CNS News Archive

Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego.

The issues researchers uncovered have a broad impact, affecting the integrity of email sent from tens of thousands of domains, including those representing organizations in the U.S. government–such as the majority of U.S. cabinet email domains, including state.gov, as well as security agencies. Key financial service companies, such as Mastercard, and major news organizations, such as The Washington Post and the Associated Press, are also vulnerable.

It’s called forwarding-based spoofing and researchers found that they can send email messages impersonating these organizations, bypassing the safeguards deployed by email providers such as Gmail and Outlook. Once recipients get the spoofed email, they are more likely to open attachments that deploy malware, or to click on links that install spyware on their machine.

Such spoofing is made possible by a number of vulnerabilities centered on forwarding emails, the research team found. The original protocol used to check the authenticity of an email implicitly assumes that each organization operates its own mailing infrastructure, with specific IP addresses not used by other domains. But today, many organizations outsource their email infrastructure to Gmail and Outlook. As a result, thousands of domains have delegated the right to send email on their behalf to the same third party. While these third-party providers validate that their users only send email on behalf of domains that they operate, this protection can be bypassed by email forwarding.

For example, state.gov, the email domain for the Department of State, allows Outlook to send emails on their behalf. This means emails claiming to be from state.gov would be considered legitimate if they came from Outlook’s email servers. As a result, an attacker can create a spoofed email–an email with a fake identity–pretending, for example, to come from the Department of State–and then forward it through their personal Outlook account. Once they do this, the spoofed email will now be treated as legitimate by the recipient, as it is coming from an Outlook email server.

Versions of this flaw also exist for five other email providers, including iCloud. The researchers also discovered other smaller issues that impact users of Gmail and Zohomail– a popular email provider in India.

Researchers reported the issue to Microsoft, Apple and Google but to their knowledge, it has not been fully fixed.

“That is not surprising since doing so would require a major effort, including dismantling and repairing four decades worth of legacy systems,” said Alex Liu, the paper’s first author and a Ph.D. student in the Jacobs School Department of Computer Science and Engineering at UC San Diego. “While there are certain short-term mitigations that will significantly reduce the exposure to the attacks we have described here, ultimately email needs to stand on a more solid security footing if it is to effectively resist spoofing attacks going forward.”

The team presented their findings at the 8th IEEE European Symposium on Privacy and Security, July 3 to 7, 2023, in Delft, where the work won best paper.

Different attacks

Researchers developed four different types of attacks using forwarding.

For the first three, they assumed that an adversary controls both the accounts that send and forward emails. The attacker also needs to have a server capable of sending spoofed email messages and an account with a third party provider that allows open forwarding.

The attacker starts by creating a personal account for forwarding and then adds the spoofed address to the accounts’s white list–a list of domains that won’t be blocked even if they don’t meet security standards. The attacker configures their account to forward all email to the desired target. The attacker then forges an email to look like it originated from state.gov and sends the email to their personal Outlook account. Then all the attacker has to do is forward the spoofed email to their target.

More than 12 percent of the Alexa 100K most popular email domains–the most popular domains on the Internet– are vulnerable to this attack. These include a large number of news organizations, such as the Washington Post, the Los Angeles Times and the Associated Press, as well as domain registrars like GoDaddy, financial services, such as Mastercard and Docusign and large law firms. In addition, 32% of .gov domains are vulnerable, including the majority of US cabinet agencies, a range of security agencies, and agencies working in the public health domain, such as CDC. At the state and local level, virtually all primary state government domains are vulnerable and more than 40% of all .gov domains are used by cities.

In a second version of this attack, an attacker creates a personal Outlook account to forward spoofed email messages to Gmail. In this scenario, the attacker takes on the identity of a domain that is also served by Outlook, then sends the spoofed message from their own malicious server to their personal Outlook account, which in turn forwards it to a series of Gmail accounts.

Roughly 1.9 billion users worldwide are vulnerable to this attack.

Researchers also found variations of this attack that work for four popular mailing list services: Google groups, mailman, listserv and Gaggle.

Potential solutions

Researchers disclosed all vulnerabilities and attacks to providers. Zoho patched their issue and awarded the team a bug bounty. Microsoft also awarded a bug bounty and confirmed the vulnerabilities. Mailing list service Gaggle said it would change protocols to resolve the issue. Gmail also fixed the issues the team reported and iCloud is investigating.

But to truly get to the root of the issue, researchers recommend disabling open forwarding, a process that allows users to configure their account to forward messages to any designated email address without any verification by the destination address. This process is in place for Gmail and Outlook. In addition, providers such as Gmail and Outlook implicity trust high-profile email services, delivering messages forwarded by these emails regardless.

Providers should also do away with the assumption that emails coming from another major provider are legitimate, a process called relaxed validation policies.

In addition, researchers recommend that mailing lists request confirmation from the true sender address before delivering email.

“A more fundamental approach would be to standardize various aspects of forwarding,” the researchers write. “However, making such changes would require system-wide cooperation and will likely encounter many operational issues.”

Methods

For each service, researchers created multiple test accounts and used them to forward email to recipient accounts they controlled. They then analyzed the resulting email headers to better understand which forwarding protocol the service used. They tested their attacks on 14 email providers, which are used by 46% of the most popular internet domains and government domains.

They also created mailing lists under existing services provided by UC San Diego, and by mailing list service Gaggle.

Researchers only sent spoofed email messages to accounts they created themselves. They first tested each attack by spoofing domains they created and controlled. Once they verified that the attacks worked, they ran a small set of experiments that spoofed emails from real domains. Still, the spoofed emails were only sent to test accounts the researchers created.

“One fundamental issue is that email security protocols are distributed, optional and independently configured components,” the researchers write. This creates a large and complex attack surface with many possible interactions that cannot be easily anticipated or administrated by any single party.“

Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy

Alex Enze Liu, Ariana Mirian, Grant Ho, Geoffrey M. Voelker and Stefan Savage, UC San Diego Department of Computer Science and Engineering

Gautam Akiwate, Stanford University

Mattijs Jonker, University of Twente, Netherlands

Media Contact:
Ioana Patringenaru – ipatrin@ucsd.edu

The University of California San Diego will receive support from Cisco Research, for eight engineering projects that will tap into the strengths of UC San Diego researchers in cybersecurity, networking and distributed systems. Cisco Research conducts research in new and emerging areas of interest to Cisco, with the goal to achieve business, societal and technology impact.

Cisco Research finds its home within Outshift by Cisco, which serves as Cisco’s incubation engine, and as a result can tap into the advantages of a startup-like environment within the broader corporate backing of Cisco. Outshift is dedicated to pioneering new businesses and new markets in cutting-edge technology domains, including Cloud Native Application Security, Edge Native, Quantum, and Artificial Intelligence.

Funding through a first-of-its-kind agreement between the university and Cisco Research will advance projects led by researchers in the Center for Networked Systems and the departments of Computer Science and Engineering and Electrical and Computer Engineering at the UC San Diego Jacobs School of Engineering.

After a rigorous evaluation process, an initial five projects were selected to receive support through a Master Sponsored Research Agreement (MSRA). Additional projects will receive funding in subsequent quarters.

“We are delighted to receive funding from Cisco for these innovative projects,” said Stefan Savage, a professor in the Department of Computer Science and Engineering and co-director of the Center for Networked Systems​. “This collaboration allows us to advance research in crucial areas such as federated learning, natural language processing, recommender systems, cybersecurity, and carbon-aware computing. We are grateful for Cisco’s support and their commitment to building ongoing relationships with the faculty they fund.”

The initial projects funded are:

A project led by Center for Networked Systems (CNS) affiliate and Professor of Electrical and Computer Engineering Bill Lin focuses on developing a novel approach to federated learning for diverse edge computing environments. The project aims to leverage the inherent diversity of devices in large-scale edge computing scenarios and improve predictive performance by considering factors such as cluster sizes, local data heterogeneity, and varying computing capabilities.

Computer Science and Engineering (CSE) professor Julian McAuley is bridging the gap between academic models and the practical implementation of explainable and interactive recommender systems, which predict ratings a user might give to a specific item. The project aims to develop methods that facilitate natural language explanations, knowledge grounding, and user interaction to enhance the effectiveness and practicality of recommender systems.

CSE Professors and CNS affiliates Stefan Savage and Geoff Voelker are working on an enterprise-scale project that focuses on detecting and mitigating data breaches and ransomware attacks. Their method uses network login data to model the lateral movement of attackers as they infiltrate an organization in search of sensitive data. The UC San Diego team prioritizes and prunes data flows based on identifying causal graphs of movement that reach nodes with sensitive data, enabling faster detection and more efficient incident cleanup.
​
Jingbo Shang, an assistant professor of computer science who is also affiliated with the Halıcıoğlu Data Science Institute, is leading a project that addresses the challenge of automated knowledge extraction from massive text corpora. The project aims to minimize user effort through extremely weak supervision techniques, leveraging advanced neural language models to extract useful knowledge in various domains.

CNS affiliates and CSE professors G​eorge Porter and Amy Ousterhout are leading a project on carbon-aware inter-datacenter workload scheduling and placement. The project aims to optimize the allocation of workloads to data centers based on low-carbon power availability, contributing to the decarbonization efforts of large-scale datacenter providers.

“We have a rich history with Cisco not only sponsoring research in new and emerging areas with our exceptionally distinguished faculty but also in providing a pipeline of diverse talent and innovative startups,” said Anne O’Donnell, the Senior Executive Director for Corporate Strategy and Engagement for UC San Diego. “Together, the Cisco-UC San Diego team is truly advancing the state of the art in cybersecurity, networking and distributed systems. We look forward to a long term and fruitful partnership to generate real world results.”

Cody Noghera, the chief corporate relations officer for the Jacobs School of Engineering, said that through the MSRA, “we’ve sprinted swiftly down the path of true collaboration, and the work has only just begun. This partnership with Cisco has provided a strong bridge across our respective organizational boundaries, seamlessly blending our expertise and processes. Moving forward, we will continue to exchange innovative ideas, enhancing efficiency and fostering meaningful collaborations.”

Cisco has expressed its excitement about partnering with UC San Diego and intends to strengthen its ties with the funded faculty members.

“Cisco Research has had a long history of working with eminent faculty in several marquee universities across the world to conduct advanced research in technology. This MSRA with UC San Diego enables us to fund a vast variety of projects in emerging areas of technology that are of strategic interest to Cisco. We really view this as a beginning of a great relationship as we expect to fund more projects in the coming quarters and years. It’s particularly exciting to work with faculty at UC San Diego, where I went to graduate school for my Ph.D. in Computer Science and Engineering,” said Ramana Kompella, Head of Cisco Research.

By:
Katie E. Ismael – kismael@eng.ucsd.edu

Media Contact:
Katie E. Ismael – kismael@eng.ucsd.edu

From a pristinely packaged device on a box-store shelf to a beat-up and abandoned phone stripped of its SIM card, a smartphone’s journey from indispensable to deactivated is remarkably brief.

In a paper presented at the 2023 Architectural Support for Programming Languages and Operating Systems, computer scientists from the University of California San Diego Jacobs School of Engineering say that most smartphones are decommissioned 2.5 years after purchase. That’s the average length of time consumers keep their phones before depleted battery life, a broken screen, obsolete software or the release of a new model motivates them to shop for a replacement.

With 1.5 billion smart phones sold annually, it’s estimated that nearly as many are deactivated within that same time frame. The end-of-the-line for many of these outmoded smartphones is a junk drawer or a storage box in the garage.

But while these devices languish out-of-sight, out-of-mind, their processors could run faultlessly for more than 10 years. That means smartphones are routinely retired after expending just 25% of their functional lifespan.

This truncated lifespan begs the question: can smartphones be given a second life? If so, a second and more perplexing question must be considered, too: how can smartphones be repurposed without doing more environmental harm than good?

These are the issues researchers from UC San Diego’s Department of Computer Science and Engineering (CSE) are tackling. PhD student and first author Jennifer Switzer, along with her coauthors CSE professors Ryan Kastner and Pat Pannuto and PhD student Gabriel Marcano, has proposed a promising strategy to target smartphone waste in the paper Junkyard Computing: Repurposing Discarded Smartphones to Minimize Carbon.

“It takes a spectacular amount of energy to manufacture modern, high-performance computer technology. The paper explores how to make computing more sustainable by finding new uses for devices society has already paid the carbon cost to manufacture,” said Pannuto.

The High Carbon Cost of Recycling Phones

For many years, the Environmental Protection Agency (EPA) has encouraged consumers to recycle their deactivated smartphones. Their data suggests that for every million smartphones recycled, more than 35 thousand pounds of copper can be recovered along with smaller amounts of silver, gold and palladium. These and other raw materials can be used to produce new consumer goods such as automotive parts, jewelry, garden furniture and batteries.

The challenge is that one pocket-sized smartphone has already left a sizable carbon footprint. Recycling the phone leaves another. The process involves extracting raw materials from the phone, manufacturing new products and transporting them to consumers. Collectively, these steps burn fossil fuels and run the risk of harming air and water quality as well as sensitive ecosystems.

In contrast to the EPA’s e-waste recycling plan, Switzer and her co-authors hope to resurrect billions of discarded smartphones and redeploy them as working processors. Their approach avoids a carbon intensive manufacturing process while conceivably harnessing the unspent 75% of a smartphone processor’s lifespan.

Maximizing the Lifespan of Smartphone Processors

Switzer’s innovative study considers the practicality and environmental benefits of reusing processors (even from decade-old devices) for non-consumer applications, specifically as cloudlets for microservices for social media websites and as wildlife monitoring sensors. It also explores how to combine phones to perform increasingly complex tasks.

Along with these technical considerations, the paper addresses how to make computing more sustainable, offering a metric, Computational Carbon Intensity (CCI), to enable quantified comparison of the true lifetime impact of computing. The research suggests that junkyard computers can grow global computing capacity while simultaneously supplanting the manufacture of new devices.

The team applied CCI to old servers, laptops and smartphones and found that smartphones offer the best potential for carbon impact. Not only are there a remarkably large number of discarded phones available, but they come with a wide array of valuable components, including a robust power supply, networking hardware and, of course, powerful processors with plenty of utility remaining.

“For devices with shorter lifespans, such as smartphones, 80% or more of the lifetime carbon footprint comes from the energy expended to make the device, not the energy it used while it ran,” said Pannuto. “How many old phones, laptops, and desktops are gathering dust? Let’s see if we can find a useful second life for them!”

Earlier this year, Switzer and her co-authors earned a Distinguished Paper Award at the 2023 Architectural Support for Programming Languages and Operating Systems (ASPLOS) conference, the premier forum for interdisciplinary systems research. Since then, their paper has had over 50,000 downloads, a record in the conference’s 28-year history.

(PhD Students Jennifer Switzer, Gabriel Marcano, and CSE professor Pat Pannuto are also researchers in the Center for Networked Systems.)

By:
Kimberley Clementi – kclementi@ucsd.edu
Katie E. Ismael – kismael@eng.ucsd.edu

Media Contact:
Katie E. Ismael – kismael@eng.ucsd.edu

Also Featured on KPBS News: https://www.kpbs.org/news/science-technology/2023/08/25/new-smartphone-recycling-plan-its-all-about-the-processor

From the vast dimensions of outer space to a colorful circus, from a playful 3D garden to an archipelago of floating islands, these wildly imaginative gaming worlds were conceived by UC San Diego students in the Department of Computer Science and Engineering’s CSE 125, aka “the videogame course.”

Each spring, CSE professor Geoffrey M. Voelker teaches the course known officially as “Software System Design and Implementation” to roughly three dozen seniors in computer science. The class challenges students to spend the quarter building a distributed, real-time, 3D multiplayer game, working collaboratively in teams.

At the start of the quarter, the teams all begin with a blank slate. Together, they must decide on the features of their project, specify its requirements, create a schedule and implement their design. The course culminates in a public demonstration, which doubles as the final exam.

“The fact that they’re able to do it in 10 weeks is just absolutely amazing – well-nigh impossible,” said Voelker. “They just don’t know it’s impossible; so, they are able to do it.”

In June, supporters and video game enthusiasts gathered in the Qualcomm Institute auditorium in Atkinson Hall to see the five games created during the 2023 edition of CSE 125. For each demo, audience members were picked to compete alongside the game’s development team.

“Everything that you’re seeing was done by the students in that group,” Voelker told the crowd. “There is no game engine. They implemented the game engine on the client. There’s no standard server. They implemented their own game standard and custom network protocol to hook together the clients with the server. The art as well. Everything is done by the students.”

“ROOTIN’ TOOTIN’ SPACEMAN SHOOTIN’”
Group One started the event with a demonstration of their action-packed videogame “Rootin’ Tootin’ Spaceman Shootin,’” the creation of Alexander Berryhill-Williams, Victor Chen, Jackson Conte, Katie Hsieh, Sophia Klueter, Farnia Nafarifard and Allen Weng.

In a fun-spirited mash-up of two worlds, astronauts in cowboy hats take to outer space – the final frontier – for an old western shoutout. Four spacemen navigate by lasso, exchange gunfire, and dodge floating asteroids and pioneer wagons – all to determine who will be the last one standing.

“The core mechanic of their game was a lasso for flinging players around in space, and it worked beautifully,” said Voelker.

“MAD MARTIANS”
Group Two also left earth’s atmosphere, setting their game “Mad Martians” on the Red Planet. Game creators – Jeannelle Balilo, Sahil Bhalla, Dillan DeMoss, Vladimir Em, William Hu, Cory Huynh, and Patrick Lin – were inspired by NASA’s Mars rover, Opportunity, which sent a final message 15 years after its landing: “My battery is low, and it’s getting dark.”

“Mad Martians,” an action-packed [GV1] tower defense game, pits four rovers against Martians who have become fed-up with humans trying to gentrify their planet. The rovers must defend their home base and fortify its defenses by collecting resources like crystals and wood. If the base falls, the rovers lose.

“The game play was particularly energetic and lively,” remarked Voelker.

“THE INVISIBLE ONE”
Group Three created “The Invisible One.” In this asymmetrical cooperative game, three players help the remaining player achieve the main objective – to escape the circus by navigating a dark and harrowing maze. But there’s a twist. The central player, a character named Alice, is blind. The other three players must help Alice reach the exit by using their special powers.

“The story of the game is incredibly creative and sensitive,” said Voelker, highlighting CSE students Zhiying Guan, Yucheng Huang, Jiahui Han, Ashley Kou, Yingkai Lee, Jack Wagner, Manshi Yang and Xiaoxiao Zou for both their unusual concept and technical execution.

“TAG GUYS”
Group Four included teammates Matthew Lawrence, Hancheng Lin, Sai Lui, Ann Luong, Yuxiao Qu, Andrew Slater and Sean Ye, who developed “Tag Guys.”

In this multiplayer party game, players select a customizable skin – a bee, trash panda, avocado, CSE’s iconic bear, or something similar – before joining a bright and cheerful open-world layout festooned with mushrooms, flowers, leaves and fallen logs. Once the clock is set to 5 minutes, the aim is simple; avoid getting tagged as “it.”

“They created an incredible 3D world to play the game in,” said Voelker. “It’s unusual for a game in CSE 125 to have a fully 3D environment.”

“AS THE WIND BLOWS”
Group Five wrapped up the 2023 demonstrations with another fast-moving party game, “As the Wind Blows.” Inspired by nature and Guohua art, teammates Yunxiang Chi, Esa Hammado, Binghong Li, Xiyan Shao, Alan Wang, Shuhua Xie, Lingye Zhuang created a game that was both mesmerizing and lively.

Players compete as mischievous Koroks, or forest spirits, fighting to occupy the glorious center island of a floating archipelago. Age-old elements – such as classical Chinese music and traditional art styles and colors – provide a picturesque juxtaposition to the more technical elements in the game, which include wind-based attacks and random weather events.

“Their game was incredibly polished with game play, art and sound – all very coherent to their theme,” said Voelker.

By Kimberley Clementi

The second annual HotCarbon Workshop was held at Boston University on July 9, 2023. This workshop focuses on sustainability throughout the entire lifecycle of modern computing. It brings together researchers and practitioners in computer and network systems to engage in lively discussions on a computer system’s operational and embodied impact.

The first session focused on systems energy and carbon quantification and optimization, including CPU, GPU, DRAMs, their configuration, tools, and accuracy evaluation. The second session focused on the unique challenges and potential research opportunities related to cloud environments. The third session focused on the unique challenges and opportunities in addressing the rising energy and carbon cost of Data and AI. The fourth session focused on tradeoffs across the life cycle such as embodied carbon calculation, tradeoffs between energy and carbon, and also, global policy issues. The day ended with a panelists Martha Kim (Columbia Univ.), Ramya Raghavendra (Meta), Huamin Chen (RedHat), Andrew Chien (Univ. of Chicago), Sanjay Krishnan (Univ. of Chicago) discussing “Can AI be sustainable?”

The presenters and their papers can be found here. https://hotcarbon.org/2023/program/

The HotCarbon Workshops were started by a collaboration between UC San Diego’s C3-Lab and the University of Washington. C3-Lab includes UCSD Professor George Porter who is also a Co-Director of the Center for Networked Systems (CNS), working alongside Professor Tom Anderson of the University of Washington. This year, the program committee was led by University of Chicago Professor Andrew Chien, and Tamar Eilem from IBM.

The research thrusts of C3-Lab are:

Thrust 1: Design datacenter systems that can adapt to the variability of renewable energy sources.
Thrust 2: Reduce the impact of information and communication technology manufacturing on total carbon footprint of networked systems.
Thrust 3: Develop new teachable material on the environmental effect of computing, as well as mitigation techniques at the hardware, software, and systems levels for reducing this effect. Developing new methods to communicate this research to the public is a key effort of C3-Lab.

Arun Kumar, Associate Professor of Computer Science and Engineering, the Center for Networked Systems, and the Halicioglu Data Science Institute

“My coming out process boosted both my self-confidence to question society’s dogmas that lack evidence and my ability to empathize with others. So, my identity as a gay man and as a freethinker reinforced each other, empowering me to chart my own novel research directions to advance both my research fields and their impact on practice.”

Full Story: https://today.ucsd.edu/story/queer-identity-empowers-uc-san-diego-scientists-to-challenge-norms-chart-new-discoveries

Congratulations to CNS graduate students Ben Du and Audrey Randall for dominating the doctoral component of the CSE department’s Award Ceremony tonight. Audrey received the department’s “Doctoral Award for Excellence in Research” and Ben the “Doctoral Award for Excellence in Teaching” and the “Doctoral Award for Excellence in Service and Leadership”. Congratulations, you both make us proud!

By Kimberley Clementi

The Center for Networked Systems (CNS) held its annual CNS Research Review at the UC San Diego Computer Science and Engineering Building on May 4 and 5. Now in its second decade, the invitation-only event introduced leaders from Qualcomm, Microsoft, Google, Cisco, Amazon and six additional industry representatives to the latest research from CNS students and faculty.

The event included 18 research talks, eight two-minute lightening talks and nine poster presentations. A dinner reception was held at the 15^th-floor meeting rooms at Seventh College, overlooking La Jolla’s scenic Black’s Beach. The event was hosted by Stefan Savage and George Porter, CNS co-directors and professors in the Department of Computer Science and Engineering.

“Our guests enjoy the CNS Research Review because it intersects with real-life challenges in their industries and broadens the depth and breadth of related research.  At the same time, our students benefit from casual conversations with industry leaders,” said CNS Administrative Manager Jennifer Folkestad.

CNS has expertise across a wide range of applied research areas involving computer networking, systems, security and related policy. In each area, affiliated faculty and students address emerging real-world problems in partnership with member companies. The CNS Research Review mirrors this approach, providing CNS graduate students the opportunity to present a talk to industry guests and elicit insights on the practical problems addressed by their research.

Over the course of two days, research talks were presented by four CNS affiliated-faculty members: Amy Ousterhout, Geoffrey Voelker, and Earlence Fernandes from CSE and Christian Dameff, MD from the Department of Emergency Medicine. Fifteen CNS/CSE graduate students also gave talks, including (in order of appearance): Amanda Tomlinson, Alex Bellon, Zhiyuan Guo, Enze “Alex” Liu, Caleb Stanford, Zesen “Jason” Zhang, Audrey Randall, Yuhao Zhang, Kabir Nagrecha, Alex Yen, Tianyi Shan, Evan Johnson, Yibo Guo, Keegan Ryan and George Arnold Sullivan.

Event Webpage: https://cns.ucsd.edu/events/event/announcing-the-cns-research-review-may-4-and-5-2023/

https://cse.ucsd.edu/about/news/cns-2023-annual-research-review

By Kimberley Clementi

For the second consecutive year, three faculty members from UC San Diego’s Computer Science and Engineering (CSE) department were recognized with the National Science Foundation’s Faculty Early Career Development (CAREER) award. Assistant professors Albert Chern, Tzu-Mao Li and Aaron Schulman were among those to receive this year’s award, joining an impressive 43 CSE colleagues honored in previous years.

The Faculty Early Career Development (CAREER) Program offers NSF’s most prestigious award to support early-career faculty who have the potential to serve as academic role models in research and education and to lead advances in the mission of their department or organization. The program provides grants to support solutions-oriented research in science and engineering.

CSE assistant professors Taylor Berg-Kirkpatrick, Ndapa Nakashole and Rose Yu were 2022 CAREER award recipients, receiving grants to research in the areas of language and artificial intelligence, machine reading in healthcare and spatiotemporal data analysis. The latest grants will support research in physical simulations, visual computing and wireless security.

A Different Angle on Physical Simulations

NSF has earmarked funding for Albert Chern’s research on the topic Geometric Approaches to Simulation. Chern, who earned his PhD in computational mathematics from CalTec before joining CSE in 2020, combines both fields to examine the computational aspects of differential geometry.

With this project, Chern aims to address two fundamental challenges in physical simulations: simulating vortex-dominated fluids, and solving partial differential equations on infinite domains. While many simulations take place in a flat Euclidean space, Chern studies simulations from a different angle – one that leverages advanced geometric mechanics.

Bridging Machine Learning and Classical Visual Computing

Research funded by Tzu-Mao Li’s CAREER award for Differentiable Programming For Visual Computing could enable self-driving cars to make better decisions. Or it could train robots to use physical information to interact with their environment. It could even lead to more realistic virtual worlds, superior cinematic film shots, and improved building design with better lighting and functionality.

Li, who joined CSE in 2021 and is affiliated with the Center for Visual Computing, sees broad applications for his mathematical approach to processing visual data. Existing methods have notable limitations. Deep neural networks, a modern machine learning method, do not model the underlying physical process and are difficult to debug and control; classical visual computing algorithms don’t learn and have narrow applications. Li’s synergistic plan accounts for the strengths and weaknesses of each.

Wireless Defenses for Critical Infrastructure

Aaron Schulman, an assistant professor in CSE since 2016 and a member of the Systems and Networking group, received a CAREER award to support his research on the topic: “Protecting Critical Infrastructure Against Wireless Attacks.”

Schulman explains just how pervasive wireless communication has become within modern critical infrastructure, allowing operators to connect and monitor everything from configurable speed signs and aviation fuel trucks to city-wide water valves and circuit breakers on the power grid. Despite obvious benefits, wireless access has created a new vector for attackers.

Schulman’s project is a multi-pronged effort to remedy these potential threats. It seeds a new class of security principles and cyber-defenses – such as universal wireless scanning and wireless fingerprinting – designed specifically to protect critical infrastructure.

Congratulations to Evan Johnson (and co-authors) for winning the IEEE S&P Distinguished Paper Award for “WaVe: a verifiably secure WebAssembly sandboxing runtime”! https://sp2023.ieee-security.org/program-awards.html

From reclaiming the 1.5 billion smart phones deactivated annually to finding a new way to reduce browser security risks, UC San Diego computer scientists tackled big issues in two papers that were recognized recently at the 2023 Architectural Support for Programming Languages and Operating Systems (ASPLOS) conference.

In total, Department of Computer Science and Engineering (CSE) researchers presented four papers at the conference, with two winning Distinguished Paper Awards.

“When four papers from CSE faculty and students are presented at APLOS, a prestigious and long-standing conference, it’s evident our department is attracting the highest caliber people and providing the resources necessary to produce forward-thinking research,” said CSE Department Chair Sorin Lerner. “For 35 years, we’ve been producing work with global impact. And I’m confident we’re just getting started.”

Organized by the Association for Computing Machinery, ASPLOS is the premier forum for interdisciplinary systems research, spanning the boundaries of computer architecture, hardware, programming languages, compilers, operating systems, networking and emerging technologies and applications.

Recouping the Cost of Junked Phones
Your smartphone battery won’t hold a charge. The screen is cracked. Its camera – or perhaps the phone’s software – has been rendered obsolete by the release of a newer model. For smartphone users worldwide, this is a relatable moment. What comes next is, too.

“1.5 billion smartphones are sold annually, and most are decommissioned less than two years later,” said Jennifer Switzer, a CSE Ph.D. student and first author of Junkyard Computing: Repurposing Discarded Smartphones to Minimize Carbon. “Most of these unwanted devices languish in junk drawers or storage units.”

In the case of this computational stockpile, an individual’s trash could be another industry’s treasure. At least that’s the theory behind the paper, which was co-authored by CSE professors Ryan Kastner, Pat Pannuto and PhD student Gabriel Marcano.

The study considers the practicality and environmental benefits of reusing smartphone components (even from decade-old devices) for non-consumer applications, specifically as cloudlets for microservices for social media websites and as wildlife monitoring sensors. In addition to addressing critical technical questions, the paper explores how to make computing more sustainable, offering a metric, Computational Carbon Intensity (CCI), to enable quantified comparison of the true lifetime impact of computing.

“For devices with shorter lifespans, such as smartphones, 80% or more of the lifetime carbon footprint comes from the energy expended to make the device, not the energy it used while it ran,” said Pannuto. “How many old phones, laptops, and desktops are gathering dust? Let’s see if we can find a useful second-life for them!”

Since the paper was presented at ASPLOS 2023, it has had over 50,000 downloads, a record in the conference’s 28-year history.

Introducing A New Player in the Sandbox
You’ve entered a query in your internet browser. You need a term defined. Or perhaps you’re trolling for quantitative data or a funny meme. You click a link. And that’s when things go wrong.

A routine online search could compromise the security of the entire browser or expose your private information. These breaches are common because browsers use and trust dozens of third parties to support a rich library of audio, video and image formats. A bug in any one of these libraries could allow attackers to exploit vulnerabilities.

Attempts to mitigate security risks have ranged from course-grain renderer isolation and site isolation to, more recently, fine-grain isolation. With fine-grain isolation, or sandboxing, media libraries are isolated so that a bug in one doesn’t compromise the browser.

In the paper Going Beyond the Limits of SFI: Flexible Hardware-Assisted In-Process Isolation with HFI, CSE researchers have introduced a new player in the sandbox, Hardware-assisted Fault Isolation (HFI). This paper describes the addition of some minimally intrusive functionality to modern processors, which allows them to support, for the first time, fine-grain isolation that is fast, highly scalable, and secure even against speculative attacks like Spectre.

CSE alumnus and postdoctoral researcher Shravan Narayan (PhD ’22) led the effort, working with CSE PhD student Joey Rudek, researcher Tal Garfinkel and advisors CSE Associate Professor Deian Stefan and Professor Dean Tullsen, and collaborators from Fastly, Rivos and Intel Labs.

In addition to the Distinguished Paper Awards recipients, two more CSE-authored papers were presented at the conference:

Rosebud: Making FPGA-Accelerated Middle Development More Pleasant by CSE Professor Aaron Schulman and first author Moein Khazraee from the Massachusetts Institute of Technology, introduces an approach to designing FPGA-accelerated middle-boxes that simplifies development, debugging and performance tuning. Additional CSE collaborators include Alex Forencich, George C. Papen and Alex C. Snoeren.

Protecting Data Integrity of Web Applications with Database Constraints Inferred from Application Code, with CSE Professor Yuanyuan Zhou and first-author Haochen Huang and students Bingyu Shen and Li Zhong, addresses data integrity issues in databases, specifically those due to application bugs and operating errors.

One or more authors from each of the four conference papers are affiliated with UC San Diego’s Center for Networked Systems, including Pat Pannuto, George Papen, Aaron Schulman, Alex Snoeren, Deian Stefan and Yuanyuan Zhou.

By Katie E. Ismael and Kimberley Clementi

UC San Diego’s Computer Science and Engineering alumnus Supun Nakandala (PhD ’22) has been selected as winner of the Jim Gray Dissertation Award 2023 by the Association for Computing Machinery’s Special Interest Group on Management of Data (ACM SIGMOD). This prestigious award is given annually to an exceptional PhD graduate working in data management and databases.

“This win is a first for a UC San Diego student at SIGMOD. It is also the first time this award went to a thesis in the area of Databases for Machine Learning and Machine Learning Systems,” said CSE Associate Professor Arun Kumar, Nakandala’s advisor.

Nakandala’s dissertation, “Query Optimizations for Deep Learning Systems,” was recognized for expanding the relevance of database methods in the fast-growing ML systems area. The research proposes a novel approach to optimizing deep learning workloads by transferring and adapting classical query optimization techniques used in data management – ideas such as rewrites, multi-query optimization, and materialization optimization among others.

Nakandala, who was nominated by Kumar, will present his research at the 2023 SIGMOD conference in Seattle this June. The annual conference is a leading international forum for database researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange techniques, tools, and experiences.

By Kimberley Clementi

By Dina Temple-Raston

When Sarah Meiklejohn first discovered cryptocurrency, she was a grad student in computer science at University of California, San Diego.

“In the beginning we all were just like ‘whoa, Bitcoin what’s anyone doing with it,” she said.

This was back in 2013, four years after Bitcoin was dreamed up in a white paper by someone named Satoshi Nakamoto, and back then it was generally accepted that Bitcoin was untraceable, which was odd because Bitcoin transactions are public.

They are all represented by a meaningless string of characters — or hashes — on a digital ledger called the blockchain.

Meiklejohn believed once a cryptocurrency transaction touched the real world, the supposed meaninglessness of those hashes would fall away, and the transactions would reveal a lot about the people who made them.

“I kind of knew beyond any shadow of a doubt that Bitcoin was not anonymous,” she said.

It turns out you could figure out a lot by seeing how Bitcoin transactions are related to each other. At the simplest level, if a string of Bitcoin characters is initiating lots of crypto transactions and another string, or wallet, is receiving them, that gives you a relationship to work with. So Meiklejohn decided to prove that in an unusual way: by shopping.

Stefan Savage was her thesis advisor at UCSD. He still has a lot of the stuff she bought, and he went through it. “So we have a Guy Fawkes mask — very on brand for the time — some earrings, organic Colombian coffee beans, I’m sure those are still good after fifteen years,” he said.

This was part of the collection of things he and Meiklejohn bought with crypto to watch the transactions go from buyer to seller.

“It was, I need to get a purchase from some wallet in this cluster that my algorithm has identified,” Savage said, explaining how they came to choose their purchases. “Let me go and see things that are likely to get me there.”

What Meiklejohn didn’t know at the time was that a man named Michael Gronager was following her project and had read her research paper. He was writing an algorithm that would allow him to trace transactions at scale.

In fact, he used that algorithm to figure out where a bunch of stolen Bitcoin had gone when a crypto exchange called Mt. Gox went bankrupt in 2014. He eventually turned all this into the company Chainalysis.

He said his algorithm essentially automated and sweetened Meiklejohn’s tracing process. “I can see an automated pattern that is running all the time,” he said. Now he’s using it to help financial institutions and governments track stolen money and identify bad players in the crypto world.

An earlier version of this story appeared on the Click Here podcast from Recorded Future News. Additional reporting by Sean Powers and Will Jarvis.

Listen to the podcast here: https://www.marketplace.org/2023/04/24/how-a-mathematician-and-an-entrepreneur-took-a-bite-out-of-crypto-crime/

Three faculty members from UC San Diego’s Computer Science and Engineering (CSE) department wereamong the 79 Amazon Research Award recipients announced for the fall 2022 cycle. CSE Assistant Professor Sean Gao, who was also a 2021 awardee, was honored along with Associate Professors Yiying Zhang and Jishen Zhao.

Gao’s proposal, “Monte Carlo tree methods for decision-making in dReal,” earned an Amazon Research Award in Automated Reasoning. His research focuses on practical algorithms for NP-hard search and optimization problems that arise in the decision, control, and design aspects of computational systems.

Both Zhang and Zhao received awards in the AWS AI category. Zhang was recognized for her proposal, “Training deep neural networks with ‘zero’ activations,” which aims to improve model training speed in computer vision and speech recognition. The study is an extension of her ongoing research in operating systems, distributed systems, computer architecture, and datacenter networking.

Zhao’s award-winning proposal, “Semantic-informed document structure recognition with large language models,” adds to her larger body of research which spans the boundary between computer architecture and system software. Her work focuses on memory systems, machine learning for systems, and system support for smart applications.

Proposals were selected for the quality of their scientific content and potential impact in the areas of AWS AI, Automated Reasoning, Prime Video and Sustainability. This year’s recipients, representing 54 universities in 14 countries, have access to more than 300 Amazon public datasets and can utilize AWS AI/ML services and tools through promotional credits. They are also assigned an Amazon research contact for consultation, advice and training sessions.

By Kimberley Clementi

 

Did You Know? While Computer Science and Engineering (CSE) is celebrating 35 years, the Center for Networked Systems (CNS) is now half the department’s age. That represents nearly two decades of collaboration, of entrepreneurship, of tapping into the knowledge and vision of CSE and their world-renowned faculty.

CNS was launched in 2004 as an Organized Research Unit at UC San Diego and later became a center in CSE. The founding members included four international technology leaders – AT&T, Alcatel, Hewlett-Packard and Qualcomm Incorporated – who committed approximately $9 million over three years to CNS.

Today, the university-industry alliance is comprised of roughly 30 UC San Diego faculty members – each engaged in cutting-edge research that utilizes new techniques, evaluations, methodologies, and technologies to address emerging real-world problems in modern computing and data processing infrastructure. Qualcomm, who continues to be one of our valued industry partners, is joined by Cisco and Google. Collectively, CNS demonstrates expertise in a wide range of applied research areas, including most recently: data security, cloud computing, and Bluetooth low energy tracking.

Smartphone spyware apps that allow people to spy on each other are not only hard to notice and detect, they also will easily leak the sensitive personal information they collect,  says a team of computer scientists from New York and San Diego.

CSE’s Assistant Professor Amy Ousterhout, one of four new faculty members to join UC San Diego’s Center for Networked Systems, presented research at the 2023 Conference on Innovative Data Systems Research (CIDR) held in Amsterdam earlier this year. The paper, Zed: Leveraging Data Types to Process Eclectic Data, was a collaboration between researchers at UC Berkeley, where Ousterhout did her postdoc research, and Brim Data, a start-up founded by Steve McCanne.

The CIDR paper is an early workshop paper on the work Brim Data initiated to analyze logs of network traffic and respond to threats to network security. As the scope and complexity of this goal widened, McCanne reached out to Ousterhout for help tackling some of the more perplexing research questions. Their collaborative efforts resulted in Zed – a novel approach to processing eclectic data.

“Brim Data found that managing all of this heterogeneous data was challenging in itself. Users want to query network logs that contain different types of network traffic, the structure of the logs can change over time, and these tasks were challenging with existing ways of representing and querying data,” said Ousterhout, who believes Zed offers solutions in a variety of data-processing contexts, not only in network security.

UC San Diego’s Center for Networked Systems (CNS) is adding four additional faculty members to its growing ranks. Department of Computer Science and Engineering (CSE) assistant professors Earlence Fernandes, Imani Munyaka and Amy Ousterhout will be supporting CNS research endeavors, along with Christian Dameff, MD, an assistant professor with the university’s Department of Emergency Medicine.

While Ousterhout’s research focuses on operating systems and networks in datacenters, Dameff, Fernandes and Munyaka are studying cybersecurity concerns. Their affiliation with CNS expands the group to nearly 30 university faculty members – each one engaged in cutting-edge research.

“The mission of CNS is to connect the world-leading research of our faculty with our industrial partners who are facing real-world problems in these areas. With the addition of Amy, Christian, Earlence and Imani we are growing the depth and breadth of our research portfolio to include system resource scheduling and critical security problems in health care, Internet of Things (IoT), machine learning and usability,” said CNS co-director Stefan Savage who is also a CSE professor.

CNS is a research center that utilizes new techniques, evaluations, methodologies, and technologies to address emerging problems in modern computing and data processing infrastructure before they become critical.

“As CNS continues to grow, we are excited about the new opportunities this growth brings,” said CNS co-director and CSE professor George Porter.

Improving Medical Care and Safety
Dr. Christian Dameff aims to improve patient care and safety by exploring the risks inherent in integrating technology into the healthcare system. Dameff, with UC San Diego’s Department of Emergency Medicine, has researched hacking 911 systems, HL7 messaging vulnerabilities and malware.

“I work at the intersection of cybersecurity and patient safety, where bits and bytes meet flesh and blood,” said Dameff. “As cyber threats continue to plague healthcare, measuring the effects of events like ransomware on the diagnosis and treatment of disease is increasingly important and the start to effective prevention and response.”

As an emergency physician, clinical informaticist and co-founder of CyberMed Summit, Dameff hopes his efforts will help leadership in both private and government sectors to improve disaster preparedness and response systems.

“CNS will play a very important role in my research by facilitating interactions and key collaborations with world-renowned experts in the fields of networking and security,” he noted.

Establishing a Safer Computerized World
Earlence Fernandes is tackling one of computer science’s most pressing challenges: how to make the computerized world safe for everyone. Emerging technologies, such as smart phones and IoT devices, have made access to information easier but also less secure.

“My goal is to anticipate the security issues of emerging technologies and establish their security foundations so that society can gain the benefits of tech without the security problems,” said Fernandes. “Ultimately, building secure systems will make sensitive resources less vulnerable to attackers.”

Fernandes earned his bachelor’s in engineering from the University of Pune in Pune, India and his PhD in computer security from the University of Michigan. He is a recipient of the 2022 National Science Foundation CAREER Award and a 2022 Amazon Research Award.

Making Security and Privacy More Accessible
Imani Munyaka has made it her goal to alleviate cybersecurity concerns for marginalized, minoritized and historically ignored populations. Her research, which includes several studies with the blind, investigates the intersection of usability, security and privacy with a focus on improving the user’s experience with mobile device apps.

“My research is heavily focused on the human experience,” says Munyaka. “Most of the time, I’m focused on the security and privacy decision-making process of end-users and what we can do to improve the outcomes of the process.”

