CNS 2024 News
- CSE/CNS Researchers Earn Intel Award for Their Transformative Hardware Security Fix
Online browsing is a routine part of modern life. It’s also riddled with privacy risks. A joint academic and industry research team, led by computer scientists from the University of California San Diego, have proposed a simple and transformative extension to existing processors to mitigate security breaches.A team of eight professors, students, and alumni from the Jacobs School of Engineering’s Department of Computer Science and Engineering -and their co-authors were honored during the 2024 USENIX Security Symposium at an event recognizing the top papers in hardware security for the previous year. They were one of just three teams to receive an Intel Hardware Security Academic Award, earning honorable mention for their paper, Going beyond the Limits of SFI: Flexible and Secure Hardware-Assisted In-Process Isolation with HFI.
Hardware-assisted fault isolation, or HFI, is a minimally intrusive extension for existing processors which allows them to support, for the first time, efficient in-process isolation that is flexible, highly scalable, and secure even against speculative attacks like Spectre.
HFI overcomes the inability of modern page-based protection architectures to support fine-grain isolation, while concurrently addressing the limitations of software-based isolation (SFI) systems. SFI has been plagued by runtime overheads, poor scalability, vulnerability to attacks, and limited compatibility with existing code. HFI offers a path beyond these constraints.
To date, the team’s research has garnered a distinguished paper award at the 2023 Architectural Support for Programming Languages and Operating Systems conference and was selected as one of the top computer architecture papers of the year, to be recognized in the IEEE Micro Top Picks in Computer Architecture special issue.
In addition to researchers from Fastly, Rivos and Intel Labs, the following CSE co-authors contributed to the award-winning paper:
Tal Garfinkel, a UC San Diego researcher
Evan Johnson, a CSE/CNS PhD student
Daniel Moghimi, a former CSE postdoc
Shravan Narayan (PhD ’22), an assistant professor at The University of Texas at Austin (former CNS PhD Student)
Mohammadkazem Taram (PhD ’22), an assistant professor at Purdue University
Joey Rudek, a CSE PhD student
Deian Stefan, a CSE/CNS associate professor
Dean Tullsen, a CSE professor
This work was supported in part by a Sloan Research Fellowship; by the NSF under Grant Numbers CNS2155235, CNS-2120642, and CAREER CNS-2048262; by gifts from Intel, Google, and Mozilla; and by DARPA HARDEN under contract N66001-22-9-4017.By Kimberley Clementi
- CSE/CNS Professor Alex C. Snoeren among the new endowed chairs created recently at the Jacobs School of Engineering.
The Jacobs School of Engineering at the University of California San Diego is proud to announce the creation of 18 new endowed chairs. These endowed chairs will empower a world-class cohort of faculty to explore new and innovative research directions.
Irwin and Joan Jacobs made these 18 endowed chairs possible through their generous and visionary philanthropy which includes the School naming gift in 1998 and a gift of $110 million in 2003. It was the desire of Irwin Jacobs, and his wife, Joan, who passed away earlier this year, to name the 18 new endowed chairs in honor of early Jacobs School faculty who provided the strong foundations for today’s Jacobs School of Engineering.
“The Jacobs School of Engineering is internationally renowned for its teaching and research, changing the way we look at some of the world’s most pressing problems,” said Chancellor Pradeep K. Khosla. “We are grateful to Irwin and Joan Jacobs for their visionary support to establish these endowed chairs, which will help propel the leadership and global influence of the Jacobs School long into the future.”
Each new endowed chair professorship will include the name of a faculty member in engineering and computer science whose contributions to research and teaching have been instrumental in establishing the Jacobs School as one of the top engineering schools in the world.
“Creating endowed chairs is absolutely critical to our efforts to build and strengthen the Jacobs School’s world-class, innovation-driven community where engineers and computer scientists advance research and education for the public good,” said Albert P. Pisano, Dean of the UC San Diego Jacobs School of Engineering and Special Adviser to the Chancellor. “I am extremely grateful to Irwin and Joan for their incredible vision and generosity over the decades. For an engineering dean, having 18 new endowed chairs is a dream come true.”
Endowed chairs are one of the highest recognitions that can be awarded to a faculty member by their university. They are essential to recruiting, retaining and honoring top minds in academia. Endowed chairs come with annual funding that faculty can use to support graduate students or otherwise initiate new lines of creative research. This flexible funding is often game-changing when it comes to launching new cross-disciplinary research collaborations and generating preliminary results needed to successfully obtain multi-year research funding.
The 18 new endowed chairs are being filled by faculty from across each of the six academic departments at the UC San Diego Jacobs School of Engineering.
Celebrating early and foundational faculty
The 18 new endowed chairs are each named in honor of an early faculty member of the UC San Diego Jacobs School of Engineering, many of whom Irwin met following his joining the faculty in 1966. Irwin and Joan Jacobs’ desire to honor early faculty through the 18 new endowed chairs serves to connect the School’s past, present and future.
At the same time, these endowed chairs will recognize 18 existing Jacobs School faculty who are at the very top of their fields. These faculty chair holders are setting the tone for the Jacobs School of tomorrow, advancing engineering and computer science research and education, to help resolve the world’s pressing issues.
“It’s extremely rare to have the opportunity to create and fill such a large number of endowed chairs all at once. I’d like to express my heartfelt thanks to Irwin and Joan and to everyone who has been part of this project, which will have high-impact results in perpetuity,” said Pisano.
The new endowed chairs and their inaugural chair holders
The Jacobs School faculty who have thus far been named as inaugural holders of the new endowed chairs – and the names of the early faculty who are being honored – are listed below. The last few faculty appointments are pending.
Endowed chairs at the Jacobs School
“As part of our mission to advance engineering and computer science to solve many of the world’s toughest challenges, I am working hard to increase the total number of endowed chair professorships we have here at the Jacobs School of Engineering,” said Pisano. “Irwin and Joan have led the way with their generous philanthropy and my goal is to inspire others to join them in contributing to our efforts to create additional endowed chairs at the Jacobs School.”
These 18 new endowed chairs complement the existing 50 endowed chairs held by Jacobs School of Engineering faculty at UC San Diego. Of the 18 new endowed chairs is CNS faculty member Alex C. Snoeren who received the Peter Banks Endowed Chair in the Jacobs School of Engineering.
The other 17 are as follows:
Shu Chien-Gene Lay Department of Bioengineering
Pedro Cabrales
Alan M. Schneider Endowed Chair in the Jacobs School of EngineeringAdam Engler
Kenneth Bowles Endowed Chair in the Jacobs School of EngineeringJeff Hasty
Paul A. Libby Endowed Chair in the Jacobs School of Engineering
(Hasty also holds an appointment in the Department of Molecular Biology in the School of Biological Sciences)Aiiso Yufeng Li Family Department of Chemical and Nano Engineering
David Fenning
Francine Berman Endowed Chair in the Jacobs School of EngineeringPing Liu
William Coles Endowed Chair in the Jacobs School of EngineeringAndrea Tao
Jeanne Ferrante Endowed Chair in the Jacobs School of EngineeringDepartment of Computer Science and Engineering
Ryan Kastner
William Nachbar Endowed Chair in the Jacobs School of EngineeringLaurel Riek
David R. Miller Endowed Chair in the Jacobs School of Engineering
(Riek also holds an appointment in the Department of Emergency Medicine in the School of Medicine.)Department of Electrical and Computer Engineering
Tara Javidi
Jerzy (George) Lewak Endowed Chair in the Jacobs School of EngineeringFarinaz Koushanfar
Siavouche Nemat-Nasser Endowed Chair in the Jacobs School of EngineeringDepartment of Mechanical and Aerospace Engineering
Olivia Graeve
Elias Masry Endowed Chair in the Jacobs School of EngineeringJan Kleissl
Henry G. Booker Endowed Chair in the Jacobs School of EngineeringSonia Martinez-Diaz
Benjamin W. Zweifach Endowed Chair in the Jacobs School of EngineeringAdditional new chairs, including faculty in the Department of Structural Engineering, to be officially filled soon
Gilbert A. Hegemier Endowed Chair in the Jacobs School of Engineering
Mervyn Lea Rudee Endowed Chair in the Jacobs School of Engineering
Harold Sorenson Endowed Chair in the Jacobs School of Engineering
Jan Talbot Endowed Chair in the Jacobs School of Engineering
Story by:
Daniel Kane – dbkane@ucsd.edu - Research to Fix Apple AirTag Stalking
This clever new idea could fix AirTag stalking while maximizing privacy. Read the story about this work by Johns Hopkins cryptographer Matt Green, who worked on the research with a group of colleagues, including CNS Faculty Nadia Heninger: https://www.wired.com/story/apple-airtag-privacy-stalking-cryptographic-solution/
- Scammers Can Abuse Security Flaws in Email Forwarding to Impersonate High-profile Domains
Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego.
The issues researchers uncovered have a broad impact, affecting the integrity of email sent from tens of thousands of domains, including those representing organizations in the U.S. government–such as the majority of U.S. cabinet email domains, including state.gov, as well as security agencies. Key financial service companies, such as Mastercard, and major news organizations, such as The Washington Post and the Associated Press, are also vulnerable.
It’s called forwarding-based spoofing and researchers found that they can send email messages impersonating these organizations, bypassing the safeguards deployed by email providers such as Gmail and Outlook. Once recipients get the spoofed email, they are more likely to open attachments that deploy malware, or to click on links that install spyware on their machine.
Such spoofing is made possible by a number of vulnerabilities centered on forwarding emails, the research team found. The original protocol used to check the authenticity of an email implicitly assumes that each organization operates its own mailing infrastructure, with specific IP addresses not used by other domains. But today, many organizations outsource their email infrastructure to Gmail and Outlook. As a result, thousands of domains have delegated the right to send email on their behalf to the same third party. While these third-party providers validate that their users only send email on behalf of domains that they operate, this protection can be bypassed by email forwarding.
For example, state.gov, the email domain for the Department of State, allows Outlook to send emails on their behalf. This means emails claiming to be from state.gov would be considered legitimate if they came from Outlook’s email servers. As a result, an attacker can create a spoofed email–an email with a fake identity–pretending, for example, to come from the Department of State–and then forward it through their personal Outlook account. Once they do this, the spoofed email will now be treated as legitimate by the recipient, as it is coming from an Outlook email server.
Versions of this flaw also exist for five other email providers, including iCloud. The researchers also discovered other smaller issues that impact users of Gmail and Zohomail– a popular email provider in India.
Researchers reported the issue to Microsoft, Apple and Google but to their knowledge, it has not been fully fixed.
“That is not surprising since doing so would require a major effort, including dismantling and repairing four decades worth of legacy systems,” said Alex Liu, the paper’s first author and a Ph.D. student in the Jacobs School Department of Computer Science and Engineering at UC San Diego. “While there are certain short-term mitigations that will significantly reduce the exposure to the attacks we have described here, ultimately email needs to stand on a more solid security footing if it is to effectively resist spoofing attacks going forward.”
The team presented their findings at the 8th IEEE European Symposium on Privacy and Security, July 3 to 7, 2023, in Delft, where the work won best paper.
Different attacks
Researchers developed four different types of attacks using forwarding.
For the first three, they assumed that an adversary controls both the accounts that send and forward emails. The attacker also needs to have a server capable of sending spoofed email messages and an account with a third party provider that allows open forwarding.
The attacker starts by creating a personal account for forwarding and then adds the spoofed address to the accounts’s white list–a list of domains that won’t be blocked even if they don’t meet security standards. The attacker configures their account to forward all email to the desired target. The attacker then forges an email to look like it originated from state.gov and sends the email to their personal Outlook account. Then all the attacker has to do is forward the spoofed email to their target.
More than 12 percent of the Alexa 100K most popular email domains–the most popular domains on the Internet– are vulnerable to this attack. These include a large number of news organizations, such as the Washington Post, the Los Angeles Times and the Associated Press, as well as domain registrars like GoDaddy, financial services, such as Mastercard and Docusign and large law firms. In addition, 32% of .gov domains are vulnerable, including the majority of US cabinet agencies, a range of security agencies, and agencies working in the public health domain, such as CDC. At the state and local level, virtually all primary state government domains are vulnerable and more than 40% of all .gov domains are used by cities.
In a second version of this attack, an attacker creates a personal Outlook account to forward spoofed email messages to Gmail. In this scenario, the attacker takes on the identity of a domain that is also served by Outlook, then sends the spoofed message from their own malicious server to their personal Outlook account, which in turn forwards it to a series of Gmail accounts.
Roughly 1.9 billion users worldwide are vulnerable to this attack.
Researchers also found variations of this attack that work for four popular mailing list services: Google groups, mailman, listserv and Gaggle.
Potential solutions
Researchers disclosed all vulnerabilities and attacks to providers. Zoho patched their issue and awarded the team a bug bounty. Microsoft also awarded a bug bounty and confirmed the vulnerabilities. Mailing list service Gaggle said it would change protocols to resolve the issue. Gmail also fixed the issues the team reported and iCloud is investigating.
But to truly get to the root of the issue, researchers recommend disabling open forwarding, a process that allows users to configure their account to forward messages to any designated email address without any verification by the destination address. This process is in place for Gmail and Outlook. In addition, providers such as Gmail and Outlook implicity trust high-profile email services, delivering messages forwarded by these emails regardless.
Providers should also do away with the assumption that emails coming from another major provider are legitimate, a process called relaxed validation policies.
In addition, researchers recommend that mailing lists request confirmation from the true sender address before delivering email.
“A more fundamental approach would be to standardize various aspects of forwarding,” the researchers write. “However, making such changes would require system-wide cooperation and will likely encounter many operational issues.”
Methods
For each service, researchers created multiple test accounts and used them to forward email to recipient accounts they controlled. They then analyzed the resulting email headers to better understand which forwarding protocol the service used. They tested their attacks on 14 email providers, which are used by 46% of the most popular internet domains and government domains.
They also created mailing lists under existing services provided by UC San Diego, and by mailing list service Gaggle.
Researchers only sent spoofed email messages to accounts they created themselves. They first tested each attack by spoofing domains they created and controlled. Once they verified that the attacks worked, they ran a small set of experiments that spoofed emails from real domains. Still, the spoofed emails were only sent to test accounts the researchers created.
“One fundamental issue is that email security protocols are distributed, optional and independently configured components,” the researchers write. This creates a large and complex attack surface with many possible interactions that cannot be easily anticipated or administrated by any single party.“
Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy
Alex Enze Liu, Ariana Mirian, Grant Ho, Geoffrey M. Voelker and Stefan Savage, UC San Diego Department of Computer Science and Engineering
Gautam Akiwate, Stanford University
Mattijs Jonker, University of Twente, Netherlands
Media Contact:
Ioana Patringenaru – ipatrin@ucsd.edu - CNS in 2023: the Annual Research Review
By Kimberley Clementi
The Center for Networked Systems (CNS) held its annual CNS Research Review at the UC San Diego Computer Science and Engineering Building on May 4 and 5. Now in its second decade, the invitation-only event introduced leaders from Qualcomm, Microsoft, Google, Cisco, Amazon and six additional industry representatives to the latest research from CNS students and faculty.
The event included 18 research talks, eight two-minute lightening talks and nine poster presentations. A dinner reception was held at the 15th-floor meeting rooms at Seventh College, overlooking La Jolla’s scenic Black’s Beach. The event was hosted by Stefan Savage and George Porter, CNS co-directors and professors in the Department of Computer Science and Engineering.
“Our guests enjoy the CNS Research Review because it intersects with real-life challenges in their industries and broadens the depth and breadth of related research. At the same time, our students benefit from casual conversations with industry leaders,” said CNS Administrative Manager Jennifer Folkestad.
CNS has expertise across a wide range of applied research areas involving computer networking, systems, security and related policy. In each area, affiliated faculty and students address emerging real-world problems in partnership with member companies. The CNS Research Review mirrors this approach, providing CNS graduate students the opportunity to present a talk to industry guests and elicit insights on the practical problems addressed by their research.
Over the course of two days, research talks were presented by four CNS affiliated-faculty members: Amy Ousterhout, Geoffrey Voelker, and Earlence Fernandes from CSE and Christian Dameff, MD from the Department of Emergency Medicine. Fifteen CNS/CSE graduate students also gave talks, including (in order of appearance): Amanda Tomlinson, Alex Bellon, Zhiyuan Guo, Enze “Alex” Liu, Caleb Stanford, Zesen “Jason” Zhang, Audrey Randall, Yuhao Zhang, Kabir Nagrecha, Alex Yen, Tianyi Shan, Evan Johnson, Yibo Guo, Keegan Ryan and George Arnold Sullivan.
Event Webpage: https://cns.ucsd.edu/events/event/announcing-the-cns-research-review-may-4-and-5-2023/
https://cse.ucsd.edu/about/news/cns-2023-annual-research-review
- CNS Faculty Member Honored for Excellence in Semiconductor Design Research
CNS faculty member Tajana Šimunić Rosing, a leading researcher in accelerating big data in hardware using both novel machine learning techniques, such as hyperdimensional computing, and in- and near-memory and storage processing, will receive the 2022 University Research Award from the Semiconductor Industry Association (SIA) and the Semiconductor Research Corporation (SRC).
