmorrow@eng.ucsd.edu. For more information about the Alan Turing Memorial scholarships, please contact Jennifer Folkestad at cns@eng.ucsd.edu.

    UC San Diego Today Article

  • Most influential Paper of ICFP’12

    Congratulations to CNS faculty member Deian Stefan for receiving the most influential paper of ICFP’12 award for “Addressing Covert Termination and Timing Channels in Concurrent Information Flow Systems.”

  • USENIX Security ’22 Test-of-Time Award

    Congratulations to CNS faculty member Nadia Heninger for her USENIX Security ’22 Test-of-Time award for her 2012 paper: “Mining your Ps and Qs: Detection of Widespread Weak Keys in Network Devices.” Nadia’s paper was also won the best paper award the year it was published. https://bit.ly/3RP4Izt.

  • CORONAVIRUS JUMPED TO HUMANS AT LEAST TWICE AT WUHAN MARKET IN CHINA

    Studies describe not only where the COVID-19 pandemic began, but the likelihood that the causative SARS-CoV-2 virus made the leap from animal hosts to people multiple times
    August 24, 2022– In a pair of related studies, published online July 26, 2022 via First Release in Science, researchers at University of California San Diego, with colleagues on four continents, show that the origin of the COVID-19 pandemic in 2019 was at the Huanan Seafood Wholesale Market in Wuhan, China, and resulted from at least two instances of the SARS-CoV-2 virus jumping from live animal hosts to humans working or shopping there.

    The findings, first reported in February after the papers were posted online as preprints awaiting peer review, garnered international attention, primarily focusing on identifying the market as the early epicenter of the COVID-19 pandemic. The World Health Organization estimates that there have been more than 559 million confirmed cases of COVID-19 worldwide and 6.4 million deaths since the pandemic was declared in early 2020.

    “It’s vital that we know as much about the origin of COVID-19 as possible because only by understanding how pandemics get started can we hope to prevent them in the future,” said Joel O. Wertheim, PhD, associate professor in the Division of Infectious Diseases and Global Public Health at UC San Diego School of Medicine, and a co-author on both papers.

    But elemental to understanding pandemic origins is pinpointing not just where, but how, a pathogen successfully jumps from a non-human animal host to human, known as a zoonotic event.

    “I think there’s been consensus that this virus did in fact come from the Huanan Market, but a strong case for multiple introductions hasn’t been made by anyone else yet,” said Wertheim, senior author of the study that posits the SARS-CoV-2 virus, which causes COVID-19, jumped from animals to humans at least twice and perhaps as many as two dozen times.

    According to researchers, two evolutionary branches of the virus were present early in the pandemic, differentiated only by two differences in nucleotides — the basic building blocks of DNA and RNA.

    Lineage B, which included samples from people who worked at and visited the market, became globally dominant. Lineage A spread within China, and included samples from people pinpointed only to the vicinity the market. If the viruses in lineage A evolved from those in lineage B, or vice versa, Wertheim said this would suggest SARS-CoV-2 jumped only once from animals to humans.

    But work by Wertheim and collaborators found that the earliest SARS-CoV-2 genomes were inconsistent with a single zoonotic jump into humans. Rather, the first zoonotic transmission likely occurred with lineage B viruses in late-November 2019 while the introduction of lineage A into humans likely occurred within weeks of the first event. Both strains were present at the market simultaneously.

    Researchers arrived at this conclusion by deciphering the evolutionary rate of viral genomes to deduce whether or not the two lineages diverged from a single common ancestor in humans. They used a technique called molecular clock analysis and an epidemic simulation tool called FAVITES, invented by Wertheim team member Niema Moshiri, an assistant professor of computer science at Jacobs School of Engineering at UC San Diego and study co-author.

    Niema Moshiri, a faculty member in the Department of Computer Science and Engineering at UC San Diego developed an epidemic simulation tool that was key to the papers’ findings.

    “None of this could have been done without FAVITES,” said Wertheim.

    Validation

    In February 2022, researchers at the Chinese Center for Disease Control and Prevention published a long-delayed analysis of genetic traces of the earliest environmental samples collected at the market two years earlier.

    The samples were obtained after the first reports of a new, mysterious illness and after the market had already been shut down. No live wild mammals were left at the market. Instead, Chinese researchers swabbed walls, floors and other surfaces, tested meat still in freezers, sampled sewers and caught mice and stray cats and dogs around the market.

    Their findings confirmed the not-yet-published predictions of Wertheim’s team that Lineage A was also at the market.

    “We felt validated, but what we felt more was immense pressure because they beat our preprint to the punch by about 12 hours, and we could only discuss their findings in light of ours,” Wertheim said. “We were also shocked that they had been sitting on evidence for lineage A at the market for over a year without realizing its importance.”

    The newly published data, said study authors, are powerful evidence that the two viral lineages evolved separately and that multiple spillover events occurred. The Wuhan market reportedly contained a robust live wild animal business, with snakes, badgers, muskrats, birds and raccoon dogs (a canid indigenous to Asia) and other species sold for food. Wertheim said he believes there were likely many viral introductions. At least two successfully made the animal-human leap; other viral strains went extinct.

    “While I’m hesitant to call it proof, what we presented is the most comprehensive explanation for the SARS-CoV-2 genomic diversity at the outset of the pandemic,” Wertheim said. “There are really no other good explanations for both of these strains being at the market except for multiple jumps into humans.”

    (The findings undercut a circulating and persistent theory that the SARS-CoV-2 virus escaped from the Wuhan Institute of Virology, located a few miles from the market.)

    Jonathan E. Pekar, a doctoral student in Bioinformatics and Systems Biology who co-led the project with Wertheim and is lead author, said the pandemic was likely looming for years, awaiting only for the opportunity when humans would come into contact with an animal host capable of transmitting the virus.

    “Everything complicated happened before that introduction,” Pekar said. “The last step is just extended contact and transmission from hosts to humans. At that point, it would actually be unusual to only have one introduction. We’ve seen this before with MERS-CoV (a similar zoonotic virus). We’ve seen it with humans giving SARS-CoV-2 to minks on farms and then minks giving it back to humans.

    “This has happened before, and it’s going to keep happening. Nature is a better lab than humans will ever be.”

    In addition to Moshiri and Pekar, Katherine Izhikevich is a co-author and a master’s student in computer science and the Center for Networked Systems.

    Katherine Izhikevich is a co-author and a master’s student in CSE and CNS at UC San Diego.

    The latest study continues a series of published papers by Wertheim and colleagues investigating and chronicling the origin and spread of COVID-19.

    In September 2020, they published data explaining how the first, few cases of novel coronavirus in North America and Europe quickly spread due to insufficient testing and contact tracing. In March 2021, Wertheim, Pekar and colleagues characterized the brief time-period during which SARS-CoV-2 could have circulated undetected before the first human cases in Wuhan.

    Co-authors of “The molecular epidemiology of multiple zoonotic origins of SARS-CoV-2” include: Andrew Magee, Karthik Gangavarapu and Marc A. Suchard, all at UCLA; Edyth Parker, Nathaniel L. Matteson, Mark Zeller, Joshua I. Levy and Kristian G. Andersen, all at The Scripps Research Institute; Katherine Izhikevich, Jennifer L. Havens and Tetyana I. Vasylyeva, all at UC San Diego; Lorena Mariana Malpica Serrano and Michael Worobey, both at University of Arizona; Alexander Crits-Christoph, Johns Hopkins Bloomberg School of Public Health; Jade C. Wang and Scott Hughes, both at New York City Department of Health; Jungmin Lee, Heedo Park, Man-Seong Park, Korea University; Katherine Ching Zi Yan and Raymond Tzer Pin Lin, all at National Centre for Infectious Diseases, Singapore; Mohd Noor Mat Isa and Yusuf Muhammad Noor, both at Malaysia Genome and Vaccine Institute; Robert F. Garry, Tulane University; Edward C. Holmes, University of Sydney, Australia; and Andrew Rambaut, University of Edinburgh.

    Funding for this research came, in part, from the National Institutes of Health (grants T15LM011271, 5T32AI007244-38, R01AI135992, R01AI136056, R01AI132223, R01AI132244, U19AI142790, U54CA260581, U54HG007480, OT2HL158260, R01AI153044, U19AI135995, U01AI151812 and UL1TR002550), the National Science Foundation (NSF-2028040), the Coalition for Epidemic Preparedness Innovation, the Wellcome Trust Foundation, Gilead Sciences, the European and Developing Countries Clinical Trials Partnership Programme, the European Research Council, the Australian Research Council Laureate Fellowship, the National Research Foundation of Korea, the Branco Weiss Fellowship, the Epidemiology and Laboratory Capacity (ELC) for Infectious Diseases Cooperative Agreement and the Centers for Disease Control and Prevention (6NU50CK000517-01-07).

    Full studies:

    The Hunan Seafood Wholesale Market in Wuhan was the early epicenter of the COVID-19 pandemic

    The molecular epidemiology of multiple zoonotic origins of SARS-CoV-2

    Media Contacts
    Scott LaFee
    UCSD Health Sciences
    619-543-6163
    slafee@ucsd.edu

  • CNS Espresso Prize for Excellence in Networking

    The CNS Espresso Prize for Excellence in Networking was awarded by Professor Aaron Shalev to UCSD undergraduate students Yibo Wei, Dylan Ellsworth, and Joshua Kuschner for their outstanding final projects in CSE 123 (spring quarter 2022).

    Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practices of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.

    Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.

    The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123 based on the criteria for the final project assigned each year.

    Previous Recipients of the CNS Espresso Prize for Excellence in Networking:

    2018 Undergraduate recipient: Weiyang Wang
    2017 Undergraduate recipient: Christian Chung
    2017 Undergraduate recipient: Yihan Zhang
    2016 Undergraduate recipient: Conner Johnston
    2014 Undergraduate recipient: Aaron Yip Ming Wong
    2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
    2013 Undergraduate recipient: Jacob Maskiewicz
    2013 Graduate recipient: Vidya Kirupanidhi

  • CNS Corporate Members

    The Center for Networked Systems welcomes Cisco, Google, and Qualcomm as new and renewed CNS Corporate Members. To learn more about CNS corporate membership please go here: https://cns.ucsd.edu/member-benefits/.

  • STUDENT-CREATED VIDEO GAMES REVEAL TALENT, TEAMWORK AND TECHNICAL KNOW-HOW

    A timed race between folding chairs and bean bags. A fast-paced beauty pageant where only one race car wins the crown. A farm with a dark twist. A game of cat and mouse. A magical battle in a medieval castle.

    Five teams of students from CSE 125 (aka the Video Game class) showed off their talent and technical skills. First up was the Chairioteers!

    In a mere 10 weeks, that’s what computer science students in UC San Diego’s Department of Computer Science course CSE 125, dubbed the “video game class,” tackled with z-values, vectors, lines of code and 3D effects. Students pulled out all the bells and whistles – or at least digitally recorded soundtracks of them.

    But what they learned went beyond fun and games. Students in CSE’s Software System Design and Implementation course spent spring quarter discussing both creative and highly technical questions related to their class project. The course emphasized the development process as well as one overarching goal: to design, build and implement a real-time, 3D multiplayer game as part of a team.

    The popular course has been taught by CNS/CSE Professor Geoff Voelker for more than 20 years.

    “On the first day of class in week one, we form five groups in the course,” said Voelker. “After we have everyone together, they start designing. They create a lot of concept art. They’re trying to picture what it is they want to be able to achieve. And then, by week two, they start implementing.”

    From there, students have eight more weeks to decide on the features of their project, specify its requirements, create a schedule and implement their design. To make the course more exciting— and challenging— the groups give a public demonstration at the end of the course, which doubles as their final exam.

    On June 3, team demos continued a long streak of engineering skill and pure entertainment. During the two-hour live event, five games – Chairioteers, Skrrt Skirt, Farmers Market, The Meoze Runner and Eternal Ritual – debuted on a large screen in the Qualcomm Institute auditorium in Atkinson Hall. Audience members were picked at random to play against members of the game’s development team.

    “There’s really something magical that happens,” said Voelker. “By the end of the quarter, what’s really incredible is that it all comes together. It just looks amazing. Just incredible.”

    Chairioteers

    As Team One took the stage, they invited four competitors to grab their favorite chair and enjoy a quirky and spirited race across the UC San Diego campus. Inspired by “rollie chairs” in the CSE department (and by illicit late-night student races down its hallways), Chairioteers allowed players to select a classic swivel, a folding chair, a recliner or bean bag to race each other and the clock.

    As players adjusted to the mechanics and speed of their selected chair, the Chairioteers’ game map zipped them past a gorgeous sunset, the iconic Geisel Library and the towering, multi-colored Sun God. A mini map on the top left helped players navigate the course. An original soundtrack, “Hold onto Your Seats,” played in the background.

    That’s when an unexpected twist had players holding onto their seats for real. Audience members who scanned the QR code displayed on the screen could tweak the game in real-time. Every 15 seconds the audience voted on a web page to determine what happened to players in the game.

    Chairioteers was written entirely in Rust, a programming language the team taught themselves during the first two weeks of class.

    Skrrt Skirt

    “Once upon a time, there were four cars. For the purposes of this story, we should give them names. How about Bill, Berry, Bevan and Bandrew,” began Emily Zhuang, prompting laughter, as the suggestions were playful adaptations of team member names.

    Zhuang then introduced a fifth racecar, Baiden, named for yet another team member. But unlike the other cars, Baiden wore makeup, lipstick and a shiny, satin ribbon, which created a stir. All the cars wanted to look as fabulous as Baiden. They wondered which one of them could look the most glamorous.

    With Mario Kart nostalgia and the unmistakable pink and pretty trappings of a beauty pageant, Skrrt Skirt’s creators set out to answer that question. The multi-player party game gave competitors one objective: to win and hold the pageant crown the longest.

    Sporting lipstick, mascara, and girly flair, racecars collided, stole and used various power-ups, such as a hair dryer speed boost, to obtain the crown. As the race progressed, makeup dripped down the screen, inhibiting visibility. A bar at the bottom indicated when each car’s makeup had completely worn off, requiring a pit stop to touch-up lipstick and fully recharge.

    Team Two built their game in C++ and used OpenGL, an application programming interface, as their graphics engine.

    Farmers Market

    As Team Three took the stage and guest players began selecting characters in Farmers Market, it appeared to be the beginning of another bucolic farming game: there was Bumbus the bunny, Swainky the frog and Gilman the pig. Then the team introduced Pogo – a ghostly character with a ghoulishly grinning pumpkin head – offering the first indication the game had a dark side, too.

    “Obviously, a beautiful farming game happens a lot. So we decided to let the players poison each other’s crops, destroy each other’s farms and intoxicate each other,” said Danica Xiong.

    “Farmers Market is a 3-D, third-person game where you can destroy your friendships or have a great time farming,” added Xiong. “Whoever makes the most money wins.”

    While the timeclock ran, players purchased vegetable seeds at the shop and planted them on farm plots. Tomatoes, carrots and corn grew rapidly along with “super oats,” which could replenish stamina. As day turned to night, players harvested and sold crops to earn money and make additional purchases of seeds, water, watering cans and fertilizer.

    That was one strategy. The shop had other merchandise for sale, too. Sabotage items – nets, shovels and poison – equipped players to steal veggies and destroy farm plots. They could also purchase items to inhibit their opponents’ abilities.

    The Meoze Runner

    Team Four loaded The Meoze Runner onto the auditorium screen, displaying a long, lean cat that stood at one end of a complex maze. Meanwhile, a team of three animated mice prepared to run the network of pathways and complete a series of tasks representing the UC San Diego campus and the steps to successfully graduate.

    This game of cat and mouse took audience members on a one-of-a-kind tour of UC San Diego, providing a mouse-eye view of iconic landmarks such as Geisel Library and Fallen Star. While one mouse searched the maze for a diploma and delivered it to the goal, the other two mice had stationary tasks to complete, such as stacking books and matching cards in a memory game.

    To win, the mice had to finish all three tasks before time ran out. To do this, they had to elude the cat. While the mice held an advantage in numbers, the cat was designed to move with more speed. Sound effects of meows and squeaks intensified the action, each time the cat drew close to its prey.

    “It looks like one of our mice dropped some ketchup. That is horrible,” exclaimed Aidan Denlinger as the cat caught and killed a mouse before disappearing into the maze. “This gives the cat a bit of a horror element. You don’t know when it’s going to come out.”

    Eternal Ritual

    The scene was a medieval castle. Two twin elves crouched expectantly in an elevator as it slowly descended a tower to the courtyard below. The doors opened to a dark, dramatic sky. Somewhere in the shadows lurked the enemy: a team of elfin beauties equipped in the deadly arts of pure magic.

    This was the realistic playground created by Team Five for Eternal Ritual. As game play began, two teams of elves stealthily hunted each other in the courtyard. The characters ran and dropped into forward rolls, all smoothly animated, to move faster and avoid taking damage. The left side of the screen displayed four types of magic the players could switch through as they battled the opposing team.

    “The first magic is shooting fireballs,” explained Kelin Lyu as two players from the audience competed against members of Team Five. “The fireball collides with the terrain and deals damage only to your enemies.”

    “The second magic is a chilling storm that deals continuous damage. It consists of many different types of particle systems to create the clouds, the dust, and the lighting. The third one creates lightening as a super fancy light and particle system, which is really cool. The last one is the ultimate,” said Lyu, as players cast a fire-breathing dragon head like an extension of their elf’s arm.

    “It deals a lot of damage but consumes all your energy – just like CSE 125,” he added to knowing laughter from the audience.

    Team Five developed their own powerful game engine, an OpenGL engine written in C++, to support the functionalities of their game and to render 3D objects above user interface (UI) elements.

    Written By Kimberley Clementi

  • BLUETOOTH SIGNALS CAN BE USED TO IDENTIFY AND TRACK SMARTPHONES

    A team of engineers at the University of California San Diego has demonstrated for the first time that the Bluetooth signals emitted constantly by our mobile phones have a unique fingerprint that can be used to track individuals’ movements.

    Mobile devices, including phones, smartwatches and fitness trackers, constantly transmit signals, known as Bluetooth beacons, at the rate of roughly 500 beacons per minute.These beacons enable features like Apple’s “Find My” lost device tracking service; COVID-19 tracing apps; and connect smartphones to other devices such as wireless earphones.

    Prior research has shown that wireless fingerprinting exists in WiFi and other wireless technologies. The critical insight of the UC San Diego team was that this form of tracking can also be done with Bluetooth, in a highly accurate way.

    “This is important because in today’s world Bluetooth poses a more significant threat as it is a frequent and constant wireless signal emitted from all our personal mobile devices,” said Nishant Bhaskar, a Ph.D. student in the UC San Diego Department of Computer Science and Engineering and the Center for Networked Systems and one of the paper’s lead authors.

    The team, which includes researchers from the Departments of Computer Science and Engineering and Electrical and Computer Engineering, presented its findings at the IEEE Security & Privacy conference in Oakland, Calif., on May 24, 2022.

    All wireless devices have small manufacturing imperfections in the hardware that are unique to each device. These fingerprints are an accidental byproduct of the manufacturing process. These imperfections in Bluetooth hardware result in unique distortions, which can be used as a fingerprint to track a specific device. For Bluetooth, this would allow an attacker to circumvent anti-tracking techniques such as constantly changing the address a mobile device uses to connect to Internet networks.

    Researchers tested their method to track Bluetooth fingerprints on campus. They use an off-the-shelf device to track and identify devices.

    Tracking individual devices via Bluetooth is not straightforward. Prior fingerprinting techniques built for WiFi rely on the fact that WiFi signals include a long known sequence, called the preamble. But preambles for Bluetooth beacon signals are extremely short.

    “The short duration gives an inaccurate fingerprint, making prior techniques not useful for Bluetooth tracking,” said Hadi Givehchian, also a UC San Diego computer science Ph.D. student and a lead author on the paper.

    Instead, the researchers designed a new method that doesn’t rely on the preamble but looks at the whole Bluetooth signal. They developed an algorithm that estimates two different values found in Bluetooth signals. These values vary based on the defects in the Bluetooth hardware, giving researchers the device’s unique fingerprint.

    Real-world experiments

    The researchers evaluated their tracking method through several real-world experiments. In the first experiment, they found 40% of 162 mobile devices seen in public areas, for example coffee shops, were uniquely identifiable. Next, they scaled up the experiment and observed 647 mobile devices in a public hallway across two days. The team found that 47% of these devices had unique fingerprints. Finally, the researchers demonstrated an actual tracking attack by fingerprinting and following a mobile device owned by a study volunteer as they walked in and out of their house.

    Challenges

    Although their finding is concerning, the researchers also discovered several challenges that an attacker will face in practice. Changes in ambient temperature for example, can alter the Bluetooth fingerprint. Certain devices also send Bluetooth signals with different degrees of power, and this affects the distance at which these devices can be tracked.

    Researcher were able to detect unique fingerprints for 47% of 647 devices.

    Researchers also note that their method requires an attacker to have a high degree of expertise, so it is unlikely to be a widespread threat to the public today.

    Despite the challenges, the researchers found that Bluetooth tracking is likely feasible for a large number of devices. It also does not require sophisticated equipment: the attack can be performed with equipment that costs less than $200.

    Solutions and next steps

    So how can the problem be fixed? Fundamentally, Bluetooth hardware would have to be redesigned and replaced. But the researchers believe that other, easier solutions can be found. The team is currently working on a way to hide the Bluetooth fingerprints via digital signal processing in the Bluetooth device firmware.

    Researchers are also exploring whether the method they developed could be applied to other types of devices. “Every form of communication today is wireless, and at risk,” said Dinesh Bharadia, a professor in the UC San Diego Department of Electrical and Computer Engineering and one of the paper’s senior authors. “We are working to build hardware-level defenses to potential attacks.”

    Researchers noticed that just disabling Bluetooth may not necessarily stop all phones from emitting Bluetooth beacons. For example, beacons are still emitted when turning off Bluetooth from the control center on the home screen of some Apple devices. “As far as we know, the only thing that definitely stops Bluetooth beacons is turning off your phone,” Bhaskar said.

    Researchers are careful to say that even though they can track individual devices, they are not able to obtain any information about the devices’ owners. The study was reviewed by the campus’ Internal Review Board and campus counsel.

    “It’s really the devices that are under scrutiny,” said Aaron Schulman, a UC San Diego computer science professor and one of the paper’s senior authors.

    Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices

    Dinesh Bharadia, UC San Diego Department of Electrical and Computer Engineering

    Nishant Bhaskar, Hadi Givehchian, Aaron Schulman, UC San Diego Department of Computer Science and Engineering

    Christian Dameff, UC San Diego Department of Emergency Medicine

    Eliana Rodriguez Herrera Hector Rodrigo Lopez Soto, UC San Diego ENLACE Program.

    Media Contacts

    Ioana Patringenaru
    Jacobs School of Engineering
    858-822-0899
    ipatrin@ucsd.edu

  • A QUARTER OF WORLD’S INTERNET USERS RELY ON INFRASTRUCTURE THAT IS SUSCEPTIBLE TO ATTACK

    About a quarter of the world’s Internet users live in countries that are more susceptible than previously thought to targeted attacks on their Internet infrastructure. Many of the at-risk countries are located in the Global South.

    That’s the conclusion of a sweeping, large-scale study conducted by computer scientists at the University of California San Diego, which recently received the Best Dataset at the Passive and Active Measurement Conference (PAM 2022). The researchers surveyed 75 countries.

    “We wanted to study the topology of the Internet to find weak links that, if compromised, would expose an entire nation’s traffic,” said Alexander Gamero-Garrido, the paper’s first author, who earned his Ph.D. in computer science at UC San Diego.

    Fraction of each country’s IP addresses that are exposed to observation or selective tampering by companies that connect Internet service providers to the global Internet. Countries are shaded in progressive shades of blue, with worst exposed countries in teh darkest blue. Countries in gray excluded from the study.

    The structure of the Internet can differ dramatically in different parts of the world. In many developed countries, like the United States, a large number of Internet providers compete to provide services for a large number of users. These networks are directly connected to one another and exchange content, a process known as direct peering. All the providers can also plug directly into the world’s Internet infrastructure.

    “But a large portion of the Internet doesn’t function with peering agreements for network connectivity,” Gamero-Garrido pointed out.

    In other nations, many of them still developing countries, most users rely on a handful of providers for Internet access, and one of these providers serves an overwhelming majority of users. Not only that, but those providers rely on a limited number of companies called transit autonomous systems to get access to the global Internet and traffic from other countries. Researchers found that often these transit autonomous system providers are state owned.

    This, of course, makes countries with this type of Internet infrastructure particularly vulnerable to attacks because all that is needed is to cripple a small number of transit autonomous systems. These countries, of course, are also vulnerable if a main Internet provider experiences outages.

    In the worst case scenario, one transit autonomous system serves all users. Cuba and Sierra Leone are close to this state of affairs. By contrast, Bangladesh went from only two to over 30 system providers, after the government opened that sector of the economy to private enterprise.

    This underlines the importance of government regulation when it comes to the number of Internet providers and transit autonomous systems available in a country. For example, researchers were surprised to find that many operators of submarine Internet cables are state-owned rather than privately operated.

    Researchers also found traces of colonialism in the topology of the Internet in the Global South. For example, French company Orange has a strong presence in some African countries.

    Researchers relied on Border Gateway Protocol data, which tracks exchanges of routing and reachability information among autonomous systems on the Internet. They are aware that the data can be incomplete, introducing potential inaccuracies, though these are mitigated by the study’s methodology and validation with real, in-country Internet operators.

    Next steps include looking at how critical facilities, such as hospitals, are connected to the Internet and how vulnerable they are.

    Quantifying Nations’ Exposure to Traffic Observation and Selective Tampering (PDF), authored by: Alberto Dainotti (now at Georgia Institute of Technology), Alexander Gamero-Garrido (now at Northeastern University), Bradley Huffaker and Alex C. Snoeren, University of California San Diego, Esteban Carisimo, Northwestern University, Shuai Hao, Old Dominion University.

    Written By Ioana Patringenaru

  • CSE’S NSF PHD RESEARCH FELLOWS

    Four graduate students in the UC San Diego Department of Computer Science and Engineering have received prestigious National Science Foundation (NSF) Research Fellowships. The new fellows will receive a $34,000 annual stipend for three years, a $12,000 education allowance to cover tuition and fees, and numerous professional development opportunities.

    (top row) Alex Trevithick and Alisha Ukani, (bottom row) Olivia Went and Alex Yen

    Founded in 1951, the NSF Graduate Research Fellowship Program is the country’s oldest effort to support graduate STEM students. Learn about the new NSF fellows from CSE and the research they are conducting.

    Alex Trevithick

    Advised by Ravi Ramamoorthi, Trevithick works in the UC San Diego Center for Visual Computing and is developing advanced techniques to extrapolate novel views from a single input. He combines an approach called neural radiance fields for view synthesis (NeRF) with other techniques to infer colors and geometries in unseen regions. His long-term goals are to advance visual intelligence, creating views from occluded parts of images. The project can be applied in robotic locomotion and other areas.

    Alisha Ukani

    Network measurement provides insights into the performance of critical infrastructure, such as large scale data centers, making services faster and more reliable and better tailoring them to users’ needs.

    Advised by Alex Snoeren, Ukani analyzes network traffic and reliability data. Her work has provided new insights into people’s online behaviors during COVID-19, as well as helping detect data center outages more quickly at Google. Ukani wants to continue her measurement research to improve people’s Internet experiences.

    Olivia Weng

    Weng focuses on using hardware/software co-design to create efficient, fault-tolerant computer architectures for machine learning. One example is the Large Hadron Collider, where physicists need hardware that will process millions of particle collisions per second. Her research will allow their hardware, and the machine learning software that runs on it, to meet these intense computing demands while resisting radiation.

    Weng is supported by her advisor, Ryan Kastner. This award will allow her to freely collaborate with researchers in particle physics, machine learning and computer architecture.

    Alex Yen

    Yen’s work focuses on infrastructure analyses, and he is now investigating a large-scale Internet-of-Things (IoT) network built by Helium. Advised by Pat Pannuto, Yen and colleagues want to better understand the network’s operation, adoption, performance and efficacy. He is also working on analyzing electric grid infrastructure, building a camera-based system that uses machine learning and computer vision to examine grids, particularly in developing nations. By analyzing images from street and house lights, he and colleagues can infer grid properties.

    Written by Josh Baxt

  • CNS Research Review

    The Center for Networked Systems (CNS) held its 30th CNS Research Review on April 29. This annual event included CNS corporate partners, faculty and graduate students. There were research talks by Audrey Randall, Lixiang Ao, Alex Liu, Jennifer Switzer, Alex Yen and Alex Forencich and two-minute lightning talks presented by ten graduate students.

    SkySafe founder and CEO Grant Jordan, who studied at CSE, gave the keynote, focusing on the challenges of tracking drones in critical airspace. With hundreds of drones in its fleet, Skysafe has reverse- engineered these complex machines to better understand how they operate and interact.

    Jordan discussed what it takes to build these systems, as well as the infrastructure needed to boost drone use for good and discourage careless, clueless and criminal elements. The industry is also embracing data analytics/coordination, AI, ML, normalizing data, sensor fusion and improved reverse engineering.

  • YUANYUAN ZHOU HONORED FOR BUG WORK

    In 2008, multicore processors, in which two or more processing units are embedded into an integrated circuit, were exploding in popularity. However, multicores spawned their own unique programming challenges.

    CSE Professor YY Zhou

    University of California San Diego computer scientist Yuanyuan (YY) Zhou realized the enormous task in front of researchers: writing software to take advantage of those multiple CPUs could have a lot of bugs.

    A professor in the Department of Computer Science and Engineering and the Qualcomm Endowed Chair, Zhou has now been honored with an Architectural Support for Programming Languages and Operating Systems (ASPLOS) 2022 most influential paper for her 2008 study: Learning from mistakes: a comprehensive study on real world concurrency bug characteristics.

    “To take advantage of the multiple CPUs, we needed to make our software with multiple threads running in parallel,” said Zhou. “But when you write that kind of program, they can have a lot of bugs, which really concerned people at the time.”

    One of the main issues was concurrency bugs, which happen when two programs are run simultaneously. In the study, Zhou and her team catalogued the types of bugs people were experiencing. They found that around a third of these problems were not adequately addressed by existing debugging tools. In addition, many of the potential fixes for these bugs did not always work.

    Concurrency issues were proving to be a huge drag on programming efficiency in multicore processors. So many bugs to fix and so few effective mechanisms to fix them.

    Practical Fixes
    The paper provided a path forward for programmers at Microsoft and many other companies to write code more effectively for multicore processors, but it almost didn’t happen. Zhou was presenting some other work to Intel when they recommended that she publish the findings of their empirical studies on real-world concurrency bugs.

    “The Intel people told us that would be more interesting, both in the academic world and to companies like Intel and Microsoft,” said Zhou. “We realized they were right and this study would be more relevant and would address an important problem. So, it was really almost accidental that we did this paper at all.”

    The paper continues to be important, as mobile apps also use multiple threads, necessitating robust tools to help detect and root out concurrency bugs. Still, despite its ongoing relevance, Zhou was surprised the paper was selected this year as most influential.

    “I know it’s one of the top cited papers at ASPLOS, but I didn’t expect them to select it,” said Zhou. “Initially, I didn’t even intend to write it. So, this was really nice and a surprise.”

    Written By Josh Baxt

  • Virtual Machine Snapshots with FaaSnap
    Virtual machine (VM) snapshots are a promising way to solve the cold start problem in serverless computing (FaaS). Serverless platforms can avoid the slow VM booting and initialization by using on-disk snapshots. However, due to the speed requirements associated with guest memory accesses and the unpredictable nature of FaaS applications, loading snapshots to memory can be challenging.

    Recently, PhD student Lixiang Ao, along with George Porter and Geoffrey Voelker, published FaaSnap: FaaS Made Fast Using Snapshot-based VMs, which tackles the snapshot loading problem.
    FaaSnap uses a set of complimentary optimizations, including concurrent paging, per-region memory mapping and compact loading set files, to improve snapshot loading performance. FaaSnap improves end-to-end performance for on-disk snapshots by up to 3.5 times and is only 3.5% slower than snapshots cached in memory. This paper is being presented this week at EuroSys 2022
  • IRR vs. RPKI

    For many years, the Internet Routing Registry (IRR) has been one of the primary mechanisms to protect against unauthorized rerouting of Internet traffic. However, IRR databases are not strictly authenticated. In 2012, the Resource Public Key Infrastructure (RPKI) was deployed as a more secure alternative. The RPKI boosts information integrity but also adds complexity and cost, limiting its growth.

    Recently, PhD student Ben Du, along with Alex C. Snoeren and KC Claffy, published IRR Hygiene in the RPKI Era, which explores the dynamics between RPKI and IRR. The team compared the completeness and consistency of the IRR and RPKI databases and studied the underlying causes of the inconsistencies to better understand how the ecosystem is evolving. This paper will be presented at the Passive and Active Measurement Conference (PAM) 2022 in March.

  • Deian Stefan Receives 2022 Sloan Research Fellowship

    CSE/CNS Assistant Professor Deian Stefan
    Deian Stefan, a CSE assistant professor, and a CNS Faculty member is part of the 2022 class of 118 Sloan Research Fellows, the Alfred P. Sloan Foundation announced Feb. 15, 2022.

    The Sloan Research Fellowships are one of the most competitive and prestigious awards available to early career researchers. The fellowships honor extraordinary U.S. and Canadian researchers whose creativity, innovation, and research accomplishments make them stand out as the next generation of leaders.

    Deian Stefan received his Ph.D. in computer science at Stanford. His research interests span security, programming languages and systems. Recently, his work with collaborators has led to the development of tools to make web browsers safer, including technology that is part of the newest Firefox release.

    In all, 143 faculty at the University of California San Diego have received a Sloan Research Fellowship since they were awarded first in 1955.

    Full article: https://ucsdnews.ucsd.edu/pressrelease/SloanFellows2022

  • A MEGA ACHIEVEMENT: TWO UC SAN DIEGO STUDENTS NAMED 2022 META PHD RESEARCH FELLOWS

    The University of California San Diego boasts two of this year’s 2022 Meta PhD Research Fellows—37scholars selected from a pool of 2,300 applicants worldwide.

    CNS/CSE Students: Stewart Grant (L) and Kabir Nagrecha (R)

    As fellows, Department of Computer Science and Engineering (CSE) and Center for Networked Systems (CNS) Ph.D. students Stewart Grant and Kabir Nagrecha will be able to present their own research, learn about current research at Meta, as well as receive tuition and fees for up to two years and a $42,000 stipend.

    Stewart Grant is a fourth-year Ph.D. student working with CNS/CSE Professor Alex Snoeren as part of the SysNets Group. His research interests are at the intersection of distributed systems, networking, and operating systems. He is currently focused on finding practical solutions for resource disaggregation using commodity programmable network devices. This work explores techniques for accelerating one-sided RDMA on passive banks of memory.

    “If research was not fun I’d likely not be doing it, so I’m very grateful that my environment lets me play and work at the same time. This fellowship has made me consider more deeply the practicality of my work, who may benefit from it, and what path I should consider going forward. It’s all been very… meta,” said Grant.

    Kabir Nagrecha is a first-year Ph.D. student in the Databases Lab, where he is advised by CNS/CSE Associate Professor Arun Kumar. He received competitive Ph.D. fellowships from both CSE and UC San Diego’s Halıcıoğlu Data Science Institute (HDSI). His research focuses on developing systems to enable scalable and efficient deep learning model building and deployment. He aims to amplify the impact of Machine Learning and enable new applications by creating the infrastructure to support large-scale operations.

    “I’m glad to have been honored with such a selective and prestigious award. But more than that, what excites me are the opportunities for the future. The fellowship gives me a great channel through which I can collaborate with researchers at Meta,” he said. “I’m hoping to use the fellowship to explore industry-relevant applications of my work as well as connect with experts in my domain who can help provide insight and guidance as my research career progresses.”

    Origin Story Posted Here: https://cse.ucsd.edu/about/news/mega-achievement-two-uc-san-diego-students-named-2022-meta-phd-research-fellows

  • CHANGE MAKERS OF CSE: KC CLAFFY (PHD ’94) AND THE EVOLVING INTERNET

    Kimberly (KC) Claffy had just completed her PhD in UC San Diego’s Department of Computer Science and Engineering when she noticed a problem: internet measurement data for scientific research might not always be available. The problem showed up soon after she graduated in 1994 when NSFNET, the National Science Foundation-funded Internet backbone infrastructure project, was decommissioned.

    CSE PhD Alumna KC Claffy

    “I wrote my dissertation on data about the Internet, but when I graduated, the data source, and in fact the entire NSFNET infrastructure, went away,” said Claffy, director of the Center for Applied Internet Data Analysis (CAIDA) at the San Diego Supercomputer Center, an adjunct professor in the Department of Computer Science and Engineering and an inductee into the Internet Hall of Fame.

    “I was concerned it would be impossible to conduct scientific studies on the Internet because the data would be behind proprietary doors of companies that were operating in an extremely competitive environment,” she said.

    The Internet was going through some rapid changes in the mid-90s. In the early 1980s, the Department of Defense (DOD), which created the original ARPANET, realized much of the traffic was not military and wanted to transition the technology out of DOD. This early Internet had become an incredibly important channel for researchers to share their work and the NSF wanted to help maintain this capability.

    Because UC San Diego hosted an NSFNET backbone node, it was an ideal place to conduct research. Claffy founded CAIDA in 1997 to support large-scale data collection, curation and sharing, part of a global effort to develop the still-young discipline of Internet cartography.
    “Researchers were not going to be able to study how networks really operated, what traffic or topology looked like, how it was evolving,” said Claffy. “The data gap was daunting, as the Internet industry rocketed forward, and I wanted to make sure researchers could study real networks and not just rely only on testbeds and simulation tools.”

    Data to Inform Public Policy

    The 1990s were an historically laissez-faire period for U.S. communications policy. Today, however, the U.S. government is recognizing there are harms on the Internet that merit attention to safeguard the public interest.