When assessing an app, Munyaka looks at usability and accessibility. She defines usability as a measure of how easy it is to use, and comprehend or interpret, a system or tool the way it was intended. Accessibility considers cost and availability as well as inclusivity for individuals with disabilities. Looking at colors, icons, phrases, noises and vibrations, Munyaka tests security warning variations to determine whether changes can be made to enhance the user’s experience. She contends that user experience is essential when determining the most effective cybersecurity solution.

Munyaka’s research has applications in spam warnings, voting technology, branchless banking and misinformation. She joined the CSE department in 2021 after completing her doctorate in Human Centered Computing at the University of Florida.

Combating Climate Change with Computer Science
Amy Ousterhout joined CSE’s systems and networking (Sysnet) group at the start of this school year. Her primary research interest is in operating systems and networks in datacenters with a focus on improving efficiency of applications – all while maintaining fast response times and supporting high request rates.

“My goal is to enable datacenter applications to achieve the same high performance while using fewer CPUs [central processing units], less memory or less energy,” said Ousterhout. “My hope is that, by making datacenters more efficient, I can contribute to the important goal of combating climate change.”

Ousterhout came to the university by way of UC Berkeley where she was a postdoctoral researcher in the NetSys Lab. Prior to that, she earned her PhD from the Massachusetts Institute of Technology and her bachelor’s in Computer Science from Princeton University.

UC San Diego cybersecurity expert Stefan Savage, whose work examines a wide range of technologies, from cars, to spam emails to cryptocurrencies, was elected to the National Academy of Engineering.

It’s the latest in a long series of accolades for Savage, who has also received a MacArthur “genius” award, the ACM Prize in Computing, which recognizes the greatest achievements in the field, and is a member of the American Academy of Arts and Sciences. He is also the first researcher to have received the “Test of Time” award from each of the leading computer security conferences: IEEE Security & Privacy, ACM Computer and Communications Security and USENIX Security.

Savage is being recognized for contributions to the security, privacy and reliability of network systems, transforming approaches to problems in these areas. He is a professor in the Department of Computer Science and Engineering at the UC San Diego Jacobs School of Engineering, where he is the Irwin Mark and Joan Klein Jacobs Professor in Information and Computer Science. Savage is also the Co-Director of the Center for Networked Systems (CNS).

“Stefan Savage is an outstanding computer scientist whose work has had many positive impacts on people’s lives around the world. It’s wonderful for these positive impacts to be recognized by the National Academy of Engineering,” said Albert P. Pisano, Dean of the UC San Diego Jacobs School of Engineering. “Stefan is also a fantastic mentor and role model. He inspires people to think deeply about technical challenges while always keeping the human components front and center.”

During his career as a faculty member, which has been spent exclusively at UC San Diego, Savage has worked with his students, and academic and industry collaborators on a broad range of problems. They hacked into cars remotely to point out security vulnerabilities. They tracked the financial transactions responsible for funding email spam campaigns and botnets around the world. His team also found ways to track cryptocurrency transactions on the Internet, even though these are supposed to be anonymous and are used by criminals as a result. And they found ways to pinpoint the source of attacks that cripple the internet and large websites such as Amazon and Facebook.

“Professor Savage has made lasting contributions to systems, networking and security, with tremendous practical impact. What truly sets him apart are his creativity, passion, generosity and ultimately a unique ability to always push the boundaries, no matter when, where, or how, in ways previously unimaginable,” said Sorin Lerner, chair of the Department of Computer Science and Engineering at UC San Diego.

Making cars safe from cybersecurity attacks
Perhaps the broadest-reaching work Savage undertook is focused on cybersecurity–or lack thereof–in cars.

A team co-led by Savage and Yoshi Kohno, a UC San Diego Ph.D. alumnus now a professor at the University of Washington, first found cybersecurity vulnerabilities in automobiles. They showed that they could take over a sedan while having direct access to the vehicle as well as remotely. They were able to control the car’s engine, brakes, lights and more.

“It was this work, and uniquely this work, that forced the automotive industry to significantly invest in security,” Savage said.

General Motors went from having a few cybersecurity experts scattered around the company to creating a cybersecurity team of more than 100, with a chief information security officer at its helm.

The National Highway and Traffic Safety Administration created a laboratory dedicated to cybersecurity testing. DARPA and the Department of Homeland Security both created programs to try and develop solutions to car-related security issues.

In addition, the Society of Automotive Engineering, which is the group dictating standards for the U.S. automotive industry, created a cybersecurity working group and has released two generations of security standards for cars.

The team has received the Golden Goose Award from the American Association for the Advancement of Science to recognize the impact of their work.

Throttling email spam
Savage also co-led a team with fellow UC San Diego computer science professor Geoff Voelker focused on better understanding the business of cybercrime. The effort was funded by a five-year, $10 million from the National Science Foundation to map out illicit activities taking place in the cybersecurity underworld.

Savage and colleagues were able to identify a critical bottleneck for spam email campaigns and online counterfeit goods transactions: only a few banks accept the credit card transactions necessary for these online ventures to monetize their activities. These findings allowed drug and credit card companies to disrupt the business models of several counterfeit drug rings to such an extent that they collapsed. One such example was shutting down all merchant accounts involved in receiving money from the sale of counterfeit Microsoft software online. As a result, it was largely impossible to buy counterfeit Microsoft software online for 18 months. The researchers’ work is described in more detail in Brian Krebs’ book “Spam Wars.”

Many of the techniques the team pioneered, including the automatic classification of malicious Web links and tracking the price of accounts sold on the black market to measure the effectiveness of anti-abuse mechanisms (e.g., such as CAPTCHAs) are now standard practice at major online companies such as Google, Microsoft, Facebook and Yahoo.

Tracking cryptocurrency transactions to fight crime
One of Savage’s Ph.D. students, Sarah Mieklejohn, with support from his research group and colleagues, developed transaction clustering techniques to trace cryptocurrency payments on the dark web. Mieklejohn is now on faculty at University College London.

The techniques developed at UC San Diego were adopted by the private sector and law enforcement to track down criminals who used Bitcoin for illicit transactions. WIRED reporter Andy Greenberg has detailed this work in his new book, “Tracers in the Dark.”

Stefan Savage is identifying and addressing the technological, economic, and social vulnerabilities underlying internet security challenges and cybercrime.

Cloud security and denial of service attacks
Savage and another UC San Diego Ph.D. student, Tom Ristenpart, now a professor at Cornell Tech, with colleagues now at UT Austin and Columbia, did the first significant work on cloud security. They showed that having computations from different organizations running on the same hardware creates side channels, which are a real security risk. As a result of this work, cloud providers started offering products that guarantee a given set of servers will only handle that specific client’s computations.

Earlier in his career, Savage and fellow computer science professor Geoff Voelker worked to better understand denial-of-service attacks that disable servers linked to the internet by overloading them with messages, which usually contain false source addresses (“spoofing”) to conceal the location of the attacker. They used key features of those forged addresses to detect and track the attacks. The resulting measurement infrastructure, known as the UCSD Network Telescope, has been used by countless groups to measure Internet activity.

In addition, the data researchers obtained on worms, as part of this work, allowed them to show how existing models of how disease spreads could be applied to viruses and worms on the Internet. Based on that research, the Department of Defense made significant investments into research to address these threats.

Brief bio
Savage received a bachelor’s degree in applied history from Carnegie Mellon University in 1991 and a Ph.D. in computer science from the University of Washington in 2002. He is part of both the Systems and Networking Group and the Security Group in the Department of Computer Science and Engineering at the UC San Diego Jacobs School of Engineering. He is also the co-director of UC San Diego’s Center for Networked Systems. He has published more than 150 peer-reviewed journal and conference papers in the wide-ranging areas of the economics of e-crime, characterizing availability, automotive systems, routing protocols, and data center virtualization. His Ph.D. students have gone on to work at prestigious academic institutions and Silicon Valley companies, including New York University, University College London, Google, Facebook and Microsoft.

He joins 32 UC San Diego-affiliated researchers who are NAE members.

Written by Ioana Patringenaru

UC San Diego Today: https://today.ucsd.edu/story/Stefan_Savage_NAE

National Academy of Engineering Class 2023

Carnegie Mellon Faculty and Alumni elected to National Academy of Engineering https://www.cmu.edu/news/stories/archives/2023/february/nae-2023-class.html

CNS faculty member Tajana Šimunić Rosing, a leading researcher in accelerating big data in hardware using both novel machine learning techniques, such as hyperdimensional computing, and in- and near-memory and storage processing, will receive the 2022 University Research Award from the Semiconductor Industry Association (SIA) and the Semiconductor Research Corporation (SRC).

SIA and SRC present the University Research Awards annually to professors who demonstrate excellence in advancing research in semiconductor technology and design. Rosing, the Fratamico Endowed Chair in the Department of Computer Science and Engineering, was honored on November 17 in San Jose for excellence in design research. She is the first woman to receive this award since its inception in 1995.

Full Story

By Kimberley Clementi

José Santana Sosa, a UC San Diego senior majoring in computer science, has received the 2022-2023 Alan Turing Memorial Scholarship from the Center for Networked Systems (CNS). He has also been named the inaugural recipient of CNS’s first ever Alan Turing Memorial Teradata Scholarship. This makes Santana Sosa the first student to receive both scholarships for a single school year.

CNS established the Alan Turing Memorial Scholarships to honor the memory of Alan Turing, the co-founder of computer science and a World War II era mathematician and cryptanalyst whose contributions to code breaking accelerated the Allied victory. After the war, Turing was persecuted for his orientation as a gay man. He died by suicide in 1954.

“Winning this scholarship is a great honor that deeply humbles me,” said Santana Sosa. “I am privileged to be part of this effort to bring visibility to the LGBTQ+ community and how impactful we have been throughout history.”

Santana Sosa, who moved to the United States from Venezuela, views the dual awards as validation of his many years of hard work. Prior to transferring to UC San Diego, Santana Sosa graduated from community college with an associate degree in mathematics. He recently interned with Apple in software engineering and with LPL Financial in technology and cyber security and, at one time, worked in an immigration law office helping others on their path to citizenship.

“Being an immigrant, Latinx, gay, first-generation transfer student, I understand how important and challenging it is to present your full, intersecting-self in academic and professional spaces. I am passionate about easing and supporting the way for others who are on a similar path,” said Santana Sosa.

Santana Sosa’s dedication to advancing underrepresented populations in science, technology, engineering and mathematics (STEM) is more than just talk. Currently, he is active in two engineering student organizations that support diversity in STEM: Society of Hispanic Professional Engineers (SHPE) and Out in STEM (oSTEM).

As Santana Sosa continues his CSE studies, he intends to prioritize human-centered design, developing software that solves and prevents problems for vulnerable populations. He hopes his contributions will disrupt the bias and inequality in computing and technology and improve the lives of individuals in marginalized groups. Santana Sosa also aspires to become a community college professor.

The Alan Turing Memorial Scholarship and the Alan Turing Memorial Teradata Scholarship are open to undergraduates who are active supporters of the LGBTQIA+ community and majoring in computer science, computer engineering, public policy, communications, and other programs touching on networked systems. They are awarded to students based on academic merit, with a preference for those with demonstrated financial need.

In February 2020, CNS reached its endowment goal of $250,000 for the Alan Turing Memorial Scholarship, for an annual award of $10,000. In 2021, the Teradata Corporation donated $50,000 to endow a second scholarship, the Alan Turing Memorial Teradata Scholarship, which gives an additional annual award of $2,000.

CSE is committed to diversity, equity, and inclusion efforts (DEI). Those interested in supporting scholarships related to those efforts can contact Jennie Morrow at jmorrow@eng.ucsd.edu. For more information about the Alan Turing Memorial scholarships, please contact Jennifer Folkestad at cns@eng.ucsd.edu.

UC San Diego Today Article

Congratulations to CNS faculty member Deian Stefan for receiving the most influential paper of ICFP’12 award for “Addressing Covert Termination and Timing Channels in Concurrent Information Flow Systems.”

Congratulations to CNS faculty member Nadia Heninger for her USENIX Security ’22 Test-of-Time award for her 2012 paper: “Mining your Ps and Qs: Detection of Widespread Weak Keys in Network Devices.” Nadia’s paper was also won the best paper award the year it was published. https://bit.ly/3RP4Izt.

Studies describe not only where the COVID-19 pandemic began, but the likelihood that the causative SARS-CoV-2 virus made the leap from animal hosts to people multiple times
August 24, 2022– In a pair of related studies, published online July 26, 2022 via First Release in Science, researchers at University of California San Diego, with colleagues on four continents, show that the origin of the COVID-19 pandemic in 2019 was at the Huanan Seafood Wholesale Market in Wuhan, China, and resulted from at least two instances of the SARS-CoV-2 virus jumping from live animal hosts to humans working or shopping there.

The findings, first reported in February after the papers were posted online as preprints awaiting peer review, garnered international attention, primarily focusing on identifying the market as the early epicenter of the COVID-19 pandemic. The World Health Organization estimates that there have been more than 559 million confirmed cases of COVID-19 worldwide and 6.4 million deaths since the pandemic was declared in early 2020.

“It’s vital that we know as much about the origin of COVID-19 as possible because only by understanding how pandemics get started can we hope to prevent them in the future,” said Joel O. Wertheim, PhD, associate professor in the Division of Infectious Diseases and Global Public Health at UC San Diego School of Medicine, and a co-author on both papers.

But elemental to understanding pandemic origins is pinpointing not just where, but how, a pathogen successfully jumps from a non-human animal host to human, known as a zoonotic event.

“I think there’s been consensus that this virus did in fact come from the Huanan Market, but a strong case for multiple introductions hasn’t been made by anyone else yet,” said Wertheim, senior author of the study that posits the SARS-CoV-2 virus, which causes COVID-19, jumped from animals to humans at least twice and perhaps as many as two dozen times.

According to researchers, two evolutionary branches of the virus were present early in the pandemic, differentiated only by two differences in nucleotides — the basic building blocks of DNA and RNA.

Lineage B, which included samples from people who worked at and visited the market, became globally dominant. Lineage A spread within China, and included samples from people pinpointed only to the vicinity the market. If the viruses in lineage A evolved from those in lineage B, or vice versa, Wertheim said this would suggest SARS-CoV-2 jumped only once from animals to humans.

But work by Wertheim and collaborators found that the earliest SARS-CoV-2 genomes were inconsistent with a single zoonotic jump into humans. Rather, the first zoonotic transmission likely occurred with lineage B viruses in late-November 2019 while the introduction of lineage A into humans likely occurred within weeks of the first event. Both strains were present at the market simultaneously.

Researchers arrived at this conclusion by deciphering the evolutionary rate of viral genomes to deduce whether or not the two lineages diverged from a single common ancestor in humans. They used a technique called molecular clock analysis and an epidemic simulation tool called FAVITES, invented by Wertheim team member Niema Moshiri, an assistant professor of computer science at Jacobs School of Engineering at UC San Diego and study co-author.

“None of this could have been done without FAVITES,” said Wertheim.

Validation

In February 2022, researchers at the Chinese Center for Disease Control and Prevention published a long-delayed analysis of genetic traces of the earliest environmental samples collected at the market two years earlier.

The samples were obtained after the first reports of a new, mysterious illness and after the market had already been shut down. No live wild mammals were left at the market. Instead, Chinese researchers swabbed walls, floors and other surfaces, tested meat still in freezers, sampled sewers and caught mice and stray cats and dogs around the market.

Their findings confirmed the not-yet-published predictions of Wertheim’s team that Lineage A was also at the market.

“We felt validated, but what we felt more was immense pressure because they beat our preprint to the punch by about 12 hours, and we could only discuss their findings in light of ours,” Wertheim said. “We were also shocked that they had been sitting on evidence for lineage A at the market for over a year without realizing its importance.”

The newly published data, said study authors, are powerful evidence that the two viral lineages evolved separately and that multiple spillover events occurred. The Wuhan market reportedly contained a robust live wild animal business, with snakes, badgers, muskrats, birds and raccoon dogs (a canid indigenous to Asia) and other species sold for food. Wertheim said he believes there were likely many viral introductions. At least two successfully made the animal-human leap; other viral strains went extinct.

“While I’m hesitant to call it proof, what we presented is the most comprehensive explanation for the SARS-CoV-2 genomic diversity at the outset of the pandemic,” Wertheim said. “There are really no other good explanations for both of these strains being at the market except for multiple jumps into humans.”

(The findings undercut a circulating and persistent theory that the SARS-CoV-2 virus escaped from the Wuhan Institute of Virology, located a few miles from the market.)

Jonathan E. Pekar, a doctoral student in Bioinformatics and Systems Biology who co-led the project with Wertheim and is lead author, said the pandemic was likely looming for years, awaiting only for the opportunity when humans would come into contact with an animal host capable of transmitting the virus.

“Everything complicated happened before that introduction,” Pekar said. “The last step is just extended contact and transmission from hosts to humans. At that point, it would actually be unusual to only have one introduction. We’ve seen this before with MERS-CoV (a similar zoonotic virus). We’ve seen it with humans giving SARS-CoV-2 to minks on farms and then minks giving it back to humans.

“This has happened before, and it’s going to keep happening. Nature is a better lab than humans will ever be.”

In addition to Moshiri and Pekar, Katherine Izhikevich is a co-author and a master’s student in computer science and the Center for Networked Systems.

The latest study continues a series of published papers by Wertheim and colleagues investigating and chronicling the origin and spread of COVID-19.

In September 2020, they published data explaining how the first, few cases of novel coronavirus in North America and Europe quickly spread due to insufficient testing and contact tracing. In March 2021, Wertheim, Pekar and colleagues characterized the brief time-period during which SARS-CoV-2 could have circulated undetected before the first human cases in Wuhan.

Co-authors of “The molecular epidemiology of multiple zoonotic origins of SARS-CoV-2” include: Andrew Magee, Karthik Gangavarapu and Marc A. Suchard, all at UCLA; Edyth Parker, Nathaniel L. Matteson, Mark Zeller, Joshua I. Levy and Kristian G. Andersen, all at The Scripps Research Institute; Katherine Izhikevich, Jennifer L. Havens and Tetyana I. Vasylyeva, all at UC San Diego; Lorena Mariana Malpica Serrano and Michael Worobey, both at University of Arizona; Alexander Crits-Christoph, Johns Hopkins Bloomberg School of Public Health; Jade C. Wang and Scott Hughes, both at New York City Department of Health; Jungmin Lee, Heedo Park, Man-Seong Park, Korea University; Katherine Ching Zi Yan and Raymond Tzer Pin Lin, all at National Centre for Infectious Diseases, Singapore; Mohd Noor Mat Isa and Yusuf Muhammad Noor, both at Malaysia Genome and Vaccine Institute; Robert F. Garry, Tulane University; Edward C. Holmes, University of Sydney, Australia; and Andrew Rambaut, University of Edinburgh.

Funding for this research came, in part, from the National Institutes of Health (grants T15LM011271, 5T32AI007244-38, R01AI135992, R01AI136056, R01AI132223, R01AI132244, U19AI142790, U54CA260581, U54HG007480, OT2HL158260, R01AI153044, U19AI135995, U01AI151812 and UL1TR002550), the National Science Foundation (NSF-2028040), the Coalition for Epidemic Preparedness Innovation, the Wellcome Trust Foundation, Gilead Sciences, the European and Developing Countries Clinical Trials Partnership Programme, the European Research Council, the Australian Research Council Laureate Fellowship, the National Research Foundation of Korea, the Branco Weiss Fellowship, the Epidemiology and Laboratory Capacity (ELC) for Infectious Diseases Cooperative Agreement and the Centers for Disease Control and Prevention (6NU50CK000517-01-07).

Full studies:

The Hunan Seafood Wholesale Market in Wuhan was the early epicenter of the COVID-19 pandemic

The molecular epidemiology of multiple zoonotic origins of SARS-CoV-2

Media Contacts
Scott LaFee
UCSD Health Sciences
619-543-6163
slafee@ucsd.edu

The CNS Espresso Prize for Excellence in Networking was awarded by Professor Aaron Shalev to UCSD undergraduate students Yibo Wei, Dylan Ellsworth, and Joshua Kuschner for their outstanding final projects in CSE 123 (spring quarter 2022).

Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practices of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.

Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.

The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123 based on the criteria for the final project assigned each year.

Previous Recipients of the CNS Espresso Prize for Excellence in Networking:

2018 Undergraduate recipient: Weiyang Wang
2017 Undergraduate recipient: Christian Chung
2017 Undergraduate recipient: Yihan Zhang
2016 Undergraduate recipient: Conner Johnston
2014 Undergraduate recipient: Aaron Yip Ming Wong
2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
2013 Undergraduate recipient: Jacob Maskiewicz
2013 Graduate recipient: Vidya Kirupanidhi

The Center for Networked Systems welcomes Cisco, Google, and Qualcomm as new and renewed CNS Corporate Members. To learn more about CNS corporate membership please go here: https://cns.ucsd.edu/member-benefits/.

A timed race between folding chairs and bean bags. A fast-paced beauty pageant where only one race car wins the crown. A farm with a dark twist. A game of cat and mouse. A magical battle in a medieval castle.

In a mere 10 weeks, that’s what computer science students in UC San Diego’s Department of Computer Science course CSE 125, dubbed the “video game class,” tackled with z-values, vectors, lines of code and 3D effects. Students pulled out all the bells and whistles – or at least digitally recorded soundtracks of them.

But what they learned went beyond fun and games. Students in CSE’s Software System Design and Implementation course spent spring quarter discussing both creative and highly technical questions related to their class project. The course emphasized the development process as well as one overarching goal: to design, build and implement a real-time, 3D multiplayer game as part of a team.

The popular course has been taught by CNS/CSE Professor Geoff Voelker for more than 20 years.

“On the first day of class in week one, we form five groups in the course,” said Voelker. “After we have everyone together, they start designing. They create a lot of concept art. They’re trying to picture what it is they want to be able to achieve. And then, by week two, they start implementing.”

From there, students have eight more weeks to decide on the features of their project, specify its requirements, create a schedule and implement their design. To make the course more exciting— and challenging— the groups give a public demonstration at the end of the course, which doubles as their final exam.

On June 3, team demos continued a long streak of engineering skill and pure entertainment. During the two-hour live event, five games – Chairioteers, Skrrt Skirt, Farmers Market, The Meoze Runner and Eternal Ritual – debuted on a large screen in the Qualcomm Institute auditorium in Atkinson Hall. Audience members were picked at random to play against members of the game’s development team.

“There’s really something magical that happens,” said Voelker. “By the end of the quarter, what’s really incredible is that it all comes together. It just looks amazing. Just incredible.”

Chairioteers

As Team One took the stage, they invited four competitors to grab their favorite chair and enjoy a quirky and spirited race across the UC San Diego campus. Inspired by “rollie chairs” in the CSE department (and by illicit late-night student races down its hallways), Chairioteers allowed players to select a classic swivel, a folding chair, a recliner or bean bag to race each other and the clock.

As players adjusted to the mechanics and speed of their selected chair, the Chairioteers’ game map zipped them past a gorgeous sunset, the iconic Geisel Library and the towering, multi-colored Sun God. A mini map on the top left helped players navigate the course. An original soundtrack, “Hold onto Your Seats,” played in the background.

That’s when an unexpected twist had players holding onto their seats for real. Audience members who scanned the QR code displayed on the screen could tweak the game in real-time. Every 15 seconds the audience voted on a web page to determine what happened to players in the game.

Chairioteers was written entirely in Rust, a programming language the team taught themselves during the first two weeks of class.

Skrrt Skirt

“Once upon a time, there were four cars. For the purposes of this story, we should give them names. How about Bill, Berry, Bevan and Bandrew,” began Emily Zhuang, prompting laughter, as the suggestions were playful adaptations of team member names.

Zhuang then introduced a fifth racecar, Baiden, named for yet another team member. But unlike the other cars, Baiden wore makeup, lipstick and a shiny, satin ribbon, which created a stir. All the cars wanted to look as fabulous as Baiden. They wondered which one of them could look the most glamorous.

With Mario Kart nostalgia and the unmistakable pink and pretty trappings of a beauty pageant, Skrrt Skirt’s creators set out to answer that question. The multi-player party game gave competitors one objective: to win and hold the pageant crown the longest.

Sporting lipstick, mascara, and girly flair, racecars collided, stole and used various power-ups, such as a hair dryer speed boost, to obtain the crown. As the race progressed, makeup dripped down the screen, inhibiting visibility. A bar at the bottom indicated when each car’s makeup had completely worn off, requiring a pit stop to touch-up lipstick and fully recharge.

Team Two built their game in C++ and used OpenGL, an application programming interface, as their graphics engine.

Farmers Market

As Team Three took the stage and guest players began selecting characters in Farmers Market, it appeared to be the beginning of another bucolic farming game: there was Bumbus the bunny, Swainky the frog and Gilman the pig. Then the team introduced Pogo – a ghostly character with a ghoulishly grinning pumpkin head – offering the first indication the game had a dark side, too.

“Obviously, a beautiful farming game happens a lot. So we decided to let the players poison each other’s crops, destroy each other’s farms and intoxicate each other,” said Danica Xiong.

“Farmers Market is a 3-D, third-person game where you can destroy your friendships or have a great time farming,” added Xiong. “Whoever makes the most money wins.”

While the timeclock ran, players purchased vegetable seeds at the shop and planted them on farm plots. Tomatoes, carrots and corn grew rapidly along with “super oats,” which could replenish stamina. As day turned to night, players harvested and sold crops to earn money and make additional purchases of seeds, water, watering cans and fertilizer.

That was one strategy. The shop had other merchandise for sale, too. Sabotage items – nets, shovels and poison – equipped players to steal veggies and destroy farm plots. They could also purchase items to inhibit their opponents’ abilities.

The Meoze Runner

Team Four loaded The Meoze Runner onto the auditorium screen, displaying a long, lean cat that stood at one end of a complex maze. Meanwhile, a team of three animated mice prepared to run the network of pathways and complete a series of tasks representing the UC San Diego campus and the steps to successfully graduate.

This game of cat and mouse took audience members on a one-of-a-kind tour of UC San Diego, providing a mouse-eye view of iconic landmarks such as Geisel Library and Fallen Star. While one mouse searched the maze for a diploma and delivered it to the goal, the other two mice had stationary tasks to complete, such as stacking books and matching cards in a memory game.

To win, the mice had to finish all three tasks before time ran out. To do this, they had to elude the cat. While the mice held an advantage in numbers, the cat was designed to move with more speed. Sound effects of meows and squeaks intensified the action, each time the cat drew close to its prey.

“It looks like one of our mice dropped some ketchup. That is horrible,” exclaimed Aidan Denlinger as the cat caught and killed a mouse before disappearing into the maze. “This gives the cat a bit of a horror element. You don’t know when it’s going to come out.”

Eternal Ritual

The scene was a medieval castle. Two twin elves crouched expectantly in an elevator as it slowly descended a tower to the courtyard below. The doors opened to a dark, dramatic sky. Somewhere in the shadows lurked the enemy: a team of elfin beauties equipped in the deadly arts of pure magic.

This was the realistic playground created by Team Five for Eternal Ritual. As game play began, two teams of elves stealthily hunted each other in the courtyard. The characters ran and dropped into forward rolls, all smoothly animated, to move faster and avoid taking damage. The left side of the screen displayed four types of magic the players could switch through as they battled the opposing team.

“The first magic is shooting fireballs,” explained Kelin Lyu as two players from the audience competed against members of Team Five. “The fireball collides with the terrain and deals damage only to your enemies.”

“The second magic is a chilling storm that deals continuous damage. It consists of many different types of particle systems to create the clouds, the dust, and the lighting. The third one creates lightening as a super fancy light and particle system, which is really cool. The last one is the ultimate,” said Lyu, as players cast a fire-breathing dragon head like an extension of their elf’s arm.

“It deals a lot of damage but consumes all your energy – just like CSE 125,” he added to knowing laughter from the audience.

Team Five developed their own powerful game engine, an OpenGL engine written in C++, to support the functionalities of their game and to render 3D objects above user interface (UI) elements.

Written By Kimberley Clementi

A team of engineers at the University of California San Diego has demonstrated for the first time that the Bluetooth signals emitted constantly by our mobile phones have a unique fingerprint that can be used to track individuals’ movements.

Mobile devices, including phones, smartwatches and fitness trackers, constantly transmit signals, known as Bluetooth beacons, at the rate of roughly 500 beacons per minute.These beacons enable features like Apple’s “Find My” lost device tracking service; COVID-19 tracing apps; and connect smartphones to other devices such as wireless earphones.

Prior research has shown that wireless fingerprinting exists in WiFi and other wireless technologies. The critical insight of the UC San Diego team was that this form of tracking can also be done with Bluetooth, in a highly accurate way.

“This is important because in today’s world Bluetooth poses a more significant threat as it is a frequent and constant wireless signal emitted from all our personal mobile devices,” said Nishant Bhaskar, a Ph.D. student in the UC San Diego Department of Computer Science and Engineering and the Center for Networked Systems and one of the paper’s lead authors.

The team, which includes researchers from the Departments of Computer Science and Engineering and Electrical and Computer Engineering, presented its findings at the IEEE Security & Privacy conference in Oakland, Calif., on May 24, 2022.

All wireless devices have small manufacturing imperfections in the hardware that are unique to each device. These fingerprints are an accidental byproduct of the manufacturing process. These imperfections in Bluetooth hardware result in unique distortions, which can be used as a fingerprint to track a specific device. For Bluetooth, this would allow an attacker to circumvent anti-tracking techniques such as constantly changing the address a mobile device uses to connect to Internet networks.

Tracking individual devices via Bluetooth is not straightforward. Prior fingerprinting techniques built for WiFi rely on the fact that WiFi signals include a long known sequence, called the preamble. But preambles for Bluetooth beacon signals are extremely short.

“The short duration gives an inaccurate fingerprint, making prior techniques not useful for Bluetooth tracking,” said Hadi Givehchian, also a UC San Diego computer science Ph.D. student and a lead author on the paper.

Instead, the researchers designed a new method that doesn’t rely on the preamble but looks at the whole Bluetooth signal. They developed an algorithm that estimates two different values found in Bluetooth signals. These values vary based on the defects in the Bluetooth hardware, giving researchers the device’s unique fingerprint.

Real-world experiments

The researchers evaluated their tracking method through several real-world experiments. In the first experiment, they found 40% of 162 mobile devices seen in public areas, for example coffee shops, were uniquely identifiable. Next, they scaled up the experiment and observed 647 mobile devices in a public hallway across two days. The team found that 47% of these devices had unique fingerprints. Finally, the researchers demonstrated an actual tracking attack by fingerprinting and following a mobile device owned by a study volunteer as they walked in and out of their house.

Challenges

Although their finding is concerning, the researchers also discovered several challenges that an attacker will face in practice. Changes in ambient temperature for example, can alter the Bluetooth fingerprint. Certain devices also send Bluetooth signals with different degrees of power, and this affects the distance at which these devices can be tracked.

Researchers also note that their method requires an attacker to have a high degree of expertise, so it is unlikely to be a widespread threat to the public today.

Despite the challenges, the researchers found that Bluetooth tracking is likely feasible for a large number of devices. It also does not require sophisticated equipment: the attack can be performed with equipment that costs less than $200.

Solutions and next steps

So how can the problem be fixed? Fundamentally, Bluetooth hardware would have to be redesigned and replaced. But the researchers believe that other, easier solutions can be found. The team is currently working on a way to hide the Bluetooth fingerprints via digital signal processing in the Bluetooth device firmware.

Researchers are also exploring whether the method they developed could be applied to other types of devices. “Every form of communication today is wireless, and at risk,” said Dinesh Bharadia, a professor in the UC San Diego Department of Electrical and Computer Engineering and one of the paper’s senior authors. “We are working to build hardware-level defenses to potential attacks.”

Researchers noticed that just disabling Bluetooth may not necessarily stop all phones from emitting Bluetooth beacons. For example, beacons are still emitted when turning off Bluetooth from the control center on the home screen of some Apple devices. “As far as we know, the only thing that definitely stops Bluetooth beacons is turning off your phone,” Bhaskar said.

Researchers are careful to say that even though they can track individual devices, they are not able to obtain any information about the devices’ owners. The study was reviewed by the campus’ Internal Review Board and campus counsel.

“It’s really the devices that are under scrutiny,” said Aaron Schulman, a UC San Diego computer science professor and one of the paper’s senior authors.

Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices

Dinesh Bharadia, UC San Diego Department of Electrical and Computer Engineering

Nishant Bhaskar, Hadi Givehchian, Aaron Schulman, UC San Diego Department of Computer Science and Engineering

Christian Dameff, UC San Diego Department of Emergency Medicine

Eliana Rodriguez Herrera Hector Rodrigo Lopez Soto, UC San Diego ENLACE Program.

Media Contacts

Ioana Patringenaru
Jacobs School of Engineering
858-822-0899
ipatrin@ucsd.edu

About a quarter of the world’s Internet users live in countries that are more susceptible than previously thought to targeted attacks on their Internet infrastructure. Many of the at-risk countries are located in the Global South.

That’s the conclusion of a sweeping, large-scale study conducted by computer scientists at the University of California San Diego, which recently received the Best Dataset at the Passive and Active Measurement Conference (PAM 2022). The researchers surveyed 75 countries.

“We wanted to study the topology of the Internet to find weak links that, if compromised, would expose an entire nation’s traffic,” said Alexander Gamero-Garrido, the paper’s first author, who earned his Ph.D. in computer science at UC San Diego.

The structure of the Internet can differ dramatically in different parts of the world. In many developed countries, like the United States, a large number of Internet providers compete to provide services for a large number of users. These networks are directly connected to one another and exchange content, a process known as direct peering. All the providers can also plug directly into the world’s Internet infrastructure.

“But a large portion of the Internet doesn’t function with peering agreements for network connectivity,” Gamero-Garrido pointed out.

In other nations, many of them still developing countries, most users rely on a handful of providers for Internet access, and one of these providers serves an overwhelming majority of users. Not only that, but those providers rely on a limited number of companies called transit autonomous systems to get access to the global Internet and traffic from other countries. Researchers found that often these transit autonomous system providers are state owned.

This, of course, makes countries with this type of Internet infrastructure particularly vulnerable to attacks because all that is needed is to cripple a small number of transit autonomous systems. These countries, of course, are also vulnerable if a main Internet provider experiences outages.

In the worst case scenario, one transit autonomous system serves all users. Cuba and Sierra Leone are close to this state of affairs. By contrast, Bangladesh went from only two to over 30 system providers, after the government opened that sector of the economy to private enterprise.

This underlines the importance of government regulation when it comes to the number of Internet providers and transit autonomous systems available in a country. For example, researchers were surprised to find that many operators of submarine Internet cables are state-owned rather than privately operated.

Researchers also found traces of colonialism in the topology of the Internet in the Global South. For example, French company Orange has a strong presence in some African countries.

Researchers relied on Border Gateway Protocol data, which tracks exchanges of routing and reachability information among autonomous systems on the Internet. They are aware that the data can be incomplete, introducing potential inaccuracies, though these are mitigated by the study’s methodology and validation with real, in-country Internet operators.

Next steps include looking at how critical facilities, such as hospitals, are connected to the Internet and how vulnerable they are.

Quantifying Nations’ Exposure to Traffic Observation and Selective Tampering (PDF), authored by: Alberto Dainotti (now at Georgia Institute of Technology), Alexander Gamero-Garrido (now at Northeastern University), Bradley Huffaker and Alex C. Snoeren, University of California San Diego, Esteban Carisimo, Northwestern University, Shuai Hao, Old Dominion University.

Written By Ioana Patringenaru

Four graduate students in the UC San Diego Department of Computer Science and Engineering have received prestigious National Science Foundation (NSF) Research Fellowships. The new fellows will receive a $34,000 annual stipend for three years, a $12,000 education allowance to cover tuition and fees, and numerous professional development opportunities.

Founded in 1951, the NSF Graduate Research Fellowship Program is the country’s oldest effort to support graduate STEM students. Learn about the new NSF fellows from CSE and the research they are conducting.

Alex Trevithick

Advised by Ravi Ramamoorthi, Trevithick works in the UC San Diego Center for Visual Computing and is developing advanced techniques to extrapolate novel views from a single input. He combines an approach called neural radiance fields for view synthesis (NeRF) with other techniques to infer colors and geometries in unseen regions. His long-term goals are to advance visual intelligence, creating views from occluded parts of images. The project can be applied in robotic locomotion and other areas.

Alisha Ukani

Network measurement provides insights into the performance of critical infrastructure, such as large scale data centers, making services faster and more reliable and better tailoring them to users’ needs.

Advised by Alex Snoeren, Ukani analyzes network traffic and reliability data. Her work has provided new insights into people’s online behaviors during COVID-19, as well as helping detect data center outages more quickly at Google. Ukani wants to continue her measurement research to improve people’s Internet experiences.

Olivia Weng

Weng focuses on using hardware/software co-design to create efficient, fault-tolerant computer architectures for machine learning. One example is the Large Hadron Collider, where physicists need hardware that will process millions of particle collisions per second. Her research will allow their hardware, and the machine learning software that runs on it, to meet these intense computing demands while resisting radiation.

Weng is supported by her advisor, Ryan Kastner. This award will allow her to freely collaborate with researchers in particle physics, machine learning and computer architecture.

Alex Yen

Yen’s work focuses on infrastructure analyses, and he is now investigating a large-scale Internet-of-Things (IoT) network built by Helium. Advised by Pat Pannuto, Yen and colleagues want to better understand the network’s operation, adoption, performance and efficacy. He is also working on analyzing electric grid infrastructure, building a camera-based system that uses machine learning and computer vision to examine grids, particularly in developing nations. By analyzing images from street and house lights, he and colleagues can infer grid properties.

Written by Josh Baxt

The Center for Networked Systems (CNS) held its 30th CNS Research Review on April 29. This annual event included CNS corporate partners, faculty and graduate students. There were research talks by Audrey Randall, Lixiang Ao, Alex Liu, Jennifer Switzer, Alex Yen and Alex Forencich and two-minute lightning talks presented by ten graduate students.

SkySafe founder and CEO Grant Jordan, who studied at CSE, gave the keynote, focusing on the challenges of tracking drones in critical airspace. With hundreds of drones in its fleet, Skysafe has reverse- engineered these complex machines to better understand how they operate and interact.

Jordan discussed what it takes to build these systems, as well as the infrastructure needed to boost drone use for good and discourage careless, clueless and criminal elements. The industry is also embracing data analytics/coordination, AI, ML, normalizing data, sensor fusion and improved reverse engineering.

In 2008, multicore processors, in which two or more processing units are embedded into an integrated circuit, were exploding in popularity. However, multicores spawned their own unique programming challenges.

University of California San Diego computer scientist Yuanyuan (YY) Zhou realized the enormous task in front of researchers: writing software to take advantage of those multiple CPUs could have a lot of bugs.

A professor in the Department of Computer Science and Engineering and the Qualcomm Endowed Chair, Zhou has now been honored with an Architectural Support for Programming Languages and Operating Systems (ASPLOS) 2022 most influential paper for her 2008 study: Learning from mistakes: a comprehensive study on real world concurrency bug characteristics.

“To take advantage of the multiple CPUs, we needed to make our software with multiple threads running in parallel,” said Zhou. “But when you write that kind of program, they can have a lot of bugs, which really concerned people at the time.”

One of the main issues was concurrency bugs, which happen when two programs are run simultaneously. In the study, Zhou and her team catalogued the types of bugs people were experiencing. They found that around a third of these problems were not adequately addressed by existing debugging tools. In addition, many of the potential fixes for these bugs did not always work.

Concurrency issues were proving to be a huge drag on programming efficiency in multicore processors. So many bugs to fix and so few effective mechanisms to fix them.

Practical Fixes
The paper provided a path forward for programmers at Microsoft and many other companies to write code more effectively for multicore processors, but it almost didn’t happen. Zhou was presenting some other work to Intel when they recommended that she publish the findings of their empirical studies on real-world concurrency bugs.

“The Intel people told us that would be more interesting, both in the academic world and to companies like Intel and Microsoft,” said Zhou. “We realized they were right and this study would be more relevant and would address an important problem. So, it was really almost accidental that we did this paper at all.”

The paper continues to be important, as mobile apps also use multiple threads, necessitating robust tools to help detect and root out concurrency bugs. Still, despite its ongoing relevance, Zhou was surprised the paper was selected this year as most influential.

“I know it’s one of the top cited papers at ASPLOS, but I didn’t expect them to select it,” said Zhou. “Initially, I didn’t even intend to write it. So, this was really nice and a surprise.”

Written By Josh Baxt

For many years, the Internet Routing Registry (IRR) has been one of the primary mechanisms to protect against unauthorized rerouting of Internet traffic. However, IRR databases are not strictly authenticated. In 2012, the Resource Public Key Infrastructure (RPKI) was deployed as a more secure alternative. The RPKI boosts information integrity but also adds complexity and cost, limiting its growth.

Recently, PhD student Ben Du, along with Alex C. Snoeren and KC Claffy, published IRR Hygiene in the RPKI Era, which explores the dynamics between RPKI and IRR. The team compared the completeness and consistency of the IRR and RPKI databases and studied the underlying causes of the inconsistencies to better understand how the ecosystem is evolving. This paper will be presented at the Passive and Active Measurement Conference (PAM) 2022 in March.

Deian Stefan, a CSE assistant professor, and a CNS Faculty member is part of the 2022 class of 118 Sloan Research Fellows, the Alfred P. Sloan Foundation announced Feb. 15, 2022.

The Sloan Research Fellowships are one of the most competitive and prestigious awards available to early career researchers. The fellowships honor extraordinary U.S. and Canadian researchers whose creativity, innovation, and research accomplishments make them stand out as the next generation of leaders.

Deian Stefan received his Ph.D. in computer science at Stanford. His research interests span security, programming languages and systems. Recently, his work with collaborators has led to the development of tools to make web browsers safer, including technology that is part of the newest Firefox release.

In all, 143 faculty at the University of California San Diego have received a Sloan Research Fellowship since they were awarded first in 1955.

Full article: https://ucsdnews.ucsd.edu/pressrelease/SloanFellows2022

The University of California San Diego boasts two of this year’s 2022 Meta PhD Research Fellows—37scholars selected from a pool of 2,300 applicants worldwide.

As fellows, Department of Computer Science and Engineering (CSE) and Center for Networked Systems (CNS) Ph.D. students Stewart Grant and Kabir Nagrecha will be able to present their own research, learn about current research at Meta, as well as receive tuition and fees for up to two years and a $42,000 stipend.