SIA and SRC present the University Research Awards annually to professors who demonstrate excellence in advancing research in semiconductor technology and design. Rosing, the Fratamico Endowed Chair in the Department of Computer Science and Engineering, was honored on November 17 in San Jose for excellence in design research. She is the first woman to receive this award since its inception in 1995.
- José Santana Sosa: First Recipient of Two Alan Turing Memorial Scholarships
By Kimberley Clementi
José Santana Sosa, a UC San Diego senior majoring in computer science, has received the 2022-2023 Alan Turing Memorial Scholarship from the Center for Networked Systems (CNS). He has also been named the inaugural recipient of CNS’s first ever Alan Turing Memorial Teradata Scholarship. This makes Santana Sosa the first student to receive both scholarships for a single school year.
CNS established the Alan Turing Memorial Scholarships to honor the memory of Alan Turing, the co-founder of computer science and a World War II era mathematician and cryptanalyst whose contributions to code breaking accelerated the Allied victory. After the war, Turing was persecuted for his orientation as a gay man. He died by suicide in 1954.
“Winning this scholarship is a great honor that deeply humbles me,” said Santana Sosa. “I am privileged to be part of this effort to bring visibility to the LGBTQ+ community and how impactful we have been throughout history.”
Santana Sosa, who moved to the United States from Venezuela, views the dual awards as validation of his many years of hard work. Prior to transferring to UC San Diego, Santana Sosa graduated from community college with an associate degree in mathematics. He recently interned with Apple in software engineering and with LPL Financial in technology and cyber security and, at one time, worked in an immigration law office helping others on their path to citizenship.
“Being an immigrant, Latinx, gay, first-generation transfer student, I understand how important and challenging it is to present your full, intersecting-self in academic and professional spaces. I am passionate about easing and supporting the way for others who are on a similar path,” said Santana Sosa.
Santana Sosa’s dedication to advancing underrepresented populations in science, technology, engineering and mathematics (STEM) is more than just talk. Currently, he is active in two engineering student organizations that support diversity in STEM: Society of Hispanic Professional Engineers (SHPE) and Out in STEM (oSTEM).
As Santana Sosa continues his CSE studies, he intends to prioritize human-centered design, developing software that solves and prevents problems for vulnerable populations. He hopes his contributions will disrupt the bias and inequality in computing and technology and improve the lives of individuals in marginalized groups. Santana Sosa also aspires to become a community college professor.
The Alan Turing Memorial Scholarship and the Alan Turing Memorial Teradata Scholarship are open to undergraduates who are active supporters of the LGBTQIA+ community and majoring in computer science, computer engineering, public policy, communications, and other programs touching on networked systems. They are awarded to students based on academic merit, with a preference for those with demonstrated financial need.
In February 2020, CNS reached its endowment goal of $250,000 for the Alan Turing Memorial Scholarship, for an annual award of $10,000. In 2021, the Teradata Corporation donated $50,000 to endow a second scholarship, the Alan Turing Memorial Teradata Scholarship, which gives an additional annual award of $2,000.
CSE is committed to diversity, equity, and inclusion efforts (DEI). Those interested in supporting scholarships related to those efforts can contact Jennie Morrow at jmorrow@eng.ucsd.edu. For more information about the Alan Turing Memorial scholarships, please contact Jennifer Folkestad at cns@eng.ucsd.edu.
- Most influential Paper of ICFP’12
Congratulations to CNS faculty member Deian Stefan for receiving the most influential paper of ICFP’12 award for “Addressing Covert Termination and Timing Channels in Concurrent Information Flow Systems.”
- USENIX Security ’22 Test-of-Time Award
Congratulations to CNS faculty member Nadia Heninger for her USENIX Security ’22 Test-of-Time award for her 2012 paper: “Mining your Ps and Qs: Detection of Widespread Weak Keys in Network Devices.” Nadia’s paper was also won the best paper award the year it was published. https://bit.ly/3RP4Izt.
- CORONAVIRUS JUMPED TO HUMANS AT LEAST TWICE AT WUHAN MARKET IN CHINA
Studies describe not only where the COVID-19 pandemic began, but the likelihood that the causative SARS-CoV-2 virus made the leap from animal hosts to people multiple times
August 24, 2022– In a pair of related studies, published online July 26, 2022 via First Release in Science, researchers at University of California San Diego, with colleagues on four continents, show that the origin of the COVID-19 pandemic in 2019 was at the Huanan Seafood Wholesale Market in Wuhan, China, and resulted from at least two instances of the SARS-CoV-2 virus jumping from live animal hosts to humans working or shopping there.The findings, first reported in February after the papers were posted online as preprints awaiting peer review, garnered international attention, primarily focusing on identifying the market as the early epicenter of the COVID-19 pandemic. The World Health Organization estimates that there have been more than 559 million confirmed cases of COVID-19 worldwide and 6.4 million deaths since the pandemic was declared in early 2020.
“It’s vital that we know as much about the origin of COVID-19 as possible because only by understanding how pandemics get started can we hope to prevent them in the future,” said Joel O. Wertheim, PhD, associate professor in the Division of Infectious Diseases and Global Public Health at UC San Diego School of Medicine, and a co-author on both papers.
But elemental to understanding pandemic origins is pinpointing not just where, but how, a pathogen successfully jumps from a non-human animal host to human, known as a zoonotic event.
“I think there’s been consensus that this virus did in fact come from the Huanan Market, but a strong case for multiple introductions hasn’t been made by anyone else yet,” said Wertheim, senior author of the study that posits the SARS-CoV-2 virus, which causes COVID-19, jumped from animals to humans at least twice and perhaps as many as two dozen times.
According to researchers, two evolutionary branches of the virus were present early in the pandemic, differentiated only by two differences in nucleotides — the basic building blocks of DNA and RNA.
Lineage B, which included samples from people who worked at and visited the market, became globally dominant. Lineage A spread within China, and included samples from people pinpointed only to the vicinity the market. If the viruses in lineage A evolved from those in lineage B, or vice versa, Wertheim said this would suggest SARS-CoV-2 jumped only once from animals to humans.
But work by Wertheim and collaborators found that the earliest SARS-CoV-2 genomes were inconsistent with a single zoonotic jump into humans. Rather, the first zoonotic transmission likely occurred with lineage B viruses in late-November 2019 while the introduction of lineage A into humans likely occurred within weeks of the first event. Both strains were present at the market simultaneously.
Researchers arrived at this conclusion by deciphering the evolutionary rate of viral genomes to deduce whether or not the two lineages diverged from a single common ancestor in humans. They used a technique called molecular clock analysis and an epidemic simulation tool called FAVITES, invented by Wertheim team member Niema Moshiri, an assistant professor of computer science at Jacobs School of Engineering at UC San Diego and study co-author.
“None of this could have been done without FAVITES,” said Wertheim.
Validation
In February 2022, researchers at the Chinese Center for Disease Control and Prevention published a long-delayed analysis of genetic traces of the earliest environmental samples collected at the market two years earlier.
The samples were obtained after the first reports of a new, mysterious illness and after the market had already been shut down. No live wild mammals were left at the market. Instead, Chinese researchers swabbed walls, floors and other surfaces, tested meat still in freezers, sampled sewers and caught mice and stray cats and dogs around the market.
Their findings confirmed the not-yet-published predictions of Wertheim’s team that Lineage A was also at the market.
“We felt validated, but what we felt more was immense pressure because they beat our preprint to the punch by about 12 hours, and we could only discuss their findings in light of ours,” Wertheim said. “We were also shocked that they had been sitting on evidence for lineage A at the market for over a year without realizing its importance.”
The newly published data, said study authors, are powerful evidence that the two viral lineages evolved separately and that multiple spillover events occurred. The Wuhan market reportedly contained a robust live wild animal business, with snakes, badgers, muskrats, birds and raccoon dogs (a canid indigenous to Asia) and other species sold for food. Wertheim said he believes there were likely many viral introductions. At least two successfully made the animal-human leap; other viral strains went extinct.
“While I’m hesitant to call it proof, what we presented is the most comprehensive explanation for the SARS-CoV-2 genomic diversity at the outset of the pandemic,” Wertheim said. “There are really no other good explanations for both of these strains being at the market except for multiple jumps into humans.”
(The findings undercut a circulating and persistent theory that the SARS-CoV-2 virus escaped from the Wuhan Institute of Virology, located a few miles from the market.)
Jonathan E. Pekar, a doctoral student in Bioinformatics and Systems Biology who co-led the project with Wertheim and is lead author, said the pandemic was likely looming for years, awaiting only for the opportunity when humans would come into contact with an animal host capable of transmitting the virus.
“Everything complicated happened before that introduction,” Pekar said. “The last step is just extended contact and transmission from hosts to humans. At that point, it would actually be unusual to only have one introduction. We’ve seen this before with MERS-CoV (a similar zoonotic virus). We’ve seen it with humans giving SARS-CoV-2 to minks on farms and then minks giving it back to humans.
“This has happened before, and it’s going to keep happening. Nature is a better lab than humans will ever be.”
In addition to Moshiri and Pekar, Katherine Izhikevich is a co-author and a master’s student in computer science and the Center for Networked Systems.
The latest study continues a series of published papers by Wertheim and colleagues investigating and chronicling the origin and spread of COVID-19.
In September 2020, they published data explaining how the first, few cases of novel coronavirus in North America and Europe quickly spread due to insufficient testing and contact tracing. In March 2021, Wertheim, Pekar and colleagues characterized the brief time-period during which SARS-CoV-2 could have circulated undetected before the first human cases in Wuhan.
Co-authors of “The molecular epidemiology of multiple zoonotic origins of SARS-CoV-2” include: Andrew Magee, Karthik Gangavarapu and Marc A. Suchard, all at UCLA; Edyth Parker, Nathaniel L. Matteson, Mark Zeller, Joshua I. Levy and Kristian G. Andersen, all at The Scripps Research Institute; Katherine Izhikevich, Jennifer L. Havens and Tetyana I. Vasylyeva, all at UC San Diego; Lorena Mariana Malpica Serrano and Michael Worobey, both at University of Arizona; Alexander Crits-Christoph, Johns Hopkins Bloomberg School of Public Health; Jade C. Wang and Scott Hughes, both at New York City Department of Health; Jungmin Lee, Heedo Park, Man-Seong Park, Korea University; Katherine Ching Zi Yan and Raymond Tzer Pin Lin, all at National Centre for Infectious Diseases, Singapore; Mohd Noor Mat Isa and Yusuf Muhammad Noor, both at Malaysia Genome and Vaccine Institute; Robert F. Garry, Tulane University; Edward C. Holmes, University of Sydney, Australia; and Andrew Rambaut, University of Edinburgh.
Funding for this research came, in part, from the National Institutes of Health (grants T15LM011271, 5T32AI007244-38, R01AI135992, R01AI136056, R01AI132223, R01AI132244, U19AI142790, U54CA260581, U54HG007480, OT2HL158260, R01AI153044, U19AI135995, U01AI151812 and UL1TR002550), the National Science Foundation (NSF-2028040), the Coalition for Epidemic Preparedness Innovation, the Wellcome Trust Foundation, Gilead Sciences, the European and Developing Countries Clinical Trials Partnership Programme, the European Research Council, the Australian Research Council Laureate Fellowship, the National Research Foundation of Korea, the Branco Weiss Fellowship, the Epidemiology and Laboratory Capacity (ELC) for Infectious Diseases Cooperative Agreement and the Centers for Disease Control and Prevention (6NU50CK000517-01-07).
Full studies:
The Hunan Seafood Wholesale Market in Wuhan was the early epicenter of the COVID-19 pandemic
The molecular epidemiology of multiple zoonotic origins of SARS-CoV-2
Media Contacts
Scott LaFee
UCSD Health Sciences
619-543-6163
slafee@ucsd.edu - CNS Espresso Prize for Excellence in Networking
The CNS Espresso Prize for Excellence in Networking was awarded by Professor Aaron Shalev to UCSD undergraduate students Yibo Wei, Dylan Ellsworth, and Joshua Kuschner for their outstanding final projects in CSE 123 (spring quarter 2022).
Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practices of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.
Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.
The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123 based on the criteria for the final project assigned each year.
Previous Recipients of the CNS Espresso Prize for Excellence in Networking:
2018 Undergraduate recipient: Weiyang Wang
2017 Undergraduate recipient: Christian Chung
2017 Undergraduate recipient: Yihan Zhang
2016 Undergraduate recipient: Conner Johnston
2014 Undergraduate recipient: Aaron Yip Ming Wong
2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
2013 Undergraduate recipient: Jacob Maskiewicz
2013 Graduate recipient: Vidya Kirupanidhi - CNS Corporate Members
The Center for Networked Systems welcomes Cisco, Google, and Qualcomm as new and renewed CNS Corporate Members. To learn more about CNS corporate membership please go here: https://cns.ucsd.edu/member-benefits/.
- STUDENT-CREATED VIDEO GAMES REVEAL TALENT, TEAMWORK AND TECHNICAL KNOW-HOW
A timed race between folding chairs and bean bags. A fast-paced beauty pageant where only one race car wins the crown. A farm with a dark twist. A game of cat and mouse. A magical battle in a medieval castle.
In a mere 10 weeks, that’s what computer science students in UC San Diego’s Department of Computer Science course CSE 125, dubbed the “video game class,” tackled with z-values, vectors, lines of code and 3D effects. Students pulled out all the bells and whistles – or at least digitally recorded soundtracks of them.
But what they learned went beyond fun and games. Students in CSE’s Software System Design and Implementation course spent spring quarter discussing both creative and highly technical questions related to their class project. The course emphasized the development process as well as one overarching goal: to design, build and implement a real-time, 3D multiplayer game as part of a team.
The popular course has been taught by CNS/CSE Professor Geoff Voelker for more than 20 years.
“On the first day of class in week one, we form five groups in the course,” said Voelker. “After we have everyone together, they start designing. They create a lot of concept art. They’re trying to picture what it is they want to be able to achieve. And then, by week two, they start implementing.”
From there, students have eight more weeks to decide on the features of their project, specify its requirements, create a schedule and implement their design. To make the course more exciting— and challenging— the groups give a public demonstration at the end of the course, which doubles as their final exam.
On June 3, team demos continued a long streak of engineering skill and pure entertainment. During the two-hour live event, five games – Chairioteers, Skrrt Skirt, Farmers Market, The Meoze Runner and Eternal Ritual – debuted on a large screen in the Qualcomm Institute auditorium in Atkinson Hall. Audience members were picked at random to play against members of the game’s development team.
“There’s really something magical that happens,” said Voelker. “By the end of the quarter, what’s really incredible is that it all comes together. It just looks amazing. Just incredible.”
Chairioteers
As Team One took the stage, they invited four competitors to grab their favorite chair and enjoy a quirky and spirited race across the UC San Diego campus. Inspired by “rollie chairs” in the CSE department (and by illicit late-night student races down its hallways), Chairioteers allowed players to select a classic swivel, a folding chair, a recliner or bean bag to race each other and the clock.
As players adjusted to the mechanics and speed of their selected chair, the Chairioteers’ game map zipped them past a gorgeous sunset, the iconic Geisel Library and the towering, multi-colored Sun God. A mini map on the top left helped players navigate the course. An original soundtrack, “Hold onto Your Seats,” played in the background.
That’s when an unexpected twist had players holding onto their seats for real. Audience members who scanned the QR code displayed on the screen could tweak the game in real-time. Every 15 seconds the audience voted on a web page to determine what happened to players in the game.
Chairioteers was written entirely in Rust, a programming language the team taught themselves during the first two weeks of class.
Skrrt Skirt
“Once upon a time, there were four cars. For the purposes of this story, we should give them names. How about Bill, Berry, Bevan and Bandrew,” began Emily Zhuang, prompting laughter, as the suggestions were playful adaptations of team member names.
Zhuang then introduced a fifth racecar, Baiden, named for yet another team member. But unlike the other cars, Baiden wore makeup, lipstick and a shiny, satin ribbon, which created a stir. All the cars wanted to look as fabulous as Baiden. They wondered which one of them could look the most glamorous.
With Mario Kart nostalgia and the unmistakable pink and pretty trappings of a beauty pageant, Skrrt Skirt’s creators set out to answer that question. The multi-player party game gave competitors one objective: to win and hold the pageant crown the longest.
Sporting lipstick, mascara, and girly flair, racecars collided, stole and used various power-ups, such as a hair dryer speed boost, to obtain the crown. As the race progressed, makeup dripped down the screen, inhibiting visibility. A bar at the bottom indicated when each car’s makeup had completely worn off, requiring a pit stop to touch-up lipstick and fully recharge.
Team Two built their game in C++ and used OpenGL, an application programming interface, as their graphics engine.
Farmers Market
As Team Three took the stage and guest players began selecting characters in Farmers Market, it appeared to be the beginning of another bucolic farming game: there was Bumbus the bunny, Swainky the frog and Gilman the pig. Then the team introduced Pogo – a ghostly character with a ghoulishly grinning pumpkin head – offering the first indication the game had a dark side, too.