    However, what government regulations might look like, and how they would work across national boundaries, are open questions. A recent CAIDA initiative has focused on mapping on-line harms to measurements and data to inform scientific security studies, policy debates and assessments.
    “The challenges of understanding and managing complex critical infrastructure are not unique to the Internet,” said Claffy. “But other critical infrastructures have entire agencies dedicated to oversight, including measurement where appropriate. The Internet is not so amenable to that kind of oversight. Privacy-respecting sharing of measurement data will be an essential part of transparency and accountability mechanisms to support the security and trustworthiness of the Internet infrastructure.”

    Finding a Home at UC San Diego

    Claffy and CAIDA have several ongoing projects, primarily focused on building a more trustworthy Internet infrastructure by enabling infrastructure transparency and accountability through science, technology and policy (for data sharing) capabilities.

    Claffy considers herself lucky to have been in the right place at the right time to found CAIDA, conduct interesting work and stay at UC San Diego.
    “I’m not sure I could have created the group I created and pursued the projects I have anywhere else but UC San Diego,” she said. “The network and security research group in CSE is more impressive every year. It has been such a privilege to be a part of this community.”

  • Turing Scholarship Deadline

    Applications for the Alan Turing Memorial Scholarships are due by March 2. The scholarship is for enrolled UC San Diego undergraduates who actively support the LGBTQIA+ community and major in computer science, computer engineering, public policy, communications or other programs that touch on networked systems.

  • Gautam Akiwate Receives the Applied Networking Research Prize

    Gautam Akiwate won the Applied Networking Research Prize for his work on the paper “Risky BIZness: Risks Derived from Registrar NameManagement”.

    This is an award that the Internet Research Task Force (the research arm of the IETF, which manages the Internet standards) awards each year selected from papers nominated across the field of networking.

    This is the second year in a row for UCSD to win the prize (CNS/CSE Ph.D. student Audrey Randall won last year for her paper “Trufflehunter: Cache Sniffing Rare Domain Usage in Large Public DNS Resolvers”).

  • TWO UC SAN DIEGO COMPUTER SCIENTISTS NAMED AS 2021 ACM FELLOWS

    Two computer scientists from the University of California San Diego have been elected as fellows of the Association for Computing Machinery (ACM), the association announced today. They are among the 71 new fellows recognized by the ACM, the world’s largest educational and scientific computing society.

    ACM Fellows

    The ACM Fellows program recognizes the top 1% of ACM Members for their outstanding accomplishments in computing and information technology and/or outstanding service to ACM and the larger computing community. The 2021 Fellows represent universities, corporations, and research centers in Belgium, China, France, Germany, India, Israel, Italy, and the United States.

    The 2021 UC San Diego ACM Fellows are:

    • Ranjit Jhala, for contributions to software verification
    • Tajana Šimunić Rosingfor contributions to power, thermal, and reliability management

    “Ranjit and Tajana truly represent our department’s commitment to conducting impactful research and education. We are incredibly proud of their accomplishments, which benefit our community and the world, and are pleased they are being recognized with such a great honor,” said UC San Diego Department of Computer Science and Engineering (CSE) Chair Sorin Lerner.
    Ranjit Jhala’s research interests include programming languages and software engineering to develop techniques for building reliable computer systems. His work draws from, combines and contributes to the areas of: Type Systems, Model Checking, Program Analysis and Automated Deduction. He is part of the Programming Systems Group in CSE, which focuses on developing new languages, compilers, program analysis techniques and development environments for making software systems easier to build, maintain and understand.
    He joined CSE in 2005.

    UC San Diego Computer Science and Engineering Professors Ranjit Jhala (l) and Tajana Rosing (r) are among the 71 new ACM Fellows.

    Tajana Šimunić Rosing is the director of the System Energy Efficiency Lab at UC San Diego. Her research interests are in energy efficient computing, cyber-physical and distributed systems. The projects she leads include efforts funded by the Defense Advanced Research Projects Agency (DARPA) and the Semiconductor Research Corporation (SRC) that focus on design of accelerators for analysis of big data; an SRC and NSF-funded projects related to  Hyperdimensional Computing; and a National Science Foundation- funded project on the optimization of COVID-19 sequence analysis.
    She joined CSE in 2005.

    The addition of Jhala and Rosing brings to 14 the number of ACM Fellows among active faculty in the CSE department. Prior honorees included professors Victor Vianu (2006), Pavel Pevzner (2010), Stefan Savage (2010), Dean Tullsen (2011), Andrew Kahng (2012), Yuanyuan Zhou (2013), Mihir Bellare (2013), Rajesh Gupta (2016), Ravi Ramamoorthi, Alexander Vardy and Geoffrey Voelker (2017) and Alex Snoeren (2018).

    Written By Katie E. Ismael

  • UC ADOPTS RECOMMENDATIONS FOR THE RESPONSIBLE USE OF ARTIFICIAL INTELLIGENCE

    The University of California has adopted a set of recommendations to guide the safe and responsible deployment of artificial intelligence in UC operations and three researchers at UC San Diego were involved with the effort.

    CSE Professors Nadia Henninger and Lawrence Saul are part of the group that developed UC’s recommendations on responsible use of AI.

    UC becomes one of the first universities in the nation to establish overarching principles for the responsible use of artificial intelligence (AI) and a governance process that prioritizes transparency and accountability in decisions about when and how AI is deployed.

    The recommendations were developed by the University of California Presidential Working Group on Artificial Intelligence. The group was launched in 2020 by UC President Michael V. Drake and former UC President Janet Napolitano to assist UC in determining a set of responsible principles to guide procurement, development, implementation, and monitoring of artificial intelligence (AI) in UC operations.

    The group included three UC San Diego faculty: Nadia Henninger is an associate professor in the Department of Computer Science and Engineering (CSE) whose work focuses on cryptography and security; Lawrence Saul is a professor in CSE whose research interests are machine learning and data analysis; Camille Nebeker is a professor who co-founded and directs the Research Center for Optimal Digital Ethics Health at UC San Diego.

    The working group developed a set of UC Responsible AI Principles and explored four high-risk application areas: health, human resources, policing, and student experience. Nebeker and Saul were part of the group focusing on health, while Heninger worked on policing considerations. The group has published a final report that explores current and future applications of AI in these areas and provides recommendations for how to operationalize the UC Responsible AI Principles. The report concludes with overarching recommendations to help guide UC’s strategy for determining whether and how to responsibly implement AI in its operations.

    UC will now take steps to operationalize the Working Group’s key recommendations:

    • Institutionalize the UC Responsible AI Principles in procurement and oversight practices;
    • Establish campus-level councils and systemwide coordination to further the principles and guidance from the working group;
    • Develop a risk and impact assessment strategy to evaluate AI-enabled technologies during procurement and throughout a tool’s operational lifetime;
    • Document AI-enabled technologies in a public database to promote transparency and accountability.
  • ROUTER IN YOUR HOME MIGHT INTERCEPT YOUR INTERNET TRAFFIC-BUT IT MAY BE FOR YOUR OWN GOOD

    The router in your home might be intercepting some of your Internet traffic and sending it to a different destination. Specifically, the router can intercept the Domain Name System traffic –the communications used to translate human-readable domain names (for example www.google.com) into the numeric Internet Protocol (IP) addresses that the Internet relies on.  That’s the finding from a team of computer scientists at the University of California San Diego, which they presented at the Internet Measurement Conference on November 3, 2021.

    Audrey Randall, a CSE PhD. student and first author of the paper on this subject.

    Why does this matter?

    “The primary concern is privacy,” said Audrey Randall, a Ph.D. student in computer science at the University of California San Diego and first author of a paper on this subject. “When you visit a web site, you first have to do a DNS lookup for that site.  So whoever gets your DNS traffic gets to see all the sites that you’re visiting. In principle, you get to choose who performs your DNS lookups and you might pick a company that you trust not to sell your data or a company that uses robust security to protect their logs.  But if your DNS traffic is being silently intercepted and routed elsewhere, then someone else gets to see all that information.”

    Many cases of DNS interception are not malicious, Randall pointed out. Often, interception is used by Internet Service Providers (ISPs) to protect users from malware that contacts particular Domain Name System (DNS) resolvers, which are essentially the Internet’s phone books. These resolvers transform the website URL users enter into a browser into an IP address for the servers that store the website’s content. In this case, interception can be helpful, by preventing malware from harming a user’s computer.

    Researchers even found one instance of interception that was neither malicious nor benign: it was a simple bug. The UC San Diego team disclosed this bug to two Internet service providers. Both said they would work to fix issues. However, DNS queries also provide valuable data about users’ behavior that can be sold to advertisers, which might provide a less altruistic motive for some companies to intercept them.

    The phenomenon of DNS interception has been studied in recent years, but little was known about where in the network interception takes place–until now. It turns out that in a surprising number of cases, users’ own home routers are the culprit.

    These routers don’t send DNS queries to the target DNS resolver that the user specified. Instead, the software reroutes them to an alternate resolver. The query response is then modified so that it appears to come from the original target resolver. This modification makes the interception “transparent” to the user, and therefore very difficult to detect.

    Determining where transparent interception takes place is difficult. But researchers were able to do this by devising an innovative and clever methodology. They first made use of special DNS queries that were invented as debugging tools, but they found that no single query could give enough information to pinpoint an interceptor’s location. The key turned out to be to compare the responses from two special queries: the responses were identical if the interceptor was the home router, but different if the interceptor was elsewhere in the network.

    Even though DNS interception is often used to foil malware, the fact remains that users have no idea that their traffic is being redirected, or where it’s redirected to. “If you are concerned enough about who sees your data and who sells your data to advertisers, you want to make sure that the company handling it is actually who they say they are,” said Randall. “When this type of transparent interception is used, you think you have control over your traffic, but you don’t.”

    Researchers caution that their study has some limitations. For example, the platform they used to conduct their study is not representative of all interception cases, because it over-represents certain Internet service providers, countries, or demographics.

    Funding for this work was provided in part by National Science Foundation grants CNS-1629973 and CNS-1705050, the Irwin Mark and Joan Klein Jacobs Chair in Information and Computer Science at UC San Diego, and support from Google.

    Home is Where the Hijacking is: Understanding DNS Interception by Residential Routers

    Audrey Randall, Enze Liu, Ramakrishna Padmanabhan, Gautam Akiwate, Geoffrey M. Voelker, Stefan Savage and Aaron Schulman, University of California San Diego

  • Turing Scholarship Awarded

    CNS established the Alan Turing Memorial Scholarship to encourage a more diverse and inclusive community and honor Turing, the mathematician and cryptanalyst who helped invent computer science. This year’s awardee is a CS major in Warren College who prefers to remain anonymous. Congratulations to the recipient and many thanks to all who applied!

  • Who’s got your mail? Google and Microsoft, mostly

    Who really sends, receives and, most importantly perhaps, stores your business’ email? Most likely Google and Microsoft, unless you live in China or Russia. And the market share for these two companies keeps growing.

    (r to l) Alex, a CSE Ph.D. Student and the paper’s lead author and Stefan Savage, a CSE Professor and one of the paper’s senior authors.

    That’s the conclusion reached by a group of computer scientists at the University of California San Diego, who studied the email service providers used by hundreds of thousands of Internet domains– between 2017 and 2021.

    “Our research team empirically showed the extent to which email has been outsourced and concentrated to a small number of providers and service providers,” said Stefan Savage, a professor in the UC San Diego Department of Computer Science and Engineering and one of the paper’s senior authors.”

    The team presented their findings at the Internet Measurement Conference 2021, which took place virtually Nov. 2 to 4, 2021.

    This concentration has several consequences: it increases the impact of service failures and data breaches; and it exposes companies and users outside the United States to potential subpoenas from U.S. government agencies.

    A quick explainer of the difference between domains and service providers: The second half of your email address is your company or agency’s domain–for example, ucsd.edu is the domain for the University of California San Diego. The email service provider is the company that, behind the scenes, provides the infrastructure that allows you to send and receive email and stores your messages–so ucsd.edu’s email service is provided by a combination of Google and Microsoft mail services.

    Top providers and the number and percentage of domains
    using these companies in different sets of domain names

    As of June 2021, Google and Microsoft are the dominant providers among popular domains, with 28.5% and 10.8% market share, respectively. In comparison, GoDaddy leads the market of providing services for smaller domains, with a 29% market share. The authors also observed a higher level of concentration over time: Google and Microsoft’s market share increased by 2.3% and 2.9%, respectively, since June 2017.

    Some of the growth comes from smaller domains that used to host their own emails. “While self-hosted domains switched to providers across all categories, more than a quarter of them changed their mail provider to Google and Microsoft,” said Alex Liu, a UC San Diego computer science Ph.D. student and the paper’s lead author.

     

    More affected during outages, data breaches

    Concentration of email service providers has led to much bigger service outages. In August and December 2020, global outages affected Gmail and Drive–Gmail alone has an estimated 1.5 billion users. Outlook most recently suffered an outage in October 2021– an estimated 400 million people use the service.

    The concentration of email service providers also puts more people at risk in the event of a data breach. One often-cited example is the Yahoo data breach that exposed at least 500 million user accounts. Recently, a flaw in a Microsoft Exchange protocol has been shown to have leaked hundreds of thousands of credentials.

     

    Mail provider preferences by country

     

    Legal impact

    Google and Microsoft, the two dominant US-based email service providers, appear to be in wide use by organizations outside the United States — particularly across Europe, North America, South America, large parts of Asia and, to a lesser extent, Russia. For example, 65% of Brazilian domains in the researchers’ dataset host email with Google or Microsoft. But they are not used in China.

    However, outsourcing email service to US companies can also have legal implications. Under the 2018 CLOUD Act, US-based providers can be legally compelled to provide stored customer data, including e-mail, to US law enforcement agencies, regardless of the location of the data, or of the nationality or residency of the customer using the data.

    Perhaps as a result, Tencent has an overwhelming market share in China, with 41%, as does Yandex in Russia, with 32 %. Both countries have shown that they prefer to keep control over data access.

    In addition, an increasing number of email domains contract with email security providers, such as ProofPoint and Mimecast. These companies can operate as a third-party filter for inbound emails, removing the need to manage security locally. These companies have almost a 7% market share for large commercial companies; and a 17.5% market share for .gov domains.

    The research was funded by the National Science Foundation, the University of California San Diego, the EU H2020 CONCORDIA project and Google.

    Written By Ioana Patringenaru

  • THIS FRAMEWORK WILL IMPROVE THE SECURITY OF ALL FIREFOX USERS

    Researchers from the University of California San Diego, the University of Texas at Austin, and Mozilla have designed a new framework, called RLBox, to make the Firefox browser more secure. Mozilla has started deploying RLBox on all Firefox platforms this week.

    RLBox increases browser security by separating third-party libraries that are vulnerable to attacks from the rest of the browser to contain potential damage—a practice called sandboxing.

    Browsers, like Firefox, rely on third-party libraries to support different functionalities—from XML parsing, to spell checking and font rendering. These libraries are often written in low-level programming languages, like C, and, unfortunately, introducing vulnerabilities in C code is extremely easy. RLBox protects users from inevitable vulnerabilities in these libraries and supply-chain attacks that exploit these libraries.

    “Well funded attackers are exploiting zero-day vulnerabilities and supply chains to target real users”, said Deian Stefan, an assistant professor in UC San Diego’s Computer Science and Engineering department. “To deal with such sophisticated attackers we need multiple layers of defense and new techniques to minimize how much code we need to trust (to be secure). We designed RLBox exactly for this.”

    The team’s effort to deploy RLBox on all Firefox platforms is detailed in a recent Mozilla Hacks blog post.

    With RLBox, developers can retrofit systems like Firefox to put modules, like third-party libraries, in a fine-grained software sandbox. Like process-based sandboxing, which browsers use to isolate one site from another, software sandboxing ensures that bugs in the sandboxed module will not create security vulnerabilities—bugs are contained to the sandbox. “Unlike process-based sandboxing, though, RLBox’s sandboxing technique makes it possible for developers to isolate tightly coupled modules like Graphite and Expat without huge engineering or performance costs,” said Shravan Narayan, the UC San Diego computer science PhD student leading the project.

    WebAssembly and sandboxing

    At its core, the RLBox framework consists of two components. The first is the sandboxing technique itself: RLBox uses WebAssembly (Wasm). Specifically, RLBox compiles modules to WebAssembly and then compiles Wasm to native code using the fast and portable wasm2c compiler. “By compiling to Wasm before native code, we get sandboxing for free: We can ensure that all memory access and control flow will be instrumented to be confined to the module boundary,” said Narayan.

    Wasm also makes it possible for RLBox to optimize calls into and out of sandboxed code into simple function calls. In an upcoming study, to be published in the proceedings of the 2022 ACM SIGPLAN Principles of Programming Languages Symposium, the researchers show that this is safe because Wasm satisfies a set of theoretical conditions called  “zero-cost conditions.” This is unlike most other sandboxing techniques, which require glue code at the sandbox-application boundary to be secure. This glue code is error-prone and, in some cases, contributes to large performance overheads—the team’s Wasm compiler elides this glue code, its complexity, and its overhead.

    Tainted type system

    The second key component of RLBox is its tainted type system. Sophisticated attackers can break out of the Wasm sandbox if the code interfacing with the sandboxed code—the Firefox code—does not carefully validate all the data that comes out of the sandbox. RLBox’s type system, which is implemented using C++ metaprogramming, prevents such attacks by marking all data coming out of the sandbox as “tainted” and ensuring, through compiler errors, that developers sanitize potentially unsafe data before using it. “Without such a type system, it would be extremely difficult to ensure that developers put all the right checks in all the right places,” said Stefan.

    “RLBox is a big win for Firefox and our users,” said Bobby Holley, Distinguished Engineer at Mozilla. “It protects our users from accidental defects as well as supply-chain attacks, and it reduces the need for us to scramble when such issues are disclosed upstream.”

    The team’s original work on RLBox was published in the proceedings of the USENIX Security Symposium last March. Since then they’ve been working on bringing RLBox to all Firefox users. RLBox will ship on all Firefox platforms, desktop and mobile, sandboxing five different modules: GraphiteHunspellOggExpat and Woff2. The team is actively working on sandboxing more modules in future versions of Firefox and supporting use cases beyond Firefox.

     

    This work was supported in part by gifts from Mozilla, Intel, and Google; by the National Science Foundation  under grant numbers CCF-1918573  and CAREER CNS-2048262; and, by the CONIX Research Center, one of six centers in JUMP, a Semiconductor Research Corporation (SRC) program sponsored by DARPA.

  • HOW THE PANDEMIC LOCKDOWN IMPACTED UC SAN DIEGO UNDERGRAD INTERNET USE

    University of California San Diego computer scientists recently investigated how the COVID-19 pandemic influenced internet browsing during the lockdown. Armed with de-identified internet use data from UC San Diego dorm Wi-Fi, the researchers examined how online school and leisure activities shifted – for both American and international students. The study was presented at the ACM Internet Measurement Conference 2021.

    Graph showing volume of traffic for Zoom, with spikes in usage indicating the start of remote learning.

    The research focused on several thousand students in single-occupancy housing and how they responded to isolation between February and May 2020. The group found, not surprisingly, that students increased their internet usage by 58 percent from February to April 2020. However, in May those numbers began coming down. This was true of general usage and, more specifically, social media.

    “We found that domestic students increased their social media usage early in the lockdown, but then that usage fell,” said Department of Computer Science and Engineering Ph.D. student Alisha Ukani who is the first author on the study. “That was a common effect – per capita usage intensified in the early months of the lockdown and then fell, returning to pre-pandemic levels in May, which was a bit of a surprise.”

    Paper authors (l to r) Alisha Ukani,
    Alex Snoeren and Ariana Mirian

    The research team, which was led by UC San Diego Department of Computer Science and Engineering Professor Alex Snoeren and included Ph.D. student Ariana Mirian, also studied the the browsing distinctions between international and U.S. students. Though they did not know who owned specific devices, they devised a rubric to differentiate these groups based on their browsing behaviors. For example, international students would be more likely to visit offshore sites.

    “We came up with a very conservative classification system, where we looked at all the websites each person was visiting and found the geographic coordinates of that site,” said Ukani.

    This ability to separate these populations, rather than treating them as a single monolith, enhanced the information they could extract from the user data. Because international students were often unable to find flights home, they were likely disproportionately represented among the students remaining in the dorms after lockdown.

    The team primarily focused on three categories: Zoom, social media and gaming. Zoom activity increased on weekdays – class time – but also showed small increases on weekend afternoons, which might have represented calls with friends and family.

    Graph showing the number of devices
    on campus, indicating the large
    number of students who left campus.

    For social media, domestic use of Instagram and Facebook remained stable, declining in May. The platforms were more popular for Americans than international students, though the latter increased their use in May.

    Both domestic and international students increased using the Steam gaming platform early in the pandemic, but those numbers went down by May. A similar pattern was observed with Nintendo Switches.

    This study provides useful information about internet habits during the lockdown. But even more importantly, it polishes data gathering techniques for future efforts.

    “The techniques we developed in our analysis can be used in any internet usage measurement study,” said Ukani. “People can use our methods to classify international students or detect individual applications in any other context. We believe these techniques can be used by researchers outside of UC San Diego for their own measurement research.”

    Written by Josh Baxt

  • THIS TOOL PROTECTS YOUR PRIVATE DATA WHILE YOU BROWSE

    A team of computer scientists at the University of California San Diego and Brave Software have developed a tool that will increase protections for users’ private data while they browse the web.

    A high-level illustration that shows how SugarCoat modified code within API to protect private data.

    The tool, named SugarCoat, targets scripts that harm users’ privacy — for example, by tracking their browsing history around the Web — yet are essential for the websites that embed them to function. SugarCoat replaces these scripts with scripts that have the same properties, minus the privacy-harming features. SugarCoat is designed to be integrated into existing privacy-focused browsers like Brave, Firefox, and Tor, and browser extensions like uBlock Origin. SugarCoat is open source and is currently being integrated into the Brave browser.

    “SugarCoat is a practical system designed to address the lose-lose dilemma that privacy-focused tools face today: Block privacy-harming scripts, but break websites that rely on them; or keep sites working, but give up on privacy,” said Deian Stefan, an assistant professor in the UC San Diego Department of Computer Science and Engineering. “SugarCoat eliminates this trade-off by allowing the scripts to run, thus preserving compatibility, while preventing the scripts from accessing user-private data.”

    The researchers will describe their work at the ACM Conference on Computer and Communications Security (CCS) taking place in Seoul, Korea, Nov. 14 to 19, 2021.

    “SugarCoat integrates with existing content-blocking tools, like ad blockers, to empower users to browse the Web without giving up their privacy,” said Michael Smith, a PhD student in Stefan’s research group, who is leading the project.
    Most existing content-blocking tools make very coarse-grained decisions: They either totally block or totally allow a script to run, based on whether it appears on a public list of privacy-harming scripts.  In practice, though, some scripts are both privacy-harming and necessary for websites to function — and most tools inevitably choose to make an exception and allow these scripts to run. Today, there are more than 6,000 exception rules letting through these privacy-harming scripts.

    There is a better approach, though. Instead of blocking a script entirely or allowing it to run, content-blocking tools can replace its source code with an alternative privacy-preserving version. For example, instead of loading popular website analytics scripts which also track users, content-blocking tools replace these scripts with fake versions that look the same. This ensures that the content-blocking tools are not breaking web pages that embed these scripts and that the scripts can’t access private data (and thus report it back to the analytics companies). To date, crafting such privacy-preserving replacement scripts has been a slow, manual task even for privacy engineering experts. uBlock Origin, for example, maintains replacements for only 27 scripts, compared to the over 6,000 exception rules.

    How SugarCoat changes the game

    The researchers developed SugarCoat precisely to address this gap by automatically generating privacy-preserving replacement scripts.  The tool uses the PageGraph tracing framework–Smith was key to the development of the framework–to follow the behavior of privacy-harming scripts throughout the browser engine.

    SugarCoat scans this data to identify when and how the scripts talk to Web Platform APIs that expose privacy-sensitive data.  SugarCoat then rewrites the scripts’ source code to talk to fake “SugarCoated” APIs instead, which look like the Web Platform APIs but don’t actually expose any private data.

    To evaluate the impact of SugarCoat on Web functionality and performance, the team integrated the rewritten scripts into the Brave browser; they found that SugarCoat effectively protected users’ private data without impacting functionality or page load performance. SugarCoat is now being deployed in production at Brave.
    “Brave is excited to start deploying the results of the year-long SugarCoat research project,” said Peter Snyder, senior privacy researcher and director of privacy at Brave Software. “SugarCoat gives Brave and other privacy projects a powerful, new capability for defeating online trackers, and helps keep users in control of the Web.”
    This work was supported by the NSF under grant numbers CCF-1918573 and CAREER CNS-2048262, by a gift from Brave Software, and by an NSF Graduate Research Fellowship.

    SugarCoat: Programmatically Generating Privacy-Preserving, Web-Compatible Resource Replacements for Content Blocking

    Michael Smith and Deian Stefan, University of California San Diego
    Benjamin Livshits, Imperial College of London
    Peter Snyder, Brave Software

    Written by Ioana Patringenaru

  • ACM Internet Measurement Conference

    The annual ACM Internet Measurement Conference (IMC), which focuses on Internet measurement and analysis, accepted 55 papers this year, and 16 were from UC San Diego authors – nearly 30% of the total.

    Of the 16, seven were submitted by CNS and CSE Systems and Networking Group; three had CAIDA authors; UCSD undergrad Katherine Izhikevich co-authored one; and one was submitted by Sysnet Ph.D. student Rukshani Athapathu. Four were submitted by UCSD Ph.D. or postdoc alumni.

    A big congratulations to the UC San Diego and CNS authors who contributed to 2021 ACM IMC papers: Gautam Akiwate, Rukshani Athapathu, Kimberly Claffy, Alberto Dainotti, Alexander Gamero-Garrido, Katherine Izhikevich, Dhananjay Jagtap, Enze Liu, Alexander Marder, Ariana Mirian, Ricky Mok, Ramakrishna Padmanabhan, Audrey Randall, Stefan Savage, Aaron Schulman, Alex C. Snoeren, Alisha Ukani, Geoffrey M. Voelker, Huanlei Wu, Alex Yen, Zesen Zhang and Hongyu Zou. The 2021 ACM IMC was held virtually from November 2 to 4.

  • COMPUTER SCIENTISTS PART OF NSF GRANT TO MAKE BROWSERS SAFER

    Computer scientists at the University of California San Diego are part of a $3 million grant from the National Science Foundation to make web browsers safer.

    The group’s efforts will be headed by Deian Stefan, a CSE Assistant Professor.

    At UC San Diego, the effort will be headed by Deian Stefan, an assistant professor in the Department of Computer Science and Engineering. The grant’s principal investigator is Hovav Shacham, a professor at The University of Texas at Austin. Shacham, Stefan and other members of the team, including Fraser Brown at Stanford, Isil Dillig at UT Austin, UC San Diego professors Ranjit Jhala and Sorin Lerner, have extensive experience in the field of browser security.

    Last year, the team developed a framework, called RLBox, that increases browser security by separating third-party libraries that are vulnerable to attacks from the rest of the browser to contain potential damage—a practice called sandboxing. The RLBox framework was integrated into Firefox to complement Firefox’s other security-hardening efforts. Now, the team is expanding their focus to the other huge attack vector: the browser’s JavaScript just-in-time (JIT) compiler.

    Browser JITs turn web application code, written in JavaScript, into optimized machine code. Browser JITs are highly tuned and complex systems. Unfortunately, browser JITs also have bugs, and attackers have figured out how to take advantage of those bugs to take over the computers of users who visit their malicious websites.  Journalists and dissidents have been targeted by attackers using browser JIT bugs.
    “We need to rethink the way browsers execute JavaScript programs from the ground up, by designing and building new JavaScript interpreters and compilers that are extensible, maintainable, and verified secure,” Stefan said.
    The goal of the NSF project is to build and deploy more secure JavaScript JITs. To this end, the team will develop new techniques, frameworks, and principles that help browser developers build JIT compilers that are provably secure and don’t incur the high costs and development timelines traditionally associated with high-assurance software. “Everyone should be able to browse the web without worrying that clicking the wrong link will cause their computer to be compromised,” Shacham said.  “We hope our project can help make that goal a reality.”

    Written by: Ioana Patringenaru

  • Improving Algorithms for Side-Channel Cryptanalysis

    In side-channel attacks, attackers learn protected information by measuring an external hardware or software artifact, such as execution time or electromagnetic radiation. In cryptographic implementations, side-channel attacks can reveal secret keys and other sensitive information. However, an attacker’s measurements may be noisy or imperfect, and they might learn only a few bits of secret information.

    But even this small leak can break some cryptographic algorithms. With the DSA and ECDSA digital signature algorithms, an attacker can compute a secret signing key with only a handful of bits leaked each time the victim computes a digital signature. In a beautiful turn of mathematics, this key recovery calculation can be carried out by finding a short vector in an algebraic lattice.

    In On Bounded Distance Decoding with Predicate: Breaking the “Lattice Barrier” for the Hidden Number Problem, UC San Diego CSE/CNS faculty member Nadia Heninger and Martin R. Albrecht, from Information Security Group, Royal Holloway and the University of London, show how to recover secret keys by providing an algorithm to search the lattice for the key with less information and fewer signatures than was thought possible. Their paper will be presented on October 19 at the Eurocrypt hybrid conference in Zagreb, Croatia.

  • Improving Algorithms for Side-Channel Cryptanalysis

    In side-channel attacks, attackers learn protected information by measuring an external hardware or software artifact, such as execution time or electromagnetic radiation. In cryptographic implementations, side-channel attacks can reveal secret keys and other sensitive information. However, an attacker’s measurements may be noisy or imperfect, and they might learn only a few bits of secret information.

    CSE/CNS Associate Professor Nadia Heninger

    But even this small leak can break some cryptographic algorithms. With the DSA and ECDSA digital signature algorithms, an attacker can compute a secret signing key with only a handful of bits leaked each time the victim computes a digital signature. In a beautiful turn of mathematics, this key recovery calculation can be carried out by finding a short vector in an algebraic lattice.

    In On Bounded Distance Decoding with Predicate: Breaking the “Lattice Barrier” for the HiddenNumber Problem, UC San Diego CSE/CNS faculty member Nadia Heninger and Martin R. Albrecht, from Information Security Group, Royal Holloway, and the University of London, show how to recover secret keys, by providing an algorithm to search the lattice for the key, with less information and fewer signatures than was thought possible. Their paper will be presented on October 19 at the Eurocrypt hybrid-format conference in Zagreb, Croatia.

  • COMPUTER SCIENTISTS HONORED FOR THEIR WORK DISCOVERING THAT CARS ARE VULNERABLE TO HACKING

    September 22, 2021– Many people think of cars as a series of mechanical parts that — hopefully — work together to take us places, but that’s not the whole story.

    Inside most modern cars is a network of computers, called “electronic control units,” that control all the systems and communicate with each other to keep everything rolling smoothly along.

    UC San Diego computer science professor Stefan Savage.
    Photo credit: UC San Diego Qualcomm Institute / Alex Matthews

    More than 10 years ago, a team from the University of California San Diego and University of Washington investigated whether these computing systems could be hacked and how that would affect a driver’s ability to control their car. To their own surprise — and to the alarm of car manufacturers — the researchers were able to manipulate the car in many ways, including disabling the brakes and stopping the engine, from a distance. This work led to two scientific papers that opened up a new area of cybersecurity research and served as a wake-up call for the automotive industry.

    Now the team has received the Golden Goose Award from the American Association for the Advancement of Science. The Golden Goose Award recipients demonstrate how scientific advances resulting from foundational research can help respond to national and global challenges, often in unforeseen ways. The award, established in 2012, honors scientific studies or research that may have seemed obscure, sounded “funny,” or for which the results were totally unforeseen at the outset, but which ultimately led, often serendipitously, to major breakthroughs that have had significant societal impact.

    The car cybersecurity project was led by Stefan Savage and Tadayoshi Kohno, two professors of computer science at UC San Diego and the University of Washington, respectively. Kohno is a UC San Diego Ph.D. alumnus, receiving his Ph.D. in Computer Science and Engineering in 2006.

    “When General Motors started advertising its OnStar service, Yoshi and I had a conversation, saying, ‘I bet there’s something there,'” Savage said. “Moreover, vulnerabilities in traditional computers had fairly limited impacts. You might lose some data or get a password stolen. But nothing like the visceral effect of a car’s brakes suddenly failing. I think that bridging that gap between the physical world and the virtual one was something that made this exciting for us.”

    “More than 10 years ago, we saw that devices in our world were becoming incredibly computerized, and we wanted to understand what the risks might be if they continued to evolve without thought toward security and privacy,” Kohno said. “This award shines light on the importance of being thoughtful and strategic in figuring out what problems to work on today.”Savage and Kohno are both computer security researchers who often chatted about potential upcoming threats that could be good to study.

    The team’s papers prompted manufacturers to rethink car safety concerns and create new standard procedures for security practices. GM ended up appointing a vice president of product security to lead a new division. The Society for Automotive Engineers (SAE), the standards body for the automotive industry, quickly issued the first automotive cybersecurity standards. Other car companies followed along, as did the federal government. In 2012, the Defense Advanced Research Projects Agency launched a new government project geared toward creating hacking-resistant, cyber–physical systems.

    “I like to think about what would have happened if we hadn’t done this work,” Kohno said. “It is hard to measure, but I do feel that neighboring industries saw this work happening in the automotive space and then they acted to avoid it happening to them too. The question that I have now is, as security researchers, what should we be investigating today, such that we have the same impact in the next 10 years?”

    Discovering vulnerabilities

    Savage and Kohno formed a super-team of researchers from both universities. The team purchased a pair of Chevy Impalas — one for each university — to study as a representative car. Researchers worked collaboratively and in parallel, letting curiosity guide them.

    The first task was to learn the language the cars’ computerized components used to communicate with each other. Then the researchers worked to inject their own voices into the conversation.

    For example, the team started sending random messages to the cars’ brake controllers to try to influence them.

    “We figured out ways to put the brake controller into this test mode,” said Karl Koscher, a research scientist at UW, who also earned his PhD in Seattle. “And in the test mode, we found we could either leak the brake system pressure to prevent the brakes from working or keep the system fully pressurized so that it slams on the brakes.”

    The team published two papers in 2010 and 2011 describing the results.

    “The first paper asked what capabilities an attacker would have if they were able to compromise one of the components in the car. We connected to the cars’ internal networks to examine what we could do once they were hacked,” said Stephen Checkoway, an assistant professor of computer science at Oberlin College who completed this research as a UC San Diego doctoral student. “The second paper explored how someone could hack the car from afar.”

    In these papers, the researchers chose not to unveil that they had used Chevy Impalas, and opted to contact GM privately.

    “In our conversations with GM, they were quite puzzled. They said, ‘There’s no way to make the brake controller turn off the brakes. That’s not a thing,'” Savage said. “That Karl could remotely take over our car and make it do something the manufacturer didn’t think was possible reflects one of the key issues at play here. The manufacturer was hamstrung because they knew how the system was supposed to work. But we didn’t have that liability. We only knew what the car actually did.”

    Daniel Anderson, Alexei Czeskis, Brian Kantor, Damon McCoy, Shwetak Patel, Franziska Roesner and Hovav Shacham filled out the rest of the team. This research was funded by the National Science Foundation, the Air Force Office of Scientific Research, a Marilyn Fries endowed regental fellowship and an Alfred P. Sloan research fellowship.

    Other award recipients

    This year’s two other Golden Goose awards went to Katalin Karikó and Drew Weissman for their role in making mRNA into a medical therapy; and to V. Craig Jordan, who is known for pioneering the scientific principles behind a class of drugs called selective estrogen receptor modulators, or SERMs.

    UC San Diego researchers who received the Golden Goose award in the past include Larry Smarr, former director of the California Institute for Telecommunications and Technology and a professor in the Department of Computer Science and Engineering; and Nobel laureate Roger Tsien, a professor of pharmacology, chemistry and biochemistry, who passed away in 2016.

    Media Contacts
    Ioana Patringenaru
    Jacobs School of Engineering
    858-822-0899
    ipatrin@ucsd.edu

  • $5 MILLION NSF GRANT SUPPORTS DATA-FRIENDLY RESEARCH PLATFORM
    UC San Diego computer scientists will help develop the National Research Platform to create a data freeway system to accelerate research

    CSE Professor Tajana Rosing is a Co-PI on the project to prototype the National Research Platform (NRP), an actual information superhighway.

    The San Diego Supercomputer Center (SDSC) has received a $5 million grant from the National Science Foundation’s Office of Advanced Cyberinfrastructure to prototype the National Research Platform (NRP), an actual information superhighway. Several members of the UC San Diego Computer Science and Engineering Department will lend their expertise to the project.

    The grant funds efforts at SDSC, the Massachusetts Green High Performance Computing Center and the University of Nebraska–Lincoln to build a high-performance platform, optimizing equipment, configurations and security to support data-intensive science projects. The NRP will give research collaborators new opportunities to share data and work simultaneously on complex projects.

    COVID Analysis

    One of the many beneficiaries will be UC San Diego Computer Science and Engineering Professor Tajana Rosing, who is trying to solve several high-data problems.

    “I have been working with a couple of different teams on biology-related applications,” said Rosing. “For example, we’re trying to accelerate the COVID 19 genomics pipeline, creating a phylogenetic tree of life of all the different mutations of COVID-19 to track viral evolution. Right now, that takes a really long time.”

    Working with Professor of Pediatrics and Computer Science and Engineering Rob Knight and Assistant Teaching Professor Niema Moshiri and others, Rosing is using programmable hardware, called field-programmable gate arrays (FPGAs), to accelerate the process. So far, the analysis pipeline works great until the last step, actually creating the phylogenetic tree. That’s where the NRP comes in.

    “We will need many FPGAs to run in parallel, and that’s what the NRP platform does for us,” said Rosing. “The FPGAs must be connected with high bandwidth and low latency because we’re moving a lot of data around.”

    Molecular Dynamics

    Rosing is also using the NRP on a collaboration with the Lawrence Livermore Laboratory to model molecular dynamics to enhance drug discovery. The team is trying to analyze the physical movements of atoms and molecules, another data-intensive task, and using a similar parallel FPGA setup to gain the necessary speed.

    “It’s massive amounts of data and it’s interactive data,” said Rosing. “We’re trying to simulate interactions that happen in femtoseconds (one quadrillionth of a second), and need this very parallel system to get there.”