Stewart Grant is a fourth-year Ph.D. student working with CNS/CSE Professor Alex Snoeren as part of the SysNets Group. His research interests are at the intersection of distributed systems, networking, and operating systems. He is currently focused on finding practical solutions for resource disaggregation using commodity programmable network devices. This work explores techniques for accelerating one-sided RDMA on passive banks of memory.

“If research was not fun I’d likely not be doing it, so I’m very grateful that my environment lets me play and work at the same time. This fellowship has made me consider more deeply the practicality of my work, who may benefit from it, and what path I should consider going forward. It’s all been very… meta,” said Grant.

Kabir Nagrecha is a first-year Ph.D. student in the Databases Lab, where he is advised by CNS/CSE Associate Professor Arun Kumar. He received competitive Ph.D. fellowships from both CSE and UC San Diego’s Halıcıoğlu Data Science Institute (HDSI). His research focuses on developing systems to enable scalable and efficient deep learning model building and deployment. He aims to amplify the impact of Machine Learning and enable new applications by creating the infrastructure to support large-scale operations.

“I’m glad to have been honored with such a selective and prestigious award. But more than that, what excites me are the opportunities for the future. The fellowship gives me a great channel through which I can collaborate with researchers at Meta,” he said. “I’m hoping to use the fellowship to explore industry-relevant applications of my work as well as connect with experts in my domain who can help provide insight and guidance as my research career progresses.”

Origin Story Posted Here: https://cse.ucsd.edu/about/news/mega-achievement-two-uc-san-diego-students-named-2022-meta-phd-research-fellows

Kimberly (KC) Claffy had just completed her PhD in UC San Diego’s Department of Computer Science and Engineering when she noticed a problem: internet measurement data for scientific research might not always be available. The problem showed up soon after she graduated in 1994 when NSFNET, the National Science Foundation-funded Internet backbone infrastructure project, was decommissioned.

“I wrote my dissertation on data about the Internet, but when I graduated, the data source, and in fact the entire NSFNET infrastructure, went away,” said Claffy, director of the Center for Applied Internet Data Analysis (CAIDA) at the San Diego Supercomputer Center, an adjunct professor in the Department of Computer Science and Engineering and an inductee into the Internet Hall of Fame.

“I was concerned it would be impossible to conduct scientific studies on the Internet because the data would be behind proprietary doors of companies that were operating in an extremely competitive environment,” she said.

The Internet was going through some rapid changes in the mid-90s. In the early 1980s, the Department of Defense (DOD), which created the original ARPANET, realized much of the traffic was not military and wanted to transition the technology out of DOD. This early Internet had become an incredibly important channel for researchers to share their work and the NSF wanted to help maintain this capability.

Because UC San Diego hosted an NSFNET backbone node, it was an ideal place to conduct research. Claffy founded CAIDA in 1997 to support large-scale data collection, curation and sharing, part of a global effort to develop the still-young discipline of Internet cartography.
“Researchers were not going to be able to study how networks really operated, what traffic or topology looked like, how it was evolving,” said Claffy. “The data gap was daunting, as the Internet industry rocketed forward, and I wanted to make sure researchers could study real networks and not just rely only on testbeds and simulation tools.”

Data to Inform Public Policy

The 1990s were an historically laissez-faire period for U.S. communications policy. Today, however, the U.S. government is recognizing there are harms on the Internet that merit attention to safeguard the public interest.

However, what government regulations might look like, and how they would work across national boundaries, are open questions. A recent CAIDA initiative has focused on mapping on-line harms to measurements and data to inform scientific security studies, policy debates and assessments.
“The challenges of understanding and managing complex critical infrastructure are not unique to the Internet,” said Claffy. “But other critical infrastructures have entire agencies dedicated to oversight, including measurement where appropriate. The Internet is not so amenable to that kind of oversight. Privacy-respecting sharing of measurement data will be an essential part of transparency and accountability mechanisms to support the security and trustworthiness of the Internet infrastructure.”

Finding a Home at UC San Diego

Claffy and CAIDA have several ongoing projects, primarily focused on building a more trustworthy Internet infrastructure by enabling infrastructure transparency and accountability through science, technology and policy (for data sharing) capabilities.

Claffy considers herself lucky to have been in the right place at the right time to found CAIDA, conduct interesting work and stay at UC San Diego.
“I’m not sure I could have created the group I created and pursued the projects I have anywhere else but UC San Diego,” she said. “The network and security research group in CSE is more impressive every year. It has been such a privilege to be a part of this community.”

Applications for the Alan Turing Memorial Scholarships are due by March 2. The scholarship is for enrolled UC San Diego undergraduates who actively support the LGBTQIA+ community and major in computer science, computer engineering, public policy, communications or other programs that touch on networked systems.

Gautam Akiwate won the Applied Networking Research Prize for his work on the paper “Risky BIZness: Risks Derived from Registrar NameManagement”.

This is an award that the Internet Research Task Force (the research arm of the IETF, which manages the Internet standards) awards each year selected from papers nominated across the field of networking.

This is the second year in a row for UCSD to win the prize (CNS/CSE Ph.D. student Audrey Randall won last year for her paper “Trufflehunter: Cache Sniffing Rare Domain Usage in Large Public DNS Resolvers”).

Two computer scientists from the University of California San Diego have been elected as fellows of the Association for Computing Machinery (ACM), the association announced today. They are among the 71 new fellows recognized by the ACM, the world’s largest educational and scientific computing society.

The ACM Fellows program recognizes the top 1% of ACM Members for their outstanding accomplishments in computing and information technology and/or outstanding service to ACM and the larger computing community. The 2021 Fellows represent universities, corporations, and research centers in Belgium, China, France, Germany, India, Israel, Italy, and the United States.

The 2021 UC San Diego ACM Fellows are:

• Ranjit Jhala, for contributions to software verification
• Tajana Šimunić Rosing, for contributions to power, thermal, and reliability management

“Ranjit and Tajana truly represent our department’s commitment to conducting impactful research and education. We are incredibly proud of their accomplishments, which benefit our community and the world, and are pleased they are being recognized with such a great honor,” said UC San Diego Department of Computer Science and Engineering (CSE) Chair Sorin Lerner.
Ranjit Jhala’s research interests include programming languages and software engineering to develop techniques for building reliable computer systems. His work draws from, combines and contributes to the areas of: Type Systems, Model Checking, Program Analysis and Automated Deduction. He is part of the Programming Systems Group in CSE, which focuses on developing new languages, compilers, program analysis techniques and development environments for making software systems easier to build, maintain and understand.
He joined CSE in 2005.

Tajana Šimunić Rosing is the director of the System Energy Efficiency Lab at UC San Diego. Her research interests are in energy efficient computing, cyber-physical and distributed systems. The projects she leads include efforts funded by the Defense Advanced Research Projects Agency (DARPA) and the Semiconductor Research Corporation (SRC) that focus on design of accelerators for analysis of big data; an SRC and NSF-funded projects related to  Hyperdimensional Computing; and a National Science Foundation- funded project on the optimization of COVID-19 sequence analysis.
She joined CSE in 2005.

The addition of Jhala and Rosing brings to 14 the number of ACM Fellows among active faculty in the CSE department. Prior honorees included professors Victor Vianu (2006), Pavel Pevzner (2010), Stefan Savage (2010), Dean Tullsen (2011), Andrew Kahng (2012), Yuanyuan Zhou (2013), Mihir Bellare (2013), Rajesh Gupta (2016), Ravi Ramamoorthi, Alexander Vardy and Geoffrey Voelker (2017) and Alex Snoeren (2018).

Written By Katie E. Ismael

The router in your home might be intercepting some of your Internet traffic and sending it to a different destination. Specifically, the router can intercept the Domain Name System traffic –the communications used to translate human-readable domain names (for example www.google.com) into the numeric Internet Protocol (IP) addresses that the Internet relies on.  That’s the finding from a team of computer scientists at the University of California San Diego, which they presented at the Internet Measurement Conference on November 3, 2021.

Why does this matter?

“The primary concern is privacy,” said Audrey Randall, a Ph.D. student in computer science at the University of California San Diego and first author of a paper on this subject. “When you visit a web site, you first have to do a DNS lookup for that site.  So whoever gets your DNS traffic gets to see all the sites that you’re visiting. In principle, you get to choose who performs your DNS lookups and you might pick a company that you trust not to sell your data or a company that uses robust security to protect their logs.  But if your DNS traffic is being silently intercepted and routed elsewhere, then someone else gets to see all that information.”

Many cases of DNS interception are not malicious, Randall pointed out. Often, interception is used by Internet Service Providers (ISPs) to protect users from malware that contacts particular Domain Name System (DNS) resolvers, which are essentially the Internet’s phone books. These resolvers transform the website URL users enter into a browser into an IP address for the servers that store the website’s content. In this case, interception can be helpful, by preventing malware from harming a user’s computer.

Researchers even found one instance of interception that was neither malicious nor benign: it was a simple bug. The UC San Diego team disclosed this bug to two Internet service providers. Both said they would work to fix issues. However, DNS queries also provide valuable data about users’ behavior that can be sold to advertisers, which might provide a less altruistic motive for some companies to intercept them.

The phenomenon of DNS interception has been studied in recent years, but little was known about where in the network interception takes place–until now. It turns out that in a surprising number of cases, users’ own home routers are the culprit.

These routers don’t send DNS queries to the target DNS resolver that the user specified. Instead, the software reroutes them to an alternate resolver. The query response is then modified so that it appears to come from the original target resolver. This modification makes the interception “transparent” to the user, and therefore very difficult to detect.

Determining where transparent interception takes place is difficult. But researchers were able to do this by devising an innovative and clever methodology. They first made use of special DNS queries that were invented as debugging tools, but they found that no single query could give enough information to pinpoint an interceptor’s location. The key turned out to be to compare the responses from two special queries: the responses were identical if the interceptor was the home router, but different if the interceptor was elsewhere in the network.

Even though DNS interception is often used to foil malware, the fact remains that users have no idea that their traffic is being redirected, or where it’s redirected to. “If you are concerned enough about who sees your data and who sells your data to advertisers, you want to make sure that the company handling it is actually who they say they are,” said Randall. “When this type of transparent interception is used, you think you have control over your traffic, but you don’t.”

Researchers caution that their study has some limitations. For example, the platform they used to conduct their study is not representative of all interception cases, because it over-represents certain Internet service providers, countries, or demographics.

Funding for this work was provided in part by National Science Foundation grants CNS-1629973 and CNS-1705050, the Irwin Mark and Joan Klein Jacobs Chair in Information and Computer Science at UC San Diego, and support from Google.

Home is Where the Hijacking is: Understanding DNS Interception by Residential Routers

Audrey Randall, Enze Liu, Ramakrishna Padmanabhan, Gautam Akiwate, Geoffrey M. Voelker, Stefan Savage and Aaron Schulman, University of California San Diego

CNS established the Alan Turing Memorial Scholarship to encourage a more diverse and inclusive community and honor Turing, the mathematician and cryptanalyst who helped invent computer science. This year’s awardee is a CS major in Warren College who prefers to remain anonymous. Congratulations to the recipient and many thanks to all who applied!

Who really sends, receives and, most importantly perhaps, stores your business’ email? Most likely Google and Microsoft, unless you live in China or Russia. And the market share for these two companies keeps growing.

That’s the conclusion reached by a group of computer scientists at the University of California San Diego, who studied the email service providers used by hundreds of thousands of Internet domains– between 2017 and 2021.

“Our research team empirically showed the extent to which email has been outsourced and concentrated to a small number of providers and service providers,” said Stefan Savage, a professor in the UC San Diego Department of Computer Science and Engineering and one of the paper’s senior authors.”

The team presented their findings at the Internet Measurement Conference 2021, which took place virtually Nov. 2 to 4, 2021.

This concentration has several consequences: it increases the impact of service failures and data breaches; and it exposes companies and users outside the United States to potential subpoenas from U.S. government agencies.

A quick explainer of the difference between domains and service providers: The second half of your email address is your company or agency’s domain–for example, ucsd.edu is the domain for the University of California San Diego. The email service provider is the company that, behind the scenes, provides the infrastructure that allows you to send and receive email and stores your messages–so ucsd.edu’s email service is provided by a combination of Google and Microsoft mail services.

As of June 2021, Google and Microsoft are the dominant providers among popular domains, with 28.5% and 10.8% market share, respectively. In comparison, GoDaddy leads the market of providing services for smaller domains, with a 29% market share. The authors also observed a higher level of concentration over time: Google and Microsoft’s market share increased by 2.3% and 2.9%, respectively, since June 2017.

Some of the growth comes from smaller domains that used to host their own emails. “While self-hosted domains switched to providers across all categories, more than a quarter of them changed their mail provider to Google and Microsoft,” said Alex Liu, a UC San Diego computer science Ph.D. student and the paper’s lead author.

 

More affected during outages, data breaches

Concentration of email service providers has led to much bigger service outages. In August and December 2020, global outages affected Gmail and Drive–Gmail alone has an estimated 1.5 billion users. Outlook most recently suffered an outage in October 2021– an estimated 400 million people use the service.

The concentration of email service providers also puts more people at risk in the event of a data breach. One often-cited example is the Yahoo data breach that exposed at least 500 million user accounts. Recently, a flaw in a Microsoft Exchange protocol has been shown to have leaked hundreds of thousands of credentials.

 

 

Legal impact

Google and Microsoft, the two dominant US-based email service providers, appear to be in wide use by organizations outside the United States — particularly across Europe, North America, South America, large parts of Asia and, to a lesser extent, Russia. For example, 65% of Brazilian domains in the researchers’ dataset host email with Google or Microsoft. But they are not used in China.

However, outsourcing email service to US companies can also have legal implications. Under the 2018 CLOUD Act, US-based providers can be legally compelled to provide stored customer data, including e-mail, to US law enforcement agencies, regardless of the location of the data, or of the nationality or residency of the customer using the data.

Perhaps as a result, Tencent has an overwhelming market share in China, with 41%, as does Yandex in Russia, with 32 %. Both countries have shown that they prefer to keep control over data access.

In addition, an increasing number of email domains contract with email security providers, such as ProofPoint and Mimecast. These companies can operate as a third-party filter for inbound emails, removing the need to manage security locally. These companies have almost a 7% market share for large commercial companies; and a 17.5% market share for .gov domains.

The research was funded by the National Science Foundation, the University of California San Diego, the EU H2020 CONCORDIA project and Google.

Written By Ioana Patringenaru

Researchers from the University of California San Diego, the University of Texas at Austin, and Mozilla have designed a new framework, called RLBox, to make the Firefox browser more secure. Mozilla has started deploying RLBox on all Firefox platforms this week.

RLBox increases browser security by separating third-party libraries that are vulnerable to attacks from the rest of the browser to contain potential damage—a practice called sandboxing.

Browsers, like Firefox, rely on third-party libraries to support different functionalities—from XML parsing, to spell checking and font rendering. These libraries are often written in low-level programming languages, like C, and, unfortunately, introducing vulnerabilities in C code is extremely easy. RLBox protects users from inevitable vulnerabilities in these libraries and supply-chain attacks that exploit these libraries.

“Well funded attackers are exploiting zero-day vulnerabilities and supply chains to target real users”, said Deian Stefan, an assistant professor in UC San Diego’s Computer Science and Engineering department. “To deal with such sophisticated attackers we need multiple layers of defense and new techniques to minimize how much code we need to trust (to be secure). We designed RLBox exactly for this.”

The team’s effort to deploy RLBox on all Firefox platforms is detailed in a recent Mozilla Hacks blog post.

With RLBox, developers can retrofit systems like Firefox to put modules, like third-party libraries, in a fine-grained software sandbox. Like process-based sandboxing, which browsers use to isolate one site from another, software sandboxing ensures that bugs in the sandboxed module will not create security vulnerabilities—bugs are contained to the sandbox. “Unlike process-based sandboxing, though, RLBox’s sandboxing technique makes it possible for developers to isolate tightly coupled modules like Graphite and Expat without huge engineering or performance costs,” said Shravan Narayan, the UC San Diego computer science PhD student leading the project.

WebAssembly and sandboxing

At its core, the RLBox framework consists of two components. The first is the sandboxing technique itself: RLBox uses WebAssembly (Wasm). Specifically, RLBox compiles modules to WebAssembly and then compiles Wasm to native code using the fast and portable wasm2c compiler. “By compiling to Wasm before native code, we get sandboxing for free: We can ensure that all memory access and control flow will be instrumented to be confined to the module boundary,” said Narayan.

Wasm also makes it possible for RLBox to optimize calls into and out of sandboxed code into simple function calls. In an upcoming study, to be published in the proceedings of the 2022 ACM SIGPLAN Principles of Programming Languages Symposium, the researchers show that this is safe because Wasm satisfies a set of theoretical conditions called  “zero-cost conditions.” This is unlike most other sandboxing techniques, which require glue code at the sandbox-application boundary to be secure. This glue code is error-prone and, in some cases, contributes to large performance overheads—the team’s Wasm compiler elides this glue code, its complexity, and its overhead.

Tainted type system

The second key component of RLBox is its tainted type system. Sophisticated attackers can break out of the Wasm sandbox if the code interfacing with the sandboxed code—the Firefox code—does not carefully validate all the data that comes out of the sandbox. RLBox’s type system, which is implemented using C++ metaprogramming, prevents such attacks by marking all data coming out of the sandbox as “tainted” and ensuring, through compiler errors, that developers sanitize potentially unsafe data before using it. “Without such a type system, it would be extremely difficult to ensure that developers put all the right checks in all the right places,” said Stefan.

“RLBox is a big win for Firefox and our users,” said Bobby Holley, Distinguished Engineer at Mozilla. “It protects our users from accidental defects as well as supply-chain attacks, and it reduces the need for us to scramble when such issues are disclosed upstream.”

The team’s original work on RLBox was published in the proceedings of the USENIX Security Symposium last March. Since then they’ve been working on bringing RLBox to all Firefox users. RLBox will ship on all Firefox platforms, desktop and mobile, sandboxing five different modules: Graphite, Hunspell, Ogg, Expat and Woff2. The team is actively working on sandboxing more modules in future versions of Firefox and supporting use cases beyond Firefox.

 

This work was supported in part by gifts from Mozilla, Intel, and Google; by the National Science Foundation  under grant numbers CCF-1918573  and CAREER CNS-2048262; and, by the CONIX Research Center, one of six centers in JUMP, a Semiconductor Research Corporation (SRC) program sponsored by DARPA.

University of California San Diego computer scientists recently investigated how the COVID-19 pandemic influenced internet browsing during the lockdown. Armed with de-identified internet use data from UC San Diego dorm Wi-Fi, the researchers examined how online school and leisure activities shifted – for both American and international students. The study was presented at the ACM Internet Measurement Conference 2021.

The research focused on several thousand students in single-occupancy housing and how they responded to isolation between February and May 2020. The group found, not surprisingly, that students increased their internet usage by 58 percent from February to April 2020. However, in May those numbers began coming down. This was true of general usage and, more specifically, social media.

“We found that domestic students increased their social media usage early in the lockdown, but then that usage fell,” said Department of Computer Science and Engineering Ph.D. student Alisha Ukani who is the first author on the study. “That was a common effect – per capita usage intensified in the early months of the lockdown and then fell, returning to pre-pandemic levels in May, which was a bit of a surprise.”

The research team, which was led by UC San Diego Department of Computer Science and Engineering Professor Alex Snoeren and included Ph.D. student Ariana Mirian, also studied the the browsing distinctions between international and U.S. students. Though they did not know who owned specific devices, they devised a rubric to differentiate these groups based on their browsing behaviors. For example, international students would be more likely to visit offshore sites.

“We came up with a very conservative classification system, where we looked at all the websites each person was visiting and found the geographic coordinates of that site,” said Ukani.

This ability to separate these populations, rather than treating them as a single monolith, enhanced the information they could extract from the user data. Because international students were often unable to find flights home, they were likely disproportionately represented among the students remaining in the dorms after lockdown.

The team primarily focused on three categories: Zoom, social media and gaming. Zoom activity increased on weekdays – class time – but also showed small increases on weekend afternoons, which might have represented calls with friends and family.

For social media, domestic use of Instagram and Facebook remained stable, declining in May. The platforms were more popular for Americans than international students, though the latter increased their use in May.

Both domestic and international students increased using the Steam gaming platform early in the pandemic, but those numbers went down by May. A similar pattern was observed with Nintendo Switches.

This study provides useful information about internet habits during the lockdown. But even more importantly, it polishes data gathering techniques for future efforts.

“The techniques we developed in our analysis can be used in any internet usage measurement study,” said Ukani. “People can use our methods to classify international students or detect individual applications in any other context. We believe these techniques can be used by researchers outside of UC San Diego for their own measurement research.”

Written by Josh Baxt

A team of computer scientists at the University of California San Diego and Brave Software have developed a tool that will increase protections for users’ private data while they browse the web.

The tool, named SugarCoat, targets scripts that harm users’ privacy — for example, by tracking their browsing history around the Web — yet are essential for the websites that embed them to function. SugarCoat replaces these scripts with scripts that have the same properties, minus the privacy-harming features. SugarCoat is designed to be integrated into existing privacy-focused browsers like Brave, Firefox, and Tor, and browser extensions like uBlock Origin. SugarCoat is open source and is currently being integrated into the Brave browser.

“SugarCoat is a practical system designed to address the lose-lose dilemma that privacy-focused tools face today: Block privacy-harming scripts, but break websites that rely on them; or keep sites working, but give up on privacy,” said Deian Stefan, an assistant professor in the UC San Diego Department of Computer Science and Engineering. “SugarCoat eliminates this trade-off by allowing the scripts to run, thus preserving compatibility, while preventing the scripts from accessing user-private data.”

The researchers will describe their work at the ACM Conference on Computer and Communications Security (CCS) taking place in Seoul, Korea, Nov. 14 to 19, 2021.

“SugarCoat integrates with existing content-blocking tools, like ad blockers, to empower users to browse the Web without giving up their privacy,” said Michael Smith, a PhD student in Stefan’s research group, who is leading the project.
Most existing content-blocking tools make very coarse-grained decisions: They either totally block or totally allow a script to run, based on whether it appears on a public list of privacy-harming scripts.  In practice, though, some scripts are both privacy-harming and necessary for websites to function — and most tools inevitably choose to make an exception and allow these scripts to run. Today, there are more than 6,000 exception rules letting through these privacy-harming scripts.

There is a better approach, though. Instead of blocking a script entirely or allowing it to run, content-blocking tools can replace its source code with an alternative privacy-preserving version. For example, instead of loading popular website analytics scripts which also track users, content-blocking tools replace these scripts with fake versions that look the same. This ensures that the content-blocking tools are not breaking web pages that embed these scripts and that the scripts can’t access private data (and thus report it back to the analytics companies). To date, crafting such privacy-preserving replacement scripts has been a slow, manual task even for privacy engineering experts. uBlock Origin, for example, maintains replacements for only 27 scripts, compared to the over 6,000 exception rules.

How SugarCoat changes the game

The researchers developed SugarCoat precisely to address this gap by automatically generating privacy-preserving replacement scripts.  The tool uses the PageGraph tracing framework–Smith was key to the development of the framework–to follow the behavior of privacy-harming scripts throughout the browser engine.

SugarCoat scans this data to identify when and how the scripts talk to Web Platform APIs that expose privacy-sensitive data.  SugarCoat then rewrites the scripts’ source code to talk to fake “SugarCoated” APIs instead, which look like the Web Platform APIs but don’t actually expose any private data.

To evaluate the impact of SugarCoat on Web functionality and performance, the team integrated the rewritten scripts into the Brave browser; they found that SugarCoat effectively protected users’ private data without impacting functionality or page load performance. SugarCoat is now being deployed in production at Brave.
“Brave is excited to start deploying the results of the year-long SugarCoat research project,” said Peter Snyder, senior privacy researcher and director of privacy at Brave Software. “SugarCoat gives Brave and other privacy projects a powerful, new capability for defeating online trackers, and helps keep users in control of the Web.”
This work was supported by the NSF under grant numbers CCF-1918573 and CAREER CNS-2048262, by a gift from Brave Software, and by an NSF Graduate Research Fellowship.

SugarCoat: Programmatically Generating Privacy-Preserving, Web-Compatible Resource Replacements for Content Blocking

Michael Smith and Deian Stefan, University of California San Diego
Benjamin Livshits, Imperial College of London
Peter Snyder, Brave Software

Written by Ioana Patringenaru

The annual ACM Internet Measurement Conference (IMC), which focuses on Internet measurement and analysis, accepted 55 papers this year, and 16 were from UC San Diego authors – nearly 30% of the total.

Of the 16, seven were submitted by CNS and CSE Systems and Networking Group; three had CAIDA authors; UCSD undergrad Katherine Izhikevich co-authored one; and one was submitted by Sysnet Ph.D. student Rukshani Athapathu. Four were submitted by UCSD Ph.D. or postdoc alumni.

A big congratulations to the UC San Diego and CNS authors who contributed to 2021 ACM IMC papers: Gautam Akiwate, Rukshani Athapathu, Kimberly Claffy, Alberto Dainotti, Alexander Gamero-Garrido, Katherine Izhikevich, Dhananjay Jagtap, Enze Liu, Alexander Marder, Ariana Mirian, Ricky Mok, Ramakrishna Padmanabhan, Audrey Randall, Stefan Savage, Aaron Schulman, Alex C. Snoeren, Alisha Ukani, Geoffrey M. Voelker, Huanlei Wu, Alex Yen, Zesen Zhang and Hongyu Zou. The 2021 ACM IMC was held virtually from November 2 to 4.

The University of California has adopted a set of recommendations to guide the safe and responsible deployment of artificial intelligence in UC operations and three researchers at UC San Diego were involved with the effort.

UC becomes one of the first universities in the nation to establish overarching principles for the responsible use of artificial intelligence (AI) and a governance process that prioritizes transparency and accountability in decisions about when and how AI is deployed.

The recommendations were developed by the University of California Presidential Working Group on Artificial Intelligence. The group was launched in 2020 by UC President Michael V. Drake and former UC President Janet Napolitano to assist UC in determining a set of responsible principles to guide procurement, development, implementation, and monitoring of artificial intelligence (AI) in UC operations.

The group included three UC San Diego faculty: Nadia Henninger is an associate professor in the Department of Computer Science and Engineering (CSE) whose work focuses on cryptography and security; Lawrence Saul is a professor in CSE whose research interests are machine learning and data analysis; Camille Nebeker is a professor who co-founded and directs the Research Center for Optimal Digital Ethics Health at UC San Diego.

The working group developed a set of UC Responsible AI Principles and explored four high-risk application areas: health, human resources, policing, and student experience. Nebeker and Saul were part of the group focusing on health, while Heninger worked on policing considerations. The group has published a final report that explores current and future applications of AI in these areas and provides recommendations for how to operationalize the UC Responsible AI Principles. The report concludes with overarching recommendations to help guide UC’s strategy for determining whether and how to responsibly implement AI in its operations.

UC will now take steps to operationalize the Working Group’s key recommendations:

• Institutionalize the UC Responsible AI Principles in procurement and oversight practices;
• Establish campus-level councils and systemwide coordination to further the principles and guidance from the working group;
• Develop a risk and impact assessment strategy to evaluate AI-enabled technologies during procurement and throughout a tool’s operational lifetime;
• Document AI-enabled technologies in a public database to promote transparency and accountability.

Computer scientists at the University of California San Diego are part of a $3 million grant from the National Science Foundation to make web browsers safer.

At UC San Diego, the effort will be headed by Deian Stefan, an assistant professor in the Department of Computer Science and Engineering. The grant’s principal investigator is Hovav Shacham, a professor at The University of Texas at Austin. Shacham, Stefan and other members of the team, including Fraser Brown at Stanford, Isil Dillig at UT Austin, UC San Diego professors Ranjit Jhala and Sorin Lerner, have extensive experience in the field of browser security.

Last year, the team developed a framework, called RLBox, that increases browser security by separating third-party libraries that are vulnerable to attacks from the rest of the browser to contain potential damage—a practice called sandboxing. The RLBox framework was integrated into Firefox to complement Firefox’s other security-hardening efforts. Now, the team is expanding their focus to the other huge attack vector: the browser’s JavaScript just-in-time (JIT) compiler.

Browser JITs turn web application code, written in JavaScript, into optimized machine code. Browser JITs are highly tuned and complex systems. Unfortunately, browser JITs also have bugs, and attackers have figured out how to take advantage of those bugs to take over the computers of users who visit their malicious websites.  Journalists and dissidents have been targeted by attackers using browser JIT bugs.
“We need to rethink the way browsers execute JavaScript programs from the ground up, by designing and building new JavaScript interpreters and compilers that are extensible, maintainable, and verified secure,” Stefan said.
The goal of the NSF project is to build and deploy more secure JavaScript JITs. To this end, the team will develop new techniques, frameworks, and principles that help browser developers build JIT compilers that are provably secure and don’t incur the high costs and development timelines traditionally associated with high-assurance software. “Everyone should be able to browse the web without worrying that clicking the wrong link will cause their computer to be compromised,” Shacham said.  “We hope our project can help make that goal a reality.”

Written by: Ioana Patringenaru

In side-channel attacks, attackers learn protected information by measuring an external hardware or software artifact, such as execution time or electromagnetic radiation. In cryptographic implementations, side-channel attacks can reveal secret keys and other sensitive information. However, an attacker’s measurements may be noisy or imperfect, and they might learn only a few bits of secret information.

But even this small leak can break some cryptographic algorithms. With the DSA and ECDSA digital signature algorithms, an attacker can compute a secret signing key with only a handful of bits leaked each time the victim computes a digital signature. In a beautiful turn of mathematics, this key recovery calculation can be carried out by finding a short vector in an algebraic lattice.

In On Bounded Distance Decoding with Predicate: Breaking the “Lattice Barrier” for the Hidden Number Problem, UC San Diego CSE/CNS faculty member Nadia Heninger and Martin R. Albrecht, from Information Security Group, Royal Holloway and the University of London, show how to recover secret keys by providing an algorithm to search the lattice for the key with less information and fewer signatures than was thought possible. Their paper will be presented on October 19 at the Eurocrypt hybrid conference in Zagreb, Croatia.

In side-channel attacks, attackers learn protected information by measuring an external hardware or software artifact, such as execution time or electromagnetic radiation. In cryptographic implementations, side-channel attacks can reveal secret keys and other sensitive information. However, an attacker’s measurements may be noisy or imperfect, and they might learn only a few bits of secret information.

But even this small leak can break some cryptographic algorithms. With the DSA and ECDSA digital signature algorithms, an attacker can compute a secret signing key with only a handful of bits leaked each time the victim computes a digital signature. In a beautiful turn of mathematics, this key recovery calculation can be carried out by finding a short vector in an algebraic lattice.

In On Bounded Distance Decoding with Predicate: Breaking the “Lattice Barrier” for the HiddenNumber Problem, UC San Diego CSE/CNS faculty member Nadia Heninger and Martin R. Albrecht, from Information Security Group, Royal Holloway, and the University of London, show how to recover secret keys, by providing an algorithm to search the lattice for the key, with less information and fewer signatures than was thought possible. Their paper will be presented on October 19 at the Eurocrypt hybrid-format conference in Zagreb, Croatia.

September 22, 2021– Many people think of cars as a series of mechanical parts that — hopefully — work together to take us places, but that’s not the whole story.

Inside most modern cars is a network of computers, called “electronic control units,” that control all the systems and communicate with each other to keep everything rolling smoothly along.

More than 10 years ago, a team from the University of California San Diego and University of Washington investigated whether these computing systems could be hacked and how that would affect a driver’s ability to control their car. To their own surprise — and to the alarm of car manufacturers — the researchers were able to manipulate the car in many ways, including disabling the brakes and stopping the engine, from a distance. This work led to two scientific papers that opened up a new area of cybersecurity research and served as a wake-up call for the automotive industry.

Now the team has received the Golden Goose Award from the American Association for the Advancement of Science. The Golden Goose Award recipients demonstrate how scientific advances resulting from foundational research can help respond to national and global challenges, often in unforeseen ways. The award, established in 2012, honors scientific studies or research that may have seemed obscure, sounded “funny,” or for which the results were totally unforeseen at the outset, but which ultimately led, often serendipitously, to major breakthroughs that have had significant societal impact.

The car cybersecurity project was led by Stefan Savage and Tadayoshi Kohno, two professors of computer science at UC San Diego and the University of Washington, respectively. Kohno is a UC San Diego Ph.D. alumnus, receiving his Ph.D. in Computer Science and Engineering in 2006.

“When General Motors started advertising its OnStar service, Yoshi and I had a conversation, saying, ‘I bet there’s something there,'” Savage said. “Moreover, vulnerabilities in traditional computers had fairly limited impacts. You might lose some data or get a password stolen. But nothing like the visceral effect of a car’s brakes suddenly failing. I think that bridging that gap between the physical world and the virtual one was something that made this exciting for us.”

“More than 10 years ago, we saw that devices in our world were becoming incredibly computerized, and we wanted to understand what the risks might be if they continued to evolve without thought toward security and privacy,” Kohno said. “This award shines light on the importance of being thoughtful and strategic in figuring out what problems to work on today.”Savage and Kohno are both computer security researchers who often chatted about potential upcoming threats that could be good to study.

The team’s papers prompted manufacturers to rethink car safety concerns and create new standard procedures for security practices. GM ended up appointing a vice president of product security to lead a new division. The Society for Automotive Engineers (SAE), the standards body for the automotive industry, quickly issued the first automotive cybersecurity standards. Other car companies followed along, as did the federal government. In 2012, the Defense Advanced Research Projects Agency launched a new government project geared toward creating hacking-resistant, cyber–physical systems.

“I like to think about what would have happened if we hadn’t done this work,” Kohno said. “It is hard to measure, but I do feel that neighboring industries saw this work happening in the automotive space and then they acted to avoid it happening to them too. The question that I have now is, as security researchers, what should we be investigating today, such that we have the same impact in the next 10 years?”

Discovering vulnerabilities

Savage and Kohno formed a super-team of researchers from both universities. The team purchased a pair of Chevy Impalas — one for each university — to study as a representative car. Researchers worked collaboratively and in parallel, letting curiosity guide them.

The first task was to learn the language the cars’ computerized components used to communicate with each other. Then the researchers worked to inject their own voices into the conversation.

For example, the team started sending random messages to the cars’ brake controllers to try to influence them.

“We figured out ways to put the brake controller into this test mode,” said Karl Koscher, a research scientist at UW, who also earned his PhD in Seattle. “And in the test mode, we found we could either leak the brake system pressure to prevent the brakes from working or keep the system fully pressurized so that it slams on the brakes.”

The team published two papers in 2010 and 2011 describing the results.

“The first paper asked what capabilities an attacker would have if they were able to compromise one of the components in the car. We connected to the cars’ internal networks to examine what we could do once they were hacked,” said Stephen Checkoway, an assistant professor of computer science at Oberlin College who completed this research as a UC San Diego doctoral student. “The second paper explored how someone could hack the car from afar.”

In these papers, the researchers chose not to unveil that they had used Chevy Impalas, and opted to contact GM privately.

“In our conversations with GM, they were quite puzzled. They said, ‘There’s no way to make the brake controller turn off the brakes. That’s not a thing,'” Savage said. “That Karl could remotely take over our car and make it do something the manufacturer didn’t think was possible reflects one of the key issues at play here. The manufacturer was hamstrung because they knew how the system was supposed to work. But we didn’t have that liability. We only knew what the car actually did.”

Daniel Anderson, Alexei Czeskis, Brian Kantor, Damon McCoy, Shwetak Patel, Franziska Roesner and Hovav Shacham filled out the rest of the team. This research was funded by the National Science Foundation, the Air Force Office of Scientific Research, a Marilyn Fries endowed regental fellowship and an Alfred P. Sloan research fellowship.

Other award recipients

This year’s two other Golden Goose awards went to Katalin Karikó and Drew Weissman for their role in making mRNA into a medical therapy; and to V. Craig Jordan, who is known for pioneering the scientific principles behind a class of drugs called selective estrogen receptor modulators, or SERMs.

UC San Diego researchers who received the Golden Goose award in the past include Larry Smarr, former director of the California Institute for Telecommunications and Technology and a professor in the Department of Computer Science and Engineering; and Nobel laureate Roger Tsien, a professor of pharmacology, chemistry and biochemistry, who passed away in 2016.

Media Contacts
Ioana Patringenaru
Jacobs School of Engineering
858-822-0899
ipatrin@ucsd.edu

Executing code in an emulator is a fundamental part of modern vulnerability testing. However, to emulate embedded system firmware outside its native environment, the emulator must mimic hardware devices with enough accuracy to convince the firmware that it is executing on real hardware.

In Jetset: Targeted Firmware Rehosting for Embedded Systems, UC San Diego CSE/CNS Ph.D. student Evan Johnson, CSE/CNS faculty Stefan Savage, and researchers at the University of Illinois at Urbana-Champaign and Oberlin College develop and implement Jetset, a system that uses symbolic execution to infer what behavior firmware expects from hardware devices. They used Jetset to test whether it was possible to boot firmware in an emulator by automatically inferring how the firmware and hardware interact.

The team successfully applied Jetset to thirteen distinct pieces of firmware together, representing three architectures, three application domains, and five different operating systems. They also demonstrated how Jetset-assisted rehosting facilitates fuzz-testing on an avionics embedded system. Their work will be presented in August 2021 at the USENIX Security Symposium.

WebAssembly or Wasm is a portable bytecode that has increasingly been using sandbox untrusted code outside the browser. But unfortunately, Spectre attacks—the class of transient execution attacks which exploit control flow predictors—can bypass Wasm’s isolation guarantees.

In Swivel: Hardening WebAssembly against Spectre, UC San Diego CSE/CNS Ph.D. students and researchers Shravan Narayan, Craig Disselkoen, Sunjay Cauligi, Evan Johnson, Zhao Gang, CSE/CNS Postdoc Daniel Moghimi, CSE Professor Dean Tullsen, CSE/CNS Professor Deian Stefan, UT Austin Professor Hovav Shacham, and Intel collaborators Anjo Vahldiek-Oberwagner and Ravi Sahita focus on hardening Wasm against Spectre attacks.

The team takes a compiler-based approach to harden Wasm against Spectre without resorting to process isolation or the use of fences. Their new compiler framework, Swivel, ensures that code can neither use Spectre attacks to break out of the Wasm sandbox nor coerce victim code to leak secret data.

To develop Swivel, the team describes a software-only approach that can be used on existing CPUs and a hardware-assisted approach that uses extensions available in Intel 11th generation CPUs. For both, they evaluate a randomized approach that mitigates Spectre and a deterministic approach that eliminates Spectre altogether. Their work will appear at the 30th USENIX Security Symposium, August 2021.

Current smartphone operating systems have a runtime permission model, which allows users to manage and customize permissions to meet their personal preferences. However, this model leaves users in the dark about permissions capabilities and their potential risks.

In Can Systems Explain Permissions Better? Understanding Users’ Misperceptions under Smartphone Runtime Permission Model, CSE/CNS Ph.D. students Bingyu Shen, Chengcheng Xiang, Yudong Wu, and Mingyao Shen and CSE Professor Yuanyuan Zhou explore several common misconceptions about permissions and the benefits of providing additional information.

The team took a mixed-methods approach, analyzing users’ permission settings and surveying them to determine how well they understand them. They found users often fail to understand permission model evolution and permission group capabilities.

After surveying users about their common concerns, the team pinpointed five types of information that could support better user decision-making. They went on to provide suggestions for system designers to address these common issues and enhance future systems. The team will present their findings at the 30th Usenix Security Symposium in August, 2021.

UC San Diego Computer Science and Engineering Professor Stefan Savage is one of two researchers across the campus to be named the Distinguished Researcher by the UC San Diego Academic Senate. He was honored with the award for his work in cybersecurity.

These awards are a sign of respect from peers for groundbreaking research conducted by members of the UC San Diego faculty.

“This is a tremendous honor. Only two awards are made each year for the entire campus, one in the Sciences and Engineering divisions, and in for Arts & Humanities and Social Sciences divisions,” said CSE Department Chair Sorin Lerner.

Savage attributes his research success to the collaborative atmosphere that has been cultivated at UC San Diego CSE. “As always, any success I’ve had is due to my many great collaborators (fellow CSE Professor Geoff Voelker and our students being first among them),” said Savage, “CSE has succeeded in large part by being such a great home for collaborative work and people who love to work together. I’m indebted to this community that helps build, support, and reinforce that culture.”

Savage is a cybersecurity researcher who holds an expansive view of the field. He and colleagues bring together computer science and the social sciences in their work by taking into account economics, policy, and regulations, not just technology. He and his collaborators have been instrumental in pointing out security vulnerabilities in cars, which have been addressed by the automotive industry’s regulatory bodies and manufacturers. They have tracked the financial transactions responsible for funding email spam campaigns and botnets around the world. The data has been used by government agencies and credit card companies to block these transactions. Savage and colleagues also have designed ways to measure and pinpoint the source of attacks that cripple the internet and large websites, known as distributed denial of service attacks.

Savage has received numerous awards for his work, including a McArthur fellowship in 2017, the ACM Prize in Computing in 2015, and three Test of Time awards from leading academic computer security organizations. He holds the Irwin and Joan Jacobs Chair at the Jacobs School of Engineering and is a professor in the UC San Diego Department of Computer Science and Engineering.

Both Savage and the other UC San Diego Distinguished Research Award recipients will be delivering lectures on their research in the fall.

Article written by Kayla Chen

Big datasets can be incredible assets in business, healthcare, the physical and social sciences and many other disciplines – but the data won’t reveal itself. To isolate useful information and harness its predictive capabilities, researchers and organizations rely on sophisticated data sorting techniques, such as machine learning.

But machine learning and related disciplines face their own headwinds. For example, the model building process can be slow and both labor- and resource-intensive. UC San Diego Computer Science and Engineering and Halicioğlu Data Science Institute Assistant Professor Arun Kumar is working to make it faster, easier and more economical to handle these large datasets.

“I bridge the gap, from an academic standpoint, between computing systems and machine learning,” said Kumar. “I focus on reducing the resource costs of those building processes – what we call model selection – and improving resource efficiency: reducing costs, run times and energy consumption during the model building process.”

Kumar is largely focused on deployment issues, including scalability and usability. Two of his primary projects are Cerebro, which is developing artificial neural networks, and Sorting Hat, which focuses on reducing data preparation times.

Borrowing approaches from the database community, which has been studying these issues for some time, Kumar and colleagues want to apply that knowledge to machine learning to find the most efficient ways to analyze data.