“Obviously, a beautiful farming game happens a lot. So we decided to let the players poison each other’s crops, destroy each other’s farms and intoxicate each other,” said Danica Xiong.
“Farmers Market is a 3-D, third-person game where you can destroy your friendships or have a great time farming,” added Xiong. “Whoever makes the most money wins.”
While the timeclock ran, players purchased vegetable seeds at the shop and planted them on farm plots. Tomatoes, carrots and corn grew rapidly along with “super oats,” which could replenish stamina. As day turned to night, players harvested and sold crops to earn money and make additional purchases of seeds, water, watering cans and fertilizer.
That was one strategy. The shop had other merchandise for sale, too. Sabotage items – nets, shovels and poison – equipped players to steal veggies and destroy farm plots. They could also purchase items to inhibit their opponents’ abilities.
The Meoze Runner
Team Four loaded The Meoze Runner onto the auditorium screen, displaying a long, lean cat that stood at one end of a complex maze. Meanwhile, a team of three animated mice prepared to run the network of pathways and complete a series of tasks representing the UC San Diego campus and the steps to successfully graduate.
This game of cat and mouse took audience members on a one-of-a-kind tour of UC San Diego, providing a mouse-eye view of iconic landmarks such as Geisel Library and Fallen Star. While one mouse searched the maze for a diploma and delivered it to the goal, the other two mice had stationary tasks to complete, such as stacking books and matching cards in a memory game.
To win, the mice had to finish all three tasks before time ran out. To do this, they had to elude the cat. While the mice held an advantage in numbers, the cat was designed to move with more speed. Sound effects of meows and squeaks intensified the action, each time the cat drew close to its prey.
“It looks like one of our mice dropped some ketchup. That is horrible,” exclaimed Aidan Denlinger as the cat caught and killed a mouse before disappearing into the maze. “This gives the cat a bit of a horror element. You don’t know when it’s going to come out.”
Eternal Ritual
The scene was a medieval castle. Two twin elves crouched expectantly in an elevator as it slowly descended a tower to the courtyard below. The doors opened to a dark, dramatic sky. Somewhere in the shadows lurked the enemy: a team of elfin beauties equipped in the deadly arts of pure magic.
This was the realistic playground created by Team Five for Eternal Ritual. As game play began, two teams of elves stealthily hunted each other in the courtyard. The characters ran and dropped into forward rolls, all smoothly animated, to move faster and avoid taking damage. The left side of the screen displayed four types of magic the players could switch through as they battled the opposing team.
“The first magic is shooting fireballs,” explained Kelin Lyu as two players from the audience competed against members of Team Five. “The fireball collides with the terrain and deals damage only to your enemies.”
“The second magic is a chilling storm that deals continuous damage. It consists of many different types of particle systems to create the clouds, the dust, and the lighting. The third one creates lightening as a super fancy light and particle system, which is really cool. The last one is the ultimate,” said Lyu, as players cast a fire-breathing dragon head like an extension of their elf’s arm.
“It deals a lot of damage but consumes all your energy – just like CSE 125,” he added to knowing laughter from the audience.
Team Five developed their own powerful game engine, an OpenGL engine written in C++, to support the functionalities of their game and to render 3D objects above user interface (UI) elements.
Written By Kimberley Clementi
- BLUETOOTH SIGNALS CAN BE USED TO IDENTIFY AND TRACK SMARTPHONES
A team of engineers at the University of California San Diego has demonstrated for the first time that the Bluetooth signals emitted constantly by our mobile phones have a unique fingerprint that can be used to track individuals’ movements.
Mobile devices, including phones, smartwatches and fitness trackers, constantly transmit signals, known as Bluetooth beacons, at the rate of roughly 500 beacons per minute.These beacons enable features like Apple’s “Find My” lost device tracking service; COVID-19 tracing apps; and connect smartphones to other devices such as wireless earphones.
Prior research has shown that wireless fingerprinting exists in WiFi and other wireless technologies. The critical insight of the UC San Diego team was that this form of tracking can also be done with Bluetooth, in a highly accurate way.
“This is important because in today’s world Bluetooth poses a more significant threat as it is a frequent and constant wireless signal emitted from all our personal mobile devices,” said Nishant Bhaskar, a Ph.D. student in the UC San Diego Department of Computer Science and Engineering and the Center for Networked Systems and one of the paper’s lead authors.
The team, which includes researchers from the Departments of Computer Science and Engineering and Electrical and Computer Engineering, presented its findings at the IEEE Security & Privacy conference in Oakland, Calif., on May 24, 2022.
All wireless devices have small manufacturing imperfections in the hardware that are unique to each device. These fingerprints are an accidental byproduct of the manufacturing process. These imperfections in Bluetooth hardware result in unique distortions, which can be used as a fingerprint to track a specific device. For Bluetooth, this would allow an attacker to circumvent anti-tracking techniques such as constantly changing the address a mobile device uses to connect to Internet networks.
Tracking individual devices via Bluetooth is not straightforward. Prior fingerprinting techniques built for WiFi rely on the fact that WiFi signals include a long known sequence, called the preamble. But preambles for Bluetooth beacon signals are extremely short.
“The short duration gives an inaccurate fingerprint, making prior techniques not useful for Bluetooth tracking,” said Hadi Givehchian, also a UC San Diego computer science Ph.D. student and a lead author on the paper.
Instead, the researchers designed a new method that doesn’t rely on the preamble but looks at the whole Bluetooth signal. They developed an algorithm that estimates two different values found in Bluetooth signals. These values vary based on the defects in the Bluetooth hardware, giving researchers the device’s unique fingerprint.
Real-world experiments
The researchers evaluated their tracking method through several real-world experiments. In the first experiment, they found 40% of 162 mobile devices seen in public areas, for example coffee shops, were uniquely identifiable. Next, they scaled up the experiment and observed 647 mobile devices in a public hallway across two days. The team found that 47% of these devices had unique fingerprints. Finally, the researchers demonstrated an actual tracking attack by fingerprinting and following a mobile device owned by a study volunteer as they walked in and out of their house.
Challenges
Although their finding is concerning, the researchers also discovered several challenges that an attacker will face in practice. Changes in ambient temperature for example, can alter the Bluetooth fingerprint. Certain devices also send Bluetooth signals with different degrees of power, and this affects the distance at which these devices can be tracked.
Researchers also note that their method requires an attacker to have a high degree of expertise, so it is unlikely to be a widespread threat to the public today.
Despite the challenges, the researchers found that Bluetooth tracking is likely feasible for a large number of devices. It also does not require sophisticated equipment: the attack can be performed with equipment that costs less than $200.
Solutions and next steps
So how can the problem be fixed? Fundamentally, Bluetooth hardware would have to be redesigned and replaced. But the researchers believe that other, easier solutions can be found. The team is currently working on a way to hide the Bluetooth fingerprints via digital signal processing in the Bluetooth device firmware.
Researchers are also exploring whether the method they developed could be applied to other types of devices. “Every form of communication today is wireless, and at risk,” said Dinesh Bharadia, a professor in the UC San Diego Department of Electrical and Computer Engineering and one of the paper’s senior authors. “We are working to build hardware-level defenses to potential attacks.”
Researchers noticed that just disabling Bluetooth may not necessarily stop all phones from emitting Bluetooth beacons. For example, beacons are still emitted when turning off Bluetooth from the control center on the home screen of some Apple devices. “As far as we know, the only thing that definitely stops Bluetooth beacons is turning off your phone,” Bhaskar said.
Researchers are careful to say that even though they can track individual devices, they are not able to obtain any information about the devices’ owners. The study was reviewed by the campus’ Internal Review Board and campus counsel.
“It’s really the devices that are under scrutiny,” said Aaron Schulman, a UC San Diego computer science professor and one of the paper’s senior authors.
Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices
Dinesh Bharadia, UC San Diego Department of Electrical and Computer Engineering
Nishant Bhaskar, Hadi Givehchian, Aaron Schulman, UC San Diego Department of Computer Science and Engineering
Christian Dameff, UC San Diego Department of Emergency Medicine
Eliana Rodriguez Herrera Hector Rodrigo Lopez Soto, UC San Diego ENLACE Program.
Media Contacts
Ioana Patringenaru
Jacobs School of Engineering
858-822-0899
ipatrin@ucsd.edu - A QUARTER OF WORLD’S INTERNET USERS RELY ON INFRASTRUCTURE THAT IS SUSCEPTIBLE TO ATTACK
About a quarter of the world’s Internet users live in countries that are more susceptible than previously thought to targeted attacks on their Internet infrastructure. Many of the at-risk countries are located in the Global South.
That’s the conclusion of a sweeping, large-scale study conducted by computer scientists at the University of California San Diego, which recently received the Best Dataset at the Passive and Active Measurement Conference (PAM 2022). The researchers surveyed 75 countries.
“We wanted to study the topology of the Internet to find weak links that, if compromised, would expose an entire nation’s traffic,” said Alexander Gamero-Garrido, the paper’s first author, who earned his Ph.D. in computer science at UC San Diego.
The structure of the Internet can differ dramatically in different parts of the world. In many developed countries, like the United States, a large number of Internet providers compete to provide services for a large number of users. These networks are directly connected to one another and exchange content, a process known as direct peering. All the providers can also plug directly into the world’s Internet infrastructure.
“But a large portion of the Internet doesn’t function with peering agreements for network connectivity,” Gamero-Garrido pointed out.
In other nations, many of them still developing countries, most users rely on a handful of providers for Internet access, and one of these providers serves an overwhelming majority of users. Not only that, but those providers rely on a limited number of companies called transit autonomous systems to get access to the global Internet and traffic from other countries. Researchers found that often these transit autonomous system providers are state owned.
This, of course, makes countries with this type of Internet infrastructure particularly vulnerable to attacks because all that is needed is to cripple a small number of transit autonomous systems. These countries, of course, are also vulnerable if a main Internet provider experiences outages.
In the worst case scenario, one transit autonomous system serves all users. Cuba and Sierra Leone are close to this state of affairs. By contrast, Bangladesh went from only two to over 30 system providers, after the government opened that sector of the economy to private enterprise.
This underlines the importance of government regulation when it comes to the number of Internet providers and transit autonomous systems available in a country. For example, researchers were surprised to find that many operators of submarine Internet cables are state-owned rather than privately operated.
Researchers also found traces of colonialism in the topology of the Internet in the Global South. For example, French company Orange has a strong presence in some African countries.
Researchers relied on Border Gateway Protocol data, which tracks exchanges of routing and reachability information among autonomous systems on the Internet. They are aware that the data can be incomplete, introducing potential inaccuracies, though these are mitigated by the study’s methodology and validation with real, in-country Internet operators.
Next steps include looking at how critical facilities, such as hospitals, are connected to the Internet and how vulnerable they are.
Quantifying Nations’ Exposure to Traffic Observation and Selective Tampering (PDF), authored by: Alberto Dainotti (now at Georgia Institute of Technology), Alexander Gamero-Garrido (now at Northeastern University), Bradley Huffaker and Alex C. Snoeren, University of California San Diego, Esteban Carisimo, Northwestern University, Shuai Hao, Old Dominion University.
Written By Ioana Patringenaru
- CSE’S NSF PHD RESEARCH FELLOWS
Four graduate students in the UC San Diego Department of Computer Science and Engineering have received prestigious National Science Foundation (NSF) Research Fellowships. The new fellows will receive a $34,000 annual stipend for three years, a $12,000 education allowance to cover tuition and fees, and numerous professional development opportunities.
Founded in 1951, the NSF Graduate Research Fellowship Program is the country’s oldest effort to support graduate STEM students. Learn about the new NSF fellows from CSE and the research they are conducting.
Alex Trevithick
Advised by Ravi Ramamoorthi, Trevithick works in the UC San Diego Center for Visual Computing and is developing advanced techniques to extrapolate novel views from a single input. He combines an approach called neural radiance fields for view synthesis (NeRF) with other techniques to infer colors and geometries in unseen regions. His long-term goals are to advance visual intelligence, creating views from occluded parts of images. The project can be applied in robotic locomotion and other areas.
Alisha Ukani
Network measurement provides insights into the performance of critical infrastructure, such as large scale data centers, making services faster and more reliable and better tailoring them to users’ needs.
Advised by Alex Snoeren, Ukani analyzes network traffic and reliability data. Her work has provided new insights into people’s online behaviors during COVID-19, as well as helping detect data center outages more quickly at Google. Ukani wants to continue her measurement research to improve people’s Internet experiences.
Olivia Weng
Weng focuses on using hardware/software co-design to create efficient, fault-tolerant computer architectures for machine learning. One example is the Large Hadron Collider, where physicists need hardware that will process millions of particle collisions per second. Her research will allow their hardware, and the machine learning software that runs on it, to meet these intense computing demands while resisting radiation.
Weng is supported by her advisor, Ryan Kastner. This award will allow her to freely collaborate with researchers in particle physics, machine learning and computer architecture.
Alex Yen
Yen’s work focuses on infrastructure analyses, and he is now investigating a large-scale Internet-of-Things (IoT) network built by Helium. Advised by Pat Pannuto, Yen and colleagues want to better understand the network’s operation, adoption, performance and efficacy. He is also working on analyzing electric grid infrastructure, building a camera-based system that uses machine learning and computer vision to examine grids, particularly in developing nations. By analyzing images from street and house lights, he and colleagues can infer grid properties.
Written by Josh Baxt
- CNS Research Review
The Center for Networked Systems (CNS) held its 30th CNS Research Review on April 29. This annual event included CNS corporate partners, faculty and graduate students. There were research talks by Audrey Randall, Lixiang Ao, Alex Liu, Jennifer Switzer, Alex Yen and Alex Forencich and two-minute lightning talks presented by ten graduate students.
SkySafe founder and CEO Grant Jordan, who studied at CSE, gave the keynote, focusing on the challenges of tracking drones in critical airspace. With hundreds of drones in its fleet, Skysafe has reverse- engineered these complex machines to better understand how they operate and interact.
Jordan discussed what it takes to build these systems, as well as the infrastructure needed to boost drone use for good and discourage careless, clueless and criminal elements. The industry is also embracing data analytics/coordination, AI, ML, normalizing data, sensor fusion and improved reverse engineering.
- YUANYUAN ZHOU HONORED FOR BUG WORK
In 2008, multicore processors, in which two or more processing units are embedded into an integrated circuit, were exploding in popularity. However, multicores spawned their own unique programming challenges.
University of California San Diego computer scientist Yuanyuan (YY) Zhou realized the enormous task in front of researchers: writing software to take advantage of those multiple CPUs could have a lot of bugs.
A professor in the Department of Computer Science and Engineering and the Qualcomm Endowed Chair, Zhou has now been honored with an Architectural Support for Programming Languages and Operating Systems (ASPLOS) 2022 most influential paper for her 2008 study: Learning from mistakes: a comprehensive study on real world concurrency bug characteristics.
“To take advantage of the multiple CPUs, we needed to make our software with multiple threads running in parallel,” said Zhou. “But when you write that kind of program, they can have a lot of bugs, which really concerned people at the time.”
One of the main issues was concurrency bugs, which happen when two programs are run simultaneously. In the study, Zhou and her team catalogued the types of bugs people were experiencing. They found that around a third of these problems were not adequately addressed by existing debugging tools. In addition, many of the potential fixes for these bugs did not always work.
Concurrency issues were proving to be a huge drag on programming efficiency in multicore processors. So many bugs to fix and so few effective mechanisms to fix them.
Practical Fixes
The paper provided a path forward for programmers at Microsoft and many other companies to write code more effectively for multicore processors, but it almost didn’t happen. Zhou was presenting some other work to Intel when they recommended that she publish the findings of their empirical studies on real-world concurrency bugs.“The Intel people told us that would be more interesting, both in the academic world and to companies like Intel and Microsoft,” said Zhou. “We realized they were right and this study would be more relevant and would address an important problem. So, it was really almost accidental that we did this paper at all.”
The paper continues to be important, as mobile apps also use multiple threads, necessitating robust tools to help detect and root out concurrency bugs. Still, despite its ongoing relevance, Zhou was surprised the paper was selected this year as most influential.
“I know it’s one of the top cited papers at ASPLOS, but I didn’t expect them to select it,” said Zhou. “Initially, I didn’t even intend to write it. So, this was really nice and a surprise.”