    The end goal is to use this computer modeling to determine which molecules have the greatest potential to become medicines. While chemists can create a seemingly endless number of molecules, only a few go on to become safe and effective therapies. Physically testing these molecules is both time-consuming and expensive.

    “The nice thing about simulating these interactions in the computer is that we don’t have to run cell-based tests in the lab on every compound,” said Rosing. “We can use the model to weed out the ones that won’t work and only move forward with the ones that show promise, dramatically reducing the amount of time it takes to develop new medicines.”

  • Jetset: Targeted Firmware Rehosting for Embedded Systems

    Executing code in an emulator is a fundamental part of modern vulnerability testing. However, to emulate embedded system firmware outside its native environment, the emulator must mimic hardware devices with enough accuracy to convince the firmware that it is executing on real hardware.

    In Jetset: Targeted Firmware Rehosting for Embedded Systems, UC San Diego CSE/CNS Ph.D. student Evan Johnson, CSE/CNS faculty Stefan Savage, and researchers at the University of Illinois at Urbana-Champaign and Oberlin College develop and implement Jetset, a system that uses symbolic execution to infer what behavior firmware expects from hardware devices. They used Jetset to test whether it was possible to boot firmware in an emulator by automatically inferring how the firmware and hardware interact.

    The team successfully applied Jetset to thirteen distinct pieces of firmware together, representing three architectures, three application domains, and five different operating systems. They also demonstrated how Jetset-assisted rehosting facilitates fuzz-testing on an avionics embedded system. Their work will be presented in August 2021 at the USENIX Security Symposium.

  • Swivel: Hardening WebAssembly against Spectre

    WebAssembly or Wasm is a portable bytecode that has increasingly been using sandbox untrusted code outside the browser. But unfortunately, Spectre attacks—the class of transient execution attacks which exploit control flow predictors—can bypass Wasm’s isolation guarantees.

    In Swivel: Hardening WebAssembly against Spectre, UC San Diego CSE/CNS Ph.D. students and researchers Shravan Narayan, Craig Disselkoen, Sunjay Cauligi, Evan Johnson, Zhao Gang, CSE/CNS Postdoc Daniel Moghimi, CSE Professor Dean Tullsen, CSE/CNS Professor Deian Stefan, UT Austin Professor Hovav Shacham, and Intel collaborators Anjo Vahldiek-Oberwagner and Ravi Sahita focus on hardening Wasm against Spectre attacks.

    The team takes a compiler-based approach to harden Wasm against Spectre without resorting to process isolation or the use of fences. Their new compiler framework, Swivel, ensures that code can neither use Spectre attacks to break out of the Wasm sandbox nor coerce victim code to leak secret data.

    To develop Swivel, the team describes a software-only approach that can be used on existing CPUs and a hardware-assisted approach that uses extensions available in Intel 11th generation CPUs. For both, they evaluate a randomized approach that mitigates Spectre and a deterministic approach that eliminates Spectre altogether. Their work will appear at the 30th USENIX Security Symposium, August 2021.

  • NAVIGATING PERMISSIONS

    Current smartphone operating systems have a runtime permission model, which allows users to manage and customize permissions to meet their personal preferences. However, this model leaves users in the dark about permissions capabilities and their potential risks.

    In Can Systems Explain Permissions Better? Understanding Users’ Misperceptions under Smartphone Runtime Permission Model, CSE/CNS Ph.D. students Bingyu Shen, Chengcheng Xiang, Yudong Wu, and Mingyao Shen and CSE Professor Yuanyuan Zhou explore several common misconceptions about permissions and the benefits of providing additional information.

    The team took a mixed-methods approach, analyzing users’ permission settings and surveying them to determine how well they understand them. They found users often fail to understand permission model evolution and permission group capabilities.

    After surveying users about their common concerns, the team pinpointed five types of information that could support better user decision-making. They went on to provide suggestions for system designers to address these common issues and enhance future systems. The team will present their findings at the 30th Usenix Security Symposium in August, 2021.

  • STEFAN SAVAGE HONORED AS PRESTIGIOUS DISTINGUISHED RESEARCHER

    UC San Diego Computer Science and Engineering Professor Stefan Savage is one of two researchers across the campus to be named the Distinguished Researcher by the UC San Diego Academic Senate. He was honored with the award for his work in cybersecurity.

    These awards are a sign of respect from peers for groundbreaking research conducted by members of the UC San Diego faculty.

    “This is a tremendous honor. Only two awards are made each year for the entire campus, one in the Sciences and Engineering divisions, and in for Arts & Humanities and Social Sciences divisions,” said CSE Department Chair Sorin Lerner.

    Savage attributes his research success to the collaborative atmosphere that has been cultivated at UC San Diego CSE. “As always, any success I’ve had is due to my many great collaborators (fellow CSE Professor Geoff Voelker and our students being first among them),” said Savage, “CSE has succeeded in large part by being such a great home for collaborative work and people who love to work together. I’m indebted to this community that helps build, support, and reinforce that culture.”

    CNS Co-Director and CSE Professor, Stefan Savage

    Savage is a cybersecurity researcher who holds an expansive view of the field. He and colleagues bring together computer science and the social sciences in their work by taking into account economics, policy, and regulations, not just technology. He and his collaborators have been instrumental in pointing out security vulnerabilities in cars, which have been addressed by the automotive industry’s regulatory bodies and manufacturers. They have tracked the financial transactions responsible for funding email spam campaigns and botnets around the world. The data has been used by government agencies and credit card companies to block these transactions. Savage and colleagues also have designed ways to measure and pinpoint the source of attacks that cripple the internet and large websites, known as distributed denial of service attacks.

    Savage has received numerous awards for his work, including a McArthur fellowship in 2017, the ACM Prize in Computing in 2015, and three Test of Time awards from leading academic computer security organizations. He holds the Irwin and Joan Jacobs Chair at the Jacobs School of Engineering and is a professor in the UC San Diego Department of Computer Science and Engineering.

    Both Savage and the other UC San Diego Distinguished Research Award recipients will be delivering lectures on their research in the fall.

    Article written by Kayla Chen

  • CSE’S ARUN KUMAR IS HELPING TO SOLVE ML’S BIG DATA PROBLEM

    Big datasets can be incredible assets in business, healthcare, the physical and social sciences and many other disciplines – but the data won’t reveal itself. To isolate useful information and harness its predictive capabilities, researchers and organizations rely on sophisticated data sorting techniques, such as machine learning.

    CSE and Halicioglu Data Science Institute Assistant professor Arun Kumar is working to make it faster, easier, and more economical to handle large datasets.

    But machine learning and related disciplines face their own headwinds. For example, the model building process can be slow and both labor- and resource-intensive. UC San Diego Computer Science and Engineering and Halicioğlu Data Science Institute Assistant Professor Arun Kumar is working to make it faster, easier and more economical to handle these large datasets.

    “I bridge the gap, from an academic standpoint, between computing systems and machine learning,” said Kumar. “I focus on reducing the resource costs of those building processes – what we call model selection – and improving resource efficiency: reducing costs, run times and energy consumption during the model building process.”

    Kumar is largely focused on deployment issues, including scalability and usability. Two of his primary projects are Cerebro, which is developing artificial neural networks, and Sorting Hat, which focuses on reducing data preparation times.

    Borrowing approaches from the database community, which has been studying these issues for some time, Kumar and colleagues want to apply that knowledge to machine learning to find the most efficient ways to analyze data.

    These skills are in great demand from both industry and academia. He is currently working with health and social scientists and discussing future collaborations with computational physicists and neuroscientists. It seems everybody has data they need to crunch.

    “The domain science folks have these large-scale data analytics problems, but they can’t build the software themselves,” said Kumar. “Off the shelf software is not up to par, so we build the tools they need.”

    Measuring Movement

    One recent paper, published in the Journal for the Measurement of Physical Behaviour, highlights how Kumar’s work intersects with health sciences. He and Loki Natarajan, UC San Diego professor of Family Medicine and Public Health, and colleagues recently tested different deep learning algorithms to determine which ones are better at measuring physical activity in patients.

    “These were cohorts of cancer survivors and obese people who wore accelerometers to measure their movements,” said Kumar. “The deep learning models we built could more accurately log their movements, as well as analyze their exercise patterns and predict longitudinal health outcomes.”

    Using Cerebro, the team compared an artificial neural network, called a convolutional neural network (CNN), to other machine learning algorithms, called random forest and logistic regression. In the study, 28 women wore two different motion tracking devices and the team compared the predictive outputs from CNN, random forest and logistic regression.

    The CNN did a much better job classifying whether the participants were sitting, standing or walking. These findings give health scientists better tools to measure activity out in the wild.

    Recognition

    In addition to his academic partners, Kumar has also received great support from industry. While he’s not taking projects from these companies, their interests can align on initiatives he’s already created. The lab has received support from VMware for Cerebro and Google and Amazon for Sorting Hat. Cerebro is also funded by Kumar’s National Science Foundation CAREER grant.

    “The Cerebro project is fundamentally about reducing resource costs and the energy footprint,” said Kumar. “VMWare offers cloud solutions for their enterprise customers, so they were interested in reducing run times and resources costs.”

    On top of all that, Kumar was recently honored with the 2021 IEEE TCDE Rising Star Award, which is given to junior researchers “for designing and deploying data analytics systems powered by innovative machine learning and artificial intelligence algorithms.”

    “It was a great honor,” said Kumar. “A number of people very graciously supported me. I hope I can continue to reward their faith in my work.”

    Written By: Josh Baxt

  • Covert Communication In The Cloud With Lambdas
    UCSD Researchers pictured from the left: CSE Ph.D. Student Anil Yelam; CSE Alumni Shibani Subbareddy and Keerthana Ganesan; CSE Ph.D. Student Ariana Mirian; CSE Professor Stefan Savage.

    Serverless services, such as AWS lambdas, are a fast-growing part of the cloud market. Their popularity reflects their lightweight nature and scheduling and cost flexibility.

    However, serverless computing’s security issues are poorly understood. CNS co-Director Stefan Savage, CSE/CNS Ph.D. students Anil Yelam and Ariana Mirian and CSE Alumni Shibani Subbareddy and Keerthana Ganesan explored the feasibility of developing a practical covert channel from lambdas in their paper: CoResident Evil: Covert Communication In The Cloud With Lambdas.

    The team established that fast co-residence detection for lambdas is key to enabling a covert channel. Leveraging this knowledge, they developed a reliable and scalable co-residence detector based on the memory bus hardware. This technique enables dynamic discovery for co-resident lambdas and is incredibly fast, executing in a matter of seconds. The researchers can establish hundreds of individual covert channels for every 1000 lambdas deployed, and each of these can send data at 200 bits per second, demonstrating covert communication via lambdas is entirely feasible. The team presented their findings for the 30th Web Conference on April 20.

  • UC SAN DIEGO JOINS BYTECODE ALLIANCE TO BUILD SAFER SOFTWARE FOUNDATIONS FOR THE INTERNET

    The University of California San Diego has joined The Bytecode Alliance, a nonprofit organization dedicated to creating new software foundations and building on standards such as WebAssembly and WebAssembly System Interface (WASI). UC San Diego is part of a cross-industry collaboration alongside other new members Arm, DFINITY Foundation, Embark Studios, Google and Shopify to support the alliance, which was incorporated by Fastly, Intel, Mozilla, and Microsoft.

    These organizations share a vision of a WebAssembly ecosystem that fixes cracks in today’s software foundations that are holding the industry and its software supply chains back from a secure, performant, cross-platform, and cross-device future.

    “WebAssembly is quickly becoming the de facto intermediate representation for building secure systems. WebAssembly takes a principled approach to security and gives us just the right building blocks to build the next-generation secure and high-assurance systems,” said Deian Stefan, CNS faculty member and an assistant professor in Computer Science and Engineering Department at the UC San Diego Jacobs School of Engineering. “It’s a core part of the sandboxing and high-assurance security toolkits we are developing at UC San Diego.”

    CNS faculty member and CSE assistant professor Deian Stefan

    UC San Diego researchers and collaborators have developed the RLBox framework that uses WebAssembly to sandbox libraries, the CT-Wasm language extension for writing secure crypto code in WebAssembly, the Swivel compiler that mitigates Spectre attacks, and the VeriWasm tool that verifies the safety of native compiled WebAssembly.

    “As members of the Bytecode Alliance we hope to help shape the direction of WebAssembly and contribute tools and techniques that will amplify the alliance’s vision towards a more secure software ecosystem,” Stefan said.

    The Bytecode Alliance, founded in 2019, has helped bring attention to the inherent weaknesses in predominant models for building software, which rely heavily on composing up to thousands of third-party modules without security boundaries between them. These weaknesses in the software supply chain have historically been instrumental in breaching government systems, critical infrastructure services, and a large number of companies, as well as in stealing personal information of hundreds of millions, perhaps even billions of people.

    Original story: https://cse.ucsd.edu/about/news/uc-san-diego-joins-bytecode-alliance-build-safer-software-foundations-internet

  • CNS Co-Director Stefan Savage elected to the American Academy of the Arts

    CNS Co-Director Stefan Savage
    CNS Co-Director and UC San Diego Computer Science and Engineering Professor Stefan Savage is among the three members of the university community to have been elected to the American Academy of Arts and Sciences—one of the oldest and most esteemed honorary societies in the nation.

    Savage, along with Ananda Goldrath and Eileen Myles, are among the Academy’s 2021 class of 252 members. They join fellow 2021 classmates who are artists, scholars, scientists, and leaders in the public, non-profit and private sectors, including civil rights lawyer and scholar Kimberlé Crenshaw; computer scientist Fei-Fei Li; composer, songwriter, and performer Robbie Robertson; and media entrepreneur and philanthropist Oprah Winfrey.

    The American Academy of Arts and Sciences has honored exceptionally accomplished individuals and engaged them in advancing the public good for more than 240 years. Professor Walter Munk was the first UC San Diego faculty member elected to the Academy. Since then, more than 80 faculty from disciplines that span the entire campus have received this prestigious honor.

    “This year, our faculty are being recognized for three vastly different fields of study: immunology, literature, and cybersecurity,” said UC San Diego Chancellor Pradeep K. Khosla. “Having the oldest and most distinguished American national academy honor the career accomplishments of these prestigious faculty both honors their individual successes and spotlights the breadth of expertise and influence of our Triton faculty. UC San Diego’s well-established prowess in science, technology, and art offers a truly well-rounded experience for our students, our researchers, and our collaborative faculty.”

    In the statement announcing this year’s new Academy members, David Oxtoby, President of the American Academy said, “The past year has been replete with evidence of how things can get worse; this is an opportunity to illuminate the importance of art, ideas, knowledge, and leadership that can make a better world.”

    Stefan Savage
    Savage is a cybersecurity researcher who holds an expansive view of the field. He and colleagues bring together computer science and the social sciences in their work by taking into account economics, policy, and regulations, not just technology. His team has been instrumental in pointing out security vulnerabilities in cars, which have been addressed by the automotive industry’s regulatory bodies and manufacturers. They have tracked the financial transactions responsible for funding email spam campaigns and botnets around the world. The data has been used by government agencies and credit card companies to block these transactions. Savage and colleagues also have designed ways to measure and pinpoint the source of attacks that cripple the internet and large websites, known as distributed denial of service attacks. Savage has received numerous awards for his work, including a McArthur fellowship in 2017, the ACM Prize in Computing in 2015, and three test of time awards from leading academic computer security organizations. He holds the Irwin and Joan Jacobs Chair at the Jacobs School of Engineering and is a professor in the UC San Diego Department of Computer Science and Engineering.

    In addition to these three faculty members, alumna Angela Davis is also part of this year’s class of fellows. A well-known activist who is now on faculty at the University of California Santa Cruz, Davis earned a master’s degree from the Department of Philosophy at UC San Diego in 1969. She worked closely with philosopher Herbert Marcuse. Her likeness is now part of the Price Center’s Black Legacy Mural, and she is also portrayed on the walls of the Che Cafe.

    The American Academy of Arts & Sciences was founded in 1780 by John Adams, John Hancock, and others who believed the new republic should honor exceptionally accomplished individuals and engage them in advancing the public good. The 2021 members join the company of those elected before them, including Benjamin Franklin and Alexander Hamilton in the eighteenth century; Ralph Waldo Emerson and Maria Mitchell in the nineteenth; Robert Frost, Martha Graham, Margaret Mead, Milton Friedman, and Martin Luther King, Jr. in the twentieth; and more recently Joan C. Baez, Judy Woodruff, John Lithgow, and Bryan Stevenson. International Honorary Members include Charles Darwin, Albert Einstein, Winston Churchill, Laurence Olivier, Mary Leakey, John Maynard Keynes, Akira Kurosawa, and Nelson Mandela.

    Original Story: https://cse.ucsd.edu/about/news/cses-stefan-savage-elected-american-academy-arts-and-sciences
    UCSD News: https://ucsdnews.ucsd.edu/pressrelease/academyofartsandsciences2021

    UC Newsletter: https://www.universityofcalifornia.edu/news/national-academy-sciences-american-academy-arts-sciences-elect-36-new-uc-members

  • U.S. Representative Mike Levin and Mayor Serge Dedina Discuss Science, Policy & Communications

    U.S. Representative Mike Levin and Mayor Serge Dedina from the City of Imperial Beach discussed science, policy & communications with students from UC San Diego, Computer Science and Engineering 190 (Environmental Impacts of Modern Computing) during a recent virtual event. The discussion focused on how elected officials work towards solutions to a range of environmental issues. Students had an opportunity to ask the elected officials questions during the event. CSE 190 is taught by CSE Associate Professor/CNS Co-Director George Porter. Two classes from the University of San Diego also participated in this event, Environmental and Ocean Sciences 300, taught by Associate Professor Michel Boudrias, and Theatre 494, taught by Associate Professor Monica Stufft. A recording of the virtual event is located here: https://www.youtube.com/watch?v=bhqcI59mK2E

  • TWO CSE PROFESSORS RECEIVE NSF CAREER AWARDS

    UC San Diego Computer Science and Engineering (CSE) professors Deian Stefan and Sicun Gao have been awarded prestigious Faculty Early Career Development Program (CAREER) grants from the National Science Foundation to support their work to build secure computer systems and safer autonomous systems.

    CSE’s newest CAREER Award winners: Deian Stefan (l) and Sicun Gao (r)

    CAREER awards are the NSF’s most prestigious awards in support of early-career faculty who have the potential to serve as academic role models in research and education and to lead advances in the mission of their department or organization, according to the NSF.

    “The recognition from NSF’s CAREER program shows the potential of our faculty’s research. I am pleased that Deian and Sean are among the distinguished CSE faculty members who have earned CAREER awards,” said CSE Department Chair Sorin Lerner.

    Deian Stefan joined CSE in 2016. In his proposal for his project, “Principled and practical secure compilation using WebAssembly,” he writes about the challenges of building secure computer systems: “A single bug in the source code that programmers write or in the compilers they use to generate machine code could expose systems to attack.” Unfortunately, the gap between the theory of secure compilation and practice is huge. The goal of his project is to bridge this gap by extending the industrial WebAssembly byte code into a unifying principled and practical abstraction for secure compilation. The results of this work could make hundreds of millions of users safer: end-to-end security guarantees can prevent exploits in widely used systems, from web browsers to next generation cloud platforms.

    Sicun Gao joined CSE in 2017. In his project “Correct-by-Learning Methods for Reliable Autonomy,” Gao will develop the theoretical foundations as well as practical techniques and tools for improving the reliability of realistic autonomous systems such as autonomous cars and unmanned aerial vehicles. Machine learning and data-driven approaches are now an indispensable part of the design of autonomous systems. The lack of formal assurance has become one of the key bottleneck that impedes the wider deployment and adoption of these systems. His project targets this challenge by developing formal synthesis and verification techniques for learning-based and data-driven control and planning methods for autonomous systems.

    Written By: Katie E. Ismael

  • CNS and CSE’s Arun Kumar Works Toward Democratizing Deep Learning Systems

    Deep learning (DL) is all around us: web search and social media, machine translation and conversational assistants, healthcare, and many other applications. DL is a resource-intensive form of machine learning (ML) that typically needs graphics processing units (GPUs), a lot of memory, and a computer cluster.

    While large technology companies are amassing these resources, the status quo is far from ideal. DL is challenging to adopt for smaller companies, domain scientists, and others. As a result, there is a pressing need to rein in DL’s resource bloat, total costs, and energy consumption to truly democratize it for all users.

    Arun Kumar, a CNS faculty member, and a CSE and HDSI Professor
    Now, Arun Kumar, a Center for Networked Systems (CNS) faculty member and a Computer Science and Engineering and HDSI professor, and his student researchers in the ADA Lab are tackling these issues with a first-of-its-kind scalable DL data platform called Cerebro, which was inspired by decades of research into scalable and parallel systems for data-intensive computing.

    Kumar recently presented the team’s vision at the CIDR 2021 conference. The paper Cerebro: A Layered Data Platform for Scalable Deep Learning was co-authored with advisees Supun Nakandala, Yuhao Zhang, Side Li, Advitya Gemawat, and Kabir Nagrecha. The talk discussed Cerebro’s system design philosophy and architecture, recent research and open questions, initial results, and tangible paths to practical impact.

    DL software systems specify, compile and execute DL training and prediction workloads on large datasets. Kumar’s team noticed a key missing piece: there is no analog to query optimization at scale, causing massive waste, high runtimes, and increased costs.

    This is where their approach, called multi-query DL, comes into play. By reasoning more holistically about model building in DL, the team can enable new system optimizations at scale.

    The vision is for Cerebro to elevate DL model building, exploration, and debugging with higher-level APIs that are already common. Examples include hyper-parameter tuning, neural architecture tuning, so-called AutoML procedures, and sub-group analysis. Under the hood, Cerebro exploits both the computational and the mathematical properties of the workload, as well as the data layout and hardware properties, to run it more efficiently.

    Cerebro’s layered system design, called logical-physical decoupling, helps it infuse a series of novel systems optimizations into multiple DL tools (e.g., PyTorch or TensorFlow), execution environments (e.g., filesystem-based, Spark-based, or cloud-native), and user-level interfaces (Jupyter notebooks or graphical user interfaces) without needing to change these tools’ internal code. This can help improve scalability, resource efficiency, and costs, as well as DL user productivity and portability across tools and environments.

    Cerebro: A Layered Data Platform for Scalable Deep Learning

    Kumar cites the work of David DeWitt, one of his graduate school mentors at the University of Wisconsin-Madison, as one of the technical inspirations for this work. DeWitt is the pioneer of scalable and parallel relational database systems and scientific benchmarking of database systems.

    Kumar believes the ML world sorely needs both of those philosophies–principled approaches to scalability and scientifically rigorous system benchmarking–and aims to redress these research gaps while also accounting for the different mathematical properties and practical operational constraints of ML workloads.

    Kumar’s talk at CIDR was well-received by the database community as an example of the marriage of classical database ideas with modern ML systems to help democratize ML beyond technology companies.

    Cerebro is supported in part by a Hellman Fellowship, the NIDDK of the NIH, an NSF CAREER Award, and two VMware gifts. Cerebro techniques have already been adopted by Apache MADlib, an open-source library for scalable ML on RDBMSs.

    VMware is putting the technology in front of their enterprise customers. Their researchers presented a talk on their adoption at FOSDEM. Kumar’s students also integrated Cerebro with Apache Spark, a popular dataflow system. Zhang and Nakandala gave a talk on this integration at the Spark+AI Summit, one of only a handful of academic research-based talks at that popular industry conference. The first full research paper on Cerebro was published at VLDB, a premier database conference, with Nakandala presenting the talk. Nakandala and Zhang have also presented progress updates on Cerebro at the CNS Research Review in 2019 and 2020 and received feedback from CNS industry partners.

    Kumar’s group has open-sourced the whole Cerebro platform to enable more practitioners to benefit from this technology. It is being used for UC San Diego Public Health research on terabyte-scale labeled datasets. The DL models built using Cerebro are being used to monitor various cohorts’ physical activity levels, including people in assisted living facilities and people with obesity, to help them live healthier lives. This project was funded by NIH NIDDK, demonstrating the growing importance of scalable data analytics and ML/DL in healthcare.

    Looking ahead, Kumar has also started collaborations with other scientists to use Cerebro to help them scale DL for their analyses in materials science, political science, and neuroscience. Kumar believes DL’s growing popularity in domain sciences and other non-commercial pursuits makes his vision of democratizing DL systems more urgent, helping all users benefit.

  • Lightening the data center energy load

    A proof-of-concept setup for an optically switched network. Photo by David Baillot
    February 3, 2021– Electrical engineers and computer scientists at UC San Diego are on the front lines of global efforts to reduce the energy used by data centers. The potential impact is great: the US government estimates that data centers currently consume more than 2.5% of U.S. electricity. This figure is projected to double in about eight years due to the expected growth in data traffic.

    The UC San Diego Jacobs School of Engineering team has been awarded a total of $7.5 million from the US Advanced Research Projects Agency-Energy (ARPA-E) and the California Energy Commission to advance nation-wide efforts to double data center energy efficiency in the next decade through deployment of new photonic— light based—network topologies.

    In particular, the UC San Diego team is focused on developing solutions to enable the thousands of computer servers within a data center to communicate with each other over advanced light and laser-based networks that replace existing electrical switches with optical switches developed within the ARPA-E program.

    “The photonic devices we’re developing aren’t actually used within the servers per se: instead, the devices connect the servers within the datacenter network using a more efficient optical network,” said George Papen, a professor of electrical and computer engineering at UC San Diego and co-principal investigator on the project.

    “By removing bottlenecks in the network, the computer servers, which account for the majority of power in the data center, operate more efficiently. Our project, supported by ARPA-E, aims to double the server power efficiency by transforming the network into a high-speed interconnect free of these bottlenecks,” said George Porter, a professor of computer science at UC San Diego and co-principal investigator.

    What’s an optical switch?

    So how do these data center networks pass bits of information and computation commands around today? They use a technology called electrical packet switching, in which a message is broken down into smaller groups, or packets of data. These packets of data are converted to electrical signals and sent through a cable to a network switch, where they’re routed to the desired location and pieced back together into the original message. Network switches are physical, electrical devices with ports for wired connections, that direct the flow of data from many machines.

    Unlike electronic switches, optical switches aren’t bound by the limitations of electronics to transmit data. Instead, optical switches make direct “light path” connections from input ports to output ports. Since no conversion between optical and electrical data is required at every switch, optical switches don’t have the latency or electronic logjam issues that existing network switches have, and require less power to route data.

    Using an optical network instead of an electrical network can produce a more efficient network with a larger data rate to each server. This can increase the energy efficiency of the servers, which consume most of the energy in a data center. One goal of the project is to demonstrate that the cost of such an optical network can drop below the cost of adding the additional semiconductor chips required to get the same data rate on existing electrical networks.

    “It would be lower cost in part because you’re using less energy, but also in part because if you wanted to build a very high-speed network using existing commercial technology, the cost of adding additional chips to build bigger switches increases dramatically,” said Porter. “It’s not a linear relationship of double-the-speed for double-the-money; you can think of it almost like double the speed for quadruple the cost. On the other hand, optics, at these very high speeds, follows a more linear cost relationship.”

    Developing a proof-of-concept

    In phase one of the Lightwave Energy Efficient Datacenters (LEED) project in the ARPA-E Enlitened program, which ran from 2017-2019, Papen, Porter and UC San Diego colleagues Joe Ford, a professor in the Department of Electrical and Computer Engineering, and Alex Snoeren, a professor in the Department of Computer Science and Engineering, developed the photonic technology and network architecture required to enable this scale of optical switching. The collaboration between electrical engineers—who designed a new type of optical switch—and computer scientists—who developed the protocol to allow it to work at a data center scale—was key.

    Their success hinged on a new type of optical switch conceptualized by UC San Diego alumnus Max Mellette, co-founder and CEO of spinout company inFocus Networks. Instead of the full crossbar architecture that was previously used, which allows any node in the data center to talk to any other node, his idea was to create a switch that had more limited connectivity, thereby enabling faster speeds.

    The key insight was to develop a network protocol that would enable this faster but less-connected architecture to communicate in a way that would still deliver the performance required. By working closely with computer scientists led by Porter and Snoeren, the team made it happen.

    By the end of Phase 1, this new optical switch was functional, able to run applications and receive data in a testbed setting. Now in Phase 2, the team is working with collaborators at Sandia National Laboratories on scaling up the architecture to function with larger amounts of data and more nodes. The goal for Phase 2 is a realistic testbed demonstration that an optical network architecture provides significant value to end-users.

    A storied history of photonics

    There was a good reason this UC San Diego team was selected for the Enlitened program: it was here that, more than a decade ago, then-postdoc Porter was part of a research team also including Papen, that assembled and demonstrated the first data center testbed using an optically switched network. The paper describing this work has been cited more than 1,000 times.

    Since then, Porter, Papen, Ford, Snoeren and colleagues in both the electrical engineering and computer science departments and the Center for Networked Systems have worked closely to further develop and refine the technology, and work towards making it a commercially viable reality.

    “We were the first to show we could build testbeds with optically switched networks for data centers,” Porter said. “Papen and I have been meeting multiple times a week for 10 years, supervising students together, and working on this optical data center concept for a decade; it’s a real example of what can happen when computer scientists and electrical engineers work closely together.”

    While their optical data center is still in the proof-of-concept phase, researchers agree there will come a time when the cost of adding more and more semiconductor chips to drive faster speeds simply won’t be cost-competitive, putting aside the energy concerns. At that point, optical systems will become much more appealing. It’s hard to know when exactly that will be, but researchers predict it could be as soon as five years from now, and likely within 10.

    “Nonetheless, there’s so much work to do to be able to validate that indeed if we can’t continually scale chips, what applications should we first apply optical switching? That will take a significant effort to sort out,” Papen said. The researchers are working with national labs and private companies to test optical switches on various live applications to help answer this question.

    Difficult, future-looking work such as this optical data center project is a perfect example of the role academic research institutions play in the innovation ecosystem.

    “This is a really hard problem to solve, and hard problems take a long time,” Papen said. “Being able to devote the time to this, and collaborate with faculty and students from across the entire engineering school, is what makes this type of transformative development possible.”

    The original story posted here: https://jacobsschool.ucsd.edu/news/release/3215
    https://ucsdnews.ucsd.edu/pressrelease/lightening-the-data-center-energy-load

    Media Contacts
    Katherine Connor
    Jacobs School of Engineering
    858-534-8374
    khconnor@eng.ucsd.edu

  • Applied Networking Research Prize

    CSE/CNS graduate student Audrey Randall was recently awarded the Applied Networking Research Prize (ANRP) for her work on DNS caching and privacy. The ANRP winners for 2021 were selected from 76 nominations. They were reviewed according to a diverse set of criteria, including scientific merit, relevance to IETF and/or IRTF activities, and the nominee’s potential to impact the community.

    Audrey Randall, Enze Liu, Gautam Akiwate, Ramakrishna Padmanabhan, Geoffrey M. Voelker, Stefan Savage, and Aaron Schulman,Trufflehunter: Cache Snooping Rare Domains at Large Public DNS Resolvers,” Proceedings of ACM IMC 2020.

  • CSE’S STEVEN SWANSON NAMED INAUGURAL HOLDER OF THE HALICIOĞLU ENDOWED CHAIR IN MEMORY SYSTEMS

    UC San Diego Computer Science and Engineering (CSE) Professor Steven Swanson is building computer systems that explore how new memory technologies will impact the future of computing.

    CSE Professor Steven Swanson is the inaugural holder of the Halicioglu Endowed Chair in Memory Systems

    In recognition of his impressive body of research to create software to support persistent memory, Swanson was recently named the inaugural holder of the Halıcıoğlu Chair in Memory Systems at UC San Diego. The $1 million chair is part of a larger $18.5 million gift made in 2013 to the department by CSE alumnus Taner Halıcıoğlu ’96.

    The chair provides a dedicated source of funds, in perpetuity, for the chair holder’s scholarly activities as well as support for graduate students.

    “In the face of the COVID-19 pandemic, Professor Swanson’s work is more important than ever before,” said UC San Diego Chancellor Pradeep K. Khosla. “His research, teaching and mentorship not only push the boundaries of human understanding, they inspire our academic community to continue innovating, experimenting and discovering. These efforts are critical to our mission as a public research university.”

    The chair is named after Halıcıoğlu, who was Facebook’s first full-time employee when it had only 15 computer servers and 250,000 users. Now he spurs startups in San Diego as an angel investor and is also a lecturer in the computer science department. He’s been recognized as a 2020 CSE Distinguished Alumnus, a 2019 Chancellor’s Medalist and a UC San Diego 2019 Outstanding Alumnus.

    “Taner’s incredible generosity and support of innovation and the work of Steven Swanson will impact our department, our university and our world for years to come,” said CSE Department Chair Sorin Lerner.

    “Endowed chairs give faculty members the freedom to pursue revolutionary ideas, inspire the next generation of innovators, and transform our society in fundamental ways,” Swanson said. “I am privileged to be able further this kind of work at UC San Diego and CSE.”

    Impacting the Future of Computing

    Swanson is the director of the UC San Diego Non-Volatile Systems Laboratory, where his group

    builds computer systems to explore how new memory technologies will impact the future of computing, with a focus on non-volatile memories that allow programmers to build long-lived data structures that can survive system crashes and power failures.

    “This requires the data structures to be extremely robust, but that is hard because systems can fail in so many different ways,” he said.

    Their recent research has made it easier for programmers to build these robust data structures. “Rather than relying on the programmer to get it right, we have built a compiler that automatically checks for the properties these data structures need.  This means less testing, fewer bugs and better reliability,” he said.

    Swanson has also been working with colleagues to develop a new course and lab (CSE142 and CSE142L) that teach students how to fully utilize the powerful features that modern processors provide.

    “Based on our experience of what really matters to software developers, we take the students on a ‘grand tour’ of modern CPUs and then have them apply what they’ve learned to optimize machine learning workloads,” he said.

    Halıcıoğlu’s gift has also created the Halicioğlu Chair in Computer Architecture at UC San Diego, which is held by CSE Professor Hadi Esmaeilzadehand the Ronald L. Graham Chair of Computer Science held by CSE Professor Ravi Ramamoorthi.

  • Apply by January 25 for the Alan Turing Memorial Scholarship

    The Alan Turing Memorial Scholarship is a one-year award up to $10,000 for enrolled UC San Diego undergraduate students majoring in computer science or computer engineering, public policy, communications, and other programs touching on networked systems and who are active in supporting the LGBT community. In addition to receiving a scholarship, recipients have an opportunity to carry out guided research under the direction of one of the center’s faculty mentors.

    Applications for the 2021-2022 scholarship will be accepted until January 25, 2021. The selection committee will review the applications and the recipient will be notified in the summer of 2021.

    Please apply here: https://fas.ucsd.edu/types/scholarships/continuing-undergraduate-students.html

  • Eustaquio Aguilar Ruiz Named Alan Turing Memorial Scholarship Recipient

    Eustaquio Aguilar Ruiz, a senior majoring in physics with a specialization in computational physics, has received the 2020-2021 Alan Turing Memorial Scholarship from UC San Diego’s Center for Networked Systems (CNS). This is the fifth year that CNS has recognized a student majoring in programs touching on networked systems who is active in supporting the LGBT+ community.

    Eustaquio Aguilar Ruiz Named Alan Turing Memorial Scholarship Recipient

    CNS established the Alan Turing Memorial Scholarship in 2015 to pay homage to the cofounder of computer science, Alan Turing, the famed cryptanalyst, and mathematician. His work accelerated the Allied victory in World War II by more than a year. After the war, Turing was persecuted for his orientation as a gay man. He died by suicide in 1954.

    “The Turing Scholarship at UC San Diego is a unique way that we, as a community, show how much we value diversity, particularly diversity aimed at the LGBT+ community. Diversity is essential to strengthening our center and is in line with our university’s mission,” said CNS Co-director and Computer Science and Engineering Associate Professor George Porter.

    Ruiz arrived in the United States from Mexico when he was two years old. Through financial hardship, Ruiz and his mother and stepfather have persevered. Ruiz has been able to charter his academic path with his ultimate goal in mind– to obtain a higher education degree, which had been unimaginable for his ancestors. “Joining college made me feel liberated, but I also felt, more than ever, the personal responsibility of continuing to assist those in my community,” said Ruiz.

    The adversity Ruiz faces as a gay Latino first-generation college student has fueled him to actively serve the communities with which he identifies. During his college career, he has been involved with the UC San Diego LGBT Resource Center, the Queers and Allies of Eleanor Roosevelt College, and he is in his third year of serving as a peer mentor for the First-Generation Student Success Coaching Program. With the skills he has learned, he has fostered an inclusive and empowering environment for more than 50 first-generation college students from UC San Diego. Ruiz is currently involved with the UC San Diego oSTEM organization, but he said when he first attempted to join more STEM-related organizations, “I felt so misplaced.”

    “I feel that many who are LGBT+, along with other marginalized identities, struggle with finding a welcoming place. The Alan Turing Memorial Scholarships represent hope and opportunity for students with complex and diverse identities in the LGBT+ communities,” he said.

    The scholarship is open to undergraduates who are active supporters of the LGBT+ community and majoring in computer science, computer engineering, public policy, communications, and other programs touching on networked systems. It is awarded to students based on academic merit, with a preference for those with demonstrated financial need.

    CNS reached its endowment goal of $250,000 in February 2020. Many individual donors and corporate donors made this possible, including a generous donation from the Amateur Radio Digital Communications (ARDC) in memory of Brian Kantor, WB6YT, a UC San Diego alumnus who worked at UC San Diego for 47 years and founded the ARDC.

  • Photonic Technology Research Receives Department of Energy Phase II Award

    Rotor Switch – ENLITENED projects will result in an overall doubling in data center energy efficiency in the next decade by deploying new photonic network topologies.
    CNS faculty members George Papen, George Porter, and Alex Snoeren, along with fellow professor Joe Ford are part of a team that was awarded Phase II of the Department of Energy ARPA-E Award. The research team is developing a new datacenter network based on photonic technology that can double the datacenter’s energy efficiency. Their LEED project mirrors the development of CPU processors in PCs. Previous limitations in the clock rate of computer processors forced designers to adopt parallel methods of processing information and to incorporate multiple cores within a single chip. The team envisions a similar development within datacenters, where the advent of parallel lightwave networks can act as a bridge to more efficient datacenters. This architecture leverages advanced photonic switching and interconnects in a scalable way. Additionally, the team will add a low-loss optical switch technology that routes the data traffic carried as light waves. They will also add the development of packaged, scalable transmitters and receivers that can be used in the system without the need for energy-consuming optical amplification, while still maintaining the appropriate signal-to-noise ratio. The combination of these technologies can create an easily controllable, energy-efficient architecture to help manage rapidly transitioning data infrastructure to cloud-based services and cloud-based computing hosted in datacenters.