These skills are in great demand from both industry and academia. He is currently working with health and social scientists and discussing future collaborations with computational physicists and neuroscientists. It seems everybody has data they need to crunch.

“The domain science folks have these large-scale data analytics problems, but they can’t build the software themselves,” said Kumar. “Off the shelf software is not up to par, so we build the tools they need.”

Measuring Movement

One recent paper, published in the Journal for the Measurement of Physical Behaviour, highlights how Kumar’s work intersects with health sciences. He and Loki Natarajan, UC San Diego professor of Family Medicine and Public Health, and colleagues recently tested different deep learning algorithms to determine which ones are better at measuring physical activity in patients.

“These were cohorts of cancer survivors and obese people who wore accelerometers to measure their movements,” said Kumar. “The deep learning models we built could more accurately log their movements, as well as analyze their exercise patterns and predict longitudinal health outcomes.”

Using Cerebro, the team compared an artificial neural network, called a convolutional neural network (CNN), to other machine learning algorithms, called random forest and logistic regression. In the study, 28 women wore two different motion tracking devices and the team compared the predictive outputs from CNN, random forest and logistic regression.

The CNN did a much better job classifying whether the participants were sitting, standing or walking. These findings give health scientists better tools to measure activity out in the wild.

Recognition

In addition to his academic partners, Kumar has also received great support from industry. While he’s not taking projects from these companies, their interests can align on initiatives he’s already created. The lab has received support from VMware for Cerebro and Google and Amazon for Sorting Hat. Cerebro is also funded by Kumar’s National Science Foundation CAREER grant.

“The Cerebro project is fundamentally about reducing resource costs and the energy footprint,” said Kumar. “VMWare offers cloud solutions for their enterprise customers, so they were interested in reducing run times and resources costs.”

On top of all that, Kumar was recently honored with the 2021 IEEE TCDE Rising Star Award, which is given to junior researchers “for designing and deploying data analytics systems powered by innovative machine learning and artificial intelligence algorithms.”

“It was a great honor,” said Kumar. “A number of people very graciously supported me. I hope I can continue to reward their faith in my work.”

Written By: Josh Baxt

Serverless services, such as AWS lambdas, are a fast-growing part of the cloud market. Their popularity reflects their lightweight nature and scheduling and cost flexibility.

However, serverless computing’s security issues are poorly understood. CNS co-Director Stefan Savage, CSE/CNS Ph.D. students Anil Yelam and Ariana Mirian and CSE Alumni Shibani Subbareddy and Keerthana Ganesan explored the feasibility of developing a practical covert channel from lambdas in their paper: CoResident Evil: Covert Communication In The Cloud With Lambdas.

The team established that fast co-residence detection for lambdas is key to enabling a covert channel. Leveraging this knowledge, they developed a reliable and scalable co-residence detector based on the memory bus hardware. This technique enables dynamic discovery for co-resident lambdas and is incredibly fast, executing in a matter of seconds. The researchers can establish hundreds of individual covert channels for every 1000 lambdas deployed, and each of these can send data at 200 bits per second, demonstrating covert communication via lambdas is entirely feasible. The team presented their findings for the 30th Web Conference on April 20.

The University of California San Diego has joined The Bytecode Alliance, a nonprofit organization dedicated to creating new software foundations and building on standards such as WebAssembly and WebAssembly System Interface (WASI). UC San Diego is part of a cross-industry collaboration alongside other new members Arm, DFINITY Foundation, Embark Studios, Google and Shopify to support the alliance, which was incorporated by Fastly, Intel, Mozilla, and Microsoft.

These organizations share a vision of a WebAssembly ecosystem that fixes cracks in today’s software foundations that are holding the industry and its software supply chains back from a secure, performant, cross-platform, and cross-device future.

“WebAssembly is quickly becoming the de facto intermediate representation for building secure systems. WebAssembly takes a principled approach to security and gives us just the right building blocks to build the next-generation secure and high-assurance systems,” said Deian Stefan, CNS faculty member and an assistant professor in Computer Science and Engineering Department at the UC San Diego Jacobs School of Engineering. “It’s a core part of the sandboxing and high-assurance security toolkits we are developing at UC San Diego.”

UC San Diego researchers and collaborators have developed the RLBox framework that uses WebAssembly to sandbox libraries, the CT-Wasm language extension for writing secure crypto code in WebAssembly, the Swivel compiler that mitigates Spectre attacks, and the VeriWasm tool that verifies the safety of native compiled WebAssembly.

“As members of the Bytecode Alliance we hope to help shape the direction of WebAssembly and contribute tools and techniques that will amplify the alliance’s vision towards a more secure software ecosystem,” Stefan said.

The Bytecode Alliance, founded in 2019, has helped bring attention to the inherent weaknesses in predominant models for building software, which rely heavily on composing up to thousands of third-party modules without security boundaries between them. These weaknesses in the software supply chain have historically been instrumental in breaching government systems, critical infrastructure services, and a large number of companies, as well as in stealing personal information of hundreds of millions, perhaps even billions of people.

Original story: https://cse.ucsd.edu/about/news/uc-san-diego-joins-bytecode-alliance-build-safer-software-foundations-internet

CNS Co-Director and UC San Diego Computer Science and Engineering Professor Stefan Savage is among the three members of the university community to have been elected to the American Academy of Arts and Sciences—one of the oldest and most esteemed honorary societies in the nation.

Savage, along with Ananda Goldrath and Eileen Myles, are among the Academy’s 2021 class of 252 members. They join fellow 2021 classmates who are artists, scholars, scientists, and leaders in the public, non-profit and private sectors, including civil rights lawyer and scholar Kimberlé Crenshaw; computer scientist Fei-Fei Li; composer, songwriter, and performer Robbie Robertson; and media entrepreneur and philanthropist Oprah Winfrey.

The American Academy of Arts and Sciences has honored exceptionally accomplished individuals and engaged them in advancing the public good for more than 240 years. Professor Walter Munk was the first UC San Diego faculty member elected to the Academy. Since then, more than 80 faculty from disciplines that span the entire campus have received this prestigious honor.

“This year, our faculty are being recognized for three vastly different fields of study: immunology, literature, and cybersecurity,” said UC San Diego Chancellor Pradeep K. Khosla. “Having the oldest and most distinguished American national academy honor the career accomplishments of these prestigious faculty both honors their individual successes and spotlights the breadth of expertise and influence of our Triton faculty. UC San Diego’s well-established prowess in science, technology, and art offers a truly well-rounded experience for our students, our researchers, and our collaborative faculty.”

In the statement announcing this year’s new Academy members, David Oxtoby, President of the American Academy said, “The past year has been replete with evidence of how things can get worse; this is an opportunity to illuminate the importance of art, ideas, knowledge, and leadership that can make a better world.”

Stefan Savage
Savage is a cybersecurity researcher who holds an expansive view of the field. He and colleagues bring together computer science and the social sciences in their work by taking into account economics, policy, and regulations, not just technology. His team has been instrumental in pointing out security vulnerabilities in cars, which have been addressed by the automotive industry’s regulatory bodies and manufacturers. They have tracked the financial transactions responsible for funding email spam campaigns and botnets around the world. The data has been used by government agencies and credit card companies to block these transactions. Savage and colleagues also have designed ways to measure and pinpoint the source of attacks that cripple the internet and large websites, known as distributed denial of service attacks. Savage has received numerous awards for his work, including a McArthur fellowship in 2017, the ACM Prize in Computing in 2015, and three test of time awards from leading academic computer security organizations. He holds the Irwin and Joan Jacobs Chair at the Jacobs School of Engineering and is a professor in the UC San Diego Department of Computer Science and Engineering.

In addition to these three faculty members, alumna Angela Davis is also part of this year’s class of fellows. A well-known activist who is now on faculty at the University of California Santa Cruz, Davis earned a master’s degree from the Department of Philosophy at UC San Diego in 1969. She worked closely with philosopher Herbert Marcuse. Her likeness is now part of the Price Center’s Black Legacy Mural, and she is also portrayed on the walls of the Che Cafe.

The American Academy of Arts & Sciences was founded in 1780 by John Adams, John Hancock, and others who believed the new republic should honor exceptionally accomplished individuals and engage them in advancing the public good. The 2021 members join the company of those elected before them, including Benjamin Franklin and Alexander Hamilton in the eighteenth century; Ralph Waldo Emerson and Maria Mitchell in the nineteenth; Robert Frost, Martha Graham, Margaret Mead, Milton Friedman, and Martin Luther King, Jr. in the twentieth; and more recently Joan C. Baez, Judy Woodruff, John Lithgow, and Bryan Stevenson. International Honorary Members include Charles Darwin, Albert Einstein, Winston Churchill, Laurence Olivier, Mary Leakey, John Maynard Keynes, Akira Kurosawa, and Nelson Mandela.

Original Story: https://cse.ucsd.edu/about/news/cses-stefan-savage-elected-american-academy-arts-and-sciences
UCSD News: https://ucsdnews.ucsd.edu/pressrelease/academyofartsandsciences2021

UC Newsletter: https://www.universityofcalifornia.edu/news/national-academy-sciences-american-academy-arts-sciences-elect-36-new-uc-members

U.S. Representative Mike Levin and Mayor Serge Dedina from the City of Imperial Beach discussed science, policy & communications with students from UC San Diego, Computer Science and Engineering 190 (Environmental Impacts of Modern Computing) during a recent virtual event. The discussion focused on how elected officials work towards solutions to a range of environmental issues. Students had an opportunity to ask the elected officials questions during the event. CSE 190 is taught by CSE Associate Professor/CNS Co-Director George Porter. Two classes from the University of San Diego also participated in this event, Environmental and Ocean Sciences 300, taught by Associate Professor Michel Boudrias, and Theatre 494, taught by Associate Professor Monica Stufft. A recording of the virtual event is located here: https://www.youtube.com/watch?v=bhqcI59mK2E

UC San Diego Computer Science and Engineering (CSE) professors Deian Stefan and Sicun Gao have been awarded prestigious Faculty Early Career Development Program (CAREER) grants from the National Science Foundation to support their work to build secure computer systems and safer autonomous systems.

CAREER awards are the NSF’s most prestigious awards in support of early-career faculty who have the potential to serve as academic role models in research and education and to lead advances in the mission of their department or organization, according to the NSF.

“The recognition from NSF’s CAREER program shows the potential of our faculty’s research. I am pleased that Deian and Sean are among the distinguished CSE faculty members who have earned CAREER awards,” said CSE Department Chair Sorin Lerner.

Deian Stefan joined CSE in 2016. In his proposal for his project, “Principled and practical secure compilation using WebAssembly,” he writes about the challenges of building secure computer systems: “A single bug in the source code that programmers write or in the compilers they use to generate machine code could expose systems to attack.” Unfortunately, the gap between the theory of secure compilation and practice is huge. The goal of his project is to bridge this gap by extending the industrial WebAssembly byte code into a unifying principled and practical abstraction for secure compilation. The results of this work could make hundreds of millions of users safer: end-to-end security guarantees can prevent exploits in widely used systems, from web browsers to next generation cloud platforms.

Sicun Gao joined CSE in 2017. In his project “Correct-by-Learning Methods for Reliable Autonomy,” Gao will develop the theoretical foundations as well as practical techniques and tools for improving the reliability of realistic autonomous systems such as autonomous cars and unmanned aerial vehicles. Machine learning and data-driven approaches are now an indispensable part of the design of autonomous systems. The lack of formal assurance has become one of the key bottleneck that impedes the wider deployment and adoption of these systems. His project targets this challenge by developing formal synthesis and verification techniques for learning-based and data-driven control and planning methods for autonomous systems.

Written By: Katie E. Ismael

Deep learning (DL) is all around us: web search and social media, machine translation and conversational assistants, healthcare, and many other applications. DL is a resource-intensive form of machine learning (ML) that typically needs graphics processing units (GPUs), a lot of memory, and a computer cluster.

While large technology companies are amassing these resources, the status quo is far from ideal. DL is challenging to adopt for smaller companies, domain scientists, and others. As a result, there is a pressing need to rein in DL’s resource bloat, total costs, and energy consumption to truly democratize it for all users.

Now, Arun Kumar, a Center for Networked Systems (CNS) faculty member and a Computer Science and Engineering and HDSI professor, and his student researchers in the ADA Lab are tackling these issues with a first-of-its-kind scalable DL data platform called Cerebro, which was inspired by decades of research into scalable and parallel systems for data-intensive computing.

Kumar recently presented the team’s vision at the CIDR 2021 conference. The paper Cerebro: A Layered Data Platform for Scalable Deep Learning was co-authored with advisees Supun Nakandala, Yuhao Zhang, Side Li, Advitya Gemawat, and Kabir Nagrecha. The talk discussed Cerebro’s system design philosophy and architecture, recent research and open questions, initial results, and tangible paths to practical impact.

DL software systems specify, compile and execute DL training and prediction workloads on large datasets. Kumar’s team noticed a key missing piece: there is no analog to query optimization at scale, causing massive waste, high runtimes, and increased costs.

This is where their approach, called multi-query DL, comes into play. By reasoning more holistically about model building in DL, the team can enable new system optimizations at scale.

The vision is for Cerebro to elevate DL model building, exploration, and debugging with higher-level APIs that are already common. Examples include hyper-parameter tuning, neural architecture tuning, so-called AutoML procedures, and sub-group analysis. Under the hood, Cerebro exploits both the computational and the mathematical properties of the workload, as well as the data layout and hardware properties, to run it more efficiently.

Cerebro’s layered system design, called logical-physical decoupling, helps it infuse a series of novel systems optimizations into multiple DL tools (e.g., PyTorch or TensorFlow), execution environments (e.g., filesystem-based, Spark-based, or cloud-native), and user-level interfaces (Jupyter notebooks or graphical user interfaces) without needing to change these tools’ internal code. This can help improve scalability, resource efficiency, and costs, as well as DL user productivity and portability across tools and environments.

Kumar cites the work of David DeWitt, one of his graduate school mentors at the University of Wisconsin-Madison, as one of the technical inspirations for this work. DeWitt is the pioneer of scalable and parallel relational database systems and scientific benchmarking of database systems.

Kumar believes the ML world sorely needs both of those philosophies–principled approaches to scalability and scientifically rigorous system benchmarking–and aims to redress these research gaps while also accounting for the different mathematical properties and practical operational constraints of ML workloads.

Kumar’s talk at CIDR was well-received by the database community as an example of the marriage of classical database ideas with modern ML systems to help democratize ML beyond technology companies.

Cerebro is supported in part by a Hellman Fellowship, the NIDDK of the NIH, an NSF CAREER Award, and two VMware gifts. Cerebro techniques have already been adopted by Apache MADlib, an open-source library for scalable ML on RDBMSs.

VMware is putting the technology in front of their enterprise customers. Their researchers presented a talk on their adoption at FOSDEM. Kumar’s students also integrated Cerebro with Apache Spark, a popular dataflow system. Zhang and Nakandala gave a talk on this integration at the Spark+AI Summit, one of only a handful of academic research-based talks at that popular industry conference. The first full research paper on Cerebro was published at VLDB, a premier database conference, with Nakandala presenting the talk. Nakandala and Zhang have also presented progress updates on Cerebro at the CNS Research Review in 2019 and 2020 and received feedback from CNS industry partners.

Kumar’s group has open-sourced the whole Cerebro platform to enable more practitioners to benefit from this technology. It is being used for UC San Diego Public Health research on terabyte-scale labeled datasets. The DL models built using Cerebro are being used to monitor various cohorts’ physical activity levels, including people in assisted living facilities and people with obesity, to help them live healthier lives. This project was funded by NIH NIDDK, demonstrating the growing importance of scalable data analytics and ML/DL in healthcare.

Looking ahead, Kumar has also started collaborations with other scientists to use Cerebro to help them scale DL for their analyses in materials science, political science, and neuroscience. Kumar believes DL’s growing popularity in domain sciences and other non-commercial pursuits makes his vision of democratizing DL systems more urgent, helping all users benefit.

February 3, 2021– Electrical engineers and computer scientists at UC San Diego are on the front lines of global efforts to reduce the energy used by data centers. The potential impact is great: the US government estimates that data centers currently consume more than 2.5% of U.S. electricity. This figure is projected to double in about eight years due to the expected growth in data traffic.

The UC San Diego Jacobs School of Engineering team has been awarded a total of $7.5 million from the US Advanced Research Projects Agency-Energy (ARPA-E) and the California Energy Commission to advance nation-wide efforts to double data center energy efficiency in the next decade through deployment of new photonic— light based—network topologies.

In particular, the UC San Diego team is focused on developing solutions to enable the thousands of computer servers within a data center to communicate with each other over advanced light and laser-based networks that replace existing electrical switches with optical switches developed within the ARPA-E program.

“The photonic devices we’re developing aren’t actually used within the servers per se: instead, the devices connect the servers within the datacenter network using a more efficient optical network,” said George Papen, a professor of electrical and computer engineering at UC San Diego and co-principal investigator on the project.

“By removing bottlenecks in the network, the computer servers, which account for the majority of power in the data center, operate more efficiently. Our project, supported by ARPA-E, aims to double the server power efficiency by transforming the network into a high-speed interconnect free of these bottlenecks,” said George Porter, a professor of computer science at UC San Diego and co-principal investigator.

What’s an optical switch?

So how do these data center networks pass bits of information and computation commands around today? They use a technology called electrical packet switching, in which a message is broken down into smaller groups, or packets of data. These packets of data are converted to electrical signals and sent through a cable to a network switch, where they’re routed to the desired location and pieced back together into the original message. Network switches are physical, electrical devices with ports for wired connections, that direct the flow of data from many machines.

Unlike electronic switches, optical switches aren’t bound by the limitations of electronics to transmit data. Instead, optical switches make direct “light path” connections from input ports to output ports. Since no conversion between optical and electrical data is required at every switch, optical switches don’t have the latency or electronic logjam issues that existing network switches have, and require less power to route data.

Using an optical network instead of an electrical network can produce a more efficient network with a larger data rate to each server. This can increase the energy efficiency of the servers, which consume most of the energy in a data center. One goal of the project is to demonstrate that the cost of such an optical network can drop below the cost of adding the additional semiconductor chips required to get the same data rate on existing electrical networks.

“It would be lower cost in part because you’re using less energy, but also in part because if you wanted to build a very high-speed network using existing commercial technology, the cost of adding additional chips to build bigger switches increases dramatically,” said Porter. “It’s not a linear relationship of double-the-speed for double-the-money; you can think of it almost like double the speed for quadruple the cost. On the other hand, optics, at these very high speeds, follows a more linear cost relationship.”

Developing a proof-of-concept

In phase one of the Lightwave Energy Efficient Datacenters (LEED) project in the ARPA-E Enlitened program, which ran from 2017-2019, Papen, Porter and UC San Diego colleagues Joe Ford, a professor in the Department of Electrical and Computer Engineering, and Alex Snoeren, a professor in the Department of Computer Science and Engineering, developed the photonic technology and network architecture required to enable this scale of optical switching. The collaboration between electrical engineers—who designed a new type of optical switch—and computer scientists—who developed the protocol to allow it to work at a data center scale—was key.

Their success hinged on a new type of optical switch conceptualized by UC San Diego alumnus Max Mellette, co-founder and CEO of spinout company inFocus Networks. Instead of the full crossbar architecture that was previously used, which allows any node in the data center to talk to any other node, his idea was to create a switch that had more limited connectivity, thereby enabling faster speeds.

The key insight was to develop a network protocol that would enable this faster but less-connected architecture to communicate in a way that would still deliver the performance required. By working closely with computer scientists led by Porter and Snoeren, the team made it happen.

By the end of Phase 1, this new optical switch was functional, able to run applications and receive data in a testbed setting. Now in Phase 2, the team is working with collaborators at Sandia National Laboratories on scaling up the architecture to function with larger amounts of data and more nodes. The goal for Phase 2 is a realistic testbed demonstration that an optical network architecture provides significant value to end-users.

A storied history of photonics

There was a good reason this UC San Diego team was selected for the Enlitened program: it was here that, more than a decade ago, then-postdoc Porter was part of a research team also including Papen, that assembled and demonstrated the first data center testbed using an optically switched network. The paper describing this work has been cited more than 1,000 times.

Since then, Porter, Papen, Ford, Snoeren and colleagues in both the electrical engineering and computer science departments and the Center for Networked Systems have worked closely to further develop and refine the technology, and work towards making it a commercially viable reality.

“We were the first to show we could build testbeds with optically switched networks for data centers,” Porter said. “Papen and I have been meeting multiple times a week for 10 years, supervising students together, and working on this optical data center concept for a decade; it’s a real example of what can happen when computer scientists and electrical engineers work closely together.”

While their optical data center is still in the proof-of-concept phase, researchers agree there will come a time when the cost of adding more and more semiconductor chips to drive faster speeds simply won’t be cost-competitive, putting aside the energy concerns. At that point, optical systems will become much more appealing. It’s hard to know when exactly that will be, but researchers predict it could be as soon as five years from now, and likely within 10.

“Nonetheless, there’s so much work to do to be able to validate that indeed if we can’t continually scale chips, what applications should we first apply optical switching? That will take a significant effort to sort out,” Papen said. The researchers are working with national labs and private companies to test optical switches on various live applications to help answer this question.

Difficult, future-looking work such as this optical data center project is a perfect example of the role academic research institutions play in the innovation ecosystem.

“This is a really hard problem to solve, and hard problems take a long time,” Papen said. “Being able to devote the time to this, and collaborate with faculty and students from across the entire engineering school, is what makes this type of transformative development possible.”

The original story posted here: https://jacobsschool.ucsd.edu/news/release/3215
https://ucsdnews.ucsd.edu/pressrelease/lightening-the-data-center-energy-load

Media Contacts
Katherine Connor
Jacobs School of Engineering
858-534-8374
khconnor@eng.ucsd.edu

CSE/CNS graduate student Audrey Randall was recently awarded the Applied Networking Research Prize (ANRP) for her work on DNS caching and privacy. The ANRP winners for 2021 were selected from 76 nominations. They were reviewed according to a diverse set of criteria, including scientific merit, relevance to IETF and/or IRTF activities, and the nominee’s potential to impact the community.

Audrey Randall, Enze Liu, Gautam Akiwate, Ramakrishna Padmanabhan, Geoffrey M. Voelker, Stefan Savage, and Aaron Schulman, “Trufflehunter: Cache Snooping Rare Domains at Large Public DNS Resolvers,” Proceedings of ACM IMC 2020.

UC San Diego Computer Science and Engineering (CSE) Professor Steven Swanson is building computer systems that explore how new memory technologies will impact the future of computing.

In recognition of his impressive body of research to create software to support persistent memory, Swanson was recently named the inaugural holder of the Halıcıoğlu Chair in Memory Systems at UC San Diego. The $1 million chair is part of a larger $18.5 million gift made in 2013 to the department by CSE alumnus Taner Halıcıoğlu ’96.

The chair provides a dedicated source of funds, in perpetuity, for the chair holder’s scholarly activities as well as support for graduate students.

“In the face of the COVID-19 pandemic, Professor Swanson’s work is more important than ever before,” said UC San Diego Chancellor Pradeep K. Khosla. “His research, teaching and mentorship not only push the boundaries of human understanding, they inspire our academic community to continue innovating, experimenting and discovering. These efforts are critical to our mission as a public research university.”

The chair is named after Halıcıoğlu, who was Facebook’s first full-time employee when it had only 15 computer servers and 250,000 users. Now he spurs startups in San Diego as an angel investor and is also a lecturer in the computer science department. He’s been recognized as a 2020 CSE Distinguished Alumnus, a 2019 Chancellor’s Medalist and a UC San Diego 2019 Outstanding Alumnus.

“Taner’s incredible generosity and support of innovation and the work of Steven Swanson will impact our department, our university and our world for years to come,” said CSE Department Chair Sorin Lerner.

“Endowed chairs give faculty members the freedom to pursue revolutionary ideas, inspire the next generation of innovators, and transform our society in fundamental ways,” Swanson said. “I am privileged to be able further this kind of work at UC San Diego and CSE.”

Impacting the Future of Computing

Swanson is the director of the UC San Diego Non-Volatile Systems Laboratory, where his group

builds computer systems to explore how new memory technologies will impact the future of computing, with a focus on non-volatile memories that allow programmers to build long-lived data structures that can survive system crashes and power failures.

“This requires the data structures to be extremely robust, but that is hard because systems can fail in so many different ways,” he said.

Their recent research has made it easier for programmers to build these robust data structures. “Rather than relying on the programmer to get it right, we have built a compiler that automatically checks for the properties these data structures need.  This means less testing, fewer bugs and better reliability,” he said.

Swanson has also been working with colleagues to develop a new course and lab (CSE142 and CSE142L) that teach students how to fully utilize the powerful features that modern processors provide.

“Based on our experience of what really matters to software developers, we take the students on a ‘grand tour’ of modern CPUs and then have them apply what they’ve learned to optimize machine learning workloads,” he said.

Halıcıoğlu’s gift has also created the Halicioğlu Chair in Computer Architecture at UC San Diego, which is held by CSE Professor Hadi Esmaeilzadeh, and the Ronald L. Graham Chair of Computer Science held by CSE Professor Ravi Ramamoorthi.

The Alan Turing Memorial Scholarship is a one-year award up to $10,000 for enrolled UC San Diego undergraduate students majoring in computer science or computer engineering, public policy, communications, and other programs touching on networked systems and who are active in supporting the LGBT community. In addition to receiving a scholarship, recipients have an opportunity to carry out guided research under the direction of one of the center’s faculty mentors.

Applications for the 2021-2022 scholarship will be accepted until January 25, 2021. The selection committee will review the applications and the recipient will be notified in the summer of 2021.

Please apply here: https://fas.ucsd.edu/types/scholarships/continuing-undergraduate-students.html

Eustaquio Aguilar Ruiz, a senior majoring in physics with a specialization in computational physics, has received the 2020-2021 Alan Turing Memorial Scholarship from UC San Diego’s Center for Networked Systems (CNS). This is the fifth year that CNS has recognized a student majoring in programs touching on networked systems who is active in supporting the LGBT+ community.

CNS established the Alan Turing Memorial Scholarship in 2015 to pay homage to the cofounder of computer science, Alan Turing, the famed cryptanalyst, and mathematician. His work accelerated the Allied victory in World War II by more than a year. After the war, Turing was persecuted for his orientation as a gay man. He died by suicide in 1954.

“The Turing Scholarship at UC San Diego is a unique way that we, as a community, show how much we value diversity, particularly diversity aimed at the LGBT+ community. Diversity is essential to strengthening our center and is in line with our university’s mission,” said CNS Co-director and Computer Science and Engineering Associate Professor George Porter.

Ruiz arrived in the United States from Mexico when he was two years old. Through financial hardship, Ruiz and his mother and stepfather have persevered. Ruiz has been able to charter his academic path with his ultimate goal in mind– to obtain a higher education degree, which had been unimaginable for his ancestors. “Joining college made me feel liberated, but I also felt, more than ever, the personal responsibility of continuing to assist those in my community,” said Ruiz.

The adversity Ruiz faces as a gay Latino first-generation college student has fueled him to actively serve the communities with which he identifies. During his college career, he has been involved with the UC San Diego LGBT Resource Center, the Queers and Allies of Eleanor Roosevelt College, and he is in his third year of serving as a peer mentor for the First-Generation Student Success Coaching Program. With the skills he has learned, he has fostered an inclusive and empowering environment for more than 50 first-generation college students from UC San Diego. Ruiz is currently involved with the UC San Diego oSTEM organization, but he said when he first attempted to join more STEM-related organizations, “I felt so misplaced.”

“I feel that many who are LGBT+, along with other marginalized identities, struggle with finding a welcoming place. The Alan Turing Memorial Scholarships represent hope and opportunity for students with complex and diverse identities in the LGBT+ communities,” he said.

The scholarship is open to undergraduates who are active supporters of the LGBT+ community and majoring in computer science, computer engineering, public policy, communications, and other programs touching on networked systems. It is awarded to students based on academic merit, with a preference for those with demonstrated financial need.

CNS reached its endowment goal of $250,000 in February 2020. Many individual donors and corporate donors made this possible, including a generous donation from the Amateur Radio Digital Communications (ARDC) in memory of Brian Kantor, WB6YT, a UC San Diego alumnus who worked at UC San Diego for 47 years and founded the ARDC.

CNS faculty members George Papen, George Porter, and Alex Snoeren, along with fellow professor Joe Ford are part of a team that was awarded Phase II of the Department of Energy ARPA-E Award. The research team is developing a new datacenter network based on photonic technology that can double the datacenter’s energy efficiency. Their LEED project mirrors the development of CPU processors in PCs. Previous limitations in the clock rate of computer processors forced designers to adopt parallel methods of processing information and to incorporate multiple cores within a single chip. The team envisions a similar development within datacenters, where the advent of parallel lightwave networks can act as a bridge to more efficient datacenters. This architecture leverages advanced photonic switching and interconnects in a scalable way. Additionally, the team will add a low-loss optical switch technology that routes the data traffic carried as light waves. They will also add the development of packaged, scalable transmitters and receivers that can be used in the system without the need for energy-consuming optical amplification, while still maintaining the appropriate signal-to-noise ratio. The combination of these technologies can create an easily controllable, energy-efficient architecture to help manage rapidly transitioning data infrastructure to cloud-based services and cloud-based computing hosted in datacenters.

Datacenters are a critical component of the modern internet, responsible for processing and storing tremendous amounts of data in the “cloud.” Datacenters also provide the computational power needed for handling “big data,” a growing segment of the U.S. economy. Currently, datacenters consume more than 2.5% of U.S. electricity, and this figure is projected to double in about eight years due to the expected growth in data traffic. There are many approaches to improving the energy efficiency of datacenters. Still, these strategies will be limited by the efficiency with which information travels along metal interconnects within the data center devices—all the way down to the computer chips that process information. Unlike metal interconnects, photonic interconnects do not rely on electrons flowing through metal to transmit information. Instead, these devices send and receive information in the form of photons—light—enabling far greater speed and bandwidth at much lower energy and cost per bit of data. The integration of photonic interconnects will enable new network architectures and photonic network topologies that hold the potential to double overall datacenter efficiency over the next decade.

If successful, developments from ENLITENED projects will result in an overall doubling in datacenter energy efficiency in the next decade by deploying new photonic network topologies

Facebook Research announced the winners of the 2020 Networking Systems request for proposals. This year Facebook Research asked for proposals in the areas of host networking and transport security. Six proposals were accepted from 67 proposals from 15 countries and 57 universities. Congratulations to CNS/CSE faculty members George Porter, Aaron Schulman, and Alex C. Snoeren for receiving one of the six awards for their proposal on a custom NIC and network stack to support parallel network fabrics.

“This year’s submissions continue to reflect the quality and breadth of research topics in academia, and at the same time, their relevance to addressing Facebook’s growing networking infrastructure needs was indeed impressive,” says Rajiv Krishnamurthy, Software Engineering Director at Facebook. “I look forward to continuing our close collaboration with academia to solve interesting technical challenges as we build a more social network.” (2020, August 26). Announcing the Winners of the 2020 Networking Request for Proposals. Facebook Research. https://research.fb.com/blog/2020/08/announcing-the-winners-of-the-2020-networking-request-for-proposals/

 

Spring quarter 2020 was a unique experience for CSE/CNS Professor Geoffrey M. Voelker, who has been teaching CSE 125/Software System Design and Implementation at UC San Diego for the past twenty years. As with many faculty this year, Voelker had to quickly prepare for a remote class that was never intended to be online. Normally thirty students work closely together in the CSE computer lab in teams of six or seven students and build a distributed, real-time, 3D multiplayer game. This year, because of the global pandemic, the entire course had to be reconfigured for team members to work together (remotely) and the final demo presentation, typically held in front of 200 people in the Qualcomm Institute auditorium Atkinson Hall, was held on Twitch.

CSE 125 requires close collaboration and interaction among the students in each group and having to work remotely added significant hurdles to an already challenging class. Communicating, brainstorming, pair programming and debugging, access to appropriate hardware, and fostering group dynamics were all substantially more difficult than when working in person. The students worked intensely together for ten weeks, yet could not even go to dinner together.

Despite having to work remotely, though, the students succeeded beyond Voelker’s expectations. They quickly took advantage of a wide variety of remote collaboration tools, including Visual Studio Live Share, Zoom, Slack, Discord, Trello, GitHub, and Google Drive. The projects they produced were as creative, inspiring, and impressive as in previous years. Take a look at the videos!

CSE 125 culminates in a final live demo presentation where the students show off everything that they have accomplished in a fun, festive atmosphere. During the quarter, there was a lot of uncertainty in moving the final demos to an entirely remote event. But working closely with the amazing Events team at the Qualcomm Institute (Calit2), they were able to produce high-quality live streaming demos on Twitch that resulted in another memorable final demo experience. Twitch chat was true to its reputation, with many CSE 125 alumni supporting the students during the online demos.

The tradition of guest lectures continued remotely too. Tansen Zhu from Jam City and Ed Wu from Niantic had given lectures in the course before and generously were able to give guest lectures again, entirely online. While the experience is not the same, and the students did not have the opportunity to interact with Tansen and Ed in person, the lectures went very smoothly, and the interactive chat was quite lively.

The students were thankful that CSE 125 was not canceled this year and praised Voelker for adapting the class to be remote on short notice. They also praised Edward Chen, the class TA, for his technical troubleshooting during the ten weeks. The weekly team morale reports submitted to Voelker and Chen were unique. They included a variety of phrases like “life is pretty okay’, “loving this indoor life,” “hate the virus,” “need more air,” “groups are doing work,” and “we are going places.” All the students agreed that working on the project kept them busy and engaged during the quarantine, and by the end of the quarter, they were especially proud of what they accomplished during this challenging time.

CSE 125 – 2020 Class Photo

 

Introduction of Final Presentations by Professor Geoffrey M. Voelker

 

Game title: Gaia (Sphere Enix)
Teammates: Yiran Chen, Muyuan Chi, Wenlin Mao, Zi Wang, Peizhen Wu, Chao Zhou.
Gaia is played by two players on each side. One player on the team controls the terrain, and the other player controls the ball. The terrain editor can modify the terrain to help their teammate get points or block the opponent from getting points. The team within the time limit with the highest points wins.

 

Game Title: Komrade’s Kitchen
Teammates: Brian Chi, Ana Selvaraj, Joshua Quan, Jennifer Wu, William Xu, Shirley Zhang.
The team initially thought about making a heavy co-op game similar to “Keep Talking, and No One Explodes.” Their game ended up being a lighter game with more straightforward mechanics, fun gimmicks, and no co-op elements. Due to time limitations, the co-op aspects were eliminated because the team decided these aspects did not enhance the game’s overall enjoyment. Play-testing and experimentation in the final few weeks allowed the team to develop gameplay mechanics to replace their previous ideas. Their game relies on the gameplay mechanics over level design.

 

Game Title: Cyber City
Teammates: Jiajian Fu, Aditi Gaur, Kevin Huang, Charles Li, Hao Luo, Esther Zhao.
Cyber City is a multiplayer third-person tower defense game with resources and crafting elements. Players are divided into teams to destroy the enemy base while defending their own. Players can craft turrets and game units that help them intrude into the enemy base. The team that destroys the enemy’s base first will win. The game combines aspects of sandbox survival, tower defense, and multiplayer online battle arena gameplay styles into one competitive game.

 

Game Title: The Last Roll
Teammates: Cameron Foster, Steven Hausman, Anthony Lau, Patrick Liu, Thiago Marback, Christopher Maytom.
The Last Roll is a cooperative defense game in which players work together to protect a location with resources from a rush of enemy AI players. Players can perform actions such as building barriers and slowing enemies to preserve this location for as long as possible. The game’s theme revolves around the players being workers in a shop during COVID-19, where people are trying to steal the store’s supply of toilet paper. In the game, players must work together since their first-person view restricts their ability to assess the entire shop’s state.

 

Game Title: Grow Away
Teammates: Joyaan Bhesania, Yang Liu, Etsu Nakahara, Mingqi Shen, Arun Sugumar, Alexander Zhu.
Grow Away is a collaborative action tower defense game, and players defend against waves of zombies. Players need to grow plants that serve as “towers” to attack the enemies and defend the base. The players move across the map to pick up tools and perform actions to grow plants collaboratively.

Modern networked computer servers transfer information at rates of hundreds of gigabits per second. Operation at these data rates requires dedicated hardware in the form of the network interface. The development of new features requires a flexible, programmable, hardware prototyping platform. To address this need, UCSD postdoc researcher Alex Forencich developed Corundum—a novel FPGA-based network interface card. Corundum enables the development of advanced network interfaces, architectures, and protocols. It is currently being used to investigate how the precise control of packet transmission can improve network performance. Corundum was published at Field-Programmable Custom Computing Machines (FCCM) in May 2020.

Link to Corundum GitHub repository

CNS Co-Director Stefan Savage and his colleagues first gave the automotive industry a wake-up call when they published research demonstrating the ability to hack a car’s computer system in 2010.

This research, and the resulting academic paper, was honored with the Test of Time Award at this year’s IEEE Symposium on Security and Privacy for its broad and lasting impact.

“This effort alerted the automotive sector that security needed to become a top priority,” Savage said. “When we showed up it was not considered a critical function by any automaker or the U.S. Department of Transportation. All of that changed remarkably quickly as a result of our work.”

In the decade since the paper was first published, it has spawned new automotive security standards and organizations, government programs focused on vehicular cybersecurity, dozens of automotive security startups, countless follow-on research efforts and, most importantly, a pervasive focus on product security by major automakers around the globe.

Identifying Security Risks in Cars

In the 2010 paper, titled Experimental Security Analysis of a Modern Automobile, Savage and colleagues at UC San Diego and the University of Washington demonstrated the ability to hack an automobile and control everything from the brakes to the windshield wipers.

With their eye-opening results in hand, and prior to publishing them, one of the first things the researchers did was reach out directly to the automotive industry. Their goal was to alert industry to the vulnerabilities and form lasting partnerships that would ultimately enhance the safety, security, and privacy of millions of cars on the road.

“We observed that this was an industry-wide issue and not specific to a particular manufacturer,” said Tadayoshi Kohno, a paper co-author who is now a professor at the University of Washington.

Collaboration Spawns Change

The idea for the project began percolating when Kohno, who was completing his doctorate degree at UC San Diego at the time, and Savage struck up a casual conversation about potential security threats after seeing an OnStar advertisement. After Kohno moved to the University of Washington, he and Savage decided the time was ripe to explore the issue further.

From there the team, which included several students and faculty, came together. They soon purchased two cars and started investigating. For many of the team members who were students at the time, the collaborative nature of the project still influences their research philosophy and style.

Stephen Checkoway, now an assistant professor at Oberlin College, was the lead graduate student researcher from UC San Diego on the project. He was involved in most of the technical aspects, from reverse-engineering the automotive computers’ firmware to building tools to developing and testing exploits. His experience is one he remembers fondly.

“This was an extremely collaborative effort. No task was performed by an individual researcher alone. This was the key to our success. I count myself lucky to have had the opportunity to be on the team. Collaborative research has been my preferred method of research ever since,” Checkoway said.

Karl Koscher, now a research scientist with the University of Washington’s Security and Privacy Research Lab, was the lead graduate student on the project from the university. “It’s extremely gratifying to see lessons learned from our work are now baked into car manufacturers’ next-generation platforms, just now rolling off the assembly line.”

The team also included Brian Kantor, a longtime staff member in the Department of Computer Science and Engineering at UC San Diego who died unexpectedly in November 2019. Kantor played an important role, mentoring and teaching the students the basics of hardware engineering. Hovav Shacham, Shwetak Patel, Alexei Czeskis, Franziska Roesner, Damon McCoy and Danny Anderson rounded out the team.

Research that Stands the Test of Time

Many of Savage’s collaborative research efforts have had lasting impacts that are recognized by the field. Last year, he and his colleagues were honored with another Test of Time Award from the ACM Conference on Computer and Communications Security for a 2009 paper titled “Hey You Get Off of My Cloud: Exploring Information Leakage in Third-party Compute Clouds.” In 2017, Savage was part of a team that won yet another Test of Time Award from the USENIX Security Symposium for their 2001 “Inferring Internet Denial of Service” paper.

“All three of these papers reflect a notion of being open to investigating interesting problems and working as a team,” Savage said, “UC San Diego has always been a place that’s very welcoming to people who work well on teams – and I am one of those.”

The 2020 award was presented at the 41st annual IEEE Symposium on Security and Privacy, which is an all-digital conference this year. The symposium is the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

MEDIA CONTACT
Alicia Clarke, 858-822-5825, amclarke@ucsd.edu

The Center for Networked Systems (CNS) at UC San Diego has announced that following a $225,533 donation from the Amateur Radio Digital Communications (ARDC) association, the Alan Turing Memorial Scholarship is now fully endowed.

“We are incredibly grateful to ARDC for their generous gift,” said CNS Co-Director Stefan Savage. “Now that the endowment is complete, starting in the spring of 2021, we will be able to provide $10,000 scholarships for worthy students in perpetuity.”

A nonprofit based in California, ARDC promotes STEM education and digital development for amateur radio. Their gift honors former UC San Diego Department of Computer Science and Engineering (CSE) employee and ARDC founder Brian Kantor, who died unexpectedly in November 2019.

Kantor worked at UC San Diego for 47 years, including a decade at CSE. During his long career, he was a university postmaster, ran the name servers, and helped manage network infrastructure. Among his many accomplishments, he wrote the protocol standard for rlogin, and designed the Network News Transport Protocol (NNTP) that was the foundation for Netnews. Kantor was a nationally known ham radio operator and co-founded and managed AMPRnet, the gateway between the amateur packet radio community and the Internet. He retired from CSE in 2018.

CNS established the scholarship in 2015 to encourage a more diverse and inclusive community of engineers and to pay homage to Alan Turing. “Alan Turing is a giant in the pantheon of computer science pioneers, and his story is both tragic and inspirational,” said CNS Co-Director George Porter. Turing is a co-founder of the field of computer science and a brilliant mathematician, and his work contributed substantially to the Allied victory in World War II through his brilliant codebreaking. After the war, Turing suffered outright persecution for his activities as a gay man. He died by suicide in 1954.

“I am delighted that you are able to support students through the Alan Turing Memorial Scholarship, said Dermot Turing, Alan’s nephew. “I am certain that this kind of initiative is one which would have received his whole-hearted support.”