Written By Josh Baxt
- Virtual Machine Snapshots with FaaSnapVirtual machine (VM) snapshots are a promising way to solve the cold start problem in serverless computing (FaaS). Serverless platforms can avoid the slow VM booting and initialization by using on-disk snapshots. However, due to the speed requirements associated with guest memory accesses and the unpredictable nature of FaaS applications, loading snapshots to memory can be challenging.Recently, PhD student Lixiang Ao, along with George Porter and Geoffrey Voelker, published FaaSnap: FaaS Made Fast Using Snapshot-based VMs, which tackles the snapshot loading problem.FaaSnap uses a set of complimentary optimizations, including concurrent paging, per-region memory mapping and compact loading set files, to improve snapshot loading performance. FaaSnap improves end-to-end performance for on-disk snapshots by up to 3.5 times and is only 3.5% slower than snapshots cached in memory. This paper is being presented this week at EuroSys 2022
- IRR vs. RPKI
For many years, the Internet Routing Registry (IRR) has been one of the primary mechanisms to protect against unauthorized rerouting of Internet traffic. However, IRR databases are not strictly authenticated. In 2012, the Resource Public Key Infrastructure (RPKI) was deployed as a more secure alternative. The RPKI boosts information integrity but also adds complexity and cost, limiting its growth.
Recently, PhD student Ben Du, along with Alex C. Snoeren and KC Claffy, published IRR Hygiene in the RPKI Era, which explores the dynamics between RPKI and IRR. The team compared the completeness and consistency of the IRR and RPKI databases and studied the underlying causes of the inconsistencies to better understand how the ecosystem is evolving. This paper will be presented at the Passive and Active Measurement Conference (PAM) 2022 in March.
- Deian Stefan Receives 2022 Sloan Research Fellowship
Deian Stefan, a CSE assistant professor, and a CNS Faculty member is part of the 2022 class of 118 Sloan Research Fellows, the Alfred P. Sloan Foundation announced Feb. 15, 2022.
The Sloan Research Fellowships are one of the most competitive and prestigious awards available to early career researchers. The fellowships honor extraordinary U.S. and Canadian researchers whose creativity, innovation, and research accomplishments make them stand out as the next generation of leaders.
Deian Stefan received his Ph.D. in computer science at Stanford. His research interests span security, programming languages and systems. Recently, his work with collaborators has led to the development of tools to make web browsers safer, including technology that is part of the newest Firefox release.
In all, 143 faculty at the University of California San Diego have received a Sloan Research Fellowship since they were awarded first in 1955.
Full article: https://ucsdnews.ucsd.edu/pressrelease/SloanFellows2022
- A MEGA ACHIEVEMENT: TWO UC SAN DIEGO STUDENTS NAMED 2022 META PHD RESEARCH FELLOWS
The University of California San Diego boasts two of this year’s 2022 Meta PhD Research Fellows—37scholars selected from a pool of 2,300 applicants worldwide.
As fellows, Department of Computer Science and Engineering (CSE) and Center for Networked Systems (CNS) Ph.D. students Stewart Grant and Kabir Nagrecha will be able to present their own research, learn about current research at Meta, as well as receive tuition and fees for up to two years and a $42,000 stipend.
Stewart Grant is a fourth-year Ph.D. student working with CNS/CSE Professor Alex Snoeren as part of the SysNets Group. His research interests are at the intersection of distributed systems, networking, and operating systems. He is currently focused on finding practical solutions for resource disaggregation using commodity programmable network devices. This work explores techniques for accelerating one-sided RDMA on passive banks of memory.
“If research was not fun I’d likely not be doing it, so I’m very grateful that my environment lets me play and work at the same time. This fellowship has made me consider more deeply the practicality of my work, who may benefit from it, and what path I should consider going forward. It’s all been very… meta,” said Grant.
Kabir Nagrecha is a first-year Ph.D. student in the Databases Lab, where he is advised by CNS/CSE Associate Professor Arun Kumar. He received competitive Ph.D. fellowships from both CSE and UC San Diego’s Halıcıoğlu Data Science Institute (HDSI). His research focuses on developing systems to enable scalable and efficient deep learning model building and deployment. He aims to amplify the impact of Machine Learning and enable new applications by creating the infrastructure to support large-scale operations.
“I’m glad to have been honored with such a selective and prestigious award. But more than that, what excites me are the opportunities for the future. The fellowship gives me a great channel through which I can collaborate with researchers at Meta,” he said. “I’m hoping to use the fellowship to explore industry-relevant applications of my work as well as connect with experts in my domain who can help provide insight and guidance as my research career progresses.”
Origin Story Posted Here: https://cse.ucsd.edu/about/news/mega-achievement-two-uc-san-diego-students-named-2022-meta-phd-research-fellows
- CHANGE MAKERS OF CSE: KC CLAFFY (PHD ’94) AND THE EVOLVING INTERNET
Kimberly (KC) Claffy had just completed her PhD in UC San Diego’s Department of Computer Science and Engineering when she noticed a problem: internet measurement data for scientific research might not always be available. The problem showed up soon after she graduated in 1994 when NSFNET, the National Science Foundation-funded Internet backbone infrastructure project, was decommissioned.
“I wrote my dissertation on data about the Internet, but when I graduated, the data source, and in fact the entire NSFNET infrastructure, went away,” said Claffy, director of the Center for Applied Internet Data Analysis (CAIDA) at the San Diego Supercomputer Center, an adjunct professor in the Department of Computer Science and Engineering and an inductee into the Internet Hall of Fame.
“I was concerned it would be impossible to conduct scientific studies on the Internet because the data would be behind proprietary doors of companies that were operating in an extremely competitive environment,” she said.
The Internet was going through some rapid changes in the mid-90s. In the early 1980s, the Department of Defense (DOD), which created the original ARPANET, realized much of the traffic was not military and wanted to transition the technology out of DOD. This early Internet had become an incredibly important channel for researchers to share their work and the NSF wanted to help maintain this capability.
Because UC San Diego hosted an NSFNET backbone node, it was an ideal place to conduct research. Claffy founded CAIDA in 1997 to support large-scale data collection, curation and sharing, part of a global effort to develop the still-young discipline of Internet cartography.
“Researchers were not going to be able to study how networks really operated, what traffic or topology looked like, how it was evolving,” said Claffy. “The data gap was daunting, as the Internet industry rocketed forward, and I wanted to make sure researchers could study real networks and not just rely only on testbeds and simulation tools.”Data to Inform Public Policy
The 1990s were an historically laissez-faire period for U.S. communications policy. Today, however, the U.S. government is recognizing there are harms on the Internet that merit attention to safeguard the public interest.
However, what government regulations might look like, and how they would work across national boundaries, are open questions. A recent CAIDA initiative has focused on mapping on-line harms to measurements and data to inform scientific security studies, policy debates and assessments.
“The challenges of understanding and managing complex critical infrastructure are not unique to the Internet,” said Claffy. “But other critical infrastructures have entire agencies dedicated to oversight, including measurement where appropriate. The Internet is not so amenable to that kind of oversight. Privacy-respecting sharing of measurement data will be an essential part of transparency and accountability mechanisms to support the security and trustworthiness of the Internet infrastructure.”Finding a Home at UC San Diego
Claffy and CAIDA have several ongoing projects, primarily focused on building a more trustworthy Internet infrastructure by enabling infrastructure transparency and accountability through science, technology and policy (for data sharing) capabilities.
Claffy considers herself lucky to have been in the right place at the right time to found CAIDA, conduct interesting work and stay at UC San Diego.
“I’m not sure I could have created the group I created and pursued the projects I have anywhere else but UC San Diego,” she said. “The network and security research group in CSE is more impressive every year. It has been such a privilege to be a part of this community.” - Turing Scholarship Deadline
Applications for the Alan Turing Memorial Scholarships are due by March 2. The scholarship is for enrolled UC San Diego undergraduates who actively support the LGBTQIA+ community and major in computer science, computer engineering, public policy, communications or other programs that touch on networked systems.
- Gautam Akiwate Receives the Applied Networking Research Prize
Gautam Akiwate won the Applied Networking Research Prize for his work on the paper “Risky BIZness: Risks Derived from Registrar NameManagement”.
This is an award that the Internet Research Task Force (the research arm of the IETF, which manages the Internet standards) awards each year selected from papers nominated across the field of networking.
This is the second year in a row for UCSD to win the prize (CNS/CSE Ph.D. student Audrey Randall won last year for her paper “Trufflehunter: Cache Sniffing Rare Domain Usage in Large Public DNS Resolvers”).
- TWO UC SAN DIEGO COMPUTER SCIENTISTS NAMED AS 2021 ACM FELLOWS
Two computer scientists from the University of California San Diego have been elected as fellows of the Association for Computing Machinery (ACM), the association announced today. They are among the 71 new fellows recognized by the ACM, the world’s largest educational and scientific computing society.
The ACM Fellows program recognizes the top 1% of ACM Members for their outstanding accomplishments in computing and information technology and/or outstanding service to ACM and the larger computing community. The 2021 Fellows represent universities, corporations, and research centers in Belgium, China, France, Germany, India, Israel, Italy, and the United States.
The 2021 UC San Diego ACM Fellows are:
- Ranjit Jhala, for contributions to software verification
- Tajana Šimunić Rosing, for contributions to power, thermal, and reliability management
“Ranjit and Tajana truly represent our department’s commitment to conducting impactful research and education. We are incredibly proud of their accomplishments, which benefit our community and the world, and are pleased they are being recognized with such a great honor,” said UC San Diego Department of Computer Science and Engineering (CSE) Chair Sorin Lerner.
Ranjit Jhala’s research interests include programming languages and software engineering to develop techniques for building reliable computer systems. His work draws from, combines and contributes to the areas of: Type Systems, Model Checking, Program Analysis and Automated Deduction. He is part of the Programming Systems Group in CSE, which focuses on developing new languages, compilers, program analysis techniques and development environments for making software systems easier to build, maintain and understand.
He joined CSE in 2005.Tajana Šimunić Rosing is the director of the System Energy Efficiency Lab at UC San Diego. Her research interests are in energy efficient computing, cyber-physical and distributed systems. The projects she leads include efforts funded by the Defense Advanced Research Projects Agency (DARPA) and the Semiconductor Research Corporation (SRC) that focus on design of accelerators for analysis of big data; an SRC and NSF-funded projects related to Hyperdimensional Computing; and a National Science Foundation- funded project on the optimization of COVID-19 sequence analysis.
She joined CSE in 2005.The addition of Jhala and Rosing brings to 14 the number of ACM Fellows among active faculty in the CSE department. Prior honorees included professors Victor Vianu (2006), Pavel Pevzner (2010), Stefan Savage (2010), Dean Tullsen (2011), Andrew Kahng (2012), Yuanyuan Zhou (2013), Mihir Bellare (2013), Rajesh Gupta (2016), Ravi Ramamoorthi, Alexander Vardy and Geoffrey Voelker (2017) and Alex Snoeren (2018).
Written By Katie E. Ismael
- UC ADOPTS RECOMMENDATIONS FOR THE RESPONSIBLE USE OF ARTIFICIAL INTELLIGENCE
The University of California has adopted a set of recommendations to guide the safe and responsible deployment of artificial intelligence in UC operations and three researchers at UC San Diego were involved with the effort.
UC becomes one of the first universities in the nation to establish overarching principles for the responsible use of artificial intelligence (AI) and a governance process that prioritizes transparency and accountability in decisions about when and how AI is deployed.
The recommendations were developed by the University of California Presidential Working Group on Artificial Intelligence. The group was launched in 2020 by UC President Michael V. Drake and former UC President Janet Napolitano to assist UC in determining a set of responsible principles to guide procurement, development, implementation, and monitoring of artificial intelligence (AI) in UC operations.
The group included three UC San Diego faculty: Nadia Henninger is an associate professor in the Department of Computer Science and Engineering (CSE) whose work focuses on cryptography and security; Lawrence Saul is a professor in CSE whose research interests are machine learning and data analysis; Camille Nebeker is a professor who co-founded and directs the Research Center for Optimal Digital Ethics Health at UC San Diego.
The working group developed a set of UC Responsible AI Principles and explored four high-risk application areas: health, human resources, policing, and student experience. Nebeker and Saul were part of the group focusing on health, while Heninger worked on policing considerations. The group has published a final report that explores current and future applications of AI in these areas and provides recommendations for how to operationalize the UC Responsible AI Principles. The report concludes with overarching recommendations to help guide UC’s strategy for determining whether and how to responsibly implement AI in its operations.
UC will now take steps to operationalize the Working Group’s key recommendations:
- Institutionalize the UC Responsible AI Principles in procurement and oversight practices;
- Establish campus-level councils and systemwide coordination to further the principles and guidance from the working group;
- Develop a risk and impact assessment strategy to evaluate AI-enabled technologies during procurement and throughout a tool’s operational lifetime;
- Document AI-enabled technologies in a public database to promote transparency and accountability.
- ROUTER IN YOUR HOME MIGHT INTERCEPT YOUR INTERNET TRAFFIC-BUT IT MAY BE FOR YOUR OWN GOOD
The router in your home might be intercepting some of your Internet traffic and sending it to a different destination. Specifically, the router can intercept the Domain Name System traffic –the communications used to translate human-readable domain names (for example www.google.com) into the numeric Internet Protocol (IP) addresses that the Internet relies on. That’s the finding from a team of computer scientists at the University of California San Diego, which they presented at the Internet Measurement Conference on November 3, 2021.
Why does this matter?
“The primary concern is privacy,” said Audrey Randall, a Ph.D. student in computer science at the University of California San Diego and first author of a paper on this subject. “When you visit a web site, you first have to do a DNS lookup for that site. So whoever gets your DNS traffic gets to see all the sites that you’re visiting. In principle, you get to choose who performs your DNS lookups and you might pick a company that you trust not to sell your data or a company that uses robust security to protect their logs. But if your DNS traffic is being silently intercepted and routed elsewhere, then someone else gets to see all that information.”
Many cases of DNS interception are not malicious, Randall pointed out. Often, interception is used by Internet Service Providers (ISPs) to protect users from malware that contacts particular Domain Name System (DNS) resolvers, which are essentially the Internet’s phone books. These resolvers transform the website URL users enter into a browser into an IP address for the servers that store the website’s content. In this case, interception can be helpful, by preventing malware from harming a user’s computer.
Researchers even found one instance of interception that was neither malicious nor benign: it was a simple bug. The UC San Diego team disclosed this bug to two Internet service providers. Both said they would work to fix issues. However, DNS queries also provide valuable data about users’ behavior that can be sold to advertisers, which might provide a less altruistic motive for some companies to intercept them.
The phenomenon of DNS interception has been studied in recent years, but little was known about where in the network interception takes place–until now. It turns out that in a surprising number of cases, users’ own home routers are the culprit.
These routers don’t send DNS queries to the target DNS resolver that the user specified. Instead, the software reroutes them to an alternate resolver. The query response is then modified so that it appears to come from the original target resolver. This modification makes the interception “transparent” to the user, and therefore very difficult to detect.
Determining where transparent interception takes place is difficult. But researchers were able to do this by devising an innovative and clever methodology. They first made use of special DNS queries that were invented as debugging tools, but they found that no single query could give enough information to pinpoint an interceptor’s location. The key turned out to be to compare the responses from two special queries: the responses were identical if the interceptor was the home router, but different if the interceptor was elsewhere in the network.
Even though DNS interception is often used to foil malware, the fact remains that users have no idea that their traffic is being redirected, or where it’s redirected to. “If you are concerned enough about who sees your data and who sells your data to advertisers, you want to make sure that the company handling it is actually who they say they are,” said Randall. “When this type of transparent interception is used, you think you have control over your traffic, but you don’t.”
Researchers caution that their study has some limitations. For example, the platform they used to conduct their study is not representative of all interception cases, because it over-represents certain Internet service providers, countries, or demographics.
Funding for this work was provided in part by National Science Foundation grants CNS-1629973 and CNS-1705050, the Irwin Mark and Joan Klein Jacobs Chair in Information and Computer Science at UC San Diego, and support from Google.
Home is Where the Hijacking is: Understanding DNS Interception by Residential Routers
Audrey Randall, Enze Liu, Ramakrishna Padmanabhan, Gautam Akiwate, Geoffrey M. Voelker, Stefan Savage and Aaron Schulman, University of California San Diego
- Turing Scholarship Awarded
CNS established the Alan Turing Memorial Scholarship to encourage a more diverse and inclusive community and honor Turing, the mathematician and cryptanalyst who helped invent computer science. This year’s awardee is a CS major in Warren College who prefers to remain anonymous. Congratulations to the recipient and many thanks to all who applied!
- Who’s got your mail? Google and Microsoft, mostly
Who really sends, receives and, most importantly perhaps, stores your business’ email? Most likely Google and Microsoft, unless you live in China or Russia. And the market share for these two companies keeps growing.
That’s the conclusion reached by a group of computer scientists at the University of California San Diego, who studied the email service providers used by hundreds of thousands of Internet domains– between 2017 and 2021.
“Our research team empirically showed the extent to which email has been outsourced and concentrated to a small number of providers and service providers,” said Stefan Savage, a professor in the UC San Diego Department of Computer Science and Engineering and one of the paper’s senior authors.”
The team presented their findings at the Internet Measurement Conference 2021, which took place virtually Nov. 2 to 4, 2021.
This concentration has several consequences: it increases the impact of service failures and data breaches; and it exposes companies and users outside the United States to potential subpoenas from U.S. government agencies.