    Datacenters are a critical component of the modern internet, responsible for processing and storing tremendous amounts of data in the “cloud.” Datacenters also provide the computational power needed for handling “big data,” a growing segment of the U.S. economy. Currently, datacenters consume more than 2.5% of U.S. electricity, and this figure is projected to double in about eight years due to the expected growth in data traffic. There are many approaches to improving the energy efficiency of datacenters. Still, these strategies will be limited by the efficiency with which information travels along metal interconnects within the data center devices—all the way down to the computer chips that process information. Unlike metal interconnects, photonic interconnects do not rely on electrons flowing through metal to transmit information. Instead, these devices send and receive information in the form of photons—light—enabling far greater speed and bandwidth at much lower energy and cost per bit of data. The integration of photonic interconnects will enable new network architectures and photonic network topologies that hold the potential to double overall datacenter efficiency over the next decade.

    If successful, developments from ENLITENED projects will result in an overall doubling in datacenter energy efficiency in the next decade by deploying new photonic network topologies

  • Facebook Announces 2020 Networking Systems Research Awards

    CSE Professor and CNS Co-Director, George Porter
    Facebook Research announced the winners of the 2020 Networking Systems request for proposals. This year Facebook Research asked for proposals in the areas of host networking and transport security. Six proposals were accepted from 67 proposals from 15 countries and 57 universities. Congratulations to CNS/CSE faculty members George Porter, Aaron Schulman, and Alex C. Snoeren for receiving one of the six awards for their proposal on a custom NIC and network stack to support parallel network fabrics.

    “This year’s submissions continue to reflect the quality and breadth of research topics in academia, and at the same time, their relevance to addressing Facebook’s growing networking infrastructure needs was indeed impressive,” says Rajiv Krishnamurthy, Software Engineering Director at Facebook. “I look forward to continuing our close collaboration with academia to solve interesting technical challenges as we build a more social network.” (2020, August 26). Announcing the Winners of the 2020 Networking Request for Proposals. Facebook Research. https://research.fb.com/blog/2020/08/announcing-the-winners-of-the-2020-networking-request-for-proposals/

  • A Unique Spring Quarter

     

    Spring quarter 2020 was a unique experience for CSE/CNS Professor Geoffrey M. Voelker, who has been teaching CSE 125/Software System Design and Implementation at UC San Diego for the past twenty years. As with many faculty this year, Voelker had to quickly prepare for a remote class that was never intended to be online. Normally thirty students work closely together in the CSE computer lab in teams of six or seven students and build a distributed, real-time, 3D multiplayer game. This year, because of the global pandemic, the entire course had to be reconfigured for team members to work together (remotely) and the final demo presentation, typically held in front of 200 people in the Qualcomm Institute auditorium Atkinson Hall, was held on Twitch.

    CSE 125 requires close collaboration and interaction among the students in each group and having to work remotely added significant hurdles to an already challenging class. Communicating, brainstorming, pair programming and debugging, access to appropriate hardware, and fostering group dynamics were all substantially more difficult than when working in person. The students worked intensely together for ten weeks, yet could not even go to dinner together.

    Despite having to work remotely, though, the students succeeded beyond Voelker’s expectations. They quickly took advantage of a wide variety of remote collaboration tools, including Visual Studio Live Share, Zoom, Slack, Discord, Trello, GitHub, and Google Drive. The projects they produced were as creative, inspiring, and impressive as in previous years. Take a look at the videos!

    CSE 125 culminates in a final live demo presentation where the students show off everything that they have accomplished in a fun, festive atmosphere. During the quarter, there was a lot of uncertainty in moving the final demos to an entirely remote event. But working closely with the amazing Events team at the Qualcomm Institute (Calit2), they were able to produce high-quality live streaming demos on Twitch that resulted in another memorable final demo experience. Twitch chat was true to its reputation, with many CSE 125 alumni supporting the students during the online demos.

    The tradition of guest lectures continued remotely too. Tansen Zhu from Jam City and Ed Wu from Niantic had given lectures in the course before and generously were able to give guest lectures again, entirely online. While the experience is not the same, and the students did not have the opportunity to interact with Tansen and Ed in person, the lectures went very smoothly, and the interactive chat was quite lively.

    The students were thankful that CSE 125 was not canceled this year and praised Voelker for adapting the class to be remote on short notice. They also praised Edward Chen, the class TA, for his technical troubleshooting during the ten weeks. The weekly team morale reports submitted to Voelker and Chen were unique. They included a variety of phrases like “life is pretty okay’, “loving this indoor life,” “hate the virus,” “need more air,” “groups are doing work,” and “we are going places.” All the students agreed that working on the project kept them busy and engaged during the quarantine, and by the end of the quarter, they were especially proud of what they accomplished during this challenging time.

    CSE 125 – 2020 Class Photo

    CSE 125 Class Photo 2020 (Photo 1)

    CSE 125 Class Photo 2020 (Photo 2)

     

    Introduction of Final Presentations by Professor Geoffrey M. Voelker

     

    Game title: Gaia (Sphere Enix)
    Teammates: Yiran Chen, Muyuan Chi, Wenlin Mao, Zi Wang, Peizhen Wu, Chao Zhou.
    Gaia is played by two players on each side. One player on the team controls the terrain, and the other player controls the ball. The terrain editor can modify the terrain to help their teammate get points or block the opponent from getting points. The team within the time limit with the highest points wins.


     

    Game Title: Komrade’s Kitchen
    Teammates: Brian Chi, Ana Selvaraj, Joshua Quan, Jennifer Wu, William Xu, Shirley Zhang.
    The team initially thought about making a heavy co-op game similar to “Keep Talking, and No One Explodes.” Their game ended up being a lighter game with more straightforward mechanics, fun gimmicks, and no co-op elements. Due to time limitations, the co-op aspects were eliminated because the team decided these aspects did not enhance the game’s overall enjoyment. Play-testing and experimentation in the final few weeks allowed the team to develop gameplay mechanics to replace their previous ideas. Their game relies on the gameplay mechanics over level design.

     

    Game Title: Cyber City
    Teammates: Jiajian Fu, Aditi Gaur, Kevin Huang, Charles Li, Hao Luo, Esther Zhao.
    Cyber City is a multiplayer third-person tower defense game with resources and crafting elements. Players are divided into teams to destroy the enemy base while defending their own. Players can craft turrets and game units that help them intrude into the enemy base. The team that destroys the enemy’s base first will win. The game combines aspects of sandbox survival, tower defense, and multiplayer online battle arena gameplay styles into one competitive game.

     

    Game Title: The Last Roll
    Teammates: Cameron Foster, Steven Hausman, Anthony Lau, Patrick Liu, Thiago Marback, Christopher Maytom.
    The Last Roll is a cooperative defense game in which players work together to protect a location with resources from a rush of enemy AI players. Players can perform actions such as building barriers and slowing enemies to preserve this location for as long as possible. The game’s theme revolves around the players being workers in a shop during COVID-19, where people are trying to steal the store’s supply of toilet paper. In the game, players must work together since their first-person view restricts their ability to assess the entire shop’s state.

     

    Game Title: Grow Away
    Teammates: Joyaan Bhesania, Yang Liu, Etsu Nakahara, Mingqi Shen, Arun Sugumar, Alexander Zhu.
    Grow Away is a collaborative action tower defense game, and players defend against waves of zombies. Players need to grow plants that serve as “towers” to attack the enemies and defend the base. The players move across the map to pick up tools and perform actions to grow plants collaboratively.

  • Open-Source Hardware for Datacenter Networking Research

    UCSD Postdoc Researcher Alex Forencich has developed Corundum—a novel FPGA-based network interface card
    Modern networked computer servers transfer information at rates of hundreds of gigabits per second. Operation at these data rates requires dedicated hardware in the form of the network interface. The development of new features requires a flexible, programmable, hardware prototyping platform. To address this need, UCSD postdoc researcher Alex Forencich developed Corundum—a novel FPGA-based network interface card. Corundum enables the development of advanced network interfaces, architectures, and protocols. It is currently being used to investigate how the precise control of packet transmission can improve network performance. Corundum was published at Field-Programmable Custom Computing Machines (FCCM) in May 2020.

    Link to Corundum GitHub repository

  • Computer Scientists Win Test of Time Award for Paper that Changed the Auto Industry

    CNS Co-Director Stefan Savage
    CNS Co-Director Stefan Savage and his colleagues first gave the automotive industry a wake-up call when they published research demonstrating the ability to hack a car’s computer system in 2010.

    This research, and the resulting academic paper, was honored with the Test of Time Award at this year’s IEEE Symposium on Security and Privacy for its broad and lasting impact.

    “This effort alerted the automotive sector that security needed to become a top priority,” Savage said. “When we showed up it was not considered a critical function by any automaker or the U.S. Department of Transportation. All of that changed remarkably quickly as a result of our work.”

    In the decade since the paper was first published, it has spawned new automotive security standards and organizations, government programs focused on vehicular cybersecurity, dozens of automotive security startups, countless follow-on research efforts and, most importantly, a pervasive focus on product security by major automakers around the globe.

    Identifying Security Risks in Cars

    In the 2010 paper, titled Experimental Security Analysis of a Modern Automobile, Savage and colleagues at UC San Diego and the University of Washington demonstrated the ability to hack an automobile and control everything from the brakes to the windshield wipers.

    With their eye-opening results in hand, and prior to publishing them, one of the first things the researchers did was reach out directly to the automotive industry. Their goal was to alert industry to the vulnerabilities and form lasting partnerships that would ultimately enhance the safety, security, and privacy of millions of cars on the road.

    “We observed that this was an industry-wide issue and not specific to a particular manufacturer,” said Tadayoshi Kohno, a paper co-author who is now a professor at the University of Washington.

    Collaboration Spawns Change

    The idea for the project began percolating when Kohno, who was completing his doctorate degree at UC San Diego at the time, and Savage struck up a casual conversation about potential security threats after seeing an OnStar advertisement. After Kohno moved to the University of Washington, he and Savage decided the time was ripe to explore the issue further.

    From there the team, which included several students and faculty, came together. They soon purchased two cars and started investigating. For many of the team members who were students at the time, the collaborative nature of the project still influences their research philosophy and style.

    Stephen Checkoway, now an assistant professor at Oberlin College, was the lead graduate student researcher from UC San Diego on the project. He was involved in most of the technical aspects, from reverse-engineering the automotive computers’ firmware to building tools to developing and testing exploits. His experience is one he remembers fondly.

    “This was an extremely collaborative effort. No task was performed by an individual researcher alone. This was the key to our success. I count myself lucky to have had the opportunity to be on the team. Collaborative research has been my preferred method of research ever since,” Checkoway said.

    Karl Koscher, now a research scientist with the University of Washington’s Security and Privacy Research Lab, was the lead graduate student on the project from the university. “It’s extremely gratifying to see lessons learned from our work are now baked into car manufacturers’ next-generation platforms, just now rolling off the assembly line.”

    The team also included Brian Kantor, a longtime staff member in the Department of Computer Science and Engineering at UC San Diego who died unexpectedly in November 2019. Kantor played an important role, mentoring and teaching the students the basics of hardware engineering. Hovav Shacham, Shwetak Patel, Alexei Czeskis, Franziska Roesner, Damon McCoy and Danny Anderson rounded out the team.

    Research that Stands the Test of Time

    Many of Savage’s collaborative research efforts have had lasting impacts that are recognized by the field. Last year, he and his colleagues were honored with another Test of Time Award from the ACM Conference on Computer and Communications Security for a 2009 paper titled “Hey You Get Off of My Cloud: Exploring Information Leakage in Third-party Compute Clouds.” In 2017, Savage was part of a team that won yet another Test of Time Award from the USENIX Security Symposium for their 2001 “Inferring Internet Denial of Service” paper.

    “All three of these papers reflect a notion of being open to investigating interesting problems and working as a team,” Savage said, “UC San Diego has always been a place that’s very welcoming to people who work well on teams – and I am one of those.”

    The 2020 award was presented at the 41st annual IEEE Symposium on Security and Privacy, which is an all-digital conference this year. The symposium is the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

    MEDIA CONTACT

    Alicia Clarke, 858-822-5825, amclarke@ucsd.edu

  • Amateur Radio Digital Communications Completes Turing Scholarship Endowment

    The Center for Networked Systems (CNS) at UC San Diego has announced that following a $225,533 donation from the Amateur Radio Digital Communications (ARDC) association, the Alan Turing Memorial Scholarship is now fully endowed.

    Brian Kantor’s Retirement Party at UC San Diego on January 3, 2018

    “We are incredibly grateful to ARDC for their generous gift,” said CNS Co-Director Stefan Savage. “Now that the endowment is complete, starting in the spring of 2021, we will be able to provide $10,000 scholarships for worthy students in perpetuity.”

    A nonprofit based in California, ARDC promotes STEM education and digital development for amateur radio. Their gift honors former UC San Diego Department of Computer Science and Engineering (CSE) employee and ARDC founder Brian Kantor, who died unexpectedly in November 2019.

    Kantor worked at UC San Diego for 47 years, including a decade at CSE. During his long career, he was a university postmaster, ran the name servers, and helped manage network infrastructure. Among his many accomplishments, he wrote the protocol standard for rlogin, and designed the Network News Transport Protocol (NNTP) that was the foundation for Netnews. Kantor was a nationally known ham radio operator and co-founded and managed AMPRnet, the gateway between the amateur packet radio community and the Internet. He retired from CSE in 2018.

    CNS established the scholarship in 2015 to encourage a more diverse and inclusive community of engineers and to pay homage to Alan Turing. “Alan Turing is a giant in the pantheon of computer science pioneers, and his story is both tragic and inspirational,” said CNS Co-Director George Porter. Turing is a co-founder of the field of computer science and a brilliant mathematician, and his work contributed substantially to the Allied victory in World War II through his brilliant codebreaking. After the war, Turing suffered outright persecution for his activities as a gay man. He died by suicide in 1954.

    “I am delighted that you are able to support students through the Alan Turing Memorial Scholarship, said Dermot Turing, Alan’s nephew. “I am certain that this kind of initiative is one which would have received his whole-hearted support.”

    The scholarship is for enrolled UC San Diego undergraduate students majoring in computer science or computer engineering, public policy, communications, and other programs touching on networked systems, and who are active in supporting the LGBT community. With generous donations from individuals, and corporations/foundations, CNS has awarded scholarships to six deserving UC San Diego undergraduate students since 2016. “CNS is extremely grateful to Brian Kantor and the ARDC for completing the endowment of this scholarship,” said CNS Administrative Officer Jennifer Folkestad. “It has and will continue to have a transformative impact on students for generations to come.”

  • Computer scientists develop a technique to protect browsers from buggy third-party libraries

    CSE Assistant Professor and CNS Faculty Member Deian Stefan
    Researchers from the University of California San Diego, the University of Texas at Austin, Stanford University and Mozilla have developed a new framework to improve web browser security. The framework, called RLBox, has been integrated into Firefox to complement its other security-hardening efforts.

    RLBox increases browser security by separating third-party libraries that are vulnerable to attacks from the rest of the browser to contain potential damage—a practice called sandboxing. The study will be published in the proceedings of the USENIX Security Symposium in March.

    Browsers, like Firefox, rely on third-party libraries to support media decoding (e.g., rendering images or playing audio files) among many other functionalities. These libraries are often written in low-level programming languages, like C, and highly optimized for performance.

    “Unfortunately, bugs in C code are often security vulnerabilities—security vulnerabilities that attackers are really good at exploiting,” noted senior author Deian Stefan, an assistant professor with UC San Diego’s Department of Computer Science and Engineering and a faculty member of CNS.

    RLBox allows browsers to continue to use off-the-shelf, highly tuned libraries without worrying about the security impact of these libraries. “By isolating libraries we can ensure that attackers can’t exploit bugs in these libraries to compromise the rest of the browser,” said the lead Ph.D. student on the project, Shravan Narayan.

    A key piece of RLBox is the underlying sandboxing mechanism, which keeps a buggy library from interfering with the rest of the browser. The study investigates various sandboxing techniques with different trade-offs. But the team ultimately partnered with the engineering team at San Francisco-based Fastly to adopt a sandboxing technique based on WebAssembly, a new intermediate language designed with sandboxing in mind. The team believes that WebAssembly will be a key part of future secure browsers and secure systems more broadly. The WebAssembly sandboxing effort is detailed in a recent Mozilla Hacks blog post.

    “Unfortunately, it’s not enough to put a library in a sandbox, you need to carefully check all the data that comes out of the sandbox—otherwise a sophisticated attacker can trick the browser into doing the wrong thing and render the sandboxing effort useless,” said Stefan. RLBox eliminates these classes of attacks by tagging everything that crosses the boundary and ensuring that all such tagged data are validated before being used.

    RLBox has been integrated into Mozilla’s Firefox and will be shipping to Linux users in Firefox 74 and Mac users in Firefox 75, with plans to implement in other platforms.

    “This is a big deal,” says Bobby Holley, principal engineer at Mozilla. “Security is a top priority for us, and it’s just too easy to make dangerous mistakes in C/C++. We’re writing a lot of new code in Rust, but Firefox is a huge codebase with millions of lines of C/C++ that aren’t going away any time soon. RLBox makes it quick and easy to isolate existing chunks of code at a granularity that hasn’t been possible with the process-level sandboxing used in browsers today.”

    In the study, the team isolated half a dozen libraries using RLBox. To start, Firefox will ship with their sandboxed Graphite font shaping library. Mozilla plans to apply the sandboxing more broadly in the future, ultimately making millions of users’ browsers more secure.

    Other authors included: CSE/CNS Graduate Student Craig Disselkoen and CSE/CNS Faculty Sorin Lerner at UC San Diego; Hovav Shacham at UC San Diego and UT Austin; Nathan Froyd and Eric Rahm at Mozilla; and Tal Garfinkel at Stanford University.

    Original Article published here: https://cse.ucsd.edu/about/news/researchers-develop-framework-improves-firefox-security

  • CNS Espresso Prize Awardee Receives Recognition from the CRA

    Weiyang (Frank) Wang has been recognized as a Runner-Up for a 2020 Outstanding Undergraduate Researcher Award by the Computing Research Association (CRA). This award program recognizes undergraduate students in North American colleges and universities who show outstanding research potential in an area of computing research. Mitsubishi Electric Research Labs (MERL) is the sponsor of the Outstanding Undergraduate Researcher Award program this year.

    Frank received the CNS Espresso Prize for Excellence in Networking in 2018.

  • Stefan Savage Receives an ACM CCS Test-of-Time Award

    Tom Ristenpart accepting the ACM CCS Test-of-Time Award
    CNS Co-director Stefan Savage received an ACM CCS Test-of-Time award for the 2009 paper “Hey, You, Get off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds.” The paper authors are Stefan Savage, Tom Ristenpart, Hovav Shacham, and Eran Tromer.
    http://cseweb.ucsd.edu/~savage/papers/CCS09.pdf

  • CNS Espresso Prize for Excellence in Networking

    Godwin Pang receiving the 2020 Espresso Prize from Professor Alex Snoeren
    The CNS Espresso Prize for Excellence in Networking was awarded by Professor Alex C. Snoeren to UCSD undergraduate student Godwin Pang for his outstanding final project in CSE 123 (2019 fall quarter).
    Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practice of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.

    Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.

    The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123, Alex C. Snoeren, based upon criteria set by him for the given final project assigned each year.

    Previous Recipients of the CNS Espresso Prize for Excellence in Networking:

    2019 Undergraduate recipient: Weiyang (Frank) Wang
    2018 Undergraduate recipient: Christian Chung
    2017 Undergraduate recipient: Yihan Zhang
    2016 Undergraduate recipient: Conner Johnston
    2014 Undergraduate recipient: Aaron Yip Ming Wong
    2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
    2013 Undergraduate recipient: Jacob Maskiewicz
    2013 Graduate recipient: Vidya Kirupanidhi

  • Alan Turing Memorial Scholarship Recognizes Two Outstanding Scholars

    Giselle Mejia Receives the Alan Turing Memorial Scholarship Award (2019 – 2020)
    Each year, the Center for Networked Systems (CNS) awards the Alan Turing Memorial Scholarship to one or more students for their academic commitment, particularly in networked systems, and their ongoing support for the LGBTQ community.

    Thanks to a generous grant from the Motorola Solutions Foundation, Giselle Mejia, a fourth-year student studying cognitive science with a specialization in design and interaction, is now among the 2019 Turing Scholarship recipients. A second student, who wishes to remain anonymous, was also recognized and will be awarded a scholarship through support from CNS.

    “This year, the Alan Turing Memorial Scholarship has been awarded to two amazing students,” said associate professor and CNS co-director George Porter. “We’re very thankful to the Motorola Solutions Foundation for their generous support of this meaningful scholarship program and for making this opportunity possible.”

    The Motorola Solutions Foundation impacts underrepresented populations—including females, minorities, people with disabilities, veterans and more—through its grants program.

    Honoring Alan Turing and Celebrating Inclusiveness
    The Alan Turing Scholarship was established in 2015 by CNS, an interdisciplinary computer science research center in UC San Diego’s Computer Science and Engineering Department.

    The award pays homage to Alan Turing, the famed codebreaker and mathematician whose work accelerated the Allied victory in World War II. After the war, Turing was persecuted for his orientation as a gay man and died by suicide in 1954.

    The scholarship honors Turing for his brilliant achievements and supports an inclusive, diverse environment in computer science. In addition to their LGBTQ support, scholarship recipients are selected for academic merit and financial need.

    “We are very pleased to support the work of CNS and the goals of the Alan Turing Memorial Scholarship at UC San Diego,” said Monica Mueller executive director of the Motorola Solutions Foundation. “We believe in organizations that foster innovation and drive change and we’re proud to be part of the positive impact they are making in the community.”

    Giselle Mejia: 2019 Alan Turing Scholar
    As a 2019 Alan Turing Scholar, Mejia will receive a stipend and have unique opportunities to conduct research with a CNS faculty mentor. Coming from an economically disadvantaged household, Mejia appreciates the financial support. However, she was compelled to apply for personal reasons.

    “I saw the Alan Turing scholarship description, and it really called out to me,” said Mejia. “It matched what I am studying and what I want to represent.”

    She did not always feel that way. Mejia grew up in a household where the LGBTQ community was not accepted. As a child, she never questioned these views, but as she grew up, and got to know friends and relatives within the community, she realized these attitudes were simply wrong.

    “My world began as a simple, ordinary house and a small family,” said Mejia in a thank you letter to CNS. “To me, all that I knew and learned was traditional in the Philippines. My world, however, grew into a street; and then a town; and then a world with families and friends and their families.”

    Since this epiphany, Mejia has actively supported the LGBTQ community and has participated in the San Francisco Gay Pride Parade.

    “The parade was just beautiful,” she said. “It brings together this large community and gives them lots of space to express themselves and meet new people who accept them and give each other encouraging words. It’s a safe haven with so much peace. I learned a lot from walking those parades.”

    On the academic side, Mejia’s studies have provided her with a foundation in cognitive science, communications, computer science, and the visual arts. She hopes to integrate these interdisciplinary approaches as she moves forward in her career.

    “I want to take all the things I’ve learned from computer science and technology, coupled with the brain, and really go into AI,” said Mejia. “I want to create technology that will bridge the gap between computers and people.”

    After graduation, Mejia plans to look for a job in Silicon Valley or elsewhere in the Bay Area. The Alan Turing Memorial Scholarship caps off an impressive four years at UC San Diego, which she will deeply miss.

    “It’s pretty bittersweet,” said Mejia. “I love this school; it helped me grow in so many ways. But it also prepared me, and I’m excited to go out in the real world.”

  • CAIDA’s KC Claffy Inducted Into Internet Hall of Fame

    KC Claffy
    Image: Stonehouse Photographic / Internet Society
    KC Claffy, director of the Center for Applied Data Analysis (CAIDA) at the University of California’s San Diego Supercomputer Center (and a CNS faculty member), has been inducted into the Internet Hall of Fame for her pioneering work in the area of internet measurement and analysis.

    Claffy, who is also an adjunct professor in UC San Diego’s Computer Science and Engineering Department, was among 11 inductees from six countries around the world, including Peru, Japan, Brazil, Netherlands, Togo and the U.S. They were honored at a special ceremony September 27 in San José, Costa Rica.

    “The internet’s design has always enabled people to see a problem, and get to work on solving it,” said Andrew Sullivan, Internet Society President and CEO. “This year’s inductees have given us all great gifts of their creative approaches to issues they saw on the internet. We can take inspiration from them to tackle the next round of challenges.”

    In pioneering the field of internet measurement and analysis, Claffy has helped the global scientific research community better understand the internet and how it is used, according to an announcement by the Internet Hall of Fame. In addition to conducting her own research, Claffy and her team have developed infrastructure and methodologies for large-scale internet data collection, analysis, and distribution around the world.

    In her acceptance remarks, Claffy recognized the roles that SDSC, its Founding Director Sid Karin, SDSC Research Scientist Hans-Werner Braun, and then-UC San Diego Professor George Polyzos played early in her career.

    She also observed two historical inflection points: one at the beginning of her career, the commercialization and privatization of the Internet infrastructure, and the second emerging now, amidst recognition that “society is increasingly exposed to a range of harms serious enough to create a public interest in mitigating them.” Claffy also noted that this inflection point toward regulation is “scarier…, because mistakes by governments are more dangerous and take longer to undo than mistakes by the private sector.”

    Claffy published the first of many papers on internet traffic measurement and analysis in 1992, and in 1997 founded CAIDA. The center initially focused on data that informed the technical community, but now also examines the economic and policy context that defines the internet ecosystem, including analysis related to infrastructure security and stability, the mutual interdependence of architecture and policy, and the ethics of information technology research.

    A series of brief videos by Claffy explaining the issue of net neutrality and why we need to measure the internet can be found here.

    MEDIA CONTACT
    Jan Zverina, 858-534-5111, jzverina@sdsc.edu

    Original story posted here: https://ucsdnews.ucsd.edu/pressrelease/caidas-kc-claffy-inducted-into-internet-hall-of-fame

  • App Allows Inspectors to Find Gas Pump Skimmers Faster

    The Bluetana app detects skimmers’ Bluetooth signature and is more accurate than other apps
    Photos/David Baillot/Jacobs School of Engineering/UC San Diego
    Full photo gallery: http://bit.ly/bluetanaphotos
    A team of computer scientists at UC San Diego and the University of Illinois has developed an app that allows state and federal inspectors to detect devices that criminals install in gas pumps to steal consumer credit and debit card data. The devices, known as skimmers, use Bluetooth to transmit the data they steal.

    “All criminals have to do is download the data from the comfort of their vehicle,” said Nishant Bhaskar, a Ph.D. student in computer science at the University of California San Diego and the study’s first author.

    The app, called Bluetana, detects the Bluetooth signature of the skimmers, and allows inspectors to find the devices without needing to open up the gas pumps.

    Bluetana was developed with technical input from the United States Secret Service and is only available to gas pump inspectors. It will not be available to the general public. It is now used by agencies in several states.

    “Our goal is to give field agents the best tools for the job available today,” said Kirill Levchenko, a computer science professor at the University of Illinois who earned his Ph.D. at the Jacobs School of Engineering at UC San Diego. “We’ve found that Bluetana helps agents find more gas stations with skimmers—and to find more skimmers at those gas stations.”

    The researchers found that, compared to similar apps currently available for smartphones, Bluetana is likely to discover more skimmers and results in a much lower false positive rate. “Bluetooth technology used in these skimmers are also used for legitimate products commonly seen at and near gas stations such as speed-limit signs, weather sensors and fleet tracking systems,” said Bhaskar. “These products can be mistaken for skimmers by existing detection apps.”

    Bluetana uses an algorithm developed by the researchers to distinguish skimmers from legitimate Bluetooth devices. The researchers designed the algorithm based on the results of a field study during which the researchers analyzed scans of Bluetooth devices taken by inspectors at 1,185 gas stations across six U.S. states.

    “Bluetana extracts more meaningful data from the Bluetooth protocol, such as signal strength, than existing skimmer detection applications. In a few cases, our app was able to find devices missed by visual inspection,” said Maxwell Bland, a Ph.D. student in computer science at UC San Diego and study coauthor.

    In one year of operation, Bluetana has led to the discovery of 42 Bluetooth-based skimmers across three U.S. states, all of which were recovered by inspectors. “We were surprised that there were so many skimmers in the field that had not been discovered by other detection methods such as regular manual inspections,” said Aaron Schulman, a UC San Diego assistant professor in computer science. “We even found two skimmers that were installed in gas pumps and had evaded detection for six months.”

    Researchers will present their work on Bluetana at the USENIX Security 2019 conference Aug. 14, 2019 in the San Francisco Bay Area.

    What do skimmers do and how much are they worth to criminals?
    Skimmers have a high return on investment for criminals: skimmed debit card numbers can be used to withdraw cash and skimmed credit card numbers to make expensive purchases. A skimming device costs $20 or less to manufacture and can bring in more than $4,000 per day, depending on how many people use the gas pump and how the criminal converts the stolen numbers to cash.

    Criminals break into the pumps, many of which can be opened using a universal master key, to install the skimmers. Skimmers are connected to both the keypad and the magnetic stripe reader inside the gas pump. This allows the devices to collect not only customers’ card numbers, but also their billing ZIP code and PIN, in the case of a debit card transaction.

    It takes Bluetana, on average, three seconds to detect a skimmer. By contrast, law enforcement officials can take 30 minutes on average to find skimmers during manual inspections.

    “UC San Diego is an active and important partner on our Southern California Electronic Crimes Task Force, and has been able to provide technological solutions to current investigative needs,” said Special Agent in Charge James Anderson of the Secret Service. “Our office looks forward to presenting them with other investigative challenges.”

    Next steps
    As more gas stations adopt payment systems exclusively for credit and debit cards with chips, criminals will use technologies to capture information from these types of cards. Researchers will have to follow suit. Visa and MasterCard are mandating that all gas stations in the United States use the chip-based systems by October 2020.

    “Bluetana is not the last word,” Levchenko said. “As criminals evolve, our techniques will need to evolve also.”

    MEDIA CONTACT
    Ioana Patringenaru, 858-822-0899, ipatrin@ucsd.edu

    Paper: http://cseweb.ucsd.edu/~schulman/docs/sec19-bluetana.pdf
    Krebs on Security: https://krebsonsecurity.com/2019/08/meet-bluetana-the-scourge-of-pump-skimmers/
    Fast Company: https://www.fastcompany.com/90390130/bluetana-is-a-new-app-to-fight-gas-pump-credit-card-skimmers
    Tech Crunch: https://twitter.com/TechCrunch

  • New Face of the Bank of England’s £50 is Revealed as Alan Turing

    He is celebrated for his code-cracking work that proved vital to the Allies in World War Two.

    The Center for Networked Systems is delighted to learn that the Bank of England revealed Alan Turing as the new face for the £50 note. We at CNS are excited that the namesake for CNS’s Alan Turing Memorial Scholarship is being honored this way.

    Full Article: https://www.bbc.com/news/business-48962557

  • $1,000 Challenge to be Met in 32 hours

    A generous $1,000 donation for the Alan Turing Memorial Scholarship from a Center for Networked Systems alumnus has led to a challenge for the inaugural UCSD Giving Day. To unlock the challenge, we need 15 donations of any amount by 2:00 PM on May 17, 2019.

    Please consider helping us with this challenge by DONATING HERE:
    https://ugive.ucsd.edu/giving-day/12221/donate?dept=17709&des=68156

    UCSD Giving Day: https://ugive.ucsd.edu/?_ga=2.182123044.241336362.1557764195-1736365700.1549398806

    More about the scholarship can be found here: http://cns.ucsd.edu/cns-students-portal/center-for-networked-systems-alan-turing-memorial-scholarship/

  • Application Deadline: February 4, 2019 for the Alan Turing Memorial Scholarship

    In 2015, the Center for Networked Systems established the Alan Turing Memorial Scholarship the first of its kind in the nation, for enrolled UC San Diego undergraduate students majoring in computer science or computer engineering, public policy, communications and other programs touching on networked systems and who are active in supporting the LGBTQIA+ community. In addition to receiving a $2,000 scholarship, recipients are also provided with an opportunity to carry out guided research under the direction of one of the center’s faculty mentors.

    APPLICATION INFORMATION

    The Alan Turing Memorial Scholarship will be awarded in the fall quarter of 2019 for the 2019-2020 academic year. In addition to the requirements listed above, preference is given to students with demonstrated academic merit, financial need, and experience or interest in research.

    If awarded this scholarship, you will need to provide a two or three sentence public statement about how you have actively supported the LGBTQIA+ community through your identity, relationships and/or work.

    Online application: https://ucsd.academicworks.com/opportunities/2332

    DEADLINE: February 4, 2019
    If you have questions regarding the application process, please contact the UCSD Scholarship Office at scholarships@ucsd.edu

  • CNS Espresso Prize for Excellence in Networking

    Weiyang Wang receiving the 2018 Espresso Prize from Professor Alex Snoeren
    The CNS Espresso Prize for Excellence in Networking was awarded by Professor Alex C. Snoeren to UCSD undergraduate student Weiyang Wang for his outstanding final project in CSE 123 (2018 fall quarter).

    Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practice of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.

    Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.

    The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123, Alex C. Snoeren, based upon criteria set by him for the given final project assigned each year.

    Previous Recipients of the CNS Espresso Prize for Excellence in Networking:

    2017 Undergraduate recipient: Christian Chung
    2017 Undergraduate recipient: Yihan Zhang
    2016 Undergraduate recipient: Conner Johnston
    2014 Undergraduate recipient: Aaron Yip Ming Wong
    2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
    2013 Undergraduate recipient: Jacob Maskiewicz
    2013 Graduate recipient: Vidya Kirupanidhi

    https://cns.ucsd.edu/cns-students-portal/cns-espresso-prize-for-excellence-in-networking/

  • Alan Turing Memorial Scholarship Recipients Meet with Ken Nordholm from Motorola Solutions

    The Alan Turing Memorial Scholarship recipients, Anton Sydorenko and Adrian Mendoza, met Ken Nordholm from Motorola Solutions at a social gathering in La Jolla, California on January 17, 2019, to express their gratitude for the $10,000 donation from the Motorola Solutions Foundation. Motorola’s gift made a positive and powerful impact on their lives.

    Read more about the recipients and Motorola Solutions Foundation’s gift: https://cns.ucsd.edu/alan-turing-memorial-scholarship-recognizes-two-students-in-computer-science/

    (Pictured L-R, Amanda Estrada, Associate Director at UC San Diego Foundation Relations, Stefan Savage, CNS Co-Director, Ken Nordholm, Senior Account Manager at Motorola Solutions, Anton Sydorenko, scholarship recipient, Adrian Mendoza, scholarship recipient, and George Porter, CNS Co-Director.
  • CNS Research Update: RotorNet

    Researchers from UCSD’s Center for Networked Systems are designing a new kind of network technology called RotorNet, which has the potential to increase the performance of networked applications while reducing their energy use. This work is supported by the National Science Foundation and the Dept. of Energy’s “ARPA-e” ENLITNED program.
    A brief video about our research:

  • Alex C. Snoeren Named ACM Fellow

    Alex C. Snoeren named ACM Fellow
    Alex C. Snoeren, a professor of computer science and engineering and a CNS faculty member, has been named a Fellow of the Association for Computing Machinery (ACM), the world’s largest association of computing professionals. Snoeren is being honored for his innovative approaches to measuring, managing and detecting network traffic and is one of only 56 Fellows named in 2018.

    Long before cloud computing services, such as Amazon’s AWS and Microsoft’s Azure, became omnipresent, Snoeren said he and his colleagues “considered how to limit the amount of traffic a particular customer or service might use in a cloud environment, where there are many different links or paths that their traffic could traverse.”

    “Traditionally, limits were imposed by running all the traffic through a single device that would ‘see’ everything, but that could result in significant delays,” he explained. “Instead, we devised a method called distributed rate limiting (DRL) that provided the illusion of a single shared link, but did not require the traffic to traverse the same physical links.”Snoeren and his graduate students are now working on new ways to connect the hundreds of thousands of computers in massive data centers, using optical circuit switches, and are creating a prototype using motors and spinning platters repurposed from commercial hard drives.

    “Optical circuit switches have long been known to be a much more cost-effective way to connect hosts at high speeds, but so far nobody has figured out a way to do so while allowing servers to respond to client requests before users get impatient,” said Snoeren. “We are developing a new kind of optical circuit switch that can deliver both the massive amounts of bandwidth required by mega data centers while meeting the stringent timeliness requirements of today’s services and applications.”

    “I’ve also spent a fair amount of time thinking about how to make the network robust to attack,” said Snoeren. “Back when we were graduate students, I and my CSE colleague Stefan Savage each invented an entirely different way to determine the source of the distributed denial of service (DDoS) attacks that were plaguing the Internet at the turn of the millennia.”

    Snoeren joined the CSE faculty in 2003 and is a member of UCSD’s Systems and Networking Research Group, the Center for Networked Systems and the Center for Evidence-Based Security Research. He received a Ph.D. in computer science from the Massachusetts Institute of Technology in 2003, an M.S. in computer science in 1997 and a B.S. in computer science (1996) and applied mathematics (1997) from the Georgia Institute of Technology. For Snoeren, being named an ACM fellow is the culmination of a lot of hard work and an honor he is happy to share with many of his UC San Diego co-workers.

    “Many of my CSE faculty colleagues are ACM Fellows themselves, so it is a career milestone I’ve looked up to for a long time,” said Snoeren. “I’m deeply honored to see my name alongside theirs and all the other Fellows selected this year, many of which are good friends so I’m looking forward to celebrating with them at the ceremony next June.”

    For more on Snoeren’s work, visit http://cseweb.ucsd.edu/~snoeren/.