The scholarship is for enrolled UC San Diego undergraduate students majoring in computer science or computer engineering, public policy, communications, and other programs touching on networked systems, and who are active in supporting the LGBT community. With generous donations from individuals, and corporations/foundations, CNS has awarded scholarships to six deserving UC San Diego undergraduate students since 2016. “CNS is extremely grateful to Brian Kantor and the ARDC for completing the endowment of this scholarship,” said CNS Administrative Officer Jennifer Folkestad. “It has and will continue to have a transformative impact on students for generations to come.”

Researchers from the University of California San Diego, the University of Texas at Austin, Stanford University and Mozilla have developed a new framework to improve web browser security. The framework, called RLBox, has been integrated into Firefox to complement its other security-hardening efforts.

RLBox increases browser security by separating third-party libraries that are vulnerable to attacks from the rest of the browser to contain potential damage—a practice called sandboxing. The study will be published in the proceedings of the USENIX Security Symposium in March.

Browsers, like Firefox, rely on third-party libraries to support media decoding (e.g., rendering images or playing audio files) among many other functionalities. These libraries are often written in low-level programming languages, like C, and highly optimized for performance.

“Unfortunately, bugs in C code are often security vulnerabilities—security vulnerabilities that attackers are really good at exploiting,” noted senior author Deian Stefan, an assistant professor with UC San Diego’s Department of Computer Science and Engineering and a faculty member of CNS.

RLBox allows browsers to continue to use off-the-shelf, highly tuned libraries without worrying about the security impact of these libraries. “By isolating libraries we can ensure that attackers can’t exploit bugs in these libraries to compromise the rest of the browser,” said the lead Ph.D. student on the project, Shravan Narayan.

A key piece of RLBox is the underlying sandboxing mechanism, which keeps a buggy library from interfering with the rest of the browser. The study investigates various sandboxing techniques with different trade-offs. But the team ultimately partnered with the engineering team at San Francisco-based Fastly to adopt a sandboxing technique based on WebAssembly, a new intermediate language designed with sandboxing in mind. The team believes that WebAssembly will be a key part of future secure browsers and secure systems more broadly. The WebAssembly sandboxing effort is detailed in a recent Mozilla Hacks blog post.

“Unfortunately, it’s not enough to put a library in a sandbox, you need to carefully check all the data that comes out of the sandbox—otherwise a sophisticated attacker can trick the browser into doing the wrong thing and render the sandboxing effort useless,” said Stefan. RLBox eliminates these classes of attacks by tagging everything that crosses the boundary and ensuring that all such tagged data are validated before being used.

RLBox has been integrated into Mozilla’s Firefox and will be shipping to Linux users in Firefox 74 and Mac users in Firefox 75, with plans to implement in other platforms.

“This is a big deal,” says Bobby Holley, principal engineer at Mozilla. “Security is a top priority for us, and it’s just too easy to make dangerous mistakes in C/C++. We’re writing a lot of new code in Rust, but Firefox is a huge codebase with millions of lines of C/C++ that aren’t going away any time soon. RLBox makes it quick and easy to isolate existing chunks of code at a granularity that hasn’t been possible with the process-level sandboxing used in browsers today.”

In the study, the team isolated half a dozen libraries using RLBox. To start, Firefox will ship with their sandboxed Graphite font shaping library. Mozilla plans to apply the sandboxing more broadly in the future, ultimately making millions of users’ browsers more secure.

Other authors included: CSE/CNS Graduate Student Craig Disselkoen and CSE/CNS Faculty Sorin Lerner at UC San Diego; Hovav Shacham at UC San Diego and UT Austin; Nathan Froyd and Eric Rahm at Mozilla; and Tal Garfinkel at Stanford University.

Original Article published here: https://cse.ucsd.edu/about/news/researchers-develop-framework-improves-firefox-security

UC San Diego Computer Science and Engineering (CSE) Department professor and CNS faculty member, Alex C. Snoeren has been elected to the Institute of Electrical and Electronics Engineers (IEEE) Fellow class of 2020 for his “contributions to management and security of networked systems.” Recognition as an IEEE Fellow is the organization’s highest honor for electrical engineers, computer engineers and computer scientists.

Snoeren is a leader in network security. Early in his career, he focused on defeating denial of service attacks, developing a unique capability to track where these attacks originate. He has also done extensive work measuring malicious activity on services that run on the Internet.

“That’s a common theme that runs through a lot of my work,” said Snoeren, “figuring out how to manage, control, secure and defend networks and the services on top of them.”

Networked systems take in a lot of territory: wireless, wide area, data centers – like the ones Google, Facebook and Amazon use – the big, wide internet.

Snoeren’s team studies potential risks and develops creative ways to counter them. The group spends a lot of time on empirical security research: studying the real threats, right now.

“Typically, we look for trends and connections between various activities and exploits we’re seeing,” he said, “thinking about the fundamental changes that might negate an entire class of attack or vulnerability.”

Recently, Snoeren and his students began looking at services that run on top of the internet, such as Google Maps, where spam businesses have become an emerging threat.

“If you search for a business on Google maps – locksmiths for example – you get many locations,” said Snoeren. “In some cases, half of them, or even almost all of them, are a fraud. They’re not actual locksmiths. They’re people preying on you because, if you’re looking for a locksmith, they know you’re vulnerable. You need help now, and you’ll probably call anything that comes up.”

This could also be true for alcohol and drug counseling, pregnancy testing or any urgently-needed service. For companies like Google, there’s a constant tension between the data they let through and the data they manually check. Given the volume, they can’t check it all. Snoeren’s group worked with Google to help identify markers in the data that might indicate a map entry, for example, should receive extra scrutiny.

If this seems like a monumental task, it can be. That is why Snoeren is interested in securing against entire classes of attacks, which requires some deeper thinking.

“Why is it that people are incentivized to behave in this way?” asks Snoeren. “We can try and prevent them from acting poorly, whatever that means, or take away the incentive to act that way. Other times, we can use their own motivations against them.”

Snoeren points to a system he developed with a graduate student to detect website breaches without actually knowing anything about the websites. Instead, it leverages attackers’ desire to monetize the information they gain.

Users often re-use passwords, so if an attacker hacks into a website’s account database, and learns a user’s email address and password, they will likely attempt to log into the user’s email account. To counter this, Snoeren’s team collaborated with a major email provider to monitor logins for specially-created email addresses they had deliberately registered at thousands of sites. By doing this, they could detect when account information at any of these websites was compromised.

“A huge chunk of people are just economically motivated,” said Snoeren. “If you can figure out how they plan to extract value from their activities, you can identify ways to monitor or, ideally, stop the behavior entirely.”

This is the latest in a series of honors for Snoeren. In 2018, he was named a Fellow of the Association for Computing Machinery (ACM) for his work measuring, managing and detecting network traffic. Among other awards, he has also received an Alfred P. Sloan Fellowship, a National Science Foundation CAREER Award, and earned best-paper awards at the ACM SIGCOMM and USENIX OSDI conferences.

Snoeren, who joined the CSE Department in 2002, teaches a number of undergraduate and graduate courses and works closely with the next generation of computer scientists and engineers. To learn more about his research, visit his CSE faculty page.

Original story published here: https://cse.ucsd.edu/about/news/uc-san-diego-computer-scientist-alex-c-snoeren-elected-ieee-fellow

CNS Co-director Stefan Savage received an ACM CCS Test-of-Time award for the 2009 paper “Hey, You, Get off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds.” The paper authors are Stefan Savage, Tom Ristenpart, Hovav Shacham, and Eran Tromer.
http://cseweb.ucsd.edu/~savage/papers/CCS09.pdf

The CNS Espresso Prize for Excellence in Networking was awarded by Professor Alex C. Snoeren to UCSD undergraduate student Godwin Pang for his outstanding final project in CSE 123 (2019 fall quarter).
Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practice of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.

Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.

The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123, Alex C. Snoeren, based upon criteria set by him for the given final project assigned each year.

Previous Recipients of the CNS Espresso Prize for Excellence in Networking:

2019 Undergraduate recipient: Weiyang (Frank) Wang
2018 Undergraduate recipient: Christian Chung
2017 Undergraduate recipient: Yihan Zhang
2016 Undergraduate recipient: Conner Johnston
2014 Undergraduate recipient: Aaron Yip Ming Wong
2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
2013 Undergraduate recipient: Jacob Maskiewicz
2013 Graduate recipient: Vidya Kirupanidhi

Weiyang (Frank) Wang has been recognized as a Runner-Up for a 2020 Outstanding Undergraduate Researcher Award by the Computing Research Association (CRA). This award program recognizes undergraduate students in North American colleges and universities who show outstanding research potential in an area of computing research. Mitsubishi Electric Research Labs (MERL) is the sponsor of the Outstanding Undergraduate Researcher Award program this year.

Frank received the CNS Espresso Prize for Excellence in Networking in 2018.

Each year, the Center for Networked Systems (CNS) awards the Alan Turing Memorial Scholarship to one or more students for their academic commitment, particularly in networked systems, and their ongoing support for the LGBTQ community.

Thanks to a generous grant from the Motorola Solutions Foundation, Giselle Mejia, a fourth-year student studying cognitive science with a specialization in design and interaction, is now among the 2019 Turing Scholarship recipients. A second student, who wishes to remain anonymous, was also recognized and will be awarded a scholarship through support from CNS.

“This year, the Alan Turing Memorial Scholarship has been awarded to two amazing students,” said associate professor and CNS co-director George Porter. “We’re very thankful to the Motorola Solutions Foundation for their generous support of this meaningful scholarship program and for making this opportunity possible.”

The Motorola Solutions Foundation impacts underrepresented populations—including females, minorities, people with disabilities, veterans and more—through its grants program.

Honoring Alan Turing and Celebrating Inclusiveness
The Alan Turing Scholarship was established in 2015 by CNS, an interdisciplinary computer science research center in UC San Diego’s Computer Science and Engineering Department.

The award pays homage to Alan Turing, the famed codebreaker and mathematician whose work accelerated the Allied victory in World War II. After the war, Turing was persecuted for his orientation as a gay man and died by suicide in 1954.

The scholarship honors Turing for his brilliant achievements and supports an inclusive, diverse environment in computer science. In addition to their LGBTQ support, scholarship recipients are selected for academic merit and financial need.

“We are very pleased to support the work of CNS and the goals of the Alan Turing Memorial Scholarship at UC San Diego,” said Monica Mueller executive director of the Motorola Solutions Foundation. “We believe in organizations that foster innovation and drive change and we’re proud to be part of the positive impact they are making in the community.”

Giselle Mejia: 2019 Alan Turing Scholar
As a 2019 Alan Turing Scholar, Mejia will receive a stipend and have unique opportunities to conduct research with a CNS faculty mentor. Coming from an economically disadvantaged household, Mejia appreciates the financial support. However, she was compelled to apply for personal reasons.

“I saw the Alan Turing scholarship description, and it really called out to me,” said Mejia. “It matched what I am studying and what I want to represent.”

She did not always feel that way. Mejia grew up in a household where the LGBTQ community was not accepted. As a child, she never questioned these views, but as she grew up, and got to know friends and relatives within the community, she realized these attitudes were simply wrong.

“My world began as a simple, ordinary house and a small family,” said Mejia in a thank you letter to CNS. “To me, all that I knew and learned was traditional in the Philippines. My world, however, grew into a street; and then a town; and then a world with families and friends and their families.”

Since this epiphany, Mejia has actively supported the LGBTQ community and has participated in the San Francisco Gay Pride Parade.

“The parade was just beautiful,” she said. “It brings together this large community and gives them lots of space to express themselves and meet new people who accept them and give each other encouraging words. It’s a safe haven with so much peace. I learned a lot from walking those parades.”

On the academic side, Mejia’s studies have provided her with a foundation in cognitive science, communications, computer science, and the visual arts. She hopes to integrate these interdisciplinary approaches as she moves forward in her career.

“I want to take all the things I’ve learned from computer science and technology, coupled with the brain, and really go into AI,” said Mejia. “I want to create technology that will bridge the gap between computers and people.”

After graduation, Mejia plans to look for a job in Silicon Valley or elsewhere in the Bay Area. The Alan Turing Memorial Scholarship caps off an impressive four years at UC San Diego, which she will deeply miss.

“It’s pretty bittersweet,” said Mejia. “I love this school; it helped me grow in so many ways. But it also prepared me, and I’m excited to go out in the real world.”

KC Claffy, director of the Center for Applied Data Analysis (CAIDA) at the University of California’s San Diego Supercomputer Center (and a CNS faculty member), has been inducted into the Internet Hall of Fame for her pioneering work in the area of internet measurement and analysis.

Claffy, who is also an adjunct professor in UC San Diego’s Computer Science and Engineering Department, was among 11 inductees from six countries around the world, including Peru, Japan, Brazil, Netherlands, Togo and the U.S. They were honored at a special ceremony September 27 in San José, Costa Rica.

“The internet’s design has always enabled people to see a problem, and get to work on solving it,” said Andrew Sullivan, Internet Society President and CEO. “This year’s inductees have given us all great gifts of their creative approaches to issues they saw on the internet. We can take inspiration from them to tackle the next round of challenges.”

In pioneering the field of internet measurement and analysis, Claffy has helped the global scientific research community better understand the internet and how it is used, according to an announcement by the Internet Hall of Fame. In addition to conducting her own research, Claffy and her team have developed infrastructure and methodologies for large-scale internet data collection, analysis, and distribution around the world.

In her acceptance remarks, Claffy recognized the roles that SDSC, its Founding Director Sid Karin, SDSC Research Scientist Hans-Werner Braun, and then-UC San Diego Professor George Polyzos played early in her career.

She also observed two historical inflection points: one at the beginning of her career, the commercialization and privatization of the Internet infrastructure, and the second emerging now, amidst recognition that “society is increasingly exposed to a range of harms serious enough to create a public interest in mitigating them.” Claffy also noted that this inflection point toward regulation is “scarier…, because mistakes by governments are more dangerous and take longer to undo than mistakes by the private sector.”

Claffy published the first of many papers on internet traffic measurement and analysis in 1992, and in 1997 founded CAIDA. The center initially focused on data that informed the technical community, but now also examines the economic and policy context that defines the internet ecosystem, including analysis related to infrastructure security and stability, the mutual interdependence of architecture and policy, and the ethics of information technology research.

A series of brief videos by Claffy explaining the issue of net neutrality and why we need to measure the internet can be found here.

MEDIA CONTACT
Jan Zverina, 858-534-5111, jzverina@sdsc.edu

Original story posted here: https://ucsdnews.ucsd.edu/pressrelease/caidas-kc-claffy-inducted-into-internet-hall-of-fame

A team of computer scientists at UC San Diego and the University of Illinois has developed an app that allows state and federal inspectors to detect devices that criminals install in gas pumps to steal consumer credit and debit card data. The devices, known as skimmers, use Bluetooth to transmit the data they steal.

“All criminals have to do is download the data from the comfort of their vehicle,” said Nishant Bhaskar, a Ph.D. student in computer science at the University of California San Diego and the study’s first author.

The app, called Bluetana, detects the Bluetooth signature of the skimmers, and allows inspectors to find the devices without needing to open up the gas pumps.

Bluetana was developed with technical input from the United States Secret Service and is only available to gas pump inspectors. It will not be available to the general public. It is now used by agencies in several states.

“Our goal is to give field agents the best tools for the job available today,” said Kirill Levchenko, a computer science professor at the University of Illinois who earned his Ph.D. at the Jacobs School of Engineering at UC San Diego. “We’ve found that Bluetana helps agents find more gas stations with skimmers—and to find more skimmers at those gas stations.”

The researchers found that, compared to similar apps currently available for smartphones, Bluetana is likely to discover more skimmers and results in a much lower false positive rate. “Bluetooth technology used in these skimmers are also used for legitimate products commonly seen at and near gas stations such as speed-limit signs, weather sensors and fleet tracking systems,” said Bhaskar. “These products can be mistaken for skimmers by existing detection apps.”

Bluetana uses an algorithm developed by the researchers to distinguish skimmers from legitimate Bluetooth devices. The researchers designed the algorithm based on the results of a field study during which the researchers analyzed scans of Bluetooth devices taken by inspectors at 1,185 gas stations across six U.S. states.

“Bluetana extracts more meaningful data from the Bluetooth protocol, such as signal strength, than existing skimmer detection applications. In a few cases, our app was able to find devices missed by visual inspection,” said Maxwell Bland, a Ph.D. student in computer science at UC San Diego and study coauthor.

In one year of operation, Bluetana has led to the discovery of 42 Bluetooth-based skimmers across three U.S. states, all of which were recovered by inspectors. “We were surprised that there were so many skimmers in the field that had not been discovered by other detection methods such as regular manual inspections,” said Aaron Schulman, a UC San Diego assistant professor in computer science. “We even found two skimmers that were installed in gas pumps and had evaded detection for six months.”

Researchers will present their work on Bluetana at the USENIX Security 2019 conference Aug. 14, 2019 in the San Francisco Bay Area.

What do skimmers do and how much are they worth to criminals?
Skimmers have a high return on investment for criminals: skimmed debit card numbers can be used to withdraw cash and skimmed credit card numbers to make expensive purchases. A skimming device costs $20 or less to manufacture and can bring in more than $4,000 per day, depending on how many people use the gas pump and how the criminal converts the stolen numbers to cash.

Criminals break into the pumps, many of which can be opened using a universal master key, to install the skimmers. Skimmers are connected to both the keypad and the magnetic stripe reader inside the gas pump. This allows the devices to collect not only customers’ card numbers, but also their billing ZIP code and PIN, in the case of a debit card transaction.

It takes Bluetana, on average, three seconds to detect a skimmer. By contrast, law enforcement officials can take 30 minutes on average to find skimmers during manual inspections.

“UC San Diego is an active and important partner on our Southern California Electronic Crimes Task Force, and has been able to provide technological solutions to current investigative needs,” said Special Agent in Charge James Anderson of the Secret Service. “Our office looks forward to presenting them with other investigative challenges.”

Next steps
As more gas stations adopt payment systems exclusively for credit and debit cards with chips, criminals will use technologies to capture information from these types of cards. Researchers will have to follow suit. Visa and MasterCard are mandating that all gas stations in the United States use the chip-based systems by October 2020.

“Bluetana is not the last word,” Levchenko said. “As criminals evolve, our techniques will need to evolve also.”

MEDIA CONTACT
Ioana Patringenaru, 858-822-0899, ipatrin@ucsd.edu

Paper: http://cseweb.ucsd.edu/~schulman/docs/sec19-bluetana.pdf
Krebs on Security: https://krebsonsecurity.com/2019/08/meet-bluetana-the-scourge-of-pump-skimmers/
Fast Company: https://www.fastcompany.com/90390130/bluetana-is-a-new-app-to-fight-gas-pump-credit-card-skimmers
Tech Crunch: https://twitter.com/TechCrunch

He is celebrated for his code-cracking work that proved vital to the Allies in World War Two.

The Center for Networked Systems is delighted to learn that the Bank of England revealed Alan Turing as the new face for the £50 note. We at CNS are excited that the namesake for CNS’s Alan Turing Memorial Scholarship is being honored this way.

Full Article: https://www.bbc.com/news/business-48962557

A generous $1,000 donation for the Alan Turing Memorial Scholarship from a Center for Networked Systems alumnus has led to a challenge for the inaugural UCSD Giving Day. To unlock the challenge, we need 15 donations of any amount by 2:00 PM on May 17, 2019.

Please consider helping us with this challenge by DONATING HERE:
https://ugive.ucsd.edu/giving-day/12221/donate?dept=17709&des=68156

UCSD Giving Day: https://ugive.ucsd.edu/?_ga=2.182123044.241336362.1557764195-1736365700.1549398806

More about the scholarship can be found here: http://cns.ucsd.edu/cns-students-portal/center-for-networked-systems-alan-turing-memorial-scholarship/

Geoffrey M. Voelker and his colleagues at MSR Beijing, including CSE Ph.D alumnus, He “Lonnie” Liu, won the USENIX Test of Time award at NSDI in Boston, MA this week for their work on Sora: High Performance Software Radio using General Purpose Multicore Processors. This was the first purely software-based WiFi radio platform running on a PC. The award is given for work at least a decade prior that has had a lasting impact on the field. Voelker received his first Test of Time award at USENIX Security in 2017 for his denial of service attacks research.

Related links:
2009 Paper: Sora: High Performance Software Radio using General Purpose Multi-Core Processors

NSDI ’19: 16th USENIX Symposium on Networked Systems Design and Implementation

In 2015, the Center for Networked Systems established the Alan Turing Memorial Scholarship the first of its kind in the nation, for enrolled UC San Diego undergraduate students majoring in computer science or computer engineering, public policy, communications and other programs touching on networked systems and who are active in supporting the LGBTQIA+ community. In addition to receiving a $2,000 scholarship, recipients are also provided with an opportunity to carry out guided research under the direction of one of the center’s faculty mentors.

APPLICATION INFORMATION

The Alan Turing Memorial Scholarship will be awarded in the fall quarter of 2019 for the 2019-2020 academic year. In addition to the requirements listed above, preference is given to students with demonstrated academic merit, financial need, and experience or interest in research.

If awarded this scholarship, you will need to provide a two or three sentence public statement about how you have actively supported the LGBTQIA+ community through your identity, relationships and/or work.

Online application: https://ucsd.academicworks.com/opportunities/2332

DEADLINE: February 4, 2019
If you have questions regarding the application process, please contact the UCSD Scholarship Office at scholarships@ucsd.edu

The CNS Espresso Prize for Excellence in Networking was awarded by Professor Alex C. Snoeren to UCSD undergraduate student Weiyang Wang for his outstanding final project in CSE 123 (2018 fall quarter).

Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practice of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.

Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.

The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123, Alex C. Snoeren, based upon criteria set by him for the given final project assigned each year.

Previous Recipients of the CNS Espresso Prize for Excellence in Networking:

2017 Undergraduate recipient: Christian Chung
2017 Undergraduate recipient: Yihan Zhang
2016 Undergraduate recipient: Conner Johnston
2014 Undergraduate recipient: Aaron Yip Ming Wong
2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
2013 Undergraduate recipient: Jacob Maskiewicz
2013 Graduate recipient: Vidya Kirupanidhi

https://cns.ucsd.edu/cns-students-portal/cns-espresso-prize-for-excellence-in-networking/

The Alan Turing Memorial Scholarship recipients, Anton Sydorenko and Adrian Mendoza, met Ken Nordholm from Motorola Solutions at a social gathering in La Jolla, California on January 17, 2019, to express their gratitude for the $10,000 donation from the Motorola Solutions Foundation. Motorola’s gift made a positive and powerful impact on their lives.

Read more about the recipients and Motorola Solutions Foundation’s gift: https://cns.ucsd.edu/alan-turing-memorial-scholarship-recognizes-two-students-in-computer-science/

Researchers from UCSD’s Center for Networked Systems are designing a new kind of network technology called RotorNet, which has the potential to increase the performance of networked applications while reducing their energy use. This work is supported by the National Science Foundation and the Dept. of Energy’s “ARPA-e” ENLITNED program.
A brief video about our research:

Alex C. Snoeren, a professor of computer science and engineering, has been named a Fellow of the Association for Computing Machinery (ACM), the world’s largest association of computing professionals. Snoeren is being honored for his innovative approaches to measuring, managing and detecting network traffic and is one of only 56 Fellows named in 2018.

Long before cloud computing services, such as Amazon’s AWS and Microsoft’s Azure, became omnipresent, Snoeren said he and his colleagues “considered how to limit the amount of traffic a particular customer or service might use in a cloud environment, where there are many different links or paths that their traffic could traverse.”

“Traditionally, limits were imposed by running all the traffic through a single device that would ‘see’ everything, but that could result in significant delays,” he explained. “Instead, we devised a method called distributed rate limiting (DRL) that provided the illusion of a single shared link, but did not require the traffic to traverse the same physical links.”Snoeren and his graduate students are now working on new ways to connect the hundreds of thousands of computers in massive data centers, using optical circuit switches, and are creating a prototype using motors and spinning platters repurposed from commercial hard drives.

“Optical circuit switches have long been known to be a much more cost-effective way to connect hosts at high speeds, but so far nobody has figured out a way to do so while allowing servers to respond to client requests before users get impatient,” said Snoeren. “We are developing a new kind of optical circuit switch that can deliver both the massive amounts of bandwidth required by mega data centers while meeting the stringent timeliness requirements of today’s services and applications.”

“I’ve also spent a fair amount of time thinking about how to make the network robust to attack,” said Snoeren. “Back when we were graduate students, I and my CSE colleague Stefan Savage each invented an entirely different way to determine the source of the distributed denial of service (DDoS) attacks that were plaguing the Internet at the turn of the millennia.”

Snoeren joined the CSE faculty in 2003 and is a member of UCSD’s Systems and Networking Research Group, the Center for Networked Systems and the Center for Evidence-Based Security Research. He received a Ph.D. in computer science from the Massachusetts Institute of Technology in 2003, an M.S. in computer science in 1997 and a B.S. in computer science (1996) and applied mathematics (1997) from the Georgia Institute of Technology. For Snoeren, being named an ACM fellow is the culmination of a lot of hard work and honor he is happy to share with many of his UC San Diego co-workers.

“Many of my CSE faculty colleagues are ACM Fellows themselves, so it is a career milestone I’ve looked up to for a long time,” said Snoeren. “I’m deeply honored to see my name alongside theirs and all the other Fellows selected this year, many of which are good friends so I’m looking forward to celebrating with them at the ceremony next June.”

For more on Snoeren’s work, visit http://cseweb.ucsd.edu/~snoeren/ .

Story written by Qualcomm Institute / UC San Diego Division of Calit2 Media Services

Alex C. Snoeren, a professor of computer science and engineering and a CNS faculty member, has been named a Fellow of the Association for Computing Machinery (ACM), the world’s largest association of computing professionals. Snoeren is being honored for his innovative approaches to measuring, managing and detecting network traffic and is one of only 56 Fellows named in 2018.

Long before cloud computing services, such as Amazon’s AWS and Microsoft’s Azure, became omnipresent, Snoeren said he and his colleagues “considered how to limit the amount of traffic a particular customer or service might use in a cloud environment, where there are many different links or paths that their traffic could traverse.”

“Traditionally, limits were imposed by running all the traffic through a single device that would ‘see’ everything, but that could result in significant delays,” he explained. “Instead, we devised a method called distributed rate limiting (DRL) that provided the illusion of a single shared link, but did not require the traffic to traverse the same physical links.”Snoeren and his graduate students are now working on new ways to connect the hundreds of thousands of computers in massive data centers, using optical circuit switches, and are creating a prototype using motors and spinning platters repurposed from commercial hard drives.

“Optical circuit switches have long been known to be a much more cost-effective way to connect hosts at high speeds, but so far nobody has figured out a way to do so while allowing servers to respond to client requests before users get impatient,” said Snoeren. “We are developing a new kind of optical circuit switch that can deliver both the massive amounts of bandwidth required by mega data centers while meeting the stringent timeliness requirements of today’s services and applications.”

“I’ve also spent a fair amount of time thinking about how to make the network robust to attack,” said Snoeren. “Back when we were graduate students, I and my CSE colleague Stefan Savage each invented an entirely different way to determine the source of the distributed denial of service (DDoS) attacks that were plaguing the Internet at the turn of the millennia.”

Snoeren joined the CSE faculty in 2003 and is a member of UCSD’s Systems and Networking Research Group, the Center for Networked Systems and the Center for Evidence-Based Security Research. He received a Ph.D. in computer science from the Massachusetts Institute of Technology in 2003, an M.S. in computer science in 1997 and a B.S. in computer science (1996) and applied mathematics (1997) from the Georgia Institute of Technology. For Snoeren, being named an ACM fellow is the culmination of a lot of hard work and an honor he is happy to share with many of his UC San Diego co-workers.

“Many of my CSE faculty colleagues are ACM Fellows themselves, so it is a career milestone I’ve looked up to for a long time,” said Snoeren. “I’m deeply honored to see my name alongside theirs and all the other Fellows selected this year, many of which are good friends so I’m looking forward to celebrating with them at the ceremony next June.”

For more on Snoeren’s work, visit http://cseweb.ucsd.edu/~snoeren/.

By Xochitl Rojas-Rocha, senior writer, Qualcomm Institute at UC San Diego

The recipients of this year’s Alan Turing Memorial Scholarship are Anton Sydorenko (senior, Computer Science) and Adrian Mendoza (junior, Computer Engineering). This marks the third consecutive year that UC San Diego’s Center for Networked Systems has recognized students studying networked systems for their academic commitment and involvement in the LGBT community, and the first year that it has awarded the scholarship to more than one student.

Honoring Alan Turing’s Legacy

The Alan Turing Memorial Scholarship was established in 2015 by the Center for Networked Systems (CNS), an interdisciplinary computer science research center in UC San Diego’s Computer Science and Engineering Department. The scholarship pays homage to Alan Turing, the famed codebreaker and mathematician whose work accelerated the Allied victory in World War II by more than a year.

After the war, Turing was persecuted for his orientation as a gay man. He died by suicide in 1954.

“The Turing Scholarship at UCSD is a unique way that we as a community show how much we value diversity, in particular, diversity aimed at the LGBT community. Diversity is essential to strengthening our center, and is in line with UCSD’s mission,” said CNS co-director George Porter.

The Turing Scholarship highlights CNS’s interest in celebrating and promoting student diversity in computer science and related fields. In addition to providing students with funds for their education, CNS offers recipients a chance to conduct research under the guidance of a mentor. Thanks to a donation of $10,000 from the Motorola Solutions Foundation, CNS can provide that opportunity to two recipients this year.

“The Motorola Solutions Foundation is honored and privileged to support the Alan Turing Memorial Scholarship,” said Matt Blakely, executive director of the Motorola Solutions Foundation. “We believe in organizations that are fostering innovation, building partnerships and driving change, and we’re proud to be a part of the positive impact they’re making in their communities.”

Anton Sydorenko: Immigrant, Coder

When he was 20, Anton Sydorenko packed a bag of summer clothes and emigrated alone from Ukraine to Chicago, IL. He had only $700 in his pocket.

Sydorenko’s first years in the country were spent adjusting, practicing his English, and working minimum wage jobs to support himself. One of those jobs entailed working security at a popular LGBT nightclub in Chicago, where he found friends and a community. He participated in LGBT-geared festivals and helped build a float for a pride parade on one memorable occasion.

Eventually, Sydorenko’s hard work carried him from community college to a transfer to UC San Diego. It felt like a significant achievement for someone whose parents never attended school. Sydorenko believes it was made possible by the risk he took in moving to a new country where he had neither friends nor family.

“You really have to experience the poverty, obstacles and total corruption of ‘developing’ countries to truly appreciate and respect ‘the land of opportunities.’ Two years ago I became a U.S. citizen and it is one of my proudest achievements,” said Sydorenko.

The scholarship will support Sydorenko’s education and love of coding. For him, “receiving an award that is named after Alan Turing, the father of computer science, is especially motivating and inspiring.”

Currently, Sydorenko and several classmates are designing an app that will help find homes for animals held in shelters.

Adrian Mendoza: First-Generation Student, Computer Engineer

Born to Mexican immigrants in south Los Angeles, Adrian Mendoza credits his parents and the hard sacrifices they made for his current success and the opportunity to pursue what he loves. To him, computer engineering is a way to understand and solve the problems of the world.

“Technology revolves around everyone’s life, so working to improve technology is basically working to improve everyone’s life,” Mendoza concluded.

In addition to leading independent projects in computer engineering, Mendoza fosters collaborations between the Society of Hispanic Professional Engineers and Out in Science , Technology, Engineering, and Mathematics (oSTEM), an LGBT-oriented non-profit. He has seen his efforts help oSTEM build its reputation and draw interest from engineering students who identify as LGBT.

Receiving the Alan Turing Memorial Scholarship gives Mendoza the space to focus on his studies, and removes the added stress of working to support himself. As soon as he’d heard he won, he called his family.

“It took me a couple minutes to let it sink in that I was the fortunate student to have been awarded this scholarship, out of the hundreds who applied for it. At the end of the day, I felt blessed and thankful for having been selected,” said Mendoza.

The scholarship is open to undergraduates who are active supporters of the LGBT community and majoring in computer science, computer engineering, public policy, communications, and other programs touching on networked systems. It is awarded to students based on academic merit, with a preference for those with demonstrated financial need.

The CNS established the scholarship with gifts from the center’s annual giving fund. The center is now looking for additional philanthropic support to create an endowment, in hopes of raising $250,000 to ensure the scholarship will be available to students in the future.

If you are interested in donating to the foundation, contributions can be made online .

For more information on the scholarship and the application process, visit the CNS website .

The story is also posted here: UCSD CSE

 

 

 

For female students, in particular, attending the annual Grace Hopper Celebration of Women in Computing can be a critical launching pad for careers in computer science in either academia or private industry.  For that reason, UC San Diego’s Center for Networked Systems (CNS) provides funding each year to help defray the cost of attending the Grace Hopper Celebration to a deserving student who wants to play a leadership role in computer science.

The CNS Grace Hopper Travel Grant awardee selected to attend the 2018 conference, September  26-28 in Houston, is Nadah Feteih.  Feteih is working on her M.S. in Computer Science with a specialization in Systems and Security.

Nadah Feteih is going into her last year in the M.S program, with an anticipated graduation of March 2019. She received her Bachelor’s degree in Computer Science from UC San Diego and graduated December 2017 with highest honors (summa cum laude). During her time as an undergraduate, she has been involved with the CSE Department in different capacities. She has been a tutor for various introductory programming courses and most recently a TA for the Programming Languages and Compilers courses. She was an undergraduate researcher with a growing interest in security and privacy research. With her most recent role this summer as a software engineer at Google, she worked on the Data Retention and Wipeout team under the privacy org. During previous summers, she has also completed internships at Facebook and Intuit. As a graduate student, she has also been interested in Computer Science education and co-founded a student organization (CS foreach) focused on mentorship, outreach, and teaching Computer Science in underserved communities throughout San Diego County. She received the Contributions to Diversity award within the Master’s division this past June.

 

https://ghc.anitab.org/

 

Facebook invited submissions from university researchers and faculty, non-profit organizations, and NGOs for applied research proposals to improve the security, privacy, and safety of internet users.  Their goal is to spur the development of technology that may be applied in practice.  Facebook awarded up to $100,000 per proposal for the Secure the Internet Grant.

CNS/CSE Professors Stefan Savage and Geoffrey Voelker received a $75,000 a grant for their proposal, “Evaluating Security Outcomes: Applying Evidence-based Security to Improve Cybersecurity Risk.”  This project will bring large portions of cybersecurity under an evidence-based umbrella, to correlate concrete cybersecurity outcomes (e.g., whether a particular machine is compromised or a credential is stolen) with concrete security behaviors (e.g., is the software patched, does the user of the machine visit file sharing sites, etc.).  Their lab plans to use this approach to both empirically evaluate particular hypotheses (i.e., a correlation between the use of file-sharing sites and host compromise might be explained by the poisoning of the file-sharing ecosystem with malware). They will also develop network measurement tools to extract a broad array of security-relevant behaviors as well as indicators of outcomes, using the machines connected to UC San Diego’s network as the basis of the study.

 

Congratulations to Ranjit Jhala for receiving the 2018 Robin Milner Young Researcher Award.  The Robin Milner Young Researcher Award is given by ACM SIGPLAN to recognize outstanding contributions by young investigators in the area of programming languages. Individuals are eligible if their computer-related professional career (graduate school or full-time employment, whichever began first) started no earlier than 20 years prior to the nominations deadline.  The award ceremony took place at the PLDI conference in Philadelphia on  June 21, 2018.

Congratulations to Alin Deutsch for receiving the 2018 Alberto O. Mendelzon PODS Test-of-Time Award for his 2008 paper “The Chase Revisited“, co-authored with the late Alan Nash and Jeff Remmel.  The award ceremony took place at the SIGMOD/PODS conference in Houston on Monday, June 11, 2018.

Actor and activist George Takei visited UC San Diego on April 26 to deliver the DeWitt Higgs Memorial lecture, presented by the Council of Provosts of the Undergraduate Colleges at UC San Diego.  The openly gay Takei has long been a passionate advocate for social justice, an outspoken supporter of human right issues, and a community activist.  Sothyrak Srey, the current Alan Turing Memorial Scholarship recipient, and CNS Co-Director, George Porter, had an opportunity to meet and talk about the Turing scholarship with George Takei and his husband, Brad Takei, at a pre-lecture reception.  Special thank you to Earl Warren College for this opportunity.

Related Article: The Guardian, UCSD

CNS/CSE Postdoctoral Researcher, Max Mellette, and Graduate Student, Ariana Mirian, talk about their current research at CSE.  These six videos are the first to be featured in a series called “We Are CSE.”  Max, working with Professor George Porter, discusses how his research focuses on using optical switching to improve the scalability, power consumption, and cost of data center networks.  Ariana, advised by Professors Geoff Voelker and Stefan Savage, discusses her work and interest in improving internet security and her focus on the intersection of usable security and empirical analysis.  Their videos are being featured on the UCSD Computer Science Channel.  https://www.uctv.tv/computer-science/we-are-cse/

The CNS Espresso Prize for Excellence in Networking was awarded by Professor Alex C. Snoeren to UCSD undergraduate student Christian Chung for his outstanding final project in CSE 123 (2017 fall quarter).

Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practice of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.

Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.

The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123, Alex C. Snoeren, based upon criteria set by him for the given final project assigned each year.

Previous Recipients of the CNS Espresso Prize for Excellence in Networking:

 

2017 Undergraduate recipient: Yihan Zhang
2016 Undergraduate recipient: Conner Johnston
2014 Undergraduate recipient: Aaron Yip Ming Wong
2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
2013 Undergraduate recipient: Jacob Maskiewicz
2013 Graduate recipient: Vidya Kirupanidhi

CSE Bits n’ Bytes
Premiere Date: 12/15/2017; 5 minutes

A quick look at an innovative computer science class from the UC San Diego Department of Computer Science and Engineering that gives first year students hands-on experience in designing, building and programming their own robots. (#31796)

Computer scientists have built and successfully tested a tool designed to detect when websites are hacked by monitoring the activity of email accounts associated with them. The researchers were surprised to find that almost 1 percent of the websites they tested had suffered a data breach during their 18-month study period, regardless of how big the companies’ reach and audience are.

“No one is above this—companies or nation states— it’s going to happen; it’s just a question of when,” said Alex C. Snoeren, the paper’s senior author and a professor of computer science at the Jacobs School of Engineering at the University of California San Diego.

One percent might not seem like much. But given that there are over a billion sites on the Internet, this means tens of millions of websites could be breached every year, said Joe DeBlasio, one of Snoeren’s Ph.D. students and the paper’s first author. Even scarier, the researchers found that popular sites were just as likely to be hacked as unpopular ones. This means that out of the top-1000 most visited sites on the Internet, ten are likely to be hacked every year.

“One percent of the really big shops getting owned is terrifying,” DeBlasio said.

The team of researchers at UC San Diego presented the tool in November at the ACM Internet Measurement Conference in London.

The concept behind the tool, called Tripwire, is relatively simple. DeBlasio created a bot that registers and creates accounts on a large number of websites—around 2,300 were included in their study. Each account is associated with a unique email address. The tool was designed to use the same password for the email account and the website account associated with that email. Researchers then waited to see if an outside party used the password to access the email account. This would indicate that the website’s account information had been leaked.

To make sure that the breach was related to hacked websites and not the email provider or their own infrastructure, researchers set up a control group. It consisted of more than 100,000 email accounts they created with the same email provider used in the study. But computer scientists did not use the addresses to register on websites. None of these email accounts were accessed by hackers.

In the end, researchers determined 19 websites had been hacked, including a well-known American startup with more than 45 million active customers.

Once the accounts were breached, researchers got in touch with the sites’ security teams to warn them of the breaches. They exchanged emails and phone calls. “I was heartened that the big sites we interacted with took us seriously,” Snoeren said.

Yet none of the websites chose to disclose to their customers the breach the researchers had uncovered. “I was somewhat surprised no one acted on our results,” Snoeren said.

The researchers decided not to name the companies in their study.

“The reality is that these companies didn’t volunteer to be part of this study,” Snoeren said. “By doing this, we’ve opened them up to huge financial and legal exposure. So we decided to put the onus on them to disclose.”

Interestingly, very few of the breached accounts were used to send spam once they became vulnerable. Instead, the hackers usually just monitored email traffic. DeBlasio speculates that the hackers were monitoring emails to harvest valuable information, such as bank and credit card accounts.

Researchers went a step further. They created at least two accounts per website. One account had an “easy” password—strings of seven-character words with their first letter capitalized and followed by a single digit. These kinds of passwords are usually the first passwords that hackers will guess. The other account had a “hard” password—random 10-character strings of numbers and letters, both in lower and upper case, without special characters.

Seeing which of the two accounts got breached allowed researchers to make a good guess about how websites store passwords. If both the easy and hard passwords were hacked, the website likely just stores passwords in plain text, contrary to typically-followed best practice. If only the account using the easy password was breached, the sites likely used a more sophisticated method for password storage: an algorithm that turns passwords into a random string of data—with random information added to those strings.

The computer scientists had a few pieces of advice for Internet users: don’t reuse passwords; use a password manager; and ask yourself how much you really need to disclose online.

“Websites ask for a lot of information,” Snoeren said. “Why do they need to know your mother’s real maiden name and the name of your dog?”

DeBlasio was less optimistic that these precautions would work.

“The truth of the matter is that your information is going to get out; and you’re not going to know that it got out,” he said.

Snoeren and colleagues are not planning to pursue further research on Tripwire.

“We hope to have impact through companies picking it up and using it themselves,” he said. “Any major email provider can provide this service.”

 

For the first time, a delegation of faculty and students from the University of California San Diego attended the annual Out in Science, Technology, Engineering and Mathematics (oSTEM) National Conference. The four-day conference took place November 16-19 in Chicago, IL.

Over 800 attendees participated in the 7th oSTEM conference to discuss topics and challenges faced by members of the LGBT+ community in STEM fields (including computer science), and to celebrate the community and help ensure student success in school – and when those students start looking for a job.

The national event coincided with the inaugural year of the new oSTEM Chapter at UC San Diego. Financial support from sponsors allowed the new chapter to send five undergraduate students to the conference: Kayla Ortiz, Terry Worlikar, Joyce (Jun) Lor, Sothyrak (Tee) Srey, and Hasan Al-Jamaly.

“Being part of the conference was an exhilarating experience that opened my eyes to a community I never knew existed,” said Computer Science junior Hasan Al-Jamaly. “More importantly, it’s a community I truly belong to and feel part of.” Other attendees also reinforced the importance of solidarity with other oSTEM participants as an integral part of their experience at the conference.