A quick explainer of the difference between domains and service providers: The second half of your email address is your company or agency’s domain–for example, ucsd.edu is the domain for the University of California San Diego. The email service provider is the company that, behind the scenes, provides the infrastructure that allows you to send and receive email and stores your messages–so ucsd.edu’s email service is provided by a combination of Google and Microsoft mail services.
As of June 2021, Google and Microsoft are the dominant providers among popular domains, with 28.5% and 10.8% market share, respectively. In comparison, GoDaddy leads the market of providing services for smaller domains, with a 29% market share. The authors also observed a higher level of concentration over time: Google and Microsoft’s market share increased by 2.3% and 2.9%, respectively, since June 2017.
Some of the growth comes from smaller domains that used to host their own emails. “While self-hosted domains switched to providers across all categories, more than a quarter of them changed their mail provider to Google and Microsoft,” said Alex Liu, a UC San Diego computer science Ph.D. student and the paper’s lead author.
More affected during outages, data breaches
Concentration of email service providers has led to much bigger service outages. In August and December 2020, global outages affected Gmail and Drive–Gmail alone has an estimated 1.5 billion users. Outlook most recently suffered an outage in October 2021– an estimated 400 million people use the service.
The concentration of email service providers also puts more people at risk in the event of a data breach. One often-cited example is the Yahoo data breach that exposed at least 500 million user accounts. Recently, a flaw in a Microsoft Exchange protocol has been shown to have leaked hundreds of thousands of credentials.
Legal impact
Google and Microsoft, the two dominant US-based email service providers, appear to be in wide use by organizations outside the United States — particularly across Europe, North America, South America, large parts of Asia and, to a lesser extent, Russia. For example, 65% of Brazilian domains in the researchers’ dataset host email with Google or Microsoft. But they are not used in China.
However, outsourcing email service to US companies can also have legal implications. Under the 2018 CLOUD Act, US-based providers can be legally compelled to provide stored customer data, including e-mail, to US law enforcement agencies, regardless of the location of the data, or of the nationality or residency of the customer using the data.
Perhaps as a result, Tencent has an overwhelming market share in China, with 41%, as does Yandex in Russia, with 32 %. Both countries have shown that they prefer to keep control over data access.
In addition, an increasing number of email domains contract with email security providers, such as ProofPoint and Mimecast. These companies can operate as a third-party filter for inbound emails, removing the need to manage security locally. These companies have almost a 7% market share for large commercial companies; and a 17.5% market share for .gov domains.
The research was funded by the National Science Foundation, the University of California San Diego, the EU H2020 CONCORDIA project and Google.
Written By Ioana Patringenaru
- THIS FRAMEWORK WILL IMPROVE THE SECURITY OF ALL FIREFOX USERS
Researchers from the University of California San Diego, the University of Texas at Austin, and Mozilla have designed a new framework, called RLBox, to make the Firefox browser more secure. Mozilla has started deploying RLBox on all Firefox platforms this week.
RLBox increases browser security by separating third-party libraries that are vulnerable to attacks from the rest of the browser to contain potential damage—a practice called sandboxing.
Browsers, like Firefox, rely on third-party libraries to support different functionalities—from XML parsing, to spell checking and font rendering. These libraries are often written in low-level programming languages, like C, and, unfortunately, introducing vulnerabilities in C code is extremely easy. RLBox protects users from inevitable vulnerabilities in these libraries and supply-chain attacks that exploit these libraries.
“Well funded attackers are exploiting zero-day vulnerabilities and supply chains to target real users”, said Deian Stefan, an assistant professor in UC San Diego’s Computer Science and Engineering department. “To deal with such sophisticated attackers we need multiple layers of defense and new techniques to minimize how much code we need to trust (to be secure). We designed RLBox exactly for this.”
The team’s effort to deploy RLBox on all Firefox platforms is detailed in a recent Mozilla Hacks blog post.
With RLBox, developers can retrofit systems like Firefox to put modules, like third-party libraries, in a fine-grained software sandbox. Like process-based sandboxing, which browsers use to isolate one site from another, software sandboxing ensures that bugs in the sandboxed module will not create security vulnerabilities—bugs are contained to the sandbox. “Unlike process-based sandboxing, though, RLBox’s sandboxing technique makes it possible for developers to isolate tightly coupled modules like Graphite and Expat without huge engineering or performance costs,” said Shravan Narayan, the UC San Diego computer science PhD student leading the project.
WebAssembly and sandboxing
At its core, the RLBox framework consists of two components. The first is the sandboxing technique itself: RLBox uses WebAssembly (Wasm). Specifically, RLBox compiles modules to WebAssembly and then compiles Wasm to native code using the fast and portable wasm2c compiler. “By compiling to Wasm before native code, we get sandboxing for free: We can ensure that all memory access and control flow will be instrumented to be confined to the module boundary,” said Narayan.
Wasm also makes it possible for RLBox to optimize calls into and out of sandboxed code into simple function calls. In an upcoming study, to be published in the proceedings of the 2022 ACM SIGPLAN Principles of Programming Languages Symposium, the researchers show that this is safe because Wasm satisfies a set of theoretical conditions called “zero-cost conditions.” This is unlike most other sandboxing techniques, which require glue code at the sandbox-application boundary to be secure. This glue code is error-prone and, in some cases, contributes to large performance overheads—the team’s Wasm compiler elides this glue code, its complexity, and its overhead.
Tainted type system
The second key component of RLBox is its tainted type system. Sophisticated attackers can break out of the Wasm sandbox if the code interfacing with the sandboxed code—the Firefox code—does not carefully validate all the data that comes out of the sandbox. RLBox’s type system, which is implemented using C++ metaprogramming, prevents such attacks by marking all data coming out of the sandbox as “tainted” and ensuring, through compiler errors, that developers sanitize potentially unsafe data before using it. “Without such a type system, it would be extremely difficult to ensure that developers put all the right checks in all the right places,” said Stefan.
“RLBox is a big win for Firefox and our users,” said Bobby Holley, Distinguished Engineer at Mozilla. “It protects our users from accidental defects as well as supply-chain attacks, and it reduces the need for us to scramble when such issues are disclosed upstream.”
The team’s original work on RLBox was published in the proceedings of the USENIX Security Symposium last March. Since then they’ve been working on bringing RLBox to all Firefox users. RLBox will ship on all Firefox platforms, desktop and mobile, sandboxing five different modules: Graphite, Hunspell, Ogg, Expat and Woff2. The team is actively working on sandboxing more modules in future versions of Firefox and supporting use cases beyond Firefox.
This work was supported in part by gifts from Mozilla, Intel, and Google; by the National Science Foundation under grant numbers CCF-1918573 and CAREER CNS-2048262; and, by the CONIX Research Center, one of six centers in JUMP, a Semiconductor Research Corporation (SRC) program sponsored by DARPA.
- HOW THE PANDEMIC LOCKDOWN IMPACTED UC SAN DIEGO UNDERGRAD INTERNET USE
University of California San Diego computer scientists recently investigated how the COVID-19 pandemic influenced internet browsing during the lockdown. Armed with de-identified internet use data from UC San Diego dorm Wi-Fi, the researchers examined how online school and leisure activities shifted – for both American and international students. The study was presented at the ACM Internet Measurement Conference 2021.
The research focused on several thousand students in single-occupancy housing and how they responded to isolation between February and May 2020. The group found, not surprisingly, that students increased their internet usage by 58 percent from February to April 2020. However, in May those numbers began coming down. This was true of general usage and, more specifically, social media.
“We found that domestic students increased their social media usage early in the lockdown, but then that usage fell,” said Department of Computer Science and Engineering Ph.D. student Alisha Ukani who is the first author on the study. “That was a common effect – per capita usage intensified in the early months of the lockdown and then fell, returning to pre-pandemic levels in May, which was a bit of a surprise.”
The research team, which was led by UC San Diego Department of Computer Science and Engineering Professor Alex Snoeren and included Ph.D. student Ariana Mirian, also studied the the browsing distinctions between international and U.S. students. Though they did not know who owned specific devices, they devised a rubric to differentiate these groups based on their browsing behaviors. For example, international students would be more likely to visit offshore sites.
“We came up with a very conservative classification system, where we looked at all the websites each person was visiting and found the geographic coordinates of that site,” said Ukani.
This ability to separate these populations, rather than treating them as a single monolith, enhanced the information they could extract from the user data. Because international students were often unable to find flights home, they were likely disproportionately represented among the students remaining in the dorms after lockdown.
The team primarily focused on three categories: Zoom, social media and gaming. Zoom activity increased on weekdays – class time – but also showed small increases on weekend afternoons, which might have represented calls with friends and family.
For social media, domestic use of Instagram and Facebook remained stable, declining in May. The platforms were more popular for Americans than international students, though the latter increased their use in May.
Both domestic and international students increased using the Steam gaming platform early in the pandemic, but those numbers went down by May. A similar pattern was observed with Nintendo Switches.
This study provides useful information about internet habits during the lockdown. But even more importantly, it polishes data gathering techniques for future efforts.
“The techniques we developed in our analysis can be used in any internet usage measurement study,” said Ukani. “People can use our methods to classify international students or detect individual applications in any other context. We believe these techniques can be used by researchers outside of UC San Diego for their own measurement research.”
Written by Josh Baxt
- THIS TOOL PROTECTS YOUR PRIVATE DATA WHILE YOU BROWSE
A team of computer scientists at the University of California San Diego and Brave Software have developed a tool that will increase protections for users’ private data while they browse the web.
The tool, named SugarCoat, targets scripts that harm users’ privacy — for example, by tracking their browsing history around the Web — yet are essential for the websites that embed them to function. SugarCoat replaces these scripts with scripts that have the same properties, minus the privacy-harming features. SugarCoat is designed to be integrated into existing privacy-focused browsers like Brave, Firefox, and Tor, and browser extensions like uBlock Origin. SugarCoat is open source and is currently being integrated into the Brave browser.
“SugarCoat is a practical system designed to address the lose-lose dilemma that privacy-focused tools face today: Block privacy-harming scripts, but break websites that rely on them; or keep sites working, but give up on privacy,” said Deian Stefan, an assistant professor in the UC San Diego Department of Computer Science and Engineering. “SugarCoat eliminates this trade-off by allowing the scripts to run, thus preserving compatibility, while preventing the scripts from accessing user-private data.”
The researchers will describe their work at the ACM Conference on Computer and Communications Security (CCS) taking place in Seoul, Korea, Nov. 14 to 19, 2021.
“SugarCoat integrates with existing content-blocking tools, like ad blockers, to empower users to browse the Web without giving up their privacy,” said Michael Smith, a PhD student in Stefan’s research group, who is leading the project.
Most existing content-blocking tools make very coarse-grained decisions: They either totally block or totally allow a script to run, based on whether it appears on a public list of privacy-harming scripts. In practice, though, some scripts are both privacy-harming and necessary for websites to function — and most tools inevitably choose to make an exception and allow these scripts to run. Today, there are more than 6,000 exception rules letting through these privacy-harming scripts.There is a better approach, though. Instead of blocking a script entirely or allowing it to run, content-blocking tools can replace its source code with an alternative privacy-preserving version. For example, instead of loading popular website analytics scripts which also track users, content-blocking tools replace these scripts with fake versions that look the same. This ensures that the content-blocking tools are not breaking web pages that embed these scripts and that the scripts can’t access private data (and thus report it back to the analytics companies). To date, crafting such privacy-preserving replacement scripts has been a slow, manual task even for privacy engineering experts. uBlock Origin, for example, maintains replacements for only 27 scripts, compared to the over 6,000 exception rules.
How SugarCoat changes the game
The researchers developed SugarCoat precisely to address this gap by automatically generating privacy-preserving replacement scripts. The tool uses the PageGraph tracing framework–Smith was key to the development of the framework–to follow the behavior of privacy-harming scripts throughout the browser engine.
SugarCoat scans this data to identify when and how the scripts talk to Web Platform APIs that expose privacy-sensitive data. SugarCoat then rewrites the scripts’ source code to talk to fake “SugarCoated” APIs instead, which look like the Web Platform APIs but don’t actually expose any private data.
To evaluate the impact of SugarCoat on Web functionality and performance, the team integrated the rewritten scripts into the Brave browser; they found that SugarCoat effectively protected users’ private data without impacting functionality or page load performance. SugarCoat is now being deployed in production at Brave.
“Brave is excited to start deploying the results of the year-long SugarCoat research project,” said Peter Snyder, senior privacy researcher and director of privacy at Brave Software. “SugarCoat gives Brave and other privacy projects a powerful, new capability for defeating online trackers, and helps keep users in control of the Web.”
This work was supported by the NSF under grant numbers CCF-1918573 and CAREER CNS-2048262, by a gift from Brave Software, and by an NSF Graduate Research Fellowship.SugarCoat: Programmatically Generating Privacy-Preserving, Web-Compatible Resource Replacements for Content Blocking
Michael Smith and Deian Stefan, University of California San Diego
Benjamin Livshits, Imperial College of London
Peter Snyder, Brave SoftwareWritten by Ioana Patringenaru
- ACM Internet Measurement Conference
The annual ACM Internet Measurement Conference (IMC), which focuses on Internet measurement and analysis, accepted 55 papers this year, and 16 were from UC San Diego authors – nearly 30% of the total.
Of the 16, seven were submitted by CNS and CSE Systems and Networking Group; three had CAIDA authors; UCSD undergrad Katherine Izhikevich co-authored one; and one was submitted by Sysnet Ph.D. student Rukshani Athapathu. Four were submitted by UCSD Ph.D. or postdoc alumni.
A big congratulations to the UC San Diego and CNS authors who contributed to 2021 ACM IMC papers: Gautam Akiwate, Rukshani Athapathu, Kimberly Claffy, Alberto Dainotti, Alexander Gamero-Garrido, Katherine Izhikevich, Dhananjay Jagtap, Enze Liu, Alexander Marder, Ariana Mirian, Ricky Mok, Ramakrishna Padmanabhan, Audrey Randall, Stefan Savage, Aaron Schulman, Alex C. Snoeren, Alisha Ukani, Geoffrey M. Voelker, Huanlei Wu, Alex Yen, Zesen Zhang and Hongyu Zou. The 2021 ACM IMC was held virtually from November 2 to 4.
- COMPUTER SCIENTISTS PART OF NSF GRANT TO MAKE BROWSERS SAFER
Computer scientists at the University of California San Diego are part of a $3 million grant from the National Science Foundation to make web browsers safer.
At UC San Diego, the effort will be headed by Deian Stefan, an assistant professor in the Department of Computer Science and Engineering. The grant’s principal investigator is Hovav Shacham, a professor at The University of Texas at Austin. Shacham, Stefan and other members of the team, including Fraser Brown at Stanford, Isil Dillig at UT Austin, UC San Diego professors Ranjit Jhala and Sorin Lerner, have extensive experience in the field of browser security.
Last year, the team developed a framework, called RLBox, that increases browser security by separating third-party libraries that are vulnerable to attacks from the rest of the browser to contain potential damage—a practice called sandboxing. The RLBox framework was integrated into Firefox to complement Firefox’s other security-hardening efforts. Now, the team is expanding their focus to the other huge attack vector: the browser’s JavaScript just-in-time (JIT) compiler.
Browser JITs turn web application code, written in JavaScript, into optimized machine code. Browser JITs are highly tuned and complex systems. Unfortunately, browser JITs also have bugs, and attackers have figured out how to take advantage of those bugs to take over the computers of users who visit their malicious websites. Journalists and dissidents have been targeted by attackers using browser JIT bugs.
“We need to rethink the way browsers execute JavaScript programs from the ground up, by designing and building new JavaScript interpreters and compilers that are extensible, maintainable, and verified secure,” Stefan said.
The goal of the NSF project is to build and deploy more secure JavaScript JITs. To this end, the team will develop new techniques, frameworks, and principles that help browser developers build JIT compilers that are provably secure and don’t incur the high costs and development timelines traditionally associated with high-assurance software. “Everyone should be able to browse the web without worrying that clicking the wrong link will cause their computer to be compromised,” Shacham said. “We hope our project can help make that goal a reality.”Written by: Ioana Patringenaru
- Improving Algorithms for Side-Channel Cryptanalysis
In side-channel attacks, attackers learn protected information by measuring an external hardware or software artifact, such as execution time or electromagnetic radiation. In cryptographic implementations, side-channel attacks can reveal secret keys and other sensitive information. However, an attacker’s measurements may be noisy or imperfect, and they might learn only a few bits of secret information.
But even this small leak can break some cryptographic algorithms. With the DSA and ECDSA digital signature algorithms, an attacker can compute a secret signing key with only a handful of bits leaked each time the victim computes a digital signature. In a beautiful turn of mathematics, this key recovery calculation can be carried out by finding a short vector in an algebraic lattice.
In On Bounded Distance Decoding with Predicate: Breaking the “Lattice Barrier” for the Hidden Number Problem, UC San Diego CSE/CNS faculty member Nadia Heninger and Martin R. Albrecht, from Information Security Group, Royal Holloway and the University of London, show how to recover secret keys by providing an algorithm to search the lattice for the key with less information and fewer signatures than was thought possible. Their paper will be presented on October 19 at the Eurocrypt hybrid conference in Zagreb, Croatia.