  • CSE Professor and Alumnus Honored for Research that Stands the Test of Time

    Pictured L-R, Jeff Mogul, Kun Tan, Geoffrey Voelker, Yongguang Zhang, He “Lonnie” Liu. Photo courtesy of USENIX.
    Geoffrey M. Voelker and his colleagues at MSR Beijing, including CSE Ph.D alumnus, He “Lonnie” Liu, won the USENIX Test of Time award at NSDI in Boston, MA this week for their work on Sora: High Performance Software Radio using General Purpose Multicore Processors. This was the first purely software-based WiFi radio platform running on a PC. The award is given for work at least a decade prior that has had a lasting impact on the field. Voelker received his first Test of Time award at USENIX Security in 2017 for his denial of service attacks research.

    Related links:
    2009 Paper: Sora: High Performance Software Radio using General Purpose Multi-Core Processors

    NSDI ’19: 16th USENIX Symposium on Networked Systems Design and Implementation

  • Alex C. Snoeren Named ACM Fellow

    Alex C. Snoeren, a professor of computer science and engineering, has been named a Fellow of the Association for Computing Machinery (ACM), the world’s largest association of computing professionals. Snoeren is being honored for his innovative approaches to measuring, managing and detecting network traffic and is one of only 56 Fellows named in 2018.

    Professor Alex C. Snoeren

    Long before cloud computing services, such as Amazon’s AWS and Microsoft’s Azure, became omnipresent, Snoeren said he and his colleagues “considered how to limit the amount of traffic a particular customer or service might use in a cloud environment, where there are many different links or paths that their traffic could traverse.”

    “Traditionally, limits were imposed by running all the traffic through a single device that would ‘see’ everything, but that could result in significant delays,” he explained. “Instead, we devised a method called distributed rate limiting (DRL) that provided the illusion of a single shared link, but did not require the traffic to traverse the same physical links.”Snoeren and his graduate students are now working on new ways to connect the hundreds of thousands of computers in massive data centers, using optical circuit switches, and are creating a prototype using motors and spinning platters repurposed from commercial hard drives.

    “Optical circuit switches have long been known to be a much more cost-effective way to connect hosts at high speeds, but so far nobody has figured out a way to do so while allowing servers to respond to client requests before users get impatient,” said Snoeren. “We are developing a new kind of optical circuit switch that can deliver both the massive amounts of bandwidth required by mega data centers while meeting the stringent timeliness requirements of today’s services and applications.”

    “I’ve also spent a fair amount of time thinking about how to make the network robust to attack,” said Snoeren. “Back when we were graduate students, I and my CSE colleague Stefan Savage each invented an entirely different way to determine the source of the distributed denial of service (DDoS) attacks that were plaguing the Internet at the turn of the millennia.”

    Snoeren joined the CSE faculty in 2003 and is a member of UCSD’s Systems and Networking Research Group, the Center for Networked Systems and the Center for Evidence-Based Security Research. He received a Ph.D. in computer science from the Massachusetts Institute of Technology in 2003, an M.S. in computer science in 1997 and a B.S. in computer science (1996) and applied mathematics (1997) from the Georgia Institute of Technology. For Snoeren, being named an ACM fellow is the culmination of a lot of hard work and honor he is happy to share with many of his UC San Diego co-workers.

    “Many of my CSE faculty colleagues are ACM Fellows themselves, so it is a career milestone I’ve looked up to for a long time,” said Snoeren. “I’m deeply honored to see my name alongside theirs and all the other Fellows selected this year, many of which are good friends so I’m looking forward to celebrating with them at the ceremony next June.”

    For more on Snoeren’s work, visit http://cseweb.ucsd.edu/~snoeren/ .

    Story written by Qualcomm Institute / UC San Diego Division of Calit2 Media Services

  • Alan Turing Memorial Scholarship Recognizes Two Students in Computer Science

    By Xochitl Rojas-Rocha, senior writer, Qualcomm Institute at UC San Diego

    The recipients of this year’s Alan Turing Memorial Scholarship are Anton Sydorenko (senior, Computer Science) and Adrian Mendoza (junior, Computer Engineering). This marks the third consecutive year that UC San Diego’s Center for Networked Systems has recognized students studying networked systems for their academic commitment and involvement in the LGBT community, and the first year that it has awarded the scholarship to more than one student.

    Pictured (l-r): CNS Co-Director George Porter, Recipient Anton Sydorenko, Recipient Adrian Mendoza, CNS Co-Director Stefan Savage

    Honoring Alan Turing’s Legacy

    The Alan Turing Memorial Scholarship was established in 2015 by the Center for Networked Systems (CNS), an interdisciplinary computer science research center in UC San Diego’s Computer Science and Engineering Department. The scholarship pays homage to Alan Turing, the famed codebreaker and mathematician whose work accelerated the Allied victory in World War II by more than a year.

    After the war, Turing was persecuted for his orientation as a gay man. He died by suicide in 1954.

    “The Turing Scholarship at UCSD is a unique way that we as a community show how much we value diversity, in particular, diversity aimed at the LGBT community. Diversity is essential to strengthening our center, and is in line with UCSD’s mission,” said CNS co-director George Porter.

    The Turing Scholarship highlights CNS’s interest in celebrating and promoting student diversity in computer science and related fields. In addition to providing students with funds for their education, CNS offers recipients a chance to conduct research under the guidance of a mentor. Thanks to a donation of $10,000 from the Motorola Solutions Foundation, CNS can provide that opportunity to two recipients this year.

    “The Motorola Solutions Foundation is honored and privileged to support the Alan Turing Memorial Scholarship,” said Matt Blakely, executive director of the Motorola Solutions Foundation. “We believe in organizations that are fostering innovation, building partnerships and driving change, and we’re proud to be a part of the positive impact they’re making in their communities.”

    Alan Turing Memorial Scholarship Recipient 2018-2019, Anton Sydorenko

    Anton Sydorenko: Immigrant, Coder

    When he was 20, Anton Sydorenko packed a bag of summer clothes and emigrated alone from Ukraine to Chicago, IL. He had only $700 in his pocket.

    Sydorenko’s first years in the country were spent adjusting, practicing his English, and working minimum wage jobs to support himself. One of those jobs entailed working security at a popular LGBT nightclub in Chicago, where he found friends and a community. He participated in LGBT-geared festivals and helped build a float for a pride parade on one memorable occasion.

    Eventually, Sydorenko’s hard work carried him from community college to a transfer to UC San Diego. It felt like a significant achievement for someone whose parents never attended school. Sydorenko believes it was made possible by the risk he took in moving to a new country where he had neither friends nor family.

    “You really have to experience the poverty, obstacles and total corruption of ‘developing’ countries to truly appreciate and respect ‘the land of opportunities.’ Two years ago I became a U.S. citizen and it is one of my proudest achievements,” said Sydorenko.

    The scholarship will support Sydorenko’s education and love of coding. For him, “receiving an award that is named after Alan Turing, the father of computer science, is especially motivating and inspiring.”

    Currently, Sydorenko and several classmates are designing an app that will help find homes for animals held in shelters.

    Adrian Mendoza: First-Generation Student, Computer Engineer

    Alan Turing Memorial Scholarship Recipient 2018-2019, Adrian Mendoza

    Born to Mexican immigrants in south Los Angeles, Adrian Mendoza credits his parents and the hard sacrifices they made for his current success and the opportunity to pursue what he loves. To him, computer engineering is a way to understand and solve the problems of the world.

    “Technology revolves around everyone’s life, so working to improve technology is basically working to improve everyone’s life,” Mendoza concluded.

    In addition to leading independent projects in computer engineering, Mendoza fosters collaborations between the Society of Hispanic Professional Engineers and Out in Science Technology, Engineering, and Mathematics (oSTEM), an LGBT-oriented non-profit. He has seen his efforts help oSTEM build its reputation and draw interest from engineering students who identify as LGBT.

    Receiving the Alan Turing Memorial Scholarship gives Mendoza the space to focus on his studies, and removes the added stress of working to support himself. As soon as he’d heard he won, he called his family.

    “It took me a couple minutes to let it sink in that I was the fortunate student to have been awarded this scholarship, out of the hundreds who applied for it. At the end of the day, I felt blessed and thankful for having been selected,” said Mendoza.

    The scholarship is open to undergraduates who are active supporters of the LGBT community and majoring in computer science, computer engineering, public policy, communications, and other programs touching on networked systems. It is awarded to students based on academic merit, with a preference for those with demonstrated financial need.

    The CNS established the scholarship with gifts from the center’s annual giving fund. The center is now looking for additional philanthropic support to create an endowment, in hopes of raising $250,000 to ensure the scholarship will be available to students in the future.

    If you are interested in donating to the foundation, contributions can be made online .

    For more information on the scholarship and the application process, visit the CNS website .

    The story is also posted here: UCSD CSE

     

     

     

  • CNS Awards Travel Grant to CSE Graduate Student
    Nadah Feteih 2018 Award Recipient

    For female students, in particular, attending the annual Grace Hopper Celebration of Women in Computing can be a critical launching pad for careers in computer science in either academia or private industry.  For that reason, UC San Diego’s Center for Networked Systems (CNS) provides funding each year to help defray the cost of attending the Grace Hopper Celebration to a deserving student who wants to play a leadership role in computer science.

    The CNS Grace Hopper Travel Grant awardee selected to attend the 2018 conference, September  26-28 in Houston, is Nadah Feteih.  Feteih is working on her M.S. in Computer Science with a specialization in Systems and Security.

    Nadah Feteih is going into her last year in the M.S program, with an anticipated graduation of March 2019. She received her Bachelor’s degree in Computer Science from UC San Diego and graduated December 2017 with highest honors (summa cum laude). During her time as an undergraduate, she has been involved with the CSE Department in different capacities. She has been a tutor for various introductory programming courses and most recently a TA for the Programming Languages and Compilers courses. She was an undergraduate researcher with a growing interest in security and privacy research. With her most recent role this summer as a software engineer at Google, she worked on the Data Retention and Wipeout team under the privacy org. During previous summers, she has also completed internships at Facebook and Intuit. As a graduate student, she has also been interested in Computer Science education and co-founded a student organization (CS foreach) focused on mentorship, outreach, and teaching Computer Science in underserved communities throughout San Diego County. She received the Contributions to Diversity award within the Master’s division this past June.

     

    https://ghc.anitab.org/

     

  • Evaluating Security Outcomes: Applying Evidence-based Security to Improve Cybersecurity Risk

    Facebook invited submissions from university researchers and faculty, non-profit organizations, and NGOs for applied research proposals to improve the security, privacy, and safety of internet users.  Their goal is to spur the development of technology that may be applied in practice.  Facebook awarded up to $100,000 per proposal for the Secure the Internet Grant.

    CNS/CSE Professors Stefan Savage and Geoffrey Voelker received a $75,000 a grant for their proposal, “Evaluating Security Outcomes: Applying Evidence-based Security to Improve Cybersecurity Risk.”  This project will bring large portions of cybersecurity under an evidence-based umbrella, to correlate concrete cybersecurity outcomes (e.g., whether a particular machine is compromised or a credential is stolen) with concrete security behaviors (e.g., is the software patched, does the user of the machine visit file sharing sites, etc.).  Their lab plans to use this approach to both empirically evaluate particular hypotheses (i.e., a correlation between the use of file-sharing sites and host compromise might be explained by the poisoning of the file-sharing ecosystem with malware). They will also develop network measurement tools to extract a broad array of security-relevant behaviors as well as indicators of outcomes, using the machines connected to UC San Diego’s network as the basis of the study.

     

  • Congratulations to CNS Faculty Member Ranjit Jhala!
    CSE Professor, Ranjit Jhala, receives the Robin Milner Young Researcher Award

    Congratulations to Ranjit Jhala for receiving the 2018 Robin Milner Young Researcher Award.  The Robin Milner Young Researcher Award is given by ACM SIGPLAN to recognize outstanding contributions by young investigators in the area of programming languages. Individuals are eligible if their computer-related professional career (graduate school or full-time employment, whichever began first) started no earlier than 20 years prior to the nominations deadline.  The award ceremony took place at the PLDI conference in Philadelphia on  June 21, 2018.

  • Congratulations to CNS Faculty Member Alin Deutsch!
    CSE Professor Alin Deutsch (left) and Jan van den Bussche, PODS General Chair

    Congratulations to Alin Deutsch for receiving the 2018 Alberto O. Mendelzon PODS Test-of-Time Award for his 2008 paper “The Chase Revisited“, co-authored with the late Alan Nash and Jeff Remmel.  The award ceremony took place at the SIGMOD/PODS conference in Houston on Monday, June 11, 2018.

  • Actor and Activist George Takei’s Visit to UC San Diego

    Actor and activist George Takei visited UC San Diego on April 26 to deliver the DeWitt Higgs Memorial lecture, presented by the Council of Provosts of the Undergraduate Colleges at UC San Diego.  The openly gay Takei has long been a passionate advocate for social justice, an outspoken supporter of human right issues, and a community activist.  Sothyrak Srey, the current Alan Turing Memorial Scholarship recipient, and CNS Co-Director, George Porter, had an opportunity to meet and talk about the Turing scholarship with George Takei and his husband, Brad Takei, at a pre-lecture reception.  Special thank you to Earl Warren College for this opportunity.

    Related Article: The Guardian, UCSD

    Pictured (l-r): CNS Co-Director George Porter, George Takei, and UC San Diego student and Alan Turing Memorial Scholarship recipient, Sothyrak (Tee) Srey. Special thank you to Earl Warren College. Photo by Alex Matthews.
  • CNS Postdoctoral Researcher and Graduate Student featured on CS Channel

    CNS/CSE Postdoctoral Researcher, Max Mellette, and Graduate Student, Ariana Mirian, talk about their current research at CSE.  These six videos are the first to be featured in a series called “We Are CSE.”  Max, working with Professor George Porter, discusses how his research focuses on using optical switching to improve the scalability, power consumption, and cost of data center networks.  Ariana, advised by Professors Geoff Voelker and Stefan Savage, discusses her work and interest in improving internet security and her focus on the intersection of usable security and empirical analysis.  Their videos are being featured on the UCSD Computer Science Channel.  https://www.uctv.tv/computer-science/we-are-cse/

  • Robot Parade! Computer Science 91 with Professor Steve Swanson

    CSE Bits n’ Bytes
    Premiere Date: 12/15/2017; 5 minutes

    A quick look at an innovative computer science class from the UC San Diego Department of Computer Science and Engineering that gives first year students hands-on experience in designing, building and programming their own robots. (#31796)

  • Computer Scientists Develop Simple Tool to Detect Website Data Breach

    Computer scientists have built and successfully tested a tool designed to detect when websites are hacked by monitoring the activity of email accounts associated with them. The researchers were surprised to find that almost 1 percent of the websites they tested had suffered a data breach during their 18-month study period, regardless of how big the companies’ reach and audience are.

    “No one is above this—companies or nation states— it’s going to happen; it’s just a question of when,” said Alex C. Snoeren, the paper’s senior author and a professor of computer science at the Jacobs School of Engineering at the University of California San Diego.

    One percent might not seem like much. But given that there are over a billion sites on the Internet, this means tens of millions of websites could be breached every year, said Joe DeBlasio, one of Snoeren’s Ph.D. students and the paper’s first author. Even scarier, the researchers found that popular sites were just as likely to be hacked as unpopular ones. This means that out of the top-1000 most visited sites on the Internet, ten are likely to be hacked every year.

    “One percent of the really big shops getting owned is terrifying,” DeBlasio said.

    The team of researchers at UC San Diego presented the tool in November at the ACM Internet Measurement Conference in London.

    Some of the code engineers use to develop Tripwire. The entire
    code is available on GitHub at: https://github.com/ccied/tripwire/

    The concept behind the tool, called Tripwire, is relatively simple. DeBlasio created a bot that registers and creates accounts on a large number of websites—around 2,300 were included in their study. Each account is associated with a unique email address. The tool was designed to use the same password for the email account and the website account associated with that email. Researchers then waited to see if an outside party used the password to access the email account. This would indicate that the website’s account information had been leaked.

    To make sure that the breach was related to hacked websites and not the email provider or their own infrastructure, researchers set up a control group. It consisted of more than 100,000 email accounts they created with the same email provider used in the study. But computer scientists did not use the addresses to register on websites. None of these email accounts were accessed by hackers.

    In the end, researchers determined 19 websites had been hacked, including a well-known American startup with more than 45 million active customers.

    Once the accounts were breached, researchers got in touch with the sites’ security teams to warn them of the breaches. They exchanged emails and phone calls. “I was heartened that the big sites we interacted with took us seriously,” Snoeren said.

    Yet none of the websites chose to disclose to their customers the breach the researchers had uncovered. “I was somewhat surprised no one acted on our results,” Snoeren said.

    The researchers decided not to name the companies in their study.

    “The reality is that these companies didn’t volunteer to be part of this study,” Snoeren said. “By doing this, we’ve opened them up to huge financial and legal exposure. So we decided to put the onus on them to disclose.”

    Interestingly, very few of the breached accounts were used to send spam once they became vulnerable. Instead, the hackers usually just monitored email traffic. DeBlasio speculates that the hackers were monitoring emails to harvest valuable information, such as bank and credit card accounts.

    Researchers went a step further. They created at least two accounts per website. One account had an “easy” password—strings of seven-character words with their first letter capitalized and followed by a single digit. These kinds of passwords are usually the first passwords that hackers will guess. The other account had a “hard” password—random 10-character strings of numbers and letters, both in lower and upper case, without special characters.

    Seeing which of the two accounts got breached allowed researchers to make a good guess about how websites store passwords. If both the easy and hard passwords were hacked, the website likely just stores passwords in plain text, contrary to typically-followed best practice. If only the account using the easy password was breached, the sites likely used a more sophisticated method for password storage: an algorithm that turns passwords into a random string of data—with random information added to those strings.

    The computer scientists had a few pieces of advice for Internet users: don’t reuse passwords; use a password manager; and ask yourself how much you really need to disclose online.

    “Websites ask for a lot of information,” Snoeren said. “Why do they need to know your mother’s real maiden name and the name of your dog?”

    DeBlasio was less optimistic that these precautions would work.

    “The truth of the matter is that your information is going to get out; and you’re not going to know that it got out,” he said.

    Snoeren and colleagues are not planning to pursue further research on Tripwire.

    “We hope to have impact through companies picking it up and using it themselves,” he said. “Any major email provider can provide this service.”

     

  • New UC San Diego Chapter Sends LGBT+ Delegates to oSTEM National Conference

    For the first time, a delegation of faculty and students from the University of California San Diego attended the annual Out in Science, Technology, Engineering and Mathematics (oSTEM) National Conference. The four-day conference took place November 16-19 in Chicago, IL.

    Over 800 attendees participated in the 7th oSTEM conference to discuss topics and challenges faced by members of the LGBT+ community in STEM fields (including computer science), and to celebrate the community and help ensure student success in school – and when those students start looking for a job.

    Pictured (l-r): Math professor Dan Rogalski, CSE professor Arun Kumar, and undergraduate UC San Diego students Kayla Ortiz, Terry Worlikar, Joyce (Jun) Lor, Sothyrak (Tee)Srey, and Hasan Al-Jamaly.

    The national event coincided with the inaugural year of the new oSTEM Chapter at UC San Diego. Financial support from sponsors allowed the new chapter to send five undergraduate students to the conference: Kayla Ortiz, Terry Worlikar, Joyce (Jun) Lor, Sothyrak (Tee) Srey, and Hasan Al-Jamaly.

    “Being part of the conference was an exhilarating experience that opened my eyes to a community I never knew existed,” said Computer Science junior Hasan Al-Jamaly. “More importantly, it’s a community I truly belong to and feel part of.” Other attendees also reinforced the importance of solidarity with other oSTEM participants as an integral part of their experience at the conference.

    Two UC San Diego faculty members accompanied the student delegation to Chicago: Computer Science and Engineering (CSE) professor Arun Kumar, and Mathematics professor Daniel Rogalski. UC San Diego faculty participation in the conference was made possible by campus units: CSE in the case of professor Kumar, and the Office of the Dean of Physical Sciences in the case of professor Rogalski.

    The new oSTEM chapter at UC San Diego also benefited from support provided by corporate sponsors Northrop Grumman, Boeing and Door of Clubs (a startup that matches college clubs with potential partners in industry). Funding from UC San Diego academic units came from the Jacobs School of Engineering, Division of Biological Sciences, and Division of Physical Sciences. Aid was also forthcoming from the national oSTEM organization.

    The conference featured an extensive span of corporate site tours, workshops, research presentations, networking opportunities, and a career and graduate student expo where oSTEM students could meet with potential future employers. In addition to sponsors Northrop Grumman and Boeing, organizations with booths this year included NASA, Raytheon, Google, Genentech, Accenture, Lockheed Martin, and the nonprofit Human Rights Campaign. A number of elite graduate programs also had booths, including Columbia Engineering, John Hopkins, Cornell Engineering, UC Berkeley, University of Michigan, New York University, Purdue, and Georgia Tech.

    Topics on the agenda ranged from “Ending Police Violence with Artificial Intelligence,” “An Introduction to Leadership: Motivating People to Believe and Achieve,” community breakouts featuring Queer/Pan/Ace/Middle Sexualities, Faith, Trans/Non-Binary, as well as panels such as “It’s Okay to Not Be Okay: Managing Your Mental Health,” and “Dear White People: Intersection of Race/Ethnicity & LGBTQIA Identity.”

    During the conference, oSTEM also organized a Chapter Leadership Summit to discuss the fundamentals of executive board management, an issue that pervades many student organizations. A major topic at this year’s summit was the open-mindedness necessary to run an infant organization, as well as effective planning and project management tools based on setting goals that are specific, measurable, attainable, relevant, and timely.

    Computer Science senior Sothyrak (Tee) Srey – current holder of the Center for Networked Systems (CNS) Alan Turing Memorial Scholarship at UCSD – participated in the summit. “This is our first official year and our first time attending the oSTEM National Conference, and I was really hoping to leave the conference with concrete ideas that I could implement as an officer,” said Srey, Secretary of the oSTEM chapter at UC San Diego. “After hearing from other chapters, I feel a sense of relief because of how well our chapter is doing so far. We typically draw about 30 people to oSTEM meetings at UC San Diego, which is roughly similar to the number of active participants at longer-established oSTEM chapters around the country. This shows that we are making an impact in LGBT visibility on campus.”

    According to CSE professor Arun Kumar, more UC San Diego LGBT+ faculty would benefit from establishing a community similar to the students’ oSTEM chapter on campus. “There was almost no other faculty from computer science at the national conference this year,” noted Kumar. “An organized network of LGBT+ faculty could promote useful community-building within academia.”

    Looking ahead to the 2018 8th oSTEMnational conference, which will take place in Texas, the UC San Diego chapter is planning to send more students and faculty than they did this year.

    Professors Kumar and Rogalski leveraged their presence at oSTEM 2017 to collect relevant information from staff and students from other schools with booths or other presence at the conference — information that could guide UC San Diego as it ramps up its presence at the 2018 conference. CSE’s Kumar believes UC San Diego should be able to join the ranks of graduate schools with booths at theoSTEM expo next year in Texas. A UC San Diego booth would particularly focus on recruiting future graduate students in STEM topics from among the ranks of oSTEM’s (mostly) undergraduate student delegates. (Assuming that support is forthcoming from graduate schools and divisions at UC San Diego, the oSTEM chapter would staff a booth to hand out graduate-school materials and represent the graduate divisions and schools to encourage greater diversity throughout UC San Diego.)

    “Overall, UC San Diego’s participation in its first oSTEM national conference was a great success,” added student Tee Srey. “It proved to be beneficial in enabling our oSTEM chapter’s ability to continue building community – and enabling our members to succeed.”

    The growing presence of UC San Diego at future oSTEM events reflects the greater awareness on campus of the need to attract and retain a diverse student body, especially in technology and the sciences. Last June a 2017 report by College Choice named UC San Diego the 9th best public university in the U.S. for LGBTQ students, and 19th among all public and private universities for LGBTQ students.

    7th Annual oSTEM National Conference 
    UC San Diego oSTEM Chapter on Facebook

  • CSE Professor Elevated to IEEE Fellow in Class of 2018
    CSE/CNS Professor Tajana Rosing has been elected a Fellow of the Institute of Electrical and Electronics Engineers (IEEE). She is one of five Jacobs School of Engineering faculty members elevated to be part of the IEEE Fellows class of 2018. (Others include ECE’s Massimo Franceschetti and David Whelan, as well as MAE’s Sonia Martinez and James Friend.)

    IEEE honored Rosing for her “contributions to power and reliability management of Systems-on-Chip.”

    CSE Professor Tajana Rosing

    In the past year, Rosing was named holder of the John J. and Susan M. Fratamico Endowed Chair in the Jacobs School of Engineering. She also became co-director of the Artificial Intelligence and Healthy Living Center (AIHL), a new joint center between UC San Diego and IBM Research.  The groundbreaking center promotes critical research and applications in two thematic areas: Healthy Aging (led by Rosing) and the Human Microbiome (led by CSE and Pediatrics professor Rob Knight), together with co-directors from IBM Research.

    Rosing leads the System Energy Efficiency Laboratory (SEELab) in CSE. The lab focuses on energy efficiency in all kinds of systems, from sensor nodes to smart cities. In addition to energy-efficient computing, her primary research interests include context-aware computing, human-cyber-physical system design, embedded systems hardware and software design, resource management at the system level, and the design of approximate and highly efficient architectures. In her current research, Rosing investigates efficient, distributed data collection, aggregation and processing of data in the context of smart cities, wireless healthcare, as well as Internet of Things applications.

    “Professor Rosing’s creativity and approach to research have had a deep impact on innovation in computer engineering,” said CSE chair Dean Tullsen. “Her elevation to be an IEEE Fellow is well-deserved in light of her many contributions to the field of energy efficiency in computing systems.”

    Rosing’s recent work builds on her use of information present in wireless systems to achieve more efficient system operation. She focuses on efficiently extracting knowledge about context from sensing observations of human behavior and needs as well as from stationary or mobile environmental sensing systems. Rosing has leveraged that knowledge to implement distributed control algorithms for large-scale Internet of Things applications underlying Smart Cities infrastructure. A recent example includes using drones to detect areas of higher air pollution collaboratively and dynamically, and to provide this feedback in real time in emergencies (e.g., forest fires), and in normal daily life (such as air pollution due to recent fertilization of nearby fields, or due to higher than normal and localized smog conditions).

    The computer engineer has also leveraged context to optimize the operation and design of embedded systems by maximizing energy efficiency in exchange for controllable and tolerable inaccuracies in computation. According to Rosing, this research has resulted in systems that are up to 1,000 times more energy efficient with less than a 10 percent error in computation. “These systems are especially applicable to many Internet of Things applications where the data sources themselves are not completely accurate,” said Rosing.

    Among other real-world impacts coming out of her research, Rosing cites a longer battery life for smartphones. “My work involves optimizing the battery life, communication and storage of portable electronic devices, including cell phones, laptops and sensors,” she said. “I also work on large systems… optimizing smart servers to maximize quality of service while minimizing power consumption. This research translates into significant energy savings.”

    Prior to joining the CSE faculty in 2005, Rosing was a full-time researcher at HP Labs, focusing on low-power wireless media and embedded systems. While at HP Labs in Palo Alto, she finished her M.S. and Ph.D. degrees at Stanford in 2000 and 2001, respectively.  Rosing’s doctoral dissertation topic was “Dynamic Management of Power Consumption.” Prior to HP Labs and Stanford, she worked as a senior design engineer at Altera Corporation.

    In addition to her primary faculty appointment in CSE, the computer-engineering professor is an adjunct professor in ECE and she is affiliated with the Contextual Robotics Institute, Qualcomm Institute and San Diego Supercomputer Center, as well as six other UC San Diego research centers focused on Networked Systems (CNS), Microbiome Innovation (CMI), Wearable Sensors (CWS), Energy Research (CER), Sustainable Power and Energy, and the newly-launched Center for Machine-Integrated Computing and Security (MICS).
  • Center for Networked Systems Member Elected ACM Fellow in Class of 2017
    Professor Geoffrey Voelker, ACM Fellow 2017

    A faculty member affiliated with the Center for Networked Systems (CNS), Computer Science and Engineering professor Geoffrey M. Voelker, is one of three UC San Diego faculty elected Fellows of the Association for Computing Machinery (ACM). ACM is the world’s largest educational and scientific computing society.

    Voelker was honored for “contributions to empirical measurement and analysis in systems, networking and security.”

    “Professor Voelker has been a pioneer in the field of computer systems and networking,” said CSE chair Dean Tullsen. “He richly deserves the honor of being elected by his peers to be Fellows of the ACM.”

    Elected ACM Fellows represent the top 1% of ACM members for outstanding accomplishments in computing and information technology. The induction of new ACM Fellows will take place on Saturday, June 23, 2018 in San Francisco at the annual ACM Awards Banquet.

    Other Jacobs School faculty elected ACM Fellows’ Class of 2017 along with Voelker. They included CSE graphics and vision expert Ravi Ramamoorthi, and ECE/CSE professor Alexander Vardy, an expert in error-correcting codes and information theory.

    The addition of Ramamoorthi, Vardy, and Voelker brings to 11 the number of ACM Fellows among active faculty in the CSE department. Prior honorees included Victor Vianu (2006), Pavel Pevzner (2010), Stefan Savage (2010), Dean Tullsen (2011), Andrew Kahng (2012), Yuanyuan Zhou (2013), Mihir Bellare (2013), and Rajesh Gupta (2016).

    Professor Voelker joined the CSE faculty at UC San Diego nearly 18 years ago, in January 2000. He did so after earning his Ph.D. in Computer Science and Engineering from the University of Washington the same year. Voelker completed his undergraduate degree at UC Berkeley in 1992, then moved to the University of Washington to get his M.S. (in 1995) and Ph.D.

    Professor Voelker’s primary research interests include computer systems research in operating systems, distributed systems, networking, as well as mobile and wireless computing. Among his recent projects in networking and security, Voelker has worked in areas ranging from wireless networks to machine virtualization, cloud storage and cybercrime.

    “My research is both experimental and empirical,” said Voelker. “As a result, a considerable amount of my work involves system and network measurement in addition to design, implementation and evaluation.” Exemplifying such work over his career, in 2017 Voelker accepted the Test of Time Award from the USENIX Security Conference, awarded for a landmark paper that won the conference’s Best Paper award 16 years earlier. The paper on “Inferring Internet Denial-of-Service Attacks” provided the only publicly available data quantifying DDoS activity on the Internet at the time.  (Pictured: Voelker accepting the Test of Time Award from Stanford’s Dan Boneh at USENIX Security 2017.)

    Voelker is a member of both the Systems and Networking research group in CSE, as well as the Security and Cryptography group. He is also affiliated with the Center for Networked Systems, Center for Wireless Communications, and Calit2’s Qualcomm Institute.

    Related Links

    ACM 
    ACM Fellows 
    Computer Science and Engineering

  • Cybersecurity Expert Accepts Test-of-Time Award for Introducing Return-Oriented Programming

    At the 24th ACM Conference on Computer and Communications Security (CCS 2017) in early November, University of California San Diego professor Hovav Shacham was recognized for a paper he presented 10 years earlier that introduced the field of “return-oriented programming.”

    The CCS Test-of-Time Award this year went to Shacham’s CCS 2007 paper for its lasting impact on security research and practice during the past decade. The CCS awards committee chose just one paper out of the 55 that appeared at CCS 2007, and Shacham was the sole author on that paper. Accordingly, the Computer Science professor is the only recipient of this year’s award.

    CSE professor Hovav Shacham (second from left) accepts CCS Test-of-Time Award from conference program chairs David Evans from the University of Virginia (far left), Columbia’s Tal Malkin, and
    Purdue’s Dongyan Xu (far right) at CCS 2017 in Dallas

    Applications running on a computer keep track of what task they are performing and what tasks they are to perform next in a region of memory called the stack. Programming errors in these applications often allow the stack to be overwritten, confusing the application and causing it to misbehave or crash. Worse, an attacker who carefully crafts malicious input can confuse the application into running code he injects. Fixing all bugs in all applications is a hopeless task, so systems designers have devised defenses that rule out such code-injection attacks, by distinguishing “good” application code from attacker-introduced code. Since attackers must inject new code to achieve their ends, the thinking goes, ruling out the introduction of new code rules out attacks.”

    Security researchers working in industry had developed techniques that allowed them to exploit buggy programs and cause them to undertake certain “bad” behavior even in the presence of defenses against code injection. Shacham’s paper* unified and generalized these exploit techniques under the rubric of what he jokingly called “return-oriented programming.” A return-oriented attack doesn’t introduce any new code. Instead, it makes use of short snippets of the original, “good” program’s code. The attacker combines these snippets in clever ways that allow him to synthesize any behavior he desires from them. “An analogy to return-oriented programming is a kidnapper who puts together a ransom note with letters cut from magazine headlines,” said Shacham. “With all 26 letters gathered (and a photocopier), he can compose any message he wishes.”

    Using return-oriented programming, the attacker puts together a set of building blocks from which he can synthesize any desired behavior. (Such a set is said to be “Turing-complete.”)

    Shacham’s techniques (and his jokey name for them) have stuck, both in academia and in industry. Shacham’s paper has been cited more than 900 times. Where his original work considered only Intel’s x86 family of processors, researchers have since extended Return-Oriented Programming (ROP) to other popular processors, including the ARM processors that power nearly all smartphones. A 2014 Microsoft report (see Microsoft Security Intelligence Report, Volume 16) found return-oriented techniques used in more than 90% of exploits targeting Microsoft products. Microsoft, Intel, and ARM have all announced new security mechanisms in their products specifically to mitigate the threat of return-oriented programming.

    CSE/CNS professor Hovav Shacham

    “The Test-of-Time Award is the most significant honor we bestow on a paper because it is not simply a reflection that a piece of research was strong and well-received, but that a decade later it has had significant impact on the field,” said CSE professor Stefan Savage, who directs the Center for Networked Systems (CNS), in which Shacham in a member. “Hovav’s work on Return-Oriented Programming is an exemplar for such awards, because with one paper he made us all revisit our assumptions about what makes systems secure and the questions he posed in that work are still vibrant today. Moreover, this impact has not only been in academia, but Hovav’s ideas have
    become a deep part of how real-world offense and defense is waged in computer security as well.”

    The 2017 conference took place in Dallas, TX, from October 30 to November 3. Shacham accepted the Test-of-Time Award during the conference’s banquet and awards ceremony on November 1. CCS is the flagship annual conference of the Special Interest Group on Security, Audit and Control (SIGSAC) of the Association for Computing Machinery (ACM).

    Shacham did much of his research on the award-winning paper while a postdoctoral researcher at Israel’s Weizmann Institute of Science in 2006 and 2007, but he completed and presented the paper at CCS after joining the UC San Diego faculty in fall 2007.

    That same year, he also participated in California’s “Top-to-Bottom” security review of the voting machines certified for use by the state’s then-Secretary of State, Debra Bowen. Shacham was part of the team reviewing Hart InterCivic source code, and the report he co-authored was cited by Bowen in her ultimate decision to withdraw approval for use of the Hart voting machines in California elections.

    Shacham earned his Ph.D. in computer science in 2005 from Stanford University. His doctoral dissertation was runner-up for the Computer Science Department’s Arthur L. Samuel Thesis Award.

    As an advisor, Shacham’s two most-recent Ph.D. graduates went to work at Google (Wilson Lian) in 2016 and Apple (Keaton Mowery) in 2015. In 2012, his student Stephen Checkoway joined Johns Hopkins University as a research professor, and more recently joined the faculty at the University of Illinois at Chicago.

    *Shacham, Hovav, “The Geometry of Innocent Flesh on the Bone: Return-into-libc Without Function Calls (on the x86).” In Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 552-561. ACM, 2007 DOI: 10.1145/1315245.1315313

    CCS 2007 Shacham Paper
    CCS 2017 Awards

  • Internet Society Honors CAIDA Director with Prestigious Service Award

    CSE faculty-affiliate and alumna Kimberly (KC) Claffy (M.S. ‘91, Ph.D. ‘94) is the 2017 recipient of the prestigious Jonathan B. Postel Service Award. The Internet Society – a global non-profit dedicated to ensuring the open development, evolution and use of the Internet – called Claffy a “visionary in the field of Internet research.”

    Claffy was selected by an international award committee comprised of former Postel Award winners. The committee places particular emphasis on candidates who have supported and enabled others in addition to their own contributions. In selecting Claffy for the honor, the committee cited her “pioneering work on Internet measurement through the development of infrastructure and methodologies for data collection, analysis, and sharing around the world.”

    The Internet Society presented the award, including a $20,000 honorarium and a crystal engraved globe, on November 10 at the 100th meeting of the Internet Engineering Task Force (IETF), held in Singapore all this week.

    Claffy is the director and founder (in 1997) of the Center for Applied Internet Data Analysis (CAIDA), and a resident research scientist in the San Diego Supercomputer Center (SDSC) where CAIDA is based. Claffy is also a member of the Center for Networked Systems (CNS).

    Internet Society awarded UC San Diego’s KC Claffy with Jonathan B.
    Postel Service Award for her “pioneering work on Internet measurement.” (Photo courtesy Stonehouse Photographic / Internet Society)

    Her research interests span Internet topology, routing, security, economics, future Internet architectures and policy. Notably, Claffy is a pioneer in the field of measuring and understanding the Internet, not only through her research contributions, but her commitment to establishing and operating infrastructure to support large-scale data collection, curation, and sharing within the scientific research community.

    Claffy was selected for the Postel Award by an international award committee comprised of former Postel Award winners. The committee placed particular emphasis on candidates who have supported and enabled others in addition to their own contributions.

    The first of Claffy’s many papers on Internet traffic measurement and analysis was published in 1992, years before the Internet transitioned to the global, private sector-led network it is today. Since then, she has published dozens of papers and received numerous grants and awards for her work. In 1997, Claffy founded CAIDA as a center to conduct network research and build research infrastructure to handle large-scale data for the scientific research community.

    “Simply put, Dr. Claffy’s long-standing and pioneering work has helped the global community better understand the Internet and how it is used,” explained Kathy Brown, President and CEO of the Internet Society, who presented the award. “In addition to leading the way in the field of Internet measurement and analysis itself, her dedication of resources to ensure widespread access to measurement data has allowed a range of disciplines -from network science and network operations to political science and public policy- to benefit from her efforts.”