Two UC San Diego faculty members accompanied the student delegation to Chicago: Computer Science and Engineering (CSE) professor Arun Kumar, and Mathematics professor Daniel Rogalski. UC San Diego faculty participation in the conference was made possible by campus units: CSE in the case of professor Kumar, and the Office of the Dean of Physical Sciences in the case of professor Rogalski.

The new oSTEM chapter at UC San Diego also benefited from support provided by corporate sponsors Northrop Grumman, Boeing and Door of Clubs (a startup that matches college clubs with potential partners in industry). Funding from UC San Diego academic units came from the Jacobs School of Engineering, Division of Biological Sciences, and Division of Physical Sciences. Aid was also forthcoming from the national oSTEM organization.

The conference featured an extensive span of corporate site tours, workshops, research presentations, networking opportunities, and a career and graduate student expo where oSTEM students could meet with potential future employers. In addition to sponsors Northrop Grumman and Boeing, organizations with booths this year included NASA, Raytheon, Google, Genentech, Accenture, Lockheed Martin, and the nonprofit Human Rights Campaign. A number of elite graduate programs also had booths, including Columbia Engineering, John Hopkins, Cornell Engineering, UC Berkeley, University of Michigan, New York University, Purdue, and Georgia Tech.

Topics on the agenda ranged from “Ending Police Violence with Artificial Intelligence,” “An Introduction to Leadership: Motivating People to Believe and Achieve,” community breakouts featuring Queer/Pan/Ace/Middle Sexualities, Faith, Trans/Non-Binary, as well as panels such as “It’s Okay to Not Be Okay: Managing Your Mental Health,” and “Dear White People: Intersection of Race/Ethnicity & LGBTQIA Identity.”

During the conference, oSTEM also organized a Chapter Leadership Summit to discuss the fundamentals of executive board management, an issue that pervades many student organizations. A major topic at this year’s summit was the open-mindedness necessary to run an infant organization, as well as effective planning and project management tools based on setting goals that are specific, measurable, attainable, relevant, and timely.

Computer Science senior Sothyrak (Tee) Srey – current holder of the Center for Networked Systems (CNS) Alan Turing Memorial Scholarship at UCSD – participated in the summit. “This is our first official year and our first time attending the oSTEM National Conference, and I was really hoping to leave the conference with concrete ideas that I could implement as an officer,” said Srey, Secretary of the oSTEM chapter at UC San Diego. “After hearing from other chapters, I feel a sense of relief because of how well our chapter is doing so far. We typically draw about 30 people to oSTEM meetings at UC San Diego, which is roughly similar to the number of active participants at longer-established oSTEM chapters around the country. This shows that we are making an impact in LGBT visibility on campus.”

According to CSE professor Arun Kumar, more UC San Diego LGBT+ faculty would benefit from establishing a community similar to the students’ oSTEM chapter on campus. “There was almost no other faculty from computer science at the national conference this year,” noted Kumar. “An organized network of LGBT+ faculty could promote useful community-building within academia.”

Looking ahead to the 2018 8th oSTEMnational conference, which will take place in Texas, the UC San Diego chapter is planning to send more students and faculty than they did this year.

Professors Kumar and Rogalski leveraged their presence at oSTEM 2017 to collect relevant information from staff and students from other schools with booths or other presence at the conference — information that could guide UC San Diego as it ramps up its presence at the 2018 conference. CSE’s Kumar believes UC San Diego should be able to join the ranks of graduate schools with booths at theoSTEM expo next year in Texas. A UC San Diego booth would particularly focus on recruiting future graduate students in STEM topics from among the ranks of oSTEM’s (mostly) undergraduate student delegates. (Assuming that support is forthcoming from graduate schools and divisions at UC San Diego, the oSTEM chapter would staff a booth to hand out graduate-school materials and represent the graduate divisions and schools to encourage greater diversity throughout UC San Diego.)

“Overall, UC San Diego’s participation in its first oSTEM national conference was a great success,” added student Tee Srey. “It proved to be beneficial in enabling our oSTEM chapter’s ability to continue building community – and enabling our members to succeed.”

The growing presence of UC San Diego at future oSTEM events reflects the greater awareness on campus of the need to attract and retain a diverse student body, especially in technology and the sciences. Last June a 2017 report by College Choice named UC San Diego the 9^th best public university in the U.S. for LGBTQ students, and 19^th among all public and private universities for LGBTQ students.

7^th Annual oSTEM National Conference 
UC San Diego oSTEM Chapter on Facebook

At the 24th ACM Conference on Computer and Communications Security (CCS 2017) in early November, University of California San Diego professor Hovav Shacham was recognized for a paper he presented 10 years earlier that introduced the field of “return-oriented programming.”

The CCS Test-of-Time Award this year went to Shacham’s CCS 2007 paper for its lasting impact on security research and practice during the past decade. The CCS awards committee chose just one paper out of the 55 that appeared at CCS 2007, and Shacham was the sole author on that paper. Accordingly, the Computer Science professor is the only recipient of this year’s award.

Applications running on a computer keep track of what task they are performing and what tasks they are to perform next in a region of memory called the stack. Programming errors in these applications often allow the stack to be overwritten, confusing the application and causing it to misbehave or crash. Worse, an attacker who carefully crafts malicious input can confuse the application into running code he injects. Fixing all bugs in all applications is a hopeless task, so systems designers have devised defenses that rule out such code-injection attacks, by distinguishing “good” application code from attacker-introduced code. Since attackers must inject new code to achieve their ends, the thinking goes, ruling out the introduction of new code rules out attacks.”

Security researchers working in industry had developed techniques that allowed them to exploit buggy programs and cause them to undertake certain “bad” behavior even in the presence of defenses against code injection. Shacham’s paper* unified and generalized these exploit techniques under the rubric of what he jokingly called “return-oriented programming.” A return-oriented attack doesn’t introduce any new code. Instead, it makes use of short snippets of the original, “good” program’s code. The attacker combines these snippets in clever ways that allow him to synthesize any behavior he desires from them. “An analogy to return-oriented programming is a kidnapper who puts together a ransom note with letters cut from magazine headlines,” said Shacham. “With all 26 letters gathered (and a photocopier), he can compose any message he wishes.”

Using return-oriented programming, the attacker puts together a set of building blocks from which he can synthesize any desired behavior. (Such a set is said to be “Turing-complete.”)

Shacham’s techniques (and his jokey name for them) have stuck, both in academia and in industry. Shacham’s paper has been cited more than 900 times. Where his original work considered only Intel’s x86 family of processors, researchers have since extended Return-Oriented Programming (ROP) to other popular processors, including the ARM processors that power nearly all smartphones. A 2014 Microsoft report (see Microsoft Security Intelligence Report, Volume 16) found return-oriented techniques used in more than 90% of exploits targeting Microsoft products. Microsoft, Intel, and ARM have all announced new security mechanisms in their products specifically to mitigate the threat of return-oriented programming.

“The Test-of-Time Award is the most significant honor we bestow on a paper because it is not simply a reflection that a piece of research was strong and well-received, but that a decade later it has had significant impact on the field,” said CSE professor Stefan Savage, who directs the Center for Networked Systems (CNS), in which Shacham in a member. “Hovav’s work on Return-Oriented Programming is an exemplar for such awards, because with one paper he made us all revisit our assumptions about what makes systems secure and the questions he posed in that work are still vibrant today. Moreover, this impact has not only been in academia, but Hovav’s ideas have
become a deep part of how real-world offense and defense is waged in computer security as well.”

The 2017 conference took place in Dallas, TX, from October 30 to November 3. Shacham accepted the Test-of-Time Award during the conference’s banquet and awards ceremony on November 1. CCS is the flagship annual conference of the Special Interest Group on Security, Audit and Control (SIGSAC) of the Association for Computing Machinery (ACM).

Shacham did much of his research on the award-winning paper while a postdoctoral researcher at Israel’s Weizmann Institute of Science in 2006 and 2007, but he completed and presented the paper at CCS after joining the UC San Diego faculty in fall 2007.

That same year, he also participated in California’s “Top-to-Bottom” security review of the voting machines certified for use by the state’s then-Secretary of State, Debra Bowen. Shacham was part of the team reviewing Hart InterCivic source code, and the report he co-authored was cited by Bowen in her ultimate decision to withdraw approval for use of the Hart voting machines in California elections.

Shacham earned his Ph.D. in computer science in 2005 from Stanford University. His doctoral dissertation was runner-up for the Computer Science Department’s Arthur L. Samuel Thesis Award.

As an advisor, Shacham’s two most-recent Ph.D. graduates went to work at Google (Wilson Lian) in 2016 and Apple (Keaton Mowery) in 2015. In 2012, his student Stephen Checkoway joined Johns Hopkins University as a research professor, and more recently joined the faculty at the University of Illinois at Chicago.

*Shacham, Hovav, “The Geometry of Innocent Flesh on the Bone: Return-into-libc Without Function Calls (on the x86).” In Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 552-561. ACM, 2007 DOI: 10.1145/1315245.1315313

CCS 2007 Shacham Paper
CCS 2017 Awards

CSE faculty-affiliate and alumna Kimberly (KC) Claffy (M.S. ‘91, Ph.D. ‘94) is the 2017 recipient of the prestigious Jonathan B. Postel Service Award. The Internet Society – a global non-profit dedicated to ensuring the open development, evolution and use of the Internet – called Claffy a “visionary in the field of Internet research.”

Claffy was selected by an international award committee comprised of former Postel Award winners. The committee places particular emphasis on candidates who have supported and enabled others in addition to their own contributions. In selecting Claffy for the honor, the committee cited her “pioneering work on Internet measurement through the development of infrastructure and methodologies for data collection, analysis, and sharing around the world.”

The Internet Society presented the award, including a $20,000 honorarium and a crystal engraved globe, on November 10 at the 100th meeting of the Internet Engineering Task Force (IETF), held in Singapore all this week.

Claffy is the director and founder (in 1997) of the Center for Applied Internet Data Analysis (CAIDA), and a resident research scientist in the San Diego Supercomputer Center (SDSC) where CAIDA is based. Claffy is also a member of the Center for Networked Systems (CNS).

Her research interests span Internet topology, routing, security, economics, future Internet architectures and policy. Notably, Claffy is a pioneer in the field of measuring and understanding the Internet, not only through her research contributions, but her commitment to establishing and operating infrastructure to support large-scale data collection, curation, and sharing within the scientific research community.

Claffy was selected for the Postel Award by an international award committee comprised of former Postel Award winners. The committee placed particular emphasis on candidates who have supported and enabled others in addition to their own contributions.

The first of Claffy’s many papers on Internet traffic measurement and analysis was published in 1992, years before the Internet transitioned to the global, private sector-led network it is today. Since then, she has published dozens of papers and received numerous grants and awards for her work. In 1997, Claffy founded CAIDA as a center to conduct network research and build research infrastructure to handle large-scale data for the scientific research community.

“Simply put, Dr. Claffy’s long-standing and pioneering work has helped the global community better understand the Internet and how it is used,” explained Kathy Brown, President and CEO of the Internet Society, who presented the award. “In addition to leading the way in the field of Internet measurement and analysis itself, her dedication of resources to ensure widespread access to measurement data has allowed a range of disciplines -from network science and network operations to political science and public policy- to benefit from her efforts.”

In a profile of Claffy issued at the time of the award announcement, the scientist told the Internet Society that she hopes the past few decades of Internet development are miniscule when compared to where we are going. “I want to make the world safe for Internet science,” Claffy said. “The American people need better data – to understand what the Internet is, how it’s connected, and how data is being used.”

The Postel Award was established by the Internet Society to honor individuals or organizations that have made outstanding contributions to the data communications community. The award is focused on sustained and substantial technical contributions, service to the community, and leadership.

Jonathan B. Postel Service Award
Profile of KC Claffy
CAIDA
Kimberly Claffy Homepage

CSE alumna Ayse Coskun (Ph.D. ’09) is back in Southern California on Monday, November 13 accepting an award from the Council on Electronic Design Automation (CEDA).  The 2017 IEEE CEDA Ernest S. Kuh Early Career Award will be given to Coskun during the opening session in Irvine of the 36th International Conference on Computer Aided Design (ICCAD), the premier conference devoted to technical innovations in electronic design automation (EDA).

IBM and the University of California San Diego have announced a multi-year project to enhance quality of life and independence for aging populations through the new Artificial Intelligence for Healthy Living Center (AIHL), located on the campus of UC San Diego. The groundbreaking center will bring together the technology, artificial intelligence (AI) and life sciences knowledge of IBM and UC San Diego to promote critical research and applications in two thematic areas: Healthy Aging and the Human Microbiome.

Four co-directors of the AIHL Center are drawn from both IBM Research and UC San Diego. At UC San Diego, the overall center will be led by CSE/CNS professor Tajana Rosing, holder of the Fratamico Endowed Chair in the Computer Science and Engineering department, and Rob Knight, a Pediatrics and CSE faculty member and Director of the UC San Diego Center for Microbiome Innovation. IBM researchers Ruoyi Zhou and Ho-Cheol Kim will co-direct AIHL activities at the company..

The projects on Healthy Aging and the Human Microbiome will be jointly led by faculty experts in the respective fields.  The  leaders of the Healthy Aging project are Virginia de Sa, a professor in Cognitive Science, and CSE professor Laurel Riek. The Human Microbiome theme will be led by three UC San Diego faculty members: CSE and Pediatrics professor Rob Knight, CSE professor Larry Smarr (who also directs the Qualcomm Institute’s parent  institute, the California Institute for Telecommunications and Information Technology, or Calit2), as well as Sandrine Miller-Montgomery, a Jacobs School of Engineering faculty member and executive director of the Center for Microbiome Innovation.

As part of the IBM-UC San Diego partnership, IBM will also join the UC San Diego Center for Microbiome Innovation as a platinum sponsor.

The new collaboration is part of the IBM Cognitive Horizons Network, an international consortium of leading universities working with IBM to develop technologies needed to help fulfill the promise of artificial intelligence (AI). According to the National Institute on Aging, cognitive health—the ability to clearly think, learn and remember—is an important component of brain health.

“This is a very prestigious relationship for UC San Diego, the first university on the West Coast to collaborate with the IBM Cognitive Horizons Network,” said Chancellor Pradeep K. Khosla. “Our campus, one of the top 15 research universities in the world, is home to changemakers whose innovation will help advance cognitive wellness to make a difference in our lives.”

The collaborative research initiative will use AI to comb through massive amounts of data to enable healthier living. Funds will be used to support faculty research; trainee stipends including opportunities for UC San Diego graduate and undergraduate students; administrative support; equipment; and corporate affiliation.

“We’re committed to collaborating with the best minds in academia to inspire the next generation of scientists by providing access to leading-edge AI tools and expertise to solve real problems that impact human lives,” said Dr. John Kelly III, IBM senior vice president, Cognitive Solutions and IBM Research. “This new collaboration with UC San Diego is the latest example of how we’re executing on this AI vision — and we are thrilled to bring our global AI research resources to Southern California to engage the wealth of local talent.”

The overall goals of the project are to develop and evaluate a cognitive framework for a supportive living environment that facilitates older adults to live independently longer and have a higher quality of life, and to discover and better understand the health implications of the human microbiome. During the project, the team anticipates that machine learning algorithms for sensing, understanding, modeling, personalizing and informing will be developed, with consideration to human-centered design, and testing in real world environments.

This initiative will bring together the campus’ top researchers in computer science, cognitive science, engineering and medicine, including psychiatry. A list of participating faculty can be found here.

Over the course of five years this project plans to, for the first time, study in depth the impact that a combination of daily habits, the environment, genetics and the microbiome have on the cognition of older adults. The project expects to model the subtle changes of aging, and will deploy personalized interventions via robots that help support wellness. The ultimate goal is to enable older adults to live independently longer and have a higher quality of life.

Through training experiences centered on the thematic areas, undergraduates, graduate students, postdoctoral scholars and project scientists will be positioned to gain knowledge, experience and expertise in these new and important areas of IBM advancement. Hands-on research experience with UC San Diego and IBM scientists is planned and will be complemented by jointly taught classes and seminars, as well as showcase opportunities for trainee and faculty projects.

Related Links:

http://research.ibm.com/cognitive-computing/cognitive-horizons-network/#partnerships
http://www.sandiegouniontribune.com/news/science/sd-me-ucsd-ibm-20170914-story.html

Stefan Savage, a renowned cybersecurity expert and professor of computer science at the University of California San Diego, has been awarded a fellowship by the MacArthur Foundation. Perhaps better known as the MacArthur “genius” award, the prestigious no-strings attached five-year fellowship awards a total of $625,000 to each recipient.

The award recognizes individuals whose work has demonstrated exceptional creativity; promise for important future advances based on a track record of significant accomplishments; and potential for the fellowship to facilitate subsequent creative work.

Savage is being recognized for “identifying and addressing the technological, economic and social vulnerabilities underlying internet security challenges and cybercrime.”

“This award recognizes the creative and innovative research Stefan has been conducting since he joined the faculty here at UC San Diego 17 years ago,” said Chancellor Pradeep K. Khosla. “His work has had a tremendous impact on disrupting cybercriminal networks and on raising awareness about how vulnerable cars can be to cybersecurity threats.  Stefan exemplifies UC San Diego’s culture of innovation that is positively impacting our global society.”

Savage has been on the faculty of the UC San Diego Jacobs School of Engineering since 2000. He is a professor in the Department of Computer Science and Engineering and has held the Irwin Mark and Joan Klein Jacobs Chair in Information and Computer Science since 2016.

He found out that he received the award in a somewhat unusual way. The MacArthur Foundation had been trying to reach him by phone repeatedly. But Savage had not picked up because he didn’t recognize the number the calls were coming from. Ever the security expert, he eventually looked up the number and found that it was associated with the foundation. He called back. He then had to prove who he was before foundation representatives gave him the good news.

“I was in total shock,” he said in a phone interview. At this point, he hasn’t formulated a plan to spend the funds, he added.

“It’s wonderful to see Stefan Savage being recognized for his boundary breaking research. Stefan is an outstanding scholar, teacher and mentor. In addition, he embraces the hard work necessary to ensure that his teams’ security research makes real and lasting impacts on society,” said Albert P. Pisano, dean of the Jacobs School of Engineering.

The award recognizes three major research directions that have driven Savage’s work in the past two decades: understanding how cars are vulnerable to hacking; investigating the world of cybercrime and its economics; and creating new strategies to defend against malware.

Cybersecurity in cars

In 2010, Savage and colleagues were the first to demonstrate the ability to hack an automobile remotely—including taking control over the engine and brakes and monitoring conversations taking place within the car. In addition to working with car manufacturers to mitigate the immediate security threats, Savage and collaborators have also investigated how the idiosyncrasies of the automobile sector’s supply chains give rise to compromised car software—and make it harder to fix that software. Savage has advocated for better regulation of Internet-connected devices in cars, in order to create built-in defenses against hacking within these systems. Since then, the growing prevalence of physical “smart” devices in our lives has made network cybersecurity an increasingly urgent priority.

The economics of cybercrime

Savage is the lead researcher on a five-year, $10 million grant from the National Science Foundation to map out illicit activities taking place in the cybersecurity underworld and to understand how the mind of a cybercriminal works.

“Fighting cyber threats requires more than just understanding technologies and the risks they’re associated with; it requires understanding human nature,” Savage explained when the grant was awarded in 2012. “At its heart, cybersecurity is a human issue. It’s about conflict, and computers are merely the medium where this conflict takes place.”

He and colleagues were able to identify a critical bottleneck for spam email campaigns and online counterfeit goods transactions: only a few banks accept the credit card transactions necessary for these online ventures to monetize their activities. These findings allowed the drug and credit card companies to disrupt the business models of several counterfeit drug rings to such an extent that they collapsed.

Defenses against malware and distributed denial of service attacks

Denial-of-service attacks disable servers linked to the Internet by overloading them with messages, which usually contain false source addresses (“spoofing”) to conceal the location of the attacker. UC San Diego researchers, including Savage and fellow computer science professor Geoff Voelker, were early pioneers in studying this phenomenon. They used key features of those forged signatures to detect and track the attacks.

A 2001 study co-authored by Savage and Voelker with then Ph.D. student David Moore found that some attacks flooded their targets with “instantaneous loads” peaking at 600,000 message packets per second – crippling the infrastructure. This remains a current problem, as these attacks have crippled even the likes of Google and Amazon in recent years, topping at a reported 1.1 terabits per second in 2016. The 2001 study’s relevance today was demonstrated when it received the 2017 USENIX Security Test of Time Award this summer.

In addition, to impede the spread of fast-acting worms, which can quickly compromise an entire computer network, Savage, colleagues and students devised a method for automatically measuring unusual data patterns and identifying worm signatures (or recurring strings of code) across a network.

Savage received a bachelor’s degree in history from Carnegie Mellon University in 1991 and a Ph.D. from the University of Washington in 2002. He is part both of the Systems and Networking Group and the Security Group in the Department of Computer Science and Engineering at the UC San Diego Jacobs School of Engineering.

Savage has published more than 100 peer-reviewed journal and conference papers in the wide-ranging areas of the economics of e-crime, characterizing availability, automotive systems, routing protocols, and data center virtualization.

A Sloan Fellow, Savage is a recipient of the ACM Prize in Computing and ACM SIGOPS Mark Weiser Award. The latter is given annually to an individual who has demonstrated creativity and innovation in operating systems research. Savage is also co-director of the Center for Networked Systems at UC San Diego.

His Ph.D. students have gone on to work at prestigious academic institutions and Silicon Valley companies, including New York University, University College London, Google and Facebook.

Previous recipients of the MacArthur fellowship currently on the UC San Diego faculty are: Dean of the Division of Social Sciences Carol Padden, anthropology professor Guillermo Algaze, philosophy professor Nancy Cartwright and pharmacology professor Kun-Liang Guan. In addition, a number of emeritus faculty also have received the award in the past.

Original Publication: UC San Diego, Jacobs School of Engineering

Los Angeles Times

MacArthur Foundation video with Stefan Savage

Stefan Savage faculty website

 

 

 

 

Sothyrak (Tee) Srey’s voice fills with excitement when he recalls the day he learned he had been awarded the Alan Turing Memorial Scholarship.

“I woke up, saw the email, and couldn’t believe it,” he says. “I immediately called my mom. It was so exciting. I never thought I would be the one to earn such an award.”

Originally from Cambodia, Srey enrolled at San Diego Mesa College before transferring to UC San Diego to study computer science. He describes his first year at the La Jolla campus as equally difficult and amazing. He lost confidence when he no longer maintained the 4.0 GPA that he held in community college, but was elated to land his first internship. Balancing work and classes was stressful, but he met new friends and colleagues who motivated him. Best of all, Srey found a community where he was able to just be himself.

“In Cambodia, the LGBT community is not visible. I could not be ‘out,’” he says. “When I got to UC San Diego, I wanted to be part of creating a safe and supportive community. I joined oSTEM, an organization for LBGTQ students in STEM, which has been a really positive experience. I want to show students that their sexual identity shouldn’t prevent them from achieving their goals and being successful.”

The Center for Networked Systems (CNS) at UC San Diego established the Alan Turing Memorial Scholarship in 2015 to encourage a more diverse community in computer science education and research. The award honors the memory of Alan Turing, the mathematician and cryptanalyst who founded the field of computer science. During World War II, he devised the techniques that led to breaking codes produced by Germany’s Enigma machine—a breakthrough credited with accelerating the Allied victory by more than a year. After the war, he was persecuted for being gay. He died by his own hand in 1954.

“Alan Turing is a giant in the pantheon of computer science pioneers and his story is both tragic and inspirational,” said computer science professor George Porter, associate director of CNS. “Our center wants to engage, support and recognize diverse communities in line with UC San Diego’s strategic plan, and naming the scholarship after Turing affirms our belief in the importance and future contributions that LGBT-supportive students will make to computer science and engineering.”

Srey is the second student to receive the scholarship. Last year, Valeria Gonzalez became the inaugural recipient. A third year transfer student majoring in computer engineering, Gonzalez says the award provided much more than financial support.

“It was really impactful to receive an award that recognizes the presence of LGBTQ folks in STEM communities,” Gonzalez said. “Computer science draws people from all different backgrounds, and I think it’s so important to demonstrate inclusivity and be supportive of students, especially those whose identities are often challenged and invalidated. Having people with different backgrounds, talents and perspectives will only make our field stronger and provide folks an environment where they can reach their full potential.”

Srey echoes this sentiment, and adds that the scholarship has given him greater confidence to pursue his goals. Ultimately, he wants to return to Cambodia and start a nonprofit that teaches underprivileged children to code. He also hopes to empower the LGBT community in Cambodia, building a safe space for LGBT youths.

“It’s an honor to be recognized with an award named for Alan Turing. He had such a big impact on computer science and we can only imagine what more he would have contributed to the field had he not been persecuted for his identity,” said Srey. “The scholarship has motivated me to work even harder. I believe I can use my knowledge to really make an impact.”

The Alan Turing Memorial Scholarship is open to undergraduates majoring in computer science or computer engineering who are active supporters of the LGBT community. The scholarship is awarded to students based on academic merit, with preference for students with demonstrated financial need.

The Center for Networked Systems, an interdisciplinary computer science research center at UC San Diego, established the scholarship with gifts from the center’s annual giving fund. The center is now looking for additional philanthropic support to create an endowment, which would enable the scholarship to be awarded in perpetuity.

For more information about supporting the Alan Turing Memorial Scholarship, call 858-534-8305 or email jduca@ucsd.edu; donations can also be made online.

All gifts contribute to the Campaign for UC San Diego.

Also posted here: Thisweek@ucsandiego  

 

The 26th USENIX Security Symposium took place Aug. 16-18 in Vancouver, Canada, and security researchers in the CSE department were well represented on the conference program.  Ph.D. students Craig Disselkoen, David Kohlbrenner, Zhaomo Yang and Brian Johannesmeyer had papers on the program, together with CSE faculty including Leo Porter, Dean Tullsen, Hovav Shacham, Sorin Lerner and research scientist Kirill Levchenko.

The three CSE papers on the program and abstracts for each are included below (with links to full papers):

Prime+Abort: A Timer-Free High-Precision L3 Cache Attack Using Intel TSX, by Craig Disselkoen, David Kohlbrenner, Leo Porter, and Dean Tullsen.

Last-Level Cache (LLC) attacks typically exploit timing side channels in hardware, and thus rely heavily on timers for their operation. Many proposed defenses against such side-channel attacks capitalize on this reliance. This paper presents PRIME+ABORT, a new cache attack which bypasses these defenses by not depending on timers for its function. Instead of a timing side channel, PRIME+ABORT leverages the Intel TSX hardware widely available in both server- and consumer-grade processors. This work shows that PRIME+ABORT is not only invulnerable to important classes of defenses, it also outperforms state-of-the-art LLC PRIME+PROBE attacks in both accuracy and efficiency, having a maximum detection speed (in events per second) 3× higher than LLC PRIME+PROBE on Intel’s Skylake architecture while producing fewer false positives.

On the Effectiveness of Mitigations against Floating-Point Timing Channels, by David Kohlbrenner and Hovav Shacham.

The duration of floating-point instructions is a known timing side channel that has been used to break Same-Origin Policy (SOP) privacy on Mozilla Firefox and the Fuzz differentially private database. Several defenses have been proposed to mitigate these attacks. We present detailed benchmarking of floating-point performance for various operations based on operand values. We identify families of values that induce slow and fast paths beyond the classes (normal, subnormal, etc.) considered in previous work, and note that different processors exhibit different timing behavior. We evaluate the efficacy of the defenses deployed (or not) in Web browsers to floating-point side channel attacks on SVG filters. We find that Google Chrome, Mozilla Firefox, and Apple’s Safari have insufficiently addressed the floating-point side channel, and we present attacks for each that extract pixel data cross-origin on most platforms. We evaluate the vector-operation based defensive mechanism proposed at USENIX Security 2016 by Rane, Lin and Tiwari and find that it only reduces, it does not eliminate, the floating-point side channel signal. Together, these measurements and attacks cause us to conclude that floating point is simply too variable to use in a timing security-sensitive context.

Dead Store Elimination (Still) Considered Harmful, by Zhaomo Yang, Brian Johannesmeyer, Sorin Lerner and Kirill Levchenko (and Aalborg University’s Anders Trier Olesen).

Dead store elimination is a widely used compiler optimization that reduces code size and improves performance. However, it can also remove seemingly useless memory writes that the programmer intended to clear sensitive data after its last use. Security-savvy developers have long been aware of this phenomenon and have devised ways to prevent the compiler from eliminating these data scrubbing operations.
In this paper, we survey the set of techniques found in the wild that are intended to prevent data-scrubbing operations from being removed during dead store elimination. We evaluated the effectiveness and availability of each technique and found that some fail to protect data-scrubbing writes. We also examined eleven open source security projects to determine whether their specific memory scrubbing function was effective and whether it was used consistently. We found four of the eleven projects using flawed scrubbing techniques that may fail to scrub sensitive data and an additional four projects not using their scrubbing function consistently. We address the problem of dead store elimination removing scrubbing operations with a compiler-based approach by adding a new option to an LLVM-based compiler that retains scrubbing operations. We also synthesized existing techniques to develop a best-of-breed scrubbing function and are making it available to developers.

CSE professor Deian Stefan was also at USENIX Security. He chaired a session on “Side-Channel Countermeasures” on the first day of the conference.

USENIX Security Symposium 2017

Organizers of the 23rd ACM Special Interest Group on Knowledge Discovery and Data Mining (SIGKDD) just wrapped up their five-day annual conference, which ended on August 17 in Halifax, Nova Scotia, Canada. One of the highest-profile presentations was a paper with co-authors from UC Berkeley, UC San Diego and New York University, in which they outlined automated approaches to detecting human traffickers based on analysis of their online classified sex advertisements.

The computer scientists argue that the sheer quantity of online classified sex advertising used by human traffickers “makes manual exploration and analysis unscalable,” especially with thousands of new ads posted daily. It’s also difficult to separate ads for independent sex workers from ads for a victim of sex trafficking.  The paper notes that “almost no work has been done in building tools that can automatically process and classify these ads.” So the team focused on developing and demonstrating automatic techniques for clustering sex ads by owner (on the assumption that individual ads for a single sex worker would be less likely to be placed by a trafficker, whose ads more often offer the services of multiple sex workers).

 

Denial of service attacks (DoS) have crippled even the likes of Google and Amazon in recent years, topping at a reported 1.1 terabits per second in 2016. But they were a relatively unexplored phenomenon in the year 2000, when three computer scientists from the University of California San Diego set out to find out how prevalent they were.

Their research and resulting academic paper won the Best Paper award when it was presented at the 10^th USENIX Security Symposium in 2001. At the time, the study provided the only publicly available data quantifying DoS activity on the Internet. Now, 16 years later, that same paper – “Inferring Internet Denial-of-Service Activity” – has received the 2017 USENIX Security Test of Time Award.

The award was announced today at the opening session of USENIX Security 2017 in Vancouver, Canada. UC San Diego Computer Science and Engineering (CSE) professor Geoffrey M. Voelker accepted the award on behalf of his co-authors, fellow CSE professor Stefan Savage, and their former Ph.D. student David Moore (C.Phil. ’05), who went on to track Internet activity as a project scientist at CAIDA, the Center for Applied Internet Data Analysis.  Moore has worked at Google since 2012.

“Test of Time awards are important because they single out research that has a lasting impact despite the rapid change we’ve witnessed in the computing field,” said Dean Tullsen, chair of the CSE department at UC San Diego. “Stefan Savage and Geoff Voelker have done continuously groundbreaking work in cybersecurity for almost two decades, and this award underscores the department’s well-deserved reputation for innovation in areas including security as well as systems and networking.”

 

The Test of Time award recognizes outstanding work in security research that has had a lasting impact on the community. To qualify, a paper must have been presented at a USENIX conference at least 10 years earlier.

Denial-of-service attacks disable servers linked to the Internet by overloading them with messages, which usually contain false source addresses (“spoofing”) to conceal the location of the attacker. The UC San Diego researchers used key features of those forged signatures to detect and track the attacks. The study found that some attacks flooded their targets with “instantaneous loads” peaking at 600,000 message packets per second – crippling the infrastructure.

“Quantifying the problem was always meant to be the first step toward stopping or at least curbing attacks of this kind,” recalled UC San Diego’s Savage, who co-directs the Center for Networked Systems (CNS) at UC San Diego. “Our 2001 study helped network engineers understand the nature of recent attacks and to study long-term trends and recurring patterns of attacks.”  On Thursday, Savage will appear on a panel to discuss distributed denial-of-service attacks.

In the 2001 paper, the co-authors also developed a novel technique to cut through the clutter of Internet data. Called “backscatter analysis,” the technique involves observing packets from machines that fall victim to DoS attacks by sending responses to the forged IP addresses. By observing these backscatter packets at a statistically significant portion of IP addresses, backscatter analysis can quantify the scope of a DoS attack.

For their study, Moore, Voelker and Savage looked at three week-long datasets in February 2001 to assess the number, duration and focus of attacks, and to characterize their behavior. In the space of one week, they observed more than 12,000 attacks against more than 5,000 distinct targets, ranging from well-known e-commerce companies such as Amazon, to small foreign Internet Service Providers (ISPs) and – remember, this is 16 years ago – dial-up connections. “At the time,” said Voelker, “our work was the only publically available data quantifying denial-of-service activity in the Internet.”

The technique produced an estimate of worldwide malicious DoS activity – with approximately 4,000 sites experiencing DoS attacks weekly (as of 2000), and over 12,000 attacks over three weeks.

The 2001 study also was among the first to use the quantitative data to characterize the victims of DoS attacks, which seem almost quaint in retrospect. “Only five percent of attacks targeted infrastructure such as routers and name servers,” explained Voelker. “There were a few very large attacks against broadband, and up to 20 percent of attacks were targeted at home machines – evidence that minor DoS attacks were used for personal vendettas.”

The CSE department at UC San Diego is no stranger to winning Test of Time awards handed out by USENIX at a few of its major conferences.  Already in 2017, CSE professor George Porter shared in the Test of Time award at the USENIX Symposium on Networked Systems Design and Implementation (NSDI) for “X-Trace: A Pervasive Network Tracing Framework”, originally published at NSDI 2007. And in 2016, former CSE professor Amin Vahdat and his co-authors received the NSDI Test of Time award for a paper presented at NSDI 2006.

The 26^th USENIX Security Symposium takes place Aug. 16 to 18 in Vancouver, Canada. UC San Diego’s CSE department is well represented on the conference program. Faculty including Leo Porter, Dean Tullsen, Hovav Shacham, Sorin Lerner and research scientist Kirill Levchenko have papers on the program:

• Prime+Abort: A Timer-Free High-Precision L3 Cache Attack Using Intel TSX , by Craig Disselkoen, David Kohlbrenner, Leo Porter, and Dean Tullsen
• On the Effectiveness of Mitigations against Floating-Point Timing Channels , by David Kohlbrenner and Hovav Shacham
• Dead Store Elimination (Still) Considered Harmful , by Zhaomo Yang, Brian Johannesmeyer, Sorin Lerner and Kirill Levchenko (and Aalborg University’s Anders Trier Olesen)

CSE professor Deian Stefan will chair a session on “Side-Channel Countermeasures” on the first day of the conference.

Related Links

2001 Paper: Inferring Internet Denial-of-Service Activity 
USENIX Security Symposium 2017

 

 

 

CSE alumnus Zachary Tatlock (Ph.D. ’14) is now a professor of computer science at the University of Washington. In an article about “hacker-proof coding” in the August issue of Communications of the ACM, the publication notes that as Tatlock was finishing up his dissertation at UC San Diego, the then-Ph.D. candidate gave a talk at UW about his thesis research on program verification (under his advisor, Sorin Lerner). The lead engineer for the UW medical center’s radiotherapy team was in the audience and asked Tatlock how they could apply verification to that system.

Recalling the event three years later, Tatlock reckons that the question “probably helped me get hired.” He joined UW shortly after and has continued to work with the medical center. In the case of the radiotherapy system, he noted that because the system was written in a variety of languages, different techniques had to be deployed to verify the software in its entirety.

According to Esther Shein, who wrote the CACM article, “The system has about a dozen components, each with different levels of criticality.” She quotes Tatlock saying that “software for logging an event, for example, is not as critical as software that verifies the beam power has not become too high. What we want to be able to do is ensure the reliability of all pieces. We want to make sure there are no bugs that can affect the parts that are critical.”

The medical center wanted to prevent software errors that might prove fatal, given that the radiotherapy system “shoots high-powered radiation beams into the heads of patients to treat cancers of the tongue and esophagus,” writes Shein. To check its heaviest-duty components, the medical center uses DeepSpec principles, which are costly and time-consuming because they require highly-trained technicians to prove they’re functioning correctly.

To assess less-critical parts of the system, the medical center uses “lighter-weight, less powerful techniques to ensure the correctness,” said Tatlock. “So the guarantees for those parts aren’t as strong, but it’s a better engineering trade-off.”

The CACM article goes on to note that Tatlock and colleagues have built a suite of tools the engineers use in their regular development process. “They include a checker that allows them to formally describe the entire radiotherapy system to a computer and ensure the key components are individually correct. The researchers are now working on building verified replacements for those parts of the system.” The system is also checked daily. “We want to make sure the code written by the engineers on that team will correctly turn off the beam if anything goes wrong,” Tatlock told the publication. “The work is similar to DeepSpec’s; it just emphasizes a different degree of automation.”

 

$25,253,505. That is the best estimate to date of how much money was paid by victims of ransomware attacks in the past two years in order to unlock their computer disks and get their data back. As a result, ransomware – malware  that encrypts victims’ data and demands a payoff in exchange for the key to unlock the data – “has become one of the largest cybercrime revenue sources,” according to Google presenters at Black Hat USA 2017 conference in Las Vegas this week.

Participants in the study on “Tracking Ransomware End to End” included researchers from UC San Diego, New York University (NYU), and the blockchain analysis firm Chainalysis. (Blockchain is the public, decentralized ledger of transactions in Bitcoin, the cryptocurrency most widely used to settle ransomware demands.)

Rather than produce an academic paper first, the team opted to make a splash at the conference with a presentation to get the word out. The presenter: Google’s Kylie McRoberts.  Now in its 20^th year, Black Hat is the world’s leading information security event series.

The UC San Diego participant in the study, Computer Science and Engineering (CSE) Ph.D. candidate Danny Yuxing Huang, is also affiliated with the Center for Networked Systems (CNS). “We study the economics of operating ransomware: from maintaining infrastructure, generating revenue, to getting victims to pay,” noted Huang, adding that “our goals are to understand the business model of ransomware, and estimate their revenue and potential profitability.”

Huang tracked bitcoins that moved from potential victims to ransomware, and from ransomware to exchanges (as possible liquidation). “By masquerading as a part of the ransomware infrastructure,” explained Huang, “I also gathered statistics on infected computers, such as the number of infections over time, and the geographical distribution of infected machines.”

 

Google’s other university collaborator was Damon McCoy, a former postdoctoral scientist in CSE at UC San Diego from 2009 to 2011, who is now an assistant professor of computer science in NYU’s Tandon School of Engineering.

Together, the researchers investigated 300,000 files from 34 different types of ransomware and tracked payments on the blockchain to analyze the scale and the amount of money paid by victims.

In the presentation, Google’s McRoberts reported that search queries for the term “ransomware” have increased by 877 percent since 2016, the first year when ransomware became a multi-million-dollar business (see chart).

Of the $25 million in payments by Internet users to get their data back, some ransomware attacks generated more revenue than others. Only a fraction of the total was paid by victims of the widely publicized WannaCry ransomware in 2017, despite – or because of – the extensive damage it caused.  Developed originally by the U.S. National Security Agency (NSA), WannaCry crippled hospitals (including Britain’s National Health Service), communications providers and some 10,000 other organizations as well as an estimated 200,000 individuals in more than 150 countries.  Even so, payouts in response to WannaCry topped out at $140,000 – making it only the 11^th-largest ransomware to date in terms of victim payouts. The Google presenter dubbed WannaCry an “impostor,” saying it should really be classified as “wipeware.” The study found that victims learned early on that the malware effectively wiped out the data because the software was unable to later unlock the victim’s computer even if the ransom was paid. The study noted that a variant on WannaCry called NotPetya was also wipeware, for the same reason, but also concluded that “wipeware pretending to be ransomware is on the rise.”

Less publicized ransom demands launched in 2016, on the other hand, generated far more income for the attackers than WannaCry, notably the Locky ($7.8 million to date) and Cerber ($6.9 million) ransomware attacks.

Locky was the first ransomware to make over $1 million per month. It has largely run its course, but left its mark on the criminal marketplace because it brought “ransoms to the masses”, according to the presentation at Blackhat USA. “Locky’s big advantage was the decoupling of the people who maintain the ransomware from the people who are infecting machines,” said NYU professor McCoy. “Locky just focused on building the malware and support infrastructure. Then they had other botnets spread and distribute the malware, which were much better at that end of the business.”

The same botnet that distributed Locky now also distributes Cerber and other ransomware built on Locky’s model. Cerber continues to rake in roughly $200,000 a month in ransom, as it has for more than a year, buoyed by its creation of an affiliate model that is “taking the world by storm,” noted Google.

According to the study, victims of all ransomware paid ransom by purchasing Bitcoins on at least 10 exchanges. The single largest market, LocalBitcoins.com, had 37% of the market in the two-year period.

The $25 million number in the new study reflects total ransomware payouts by victims. It is unclear, however, how much of the money made it back to the original authors of that ransomware.

UC San Diego contributor Danny Huang is nearing completion of his Ph.D. under advisors Alex Snoeren and research scientist Kirill Levchenko. He is scheduled to mount the final defense of his dissertation at the end of August.

Related Links

UC San Diego Economics of Ransomware Website 
Presentation: Tracking Desktop Ransomware Payments (PDF)

As of early July, 15 Computer Science and Engineering (CSE) Ph.D. candidates affiliated with the Center for Networked Systems (CNS) have graduated or are expected to graduate in the academic year from October 2016 through September 2017. Unlike last year, when half the Ph.D. graduates went to work for Google, there is much more variety in their waiting employers this year. Here’s a recap of this year’s CNS graduating Ph.D. class (in reverse chronological order), starting with three students tentatively scheduled to defend their doctoral dissertations between now and the end of August as members of the Ph.D. “Class of ’17”.