- Improving Algorithms for Side-Channel Cryptanalysis
In side-channel attacks, attackers learn protected information by measuring an external hardware or software artifact, such as execution time or electromagnetic radiation. In cryptographic implementations, side-channel attacks can reveal secret keys and other sensitive information. However, an attacker’s measurements may be noisy or imperfect, and they might learn only a few bits of secret information.
But even this small leak can break some cryptographic algorithms. With the DSA and ECDSA digital signature algorithms, an attacker can compute a secret signing key with only a handful of bits leaked each time the victim computes a digital signature. In a beautiful turn of mathematics, this key recovery calculation can be carried out by finding a short vector in an algebraic lattice.
In On Bounded Distance Decoding with Predicate: Breaking the “Lattice Barrier” for the HiddenNumber Problem, UC San Diego CSE/CNS faculty member Nadia Heninger and Martin R. Albrecht, from Information Security Group, Royal Holloway, and the University of London, show how to recover secret keys, by providing an algorithm to search the lattice for the key, with less information and fewer signatures than was thought possible. Their paper will be presented on October 19 at the Eurocrypt hybrid-format conference in Zagreb, Croatia.
- COMPUTER SCIENTISTS HONORED FOR THEIR WORK DISCOVERING THAT CARS ARE VULNERABLE TO HACKING
September 22, 2021– Many people think of cars as a series of mechanical parts that — hopefully — work together to take us places, but that’s not the whole story.
Inside most modern cars is a network of computers, called “electronic control units,” that control all the systems and communicate with each other to keep everything rolling smoothly along.
More than 10 years ago, a team from the University of California San Diego and University of Washington investigated whether these computing systems could be hacked and how that would affect a driver’s ability to control their car. To their own surprise — and to the alarm of car manufacturers — the researchers were able to manipulate the car in many ways, including disabling the brakes and stopping the engine, from a distance. This work led to two scientific papers that opened up a new area of cybersecurity research and served as a wake-up call for the automotive industry.
Now the team has received the Golden Goose Award from the American Association for the Advancement of Science. The Golden Goose Award recipients demonstrate how scientific advances resulting from foundational research can help respond to national and global challenges, often in unforeseen ways. The award, established in 2012, honors scientific studies or research that may have seemed obscure, sounded “funny,” or for which the results were totally unforeseen at the outset, but which ultimately led, often serendipitously, to major breakthroughs that have had significant societal impact.
The car cybersecurity project was led by Stefan Savage and Tadayoshi Kohno, two professors of computer science at UC San Diego and the University of Washington, respectively. Kohno is a UC San Diego Ph.D. alumnus, receiving his Ph.D. in Computer Science and Engineering in 2006.
“When General Motors started advertising its OnStar service, Yoshi and I had a conversation, saying, ‘I bet there’s something there,'” Savage said. “Moreover, vulnerabilities in traditional computers had fairly limited impacts. You might lose some data or get a password stolen. But nothing like the visceral effect of a car’s brakes suddenly failing. I think that bridging that gap between the physical world and the virtual one was something that made this exciting for us.”
“More than 10 years ago, we saw that devices in our world were becoming incredibly computerized, and we wanted to understand what the risks might be if they continued to evolve without thought toward security and privacy,” Kohno said. “This award shines light on the importance of being thoughtful and strategic in figuring out what problems to work on today.”Savage and Kohno are both computer security researchers who often chatted about potential upcoming threats that could be good to study.
The team’s papers prompted manufacturers to rethink car safety concerns and create new standard procedures for security practices. GM ended up appointing a vice president of product security to lead a new division. The Society for Automotive Engineers (SAE), the standards body for the automotive industry, quickly issued the first automotive cybersecurity standards. Other car companies followed along, as did the federal government. In 2012, the Defense Advanced Research Projects Agency launched a new government project geared toward creating hacking-resistant, cyber–physical systems.
“I like to think about what would have happened if we hadn’t done this work,” Kohno said. “It is hard to measure, but I do feel that neighboring industries saw this work happening in the automotive space and then they acted to avoid it happening to them too. The question that I have now is, as security researchers, what should we be investigating today, such that we have the same impact in the next 10 years?”
Discovering vulnerabilities
Savage and Kohno formed a super-team of researchers from both universities. The team purchased a pair of Chevy Impalas — one for each university — to study as a representative car. Researchers worked collaboratively and in parallel, letting curiosity guide them.
The first task was to learn the language the cars’ computerized components used to communicate with each other. Then the researchers worked to inject their own voices into the conversation.
For example, the team started sending random messages to the cars’ brake controllers to try to influence them.
“We figured out ways to put the brake controller into this test mode,” said Karl Koscher, a research scientist at UW, who also earned his PhD in Seattle. “And in the test mode, we found we could either leak the brake system pressure to prevent the brakes from working or keep the system fully pressurized so that it slams on the brakes.”
The team published two papers in 2010 and 2011 describing the results.
“The first paper asked what capabilities an attacker would have if they were able to compromise one of the components in the car. We connected to the cars’ internal networks to examine what we could do once they were hacked,” said Stephen Checkoway, an assistant professor of computer science at Oberlin College who completed this research as a UC San Diego doctoral student. “The second paper explored how someone could hack the car from afar.”
In these papers, the researchers chose not to unveil that they had used Chevy Impalas, and opted to contact GM privately.
“In our conversations with GM, they were quite puzzled. They said, ‘There’s no way to make the brake controller turn off the brakes. That’s not a thing,'” Savage said. “That Karl could remotely take over our car and make it do something the manufacturer didn’t think was possible reflects one of the key issues at play here. The manufacturer was hamstrung because they knew how the system was supposed to work. But we didn’t have that liability. We only knew what the car actually did.”
Daniel Anderson, Alexei Czeskis, Brian Kantor, Damon McCoy, Shwetak Patel, Franziska Roesner and Hovav Shacham filled out the rest of the team. This research was funded by the National Science Foundation, the Air Force Office of Scientific Research, a Marilyn Fries endowed regental fellowship and an Alfred P. Sloan research fellowship.
Other award recipients
This year’s two other Golden Goose awards went to Katalin Karikó and Drew Weissman for their role in making mRNA into a medical therapy; and to V. Craig Jordan, who is known for pioneering the scientific principles behind a class of drugs called selective estrogen receptor modulators, or SERMs.
UC San Diego researchers who received the Golden Goose award in the past include Larry Smarr, former director of the California Institute for Telecommunications and Technology and a professor in the Department of Computer Science and Engineering; and Nobel laureate Roger Tsien, a professor of pharmacology, chemistry and biochemistry, who passed away in 2016.
Media Contacts
Ioana Patringenaru
Jacobs School of Engineering
858-822-0899
ipatrin@ucsd.edu - $5 MILLION NSF GRANT SUPPORTS DATA-FRIENDLY RESEARCH PLATFORMUC San Diego computer scientists will help develop the National Research Platform to create a data freeway system to accelerate research
The San Diego Supercomputer Center (SDSC) has received a $5 million grant from the National Science Foundation’s Office of Advanced Cyberinfrastructure to prototype the National Research Platform (NRP), an actual information superhighway. Several members of the UC San Diego Computer Science and Engineering Department will lend their expertise to the project.
The grant funds efforts at SDSC, the Massachusetts Green High Performance Computing Center and the University of Nebraska–Lincoln to build a high-performance platform, optimizing equipment, configurations and security to support data-intensive science projects. The NRP will give research collaborators new opportunities to share data and work simultaneously on complex projects.
COVID Analysis
One of the many beneficiaries will be UC San Diego Computer Science and Engineering Professor Tajana Rosing, who is trying to solve several high-data problems.
“I have been working with a couple of different teams on biology-related applications,” said Rosing. “For example, we’re trying to accelerate the COVID 19 genomics pipeline, creating a phylogenetic tree of life of all the different mutations of COVID-19 to track viral evolution. Right now, that takes a really long time.”
Working with Professor of Pediatrics and Computer Science and Engineering Rob Knight and Assistant Teaching Professor Niema Moshiri and others, Rosing is using programmable hardware, called field-programmable gate arrays (FPGAs), to accelerate the process. So far, the analysis pipeline works great until the last step, actually creating the phylogenetic tree. That’s where the NRP comes in.
“We will need many FPGAs to run in parallel, and that’s what the NRP platform does for us,” said Rosing. “The FPGAs must be connected with high bandwidth and low latency because we’re moving a lot of data around.”
Molecular Dynamics
Rosing is also using the NRP on a collaboration with the Lawrence Livermore Laboratory to model molecular dynamics to enhance drug discovery. The team is trying to analyze the physical movements of atoms and molecules, another data-intensive task, and using a similar parallel FPGA setup to gain the necessary speed.
“It’s massive amounts of data and it’s interactive data,” said Rosing. “We’re trying to simulate interactions that happen in femtoseconds (one quadrillionth of a second), and need this very parallel system to get there.”
The end goal is to use this computer modeling to determine which molecules have the greatest potential to become medicines. While chemists can create a seemingly endless number of molecules, only a few go on to become safe and effective therapies. Physically testing these molecules is both time-consuming and expensive.
“The nice thing about simulating these interactions in the computer is that we don’t have to run cell-based tests in the lab on every compound,” said Rosing. “We can use the model to weed out the ones that won’t work and only move forward with the ones that show promise, dramatically reducing the amount of time it takes to develop new medicines.”
- Jetset: Targeted Firmware Rehosting for Embedded Systems
Executing code in an emulator is a fundamental part of modern vulnerability testing. However, to emulate embedded system firmware outside its native environment, the emulator must mimic hardware devices with enough accuracy to convince the firmware that it is executing on real hardware.
In Jetset: Targeted Firmware Rehosting for Embedded Systems, UC San Diego CSE/CNS Ph.D. student Evan Johnson, CSE/CNS faculty Stefan Savage, and researchers at the University of Illinois at Urbana-Champaign and Oberlin College develop and implement Jetset, a system that uses symbolic execution to infer what behavior firmware expects from hardware devices. They used Jetset to test whether it was possible to boot firmware in an emulator by automatically inferring how the firmware and hardware interact.
The team successfully applied Jetset to thirteen distinct pieces of firmware together, representing three architectures, three application domains, and five different operating systems. They also demonstrated how Jetset-assisted rehosting facilitates fuzz-testing on an avionics embedded system. Their work will be presented in August 2021 at the USENIX Security Symposium.
- Swivel: Hardening WebAssembly against Spectre
WebAssembly or Wasm is a portable bytecode that has increasingly been using sandbox untrusted code outside the browser. But unfortunately, Spectre attacks—the class of transient execution attacks which exploit control flow predictors—can bypass Wasm’s isolation guarantees.
In Swivel: Hardening WebAssembly against Spectre, UC San Diego CSE/CNS Ph.D. students and researchers Shravan Narayan, Craig Disselkoen, Sunjay Cauligi, Evan Johnson, Zhao Gang, CSE/CNS Postdoc Daniel Moghimi, CSE Professor Dean Tullsen, CSE/CNS Professor Deian Stefan, UT Austin Professor Hovav Shacham, and Intel collaborators Anjo Vahldiek-Oberwagner and Ravi Sahita focus on hardening Wasm against Spectre attacks.
The team takes a compiler-based approach to harden Wasm against Spectre without resorting to process isolation or the use of fences. Their new compiler framework, Swivel, ensures that code can neither use Spectre attacks to break out of the Wasm sandbox nor coerce victim code to leak secret data.
To develop Swivel, the team describes a software-only approach that can be used on existing CPUs and a hardware-assisted approach that uses extensions available in Intel 11th generation CPUs. For both, they evaluate a randomized approach that mitigates Spectre and a deterministic approach that eliminates Spectre altogether. Their work will appear at the 30th USENIX Security Symposium, August 2021.
- NAVIGATING PERMISSIONS
Current smartphone operating systems have a runtime permission model, which allows users to manage and customize permissions to meet their personal preferences. However, this model leaves users in the dark about permissions capabilities and their potential risks.
In Can Systems Explain Permissions Better? Understanding Users’ Misperceptions under Smartphone Runtime Permission Model, CSE/CNS Ph.D. students Bingyu Shen, Chengcheng Xiang, Yudong Wu, and Mingyao Shen and CSE Professor Yuanyuan Zhou explore several common misconceptions about permissions and the benefits of providing additional information.
The team took a mixed-methods approach, analyzing users’ permission settings and surveying them to determine how well they understand them. They found users often fail to understand permission model evolution and permission group capabilities.
After surveying users about their common concerns, the team pinpointed five types of information that could support better user decision-making. They went on to provide suggestions for system designers to address these common issues and enhance future systems. The team will present their findings at the 30th Usenix Security Symposium in August, 2021.
- STEFAN SAVAGE HONORED AS PRESTIGIOUS DISTINGUISHED RESEARCHER
UC San Diego Computer Science and Engineering Professor Stefan Savage is one of two researchers across the campus to be named the Distinguished Researcher by the UC San Diego Academic Senate. He was honored with the award for his work in cybersecurity.
These awards are a sign of respect from peers for groundbreaking research conducted by members of the UC San Diego faculty.
“This is a tremendous honor. Only two awards are made each year for the entire campus, one in the Sciences and Engineering divisions, and in for Arts & Humanities and Social Sciences divisions,” said CSE Department Chair Sorin Lerner.
Savage attributes his research success to the collaborative atmosphere that has been cultivated at UC San Diego CSE. “As always, any success I’ve had is due to my many great collaborators (fellow CSE Professor Geoff Voelker and our students being first among them),” said Savage, “CSE has succeeded in large part by being such a great home for collaborative work and people who love to work together. I’m indebted to this community that helps build, support, and reinforce that culture.”
Savage is a cybersecurity researcher who holds an expansive view of the field. He and colleagues bring together computer science and the social sciences in their work by taking into account economics, policy, and regulations, not just technology. He and his collaborators have been instrumental in pointing out security vulnerabilities in cars, which have been addressed by the automotive industry’s regulatory bodies and manufacturers. They have tracked the financial transactions responsible for funding email spam campaigns and botnets around the world. The data has been used by government agencies and credit card companies to block these transactions. Savage and colleagues also have designed ways to measure and pinpoint the source of attacks that cripple the internet and large websites, known as distributed denial of service attacks.
Savage has received numerous awards for his work, including a McArthur fellowship in 2017, the ACM Prize in Computing in 2015, and three Test of Time awards from leading academic computer security organizations. He holds the Irwin and Joan Jacobs Chair at the Jacobs School of Engineering and is a professor in the UC San Diego Department of Computer Science and Engineering.
Both Savage and the other UC San Diego Distinguished Research Award recipients will be delivering lectures on their research in the fall.
Article written by Kayla Chen
- CSE’S ARUN KUMAR IS HELPING TO SOLVE ML’S BIG DATA PROBLEM
Big datasets can be incredible assets in business, healthcare, the physical and social sciences and many other disciplines – but the data won’t reveal itself. To isolate useful information and harness its predictive capabilities, researchers and organizations rely on sophisticated data sorting techniques, such as machine learning.
But machine learning and related disciplines face their own headwinds. For example, the model building process can be slow and both labor- and resource-intensive. UC San Diego Computer Science and Engineering and Halicioğlu Data Science Institute Assistant Professor Arun Kumar is working to make it faster, easier and more economical to handle these large datasets.
“I bridge the gap, from an academic standpoint, between computing systems and machine learning,” said Kumar. “I focus on reducing the resource costs of those building processes – what we call model selection – and improving resource efficiency: reducing costs, run times and energy consumption during the model building process.”
Kumar is largely focused on deployment issues, including scalability and usability. Two of his primary projects are Cerebro, which is developing artificial neural networks, and Sorting Hat, which focuses on reducing data preparation times.
Borrowing approaches from the database community, which has been studying these issues for some time, Kumar and colleagues want to apply that knowledge to machine learning to find the most efficient ways to analyze data.
These skills are in great demand from both industry and academia. He is currently working with health and social scientists and discussing future collaborations with computational physicists and neuroscientists. It seems everybody has data they need to crunch.
“The domain science folks have these large-scale data analytics problems, but they can’t build the software themselves,” said Kumar. “Off the shelf software is not up to par, so we build the tools they need.”
Measuring Movement
One recent paper, published in the Journal for the Measurement of Physical Behaviour, highlights how Kumar’s work intersects with health sciences. He and Loki Natarajan, UC San Diego professor of Family Medicine and Public Health, and colleagues recently tested different deep learning algorithms to determine which ones are better at measuring physical activity in patients.
“These were cohorts of cancer survivors and obese people who wore accelerometers to measure their movements,” said Kumar. “The deep learning models we built could more accurately log their movements, as well as analyze their exercise patterns and predict longitudinal health outcomes.”
Using Cerebro, the team compared an artificial neural network, called a convolutional neural network (CNN), to other machine learning algorithms, called random forest and logistic regression. In the study, 28 women wore two different motion tracking devices and the team compared the predictive outputs from CNN, random forest and logistic regression.