    In a profile of Claffy issued at the time of the award announcement, the scientist told the Internet Society that she hopes the past few decades of Internet development are miniscule when compared to where we are going. “I want to make the world safe for Internet science,” Claffy said. “The American people need better data – to understand what the Internet is, how it’s connected, and how data is being used.”

    The Postel Award was established by the Internet Society to honor individuals or organizations that have made outstanding contributions to the data communications community. The award is focused on sustained and substantial technical contributions, service to the community, and leadership.

    Jonathan B. Postel Service Award
    Profile of KC Claffy
    CAIDA
    Kimberly Claffy Homepage

  • CSE Alumna Accept Major Award in Electronic Design Automation

    CSE alumna Ayse Coskun (Ph.D. ’09) is back in Southern California on Monday, November 13 accepting an award from the Council on Electronic Design Automation (CEDA).  The 2017 IEEE CEDA Ernest S. Kuh Early Career Award will be given to Coskun during the opening session in Irvine of the 36th International Conference on Computer Aided Design (ICCAD), the premier conference devoted to technical innovations in electronic design automation (EDA).

    The Awards Committee cited Coskun’s “sustained and outstanding contributions to energy-efficient system-level design, including temperature-aware design and management, 3D-stacked system design, and management of large-scale computing systems.”

    UC San Diego alumna Ayse Coskun (right) with her Boston University colleagues (r-l) professor Ata Turk and research scientist Manuel Egele. (Photo courtesy BU College of Engineering)

    “I am delighted to accept the Early Career Award,” said Coskun, who is now a professor in the Electrical and Computer Engineering Department at Boston University (BU). “I am particularly honored because the award is available to a large number of outstanding nominees from both industry and academia, so the competition must have been intense.”

    Coskun credits some of her success to her years at UC San Diego, where she worked in the System Energy Efficiency Lab (SEE Lab) led by her Ph.D. advisor, CSE Professor Tajana Simunic Rosing. “There is a direct line from my work with Prof. Rosing to my current research interests,” said Coskun. “I started my projects on proactive thermal management and 3D-stacked architectures while I was a Ph.D. student at UC San Diego.” Other current interests of Coskun include  modeling and optimizing systems with new technologies (e.g., systems with optical networks or co-design with cutting edge nanoscale cooling devices) and large-scale system analytics for cloud and HPC systems.

    The Early Career Award honors an individual who has made innovative and substantial technical contributions to the area of Electronic Design Automation in the early stages of his or her career. To qualify for consideration, candidates must be nominated no more than eight years after receiving their Ph.D. (or other terminal degree).

    2017 has been a year of honors for the CSE alumna. Earlier this year, Coskun and her group accepted the Gauss Award. The collaborative BU and Sandia Labs team led by Coskun took home the award (and 3,000 euros) for their research paper on “Diagnosing Performance Variations in HPC Applications Using Machine Learning” at the 2017 ISC High Performance Conference (ISC 2017) last June in Frankfurt, Germany.  This year Coskun also received a Dean’s Catalyst Award from BU – an award she also received in 2010 in her first year on the BU faculty.

    Coskun also received two key grants in the past six months. She is the principal investigator of an interdisciplinary project with colleagues from BU, Brown University, and MIT. They received a $700,000 NSF grant over the summer for research on advanced processor cooling methods (with roughly one-third of the funding research in Coskun’s lab). A co-PI on the same project and collaborator with Coskun is also a CSE alumnus, Sherief Reda (Ph.D. ’06).

    In the spring, Sandia National Laboratories awarded a $490,000 grant to Coskun and fellow BU professor Manuel Egele, They will use the funding to design automated analytics for improving efficiency and security of high-performance computing systems. Specifically, they aim to identify which data collected out of HPC systems would be useful for identifying performance characteristics, inefficiencies, and malicious behavior. Subsequently, Coskun and Egele will design automated methods to leverage these data to take runtime actions to improve efficiency and security.

    Professor Coskun’s past recognitions include an NSF CAREER Award in 2012, and in 2011, a Best Paper Award from the High Performance Embedded Computing (HPEC) Conference. Also in 2011, she was named a Junior Faculty Fellow at the Rafik B. Hariri Institute for Computing at BU. Coskun is currently an associate editor of the IEEE Transactions on Computer Aided Design.

    The CSE alumna is also looking to the future, notably March 2018 and the Design, Automation and Test in Europe conference (DATE 2018) in Dresden, Germany. Coskun is the Program Chair of this large pioneer conference in electronic design automation.

    Coskun’s Ph.D. advisor, CSE Professor Rosing, will also be attending ICCAD in Irvine, CA. She is scheduled to speak at the 10th IEEE/ACM Workshop on Variability, Modeling and Characterization (VMC 2017), co-located with ICCAD.

  • Alan Turing Memorial Scholarship Celebrates Diversity in Computer Science
    Computer Science and Engineering professors George Porter (left) and Stefan Savage (right) present Sothyrak Srey with the Alan Turing Memorial Scholarship.

    Sothyrak (Tee) Srey’s voice fills with excitement when he recalls the day he learned he had been awarded the Alan Turing Memorial Scholarship.

    “I woke up, saw the email, and couldn’t believe it,” he says. “I immediately called my mom. It was so exciting. I never thought I would be the one to earn such an award.”

    Originally from Cambodia, Srey enrolled at San Diego Mesa College before transferring to UC San Diego to study computer science. He describes his first year at the La Jolla campus as equally difficult and amazing. He lost confidence when he no longer maintained the 4.0 GPA that he held in community college, but was elated to land his first internship. Balancing work and classes was stressful, but he met new friends and colleagues who motivated him. Best of all, Srey found a community where he was able to just be himself.

    “In Cambodia, the LGBT community is not visible. I could not be ‘out,’” he says. “When I got to UC San Diego, I wanted to be part of creating a safe and supportive community. I joined oSTEM, an organization for LBGTQ students in STEM, which has been a really positive experience. I want to show students that their sexual identity shouldn’t prevent them from achieving their goals and being successful.”

    The Center for Networked Systems (CNS) at UC San Diego established the Alan Turing Memorial Scholarship in 2015 to encourage a more diverse community in computer science education and research. The award honors the memory of Alan Turing, the mathematician and cryptanalyst who founded the field of computer science. During World War II, he devised the techniques that led to breaking codes produced by Germany’s Enigma machine—a breakthrough credited with accelerating the Allied victory by more than a year. After the war, he was persecuted for being gay. He died by his own hand in 1954.

    “Alan Turing is a giant in the pantheon of computer science pioneers and his story is both tragic and inspirational,” said computer science professor George Porter, associate director of CNS. “Our center wants to engage, support and recognize diverse communities in line with UC San Diego’s strategic plan, and naming the scholarship after Turing affirms our belief in the importance and future contributions that LGBT-supportive students will make to computer science and engineering.”

    Srey is the second student to receive the scholarship. Last year, Valeria Gonzalez became the inaugural recipient. A third year transfer student majoring in computer engineering, Gonzalez says the award provided much more than financial support.

    Professors George Porter (left) and Stefan Savage (right) with Sothyrak Srey.

    “It was really impactful to receive an award that recognizes the presence of LGBTQ folks in STEM communities,” Gonzalez said. “Computer science draws people from all different backgrounds, and I think it’s so important to demonstrate inclusivity and be supportive of students, especially those whose identities are often challenged and invalidated. Having people with different backgrounds, talents and perspectives will only make our field stronger and provide folks an environment where they can reach their full potential.”

    Srey echoes this sentiment, and adds that the scholarship has given him greater confidence to pursue his goals. Ultimately, he wants to return to Cambodia and start a nonprofit that teaches underprivileged children to code. He also hopes to empower the LGBT community in Cambodia, building a safe space for LGBT youths.

    “It’s an honor to be recognized with an award named for Alan Turing. He had such a big impact on computer science and we can only imagine what more he would have contributed to the field had he not been persecuted for his identity,” said Srey. “The scholarship has motivated me to work even harder. I believe I can use my knowledge to really make an impact.”

    The Alan Turing Memorial Scholarship is open to undergraduates majoring in computer science or computer engineering who are active supporters of the LGBT community. The scholarship is awarded to students based on academic merit, with preference for students with demonstrated financial need.

    The Center for Networked Systems, an interdisciplinary computer science research center at UC San Diego, established the scholarship with gifts from the center’s annual giving fund. The center is now looking for additional philanthropic support to create an endowment, which would enable the scholarship to be awarded in perpetuity.

    For more information about supporting the Alan Turing Memorial Scholarship, call 858-534-8305 or email jduca@ucsd.edu; donations can also be made online.

    All gifts contribute to the Campaign for UC San Diego.

    Also posted here: Thisweek@ucsandiego  

     

  • CSE Ph.D. and Faculty Presence at USENIX Security Symposium 2017

    The 26th USENIX Security Symposium took place Aug. 16-18 in Vancouver, Canada, and security researchers in the CSE department were well represented on the conference program.  Ph.D. students Craig Disselkoen, David Kohlbrenner, Zhaomo Yang and Brian Johannesmeyer had papers on the program, together with CSE faculty including Leo Porter, Dean Tullsen, Hovav Shacham, Sorin Lerner and research scientist Kirill Levchenko.

    The three CSE papers on the program and abstracts for each are included below (with links to full papers):

    Prime+Abort: A Timer-Free High-Precision L3 Cache Attack Using Intel TSX, by Craig Disselkoen, David Kohlbrenner, Leo Porter, and Dean Tullsen.

    PRIME+ABORT access detection rates in control vs. treatment conditions based on data from over 100 trials at different victim access speeds. Source: Disselkoen, et al.

    Last-Level Cache (LLC) attacks typically exploit timing side channels in hardware, and thus rely heavily on timers for their operation. Many proposed defenses against such side-channel attacks capitalize on this reliance. This paper presents PRIME+ABORT, a new cache attack which bypasses these defenses by not depending on timers for its function. Instead of a timing side channel, PRIME+ABORT leverages the Intel TSX hardware widely available in both server- and consumer-grade processors. This work shows that PRIME+ABORT is not only invulnerable to important classes of defenses, it also outperforms state-of-the-art LLC PRIME+PROBE attacks in both accuracy and efficiency, having a maximum detection speed (in events per second) 3× higher than LLC PRIME+PROBE on Intel’s Skylake architecture while producing fewer false positives.

    On the Effectiveness of Mitigations against Floating-Point Timing Channels, by David Kohlbrenner and Hovav Shacham.

    Cross-origin SVG filter pixel stealing attack in Firefox_ reproduced by permission in Kohlbrenner, et al.

    The duration of floating-point instructions is a known timing side channel that has been used to break Same-Origin Policy (SOP) privacy on Mozilla Firefox and the Fuzz differentially private database. Several defenses have been proposed to mitigate these attacks. We present detailed benchmarking of floating-point performance for various operations based on operand values. We identify families of values that induce slow and fast paths beyond the classes (normal, subnormal, etc.) considered in previous work, and note that different processors exhibit different timing behavior. We evaluate the efficacy of the defenses deployed (or not) in Web browsers to floating-point side channel attacks on SVG filters. We find that Google Chrome, Mozilla Firefox, and Apple’s Safari have insufficiently addressed the floating-point side channel, and we present attacks for each that extract pixel data cross-origin on most platforms. We evaluate the vector-operation based defensive mechanism proposed at USENIX Security 2016 by Rane, Lin and Tiwari and find that it only reduces, it does not eliminate, the floating-point side channel signal. Together, these measurements and attacks cause us to conclude that floating point is simply too variable to use in a timing security-sensitive context.

    Dead Store Elimination (Still) Considered Harmful, by Zhaomo Yang, Brian Johannesmeyer, Sorin Lerner and Kirill Levchenko (and Aalborg University’s Anders Trier Olesen).

    Dead store elimination is a widely used compiler optimization that reduces code size and improves performance. However, it can also remove seemingly useless memory writes that the programmer intended to clear sensitive data after its last use. Security-savvy developers have long been aware of this phenomenon and have devised ways to prevent the compiler from eliminating these data scrubbing operations.
    In this paper, we survey the set of techniques found in the wild that are intended to prevent data-scrubbing operations from being removed during dead store elimination. We evaluated the effectiveness and availability of each technique and found that some fail to protect data-scrubbing writes. We also examined eleven open source security projects to determine whether their specific memory scrubbing function was effective and whether it was used consistently. We found four of the eleven projects using flawed scrubbing techniques that may fail to scrub sensitive data and an additional four projects not using their scrubbing function consistently. We address the problem of dead store elimination removing scrubbing operations with a compiler-based approach by adding a new option to an LLVM-based compiler that retains scrubbing operations. We also synthesized existing techniques to develop a best-of-breed scrubbing function and are making it available to developers.

    CSE professor Deian Stefan was also at USENIX Security. He chaired a session on “Side-Channel Countermeasures” on the first day of the conference.

    USENIX Security Symposium 2017

  • Computer Scientists Develop Automated Tools to Uncover Advertising by Human Traffickers

    Organizers of the 23rd ACM Special Interest Group on Knowledge Discovery and Data Mining (SIGKDD) just wrapped up their five-day annual conference, which ended on August 17 in Halifax, Nova Scotia, Canada. One of the highest-profile presentations was a paper with co-authors from UC Berkeley, UC San Diego and New York University, in which they outlined automated approaches to detecting human traffickers based on analysis of their online classified sex advertisements.

    First-author Rebecca Portnoff of UC Berkeley and co-author Danny Huang from UC San Diego

    At KDD 2017, first-author UC Berkeley Ph.D. student Rebecca S. Portnoff presented the paper, “Backpage and Bitcoin: Uncovering Human Trafficking,” which is partly based on her Ph.D. dissertation. Her co-authors include UC San Diego computer-science Ph.D. candidate Danny Yuxing Huang, who is getting ready to defend his doctoral dissertation on Bitcoin and “Using Crypto-Currencies to Track Cyber-Attacks, Speculative Investors and Human Traffickers.” Their co-authors include NYU professor Damon McCoy (a former postdoctoral researcher in the CSE department at UC San Diego) and his Ph.D. student Periwinkle Doerfler, as well as research scientist Sadia Afroz at the International Computer Science Institute.

    The computer scientists argue that the sheer quantity of online classified sex advertising used by human traffickers “makes manual exploration and analysis unscalable,” especially with thousands of new ads posted daily. It’s also difficult to separate ads for independent sex workers from ads for a victim of sex trafficking.  The paper notes that “almost no work has been done in building tools that can automatically process and classify these ads.” So the team focused on developing and demonstrating automatic techniques for clustering sex ads by owner (on the assumption that individual ads for a single sex worker would be less likely to be placed by a trafficker, whose ads more often offer the services of multiple sex workers).

    Linking advertisements to Bitcoin transactions (from KDD 2017 paper on “Backpage and Bitcoin: Uncovering Human Traffickers”)

    Over a four-week period, the researchers carried out a study using a single sex-ad website, called Backpage, to demonstrate a proof of concept for automated approaches and how they can be used to find human traffickers. (After the research was done, Backpage discontinued its adult advertising section, though not the ads, which now appear in multiple sections of the website.)

    One technique was a machine-learning classifier algorithm using stylometry (the analysis of an individual’s writing style to identify authorship) to distinguish between ads posted by the same vs. different authors – with a 96 percent rate of accuracy. They also designed a linking technique that uses publicly available information from the Bitcoin mempool and blockchain in order to determine the timestamp indicating that payment for a sex ad was made to the timestamp of ads appearing in Backpage. If multiple ads linked to a single Bitcoin wallet, there is a strong likelihood that human trafficking might be involved.

    Using a sampling of 10,000 real adult ads from Backpage over four weeks, the researchers reported an 89 percent “true-positive” rate for grouping ads by author based on their automated author-identification techniques. The team also reported a high rate of success in linking ads they placed themselves to the corresponding transactions in the Bitcoin blockchain.

    Taken together, the automated techniques are believed to be the first to identify adult ads tied to human-trafficking rings by linking the ads to public information from Bitcoin. Said former UC San Diego postdoc Damon McCoy: “There are hundreds of thousands of these ads placed every year, and any technique that can surface commonalities between ads and potentially shed light on the owners is a big boost for those working to curb exploitation.”
    Ultimately, the study didn’t prove that the ads believed to be placed by human traffickers were actually tied to trafficking. Only law enforcement can pursue that linkage, but now they have some new automated tools to point investigators in specific directions.

     

  • Computer Security Experts Honored for Research that Stands the Test of Time

    Denial of service attacks (DoS) have crippled even the likes of Google and Amazon in recent years, topping at a reported 1.1 terabits per second in 2016. But they were a relatively unexplored phenomenon in the year 2000, when three computer scientists from the University of California San Diego set out to find out how prevalent they were.

    CSE professor Geoffrey Voelker (right) accepts the 2017 Test of Time Award at USENIX Security in Vancouver on behalf of Stefan Savage, David Moore and himself.

    Their research and resulting academic paper won the Best Paper award when it was presented at the 10th USENIX Security Symposium in 2001. At the time, the study provided the only publicly available data quantifying DoS activity on the Internet. Now, 16 years later, that same paper – “Inferring Internet Denial-of-Service Activity” – has received the 2017 USENIX Security Test of Time Award.

    The award was announced today at the opening session of USENIX Security 2017 in Vancouver, Canada. UC San Diego Computer Science and Engineering (CSE) professor Geoffrey M. Voelker accepted the award on behalf of his co-authors, fellow CSE professor Stefan Savage, and their former Ph.D. student David Moore (C.Phil. ’05), who went on to track Internet activity as a project scientist at CAIDA, the Center for Applied Internet Data Analysis.  Moore has worked at Google since 2012.

    “Test of Time awards are important because they single out research that has a lasting impact despite the rapid change we’ve witnessed in the computing field,” said Dean Tullsen, chair of the CSE department at UC San Diego. “Stefan Savage and Geoff Voelker have done continuously groundbreaking work in cybersecurity for almost two decades, and this award underscores the department’s well-deserved reputation for innovation in areas including security as well as systems and networking.”

    Formerly at CAIDA  David Moore (now at Google)

     

    The Test of Time award recognizes outstanding work in security research that has had a lasting impact on the community. To qualify, a paper must have been presented at a USENIX conference at least 10 years earlier.

    Denial-of-service attacks disable servers linked to the Internet by overloading them with messages, which usually contain false source addresses (“spoofing”) to conceal the location of the attacker. The UC San Diego researchers used key features of those forged signatures to detect and track the attacks. The study found that some attacks flooded their targets with “instantaneous loads” peaking at 600,000 message packets per second – crippling the infrastructure.

    “Quantifying the problem was always meant to be the first step toward stopping or at least curbing attacks of this kind,” recalled UC San Diego’s Savage, who co-directs the Center for Networked Systems (CNS) at UC San Diego. “Our 2001 study helped network engineers understand the nature of recent attacks and to study long-term trends and recurring patterns of attacks.”  On Thursday, Savage will appear on a panel to discuss distributed denial-of-service attacks.

    CSE faculty recipients of the Test of Time
    Award: Stefan Savage (left) and Geoffrey Voelker

    In the 2001 paper, the co-authors also developed a novel technique to cut through the clutter of Internet data. Called “backscatter analysis,” the technique involves observing packets from machines that fall victim to DoS attacks by sending responses to the forged IP addresses. By observing these backscatter packets at a statistically significant portion of IP addresses, backscatter analysis can quantify the scope of a DoS attack.

    For their study, Moore, Voelker and Savage looked at three week-long datasets in February 2001 to assess the number, duration and focus of attacks, and to characterize their behavior. In the space of one week, they observed more than 12,000 attacks against more than 5,000 distinct targets, ranging from well-known e-commerce companies such as Amazon, to small foreign Internet Service Providers (ISPs) and – remember, this is 16 years ago – dial-up connections. “At the time,” said Voelker, “our work was the only publically available data quantifying denial-of-service activity in the Internet.”

    The technique produced an estimate of worldwide malicious DoS activity – with approximately 4,000 sites experiencing DoS attacks weekly (as of 2000), and over 12,000 attacks over three weeks.

    Experimental backscatter collection platform from the 2001 paper honored at USENIX Security

    The 2001 study also was among the first to use the quantitative data to characterize the victims of DoS attacks, which seem almost quaint in retrospect. “Only five percent of attacks targeted infrastructure such as routers and name servers,” explained Voelker. “There were a few very large attacks against broadband, and up to 20 percent of attacks were targeted at home machines – evidence that minor DoS attacks were used for personal vendettas.”

    The CSE department at UC San Diego is no stranger to winning Test of Time awards handed out by USENIX at a few of its major conferences.  Already in 2017, CSE professor George Porter shared in the Test of Time award at the USENIX Symposium on Networked Systems Design and Implementation (NSDI) for “X-Trace: A Pervasive Network Tracing Framework”, originally published at NSDI 2007. And in 2016, former CSE professor Amin Vahdat and his co-authors received the NSDI Test of Time award for a paper presented at NSDI 2006.

    The 26th USENIX Security Symposium takes place Aug. 16 to 18 in Vancouver, Canada. UC San Diego’s CSE department is well represented on the conference program. Faculty including Leo Porter, Dean Tullsen, Hovav Shacham, Sorin Lerner and research scientist Kirill Levchenko have papers on the program:

    CSE professor Deian Stefan will chair a session on “Side-Channel Countermeasures” on the first day of the conference.

    Related Links

    2001 Paper: Inferring Internet Denial-of-Service Activity 
    USENIX Security Symposium 2017

     

     

     

  • CSE-Trained Expert on Program Verification Featured in Communications of the ACM

    CSE alumnus Zachary Tatlock (Ph.D. ’14) is now a professor of computer science at the University of Washington. In an article about “hacker-proof coding” in the August issue of Communications of the ACM, the publication notes that as Tatlock was finishing up his dissertation at UC San Diego, the then-Ph.D. candidate gave a talk at UW about his thesis research on program verification (under his advisor, Sorin Lerner). The lead engineer for the UW medical center’s radiotherapy team was in the audience and asked Tatlock how they could apply verification to that system.

    CSE/CNS alumnus Zachary Tatlock is now a professor at the University of Washington.

    Recalling the event three years later, Tatlock reckons that the question “probably helped me get hired.” He joined UW shortly after and has continued to work with the medical center. In the case of the radiotherapy system, he noted that because the system was written in a variety of languages, different techniques had to be deployed to verify the software in its entirety.

    According to Esther Shein, who wrote the CACM article, “The system has about a dozen components, each with different levels of criticality.” She quotes Tatlock saying that “software for logging an event, for example, is not as critical as software that verifies the beam power has not become too high. What we want to be able to do is ensure the reliability of all pieces. We want to make sure there are no bugs that can affect the parts that are critical.”

    The medical center wanted to prevent software errors that might prove fatal, given that the radiotherapy system “shoots high-powered radiation beams into the heads of patients to treat cancers of the tongue and esophagus,” writes Shein. To check its heaviest-duty components, the medical center uses DeepSpec principles, which are costly and time-consuming because they require highly-trained technicians to prove they’re functioning correctly.

    To assess less-critical parts of the system, the medical center uses “lighter-weight, less powerful techniques to ensure the correctness,” said Tatlock. “So the guarantees for those parts aren’t as strong, but it’s a better engineering trade-off.”

    The CACM article goes on to note that Tatlock and colleagues have built a suite of tools the engineers use in their regular development process. “They include a checker that allows them to formally describe the entire radiotherapy system to a computer and ensure the key components are individually correct. The researchers are now working on building verified replacements for those parts of the system.” The system is also checked daily. “We want to make sure the code written by the engineers on that team will correctly turn off the beam if anything goes wrong,” Tatlock told the publication. “The work is similar to DeepSpec’s; it just emphasizes a different degree of automation.”

  • With Help from UC San Diego Grad Student, Google Estimates $25 Million in Ransomware Payouts

    $25,253,505. That is the best estimate to date of how much money was paid by victims of ransomware attacks in the past two years in order to unlock their computer disks and get their data back. As a result, ransomware – malware  that encrypts victims’ data and demands a payoff in exchange for the key to unlock the data – “has become one of the largest cybercrime revenue sources,” according to Google presenters at Black Hat USA 2017 conference in Las Vegas this week.

    Participants in the study on “Tracking Ransomware End to End” included researchers from UC San Diego, New York University (NYU), and the blockchain analysis firm Chainalysis. (Blockchain is the public, decentralized ledger of transactions in Bitcoin, the cryptocurrency most widely used to settle ransomware demands.)

    Rather than produce an academic paper first, the team opted to make a splash at the conference with a presentation to get the word out. The presenter: Google’s Kylie McRoberts.  Now in its 20th year, Black Hat is the world’s leading information security event series.

    CSE Ph.D. candidate Danny Yuxing Huang

    The UC San Diego participant in the study, Computer Science and Engineering (CSE) Ph.D. candidate Danny Yuxing Huang, is also affiliated with the Center for Networked Systems (CNS). “We study the economics of operating ransomware: from maintaining infrastructure, generating revenue, to getting victims to pay,” noted Huang, adding that “our goals are to understand the business model of ransomware, and estimate their revenue and potential profitability.”

    Huang tracked bitcoins that moved from potential victims to ransomware, and from ransomware to exchanges (as possible liquidation). “By masquerading as a part of the ransomware infrastructure,” explained Huang, “I also gathered statistics on infected computers, such as the number of infections over time, and the geographical distribution of infected machines.”

    Former CSE postdoc Damon McCoy, now a professor at NYU, participated in the study.

     

    Google’s other university collaborator was Damon McCoy, a former postdoctoral scientist in CSE at UC San Diego from 2009 to 2011, who is now an assistant professor of computer science in NYU’s Tandon School of Engineering.

    Together, the researchers investigated 300,000 files from 34 different types of ransomware and tracked payments on the blockchain to analyze the scale and the amount of money paid by victims.

    In the presentation, Google’s McRoberts reported that search queries for the term “ransomware” have increased by 877 percent since 2016, the first year when ransomware became a multi-million-dollar business (see chart).

    In 2016 ransomware became a multi-million-dollar
    business

    Of the $25 million in payments by Internet users to get their data back, some ransomware attacks generated more revenue than others. Only a fraction of the total was paid by victims of the widely publicized WannaCry ransomware in 2017, despite – or because of – the extensive damage it caused.  Developed originally by the U.S. National Security Agency (NSA), WannaCry crippled hospitals (including Britain’s National Health Service), communications providers and some 10,000 other organizations as well as an estimated 200,000 individuals in more than 150 countries.  Even so, payouts in response to WannaCry topped out at $140,000 – making it only the 11th-largest ransomware to date in terms of victim payouts. The Google presenter dubbed WannaCry an “impostor,” saying it should really be classified as “wipeware.” The study found that victims learned early on that the malware effectively wiped out the data because the software was unable to later unlock the victim’s computer even if the ransom was paid. The study noted that a variant on WannaCry called NotPetya was also wipeware, for the same reason, but also concluded that “wipeware pretending to be ransomware is on the rise.”

    Less publicized ransom demands launched in 2016, on the other hand, generated far more income for the attackers than WannaCry, notably the Locky ($7.8 million to date) and Cerber ($6.9 million) ransomware attacks.

    Locky was the first ransomware to make over $1 million

    Locky was the first ransomware to make over $1 million per month. It has largely run its course, but left its mark on the criminal marketplace because it brought “ransoms to the masses”, according to the presentation at Blackhat USA. “Locky’s big advantage was the decoupling of the people who maintain the ransomware from the people who are infecting machines,” said NYU professor McCoy. “Locky just focused on building the malware and support infrastructure. Then they had other botnets spread and distribute the malware, which were much better at that end of the business.”

    The same botnet that distributed Locky now also distributes Cerber and other ransomware built on Locky’s model. Cerber continues to rake in roughly $200,000 a month in ransom, as it has for more than a year, buoyed by its creation of an affiliate model that is “taking the world by storm,” noted Google.

    According to the study, victims of all ransomware paid ransom by purchasing Bitcoins on at least 10 exchanges. The single largest market, LocalBitcoins.com, had 37% of the market in the two-year period.

    The $25 million number in the new study reflects total ransomware payouts by victims. It is unclear, however, how much of the money made it back to the original authors of that ransomware.

    UC San Diego contributor Danny Huang is nearing completion of his Ph.D. under advisors Alex Snoeren and research scientist Kirill Levchenko. He is scheduled to mount the final defense of his dissertation at the end of August.

    Related Links

    UC San Diego Economics of Ransomware Website 
    Presentation: Tracking Desktop Ransomware Payments (PDF)

  • CSE Graduate Students in Center for Networked Systems End Academic Year with Ph.D. Degrees and New Jobs

    As of early July, 15 Computer Science and Engineering (CSE) Ph.D. candidates affiliated with the Center for Networked Systems (CNS) have graduated or are expected to graduate in the academic year from October 2016 through September 2017. Unlike last year, when half the Ph.D. graduates went to work for Google, there is much more variety in their waiting employers this year. Here’s a recap of this year’s CNS graduating Ph.D. class (in reverse chronological order), starting with three students tentatively scheduled to defend their doctoral dissertations between now and the end of August as members of the Ph.D. “Class of ’17”.

    CNS Graduate Students 2017
    l-r, top: Yuxing (Danny) Huang, Tianyin Xu, Eric Seidel, Panagiotis Vekris, and Yanqin Jin
    l-r, middle: Yashar Asgarieh, Alan Leung, Xinxin Jin, Daniel Ricketts, and Michael Wei
    l-r, bottom: Pietro Mercati , Yang (Robert) Liu, Meenakshi Sundaram Bhaskaran, Niki Vazou, Ming Woo-Kawaguchi

    Yuxing (Danny) Huang (Ph.D. ’17) is interviewing for postdoc positions as he puts finishing touches to his dissertation. His final defense is scheduled for August 31 before his co-advisors Alex Snoeren and Kirill Levchenko, who co-chair his faculty committee. Huang uses economics to study malicious behaviors on the Internet, including the economics of a wide variety of ransomware to better understand victims and how many of them pay in response to ransom demands. Huang received his B.A. in Computer Science from Williams College in 2011, the same year he enrolled in the Ph.D. program at UC San Diego. He did back-to-back summer internships at Google in 2014 and 2015.

    On August 28, Tianyin Xu (Ph.D. ’17) will defend his dissertation on hardening cloud and datacenter systems against configuration errors, but he already has a great job lined up. He will become an assistant professor of Computer Science next January at the University of Illinois at Urbana-Champaign (UIUC), where he accepted a tenure=track appointment pending completion of his Ph.D. Xu’s advisor, YY Zhou, taught at UIUC for seven years before joining the UC San Diego faculty (and CNS) in 2009. For his part, Xu’s research focuses on the reliability and security of computer systems, and in particular, large-scale software systems deployed in the cloud and in datacenters. In 2017 Xu received CSE’s Doctoral Award for Research, and last November he received the Jay Lepreau Best Paper Award at the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2016) for his paper on “Early Detection of Configuration Errors to Reduce Failure Damage.” In 2013 and 2016, Xu presented at CNS Research Reviews, and he did summer internships in 2013 and 2015 at former CNS member company NetApp.

    This fall, Eric Seidel (M.S., Ph.D. ’16, ’17) will join Bloomberg LP in New York after defending his Ph.D. dissertation on August 2. His research interests include programming languages, data and ubiquitous computing. As a graduate research assistant in the lab of his advisor Ranjit Jhala, Seidel built a tool to synthesize counter-examples to type errors. The tool performs type-checking along with execution, and produces trace demonstrating of how a program gets stuck. Seidel also worked on a refinement type-based verifier for Haskell. Together with Jhala and recent CNS and CSE alumna Niki Vazou, Seidel implemented an efficient testing framework using refinement types to prune the input search space. Seidel received a B.S. in Computer Science from the City College of New York in 2012.

    In addition to the three Ph.D. candidates preparing for their all-important dissertation defenses in August, 12 other researchers in CNS-affiliated labs have already completed and defended their dissertations as of July for the 2016-2017 academic year.

    Panagiotis Vekris (M.S., Ph.D. ’14, ’17) is joining Facebook after completing his final defense on July 7 of his Ph.D. dissertation on “Precise Type Checking for JavaScript.” His doctoral committee includes three CNS faculty members (advisor Ranjit Jhala as well as Sorin Lerner and Yannis Papakonstantinou). Vekris arrived at UC San Diego in 2011 from Greece, where he did his undergraduate degree at the National Technical University of Athens. In graduate school, he focused on programming languages, program analysis as well as verification and type systems. With JavaScript’s rapid growth and presence as one of the main technologies powering the Internet, testing is a valuable ally, but it falls short with respect to program coverage and formal correctness guarantees. In his thesis, Vekris proposes static type-based analysis. “Our goals are early bug detection, code intelligence for editors, and verifying specifications,” explains Vekris.

    Yanqin Jin (Ph.D. ’17) worked in the Non-Volatile Systems Laboratory under his advisor, Steven Swanson. His research interests include storage system design and implementation with modern storage technologies, as well as database and filesystem optimization for modern storage devices (including solid-state drives). Jin’s dissertation focused on “Modernizing Storage Device Interface for Performance and Reliability,” and his faculty committee was co-chaired by Swanson and co-advisor Yannis Papakonstantinou. His advisors also co-authored (with Jin as first author) a paper on key-addressable multi-log solid-state drives (KAML), which he presented at the 2017 IEEE Symposium on High Performance Computer Architecture (HPCA 2017). Early in graduate school, Jin did three summer internships with leading technology companies: Twitter (2012), Oracle (2011) and Microsoft (2010). The Microsoft internship took place in Beijing immediately Jin completed his undergraduate degree at China’s Tsinghua University.

    Yashar Asgarieh (Ph.D. ’17) now works at NVIDIA after completing his Ph.D. under advisor Bill Lin. His dissertation explored “Making the On-Chip World Smaller with Low-Latency On-Chip Networks”. With the proliferation of cores since the first dual-core processor, embedded multi-cores today can have over 100 cores. Asgarieh focused on how to improve on the state-of-the-art shared Network on Chip (NoC) as the best way to connect cores. His solution: to “make the on-chip world appear smaller by providing extremely low-latency networks that can make faraway resources appear much closer.” While in grad school, Asgarieh did summer internships at Facebook and the Embedded Systems Lab at EPFL in Lausanne, Switzerland. Asgarieh did his undergraduate degree and M.Sc. in Computer Engineering at the Iran University of Science and Technology and Sharif University of Technology, respectively.

    Alan Leung (M.S., Ph.D. ’13, ’17) developed novel algorithms and implementations in the areas of compiler design, program analysis, program verification and program synthesis. Under advisor Sorin Lerner, Leung successfully defended his dissertation on “Constructing Parsers by Example via Interactive Program Synthesis.” In his thesis, Leung argued that “it is possible to make parsing more accessible by combining interactive visual feedback with the programming-by-example paradigm.” Prior to UC San Diego, Leung spent five years as a microprocessor design engineer at Intel, where he designed cache memory systems for two generations of Itanium microprocessors that successfully went to market. Leung did his undergraduate degree at Cornell University.

    Xinxin Jin (Ph.D. ‘17) is working for Whova, the event-app startup founded by her advisor, YY Zhou, who also ran the Opera operating systems lab where Jin did research in software / hardware reliability, operating systems and mobile computing. Jin wrote her dissertation on “Tooling and Language Support for Robust and Easy Network Programming of Mobile Applications.” “I build infrastructure and mobile apps to make them run reliably and faster,” says Jin. “My mission is to revolutionize event networking and management via technology.” Jin likes the atmosphere and size of a startup, so instead of applying for a faculty position, she opted to stay with Whova. She could also have applied to a large technology company (like Microsoft, where she did a summer internship in 2015), but according to advisor YY Zhou, “Xinxin feels more comfortable in an entrepreneurial environment.” Prior to arriving at UC San Diego in 2011, Jin completed her M.S. from Peking University in 2011 and a B.S. from the Beijing University of Posts and Telecommunications in 2008.

    In February, Daniel Ricketts (Ph.D. ’17) defended his dissertation on “Verification of Sampled-Data Systems using Coq” (a proof assistant). His advisor, Sorin Lerner, chaired the dissertation committee, which included fellow CNS member Ranjit Jhala. Following completion of his Ph.D., Ricketts joined Oracle as a software engineer in the greater Seattle area. His goal: to apply formal verification to practical problems in industry. At UC San Diego Ricketts did research on formal verification of cyber-physical systems using the Coq proof assistant. As a graduate student, Ricketts worked on the VeriDrone project, which involved a formal verification process to ensure safety of quadcopter software.

    Michael Wei (M.S., Ph.D. ’12, ’17) is now a postdoctoral researcher at VMware, where he previously did an internship during graduate school. Wei is a past recipient of NSF Graduate Research Fellowships (in 2011 and 2012) and he pursued research in embedded systems, non-volatile systems, computer architecture, security, and energy. Prior to completing his Ph.D, Wei worked on reliably erasing solid-state disks (SSDs) under his advisor, Steven Swanson. In his dissertation on “Corfu: A Platform for Scalable Consistency,” Wei made the case for why the proposed Corfu platform simplifies development without sacrificing performance. “Consistency and scalability are often seen to be at odds with one another,” explained Wei, “and many popular data stores have traded consistency for scalability as part of a movement known as NoSQL… [which] makes writing reliable, feature-rich distributed applications much more difficult.” In addition to Swanson, Wei’s Ph.D. committee included other CNS member faculty, including George Porter, Alex Snoeren, and Geoffrey Voelker.

    Pietro Mercati (Ph.D. ’17) is now a research scientist at Intel Corp. He completed his Ph.D. under advisor Tajana Rosing, with a dissertation on “Power, Thermal, Reliability and Variability Management of Mobile Devices.” In it, Mercati proposed the design and implementation of a novel unified framework for the comprehensive dynamic management of power, temperature reliability and variability in mobile systems subject to user experience requirements. As Mercati outlined in his thesis, the proposed strategy meets user experience requirements while extending battery lifetimes by at least 25 percent and achieving up to 35 percent savings in power consumption at the device level (and up to 100 percent improved performance on cluster architectures). Mercati completed his Master’s and Bachelor’s degrees at the University of Bologna (Italy) prior to arriving at UC San Diego in 2013.