Yuxing (Danny) Huang (Ph.D. ’17) is interviewing for postdoc positions as he puts finishing touches to his dissertation. His final defense is scheduled for August 31 before his co-advisors Alex Snoeren and Kirill Levchenko, who co-chair his faculty committee. Huang uses economics to study malicious behaviors on the Internet, including the economics of a wide variety of ransomware to better understand victims and how many of them pay in response to ransom demands. Huang received his B.A. in Computer Science from Williams College in 2011, the same year he enrolled in the Ph.D. program at UC San Diego. He did back-to-back summer internships at Google in 2014 and 2015.

On August 28, Tianyin Xu (Ph.D. ’17) will defend his dissertation on hardening cloud and datacenter systems against configuration errors, but he already has a great job lined up. He will become an assistant professor of Computer Science next January at the University of Illinois at Urbana-Champaign (UIUC), where he accepted a tenure=track appointment pending completion of his Ph.D. Xu’s advisor, YY Zhou, taught at UIUC for seven years before joining the UC San Diego faculty (and CNS) in 2009. For his part, Xu’s research focuses on the reliability and security of computer systems, and in particular, large-scale software systems deployed in the cloud and in datacenters. In 2017 Xu received CSE’s Doctoral Award for Research, and last November he received the Jay Lepreau Best Paper Award at the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2016) for his paper on “Early Detection of Configuration Errors to Reduce Failure Damage.” In 2013 and 2016, Xu presented at CNS Research Reviews, and he did summer internships in 2013 and 2015 at former CNS member company NetApp.

This fall, Eric Seidel (M.S., Ph.D. ’16, ’17) will join Bloomberg LP in New York after defending his Ph.D. dissertation on August 2. His research interests include programming languages, data and ubiquitous computing. As a graduate research assistant in the lab of his advisor Ranjit Jhala, Seidel built a tool to synthesize counter-examples to type errors. The tool performs type-checking along with execution, and produces trace demonstrating of how a program gets stuck. Seidel also worked on a refinement type-based verifier for Haskell. Together with Jhala and recent CNS and CSE alumna Niki Vazou, Seidel implemented an efficient testing framework using refinement types to prune the input search space. Seidel received a B.S. in Computer Science from the City College of New York in 2012.

In addition to the three Ph.D. candidates preparing for their all-important dissertation defenses in August, 12 other researchers in CNS-affiliated labs have already completed and defended their dissertations as of July for the 2016-2017 academic year.

Panagiotis Vekris (M.S., Ph.D. ’14, ’17) is joining Facebook after completing his final defense on July 7 of his Ph.D. dissertation on “Precise Type Checking for JavaScript.” His doctoral committee includes three CNS faculty members (advisor Ranjit Jhala as well as Sorin Lerner and Yannis Papakonstantinou). Vekris arrived at UC San Diego in 2011 from Greece, where he did his undergraduate degree at the National Technical University of Athens. In graduate school, he focused on programming languages, program analysis as well as verification and type systems. With JavaScript’s rapid growth and presence as one of the main technologies powering the Internet, testing is a valuable ally, but it falls short with respect to program coverage and formal correctness guarantees. In his thesis, Vekris proposes static type-based analysis. “Our goals are early bug detection, code intelligence for editors, and verifying specifications,” explains Vekris.

Yanqin Jin (Ph.D. ’17) worked in the Non-Volatile Systems Laboratory under his advisor, Steven Swanson. His research interests include storage system design and implementation with modern storage technologies, as well as database and filesystem optimization for modern storage devices (including solid-state drives). Jin’s dissertation focused on “Modernizing Storage Device Interface for Performance and Reliability,” and his faculty committee was co-chaired by Swanson and co-advisor Yannis Papakonstantinou. His advisors also co-authored (with Jin as first author) a paper on key-addressable multi-log solid-state drives (KAML), which he presented at the 2017 IEEE Symposium on High Performance Computer Architecture (HPCA 2017). Early in graduate school, Jin did three summer internships with leading technology companies: Twitter (2012), Oracle (2011) and Microsoft (2010). The Microsoft internship took place in Beijing immediately Jin completed his undergraduate degree at China’s Tsinghua University.

Yashar Asgarieh (Ph.D. ’17) now works at NVIDIA after completing his Ph.D. under advisor Bill Lin. His dissertation explored “Making the On-Chip World Smaller with Low-Latency On-Chip Networks”. With the proliferation of cores since the first dual-core processor, embedded multi-cores today can have over 100 cores. Asgarieh focused on how to improve on the state-of-the-art shared Network on Chip (NoC) as the best way to connect cores. His solution: to “make the on-chip world appear smaller by providing extremely low-latency networks that can make faraway resources appear much closer.” While in grad school, Asgarieh did summer internships at Facebook and the Embedded Systems Lab at EPFL in Lausanne, Switzerland. Asgarieh did his undergraduate degree and M.Sc. in Computer Engineering at the Iran University of Science and Technology and Sharif University of Technology, respectively.

Alan Leung (M.S., Ph.D. ’13, ’17) developed novel algorithms and implementations in the areas of compiler design, program analysis, program verification and program synthesis. Under advisor Sorin Lerner, Leung successfully defended his dissertation on “Constructing Parsers by Example via Interactive Program Synthesis.” In his thesis, Leung argued that “it is possible to make parsing more accessible by combining interactive visual feedback with the programming-by-example paradigm.” Prior to UC San Diego, Leung spent five years as a microprocessor design engineer at Intel, where he designed cache memory systems for two generations of Itanium microprocessors that successfully went to market. Leung did his undergraduate degree at Cornell University.

Xinxin Jin (Ph.D. ‘17) is working for Whova, the event-app startup founded by her advisor, YY Zhou, who also ran the Opera operating systems lab where Jin did research in software / hardware reliability, operating systems and mobile computing. Jin wrote her dissertation on “Tooling and Language Support for Robust and Easy Network Programming of Mobile Applications.” “I build infrastructure and mobile apps to make them run reliably and faster,” says Jin. “My mission is to revolutionize event networking and management via technology.” Jin likes the atmosphere and size of a startup, so instead of applying for a faculty position, she opted to stay with Whova. She could also have applied to a large technology company (like Microsoft, where she did a summer internship in 2015), but according to advisor YY Zhou, “Xinxin feels more comfortable in an entrepreneurial environment.” Prior to arriving at UC San Diego in 2011, Jin completed her M.S. from Peking University in 2011 and a B.S. from the Beijing University of Posts and Telecommunications in 2008.

In February, Daniel Ricketts (Ph.D. ’17) defended his dissertation on “Verification of Sampled-Data Systems using Coq” (a proof assistant). His advisor, Sorin Lerner, chaired the dissertation committee, which included fellow CNS member Ranjit Jhala. Following completion of his Ph.D., Ricketts joined Oracle as a software engineer in the greater Seattle area. His goal: to apply formal verification to practical problems in industry. At UC San Diego Ricketts did research on formal verification of cyber-physical systems using the Coq proof assistant. As a graduate student, Ricketts worked on the VeriDrone project, which involved a formal verification process to ensure safety of quadcopter software.

Michael Wei (M.S., Ph.D. ’12, ’17) is now a postdoctoral researcher at VMware, where he previously did an internship during graduate school. Wei is a past recipient of NSF Graduate Research Fellowships (in 2011 and 2012) and he pursued research in embedded systems, non-volatile systems, computer architecture, security, and energy. Prior to completing his Ph.D, Wei worked on reliably erasing solid-state disks (SSDs) under his advisor, Steven Swanson. In his dissertation on “Corfu: A Platform for Scalable Consistency,” Wei made the case for why the proposed Corfu platform simplifies development without sacrificing performance. “Consistency and scalability are often seen to be at odds with one another,” explained Wei, “and many popular data stores have traded consistency for scalability as part of a movement known as NoSQL… [which] makes writing reliable, feature-rich distributed applications much more difficult.” In addition to Swanson, Wei’s Ph.D. committee included other CNS member faculty, including George Porter, Alex Snoeren, and Geoffrey Voelker.

Pietro Mercati (Ph.D. ’17) is now a research scientist at Intel Corp. He completed his Ph.D. under advisor Tajana Rosing, with a dissertation on “Power, Thermal, Reliability and Variability Management of Mobile Devices.” In it, Mercati proposed the design and implementation of a novel unified framework for the comprehensive dynamic management of power, temperature reliability and variability in mobile systems subject to user experience requirements. As Mercati outlined in his thesis, the proposed strategy meets user experience requirements while extending battery lifetimes by at least 25 percent and achieving up to 35 percent savings in power consumption at the device level (and up to 100 percent improved performance on cluster architectures). Mercati completed his Master’s and Bachelor’s degrees at the University of Bologna (Italy) prior to arriving at UC San Diego in 2013.

Yang (Robert) Liu (Ph.D. ’17) is a principal engineer for R&D engineering at Western Digital. He did his dissertation on “Systems and Algorithm Support for Efficient Heterogeneous Computing with GPUs” under advisor Steven Swanson. Liu worked for Swanson in the Non-Volatile Systems Laboratory (NVSL). Liu’s research explored the design space in next-generation storage systems, while rethinking the interface between software and hardware in computer systems (e.g., improving the performance of the MapReduce framework by applying new hardware and better scheduling). Liu also worked previously with CNS member YY Zhou on software reliability, and did a summer internship at Broadcom. Prior to UC San Diego, he earned his B.S. and M.S. degrees from China’s Beihang University and Tsinghua University, respectively.

Of all the Ph.D. graduates affiliated with CNS this year, only three completed their dissertation defense and other requirements by the end of December, thus allowing them to put 2016 as their graduating year on their CVs. They included:

Meenakshi Sundaram Bhaskaran (M.S., Ph.D. ’12, ’16) also worked in NVSL under his advisor, Steven Swanson. He completed the degree in Computer Engineering in December 2016 with a dissertation on “Micro-Architecture and Systems Support for Emerging Non-Volatile Memories.” In it, Bhaskaran proposed “Non-Blocking Load (NBLD), an instruction set extension to mitigate pipeline stalls from long-latency memory accesses… NBLD triggers the execution of application-specific code once data is resident in the cache, effectively hiding the latency of memory.” Prior to UC San Diego, Bhaskaran was an engineer at SanDisk India in Bangalore, after completing his undergraduate degree at Anna University (also in India).

Niki Vazou (Ph.D. ’16) is now a postdoctoral fellow at the University of Maryland in the Programming Language group after completing her Ph.D. last December. Her research continues to focus on designing usable program verifiers that can be integrated into standard software development. Her dissertation under advisor Ranjit Jhala, “Liquid Haskell: Haskell as a Theorem Prover”, drew on expertise in static program verification, type systems, type inference, abstract interpretation, functional programming, Haskell, Liquid Types and more. In it, Vazou presented LiquidHaskell, a usable, static formal verifier for Haskell programs, which she used to verify more than 10,000 lines of real-world Haskell programs. As Vazou noted in her abstract, “LiquidHaskell serves as a prototype verifier in a future where formal techniques will be used to facilitate, instead of hinder, software development.” In 2015 Vazou received the CSE Graduate Award for Research. The previous year, she won a Microsoft Graduate Research Fellowship (after doing two internships at Microsoft Research facilities in Washington State and at Cambridge in Britain). In 2016 Vazou did a summer internship at Awake Networks in Mountain View, CA, where she used LiquidHaskell to verify correctness on Awake’s production code base.

Ming Woo-Kawaguchi (B.S., M.S., Ph.D. ’05, ’08, ‘16) is a postdoctoral research fellow at Harvard University. He completed his Ph.D. in late 2016 after having done most of his work as a graduate student researcher in the Programming Systems group in CSE from 2005 to 2012. From 2014 to 2016 Woo-Kawaguchi was on the technical staff of the Draper Laboratory near Boston before he decided to complete his Ph.D. Under advisor Ranjit Jhala, Woo-Kawaguchi did his dissertation on “High-Level Liquid Types ,” in which he proposed “several augmentations of the Liquid Types method of automatic program verification for uniformly describing high-level specifications and for verifying that source doe is correct with respect to such specifications.” In addition to Jhala, two other CNS members – Sorin Lerner and Geoffrey Voelker – sat on the five-person committee that quizzed Woo-Kawaguchi in his belated but final defense of his dissertation last October.

Related Links

CNS Graduating Students in 2015-2016

For female students in particular, attending the annual Grace Hopper Celebration of Women in Computing can be a critical launching pad for careers in computer science in either academia or private industry. For that reason, UC San Diego’s Center for Networked Systems (CNS) provides funding each year to help defray the cost of attending the Grace Hopper Celebration for one or two deserving women who represent the next generation of female computer scientists who want to play leadership roles in helping other women make it in computer science.

Looking ahead to the 2017 conference Oct. 4-6 in Orlando, FL, CNS has picked two deserving students to receive this year’s CNS Grace Hopper Travel Grants. Both Ariana Mirian and Stephanie Chen are graduate students: Chen is working on her M.S. in Computer Science with a focus on Machine Learning, and Mirian is a Ph.D. student co-advised by CNS Director Stefan Savage and CSE Professor Geoffrey Voelker.

Ariana Mirian is the incoming president of the Graduate Women in Computing (GradWiC) group at UC San Diego for the 2017-2018 academic year (taking over as president from Ailie Fraser). She also received an award for Contributions to Diversity, which she accepted recently at the CSE Departmental Awards Ceremony. Mirian is going into her second year of the Ph.D. program, with research interests in security and privacy, notably at the intersection of empirically-based measurement and usable security. In addition to CNS, she is also affiliated with the Center for Evidence-based Security Research (led by her advisor Stefan Savage) as well as the Systems and Networking group and the Crypto and Security group. Mirian completed her undergraduate degree in computer science at the University of Michigan.

Stephanie Chen is the outgoing Vice President of GradWiC. During the spring quarter, Stephanie Chen was head teaching assistant for Professor Bill Griswold’s course on Software Engineering (CSE 110). This summer she is doing a software engineering internship at Intuit in San Diego, where she serves as a back-end developer on Intuit’s Data Science Decision Engine team. Last summer, Chen interned at SPAWAR Systems Center, also in San Diego. She completed B.A. (Environmental Economics) and B.S. (Business Administration) degrees from UC Berkeley. Chen subsequently worked for Google for four years, primarily for its YouTube unit, before enrolling in UC San Diego to earn a computer science degree (which she expects to complete in the fall or winter quarter).

Both students will be part of a large delegation of UC San Diego faculty and students, most of them from the Computer Science and Engineering department, including many who have made a point of attending the Grace Hopper event several years runnning.

Travel Grant recipients Chen and Mirian will report back to CNS colleagues after the conference.
Related Links

2017 Grace Hopper Celebration of Women in Computing

When he graduated from China’s Nanjing University, Tianyin Xu was turned down by 24 graduate schools in the United States. The following year he applied and was accepted into the Ph.D. program at the University of California San Diego. Now, almost six years later, Xu is finishing his Ph.D. this summer, and top-notch schools were competing to offer the soon-to-be alumnus a tenure-track faculty position.  In the end, Xu received five offers and accepted the one from the University of Illinois at Urbana-Champaign (UIUC), which he’ll join as an assistant professor next January in the Department of Computer Science.

“I loved all the schools that made offers, which made the decision-making process excruciating,” observed CSE Ph.D. candidate Xu. “In the end, I had to follow my gut.” While he had offers from Pennsylvania State, UC Santa Cruz, UC Santa Barbara and Canada’s University of Waterloo, Xu selected UIUC partly because his advisor, CSE Prof. Yuanyuan (YY) Zhou, taught there for seven years before joining the UC San Diego faculty in 2009.

“Many of the senior students in Professor Zhou’s group had previously studied at UIUC,” added Xu, “and they have helped me tremendously in my graduate studies. All of them spoke highly of the Illinois program.” Xu also thinks that UIUC had more confidence in his abilities because he had worked so closely with his “rock star advisor.” “I believe part of the reason UIUC made me the offer is that Professor Zhou was so successful and truly respected there, and all of the faculty I met during the hiring process held her in very high esteem.”

“I am very proud of him,” observed Zhou, who holds the Qualcomm Endowed Chair in Mobile Systems in the Jacobs School of Engineering. “Tianyin Xu is joining an elite group of recent graduates from our operating systems group, including five of them who took tenure-track faculty positions at top schools.” Those professors include UC San Diego CSE alumnus Ryan Huang (Ph.D. ’16), who becomes an assistant professor of computer science at Johns Hopkins University this July after doing a postdoc at Microsoft Research.

“All of them are doing extremely well,” added Zhou, “so they have paved the way for Xu and hopefully future Ph.D. graduates from our program who want to make careers in academia.”

UIUC may also have been attracted to Xu’s research into reliability and security of computer systems, including the reliability of large-scale software systems deployed in the cloud and in datacenters. “My Ph.D. work focuses on tackling one dominant cause of cloud and datacenter failures in the real world – configuration errors,” said Xu. “These errors are notoriously fatal and hard to deal with using traditional fault-tolerance techniques. Currently we lack neat techniques that can work with these gigantic systems to prevent catastrophic failures, so research in this area is critically important and in demand.”

Hardening cloud and datacenter systems against configuration errors is the topic of Xu’s doctoral dissertation, which he expects to defend in early August.

Xu received CSE’s 2017 Doctoral Award for Research at the end of the academic year. Among other honors, last November he received the Jay Lepreau Best Paper Award at the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2016) for his paper on “Early Detection of Configuration Errors to Reduce Failure Damage.”  Xu was first author on that paper as well as another in May 2017, which he presented to the 35th Conference on Human Factors in Computing Systems (CHI 2017). The topic: “How Do System Administrators Resolve Access-Denied Issues in the Real World.”  Xu has also presented at research reviews of UC San Diego’s Center for Networked Systems (CNS) in 2016 and 2013, and he did summer research internships in 2013 and 2015 at NetApp, Inc., where he researched storage products and observed system users.

Xu has been a teaching assistant in both graduate and undergraduate courses at UC San Diego, serving a variety of CSE faculty including his advisor as well as Geoffrey Voelker, Leo Porter, Stefan Savage, Mohan Paturi and Sanjoy Dasgupta. In the three most recent courses he TA’d, Xu happily notes that he finished with recommendations from 98.6 percent of students (75 percent with “strong” recommendations). In his teaching statement intended for the universities where he interviewed for faculty jobs, Xu said one of his primary goals was to stress relevance as the key to engaging students in learning. “I strive to relate OS concepts to real-world, everyday problems beyond OS kernels,” he explained. “I talk about how Google manages resources and schedules jobs at a massive scale, how Spark drives its huge success based on the disk-memory trade-off, and why Android does not swap but kills app processes when running out of memory. Students enjoy such discussions and become more engaged.” At UIUC, Xu expects to teach operating systems and software engineering, and he plans to incorporate interactive and hands-on projects along with regular coursework.

Prior to starting the Ph.D. program at UC San Diego, from 2003 to 2010, Xu studied Computer Science at Nanjing University, where he completed B.S. and M.S. degrees..

With his faculty job search now over, Xu is particularly thankful to the many people in CSE who provided help, support and encouragement throughout the “exhausting and sometimes frustrating” process. “Professor Voelker revised every single slide of my job talk and gave me countless tips and advice, while professors Savage and Victor Vianu did mock interviews with me,” recalled Xu. “Professors Sorin Lerner, Philip Guo, Alex Snoeren, Aaron Schuman and Bill Griswold and others helped me with my job talk or allowed me to practice delivering my talk in their research seminars, while professors Zhou, Voelker, Savage and Scott Klemmer wrote recommendation letters for me.”

“Above all, I owe much to my advisor, Professor Zhou,” stressed Xu. “She believed in a student who had been rejected by most of the schools he applied to for graduate school, and transformed him into a Ph.D. candidate capable of receiving faculty offers from major schools and computer-science programs.”

Related Links

Tianyin Xu Website 
OSDI 2016 Best Paper 
Computer Science and Engineering

 

CSE professor Geoffrey M. Voelker teaches CSE 125 each spring, The course on “Software System Design and Implementation” gave 32 seniors an opportunity to showcase everything they learned in the past four years. Nominally, the course is a 10-week project to build a large, complex, distributed software system with real-time constraints. Specifically, the teams of six or seven students spend the quarter building a distributed, real-time, 3D multiplayer game (hence the popular reference to CSE 125 as being “the videogame course”). Each final team demonstration doubles as the team members’ final exams.

As finals week was winding down for most CSE students, nearly 200 people showed up on Friday, June 9, to see how much the five teams were able to achieve in the 2017 edition of CSE 125. All of the teams completed the assignment, with varying but largely impressive results. In one case, the demo had to be without accompanying audio because of a last-minute glitch in moving the game to a demo computer in the Qualcomm Institute auditorium in Atkinson Hall. For each demo, at least two players were picked at random from the audience to play against members of the game’s development team. All four players for each demo were positioned at workstations set up on the stage of the auditorium, with video of the game displayed on the big screen above the players — and streamed in real time over the Internet. [Editor’s note: An archived version of the video stream is now available for on-demand viewing here .]

The seven members of Team 9hack Studios produced a game called “Sandma” (originally “Dungeon Party”). Kavin Srithongkham led the presentation, and his fellow team members included Ethan Chan, Daniel Lee, Richard Lin, Christiane Pham, Austin Puk and Joshua Tang. They divided into three teams: networking, graphics and artists. “We wanted to create a game that contains both the sense of exploration and discovery of dungeon crawlers, and the chaotic and competitive interactions of a party game,” said Srithongkham. Players compete with each other in mini games and use the points to collectively build a dungeon full of hazards and treasures. The goal is then to move across the dungeon while avoiding the opponents’ obstacles. During the ‘build’ phase of the game, players place objects around the dungeon grid, but they cannot see where the other players place their objects. All players start with the same amount of gold, and the winner is whoever has the most gold at the end of the game. “The goal of the game is to balance using gold to buy obstacles and structures, and saving gold to win the game,” according to team members.

The ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2017) will get underway on June 19 in Barcelona, Spain. It’s a premier forum for all areas of programming language research, including design, implementation, theory and efficient use of languages.

CSE/CNS Prof. Sorin Lerner has had a hand in putting the program together as a member of the External Program Committee for PLDI 2017.

CSE/CNS Prof. Ranjit Jhala, whose research focuses on techniques for building reliable computer systems, sits on the External Review Committee for the 2017 conference. He is also co-organizing a Tutorial track on “Refinement Types for Program Verification and Synthesis”, jointly with recent CSE/CNS alumna Niki Vazou (Ph.D. ’16), now a postdoctoral researcher at the University of Maryland, and MIT postdoctoral researcher Nadia Polikarpova (who in March presented in the CSE Colloquium Lecture Series on Type-Driven Program Synthesis).

 

 

CSE had a major presence at this year’s ACM Special Interest Group on Management of Data (SIGMOD), the premier venue for research in data management. The 2017 meeting took place in mid-May in Chicago jointly with PODS, the premier international conference on the theoretical aspects of database systems. CSE/CNS Database Lab faculty Yannis Papakonstantinou, Alin Deutsch, Arun Kumar and postdoctoral researcher Yannis Katsis all served on the SIGMOD research track program committee, and Kumar was a judge for the inaugural SIGMOD Student Research Competition. (He also chaired a Research Track session on Versions and Incremental Maintenance.)

 

An international team of researchers has uncovered the mechanism that allowed Volkswagen to circumvent U.S. and European emission tests over at least six years before the Environmental Protection Agency put the company on notice in 2015 for violating the Clean Air Act. During a year-long investigation, researchers found code that allowed a car’s onboard computer to determine that the vehicle was undergoing an emissions test. The computer then activated the car’s emission-curbing systems, reducing the amount of pollutants emitted. Once the computer determined that the test was over, these systems were deactivated.

When the emissions curbing system wasn’t running, cars emitted up to 40 times the amount of nitrogen oxides allowed under EPA regulations.

The team, led by Kirill Levchenko, a computer scientist at the University of California San Diego presented their findings at the 38th IEEE Symposium on Security and Privacy in the San Francisco Bay Area on May 22 to 24, 2017.

“We were able to find the smoking gun,” Levchenko said. “We found the system and how it was used.”

Computer scientists obtained copies of the code running on Volkswagen onboard computers from the company’s own maintenance website and from forums run by car enthusiasts. The code was running on a wide range of models, including the Jetta, Golf and Passat, as well as Audi’s A and Q series.

“We found evidence of the fraud right there in public view,” Levchenko said.

During emissions standards tests, cars are placed on a chassis equipped with a dynamometer, which measures the power output of the engine. The vehicle follows a precisely defined speed profile that tries to mimic real driving on an urban route with frequent stops. The conditions of the test are both standardized and public. This essentially makes it possible for manufacturers to intentionally alter the behavior of their vehicles during the test cycle. The code found in Volkswagen vehicles checks for a number of conditions associated with a driving test, such as distance, speed and even the position of the wheel. If the conditions are met, the code directs the onboard computer to activate emissions curbing mechanism when those conditions were met.

A year-long investigation

UC San Diego Kirill Levchenko Computer scientist Kirill Levchenko led the research effort at UC San Diego.
It all started when computer scientists at Ruhr University, working with independent researcher Felix Domke, teamed up with Levchenko and the research group of computer science professor Stefan Savage at the Jacobs School of Engineering at UC San Diego.

Savage, Levchenko and their team have extensive experience analyzing embedded systems, such as cars’ onboard computers, known as Engine Control Units, for vulnerabilities. The team examined 900 versions of the code and found that 400 of those included information to circumvent emissions tests.

A specific piece of code was labeled as the “acoustic condition”—ostensibly, a way to control the sound the engine makes. But in reality, the label became a euphemism for conditions occurring during an emissions test. The code allowed for as many as 10 different profiles for potential tests. When the computer determined the car was undergoing a test, it activated emissions-curbing systems, which reduced the amount of nitrogen oxide emitted.

“The Volkswagen defeat device is arguably the most complex in automotive history,” Levchenko said.

Researchers found a less sophisticated circumventing ploy for the Fiat 500X. That car’s onboard computer simply allows its emissions-curbing system to run for the first 26 minutes and 40 seconds after the engine starts— roughly the duration of many emissions tests.

Researchers note that for both Volkswagen and Fiat, the vehicles’ Engine Control Unit is manufactured by automotive component giant Robert Bosch. Car manufacturers then enable the code by entering specific parameters.

Diesel engines pose special challenges for automobile manufacturers because their combustion process produces more particulates and nitrogen oxides than gasoline engines. To curb emissions from these engines, the vehicle’s onboard computer must sometimes sacrifice performance or efficiency for compliance.

The study draws attention to the regulatory challenges of verifying software-controlled systems that may try to hide their behavior and calls for a new breed of techniques that work in an adversarial setting.

“Dynamometer testing is just not enough anymore,” Levchenko said.

“How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles”

Authors: Guo Li, Kirill Levchenko and Stefan Savage from UC San Diego; Moritz Contag, Andre Pawlowski and Thorsten Holz from Ruhr University; and independent researcher Felix Domke.

This work was supported by the European Research Council and by the U.S. National Science Foundation (NSF).

Related Links:

UCSD News

CSE Website

NPR KPBS

ARS Technica

 

UC San Diego computer science alumnus Matthew Der (Ph.D. ’15) was one of the few fresh graduates from the Computer Science and Engineering department who did not opt to work for a West Coast technology giant like Amazon, Microsoft, Facebook or Google (where he did two summer internships during graduate school). Instead, he returned home in September 2015 to the fast-growing RVA technology corridor (in Richmond, Virginia) to become a partner and Chief Technology Officer in Notch, a local tech consulting startup that was barely a year old.

“I love Richmond as a city and I am passionate about entrepreneurship and the technology community here,” said Der. “Part of Notch’s mission is to be a West Coast-caliber boutique tech consultancy in central Virginia. You don’t need to go to the Bay Area or NYC to find one.”

For the second year in a row, Notch was a finalist for the top Emerging Technology Business award given out by RichTech, an association of local technology businesses and tech professionals. Last year they came close, but at the 22nd annual Technology Awards show on May 10, Der and his colleagues were honored with the award for startups or small businesses demonstrating the ability to achieve commercial success.

Nearly 800 people attended the award ceremony at the Greater Richmond Convention Center.

Der credits his education in CSE for providing an important leg-up for success in any market. “It’s mostly the alignment of my expertise and the industry trend of artificial intelligence and machine learning,” explained Der. “Having a Ph.D. in machine learning is a big differentiator, especially in a mid-sized market. It immediately gave us street cred, sales material and conversation starters.”

As CTO, Der’s primary role is to oversee Notch’s data science and machine learning consulting. He is responsible for successful delivery of predictive solutions to Notch’s clients as well as internal training, and the company’s services are in strong demand from companies that need to use data more effectively to fuel business growth.

“In some sense we’re riding the AI wave with everyone else,” noted Der. “But we’ve found that while everyone is talking about the hype, many still don’t understand how their business can leverage AI to gain a competitive advantage.”

While in CSE Der focused on machine learning applications to security, and in particular, web page clustering and classification. He was involved in the AI, Systems and Networking as well as Security research groups under advisors Lawrence Saul, Geoff Voelker and Stefan Savage, and the Center for Networked Systems.

Learn more about Notch.

 

CSE and the Jacobs School of Engineering are celebrating two CSE professors who were awarded endowed chairs in the past year. The appointments of professors Tajana Rosing and Stefan Savage, both of whom are affiliated with the Center for Networked Systems (CNS), were previously announced, but now they will be honored at separate invitation-only receptions scheduled for May and June.

John J. and Susan M. Fratamico Endowed Chair

On Thursday, May 18 from 5:30-7:30PM, Jacobs School Dean Albert P. Pisano and CSE Chair Dean Tullsen will host a program and reception to celebrate CSE professor Tajana Rosing’s appointment to the John J. and Susan M. Fratamico Endowed Chair in the Jacobs School.

Rosing, who earned her Ph.D. from Stanford in 2001 while working at HP Labs, is the inaugural holder of the Fratamico chair, which was established in 2012. When the appointment was originally announced in September 2016, CSE’s Tullsen noted Rosing’s “creativity and approach to research [that] have had a deep impact on innovation in computer engineering.”

The computer engineering professor joined the CSE faculty in 2005. There, she established the System Energy Efficiency Lab (SEELab), which focuses on energy efficiency at many scales — from sensor nodes to data centers and from transport networks to power grids. Rosing’s research interests include embedded systems hardware and software design and the design of approximate and highly-efficient architectures. Currently Rosing works on efficient and distributed data collection, aggregation and processing in the context of Internet of Things applications, smart cities, wireless healthcare and the distributed Smart Grid for electricity.

Among her achievements, Rosing was able to optimize the design and operation of embedded systems to achieve 1,000 times more energy efficiency at the cost of a 10 percent inaccuracy (i.e., 10 percent error in computation). The real-world impact of her research has also stretched the battery life of smartphones and other electronic devices — and her work maximizes the quality of service in ‘smart’ servers while minimizing power consumption.

Irwin Mark and Joan Klein Jacobs Chair in Information and Computer Science

On Wednesday, June 7 from 5:30-7:30PM, Jacobs School Dean Pisano and CSE Chair Tullsen will host a reception to honor Savage, who holds the Irwin Mark and Joan Klein Jacobs Chair.in Information and Computer Science. The reception marks the first anniversary of Savage’s appointment to the chair in June 2016. The chair was newly empty following the retirement of CSE professor Ronald Graham, the previous holder of the Jacobs Chair.

The computer scientist – who co-directs CNS – joined the CSE faculty in 2000 in an acting capacity until he defended his dissertation at the University of Washington in 2002.

Much of Savage’s early research focused on operating systems. Already a Fellow of the ACM, he was honored again by ACM with its SIGOPS Mark Weiser Award in 2013. The award cited his “creativity and innovation in operating systems research.” The CSE professors other honors include the ACM-Infosys Foundation Award (2016) and a faculty research fellowship from the Alfred P. Sloan Foundation (2004).

Over time Savage expanded from operating systems and network security to cybersecurity, and he co-founded three research centers in the field: the Collaborative Center for Internet Epidemiology and Defense; the Center for Evidence-based Security Research; and the Center for Automotive Embedded Systems (to focus on security in the increasingly automated automotive sector).

Both programs and receptions will take place at the Calit2 Auditorium in Atkinson Hall. In addition to being CNS members, both Rosing and Savage are academic participants in Calit2’s Qualcomm Institute.

Related Links

Rosing Appointment to Fratamico Chair
Savage Appointment to Jacobs Chair
Tajana Rosing Website
Stefan Savage Website
Computer Science and Engineering

A partnership between computer scientists in the Center for Networked Systems (CNS) at UC San Diego and Google has allowed the search giant to reduce by 70 percent fraudulent business listings in Google Maps. The researchers worked together to analyze more than 100,000 fraudulent listings to determine how scammers had been able to avoid detection-albeit for a limited amount of time-and how they made money.

The team presented their findings at the 26th International Conference on the World Wide Web in Australia earlier this month.

The computer scientists identified what they describe as a “new form of blackhat search engine optimization that targets local listing services” such as Google Maps. They also describe how these scammers were able to make money.

“Location-based search is increasingly becoming the way people interact with online content-even if you’re not using a mapping application,” said Alex C. Snoeren, a professor in the Department of Computer Science and Engineering at UC San Diego and a senior author of the study.

For example, when people run a search on their mobile phone, the search engine uses their physical location as one of the inputs to decide which results to display, Snoeren explained.

The scammers take advantage of this by using fake locations to make it look like their business is in close proximity to the user doing the search. This was particularly true of on-call contractors, notably plumbers and locksmiths. Researchers found that 40 percent of all fake listings on Google Maps belong to that category.

“I might find seven listings for locksmiths in my neighborhood,” said Danny Huang, the paper’s first author and a Ph.D. student in computer science at the Jacobs School of Engineering at UC San Diego. “But in fact, none of those listings are real.”

In all, researchers found that 11 percent of overall search results for locksmiths were fraudulent. In New York, that percentage went up to 15.6 percent. And it went up to an astonishing 83.3 percent in West Harrison, New York.

Scammers are able to make money when they get called to help a user based on a fake listing. Scammers might quote a low price when called on the phone, only to charge a higher fee when they show up. They might not be licensed but get the business anyway.

In another scheme, scammers set up fake pins for real hotels or restaurants on Google Maps. They set up websites where customers make reservations, which are connected to the business’ real website or to a travel agency, which is not part of the scam. This allows scammers to make money either by getting a commission for each reservation or for referring traffic to the businesses’ real websites. The researchers found that roughly 13 percent of the fraudulent listings had real hotel and restaurant addresses, but were not created by these businesses.

All these fraud schemes were possible primarily because scammers found a way to get around Google’s verification process.

Businesses can register for Google Maps online for free. But before a listing goes live, Google sends a postcard with a verification code to the business’ address. The business inputs this verification code and the listing is then approved to go live.

Partly thanks to these measures, Google is able to detect 85 percent of fake listings before they even appear on Google Maps. The fake listings that make it past the verification process are taken down within an average of 8.6 days between creation and suspension.

Scammers got around verification requirements mainly by leasing PO boxes and using those addresses to receive their verification codes. They also added fake suite numbers to a specific address so Google wouldn’t get suspicious about a large number of businesses located at the same address. Researchers note that there are legitimate reasons for a large number of businesses to have the same address—big office buildings in Manhattan come to mind.

Researchers also noted that a large percent of fraudulent listings changed their address or the category they belonged to (from hotel to locksmith, for example) after verification.

To tamp down on abuse, Google has taken a number of measures, which the company details in a post on its research blog. Steps include: prohibiting bulk registration at most addresses; preventing businesses from changing their addresses to a location that is impossibly far from the original without additional verification; and detecting and ignoring intentionally mangled text in address fields designed to confuse Google’s algorithms. The company also fine-tuned its anti-spam machine learning systems to detect data discrepancies that are common in fake or deceptive listings.

The research was partially funded by a grant from the National Science Foundation.

________________________________
*D.Y. Huang, D. Grundman, K. Thomas, A. Kumar, E. Bursztein, K. Levchenko and A.C. Snoeren, “Pinning Down Abuse on Google Maps,” Proc. of the International Conference on World Wide Web (WWW), April 3-7, 2017, Perth, Australia.

Related Links

Paper: Pinning Down Abuse on Google Maps
KPBS News Article
CSE News
WWW 2017
Research at Google

 

Arun Kumar Works on Advanced Analytics at Intersection of Data Management and Machine Learning

On April 3, Computer Science and Engineering (CSE) assistant professor Arun Kumar began teaching his first undergraduate course since joining the UC San Diego faculty in 2016. CSE 190D covers topics in database system implementation, and it’s a hands-on, systems-focused course and the first at UC San Diego to teach the systems guts of a relational database management system (DBMS).

“Faculty in our Database group hope that this course will eventually be mainstreamed as 132C,” said Kumar. “It would complete a solid triad of database courses for undergraduates covering principles, applications and, finally, implementation.”

Kumar joined CSE after completing his Ph.D. at the University of Wisconsin-Madison last summer, with a focus on datamanagement and analytics. His research explores the intersection of data management and machine learning (ML), an area increasingly called advanced analytics. He also aims to create a pipeline of students coming into this burgeoning field – and the subject of the first graduate course he taught, CSE 291, during the winter quarter. “Advanced analytics is a brand-new field and companies require a lot of talent in this space,” he observed. “The dearth of engineers who understand machine learning is staggering, and a lot of companies are offering large salaries for people who understand software engineering, data systems and machine learning under the now-famous job title — data scientist.”

Advanced analytics is also the subject of a presentation Kumar will give for the Center for Networked Systems (CNS) on Tuesday, April 11 at 1pm in room 4140 of the CSE Building. His talk, “Democratizing Distributed Advanced Analytics,” will explore large-scale data analytics using statistical machine learning and how they are becoming increasingly critical for many data-driven applications.

“The data management, machine learning and systems communities are working on scalable and fast implementations of ML algorithms,” said Kumar. “However, several orthogonal bottlenecks in the end-to-end process of building and deploying ML models for data analytics have largely been ignored, leading to wasted resources and poor productivity of data scientists.”

CNS’s newest member will introduce three new projects to his audience and he hopes to solicit critical feedback. Kumar also foresees more collaborations with CNS and other CSE faculty. With CSE Prof. Kamalika Chaudhuri, he is already collaborating on the issue of differential privacy for machine learning. He is also working with two other CNS members: CSE Prof. Tajana Rosing, on understanding the tradeoffs facing machine-learning algorithms in the Internet of Things; and CSE Prof. Ranjit Jhala, on applying program analysis to bring new data-driven optimizations to advanced analytics codebases. As for other collaborators in CSE, Kumar is collaborating with CSE Prof. Lawrence Saul and fellow new hire, CSE Prof. Ndapa Nakashole, on using speech recognition to improve database usability.

“A couple of my upcoming projects will involve working on top of popular, distributed machine learning and data-processing systems such as Spark and TensorFlow to exploit the massive parallelism they offer for new abstractions that I create,” said Kumar. “I suspect this will eventually get me digging into the internals of these networked systems and perhaps optimizing them for the workloads that I care about. This could involve publishing with CNS co-authors, so becoming a member of the center seemed a no-brainer.”

Kumar wants to make it easier and faster to build and use ML algorithms to analyze large and complex datasets.  “My work over the next few years is going to focus on building tools, software and abstractions to make it easier to use machine learning in practice,” he predicted. “I want to do so from the perspective of the data scientist’s productivity, the runtime performance and research efficiency, as well as other issues such as privacy.”

Kumar notes that systems and ideas based on his dissertation and research at UW-Madison have been released as part of the MADlib open-source library, used internally by Facebook, LogicBlox and Microsoft, and shipped in products from EMC, IBM, Oracle and Cloudera. “It’s been nice to work with industry about the practical applications of my work,” he noted. ““The practical relevance of my work can impact what people do today and from them  I can learn what the challenges tomorrow will be, and how we as computer-science researchers can stay one step ahead by anticipating what comes next.”

Kumar’s dissertation focused on training machine learning models based on data sets from multiple tables. “Data scientists usually combine all these tables into a massive single table,” he said. “These operations are called relational joins, and specifically key-foreign-key joins. Now the single table contains all the attributes of all the tables. This was the state of the art before I looked at this problem.”

Yet as Kumar confirmed, joining multiple tables together introduces redundancy into the data. “Consider a popular application of machine learning in enterprise domains: predicting customer churn,” he suggested. “You have a customers table joined with, say, a table about employers and another table about areas indexed by zip code. You could have a thousand customers employed by the same company, which means the record with the employer’s attributes (called its feature vector), gets repeated a thousand times after the join. The same could happen with the zip codes.” Result: the output of this join could be several times bigger than the input data. In one case at Microsoft, Kumar recalls, once they joined all their input tables for a Web security-related ML task to make one massive table, it blew up by a factor of ten. “A task that should have taken half an hour ended up taking a whole day on the cluster because the team overshot the storage space allotted to them — bringing down the shared cluster,” observed Kumar. “So storage becomes a major issue, as does the extra time wasted by the redundant computations performed by an ML algorithm over the redundant data.”

Kumar’s dissertation came up with two orthogonal new techniques. The first technique, called ‘avoiding the join physically,’ pushes down the machine learning computation to the input data in a multi-table format rather than having a single table with all the attributes. The challenge was to do so without affecting the accuracy of the ML model’s predictions. “That is a guarantee we provide and we have a proof for it,” confirmed Kumar. “Weff proved that the accuracy is unaffected. This mitigates the storage issue, because you don’t need the single table, and it mitigates the maintenance issue because you operate on the data as-is, and it mitigates the performance issue because you save a lot of runtime when you operate on the smaller input of the joins.”

One additional benefit of Kumar’s new paradigm: “Today many of the computations for machine learning happen in the cloud,” he said. “You purchase storage or computation runtime, and by reducing both, users can save a lot of money as well.”

The second part of his thesis focused on omitting unnecessary tables. “We showed that in many settings, for many ML models, some tables can be completely ignored,” explained Kumar. “We call it ‘avoiding the join logically’ because we are pretending that a table doesn’t even exist. If you omit a table, your runtime goes down, your storage goes down, and the data scientist’s productivity can go up because you have fewer tables and fewer attributes to manage.”

Kumar showed that prediction accuracy without the omitted table not only does not go down, but the runtime accelerates by two orders of magnitude – i.e., making the computation up to 100 times faster.

Among his many honors, Kumar received a 2016 Google Faculty Research Award, and the same year took home a graduate student research award from the University of Wisconsin for his dissertation research. He was also a recipient of the Best Paper award at SIGMOD 2014.