The CNN did a much better job classifying whether the participants were sitting, standing or walking. These findings give health scientists better tools to measure activity out in the wild.
Recognition
In addition to his academic partners, Kumar has also received great support from industry. While he’s not taking projects from these companies, their interests can align on initiatives he’s already created. The lab has received support from VMware for Cerebro and Google and Amazon for Sorting Hat. Cerebro is also funded by Kumar’s National Science Foundation CAREER grant.
“The Cerebro project is fundamentally about reducing resource costs and the energy footprint,” said Kumar. “VMWare offers cloud solutions for their enterprise customers, so they were interested in reducing run times and resources costs.”
On top of all that, Kumar was recently honored with the 2021 IEEE TCDE Rising Star Award, which is given to junior researchers “for designing and deploying data analytics systems powered by innovative machine learning and artificial intelligence algorithms.”
“It was a great honor,” said Kumar. “A number of people very graciously supported me. I hope I can continue to reward their faith in my work.”
Written By: Josh Baxt
- Covert Communication In The Cloud With Lambdas
Serverless services, such as AWS lambdas, are a fast-growing part of the cloud market. Their popularity reflects their lightweight nature and scheduling and cost flexibility.
However, serverless computing’s security issues are poorly understood. CNS co-Director Stefan Savage, CSE/CNS Ph.D. students Anil Yelam and Ariana Mirian and CSE Alumni Shibani Subbareddy and Keerthana Ganesan explored the feasibility of developing a practical covert channel from lambdas in their paper: CoResident Evil: Covert Communication In The Cloud With Lambdas.
The team established that fast co-residence detection for lambdas is key to enabling a covert channel. Leveraging this knowledge, they developed a reliable and scalable co-residence detector based on the memory bus hardware. This technique enables dynamic discovery for co-resident lambdas and is incredibly fast, executing in a matter of seconds. The researchers can establish hundreds of individual covert channels for every 1000 lambdas deployed, and each of these can send data at 200 bits per second, demonstrating covert communication via lambdas is entirely feasible. The team presented their findings for the 30th Web Conference on April 20.
- UC SAN DIEGO JOINS BYTECODE ALLIANCE TO BUILD SAFER SOFTWARE FOUNDATIONS FOR THE INTERNET
The University of California San Diego has joined The Bytecode Alliance, a nonprofit organization dedicated to creating new software foundations and building on standards such as WebAssembly and WebAssembly System Interface (WASI). UC San Diego is part of a cross-industry collaboration alongside other new members Arm, DFINITY Foundation, Embark Studios, Google and Shopify to support the alliance, which was incorporated by Fastly, Intel, Mozilla, and Microsoft.
These organizations share a vision of a WebAssembly ecosystem that fixes cracks in today’s software foundations that are holding the industry and its software supply chains back from a secure, performant, cross-platform, and cross-device future.
“WebAssembly is quickly becoming the de facto intermediate representation for building secure systems. WebAssembly takes a principled approach to security and gives us just the right building blocks to build the next-generation secure and high-assurance systems,” said Deian Stefan, CNS faculty member and an assistant professor in Computer Science and Engineering Department at the UC San Diego Jacobs School of Engineering. “It’s a core part of the sandboxing and high-assurance security toolkits we are developing at UC San Diego.”
UC San Diego researchers and collaborators have developed the RLBox framework that uses WebAssembly to sandbox libraries, the CT-Wasm language extension for writing secure crypto code in WebAssembly, the Swivel compiler that mitigates Spectre attacks, and the VeriWasm tool that verifies the safety of native compiled WebAssembly.
“As members of the Bytecode Alliance we hope to help shape the direction of WebAssembly and contribute tools and techniques that will amplify the alliance’s vision towards a more secure software ecosystem,” Stefan said.
The Bytecode Alliance, founded in 2019, has helped bring attention to the inherent weaknesses in predominant models for building software, which rely heavily on composing up to thousands of third-party modules without security boundaries between them. These weaknesses in the software supply chain have historically been instrumental in breaching government systems, critical infrastructure services, and a large number of companies, as well as in stealing personal information of hundreds of millions, perhaps even billions of people.
Original story: https://cse.ucsd.edu/about/news/uc-san-diego-joins-bytecode-alliance-build-safer-software-foundations-internet
- CNS Co-Director Stefan Savage elected to the American Academy of the Arts
CNS Co-Director and UC San Diego Computer Science and Engineering Professor Stefan Savage is among the three members of the university community to have been elected to the American Academy of Arts and Sciences—one of the oldest and most esteemed honorary societies in the nation.
Savage, along with Ananda Goldrath and Eileen Myles, are among the Academy’s 2021 class of 252 members. They join fellow 2021 classmates who are artists, scholars, scientists, and leaders in the public, non-profit and private sectors, including civil rights lawyer and scholar Kimberlé Crenshaw; computer scientist Fei-Fei Li; composer, songwriter, and performer Robbie Robertson; and media entrepreneur and philanthropist Oprah Winfrey.
The American Academy of Arts and Sciences has honored exceptionally accomplished individuals and engaged them in advancing the public good for more than 240 years. Professor Walter Munk was the first UC San Diego faculty member elected to the Academy. Since then, more than 80 faculty from disciplines that span the entire campus have received this prestigious honor.
“This year, our faculty are being recognized for three vastly different fields of study: immunology, literature, and cybersecurity,” said UC San Diego Chancellor Pradeep K. Khosla. “Having the oldest and most distinguished American national academy honor the career accomplishments of these prestigious faculty both honors their individual successes and spotlights the breadth of expertise and influence of our Triton faculty. UC San Diego’s well-established prowess in science, technology, and art offers a truly well-rounded experience for our students, our researchers, and our collaborative faculty.”
In the statement announcing this year’s new Academy members, David Oxtoby, President of the American Academy said, “The past year has been replete with evidence of how things can get worse; this is an opportunity to illuminate the importance of art, ideas, knowledge, and leadership that can make a better world.”
Stefan Savage
Savage is a cybersecurity researcher who holds an expansive view of the field. He and colleagues bring together computer science and the social sciences in their work by taking into account economics, policy, and regulations, not just technology. His team has been instrumental in pointing out security vulnerabilities in cars, which have been addressed by the automotive industry’s regulatory bodies and manufacturers. They have tracked the financial transactions responsible for funding email spam campaigns and botnets around the world. The data has been used by government agencies and credit card companies to block these transactions. Savage and colleagues also have designed ways to measure and pinpoint the source of attacks that cripple the internet and large websites, known as distributed denial of service attacks. Savage has received numerous awards for his work, including a McArthur fellowship in 2017, the ACM Prize in Computing in 2015, and three test of time awards from leading academic computer security organizations. He holds the Irwin and Joan Jacobs Chair at the Jacobs School of Engineering and is a professor in the UC San Diego Department of Computer Science and Engineering.In addition to these three faculty members, alumna Angela Davis is also part of this year’s class of fellows. A well-known activist who is now on faculty at the University of California Santa Cruz, Davis earned a master’s degree from the Department of Philosophy at UC San Diego in 1969. She worked closely with philosopher Herbert Marcuse. Her likeness is now part of the Price Center’s Black Legacy Mural, and she is also portrayed on the walls of the Che Cafe.
The American Academy of Arts & Sciences was founded in 1780 by John Adams, John Hancock, and others who believed the new republic should honor exceptionally accomplished individuals and engage them in advancing the public good. The 2021 members join the company of those elected before them, including Benjamin Franklin and Alexander Hamilton in the eighteenth century; Ralph Waldo Emerson and Maria Mitchell in the nineteenth; Robert Frost, Martha Graham, Margaret Mead, Milton Friedman, and Martin Luther King, Jr. in the twentieth; and more recently Joan C. Baez, Judy Woodruff, John Lithgow, and Bryan Stevenson. International Honorary Members include Charles Darwin, Albert Einstein, Winston Churchill, Laurence Olivier, Mary Leakey, John Maynard Keynes, Akira Kurosawa, and Nelson Mandela.
Original Story: https://cse.ucsd.edu/about/news/cses-stefan-savage-elected-american-academy-arts-and-sciences
UCSD News: https://ucsdnews.ucsd.edu/pressrelease/academyofartsandsciences2021UC Newsletter: https://www.universityofcalifornia.edu/news/national-academy-sciences-american-academy-arts-sciences-elect-36-new-uc-members
- U.S. Representative Mike Levin and Mayor Serge Dedina Discuss Science, Policy & Communications
U.S. Representative Mike Levin and Mayor Serge Dedina from the City of Imperial Beach discussed science, policy & communications with students from UC San Diego, Computer Science and Engineering 190 (Environmental Impacts of Modern Computing) during a recent virtual event. The discussion focused on how elected officials work towards solutions to a range of environmental issues. Students had an opportunity to ask the elected officials questions during the event. CSE 190 is taught by CSE Associate Professor/CNS Co-Director George Porter. Two classes from the University of San Diego also participated in this event, Environmental and Ocean Sciences 300, taught by Associate Professor Michel Boudrias, and Theatre 494, taught by Associate Professor Monica Stufft. A recording of the virtual event is located here: https://www.youtube.com/watch?v=bhqcI59mK2E
- TWO CSE PROFESSORS RECEIVE NSF CAREER AWARDS
UC San Diego Computer Science and Engineering (CSE) professors Deian Stefan and Sicun Gao have been awarded prestigious Faculty Early Career Development Program (CAREER) grants from the National Science Foundation to support their work to build secure computer systems and safer autonomous systems.
CAREER awards are the NSF’s most prestigious awards in support of early-career faculty who have the potential to serve as academic role models in research and education and to lead advances in the mission of their department or organization, according to the NSF.
“The recognition from NSF’s CAREER program shows the potential of our faculty’s research. I am pleased that Deian and Sean are among the distinguished CSE faculty members who have earned CAREER awards,” said CSE Department Chair Sorin Lerner.
Deian Stefan joined CSE in 2016. In his proposal for his project, “Principled and practical secure compilation using WebAssembly,” he writes about the challenges of building secure computer systems: “A single bug in the source code that programmers write or in the compilers they use to generate machine code could expose systems to attack.” Unfortunately, the gap between the theory of secure compilation and practice is huge. The goal of his project is to bridge this gap by extending the industrial WebAssembly byte code into a unifying principled and practical abstraction for secure compilation. The results of this work could make hundreds of millions of users safer: end-to-end security guarantees can prevent exploits in widely used systems, from web browsers to next generation cloud platforms.
Sicun Gao joined CSE in 2017. In his project “Correct-by-Learning Methods for Reliable Autonomy,” Gao will develop the theoretical foundations as well as practical techniques and tools for improving the reliability of realistic autonomous systems such as autonomous cars and unmanned aerial vehicles. Machine learning and data-driven approaches are now an indispensable part of the design of autonomous systems. The lack of formal assurance has become one of the key bottleneck that impedes the wider deployment and adoption of these systems. His project targets this challenge by developing formal synthesis and verification techniques for learning-based and data-driven control and planning methods for autonomous systems.
Written By: Katie E. Ismael
- CNS and CSE’s Arun Kumar Works Toward Democratizing Deep Learning Systems
Deep learning (DL) is all around us: web search and social media, machine translation and conversational assistants, healthcare, and many other applications. DL is a resource-intensive form of machine learning (ML) that typically needs graphics processing units (GPUs), a lot of memory, and a computer cluster.
While large technology companies are amassing these resources, the status quo is far from ideal. DL is challenging to adopt for smaller companies, domain scientists, and others. As a result, there is a pressing need to rein in DL’s resource bloat, total costs, and energy consumption to truly democratize it for all users.
Now, Arun Kumar, a Center for Networked Systems (CNS) faculty member and a Computer Science and Engineering and HDSI professor, and his student researchers in the ADA Lab are tackling these issues with a first-of-its-kind scalable DL data platform called Cerebro, which was inspired by decades of research into scalable and parallel systems for data-intensive computing.
Kumar recently presented the team’s vision at the CIDR 2021 conference. The paper Cerebro: A Layered Data Platform for Scalable Deep Learning was co-authored with advisees Supun Nakandala, Yuhao Zhang, Side Li, Advitya Gemawat, and Kabir Nagrecha. The talk discussed Cerebro’s system design philosophy and architecture, recent research and open questions, initial results, and tangible paths to practical impact.
DL software systems specify, compile and execute DL training and prediction workloads on large datasets. Kumar’s team noticed a key missing piece: there is no analog to query optimization at scale, causing massive waste, high runtimes, and increased costs.
This is where their approach, called multi-query DL, comes into play. By reasoning more holistically about model building in DL, the team can enable new system optimizations at scale.
The vision is for Cerebro to elevate DL model building, exploration, and debugging with higher-level APIs that are already common. Examples include hyper-parameter tuning, neural architecture tuning, so-called AutoML procedures, and sub-group analysis. Under the hood, Cerebro exploits both the computational and the mathematical properties of the workload, as well as the data layout and hardware properties, to run it more efficiently.
Cerebro’s layered system design, called logical-physical decoupling, helps it infuse a series of novel systems optimizations into multiple DL tools (e.g., PyTorch or TensorFlow), execution environments (e.g., filesystem-based, Spark-based, or cloud-native), and user-level interfaces (Jupyter notebooks or graphical user interfaces) without needing to change these tools’ internal code. This can help improve scalability, resource efficiency, and costs, as well as DL user productivity and portability across tools and environments.
Kumar cites the work of David DeWitt, one of his graduate school mentors at the University of Wisconsin-Madison, as one of the technical inspirations for this work. DeWitt is the pioneer of scalable and parallel relational database systems and scientific benchmarking of database systems.
Kumar believes the ML world sorely needs both of those philosophies–principled approaches to scalability and scientifically rigorous system benchmarking–and aims to redress these research gaps while also accounting for the different mathematical properties and practical operational constraints of ML workloads.
Kumar’s talk at CIDR was well-received by the database community as an example of the marriage of classical database ideas with modern ML systems to help democratize ML beyond technology companies.
Cerebro is supported in part by a Hellman Fellowship, the NIDDK of the NIH, an NSF CAREER Award, and two VMware gifts. Cerebro techniques have already been adopted by Apache MADlib, an open-source library for scalable ML on RDBMSs.
VMware is putting the technology in front of their enterprise customers. Their researchers presented a talk on their adoption at FOSDEM. Kumar’s students also integrated Cerebro with Apache Spark, a popular dataflow system. Zhang and Nakandala gave a talk on this integration at the Spark+AI Summit, one of only a handful of academic research-based talks at that popular industry conference. The first full research paper on Cerebro was published at VLDB, a premier database conference, with Nakandala presenting the talk. Nakandala and Zhang have also presented progress updates on Cerebro at the CNS Research Review in 2019 and 2020 and received feedback from CNS industry partners.
Kumar’s group has open-sourced the whole Cerebro platform to enable more practitioners to benefit from this technology. It is being used for UC San Diego Public Health research on terabyte-scale labeled datasets. The DL models built using Cerebro are being used to monitor various cohorts’ physical activity levels, including people in assisted living facilities and people with obesity, to help them live healthier lives. This project was funded by NIH NIDDK, demonstrating the growing importance of scalable data analytics and ML/DL in healthcare.
Looking ahead, Kumar has also started collaborations with other scientists to use Cerebro to help them scale DL for their analyses in materials science, political science, and neuroscience. Kumar believes DL’s growing popularity in domain sciences and other non-commercial pursuits makes his vision of democratizing DL systems more urgent, helping all users benefit.
- Lightening the data center energy load
February 3, 2021– Electrical engineers and computer scientists at UC San Diego are on the front lines of global efforts to reduce the energy used by data centers. The potential impact is great: the US government estimates that data centers currently consume more than 2.5% of U.S. electricity. This figure is projected to double in about eight years due to the expected growth in data traffic.
The UC San Diego Jacobs School of Engineering team has been awarded a total of $7.5 million from the US Advanced Research Projects Agency-Energy (ARPA-E) and the California Energy Commission to advance nation-wide efforts to double data center energy efficiency in the next decade through deployment of new photonic— light based—network topologies.
In particular, the UC San Diego team is focused on developing solutions to enable the thousands of computer servers within a data center to communicate with each other over advanced light and laser-based networks that replace existing electrical switches with optical switches developed within the ARPA-E program.
“The photonic devices we’re developing aren’t actually used within the servers per se: instead, the devices connect the servers within the datacenter network using a more efficient optical network,” said George Papen, a professor of electrical and computer engineering at UC San Diego and co-principal investigator on the project.
“By removing bottlenecks in the network, the computer servers, which account for the majority of power in the data center, operate more efficiently. Our project, supported by ARPA-E, aims to double the server power efficiency by transforming the network into a high-speed interconnect free of these bottlenecks,” said George Porter, a professor of computer science at UC San Diego and co-principal investigator.
What’s an optical switch?
So how do these data center networks pass bits of information and computation commands around today? They use a technology called electrical packet switching, in which a message is broken down into smaller groups, or packets of data. These packets of data are converted to electrical signals and sent through a cable to a network switch, where they’re routed to the desired location and pieced back together into the original message. Network switches are physical, electrical devices with ports for wired connections, that direct the flow of data from many machines.