    Yang (Robert) Liu (Ph.D. ’17) is a principal engineer for R&D engineering at Western Digital. He did his dissertation on “Systems and Algorithm Support for Efficient Heterogeneous Computing with GPUs” under advisor Steven Swanson. Liu worked for Swanson in the Non-Volatile Systems Laboratory (NVSL). Liu’s research explored the design space in next-generation storage systems, while rethinking the interface between software and hardware in computer systems (e.g., improving the performance of the MapReduce framework by applying new hardware and better scheduling). Liu also worked previously with CNS member YY Zhou on software reliability, and did a summer internship at Broadcom. Prior to UC San Diego, he earned his B.S. and M.S. degrees from China’s Beihang University and Tsinghua University, respectively.

    Of all the Ph.D. graduates affiliated with CNS this year, only three completed their dissertation defense and other requirements by the end of December, thus allowing them to put 2016 as their graduating year on their CVs. They included:

    Meenakshi Sundaram Bhaskaran (M.S., Ph.D. ’12, ’16) also worked in NVSL under his advisor, Steven Swanson. He completed the degree in Computer Engineering in December 2016 with a dissertation on “Micro-Architecture and Systems Support for Emerging Non-Volatile Memories.” In it, Bhaskaran proposed “Non-Blocking Load (NBLD), an instruction set extension to mitigate pipeline stalls from long-latency memory accesses… NBLD triggers the execution of application-specific code once data is resident in the cache, effectively hiding the latency of memory.” Prior to UC San Diego, Bhaskaran was an engineer at SanDisk India in Bangalore, after completing his undergraduate degree at Anna University (also in India).

    Niki Vazou (Ph.D. ’16) is now a postdoctoral fellow at the University of Maryland in the Programming Language group after completing her Ph.D. last December. Her research continues to focus on designing usable program verifiers that can be integrated into standard software development. Her dissertation under advisor Ranjit Jhala, “Liquid Haskell: Haskell as a Theorem Prover”, drew on expertise in static program verification, type systems, type inference, abstract interpretation, functional programming, Haskell, Liquid Types and more. In it, Vazou presented LiquidHaskell, a usable, static formal verifier for Haskell programs, which she used to verify more than 10,000 lines of real-world Haskell programs. As Vazou noted in her abstract, “LiquidHaskell serves as a prototype verifier in a future where formal techniques will be used to facilitate, instead of hinder, software development.” In 2015 Vazou received the CSE Graduate Award for Research. The previous year, she won a Microsoft Graduate Research Fellowship (after doing two internships at Microsoft Research facilities in Washington State and at Cambridge in Britain). In 2016 Vazou did a summer internship at Awake Networks in Mountain View, CA, where she used LiquidHaskell to verify correctness on Awake’s production code base.

    Ming Woo-Kawaguchi (B.S., M.S., Ph.D. ’05, ’08, ‘16) is a postdoctoral research fellow at Harvard University. He completed his Ph.D. in late 2016 after having done most of his work as a graduate student researcher in the Programming Systems group in CSE from 2005 to 2012. From 2014 to 2016 Woo-Kawaguchi was on the technical staff of the Draper Laboratory near Boston before he decided to complete his Ph.D. Under advisor Ranjit Jhala, Woo-Kawaguchi did his dissertation on “High-Level Liquid Types ,” in which he proposed “several augmentations of the Liquid Types method of automatic program verification for uniformly describing high-level specifications and for verifying that source doe is correct with respect to such specifications.” In addition to Jhala, two other CNS members – Sorin Lerner and Geoffrey Voelker – sat on the five-person committee that quizzed Woo-Kawaguchi in his belated but final defense of his dissertation last October.

    Related Links

    CNS Graduating Students in 2015-2016

  • CNS Awards Travel Grants to Two Graduate Students in Computer Science

    For female students in particular, attending the annual Grace Hopper Celebration of Women in Computing can be a critical launching pad for careers in computer science in either academia or private industry. For that reason, UC San Diego’s Center for Networked Systems (CNS) provides funding each year to help defray the cost of attending the Grace Hopper Celebration for one or two deserving women who represent the next generation of female computer scientists who want to play leadership roles in helping other women make it in computer science.

    (L-r) Ariana Mirian and Stephanie Chen 2017 Award Recipients

    Looking ahead to the 2017 conference Oct. 4-6 in Orlando, FL, CNS has picked two deserving students to receive this year’s CNS Grace Hopper Travel Grants. Both Ariana Mirian and Stephanie Chen are graduate students: Chen is working on her M.S. in Computer Science with a focus on Machine Learning, and Mirian is a Ph.D. student co-advised by CNS Director Stefan Savage and CSE Professor Geoffrey Voelker.

    Ariana Mirian is the incoming president of the Graduate Women in Computing (GradWiC) group at UC San Diego for the 2017-2018 academic year (taking over as president from Ailie Fraser). She also received an award for Contributions to Diversity, which she accepted recently at the CSE Departmental Awards Ceremony. Mirian is going into her second year of the Ph.D. program, with research interests in security and privacy, notably at the intersection of empirically-based measurement and usable security. In addition to CNS, she is also affiliated with the Center for Evidence-based Security Research (led by her advisor Stefan Savage) as well as the Systems and Networking group and the Crypto and Security group. Mirian completed her undergraduate degree in computer science at the University of Michigan.

    Stephanie Chen is the outgoing Vice President of GradWiC. During the spring quarter, Stephanie Chen was head teaching assistant for Professor Bill Griswold’s course on Software Engineering (CSE 110). This summer she is doing a software engineering internship at Intuit in San Diego, where she serves as a back-end developer on Intuit’s Data Science Decision Engine team. Last summer, Chen interned at SPAWAR Systems Center, also in San Diego. She completed B.A. (Environmental Economics) and B.S. (Business Administration) degrees from UC Berkeley. Chen subsequently worked for Google for four years, primarily for its YouTube unit, before enrolling in UC San Diego to earn a computer science degree (which she expects to complete in the fall or winter quarter).

    Both students will be part of a large delegation of UC San Diego faculty and students, most of them from the Computer Science and Engineering department, including many who have made a point of attending the Grace Hopper event several years runnning.

    Travel Grant recipients Chen and Mirian will report back to CNS colleagues after the conference.
    Related Links

    2017 Grace Hopper Celebration of Women in Computing

  • CSE Ph.D. Candidate Accepts Tenure-Track Faculty Position at University of Illinois

    When he graduated from China’s Nanjing University, Tianyin Xu was turned down by 24 graduate schools in the United States. The following year he applied and was accepted into the Ph.D. program at the University of California San Diego. Now, almost six years later, Xu is finishing his Ph.D. this summer, and top-notch schools were competing to offer the soon-to-be alumnus a tenure-track faculty position.  In the end, Xu received five offers and accepted the one from the University of Illinois at Urbana-Champaign (UIUC), which he’ll join as an assistant professor next January in the Department of Computer Science.

    Ph.D. candidate and soon-to-be
    CSE alumnus Tianyin Xu

    “I loved all the schools that made offers, which made the decision-making process excruciating,” observed CSE Ph.D. candidate Xu. “In the end, I had to follow my gut.” While he had offers from Pennsylvania State, UC Santa Cruz, UC Santa Barbara and Canada’s University of Waterloo, Xu selected UIUC partly because his advisor, CSE Prof. Yuanyuan (YY) Zhou, taught there for seven years before joining the UC San Diego faculty in 2009.

    “Many of the senior students in Professor Zhou’s group had previously studied at UIUC,” added Xu, “and they have helped me tremendously in my graduate studies. All of them spoke highly of the Illinois program.” Xu also thinks that UIUC had more confidence in his abilities because he had worked so closely with his “rock star advisor.” “I believe part of the reason UIUC made me the offer is that Professor Zhou was so successful and truly respected there, and all of the faculty I met during the hiring process held her in very high esteem.”

    “I am very proud of him,” observed Zhou, who holds the Qualcomm Endowed Chair in Mobile Systems in the Jacobs School of Engineering. “Tianyin Xu is joining an elite group of recent graduates from our operating systems group, including five of them who took tenure-track faculty positions at top schools.” Those professors include UC San Diego CSE alumnus Ryan Huang (Ph.D. ’16), who becomes an assistant professor of computer science at Johns Hopkins University this July after doing a postdoc at Microsoft Research.

    “All of them are doing extremely well,” added Zhou, “so they have paved the way for Xu and hopefully future Ph.D. graduates from our program who want to make careers in academia.”

    UIUC may also have been attracted to Xu’s research into reliability and security of computer systems, including the reliability of large-scale software systems deployed in the cloud and in datacenters. “My Ph.D. work focuses on tackling one dominant cause of cloud and datacenter failures in the real world – configuration errors,” said Xu. “These errors are notoriously fatal and hard to deal with using traditional fault-tolerance techniques. Currently we lack neat techniques that can work with these gigantic systems to prevent catastrophic failures, so research in this area is critically important and in demand.”

    Hardening cloud and datacenter systems against configuration errors is the topic of Xu’s doctoral dissertation, which he expects to defend in early August.

    Xu received CSE’s 2017 Doctoral Award for Research at the end of the academic year. Among other honors, last November he received the Jay Lepreau Best Paper Award at the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2016) for his paper on “Early Detection of Configuration Errors to Reduce Failure Damage.”  Xu was first author on that paper as well as another in May 2017, which he presented to the 35th Conference on Human Factors in Computing Systems (CHI 2017). The topic: “How Do System Administrators Resolve Access-Denied Issues in the Real World.”  Xu has also presented at research reviews of UC San Diego’s Center for Networked Systems (CNS) in 2016 and 2013, and he did summer research internships in 2013 and 2015 at NetApp, Inc., where he researched storage products and observed system users.

    Xu has been a teaching assistant in both graduate and undergraduate courses at UC San Diego, serving a variety of CSE faculty including his advisor as well as Geoffrey Voelker, Leo Porter, Stefan Savage, Mohan Paturi and Sanjoy Dasgupta. In the three most recent courses he TA’d, Xu happily notes that he finished with recommendations from 98.6 percent of students (75 percent with “strong” recommendations). In his teaching statement intended for the universities where he interviewed for faculty jobs, Xu said one of his primary goals was to stress relevance as the key to engaging students in learning. “I strive to relate OS concepts to real-world, everyday problems beyond OS kernels,” he explained. “I talk about how Google manages resources and schedules jobs at a massive scale, how Spark drives its huge success based on the disk-memory trade-off, and why Android does not swap but kills app processes when running out of memory. Students enjoy such discussions and become more engaged.” At UIUC, Xu expects to teach operating systems and software engineering, and he plans to incorporate interactive and hands-on projects along with regular coursework.

    Prior to starting the Ph.D. program at UC San Diego, from 2003 to 2010, Xu studied Computer Science at Nanjing University, where he completed B.S. and M.S. degrees..

    With his faculty job search now over, Xu is particularly thankful to the many people in CSE who provided help, support and encouragement throughout the “exhausting and sometimes frustrating” process. “Professor Voelker revised every single slide of my job talk and gave me countless tips and advice, while professors Savage and Victor Vianu did mock interviews with me,” recalled Xu. “Professors Sorin Lerner, Philip Guo, Alex Snoeren, Aaron Schuman and Bill Griswold and others helped me with my job talk or allowed me to practice delivering my talk in their research seminars, while professors Zhou, Voelker, Savage and Scott Klemmer wrote recommendation letters for me.”

    “Above all, I owe much to my advisor, Professor Zhou,” stressed Xu. “She believed in a student who had been rejected by most of the schools he applied to for graduate school, and transformed him into a Ph.D. candidate capable of receiving faculty offers from major schools and computer-science programs.”

    Related Links

    Tianyin Xu Website 
    OSDI 2016 Best Paper 
    Computer Science and Engineering

     

  • After 10 Weeks, CSE Students Demonstrate 3D, Networked Multiplayer Games

    CSE professor Geoffrey M. Voelker teaches CSE 125 each spring, The course on “Software System Design and Implementation” gave 32 seniors an opportunity to showcase everything they learned in the past four years. Nominally, the course is a 10-week project to build a large, complex, distributed software system with real-time constraints. Specifically, the teams of six or seven students spend the quarter building a distributed, real-time, 3D multiplayer game (hence the popular reference to CSE 125 as being “the videogame course”). Each final team demonstration doubles as the team members’ final exams.

    Prof. Voelker introduces the five teams in CSE 125.

    As finals week was winding down for most CSE students, nearly 200 people showed up on Friday, June 9, to see how much the five teams were able to achieve in the 2017 edition of CSE 125. All of the teams completed the assignment, with varying but largely impressive results. In one case, the demo had to be without accompanying audio because of a last-minute glitch in moving the game to a demo computer in the Qualcomm Institute auditorium in Atkinson Hall. For each demo, at least two players were picked at random from the audience to play against members of the game’s development team. All four players for each demo were positioned at workstations set up on the stage of the auditorium, with video of the game displayed on the big screen above the players — and streamed in real time over the Internet. [Editor’s note: An archived version of the video stream is now available for on-demand viewing here .]

    “Sandma” game

    The seven members of Team 9hack Studios produced a game called “Sandma” (originally “Dungeon Party”). Kavin Srithongkham led the presentation, and his fellow team members included Ethan Chan, Daniel Lee, Richard Lin, Christiane Pham, Austin Puk and Joshua Tang. They divided into three teams: networking, graphics and artists. “We wanted to create a game that contains both the sense of exploration and discovery of dungeon crawlers, and the chaotic and competitive interactions of a party game,” said Srithongkham. Players compete with each other in mini games and use the points to collectively build a dungeon full of hazards and treasures. The goal is then to move across the dungeon while avoiding the opponents’ obstacles. During the ‘build’ phase of the game, players place objects around the dungeon grid, but they cannot see where the other players place their objects. All players start with the same amount of gold, and the winner is whoever has the most gold at the end of the game. “The goal of the game is to balance using gold to buy obstacles and structures, and saving gold to win the game,” according to team members.

    “Heliocentric” game

    Team Solarware came up with a game called “Heliocentric”, which the developers call a “space-themed 4X real-time strategy game.” The goal is to eliminate all other players, or to end up in control of the most celestial bodies (based on mass). Brandon Milton presented the game with his five teammates Dylan Pereira, Ethan Li, JJ Tran, Raj Kumar and Sylvia Li. Team members divided up development roles, e.g., to handle networking, graphics, the user interface, sound, or algorithms. In the final week of development, “I worked on fine-tuning some key gameplay aspects,” said CS senior Raj Kumar. “I fixed a bug in combat that would cause the server to go down when more than one unit was attacking the same target. Further I made sure that a unit’s client window, which details the unit’s stats, disappears when the unit dies.”  According to presenter Milton, “real-time strategy games are very difficult to make, especially when each player may have 20 units or 30 units or 100 units at a time. You start to run into the problem of having the server process all of these at the same time. A new appreciation for this problem was definitely acquired, but not so much a solution to the problem.” Milton worked on user-interface elements, making movement smoother, and finalizing unit orientation, lasers and attack sounds: “I also played the role of jack-of-all-trades as much as I could.”

    “MURPH” game

    Outer space, with a dose of robots, was featured in another team’s game. Called “MURPH”, it’s a “four-player cooperative space adventure travel game.” The objective is to navigate to a specified destination, while overcoming obstacles by working together as the crew of the spaceship.. The ship is made up of various compartments — navigation room, medical ward, engine room, and so on. — that can be damaged or destroyed while travelling to the destination through asteroid showers and other events  (such as black holes and enemy ships) that hinder progress. When an asteroid hits one of the compartments, walls begin to crack and the player can patch the fissures if it can be done without the ship sustaining further damage. As the damage worsens, the room is destroyed. The game is lost when all players die or the ship’s final compartment is destroyed. The game is won when the ship reaches the specified destination. Team members included Michael Carroll (who learned Blender from scratch to build all of game’s models), Yuxiang Guan, Amanda Luff, Guillermo Valdez, and Huajie Wu, as well as Anish Shandilya, who led the game demo. Noted prrofessor Voelker: “One thing I like about that game is that you’re running around putting out fires, so it’s a great allegory to software development” — a comment that triggered knowing laughter among the student developers in the audience.

    Scenes from the game “A42JS”

    Another seven-person team demonstrated the most visually stunning game, from Team A42JS. “We’re the project that did our entire project in JavaScript,” said team presenter Alex Hawker, who introduced teammate John Pallag to describe the graphics pipeline they used. “The modeling was primarily done in Blender and once we completed the models, we created a workflow to go through Unity. So we’re not using Unity to run the game,” said Pallag, who handled most of the graphics and model creation.  it’s all running in WebGL, but we pulled the models into Unity and wrote a bunch of scripts that let us take all their positions and eventually exported and pulled it all back into JavaScript.”  The game itself is a “3rd-person, cooperative, horror-themed survival game” in which up to four players attempt to make their way through a labyrinth in order to drive away a terrible evil that pursues them through the game. Alex Hawker was in charge of overall project management, with Justin Chou and Ara Jermakyan sharing networking duties. Project manager Hawker and John Pallag were responsible for the graphics engine, with Pallag also handling all 2D and 3D artwork. Stephen Trinh and Arno Gau handled the gameplay, while Austin Sun created the audio.  In order to win the game, players must survive and traverse the labyrinth. Players lose when they are caught too many times by the evil force. Audio is critical to the gameplay, because each character has the ability to “sing” a high-pitched tone that can communicate information to nearby players, illuminate the surrounding area, or dispense with a door or obstacle in their path.

    “Heroes Always Die” pits tanks against each other.
    The final team to demonstrate their game showcased a “3rd-person, free-for-all deathmatch,” in a game called “Heroes Always Die” which pits two types of tanks against each other on a field of battle. “We wanted to make it very fast-paced and very competitive, and we tried to implement all that in one game,” said   Team members split up the development chores: with Kevin Duke, Kevin Cao, Shuming Cao, Yicheng Yin and Spencer Huang all worked on architecture and networking, and three of them also worked on graphics. Shuo Huang and Kevin Cao did modeling, and Shuming Cao and Shuo Huang worked on the user interface. In the final week before the demo, the team opted to add another character, while also fixing bugs, adding a sound system, improving maps and the user interface, and implementing and improving the particle effects (used to highlight the damage when an asset is taken out by a laser).
  • CSE Presence at Upcoming PLDI 2017

    The ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2017) will get underway on June 19 in Barcelona, Spain. It’s a premier forum for all areas of programming language research, including design, implementation, theory and efficient use of languages.

    CSE/CNS Prof. Sorin Lerner has had a hand in putting the program together as a member of the External Program Committee for PLDI 2017.

    (l-r) CSE/CNS professors Sorin Lerner and Ranjit Jhala

    CSE/CNS Prof. Ranjit Jhala, whose research focuses on techniques for building reliable computer systems, sits on the External Review Committee for the 2017 conference. He is also co-organizing a Tutorial track on “Refinement Types for Program Verification and Synthesis”, jointly with recent CSE/CNS alumna Niki Vazou (Ph.D. ’16), now a postdoctoral researcher at the University of Maryland, and MIT postdoctoral researcher Nadia Polikarpova (who in March presented in the CSE Colloquium Lecture Series on Type-Driven Program Synthesis).

    CSE alumna Chandra Krintz
    In addition to the two faculty members, one CSE alumna sits on the Steering Committee for PLDI 2017: Chandra Krintz (M.S., Ph.D. ’98, ’01). Krintz earned her doctoral degree under advisor (and former CSE faculty member) Brad Calder. Following graduation, she joined the computer science faculty at UC Santa Barbara, where she is now a full professor. Her research interests include programming support and adaptive optimization for cloud computing applications and systems, as well as techniques for efficient interoperation and integration of web services.
    In her spare time, Krintz co-founded the company AppScale Systems, Inc., where she remains Chief Scientist in a part-time role. Recently her work has focused on the intersection of IoT, cloud computing and data analytics with applications in farming and ranching (SmartFarm) and health management (Vigilance).

     

     

  • CSE Students and Professors Stage Major Presence at SIGMOD 2017

    CSE had a major presence at this year’s ACM Special Interest Group on Management of Data (SIGMOD), the premier venue for research in data management. The 2017 meeting took place in mid-May in Chicago jointly with PODS, the premier international conference on the theoretical aspects of database systems. CSE/CNS Database Lab faculty Yannis Papakonstantinou, Alin Deutsch, Arun Kumar and postdoctoral researcher Yannis Katsis all served on the SIGMOD research track program committee, and Kumar was a judge for the inaugural SIGMOD Student Research Competition. (He also chaired a Research Track session on Versions and Incremental Maintenance.)

    However, it was the research that took center stage, with UC San Diego computer science faculty and students out in force with five major papers in the main conference. CSE/CNS professors Yannis Papakonstantinou and Steven Swanson and Ph.D. students Chunbin Lin and Jianguo Wang (who delivered the paper) presented their research on “An Experimental Study of Bitmap Compression vs. Inverted List Compression.”

    Ph.D. student Jianguo Wang delivered the paper on bitmap vs. inverted list compression
    Papakonstantinou also had a joint paper with colleagues from Stanford University, Vasilis Verroios and Hector Garcia-Molina. They unveiled “Waldo: An Adaptive Human Interface for Crowd Entity Resolution.”

    A newcomer to SIGMOD, CSE professor Kamalika Chaudhuri had two high-profile papers on the agenda. She and fellow CSE/CNS professor Arun Kumar were co-authors on a paper titled “Bolt-on Differential Privacy for Scalable Stochastic Gradient Descent-based Analytics.” Their co-authors were all former colleagues of Kumar at the University of Wisconsin-Madison before he joined the CSE faculty this year. Professor Chaudhuri was also senior author on a paper presented by her Ph.D. student, Shuang Song. It was about “Pufferfish Privacy Mechanisms for Correlated Data”.

     “Kamalika Chaudhuri was one of two people who dominated the SIGMOD data privacy session this year, each of them with two papers in that session,” noted CSE‘s Kumar. “One of her papers, which I think was her first SIGMOD submission, got accepted without any revisions!” Kumar notes that he and Chaudhuri are planning to collaborate on new problems in the data, analytics and privacy space, especially on data cleaning and analytics systems. Database Lab members also invited Chaudhuri to become a member of the lab, and she accepted.

    The final CSE-related paper in the main research track was co-authored by Ph.D. student Vineet Pandey, who works in the Design Lab with his advisor, CSE professor Scott Klemmer. The paper on “Concerto: A High Concurrency Key-Value Store with Integrity” recapped research done at Microsoft when Pandey spent a summer there, as did another UC San Diego student (now alumnus) Pingfan Meng (M.S., Ph.D. ’11, ’16), who is listed as a co-author on the paper, and who is now a research scientist at Intel Labs. Microsoft researchers listed as co-authors on the Concerto paper included Arvind Arasu, Ken Eguro, Raghav Kaushik, Donald Kossman and Ravi Ramamurthy, with Arvind delivering the presentation.

    Tutorials and Workshops

    CSE/CNS professor Arun Kumar

    With a big conference like SIGMOD, however, the main sessions are only part of the action. CSE‘s Arun Kumar co-presented a tutorial on systems, techniques and challenges in the space of data management and machine learning. “The tutorial attracted a packed audience with a mix of industry folks, professors and students,” recalled Kumar. “It was well-appreciated and stirred a lot of discussion.” (Slides and video from the tutorial are available on the SIGMOD tutorials page.)

    Then there were the workshops co-located with SIGMOD 2017, and professor Kumar was heavily involved in three of them. He presented the invited academic keynote at the First Workshop on Data Management for End-to-End Machine Learning (DEEM). His talk focused on emerging research opportunities and challenges for the data management community in democratizing advanced analytics beyond just building faster/scalable ML algorithm implementations. It was well-attended and well-received by both researchers and practitioners. During the same DEEM Workshop, Kumar also had a joint paper with former colleagues at the University of Wisconsin-Madison (Lingjiao Chen and Paraschos Koutris). The paper explored “Model-based Pricing: Do Not Pay for More than What You Learn!”

    Kumar and fellow CSE professor Lawrence Saul also co-authored a paper with graduate students Dharmil Chandarana and Vraj Shah. CSE M.S. student Shah presented the paper on “SpeakQL: Towards Speech-driven Multi-modal Querying” in the Workshop on Human-in-the-Loop Data Analytics (HILDA).
    CSE postdoc Yannis Katsis also presented a paper co-authored by professor Papakonstantinou and Ph.D. student Nikos Koulouris during the HILDA workshop. The topic: “Assisting Discovery in Public Health”, which they co-authored with Qualcomm Institute researcher and UC San Diego School of Medicine professor Kevin Patrick.

    VLDB 2017

    With SIGMOD 2017 now history, Database Lab members are looking ahead to the other major database conference of the year, the International Conference on Very Large Data Bases (VLDB 2017). It’s scheduled for August 28-September 1 in Munich, Germany. CSE‘s database researchers are promising another banner presence for the group at the meeting.

     

  • Researchers Find Computer Code that Volkswagen Used to Cheat Emissions Tests

    An international team of researchers has uncovered the mechanism that allowed Volkswagen to circumvent U.S. and European emission tests over at least six years before the Environmental Protection Agency put the company on notice in 2015 for violating the Clean Air Act. During a year-long investigation, researchers found code that allowed a car’s onboard computer to determine that the vehicle was undergoing an emissions test. The computer then activated the car’s emission-curbing systems, reducing the amount of pollutants emitted. Once the computer determined that the test was over, these systems were deactivated.

    When the emissions curbing system wasn’t running, cars emitted up to 40 times the amount of nitrogen oxides allowed under EPA regulations.

    Center for Networked Systems research scientist and study lead, author Kirill Levchenko is also a CSE alumnus (Ph.D. ’09) .

    The team, led by Kirill Levchenko, a computer scientist at the University of California San Diego presented their findings at the 38th IEEE Symposium on Security and Privacy in the San Francisco Bay Area on May 22 to 24, 2017.

    “We were able to find the smoking gun,” Levchenko said. “We found the system and how it was used.”

    Computer scientists obtained copies of the code running on Volkswagen onboard computers from the company’s own maintenance website and from forums run by car enthusiasts. The code was running on a wide range of models, including the Jetta, Golf and Passat, as well as Audi’s A and Q series.

    “We found evidence of the fraud right there in public view,” Levchenko said.

    During emissions standards tests, cars are placed on a chassis equipped with a dynamometer, which measures the power output of the engine. The vehicle follows a precisely defined speed profile that tries to mimic real driving on an urban route with frequent stops. The conditions of the test are both standardized and public. This essentially makes it possible for manufacturers to intentionally alter the behavior of their vehicles during the test cycle. The code found in Volkswagen vehicles checks for a number of conditions associated with a driving test, such as distance, speed and even the position of the wheel. If the conditions are met, the code directs the onboard computer to activate emissions curbing mechanism when those conditions were met.

    A year-long investigation

    UC San Diego Kirill Levchenko Computer scientist Kirill Levchenko led the research effort at UC San Diego.
    It all started when computer scientists at Ruhr University, working with independent researcher Felix Domke, teamed up with Levchenko and the research group of computer science professor Stefan Savage at the Jacobs School of Engineering at UC San Diego.

    Savage, Levchenko and their team have extensive experience analyzing embedded systems, such as cars’ onboard computers, known as Engine Control Units, for vulnerabilities. The team examined 900 versions of the code and found that 400 of those included information to circumvent emissions tests.

    A specific piece of code was labeled as the “acoustic condition”—ostensibly, a way to control the sound the engine makes. But in reality, the label became a euphemism for conditions occurring during an emissions test. The code allowed for as many as 10 different profiles for potential tests. When the computer determined the car was undergoing a test, it activated emissions-curbing systems, which reduced the amount of nitrogen oxide emitted.

    “The Volkswagen defeat device is arguably the most complex in automotive history,” Levchenko said.

    Researchers found a less sophisticated circumventing ploy for the Fiat 500X. That car’s onboard computer simply allows its emissions-curbing system to run for the first 26 minutes and 40 seconds after the engine starts— roughly the duration of many emissions tests.

    Researchers note that for both Volkswagen and Fiat, the vehicles’ Engine Control Unit is manufactured by automotive component giant Robert Bosch. Car manufacturers then enable the code by entering specific parameters.

    Diesel engines pose special challenges for automobile manufacturers because their combustion process produces more particulates and nitrogen oxides than gasoline engines. To curb emissions from these engines, the vehicle’s onboard computer must sometimes sacrifice performance or efficiency for compliance.

    The study draws attention to the regulatory challenges of verifying software-controlled systems that may try to hide their behavior and calls for a new breed of techniques that work in an adversarial setting.

    “Dynamometer testing is just not enough anymore,” Levchenko said.

    “How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles”

    Authors: Guo Li, Kirill Levchenko and Stefan Savage from UC San Diego; Moritz Contag, Andre Pawlowski and Thorsten Holz from Ruhr University; and independent researcher Felix Domke.

    This work was supported by the European Research Council and by the U.S. National Science Foundation (NSF).

    Related Links:

    UCSD News

    CSE Website

    NPR KPBS

    ARS Technica

     

  • CSE Alumnus Leverages Machine Learning to Help Companies (and Hometown) Grow

    UC San Diego computer science alumnus Matthew Der (Ph.D. ’15) was one of the few fresh graduates from the Computer Science and Engineering department who did not opt to work for a West Coast technology giant like Amazon, Microsoft, Facebook or Google (where he did two summer internships during graduate school). Instead, he returned home in September 2015 to the fast-growing RVA technology corridor (in Richmond, Virginia) to become a partner and Chief Technology Officer in Notch, a local tech consulting startup that was barely a year old.

    Alumnus Matthew Der is CTO of Richmond-based Notch

    “I love Richmond as a city and I am passionate about entrepreneurship and the technology community here,” said Der. “Part of Notch’s mission is to be a West Coast-caliber boutique tech consultancy in central Virginia. You don’t need to go to the Bay Area or NYC to find one.”

    For the second year in a row, Notch was a finalist for the top Emerging Technology Business award given out by RichTech, an association of local technology businesses and tech professionals. Last year they came close, but at the 22nd annual Technology Awards show on May 10, Der and his colleagues were honored with the award for startups or small businesses demonstrating the ability to achieve commercial success.

    Nearly 800 people attended the award ceremony at the Greater Richmond Convention Center.

    Der credits his education in CSE for providing an important leg-up for success in any market. “It’s mostly the alignment of my expertise and the industry trend of artificial intelligence and machine learning,” explained Der. “Having a Ph.D. in machine learning is a big differentiator, especially in a mid-sized market. It immediately gave us street cred, sales material and conversation starters.”

    RichTech 2017 awards ceremony

    As CTO, Der’s primary role is to oversee Notch’s data science and machine learning consulting. He is responsible for successful delivery of predictive solutions to Notch’s clients as well as internal training, and the company’s services are in strong demand from companies that need to use data more effectively to fuel business growth.

    “In some sense we’re riding the AI wave with everyone else,” noted Der. “But we’ve found that while everyone is talking about the hype, many still don’t understand how their business can leverage AI to gain a competitive advantage.”

    While in CSE Der focused on machine learning applications to security, and in particular, web page clustering and classification. He was involved in the AI, Systems and Networking as well as Security research groups under advisors Lawrence Saul, Geoff Voelker and Stefan Savage, and the Center for Networked Systems.

    Learn more about Notch.

     

  • Making Parsers More Accessible
    Ph.D. candidate Alan Leung (M.S. ’13) says he likes to create tools that “make it easier to build complex systems reliably.” These include a tool for automating the construction of parsers — programs that extract structure from strings — for context-free languages. Now, Leung is poised for the final defense of his dissertation on making parsers more accessible. He will defend his thesis in front of a panel chaired by his advisor in the Programming Languages group, CSE professor Sorin Lerner. The panel also includes CSE professors Ranjit Jhala and Ryan Kastner, as well as Math professor Samuel Buss and UCLA computer science professor Todd Millstein.
    Alan Leung

    The title of Leung’s dissertation is “Constructing Parsers by Example via Interactive Program Synthesis,” and his defense is scheduled for Thursday, May 11 at 2PM in room 2217 of the CSE building.  The examination is open to the public.

    Parsers are fundamental components of many software systems, including email clients, video games, spreadsheet programs, and relational databases. As a result, constructing parsers has become a ubiquitous programming task for developers in many domains, and not just for programming language experts.

    According to Leung, existing tools for generating parsers assume a great deal of background knowledge in parsing and formal language theory, but “it is possible to make parsing more accessible by combining interactive visual feedback with the programming-by-example paradigm, wherein users synthesize programs simply by providing example inputs and outputs demonstrating the result of the intended computation.”

    In his dissertation, Leung presents novel algorithms for (a) constructing syntactic specifications by example, (b) constructing lexical analyses by example, and (c) visualizing progress toward parser completion. “We instantiate these algorithms in two graphical development environments we have implemented,” notes Leung in his abstract, referring to Parsify and its successor, Parsimony. “The latter’s central user interaction paradigm is that of programming-by example.” In a user study, he demonstrates that non-expert users show significantly better performance when using the new system.
    Prior to beginning the graduate program in CSE in 2010, Leung worked for five years at Intel designing cache systems on several generations of Itanium microprocessors. Before Intel, he did his undergraduate degree at Cornell University.
  • Jacobs School, CSE Honor Recently Appointed Endowed Chair Holders
    CSE Prof. Stefan Savage (left) now holds the Jacobs Chair in
    Information and Computer Science. CSE Prof. Tajana Rosing (right) now holds the Fratamico Chair.

    CSE and the Jacobs School of Engineering are celebrating two CSE professors who were awarded endowed chairs in the past year. The appointments of professors Tajana Rosing and Stefan Savage, both of whom are affiliated with the Center for Networked Systems (CNS), were previously announced, but now they will be honored at separate invitation-only receptions scheduled for May and June.

    John J. and Susan M. Fratamico Endowed Chair

    On Thursday, May 18 from 5:30-7:30PM, Jacobs School Dean Albert P. Pisano and CSE Chair Dean Tullsen will host a program and reception to celebrate CSE professor Tajana Rosing’s appointment to the John J. and Susan M. Fratamico Endowed Chair in the Jacobs School.

    Rosing, who earned her Ph.D. from Stanford in 2001 while working at HP Labs, is the inaugural holder of the Fratamico chair, which was established in 2012. When the appointment was originally announced in September 2016, CSE’s Tullsen noted Rosing’s “creativity and approach to research [that] have had a deep impact on innovation in computer engineering.”

    The computer engineering professor joined the CSE faculty in 2005. There, she established the System Energy Efficiency Lab (SEELab), which focuses on energy efficiency at many scales — from sensor nodes to data centers and from transport networks to power grids. Rosing’s research interests include embedded systems hardware and software design and the design of approximate and highly-efficient architectures. Currently Rosing works on efficient and distributed data collection, aggregation and processing in the context of Internet of Things applications, smart cities, wireless healthcare and the distributed Smart Grid for electricity.

    Among her achievements, Rosing was able to optimize the design and operation of embedded systems to achieve 1,000 times more energy efficiency at the cost of a 10 percent inaccuracy (i.e., 10 percent error in computation). The real-world impact of her research has also stretched the battery life of smartphones and other electronic devices — and her work maximizes the quality of service in ‘smart’ servers while minimizing power consumption.

    Irwin Mark and Joan Klein Jacobs Chair in Information and Computer Science

    On Wednesday, June 7 from 5:30-7:30PM, Jacobs School Dean Pisano and CSE Chair Tullsen will host a reception to honor Savage, who holds the Irwin Mark and Joan Klein Jacobs Chair.in Information and Computer Science. The reception marks the first anniversary of Savage’s appointment to the chair in June 2016. The chair was newly empty following the retirement of CSE professor Ronald Graham, the previous holder of the Jacobs Chair.

    The computer scientist – who co-directs CNS – joined the CSE faculty in 2000 in an acting capacity until he defended his dissertation at the University of Washington in 2002.

    Much of Savage’s early research focused on operating systems. Already a Fellow of the ACM, he was honored again by ACM with its SIGOPS Mark Weiser Award in 2013. The award cited his “creativity and innovation in operating systems research.” The CSE professors other honors include the ACM-Infosys Foundation Award (2016) and a faculty research fellowship from the Alfred P. Sloan Foundation (2004).

    Over time Savage expanded from operating systems and network security to cybersecurity, and he co-founded three research centers in the field: the Collaborative Center for Internet Epidemiology and Defense; the Center for Evidence-based Security Research; and the Center for Automotive Embedded Systems (to focus on security in the increasingly automated automotive sector).

    Both programs and receptions will take place at the Calit2 Auditorium in Atkinson Hall. In addition to being CNS members, both Rosing and Savage are academic participants in Calit2’s Qualcomm Institute.

    Related Links

    Rosing Appointment to Fratamico Chair
    Savage Appointment to Jacobs Chair
    Tajana Rosing Website
    Stefan Savage Website
    Computer Science and Engineering

  • CNS Researchers Help Google Fight Abusive Pins on Google Maps

    A partnership between computer scientists in the Center for Networked Systems (CNS) at UC San Diego and Google has allowed the search giant to reduce by 70 percent fraudulent business listings in Google Maps. The researchers worked together to analyze more than 100,000 fraudulent listings to determine how scammers had been able to avoid detection-albeit for a limited amount of time-and how they made money.

    The team presented their findings at the 26th International Conference on the World Wide Web in Australia earlier this month.

    Location pins on Google Map of downtown San Diego: Is the nearest service provider really there?

    The computer scientists identified what they describe as a “new form of blackhat search engine optimization that targets local listing services” such as Google Maps. They also describe how these scammers were able to make money.

    “Location-based search is increasingly becoming the way people interact with online content-even if you’re not using a mapping application,” said Alex C. Snoeren, a professor in the Department of Computer Science and Engineering at UC San Diego and a senior author of the study.

    For example, when people run a search on their mobile phone, the search engine uses their physical location as one of the inputs to decide which results to display, Snoeren explained.

    First author and CSE/CNS Ph.D. student Danny Huang presented the
    Google Maps paper at WWW 2017.

    The scammers take advantage of this by using fake locations to make it look like their business is in close proximity to the user doing the search. This was particularly true of on-call contractors, notably plumbers and locksmiths. Researchers found that 40 percent of all fake listings on Google Maps belong to that category.

    “I might find seven listings for locksmiths in my neighborhood,” said Danny Huang, the paper’s first author and a Ph.D. student in computer science at the Jacobs School of Engineering at UC San Diego. “But in fact, none of those listings are real.”

    In all, researchers found that 11 percent of overall search results for locksmiths were fraudulent. In New York, that percentage went up to 15.6 percent. And it went up to an astonishing 83.3 percent in West Harrison, New York.

    Scammers are able to make money when they get called to help a user based on a fake listing. Scammers might quote a low price when called on the phone, only to charge a higher fee when they show up. They might not be licensed but get the business anyway.

    In another scheme, scammers set up fake pins for real hotels or restaurants on Google Maps. They set up websites where customers make reservations, which are connected to the business’ real website or to a travel agency, which is not part of the scam. This allows scammers to make money either by getting a commission for each reservation or for referring traffic to the businesses’ real websites. The researchers found that roughly 13 percent of the fraudulent listings had real hotel and restaurant addresses, but were not created by these businesses.

    All these fraud schemes were possible primarily because scammers found a way to get around Google’s verification process.

    Other CSE/CNS co-authors on the Google Maps paper are professor Alex Snoeren (left) and research scientist Kirill Levchenko

    Businesses can register for Google Maps online for free. But before a listing goes live, Google sends a postcard with a verification code to the business’ address. The business inputs this verification code and the listing is then approved to go live.

    Partly thanks to these measures, Google is able to detect 85 percent of fake listings before they even appear on Google Maps. The fake listings that make it past the verification process are taken down within an average of 8.6 days between creation and suspension.

    Scammers got around verification requirements mainly by leasing PO boxes and using those addresses to receive their verification codes. They also added fake suite numbers to a specific address so Google wouldn’t get suspicious about a large number of businesses located at the same address. Researchers note that there are legitimate reasons for a large number of businesses to have the same address—big office buildings in Manhattan come to mind.

    Researchers also noted that a large percent of fraudulent listings changed their address or the category they belonged to (from hotel to locksmith, for example) after verification.

    To tamp down on abuse, Google has taken a number of measures, which the company details in a post on its research blog. Steps include: prohibiting bulk registration at most addresses; preventing businesses from changing their addresses to a location that is impossibly far from the original without additional verification; and detecting and ignoring intentionally mangled text in address fields designed to confuse Google’s algorithms. The company also fine-tuned its anti-spam machine learning systems to detect data discrepancies that are common in fake or deceptive listings.

    The research was partially funded by a grant from the National Science Foundation.

    ________________________________
    *D.Y. Huang, D. Grundman, K. Thomas, A. Kumar, E. Bursztein, K. Levchenko and A.C. Snoeren, “Pinning Down Abuse on Google Maps,” Proc. of the International Conference on World Wide Web (WWW), April 3-7, 2017, Perth, Australia.

    Related Links

    Paper: Pinning Down Abuse on Google Maps
    KPBS News Article
    CSE News
    WWW 2017
    Research at Google

     

  • Recent Computer Science Faculty Hire Joins Center for Networked Systems

    Arun Kumar Works on Advanced Analytics at Intersection of Data Management and Machine Learning

    On April 3, Computer Science and Engineering (CSE) assistant professor Arun Kumar began teaching his first undergraduate course since joining the UC San Diego faculty in 2016. CSE 190D covers topics in database system implementation, and it’s a hands-on, systems-focused course and the first at UC San Diego to teach the systems guts of a relational database management system (DBMS).

    “Faculty in our Database group hope that this course will eventually be mainstreamed as 132C,” said Kumar. “It would complete a solid triad of database courses for undergraduates covering principles, applications and, finally, implementation.”

    CSE Prof. Arun Kumar, who joined the Jacobs School of Engineering faculty in 2016, has now become a member of the Center for Networked Systems.

    Kumar joined CSE after completing his Ph.D. at the University of Wisconsin-Madison last summer, with a focus on datamanagement and analytics. His research explores the intersection of data management and machine learning (ML), an area increasingly called advanced analytics. He also aims to create a pipeline of students coming into this burgeoning field – and the subject of the first graduate course he taught, CSE 291, during the winter quarter. “Advanced analytics is a brand-new field and companies require a lot of talent in this space,” he observed. “The dearth of engineers who understand machine learning is staggering, and a lot of companies are offering large salaries for people who understand software engineering, data systems and machine learning under the now-famous job title — data scientist.”

    Advanced analytics is also the subject of a presentation Kumar will give for the Center for Networked Systems (CNS) on Tuesday, April 11 at 1pm in room 4140 of the CSE Building. His talk, “Democratizing Distributed Advanced Analytics,” will explore large-scale data analytics using statistical machine learning and how they are becoming increasingly critical for many data-driven applications.

    “The data management, machine learning and systems communities are working on scalable and fast implementations of ML algorithms,” said Kumar. “However, several orthogonal bottlenecks in the end-to-end process of building and deploying ML models for data analytics have largely been ignored, leading to wasted resources and poor productivity of data scientists.”

    CNS’s newest member will introduce three new projects to his audience and he hopes to solicit critical feedback. Kumar also foresees more collaborations with CNS and other CSE faculty. With CSE Prof. Kamalika Chaudhuri, he is already collaborating on the issue of differential privacy for machine learning. He is also working with two other CNS members: CSE Prof. Tajana Rosing, on understanding the tradeoffs facing machine-learning algorithms in the Internet of Things; and CSE Prof. Ranjit Jhala, on applying program analysis to bring new data-driven optimizations to advanced analytics codebases. As for other collaborators in CSE, Kumar is collaborating with CSE Prof. Lawrence Saul and fellow new hire, CSE Prof. Ndapa Nakashole, on using speech recognition to improve database usability.

    “A couple of my upcoming projects will involve working on top of popular, distributed machine learning and data-processing systems such as Spark and TensorFlow to exploit the massive parallelism they offer for new abstractions that I create,” said Kumar. “I suspect this will eventually get me digging into the internals of these networked systems and perhaps optimizing them for the workloads that I care about. This could involve publishing with CNS co-authors, so becoming a member of the center seemed a no-brainer.”

    Kumar wants to make it easier and faster to build and use ML algorithms to analyze large and complex datasets.  “My work over the next few years is going to focus on building tools, software and abstractions to make it easier to use machine learning in practice,” he predicted. “I want to do so from the perspective of the data scientist’s productivity, the runtime performance and research efficiency, as well as other issues such as privacy.”

    Kumar notes that systems and ideas based on his dissertation and research at UW-Madison have been released as part of the MADlib open-source library, used internally by Facebook, LogicBlox and Microsoft, and shipped in products from EMC, IBM, Oracle and Cloudera. “It’s been nice to work with industry about the practical applications of my work,” he noted. ““The practical relevance of my work can impact what people do today and from them  I can learn what the challenges tomorrow will be, and how we as computer-science researchers can stay one step ahead by anticipating what comes next.”

    Example scenario for machine learning over multi-table data: predicting customer churn is common in applications such as insurance, retail and telecommunications. Source: Arun Kumar’s Ph.D. dissertation, “Learning Over Joins” (2016).

    Kumar’s dissertation focused on training machine learning models based on data sets from multiple tables. “Data scientists usually combine all these tables into a massive single table,” he said. “These operations are called relational joins, and specifically key-foreign-key joins. Now the single table contains all the attributes of all the tables. This was the state of the art before I looked at this problem.”

    Yet as Kumar confirmed, joining multiple tables together introduces redundancy into the data. “Consider a popular application of machine learning in enterprise domains: predicting customer churn,” he suggested. “You have a customers table joined with, say, a table about employers and another table about areas indexed by zip code. You could have a thousand customers employed by the same company, which means the record with the employer’s attributes (called its feature vector), gets repeated a thousand times after the join. The same could happen with the zip codes.” Result: the output of this join could be several times bigger than the input data. In one case at Microsoft, Kumar recalls, once they joined all their input tables for a Web security-related ML task to make one massive table, it blew up by a factor of ten. “A task that should have taken half an hour ended up taking a whole day on the cluster because the team overshot the storage space allotted to them — bringing down the shared cluster,” observed Kumar. “So storage becomes a major issue, as does the extra time wasted by the redundant computations performed by an ML algorithm over the redundant data.”

    Kumar’s dissertation came up with two orthogonal new techniques. The first technique, called ‘avoiding the join physically,’ pushes down the machine learning computation to the input data in a multi-table format rather than having a single table with all the attributes. The challenge was to do so without affecting the accuracy of the ML model’s predictions. “That is a guarantee we provide and we have a proof for it,” confirmed Kumar. “Weff proved that the accuracy is unaffected. This mitigates the storage issue, because you don’t need the single table, and it mitigates the maintenance issue because you operate on the data as-is, and it mitigates the performance issue because you save a lot of runtime when you operate on the smaller input of the joins.”

    One additional benefit of Kumar’s new paradigm: “Today many of the computations for machine learning happen in the cloud,” he said. “You purchase storage or computation runtime, and by reducing both, users can save a lot of money as well.”

    The second part of his thesis focused on omitting unnecessary tables. “We showed that in many settings, for many ML models, some tables can be completely ignored,” explained Kumar. “We call it ‘avoiding the join logically’ because we are pretending that a table doesn’t even exist. If you omit a table, your runtime goes down, your storage goes down, and the data scientist’s productivity can go up because you have fewer tables and fewer attributes to manage.”

    Kumar showed that prediction accuracy without the omitted table not only does not go down, but the runtime accelerates by two orders of magnitude – i.e., making the computation up to 100 times faster.

    Among his many honors, Kumar received a 2016 Google Faculty Research Award, and the same year took home a graduate student research award from the University of Wisconsin for his dissertation research. He was also a recipient of the Best Paper award at SIGMOD 2014.

    Kumar recognizes that he joined UC San Diego at an important turning point for anyone working in the general field of data science. CSE is about to launch its first major and minor in Data Science and Engineering, and the campus is developing a Data Science Institute thanks to a $75 million gift from CSE lecturer and alumnus Taner Halicioglu, announced last week. “I am excited that UC San Diego is taking data science seriously,” mused Kumar. “Democratizing data science is a grand challenge that transcends disciplines and requires bridging the gaps between the fields of data management, systems, machine learning, statistics, math, human-computer interaction, and several other fields, including myriad application domains. The generous gift from our alumnus is truly spectacular and I hope it will help accelerate UC San Diego’s research and education in this important area.”

    Meantime, Kumar will focus on his teaching and research, and recruiting graduate students for his lab. Two M.S. students from his Winter 2017 course on advanced analytics are now working as research assistants in his group. “I had set a tough filter for enrollment: reviewing a research paper and answering some open-ended research questions,” he said. “This seems to have scared away many students but it ensured a high-quality atmosphere in class. Some of the students even managed to submit research papers on their course projects, one to KDD and another to a SIGMOD workshop, which has already been accepted, while two more are working on solidifying their work for submission to VLDB/SIGMOD. These are all top venues in this research area.”

    In addition to teaching the undergraduate course on implementing relational database management systems, this Spring Kumar is also organizing a CSE 290 seminar for grad students on Advanced Data Science. For the seminar, students will read and present papers and articles on advanced data science applications and tools.

    Related Links

    Arun Kumar Website 
    Computer Science and Engineering, University of California San Diego
    CSE 190 Topics in Database System Implementation 
    CSE 290 Seminar on Advanced Data Science 
    CSE 291 Topics in Advanced Analytics

  • Computer Scientists Honored for ‘Tracing’ Research That Stood 10-Year Test of Time

    Faculty from UC San Diego, Brown University, and UC Berkeley Share in Networked Systems Award

    At the USENIX Symposium on Networked Systems Design and Implementation (NSDI) this week in Boston, Mass., a team of researchers accepted an award for the most influential paper among those presented a decade ago at the annual conference. The 2017 NSDI Test of Time Award was presented during a luncheon on March 26 to two former graduate students at UC Berkeley who co-authored the paper published at NSDI 2007, along with their three UC Berkeley advisors.

    Pictured (l-r): MIT’s Hari Balakrishnan presented the
    Test of Time Award March 26 at NSDI 2017 in
    Boston to Brown’s Rodrigo Fonseca, UC San Diego’s
    George Porter, and UC Berkeley’s Ion Stoica.

    Rodrigo Fonseca and George Porter are now professors of computer science, respectively, at Brown University and theUniversity of California San Diego. They accepted the award for their paper*, “X-Trace: A Pervasive Network Tracing Framework,” along with one of their former advisors, professor Ion Stoica. (Other co-authors on the paper – UC Berkeley professors Randy H. Katz and Scott Shenker – did not attend the award ceremony.)

    Porter and Fonseca were still at UC Berkeley when they worked on the original paper. “We wrote X-Trace while we were Ph.D. students,” recalled Porter. “It was really an honor to work with my colleagues on this project, which formed the basis of Rodrigo’s and my Ph.D. dissertations.” Stoica remains a professor of computer science in the Electrical Engineering and Computer Science department of UC Berkeley. (It’s not Stoica’s first Test of Time award: he received the SIGCOMM Test of Time Award in 2011.)

    Modern Internet systems often combine different applications, span different administrative domains, and function in the context of network mechanisms (tunnels, VPNs, overlays and so on). In their 2007 paper, the co-authors argued that “diagnosing these complex systems is a daunting challenge.” “Many diagnostic tools existed at the time, but none existed for reconstructing a comprehensive view of service behavior,” said Brown’s Fonseca.

    X-Trace was not the first tracing framework, but it was influential given that it was effectively the first framework for end-to-end tracing to focus on generality and pervasiveness. “It was based on the observation that an increasing number of systems would be built from heterogeneous components, built and operated by different people,” explained Fonseca. “In contrast, existing tracing frameworks required a specific language, or were targeted to a particular system.”

    The researchers implemented X-Trace in protocols and software systems, and in their prize-winning paper, they set out to explain three different use scenarios: domain name system (DNS) resolution; a three-tiered photo-hosting website; and a service accessed through an overlay network.

    Hari Balakrishnan, who co-chaired NSDI in 2007, broke the news of the Test of Time Award to the recipients. “We’re very pleased to share that your X-Trace paper from NSDI 2007 has been selected for an NSDI Test of Time Award,” he wrote. “The award honors a paper published ten years earlier at NSDI with retrospectively the most impact on research or practice.”

    Indeed, the X-Trace paper has proved to be prescient – in both research and practice. “Today many Internet-scale backend systems are built using a ‘microservices’ approach, with hundreds of loosely connected components tied together to offer larger services,” noted Porter. “Debugging these systems effectively requires what X-Trace provided: the ability to correlate events in one component to events in other arbitrary components, even if they were many steps far removed from the first.”

    History of tracing systems and echoes from X-Trace and Google Dapper approaches to end-to-end tracing.

    The rapid adoption of tracing began with Google’s introduction of Dapper in 2010 (see graphic), which offered a similar primitive to X-Trace. Twitter’s Zipkin and Cloudera’s HTrace were open-source implementations of Dapper. Another current competitor in the market, called Traceview, also has X-Trace in its DNA after a series of startups and acquisitions dating back to 2010.

    “By 2015 many companies such as Netflix, Baidu, Uber, Facebook and Etsy were deploying internal trace solutions very similar to our ideas presented in the X-Trace paper,” observed Fonseca. “And the interest persists in a rather recent initiative called OpenTracing, which is trying to standardize end-to-end tracing.”

    The NSDI award is not Fonseca’s first for his work on tracing: he co-authored a paper on ‘pivot tracing’ that received a Best Paper award at the 2015 Symposium on Operating Systems Principles. That same year, Fonseca won an NSF CAREER Award for his work on ‘causal tracing’ to elucidate understanding of the performance of distributed systems. (Causal tracing covers a wide variety of tracing systems and frameworks, including X-Trace itself, as well as Dapper, Zipkin, HTrace, and many others.)

    “It’s becoming increasingly difficult to understand how a system behaves, and, especially, how and why it fails,” said Fonseca. “Causal tracing is a technique that captures the causality of events across all components, layers and machines, and it eases the task of understanding complex distributed systems.”

    Now a co-director of UC San Diego’s Center for Networked Systems (CNS), George Porter’s research encompasses the fields of computer networking, data-intensive computing and computer systems, with a specific focus on data center networking. “I work to reduce the barrier to developing, deploying and managing applications that are able to process massive amounts of data,” said Porter. “At the same time, we aim to ensure that the resulting systems are practical, low-cost and energy efficient.”

    Porter also received an NSF CAREER Award (in 2016) for work on a scalable multiplane data center network. He plans to demonstrate a hybrid electrical-optical network topology that will scale to hundreds of thousands of servers – at link rates reaching 1.6 terabits per second.

    Meanwhile, the excitement surrounding tracing continues unabated. In 2017, for example, Amazon has released X-Ray, which offers distributed tracing for Amazon Web Services, and another company, Datadog, also released an end-to-end tracing product earlier this year.
    ________________________

    *Rodrigo Fonseca, George Porter, Randy H. Katz, Scott Shenker, Ion Stoica, “X-Trace: A Pervasive Network Tracing Framework , Proc. 4thUSENIX Conference on Networked Systems Design and Implementation (NSDI), April 2007, Cambridge, MA.

    Related Links

    NSDI 2017
    X-Trace: A Pervasive Network Tracing Framework
    Rodrigo Fonseca Website
    George Porter Website

     

     

  • CNS Espresso Prize for Excellence in Networking 2017 Awardee
    Yihan Zhang – 2017 Espresso Prize Recipient

    Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practice of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.

    Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.

    The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123, Alex C. Snoeren, based upon criteria set by him for the given final project assigned each year.  Professor Snoeren awarded the prize this year to UCSD undergraduate student Yihan Zhang for his outstanding final project.

     

    Previous Recipients of the CNS Espresso Prize for Excellence in Networking:

    2016 Undergraduate recipient: Conner Johnston
    2014 Undergraduate recipient: Aaron Yip Ming Wong
    2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
    2013 Undergraduate recipient: Jacob Maskiewicz
    2013 Graduate recipient: Vidya Kirupanidhi

  • Using Batteries to Cut Utility Costs

    CNS postdoctoral researcher Alper Sinan Akyurek developed an algorithm for controlling batteries that can decrease the utility cost of an actual building by up to 50 percent compared to a building powered without the use of batteries.

    Alper Sinan Akyurek is an ECE alumnus (Ph.D. ’17) and postdoc in CNS in the Systems Energy Efficiency Lab of CSE Prof. Tajana Rosing

    Akyurek (Ph.D. ’17) – who completed his doctorate in January – still works in the Systems Energy Efficiency Laboratory of CSE Prof. Tajana Rosing (who has an adjunct appointment in Electrical and Computer Engineering, Akyurek’s previous department). Together they published their findings in a paper on “Optimal Distributed Nonlinear Battery Control” in the December 2016 issue of the IEEE Journal of Emerging and Selected Topics in Power Electronics*.

    As the researchers noted in their article, energy storage systems enable on-demand dispatch of energy to compensate for volatility in the generation and consumption — supply and demand — for power. “Our optimal distributed battery control handles multiple batteries with low computational complexity,” they noted.

    Compared to previous work, they used a higher-accuracy nonlinear battery model with only two percent error. “We show in a case study that optimal algorithms designed for a linear battery model induce an error of up to 60 percent in terms of cost reduction… [while] for the case of a constant load profile, we show that this error exceeds 150 percent,” said Akyurek.

    Comparing the latest algorithm to the state-of-the-art load-following battery management technique, the new algorithm produced a 30 percent improvement in utility cost. Furthermore, the algorithm obtains the solution for multiple batteries in a decentralized way with guaranteed convergence.

    Funding for the control research came from TerraSwarm, one of six centers of the Semiconductor Research Corporation’s STARnet program funded by the Defense Applied Research Projects Agency (DARPA), Microelectronics Advanced Research Corp. (MARCO) and DARPA-E (for Energy). SRC is backed by companies including Intel, IBM, Micron and Texas Instruments. Professor Rosing co-led TerraSwarm’s Smart Cities effort, on which Akyurek worked for three years until it ended in October 2015.

    Akyurek’s primary research related to CNS involves context-aware optimization in Internet of Things (IoT) systems. His research extends to optimized control in the Smart Grid for energy efficiency, and he has developed a range of control algorithms for purposes ranging from communication and prediction to controlling energy storage.

    Prior to his Ph.D. at UC San Diego, the postdoctoral researcher completed his B.Sc. (’08) and M.Sc. (’11) at Middle East Technical University in Ankara, Turkey, where he was a member of its Communication Networks Research Group. Akyurek also worked as a senior design engineer on wireless networks for the Turkish company, Aselsan, Inc., before enrolling at UC San Diego.

    Looking to the future, Akyurek hopes to continue his current line of research. “We are working to extend our optimal nonlinear distributed control solution to other areas in the Smart Grid,” he noted. “We want to modify it for use in other Internet of Things ecosystems such as sensor networks, user-in-the-loop control systems, and managing the maintenance of devices.”

    _____________________________________

    *A.S. Akyurek and T. Simunic Rosing, “Optimal Distributed Nonlinear Battery Control”, IEEE Journal of Emerging and Selected Topics in Power Electronics, December 2016.

    Related Links

    Article in Journal of Emerging and Selected Topics in Power Electronics
    Akyurek Web Page
    Systems Energy Efficiency Lab
    TerraSwarm Research Center

  • Center for Networked Systems Adds New Faculty Members
    CSE Assistant Professor Deian Stefan

    The Center for Networked Systems (CNS) at the University of California San Diego now has 22 faculty membersfollowing the addition of two new professors to its ranks.  Both newcomers – Deian Stefan and Aaron Schulman – joined the Computer Science and Engineering (CSE) faculty as assistant professors recently, with Stefan starting to teach last fall, and Schulman this winter.

    “Professors Schulman and Stefan both work in the systems area, but their research interests also go well beyond networked systems,” said CNS co-director George Porter. “Both share an interest in secure systems. Schulman’s interests extend to embedded systems and even operating systems, and Stefan’s other major research focus is on programming languages. Both have a lot to bring to CNS’s research agenda.”

    CSE Assistant Professor Aaron Schulman

    While still doing a postdoc at Stanford, Aaron Schulman founded a company called Mellow Research, LLC, to build BattOr, a power monitor he invented to track how much energy different features of applications use while running on mobile phones. For his part, Deian Stefan delayed his start at UC San Diego by a year to finish launching a web security startup called Intrinsic (formerly GitStar), in which he continues to hold the part-time job of Chief Scientist. “At Intrinsic we’ve been transferring research into practice by building systems, tools and languages that ultimately make it easier for developers to build and deploy Node.js web applications with minimal trust,” said Stefan.

    Both Stefan and Aaron Schulman came to UC San Diego from Stanford University. Stefan earned his Ph.D. in Computer Science in 2015, while Schulman was a postdoctoral researcher from 2013 to 2016 in the lab of Stanford professor Sachin Katti. Schulman earned his Ph.D. from the University of Maryland, College Park, in 2013 (with a thesis on the reliability of Internet last-mile links that later won him the SIGCOMM Doctoral Dissertation Award).

    Deian Stefan

    Stefan joins CNS

    According to Stefan, his primary research interest is in “building principled and practical secure systems.” He builds browsers and language runtime systems by applying programming language techniques and analysis. Among the secure systems Stefan has also helped to build: a secure package manager; a browser confinement system designed for modern web applications; a security-centric framework for building web platforms; a dynamic information flow control system; and a programming language for writing secure, constant-time code.

    The professor serves as editor of the COWL specification, and he participates more broadly in developing specs as a member of the W3C WebAppSec and Node.js Security working groups. “By working on specifications,” said Stefan, “we’re trying to broadly influence browser and runtime systems that will ultimately make the web a safer place.”

    Stefan began teaching in CSE in Fall 2016, with a course on language-based system security called “Building Secure Systems using Programming Languages and Analysis” (CSE 291). This winter quarter, he is also teaching an undergraduate course, CSE 130 (Programming Languages: Principles and Paradigms), which covers basic concepts and design tradeoffs related to programming languages (including crash courses in JavaScript and Haskell).

    Aaron Schulman

    Aaron Schulman

    Schulman started on July 1, 2016, but delayed making the move from Palo Alto until late in the year. As of this winter, he is teaching his first course at UC San Diego — a graduate-level course on topics in mobile computing and communication (CSE 291).

    In his syllabus for the course, Schulman notes that students are learning about the challenges facing smartphones, wearables and smart devices that have overtaken PCs as the dominant platform for computing and communication. “Mobile devices have severely constrained energy capacity, their network connectivity is exclusively provided by unreliable, bandwidth-constrained wireless links, and they carry a standard set of sensors that are seemingly insufficient for certain applications and also can inadvertently leak private information about their users,” explained Schulman. “We discuss research that addresses the challenges introduced by the mobile platform by blurring the lines between traditional research areas in computer science.”

    In past work, Schulman has improved the efficiency of wireless networks, cellular network flexibility, and the energy efficiency of mobile applications. He also quantified residential Internet network reliability, made progress in securing the web’s public key infrastructure, and identified privacy leaks in mobile devices.

    Related Links

    Center for Networked Systems
    Aaron Schulman Website
    Deian Stefan Website

     

  • Former CSE/CNS Professor Elected to National Academy of Engineering

    Former UC San Diego computer science and engineering and Center for Networked Systems professor George Varghese has been elected to membership in the National Academy of Engineering. He is among the 84 new U.S. members (and 22 foreign members) elected to the organization in 2017. Varghese was cited for his contributions to “network algorithmics that make the Internet faster, more secure, and more reliable.”

    Professor George Varghese

    Varghese — who was on the UC San Diego faculty from 2000 to 2012 — is currently a Chancellor’s Professor in the Department of Computer Science at UCLA. He returned to the University of California in August 2016, roughly four years after stepping down from his full professorship at UC San Diego to work for Microsoft Research in Silicon Valley.

    More than a decade ago, while still at UC San Diego, Varghese took a leave of absence in 2004 to co-found NetSift, Inc., with his Ph.D. student Sumeet Singh (Varghese as president, Singh as NetSift’s chief scientist). The company developed automated techniques for learning and detecting attack signatures. Barely one year later, NetSift was acquired by Cisco Systems in 2005, and Varghese extended his faculty leave to help Cisco transition the NetSift technology to a 20-Gigabit-per-second chip called Hawkeye. (Singh went on to work for Cisco for seven years.) CNS co-director Stefan Savage co-authored some of the early work on the NetSift technology, as did Varghese’s Ph.D. student Cristian Estan, who is now at Google.

    Among Varghese’s honors, he received the Koji Kobayashi Award for Computers and Communications in 2014 for his work in network algorithmics and its applications to high-speed packet networks. The same year, he received the SIGCOMM Lifetime Award for “sustained and diverse contributions to network algorithmics, with far-reaching impact in both research and industry.”

    Varghese completed his Ph.D. at MIT in 1993, after doing his Master’s degree at North Carolina State. He did his undergraduate work at the Indian Institute of Technology (IIT) Bombay, which awarded Varghese its Distinguished Alumnus Award in 2015. In 2002 he was elected a Fellow of the ACM.

     

     

  • CNS Invites Applications for Second Alan Turing Memorial Scholarship; Feb. 6 Deadline
    Alan Turing

    The Center for Networked Systems (CNS) in UC San Diego’s Jacobs School of Engineering is once again looking for an undergraduate student who is interested in networked systems – and also active in supporting the LGBT community. “Our goal is to use this scholarship to further boost diversity and inclusiveness in the field of systems and networking and give undergraduates an opportunity to work on top-notch research projects before they get to grad school,” said CNS co-director George Porter, a professor in the Computer Science and Engineering department.

    CNS has invited undergraduates to apply for its Alan Turing Memorial Scholarship for the 2017-2018 academic year. The scholarship will be awarded this spring to a student majoring in a field that touches on networked systems, including computer science, computer engineering, public policy, communication or related programs.

    According to Porter, CNS will give preference to “students with demonstrated academic merit, financial need and experience or interest in research.”

    All applications must be submitted through the online application at https://ucsd.academicworks.com/ . Anyone with questions about the application process can get more information through the UC San Diego Scholarship Office by emailing to scholarships@ucsd.edu .  The application deadline is no later than Monday, February 6, 2017.

    In addition to the $10,000 scholarship, the recipient will have the opportunity to carry out guided research under the direction of one of CNS’s faculty mentors.

    The scholarship pays homage to Alan Turing, the British mathematician and founder of the computer science field whose code-breaking work contributed substantially to the Allied victory in World War II (notably by breaking Germany’s Enigma code). Turing’s brilliant career was tragically cut short after the war, when he suffered outright persecution for his activities as a gay man. He died by suicide in 1954.

    CNS is also making it easier for alumni, staff and other potential donors to give to the Alan Turing Memorial Scholarship fund with an outright gift or a payment pledge. Donations can be made online through the UC San Diego Online Giving portal. To give to the scholarship program, make your gift online at https://giveto.ucsd.edu/make-a-gift?id=a6a587f2-5000-4ca5-b643-ca84554e61bd&ct=t .

    Valeria Gonzalez was the recipient of the CNS Alan Turing Memorial Scholarship for 2016-2017.

    The first recipient of the $10,000 scholarship, Valeria Gonzalez, received the award last spring for the 2016-2017 academic year.  “It’s great to see the CNS is taking the initiative to highlight the importance of bringing diversity to computer science and engineering beyond ethnicity and the gender binary,” said Gonzalez on receiving the inaugural award. “The LGBT community encompasses people with an array of talents and abilities, people such as Alan Turing himself… and knowing that your LGBT identity is acknowledged and accepted not only lets you direct all your focus into working hard but also allows you to connect more with the community you’re part of.” A transfer student from Cypress College, a community college near Los Angeles, Gonzalez has been an undergraduate student researcher in the Integrated Electronics and Biointerfaces Laboratory of Electrical and Computer Engineering professor Shadi Dayeh. She has also been a leader in the UC San Diego Women’s Center, which promotes an inclusive and equitable campus community through the educational, professional and personal development of diverse groups of women.

    Read more about the Alan Turing Memorial Scholarship.

     

     

     

  • CNS at NSDI 2017: Innovating in Networked Systems

    Researchers affiliated with the Center for Networked Systems (CNS) at the University of California San Diego have been selected to present some of their most up-to-date research at the 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2017).

    CNS co-director George Porter

    NSDI focuses on the design principles, implementation and practical evaluation of networked and distributed systems. The annual conference will take place March 27-29, 2017, in Boston, MA, and four papers with co-authors from CNS and the Computer Science and Engineering (CSE) department of the Jacobs School of Engineering have been accepted for submission to the prestigious meeting.

    CNS co-director George Porter co-authored two of the papers. “NSDI is one of the most important conferences for us, because just like CNS, the symposium brings together researchers from across the networking and systems community,” said Porter. “Our papers accepted to the 2017 symposium are in line with NSDI’s stated goal of pushing architectural boundaries of network services, and promoting the research dialogue on networked systems.”

    vCorfu

    CSE Ph.D. student Michael Wei and CSE professor Steven Swanson have co-authored with VMware Research (where Wei is currently a researcher) and Princeton University a paper on “vCorfu: Large-Scale Data Stores over a Shared Log.”

    Ph.D. student Michael Wei is now a researcher at VMware.

    vCorfu is a strongly consistent, cloud- scale object store built over a shared log. It augments the traditional replication scheme of a shared log to provide fast reads, and vCorfu leverages a new technique – composable state machine replication – to compose large state machines from smaller ones. “This enables the use of state machine replication to be used efficiently in huge data stores,” said Wei. “We will show that vCorfu outperforms Cassandra, the popular, state-of-the-art NoSQL database for cloud apps It does so while also providing strong consistency in opacity and read-own-writes, efficient transactions, and global snapshots at the scale of the cloud.”

    vCorfu is available as an open-source project on Github at github.com/CorfuDB.

    Datacenter Fault Detection

    CSE Ph.D. student Arjun Roy expects to complete his doctorate in 2017, and he collaborated with his advisor, CSE professor Alex C. Snoeren, on the paper to be presented at NSDI on “Passive Realtime Datacenter Fault Detection.” It reflects joint work with Facebook researchers Hongyi Zeng and Jasmeet Bagga, who are also co-authors on the paper. (The two Facebook engineers previously co-authored a paper at SIGCOMM 2015 with Roy and professors Snoeren and Porter on “Inside the Social Network’s (Datacenter) Network”.) Roy also did internships at Facebook in the summers of 2012, 2013 and 2014.

    CSE Ph.D. student
    Arjun Roy

    According to the paper’s abstract, “datacenters are characterized by their large scale, stringent reliability requirements, and significant application diversity. However, the realities of employing hardware with small but non-zero failure rates mean that datacenters are subject to significant numbers of failures, subsets of packets can be dropped or delayed without triggering a fault signal, so traditional fault detection techniques (involving end-host or router-based statistics) may not identify such errors.

    In their paper, Roy and Snoeren describe how to expedite the process of detecting and localizing partial datacenter faults. It uses an end-host method generalizable to most datacenter applications. “We correlate transport-layer flow metrics and the delay incurred by network-input/output system calls at end hosts with the path that traffic takes through the datacenter,” said Roy. “Then we apply statistical analysis techniques to identify outliers and localize the faulty link and/or switch or switches.

    The paper will detail how the researchers evaluated their novel approach in a production datacenter (Facebook’s) carrying a workload servicing more than 100 million users.

    ExCamera

    In light of the massive explosion in video content on the Internet and for virtual reality, a team of two CSE Master’s students advised by professor George Porter has come up with a new approach to processing video with minimal delays.  Second-year M.S. student Karthikeyan Vasuki Balasubramaniam (who is Porter’s teaching assistant this quarter in CSE 124 on Networked Services) and recent graduate Rahul Bhalerao (M.S. ’16) have had experience in industry (both at Amazon — Balasubramaniam as an intern at Amazon Prime, and Bhalerao currently working at Amazon Web Services).

    M.S. student VB Karthikeyan (left) and CSE alumnus Rahul Bhalerao (M.S. ’16) co-authored the ExCamera paper with CNS co-director George Porter.

    The paper accepted to NSDI is entitled “Encoding, Fast and Slow: Low-Latency Video Processing Using Thousands of Tiny Threads.” In it, the researchers describe ExCamera, a system that can edit, transform and encode a video, including ultra-high-resolution 4K video (four times the resolution of high-definition TV) and stereoscopic virtual reality (VR) material, dozens of times faster than cutting-edge production systems at the largest providers.

    The co-authors lay claim to two major contributions. First, “our coauthors at Stanford developed a novel encoding strategy focusing on fine-grained parallelism, which is rather unique in the encoding space,” explained Balasubramaniam.

    Separately, noted Bhalerao, “ExCamera orchestrates encoding and other video-processing pipelines across the Amazon Web Services Lambda service. The system invokes thousands of threads in parallel, each handling only a fraction of a second of the video.”  The UC San Diego was done in collaboration with researchers at Stanford University.

    MegaSwitch

    MegaSwitch is a multi-fiber ring optical fabric that exploits space-division multiplexing across multiple fibers non-blocking communications that can be rearranged to 30-plus racks and 6,000-plus servers. CNS’s George Porter co-authored the paper on “Enabling Widespread Communications on Optical Fabric with MegaSwitch” with researchers at the Hong Kong University of Science and Technology, SUNY Buffalo, Yale University as well as Omnisense Photonics and CoAdna Photonics.  (No UC San Diego students worked on the paper.)

    According to Porter, “we were seeking an optical interconnect that can enable unconstrained communications within a computing cluster of thousands of servers.” Indeed, existing wired optical interconnects are not ideal for widespread communications in production clusters, and recent efforts to reduce the time it takes to reconfigure the optical circuit from milliseconds to microseconds only partially mitigated the problem (by rapidly time-sharing optical circuits across more nodes).

    “We were still limited by the total number of parallel circuits available simultaneously,” explained Porter. “However, we wanted to evaluate the potential of WDM to scale to a large number of endpoints.”

    Related Links

    USENIX Symposium on Networked Systems Design and Implementation http://www.usenix.org/conference/nsdi17
    Computer Science and Engineering Department http://cse.ucsd.edu/about/news/uc-san-diego-center-nsdi-2017-innovating-networked-systems

  • KC Claffy among “10 Women to Know in Networking/Communications”

    CNS faculty member and principal investigator/founding director of the Center for Applied Internet Data Analysis (CAIDA) at the San Diego Supercomputer Center (SDSC), KC Claffy, has been named to the second annual “10 Women in Networking/Communications That You Should Know” list.

    kc-claffy_n2women
    KC Claffy, CNS faculty member

    Now in its second year, the list is compiled and coordinated by N2 Women (Networking/Networking Women), a discipline-specific community for researchers in the communications and networking research fields. The organization’s main goal is to foster connections among under-represented women in computer networking and related research fields. The full list of this year’s award recipients can be found here.

    Nominations are solicited both from the N2Women community as well as through several mailing lists related to networking and communications. More than 150 people from around the world submitted nominations, resulting in over 140 distinct names of accomplished women in the field, according to the organization.

    A committee of five NWomen board members selected this year’s 10 honorees. “Many people from around the world submitted one or more nominations for this list, and it was very difficult to choose only 10 amazing women,” said Oana Iova, a postdoctoral researcher in the D3S  research group with the Department of Information Engineering and Computer Science (DISI)  at the University of Trento, Italy , and the awards co-chair who led the nomination and selection processes this year. “We focused on women who have had a major impact in networking and/or communications. We also wanted a list that reflected presented our diversity, and specifically the diversity in the area of networking/communications.”

    “I am honored to join such a distinguished group on this year’s N2 Women’s list,” said Claffy, who founded CAIDA in 1997 as a collaboration among commercial, government and academic research sectors to promote greater cooperation in the engineering and maintenance of a robust, scalable global internet infrastructure. “I encourage other women working in networking and communications to attend or help organize an N2Women event at their next ACM, IEEE, or other relevant conference or workshop.”

    Today, CAIDA’s research interests include internet cartography, or detailed analyses of the changing nature of the Internet’s topology, routing and traffic dynamics. CAIDA also investigates the implications of these changes on network science, architecture, infrastructure security and stability, and public policy.

    Earlier this year CAIDA was awarded a $1.4 million grant from the U.S. Department of Homeland Security to demonstrate and illuminate structural and dynamic aspects of the Internet infrastructure relevant to cybersecurity vulnerabilities. These aspects include macroscopic stability and resiliency analyses, grey markets for IPv4 addressing resources, and on-demand router-level topology inference.

    In 2015, Claffy received the IEEE Internet Award for her “seminal contributions to the field of Internet measurement, including security and network data analysis, and for distinguished leadership in and service to the Internet community by providing open-access data and tools,” according to a notice published by the institute .