Unlike electronic switches, optical switches aren’t bound by the limitations of electronics to transmit data. Instead, optical switches make direct “light path” connections from input ports to output ports. Since no conversion between optical and electrical data is required at every switch, optical switches don’t have the latency or electronic logjam issues that existing network switches have, and require less power to route data.
Using an optical network instead of an electrical network can produce a more efficient network with a larger data rate to each server. This can increase the energy efficiency of the servers, which consume most of the energy in a data center. One goal of the project is to demonstrate that the cost of such an optical network can drop below the cost of adding the additional semiconductor chips required to get the same data rate on existing electrical networks.
“It would be lower cost in part because you’re using less energy, but also in part because if you wanted to build a very high-speed network using existing commercial technology, the cost of adding additional chips to build bigger switches increases dramatically,” said Porter. “It’s not a linear relationship of double-the-speed for double-the-money; you can think of it almost like double the speed for quadruple the cost. On the other hand, optics, at these very high speeds, follows a more linear cost relationship.”
Developing a proof-of-concept
In phase one of the Lightwave Energy Efficient Datacenters (LEED) project in the ARPA-E Enlitened program, which ran from 2017-2019, Papen, Porter and UC San Diego colleagues Joe Ford, a professor in the Department of Electrical and Computer Engineering, and Alex Snoeren, a professor in the Department of Computer Science and Engineering, developed the photonic technology and network architecture required to enable this scale of optical switching. The collaboration between electrical engineers—who designed a new type of optical switch—and computer scientists—who developed the protocol to allow it to work at a data center scale—was key.
Their success hinged on a new type of optical switch conceptualized by UC San Diego alumnus Max Mellette, co-founder and CEO of spinout company inFocus Networks. Instead of the full crossbar architecture that was previously used, which allows any node in the data center to talk to any other node, his idea was to create a switch that had more limited connectivity, thereby enabling faster speeds.
The key insight was to develop a network protocol that would enable this faster but less-connected architecture to communicate in a way that would still deliver the performance required. By working closely with computer scientists led by Porter and Snoeren, the team made it happen.
By the end of Phase 1, this new optical switch was functional, able to run applications and receive data in a testbed setting. Now in Phase 2, the team is working with collaborators at Sandia National Laboratories on scaling up the architecture to function with larger amounts of data and more nodes. The goal for Phase 2 is a realistic testbed demonstration that an optical network architecture provides significant value to end-users.
A storied history of photonics
There was a good reason this UC San Diego team was selected for the Enlitened program: it was here that, more than a decade ago, then-postdoc Porter was part of a research team also including Papen, that assembled and demonstrated the first data center testbed using an optically switched network. The paper describing this work has been cited more than 1,000 times.
Since then, Porter, Papen, Ford, Snoeren and colleagues in both the electrical engineering and computer science departments and the Center for Networked Systems have worked closely to further develop and refine the technology, and work towards making it a commercially viable reality.
“We were the first to show we could build testbeds with optically switched networks for data centers,” Porter said. “Papen and I have been meeting multiple times a week for 10 years, supervising students together, and working on this optical data center concept for a decade; it’s a real example of what can happen when computer scientists and electrical engineers work closely together.”
While their optical data center is still in the proof-of-concept phase, researchers agree there will come a time when the cost of adding more and more semiconductor chips to drive faster speeds simply won’t be cost-competitive, putting aside the energy concerns. At that point, optical systems will become much more appealing. It’s hard to know when exactly that will be, but researchers predict it could be as soon as five years from now, and likely within 10.
“Nonetheless, there’s so much work to do to be able to validate that indeed if we can’t continually scale chips, what applications should we first apply optical switching? That will take a significant effort to sort out,” Papen said. The researchers are working with national labs and private companies to test optical switches on various live applications to help answer this question.
Difficult, future-looking work such as this optical data center project is a perfect example of the role academic research institutions play in the innovation ecosystem.
“This is a really hard problem to solve, and hard problems take a long time,” Papen said. “Being able to devote the time to this, and collaborate with faculty and students from across the entire engineering school, is what makes this type of transformative development possible.”
The original story posted here: https://jacobsschool.ucsd.edu/news/release/3215
https://ucsdnews.ucsd.edu/pressrelease/lightening-the-data-center-energy-loadMedia Contacts
Katherine Connor
Jacobs School of Engineering
858-534-8374
khconnor@eng.ucsd.edu - Applied Networking Research Prize
CSE/CNS graduate student Audrey Randall was recently awarded the Applied Networking Research Prize (ANRP) for her work on DNS caching and privacy. The ANRP winners for 2021 were selected from 76 nominations. They were reviewed according to a diverse set of criteria, including scientific merit, relevance to IETF and/or IRTF activities, and the nominee’s potential to impact the community.
Audrey Randall, Enze Liu, Gautam Akiwate, Ramakrishna Padmanabhan, Geoffrey M. Voelker, Stefan Savage, and Aaron Schulman, “Trufflehunter: Cache Snooping Rare Domains at Large Public DNS Resolvers,” Proceedings of ACM IMC 2020.
- CSE’S STEVEN SWANSON NAMED INAUGURAL HOLDER OF THE HALICIOĞLU ENDOWED CHAIR IN MEMORY SYSTEMS
UC San Diego Computer Science and Engineering (CSE) Professor Steven Swanson is building computer systems that explore how new memory technologies will impact the future of computing.
In recognition of his impressive body of research to create software to support persistent memory, Swanson was recently named the inaugural holder of the Halıcıoğlu Chair in Memory Systems at UC San Diego. The $1 million chair is part of a larger $18.5 million gift made in 2013 to the department by CSE alumnus Taner Halıcıoğlu ’96.
The chair provides a dedicated source of funds, in perpetuity, for the chair holder’s scholarly activities as well as support for graduate students.
“In the face of the COVID-19 pandemic, Professor Swanson’s work is more important than ever before,” said UC San Diego Chancellor Pradeep K. Khosla. “His research, teaching and mentorship not only push the boundaries of human understanding, they inspire our academic community to continue innovating, experimenting and discovering. These efforts are critical to our mission as a public research university.”
The chair is named after Halıcıoğlu, who was Facebook’s first full-time employee when it had only 15 computer servers and 250,000 users. Now he spurs startups in San Diego as an angel investor and is also a lecturer in the computer science department. He’s been recognized as a 2020 CSE Distinguished Alumnus, a 2019 Chancellor’s Medalist and a UC San Diego 2019 Outstanding Alumnus.
“Taner’s incredible generosity and support of innovation and the work of Steven Swanson will impact our department, our university and our world for years to come,” said CSE Department Chair Sorin Lerner.
“Endowed chairs give faculty members the freedom to pursue revolutionary ideas, inspire the next generation of innovators, and transform our society in fundamental ways,” Swanson said. “I am privileged to be able further this kind of work at UC San Diego and CSE.”
Impacting the Future of Computing
Swanson is the director of the UC San Diego Non-Volatile Systems Laboratory, where his group
builds computer systems to explore how new memory technologies will impact the future of computing, with a focus on non-volatile memories that allow programmers to build long-lived data structures that can survive system crashes and power failures.
“This requires the data structures to be extremely robust, but that is hard because systems can fail in so many different ways,” he said.
Their recent research has made it easier for programmers to build these robust data structures. “Rather than relying on the programmer to get it right, we have built a compiler that automatically checks for the properties these data structures need. This means less testing, fewer bugs and better reliability,” he said.
Swanson has also been working with colleagues to develop a new course and lab (CSE142 and CSE142L) that teach students how to fully utilize the powerful features that modern processors provide.
“Based on our experience of what really matters to software developers, we take the students on a ‘grand tour’ of modern CPUs and then have them apply what they’ve learned to optimize machine learning workloads,” he said.
Halıcıoğlu’s gift has also created the Halicioğlu Chair in Computer Architecture at UC San Diego, which is held by CSE Professor Hadi Esmaeilzadeh, and the Ronald L. Graham Chair of Computer Science held by CSE Professor Ravi Ramamoorthi.
- Apply by January 25 for the Alan Turing Memorial Scholarship
The Alan Turing Memorial Scholarship is a one-year award up to $10,000 for enrolled UC San Diego undergraduate students majoring in computer science or computer engineering, public policy, communications, and other programs touching on networked systems and who are active in supporting the LGBT community. In addition to receiving a scholarship, recipients have an opportunity to carry out guided research under the direction of one of the center’s faculty mentors.
Applications for the 2021-2022 scholarship will be accepted until January 25, 2021. The selection committee will review the applications and the recipient will be notified in the summer of 2021.
Please apply here: https://fas.ucsd.edu/types/scholarships/continuing-undergraduate-students.html
- Eustaquio Aguilar Ruiz Named Alan Turing Memorial Scholarship Recipient
Eustaquio Aguilar Ruiz, a senior majoring in physics with a specialization in computational physics, has received the 2020-2021 Alan Turing Memorial Scholarship from UC San Diego’s Center for Networked Systems (CNS). This is the fifth year that CNS has recognized a student majoring in programs touching on networked systems who is active in supporting the LGBT+ community.
CNS established the Alan Turing Memorial Scholarship in 2015 to pay homage to the cofounder of computer science, Alan Turing, the famed cryptanalyst, and mathematician. His work accelerated the Allied victory in World War II by more than a year. After the war, Turing was persecuted for his orientation as a gay man. He died by suicide in 1954.
“The Turing Scholarship at UC San Diego is a unique way that we, as a community, show how much we value diversity, particularly diversity aimed at the LGBT+ community. Diversity is essential to strengthening our center and is in line with our university’s mission,” said CNS Co-director and Computer Science and Engineering Associate Professor George Porter.
Ruiz arrived in the United States from Mexico when he was two years old. Through financial hardship, Ruiz and his mother and stepfather have persevered. Ruiz has been able to charter his academic path with his ultimate goal in mind– to obtain a higher education degree, which had been unimaginable for his ancestors. “Joining college made me feel liberated, but I also felt, more than ever, the personal responsibility of continuing to assist those in my community,” said Ruiz.
The adversity Ruiz faces as a gay Latino first-generation college student has fueled him to actively serve the communities with which he identifies. During his college career, he has been involved with the UC San Diego LGBT Resource Center, the Queers and Allies of Eleanor Roosevelt College, and he is in his third year of serving as a peer mentor for the First-Generation Student Success Coaching Program. With the skills he has learned, he has fostered an inclusive and empowering environment for more than 50 first-generation college students from UC San Diego. Ruiz is currently involved with the UC San Diego oSTEM organization, but he said when he first attempted to join more STEM-related organizations, “I felt so misplaced.”
“I feel that many who are LGBT+, along with other marginalized identities, struggle with finding a welcoming place. The Alan Turing Memorial Scholarships represent hope and opportunity for students with complex and diverse identities in the LGBT+ communities,” he said.
The scholarship is open to undergraduates who are active supporters of the LGBT+ community and majoring in computer science, computer engineering, public policy, communications, and other programs touching on networked systems. It is awarded to students based on academic merit, with a preference for those with demonstrated financial need.
CNS reached its endowment goal of $250,000 in February 2020. Many individual donors and corporate donors made this possible, including a generous donation from the Amateur Radio Digital Communications (ARDC) in memory of Brian Kantor, WB6YT, a UC San Diego alumnus who worked at UC San Diego for 47 years and founded the ARDC.
- Photonic Technology Research Receives Department of Energy Phase II Award
CNS faculty members George Papen, George Porter, and Alex Snoeren, along with fellow professor Joe Ford are part of a team that was awarded Phase II of the Department of Energy ARPA-E Award. The research team is developing a new datacenter network based on photonic technology that can double the datacenter’s energy efficiency. Their LEED project mirrors the development of CPU processors in PCs. Previous limitations in the clock rate of computer processors forced designers to adopt parallel methods of processing information and to incorporate multiple cores within a single chip. The team envisions a similar development within datacenters, where the advent of parallel lightwave networks can act as a bridge to more efficient datacenters. This architecture leverages advanced photonic switching and interconnects in a scalable way. Additionally, the team will add a low-loss optical switch technology that routes the data traffic carried as light waves. They will also add the development of packaged, scalable transmitters and receivers that can be used in the system without the need for energy-consuming optical amplification, while still maintaining the appropriate signal-to-noise ratio. The combination of these technologies can create an easily controllable, energy-efficient architecture to help manage rapidly transitioning data infrastructure to cloud-based services and cloud-based computing hosted in datacenters.
Datacenters are a critical component of the modern internet, responsible for processing and storing tremendous amounts of data in the “cloud.” Datacenters also provide the computational power needed for handling “big data,” a growing segment of the U.S. economy. Currently, datacenters consume more than 2.5% of U.S. electricity, and this figure is projected to double in about eight years due to the expected growth in data traffic. There are many approaches to improving the energy efficiency of datacenters. Still, these strategies will be limited by the efficiency with which information travels along metal interconnects within the data center devices—all the way down to the computer chips that process information. Unlike metal interconnects, photonic interconnects do not rely on electrons flowing through metal to transmit information. Instead, these devices send and receive information in the form of photons—light—enabling far greater speed and bandwidth at much lower energy and cost per bit of data. The integration of photonic interconnects will enable new network architectures and photonic network topologies that hold the potential to double overall datacenter efficiency over the next decade.
If successful, developments from ENLITENED projects will result in an overall doubling in datacenter energy efficiency in the next decade by deploying new photonic network topologies
- Facebook Announces 2020 Networking Systems Research Awards
Facebook Research announced the winners of the 2020 Networking Systems request for proposals. This year Facebook Research asked for proposals in the areas of host networking and transport security. Six proposals were accepted from 67 proposals from 15 countries and 57 universities. Congratulations to CNS/CSE faculty members George Porter, Aaron Schulman, and Alex C. Snoeren for receiving one of the six awards for their proposal on a custom NIC and network stack to support parallel network fabrics.
“This year’s submissions continue to reflect the quality and breadth of research topics in academia, and at the same time, their relevance to addressing Facebook’s growing networking infrastructure needs was indeed impressive,” says Rajiv Krishnamurthy, Software Engineering Director at Facebook. “I look forward to continuing our close collaboration with academia to solve interesting technical challenges as we build a more social network.” (2020, August 26). Announcing the Winners of the 2020 Networking Request for Proposals. Facebook Research. https://research.fb.com/blog/2020/08/announcing-the-winners-of-the-2020-networking-request-for-proposals/
- A Unique Spring Quarter
Spring quarter 2020 was a unique experience for CSE/CNS Professor Geoffrey M. Voelker, who has been teaching CSE 125/Software System Design and Implementation at UC San Diego for the past twenty years. As with many faculty this year, Voelker had to quickly prepare for a remote class that was never intended to be online. Normally thirty students work closely together in the CSE computer lab in teams of six or seven students and build a distributed, real-time, 3D multiplayer game. This year, because of the global pandemic, the entire course had to be reconfigured for team members to work together (remotely) and the final demo presentation, typically held in front of 200 people in the Qualcomm Institute auditorium Atkinson Hall, was held on Twitch.
CSE 125 requires close collaboration and interaction among the students in each group and having to work remotely added significant hurdles to an already challenging class. Communicating, brainstorming, pair programming and debugging, access to appropriate hardware, and fostering group dynamics were all substantially more difficult than when working in person. The students worked intensely together for ten weeks, yet could not even go to dinner together.
Despite having to work remotely, though, the students succeeded beyond Voelker’s expectations. They quickly took advantage of a wide variety of remote collaboration tools, including Visual Studio Live Share, Zoom, Slack, Discord, Trello, GitHub, and Google Drive. The projects they produced were as creative, inspiring, and impressive as in previous years. Take a look at the videos!
CSE 125 culminates in a final live demo presentation where the students show off everything that they have accomplished in a fun, festive atmosphere. During the quarter, there was a lot of uncertainty in moving the final demos to an entirely remote event. But working closely with the amazing Events team at the Qualcomm Institute (Calit2), they were able to produce high-quality live streaming demos on Twitch that resulted in another memorable final demo experience. Twitch chat was true to its reputation, with many CSE 125 alumni supporting the students during the online demos.
The tradition of guest lectures continued remotely too. Tansen Zhu from Jam City and Ed Wu from Niantic had given lectures in the course before and generously were able to give guest lectures again, entirely online. While the experience is not the same, and the students did not have the opportunity to interact with Tansen and Ed in person, the lectures went very smoothly, and the interactive chat was quite lively.
The students were thankful that CSE 125 was not canceled this year and praised Voelker for adapting the class to be remote on short notice. They also praised Edward Chen, the class TA, for his technical troubleshooting during the ten weeks. The weekly team morale reports submitted to Voelker and Chen were unique. They included a variety of phrases like “life is pretty okay’, “loving this indoor life,” “hate the virus,” “need more air,” “groups are doing work,” and “we are going places.” All the students agreed that working on the project kept them busy and engaged during the quarantine, and by the end of the quarter, they were especially proud of what they accomplished during this challenging time.
CSE 125 – 2020 Class Photo