Kumar recognizes that he joined UC San Diego at an important turning point for anyone working in the general field of data science. CSE is about to launch its first major and minor in Data Science and Engineering, and the campus is developing a Data Science Institute thanks to a $75 million gift from CSE lecturer and alumnus Taner Halicioglu, announced last week. “I am excited that UC San Diego is taking data science seriously,” mused Kumar. “Democratizing data science is a grand challenge that transcends disciplines and requires bridging the gaps between the fields of data management, systems, machine learning, statistics, math, human-computer interaction, and several other fields, including myriad application domains. The generous gift from our alumnus is truly spectacular and I hope it will help accelerate UC San Diego’s research and education in this important area.”

Meantime, Kumar will focus on his teaching and research, and recruiting graduate students for his lab. Two M.S. students from his Winter 2017 course on advanced analytics are now working as research assistants in his group. “I had set a tough filter for enrollment: reviewing a research paper and answering some open-ended research questions,” he said. “This seems to have scared away many students but it ensured a high-quality atmosphere in class. Some of the students even managed to submit research papers on their course projects, one to KDD and another to a SIGMOD workshop, which has already been accepted, while two more are working on solidifying their work for submission to VLDB/SIGMOD. These are all top venues in this research area.”

In addition to teaching the undergraduate course on implementing relational database management systems, this Spring Kumar is also organizing a CSE 290 seminar for grad students on Advanced Data Science. For the seminar, students will read and present papers and articles on advanced data science applications and tools.

Related Links

Arun Kumar Website 
Computer Science and Engineering, University of California San Diego
CSE 190 Topics in Database System Implementation 
CSE 290 Seminar on Advanced Data Science 
CSE 291 Topics in Advanced Analytics

Faculty from UC San Diego, Brown University, and UC Berkeley Share in Networked Systems Award

At the USENIX Symposium on Networked Systems Design and Implementation (NSDI) this week in Boston, Mass., a team of researchers accepted an award for the most influential paper among those presented a decade ago at the annual conference. The 2017 NSDI Test of Time Award was presented during a luncheon on March 26 to two former graduate students at UC Berkeley who co-authored the paper published at NSDI 2007, along with their three UC Berkeley advisors.

Rodrigo Fonseca and George Porter are now professors of computer science, respectively, at Brown University and theUniversity of California San Diego. They accepted the award for their paper*, “X-Trace: A Pervasive Network Tracing Framework,” along with one of their former advisors, professor Ion Stoica. (Other co-authors on the paper – UC Berkeley professors Randy H. Katz and Scott Shenker – did not attend the award ceremony.)

Porter and Fonseca were still at UC Berkeley when they worked on the original paper. “We wrote X-Trace while we were Ph.D. students,” recalled Porter. “It was really an honor to work with my colleagues on this project, which formed the basis of Rodrigo’s and my Ph.D. dissertations.” Stoica remains a professor of computer science in the Electrical Engineering and Computer Science department of UC Berkeley. (It’s not Stoica’s first Test of Time award: he received the SIGCOMM Test of Time Award in 2011.)

Modern Internet systems often combine different applications, span different administrative domains, and function in the context of network mechanisms (tunnels, VPNs, overlays and so on). In their 2007 paper, the co-authors argued that “diagnosing these complex systems is a daunting challenge.” “Many diagnostic tools existed at the time, but none existed for reconstructing a comprehensive view of service behavior,” said Brown’s Fonseca.

X-Trace was not the first tracing framework, but it was influential given that it was effectively the first framework for end-to-end tracing to focus on generality and pervasiveness. “It was based on the observation that an increasing number of systems would be built from heterogeneous components, built and operated by different people,” explained Fonseca. “In contrast, existing tracing frameworks required a specific language, or were targeted to a particular system.”

The researchers implemented X-Trace in protocols and software systems, and in their prize-winning paper, they set out to explain three different use scenarios: domain name system (DNS) resolution; a three-tiered photo-hosting website; and a service accessed through an overlay network.

Hari Balakrishnan, who co-chaired NSDI in 2007, broke the news of the Test of Time Award to the recipients. “We’re very pleased to share that your X-Trace paper from NSDI 2007 has been selected for an NSDI Test of Time Award,” he wrote. “The award honors a paper published ten years earlier at NSDI with retrospectively the most impact on research or practice.”

Indeed, the X-Trace paper has proved to be prescient – in both research and practice. “Today many Internet-scale backend systems are built using a ‘microservices’ approach, with hundreds of loosely connected components tied together to offer larger services,” noted Porter. “Debugging these systems effectively requires what X-Trace provided: the ability to correlate events in one component to events in other arbitrary components, even if they were many steps far removed from the first.”

The rapid adoption of tracing began with Google’s introduction of Dapper in 2010 (see graphic), which offered a similar primitive to X-Trace. Twitter’s Zipkin and Cloudera’s HTrace were open-source implementations of Dapper. Another current competitor in the market, called Traceview, also has X-Trace in its DNA after a series of startups and acquisitions dating back to 2010.

“By 2015 many companies such as Netflix, Baidu, Uber, Facebook and Etsy were deploying internal trace solutions very similar to our ideas presented in the X-Trace paper,” observed Fonseca. “And the interest persists in a rather recent initiative called OpenTracing, which is trying to standardize end-to-end tracing.”

The NSDI award is not Fonseca’s first for his work on tracing: he co-authored a paper on ‘pivot tracing’ that received a Best Paper award at the 2015 Symposium on Operating Systems Principles. That same year, Fonseca won an NSF CAREER Award for his work on ‘causal tracing’ to elucidate understanding of the performance of distributed systems. (Causal tracing covers a wide variety of tracing systems and frameworks, including X-Trace itself, as well as Dapper, Zipkin, HTrace, and many others.)

“It’s becoming increasingly difficult to understand how a system behaves, and, especially, how and why it fails,” said Fonseca. “Causal tracing is a technique that captures the causality of events across all components, layers and machines, and it eases the task of understanding complex distributed systems.”

Now a co-director of UC San Diego’s Center for Networked Systems (CNS), George Porter’s research encompasses the fields of computer networking, data-intensive computing and computer systems, with a specific focus on data center networking. “I work to reduce the barrier to developing, deploying and managing applications that are able to process massive amounts of data,” said Porter. “At the same time, we aim to ensure that the resulting systems are practical, low-cost and energy efficient.”

Porter also received an NSF CAREER Award (in 2016) for work on a scalable multiplane data center network. He plans to demonstrate a hybrid electrical-optical network topology that will scale to hundreds of thousands of servers – at link rates reaching 1.6 terabits per second.

Meanwhile, the excitement surrounding tracing continues unabated. In 2017, for example, Amazon has released X-Ray, which offers distributed tracing for Amazon Web Services, and another company, Datadog, also released an end-to-end tracing product earlier this year.
________________________

*Rodrigo Fonseca, George Porter, Randy H. Katz, Scott Shenker, Ion Stoica, “X-Trace: A Pervasive Network Tracing Framework , Proc. 4^thUSENIX Conference on Networked Systems Design and Implementation (NSDI), April 2007, Cambridge, MA.

Related Links

NSDI 2017
X-Trace: A Pervasive Network Tracing Framework
Rodrigo Fonseca Website
George Porter Website

 

 

Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practice of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.

Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.

The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123, Alex C. Snoeren, based upon criteria set by him for the given final project assigned each year.  Professor Snoeren awarded the prize this year to UCSD undergraduate student Yihan Zhang for his outstanding final project.

 

Previous Recipients of the CNS Espresso Prize for Excellence in Networking:

2016 Undergraduate recipient: Conner Johnston
2014 Undergraduate recipient: Aaron Yip Ming Wong
2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
2013 Undergraduate recipient: Jacob Maskiewicz
2013 Graduate recipient: Vidya Kirupanidhi

<!doctype html>

 

 

Center for Networked Systems at UC San Diego Spring 2017 Newsletter   (Above) CNS Fall 2016 Research Review took place Oct. 13-14 (see story below). The next is set for Oct. 19-20, 2017. Want to attend? Contact Jennifer Folkestad, cns@ucsd.edu or 858-534-5948. Research Innovating in Networked Systems Researchers affiliated with CNS will present at the 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2017), which takes place March 27-29 in Boston. Ph.D. student Arjun Roy (pictured at CNS Research Review) co-authored one of the papers with professor Alex Snoeren. Read More   Battery Control to Cut Utility Costs   CNS postdoc Alper Sinan Akyurek (pictured) and CSE Prof. Tajana Rosing develop control algorithm to cut utility cost of actual building by 50 percent compared to batteryless power solution. Read More People Top Women in Networking and Communications CNS faculty member KC Claffy, founding director of SDSC’s Center for Applied Internet Data Analysis (CAIDA), made the list of 10 top women in networking and communications, compiled by N2 Women. The community of researchers cited Claffy’s “seminal work on measurement, analysis, visualization and sharing of Internet data.” Read More NAE Elects Former CNS Member Former CSE Prof. George Varghese (pictured at a CNS research review in 2008) was on the UC San Diego faculty from 2000 to 2012. Now at UCLA, Varghese was elected to the National Academy of Engineering for his work on “network algorithmics that make the Internet faster, more secure and more reliable.” Read More New Members New Faculty Join CNS CNS now counts 22 faculty members following the addition of CSE assistant professors Deian Stefan and Aaron Schulman to their ranks. Both work in the systems area. Read More Alumni The Graduate Behind Pokémon GO Last October, CNS organized a lecture on campus by CSE alumnus Edward Wu (B.S. ’04), senior product manager at Niantic, the Google spinoff behind the mobile phone-based game craze, Pokémon GO. His former professor, Geoffrey Voelker, invited Wu to speak at CNS’s Fall 2016 Research Review. Wu got his first taste for programming computer games in Voelker’s CSE 125 course. Watch Wu’s talk, or read about it (click on Read More). Read More Alum Wins Dahl-Nygaard  CSE alumnus Ross Tate (Ph.D. ‘12), who did his doctorate under CNS and CSE Prof. Sorin Lerner, is one of two winners of the Dahl-Nygaard Prizes for 2017. Now a professor of computer science at Cornell University, Tate was cited for his “fundamental contributions to type systems with applications to object-oriented languages.” Read More Research Review Photo Finish to Fall Research Review Last October, CNS held its Fall 2016 Research Review. To see photos of the two-day meeting, visit the CNS image gallery or click on Read More to download images from our Flickr photostream. Read More Students Student Attends Grace Hopper on CNS Award Second-year CSE M.S. student Mansi Malik received a CNS award to attend the 2016 Grace Hopper Celebration of Women in Computing last October. She was one of 35 UC San Diego students at the meeting in Houston, TX. “It was an honor to represent both CNS and Graduate Women in Computing,” said Malik. Read More Scholar Meets the ‘Other’ Turing The first student recipient of CNS’s Alan Turing Memorial Scholarship, Valeria Gonzalez (pictured at left), attended a talk by Sir Dermot Turing, the geneticist-turned-lawyer and nephew of computer science pioneer Alan Turing. Together with CNS administrator Jennifer Folkestad and former CNS staffer Kathy Krane, Gonzalez met with Sir Dermot after his talk. Read More Publications Best Paper on Operating Systems CNS researchers including CSE Prof. Yuanyuan Zhou and first author Ph.D. student Tianyin Xu received the Best Paper award at the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2016) in November. Their winning paper, “Early Detection of Configuration Errors to Reduce Failure Damage”, presented PCHECK, a tool to analyze source code and automatically generate configuration checking code (called ‘checkers’). Read More CNS Facebook Forward Copyright © 2017 UC San Diego Center for Networked Systems All rights reserved. Any questions please contact: cns@ucsd.edu Center for Networked Systems University of California San Diego 9500 Gilman Drive, MC 0404 La Jolla, CA 92093 858-534-5948 Want to change how you receive these emails? You can update your preferences or unsubscribe from this list.

 

CNS postdoctoral researcher Alper Sinan Akyurek developed an algorithm for controlling batteries that can decrease the utility cost of an actual building by up to 50 percent compared to a building powered without the use of batteries.

Akyurek (Ph.D. ’17) – who completed his doctorate in January – still works in the Systems Energy Efficiency Laboratory of CSE Prof. Tajana Rosing (who has an adjunct appointment in Electrical and Computer Engineering, Akyurek’s previous department). Together they published their findings in a paper on “Optimal Distributed Nonlinear Battery Control” in the December 2016 issue of the IEEE Journal of Emerging and Selected Topics in Power Electronics*.

As the researchers noted in their article, energy storage systems enable on-demand dispatch of energy to compensate for volatility in the generation and consumption — supply and demand — for power. “Our optimal distributed battery control handles multiple batteries with low computational complexity,” they noted.

Compared to previous work, they used a higher-accuracy nonlinear battery model with only two percent error. “We show in a case study that optimal algorithms designed for a linear battery model induce an error of up to 60 percent in terms of cost reduction… [while] for the case of a constant load profile, we show that this error exceeds 150 percent,” said Akyurek.

Comparing the latest algorithm to the state-of-the-art load-following battery management technique, the new algorithm produced a 30 percent improvement in utility cost. Furthermore, the algorithm obtains the solution for multiple batteries in a decentralized way with guaranteed convergence.

Funding for the control research came from TerraSwarm, one of six centers of the Semiconductor Research Corporation’s STARnet program funded by the Defense Applied Research Projects Agency (DARPA), Microelectronics Advanced Research Corp. (MARCO) and DARPA-E (for Energy). SRC is backed by companies including Intel, IBM, Micron and Texas Instruments. Professor Rosing co-led TerraSwarm’s Smart Cities effort, on which Akyurek worked for three years until it ended in October 2015.

Akyurek’s primary research related to CNS involves context-aware optimization in Internet of Things (IoT) systems. His research extends to optimized control in the Smart Grid for energy efficiency, and he has developed a range of control algorithms for purposes ranging from communication and prediction to controlling energy storage.

Prior to his Ph.D. at UC San Diego, the postdoctoral researcher completed his B.Sc. (’08) and M.Sc. (’11) at Middle East Technical University in Ankara, Turkey, where he was a member of its Communication Networks Research Group. Akyurek also worked as a senior design engineer on wireless networks for the Turkish company, Aselsan, Inc., before enrolling at UC San Diego.

Looking to the future, Akyurek hopes to continue his current line of research. “We are working to extend our optimal nonlinear distributed control solution to other areas in the Smart Grid,” he noted. “We want to modify it for use in other Internet of Things ecosystems such as sensor networks, user-in-the-loop control systems, and managing the maintenance of devices.”

_____________________________________

*A.S. Akyurek and T. Simunic Rosing, “Optimal Distributed Nonlinear Battery Control”, IEEE Journal of Emerging and Selected Topics in Power Electronics, December 2016.

Related Links

Article in Journal of Emerging and Selected Topics in Power Electronics
Akyurek Web Page
Systems Energy Efficiency Lab
TerraSwarm Research Center

The Center for Networked Systems (CNS) at the University of California San Diego now has 22 faculty membersfollowing the addition of two new professors to its ranks.  Both newcomers – Deian Stefan and Aaron Schulman – joined the Computer Science and Engineering (CSE) faculty as assistant professors recently, with Stefan starting to teach last fall, and Schulman this winter.

“Professors Schulman and Stefan both work in the systems area, but their research interests also go well beyond networked systems,” said CNS co-director George Porter. “Both share an interest in secure systems. Schulman’s interests extend to embedded systems and even operating systems, and Stefan’s other major research focus is on programming languages. Both have a lot to bring to CNS’s research agenda.”

While still doing a postdoc at Stanford, Aaron Schulman founded a company called Mellow Research, LLC, to build BattOr, a power monitor he invented to track how much energy different features of applications use while running on mobile phones. For his part, Deian Stefan delayed his start at UC San Diego by a year to finish launching a web security startup called Intrinsic (formerly GitStar), in which he continues to hold the part-time job of Chief Scientist. “At Intrinsic we’ve been transferring research into practice by building systems, tools and languages that ultimately make it easier for developers to build and deploy Node.js web applications with minimal trust,” said Stefan.

Both Stefan and Aaron Schulman came to UC San Diego from Stanford University. Stefan earned his Ph.D. in Computer Science in 2015, while Schulman was a postdoctoral researcher from 2013 to 2016 in the lab of Stanford professor Sachin Katti. Schulman earned his Ph.D. from the University of Maryland, College Park, in 2013 (with a thesis on the reliability of Internet last-mile links that later won him the SIGCOMM Doctoral Dissertation Award).

Deian Stefan

According to Stefan, his primary research interest is in “building principled and practical secure systems.” He builds browsers and language runtime systems by applying programming language techniques and analysis. Among the secure systems Stefan has also helped to build: a secure package manager; a browser confinement system designed for modern web applications; a security-centric framework for building web platforms; a dynamic information flow control system; and a programming language for writing secure, constant-time code.

The professor serves as editor of the COWL specification, and he participates more broadly in developing specs as a member of the W3C WebAppSec and Node.js Security working groups. “By working on specifications,” said Stefan, “we’re trying to broadly influence browser and runtime systems that will ultimately make the web a safer place.”

Stefan began teaching in CSE in Fall 2016, with a course on language-based system security called “Building Secure Systems using Programming Languages and Analysis” (CSE 291). This winter quarter, he is also teaching an undergraduate course, CSE 130 (Programming Languages: Principles and Paradigms), which covers basic concepts and design tradeoffs related to programming languages (including crash courses in JavaScript and Haskell).

Aaron Schulman

Schulman started on July 1, 2016, but delayed making the move from Palo Alto until late in the year. As of this winter, he is teaching his first course at UC San Diego — a graduate-level course on topics in mobile computing and communication (CSE 291).

In his syllabus for the course, Schulman notes that students are learning about the challenges facing smartphones, wearables and smart devices that have overtaken PCs as the dominant platform for computing and communication. “Mobile devices have severely constrained energy capacity, their network connectivity is exclusively provided by unreliable, bandwidth-constrained wireless links, and they carry a standard set of sensors that are seemingly insufficient for certain applications and also can inadvertently leak private information about their users,” explained Schulman. “We discuss research that addresses the challenges introduced by the mobile platform by blurring the lines between traditional research areas in computer science.”

In past work, Schulman has improved the efficiency of wireless networks, cellular network flexibility, and the energy efficiency of mobile applications. He also quantified residential Internet network reliability, made progress in securing the web’s public key infrastructure, and identified privacy leaks in mobile devices.

Related Links

Center for Networked Systems
Aaron Schulman Website
Deian Stefan Website

 

Former UC San Diego computer science and engineering and Center for Networked Systems professor George Varghese has been elected to membership in the National Academy of Engineering. He is among the 84 new U.S. members (and 22 foreign members) elected to the organization in 2017. Varghese was cited for his contributions to “network algorithmics that make the Internet faster, more secure, and more reliable.”

Varghese — who was on the UC San Diego faculty from 2000 to 2012 — is currently a Chancellor’s Professor in the Department of Computer Science at UCLA. He returned to the University of California in August 2016, roughly four years after stepping down from his full professorship at UC San Diego to work for Microsoft Research in Silicon Valley.

More than a decade ago, while still at UC San Diego, Varghese took a leave of absence in 2004 to co-found NetSift, Inc., with his Ph.D. student Sumeet Singh (Varghese as president, Singh as NetSift’s chief scientist). The company developed automated techniques for learning and detecting attack signatures. Barely one year later, NetSift was acquired by Cisco Systems in 2005, and Varghese extended his faculty leave to help Cisco transition the NetSift technology to a 20-Gigabit-per-second chip called Hawkeye. (Singh went on to work for Cisco for seven years.) CNS co-director Stefan Savage co-authored some of the early work on the NetSift technology, as did Varghese’s Ph.D. student Cristian Estan, who is now at Google.

Among Varghese’s honors, he received the Koji Kobayashi Award for Computers and Communications in 2014 for his work in network algorithmics and its applications to high-speed packet networks. The same year, he received the SIGCOMM Lifetime Award for “sustained and diverse contributions to network algorithmics, with far-reaching impact in both research and industry.”

Varghese completed his Ph.D. at MIT in 1993, after doing his Master’s degree at North Carolina State. He did his undergraduate work at the Indian Institute of Technology (IIT) Bombay, which awarded Varghese its Distinguished Alumnus Award in 2015. In 2002 he was elected a Fellow of the ACM.

 

 

The Center for Networked Systems (CNS) in UC San Diego’s Jacobs School of Engineering is once again looking for an undergraduate student who is interested in networked systems – and also active in supporting the LGBT community. “Our goal is to use this scholarship to further boost diversity and inclusiveness in the field of systems and networking and give undergraduates an opportunity to work on top-notch research projects before they get to grad school,” said CNS co-director George Porter, a professor in the Computer Science and Engineering department.

CNS has invited undergraduates to apply for its Alan Turing Memorial Scholarship for the 2017-2018 academic year. The scholarship will be awarded this spring to a student majoring in a field that touches on networked systems, including computer science, computer engineering, public policy, communication or related programs.

According to Porter, CNS will give preference to “students with demonstrated academic merit, financial need and experience or interest in research.”

All applications must be submitted through the online application at https://ucsd.academicworks.com/ . Anyone with questions about the application process can get more information through the UC San Diego Scholarship Office by emailing to scholarships@ucsd.edu .  The application deadline is no later than Monday, February 6, 2017.

In addition to the $10,000 scholarship, the recipient will have the opportunity to carry out guided research under the direction of one of CNS’s faculty mentors.

The scholarship pays homage to Alan Turing, the British mathematician and founder of the computer science field whose code-breaking work contributed substantially to the Allied victory in World War II (notably by breaking Germany’s Enigma code). Turing’s brilliant career was tragically cut short after the war, when he suffered outright persecution for his activities as a gay man. He died by suicide in 1954.

CNS is also making it easier for alumni, staff and other potential donors to give to the Alan Turing Memorial Scholarship fund with an outright gift or a payment pledge. Donations can be made online through the UC San Diego Online Giving portal. To give to the scholarship program, make your gift online at https://giveto.ucsd.edu/make-a-gift?id=a6a587f2-5000-4ca5-b643-ca84554e61bd&ct=t .

The first recipient of the $10,000 scholarship, Valeria Gonzalez, received the award last spring for the 2016-2017 academic year.  “It’s great to see the CNS is taking the initiative to highlight the importance of bringing diversity to computer science and engineering beyond ethnicity and the gender binary,” said Gonzalez on receiving the inaugural award. “The LGBT community encompasses people with an array of talents and abilities, people such as Alan Turing himself… and knowing that your LGBT identity is acknowledged and accepted not only lets you direct all your focus into working hard but also allows you to connect more with the community you’re part of.” A transfer student from Cypress College, a community college near Los Angeles, Gonzalez has been an undergraduate student researcher in the Integrated Electronics and Biointerfaces Laboratory of Electrical and Computer Engineering professor Shadi Dayeh. She has also been a leader in the UC San Diego Women’s Center, which promotes an inclusive and equitable campus community through the educational, professional and personal development of diverse groups of women.

Read more about the Alan Turing Memorial Scholarship.

 

 

 

Researchers affiliated with the Center for Networked Systems (CNS) at the University of California San Diego have been selected to present some of their most up-to-date research at the 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2017).

NSDI focuses on the design principles, implementation and practical evaluation of networked and distributed systems. The annual conference will take place March 27-29, 2017, in Boston, MA, and four papers with co-authors from CNS and the Computer Science and Engineering (CSE) department of the Jacobs School of Engineering have been accepted for submission to the prestigious meeting.

CNS co-director George Porter co-authored two of the papers. “NSDI is one of the most important conferences for us, because just like CNS, the symposium brings together researchers from across the networking and systems community,” said Porter. “Our papers accepted to the 2017 symposium are in line with NSDI’s stated goal of pushing architectural boundaries of network services, and promoting the research dialogue on networked systems.”

vCorfu

CSE Ph.D. student Michael Wei and CSE professor Steven Swanson have co-authored with VMware Research (where Wei is currently a researcher) and Princeton University a paper on “vCorfu: Large-Scale Data Stores over a Shared Log.”

vCorfu is a strongly consistent, cloud- scale object store built over a shared log. It augments the traditional replication scheme of a shared log to provide fast reads, and vCorfu leverages a new technique – composable state machine replication – to compose large state machines from smaller ones. “This enables the use of state machine replication to be used efficiently in huge data stores,” said Wei. “We will show that vCorfu outperforms Cassandra, the popular, state-of-the-art NoSQL database for cloud apps It does so while also providing strong consistency in opacity and read-own-writes, efficient transactions, and global snapshots at the scale of the cloud.”

vCorfu is available as an open-source project on Github at github.com/CorfuDB.

Datacenter Fault Detection

CSE Ph.D. student Arjun Roy expects to complete his doctorate in 2017, and he collaborated with his advisor, CSE professor Alex C. Snoeren, on the paper to be presented at NSDI on “Passive Realtime Datacenter Fault Detection.” It reflects joint work with Facebook researchers Hongyi Zeng and Jasmeet Bagga, who are also co-authors on the paper. (The two Facebook engineers previously co-authored a paper at SIGCOMM 2015 with Roy and professors Snoeren and Porter on “Inside the Social Network’s (Datacenter) Network”.) Roy also did internships at Facebook in the summers of 2012, 2013 and 2014.

According to the paper’s abstract, “datacenters are characterized by their large scale, stringent reliability requirements, and significant application diversity. However, the realities of employing hardware with small but non-zero failure rates mean that datacenters are subject to significant numbers of failures, subsets of packets can be dropped or delayed without triggering a fault signal, so traditional fault detection techniques (involving end-host or router-based statistics) may not identify such errors.

In their paper, Roy and Snoeren describe how to expedite the process of detecting and localizing partial datacenter faults. It uses an end-host method generalizable to most datacenter applications. “We correlate transport-layer flow metrics and the delay incurred by network-input/output system calls at end hosts with the path that traffic takes through the datacenter,” said Roy. “Then we apply statistical analysis techniques to identify outliers and localize the faulty link and/or switch or switches.

The paper will detail how the researchers evaluated their novel approach in a production datacenter (Facebook’s) carrying a workload servicing more than 100 million users.

ExCamera

In light of the massive explosion in video content on the Internet and for virtual reality, a team of two CSE Master’s students advised by professor George Porter has come up with a new approach to processing video with minimal delays.  Second-year M.S. student Karthikeyan Vasuki Balasubramaniam (who is Porter’s teaching assistant this quarter in CSE 124 on Networked Services) and recent graduate Rahul Bhalerao (M.S. ’16) have had experience in industry (both at Amazon — Balasubramaniam as an intern at Amazon Prime, and Bhalerao currently working at Amazon Web Services).

The paper accepted to NSDI is entitled “Encoding, Fast and Slow: Low-Latency Video Processing Using Thousands of Tiny Threads.” In it, the researchers describe ExCamera, a system that can edit, transform and encode a video, including ultra-high-resolution 4K video (four times the resolution of high-definition TV) and stereoscopic virtual reality (VR) material, dozens of times faster than cutting-edge production systems at the largest providers.

The co-authors lay claim to two major contributions. First, “our coauthors at Stanford developed a novel encoding strategy focusing on fine-grained parallelism, which is rather unique in the encoding space,” explained Balasubramaniam.

Separately, noted Bhalerao, “ExCamera orchestrates encoding and other video-processing pipelines across the Amazon Web Services Lambda service. The system invokes thousands of threads in parallel, each handling only a fraction of a second of the video.”  The UC San Diego was done in collaboration with researchers at Stanford University.

MegaSwitch

MegaSwitch is a multi-fiber ring optical fabric that exploits space-division multiplexing across multiple fibers non-blocking communications that can be rearranged to 30-plus racks and 6,000-plus servers. CNS’s George Porter co-authored the paper on “Enabling Widespread Communications on Optical Fabric with MegaSwitch” with researchers at the Hong Kong University of Science and Technology, SUNY Buffalo, Yale University as well as Omnisense Photonics and CoAdna Photonics.  (No UC San Diego students worked on the paper.)

According to Porter, “we were seeking an optical interconnect that can enable unconstrained communications within a computing cluster of thousands of servers.” Indeed, existing wired optical interconnects are not ideal for widespread communications in production clusters, and recent efforts to reduce the time it takes to reconfigure the optical circuit from milliseconds to microseconds only partially mitigated the problem (by rapidly time-sharing optical circuits across more nodes).

“We were still limited by the total number of parallel circuits available simultaneously,” explained Porter. “However, we wanted to evaluate the potential of WDM to scale to a large number of endpoints.”

Related Links

USENIX Symposium on Networked Systems Design and Implementation http://www.usenix.org/conference/nsdi17
Computer Science and Engineering Department http://cse.ucsd.edu/about/news/uc-san-diego-center-nsdi-2017-innovating-networked-systems

CNS faculty member and principal investigator/founding director of the Center for Applied Internet Data Analysis (CAIDA) at the San Diego Supercomputer Center (SDSC), KC Claffy, has been named to the second annual “10 Women in Networking/Communications That You Should Know” list.

Now in its second year, the list is compiled and coordinated by N² Women (Networking/Networking Women), a discipline-specific community for researchers in the communications and networking research fields. The organization’s main goal is to foster connections among under-represented women in computer networking and related research fields. The full list of this year’s award recipients can be found here.

Nominations are solicited both from the N²Women community as well as through several mailing lists related to networking and communications. More than 150 people from around the world submitted nominations, resulting in over 140 distinct names of accomplished women in the field, according to the organization.

A committee of five N² Women board members selected this year’s 10 honorees. “Many people from around the world submitted one or more nominations for this list, and it was very difficult to choose only 10 amazing women,” said Oana Iova, a postdoctoral researcher in the D3S  research group with the Department of Information Engineering and Computer Science (DISI)  at the University of Trento, Italy , and the awards co-chair who led the nomination and selection processes this year. “We focused on women who have had a major impact in networking and/or communications. We also wanted a list that reflected presented our diversity, and specifically the diversity in the area of networking/communications.”

“I am honored to join such a distinguished group on this year’s N² Women’s list,” said Claffy, who founded CAIDA in 1997 as a collaboration among commercial, government and academic research sectors to promote greater cooperation in the engineering and maintenance of a robust, scalable global internet infrastructure. “I encourage other women working in networking and communications to attend or help organize an N²Women event at their next ACM, IEEE, or other relevant conference or workshop.”

Today, CAIDA’s research interests include internet cartography, or detailed analyses of the changing nature of the Internet’s topology, routing and traffic dynamics. CAIDA also investigates the implications of these changes on network science, architecture, infrastructure security and stability, and public policy.

Earlier this year CAIDA was awarded a $1.4 million grant from the U.S. Department of Homeland Security to demonstrate and illuminate structural and dynamic aspects of the Internet infrastructure relevant to cybersecurity vulnerabilities. These aspects include macroscopic stability and resiliency analyses, grey markets for IPv4 addressing resources, and on-demand router-level topology inference.

In 2015, Claffy received the IEEE Internet Award for her “seminal contributions to the field of Internet measurement, including security and network data analysis, and for distinguished leadership in and service to the Internet community by providing open-access data and tools,” according to a notice published by the institute .

 

In 2015, the Center for Networked Systems established the Alan Turing Memorial Scholarship the first of its kind in the nation, for enrolled UC San Diego undergraduate students majoring in computer science or computer engineering, public policy, communications and other programs touching on networked systems and who are active in supporting the LGBT community.  In addition to receiving a $10,000 scholarship, recipients are also provided with an opportunity to carry out guided research under the direction of one of the center’s faculty mentors.

CNS aspires to affirm the importance of a diverse and inclusive community of engineers and to pay homage to Alan Turing, a titan in the field, whose contributions were tragically cut short.  A founder of the field of computer science and a brilliant mathematician, Alan Turing’s work contributed substantially to the Allied victory in World War II through his brilliant codebreaking. After the war, Turing suffered outright persecution for his activities as a gay man. He died by suicide in 1954.

APPLICATION INFORMATION

The Alan Turing Memorial Scholarship will be awarded in the spring quarter 2017 for the 2017-2018 academic year to an undergraduate student who is either majoring in computer science, electrical and computer engineering,  public policy, communications or other programs touching on networked systems and who is active in supporting the LGBT community.  Preference given to students with demonstrated academic merit, financial need, and experience or interest in research.

Deadline: February 6, 2017  Online Application: https://ucsd.academicworks.com/  If you have questions regarding the application process, please contact the UCSD Scholarship Office at scholarships@ucsd.edu

 

Valeria Gonzalez is the first recipient of the Alan Turing Memorial Scholarship launched by UC San Diego’s Center for Networked Systems (CNS), so she was excited when she learned that the nephew of the famous mathematician and pioneer in the fields of computer science and artificial intelligence would be coming to La Jolla for a speech. The scholarship was established in 2015 by CNS to encourage participation in systems and networking research by students who are active in supporting the LGBT community.

Despite his eminent contributions in cryptanalysis, computer science and artificial intelligence, Turing was imprisoned after World War II for his sexuality, and committed suicide in 1954. His life was the subject of an Academy Award-nominated 2014 film, The Imitation Game.

Sir Dermot Turing is more than just a nephew. He is an Oxford-trained geneticist-turned-solicitor (lawyer) and prolific author, and he was invited to give a public talk by the San Diego Biomedical Research Institute. So it was that Gonzalez, CNS administrator Jennifer Folkestad and former CNS staffer Kathy Krane — who had the original idea of creating a CNS scholarship in honor of Alan Turing — found themselves at The Scripps Research Institute near UC San Diego on October 28 to hear Sir Dermot talk about “Alan Turing: Myth and Methods”, as part of the institute’s Collaboration & Communications Seminar Series.

As detailed in his most recent book, “Professor Alan Turing Decoded”, the younger Turing largely debunks the myths of Alan Turing being a recluse, difficult to deal with, and a poor communicator. Using illustrations from Alan Turing’s work and personal accounts from colleagues of what he was like to work with, Sir Dermot traced the course of Turing’s achievements and described how his uncle arrived at his ideas.

Sir Dermot Turing remains a Trustee of Bletchley Park, the site of Britain’s ambitious effort to crack Germany’s Enigma code in World War II — for which Alan Turing was credited by Winston Churchill as saving millions of lives and making the single most important contribution to the Allied victory over Germany. In addition to being one of the world’s leading cryptanalysts and a founder of the science of artificial intelligence, Turing is widely considered one of the fathers of computer science, and to this day, the Turing Prize remains the top prize in the field — the equivalent of a Nobel for a field not yet a science when the Nobel Prizes were created in 1901.

According to Sir Dermot, his uncle was broadly influenced by mathematician Max Newman. It was a lecture by Newman in 1927, in which Newman mused whether mathematical solutions could be done by a mechanical device, that sparked Turing’s work on computing machines. “Alan Turing takes this thought and produces the amazing paper in which he comes up with the concept of a universal programmable computing machine,” said Sir Dermot. “He envisioned a multipurpose machine whose purpose would change as you feed it different code — something that would have been almost unimaginable in the 1930s.”

 

 

 

 

 

Thanks to the Center for Networked Systems (CNS), Mansi Malik was able to attend what has become the premier conference for women in computer science (and for many men too). The second-year graduate student in Computer Science at UC San Diego was among the 35 UC San Diego students (including nine grad students) and 15,000 people overall attending the 2016 Grace Hopper Celebration of Women in Computing October 19-21 in Houston, TX.

[Pictured at right Mansi Malik, and below, l-r, CS majors in Houston included Ruchika Shivaswamy, Mansi Malik, Sakshi Gupta, Shivani Agrawal, Stephanie Chen, Ailie Fraser. Malik , Chen and Fraser are GradWIC officers this year.]

“It was really cool and exciting to see and meet so many women in computer science from all over,” says Malik, who expects to complete her M.S. degree in 2017. “A lot of great energy and excitement was going around, and there were inspiring talks by awesome speakers.” Malik says she was particularly inspired by the keynote speakers, including Latanya Sweeney, founder of Harvard’s Data Privacy Lab, IBM CEO Ginni Rometty, and Megan Smith, who was appointed Chief Technology Officer of the United States in 2014 by President Obama, from her previous position as a vice president of Google[x], Google’s advanced products unit. Malik was also impressed with the keynote by Salesforce CEO Marc Benioff.

Since 2011, CNS has sent one, two or three graduate students each year to the conference in the form of travel grants. “CNS took care of everything from travel to meals, ensuring that I had a smooth trip,” observes Malik. “It was an honor to represent both CNS and Graduate Women in Computing [GradWIC], and I hope to continue the relationship between GradWIC and CNS going forward.”

Overall, she says, the conference was a valuable experience. “There were great networking opportunities through the career fair and company-sponsored events and lunches,” explains Malik. “I also talked to a lot of recruiters and engineers from tech companies about GradWIC and built some industry connections for us so that we can host more events.” She also appreciated a session on negotiating salaries, in which she learned that for every four men who dare to negotiate for a better starting salary, only one woman will attempt to negotiate – and the problem spills over into other areas because many women are unaware that they can negotiate for more than just salary.

“My specialization is in Computer Systems, and I got a chance to meet a lot of systems pioneers through the conference, including inspiring leaders from Qualcomm, Microsoft, Google, and other companies,” notes Malik. “Talks on networking and the Internet of Things were particularly interesting from a CNS perspective.”

In an after-conference report to CNS, Malik also noted that because of its rapid growth, “a lot of the interesting-sounding sessions were in small rooms and filled up well before they started, leaving hundreds of people looking for somewhere else to go.”

The sessions were also heavily focused on industry. “Most talks were presented by industry leaders, and even the talks about academia or research were geared toward faculty,” says Malik. “There could have been more research-related sessions oriented toward graduate students.”

“Thanks to everyone at CNS,” says Malik, “for giving me the opportunity to attend the Grace Hopper Celebration this year.”

Many of the previous recipients of CNS travel grants to Grace Hopper Celebrations were also officers in GradWIC, including former VP Neha Chachra (who attended the event in 2011), Publicity Manager Karyn Benson (2013), and GradWIC Secretary Malveeka Tewari (2014).

The previous winner, Vicky Papavasileiou, in 2015 is a CSE Ph.D. student as well. For a full list of past recipients, visit the travel grant page on the CNS website.

CNS Grace Hopper Travel Grant
Grace Hopper Celebration 2016
GradWIC

A team of current and former students of University of California San Diego Computer Science and Engineering professor Yuanyuan (YY) Zhou, together with a longtime industry collaborator, are the recipients of a Best Paper Award at the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16). The award was announced November 2 on the first day of the three-day conference in Savannah, GA. Sponsored by USENIX in cooperation with the ACM Special Interest Group on Operating Systems (SIGOPS), OSDI is the premier conference in the field of computer systems research.

The winning paper, “Early Detection of Configuration Errors to Reduce Failure Damage”*, was presented by first author and CNS/CSE Ph.D. student Tianyin Xu in a session on troubleshooting. In his talk, Xu presented a tool called PCHECK, which analyzes source code and automatically generates configuration checking code (dubbed ‘checkers’). Checkers emulate the late execution that uses configuration values, and detect latent-configuration (LC) errors at the initialization phase o the systems. “Compared with existing detection tools,” concluded Xu, “it can detect 31 percent more LC errors.”  Xu and his co-authors developed PCHECK after realizing that up to 93 percent of widely-used software systems’ configurations “do not have any special code for checking the correctness of their settings at the system’s initialization time.” This makes such systems subject to LC errors in critically important configurations – notably those related to reliability, serviceability and availability.

According to Xu’s advisor, professor YY Zhou, “early detection is the key to minimizing failure damage induced by configuration errors, especially those errors in configurations that control failure handling and fault tolerance.” Zhou holds the Qualcomm Endowed Chair in Mobile Computing, a chair funded by Qualcomm, Inc., through its commitment to the California Institute for Telecommunications and Information Technology (Calit2). She is also a member of the Center for Networked Systems (CNS).

In addition to Prof. Zhou and first author Xu, co-authors on the paper include CSE Ph.D. students Xinxin Jin and Long Jin (advised, respectively, by YY Zhou and Zhuowen Tu), and recent graduate Peng (Ryan) Huang (Ph.D ’16). Co-author Shan Lu is a former student of Zhou’s at the University of Illinois, but she is now a computer-science professor at the University of Chicago. Finally, Shankar Pasupathy, technical director of analytics at Network Appliance (NetApp), is a longtime industry collaborator with Zhou’s Operating Systems Research (Opera) group at UC San Diego.

The team behind the Best Paper award also presented their research in poster form during the Nov. 2 poster session at OSDI. In related news, CSE Prof. George Porter, who also co-directs the Center for Networked Systems (CNS) at UC San Diego, was also co-chair the OSDI poster committee, while also sitting on the symposium’s program committee.

*Early Detection of Configuration Errors to Reduce Failure Damage, by Tianyin Xu, Xinxin Jin, Peng Huang, Yuanyuan Zhou, Shan Lu, Long Jin, and Shankar Pasupathy, Proc., 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16), November 2016

Related Links

OSDI 2016 https://www.usenix.org/conference/osdi16/

Next time you see someone playing Pokémon GO, the popular mobile phone-based game, keep in mind that a Computer Science and Engineering alumnus, Edward Wu (B.S. ’04) leads the groundbreaking game’s technical team.

Wu is a senior product manager at Niantic, the company that makes Pokémon GO and was spun off in October 2015 from Google, where Wu worked previously.  He earned a dual bachelor’s degree in computer science and physics, and what he learned at UC San Diego is the basis of his success as an engineer, he said during a talk on campus Oct. 13 organized by the Center for Networked Systems (CNS). “I learned the core algorithms, the core fundamentals here,” Wu said. “There is no substitute for that.”

Wu stayed in touch with CSE Prof. Geoffrey Voelker on and off since 2004, and it was Voelker who invited Wu to speak on campus as part of CNS’s Fall 2016 research review. “Ed is an example for all our students to show that what they’re learning prepares you to go out into the world and make a difference,” said Voelker. “The world is now a different place because of Pokémon GO.”

In his talk, Wu gave an overview of all the engineering and troubleshooting that has to happen for users to catch Pokémon, get supplies, and battle in gyms on their smartphones, at any time and in any place from the United States to France, to Australia. “The key element is overlaying a single, consistent reality over the real world,” Wu explained.

This is all the more challenging because the game has been downloaded by more than 500 million people. Making Pokémon GO work for even a small fraction of these users is no small feat. Wu and his team spent most of July 2016 in a sleepless state while they were launching the game around the world. Demand was 50 times more than Niantic projected.

But Pokémon GO is more than just a game, Wu said. “It’s about going outside, going on walks and meeting people in the real world,” he said. The game requires players to walk around and hit up designed spots, called Pokéstops, to get supplies. Players need to physically be near the gym where they want to do battle. Players have logged more than 4.6 billion kilometers (about 2.8 billion miles) between the game’s launch in July and August of this year—that’s half the distance between Earth and Pluto.

Niantic also recently introduced a feature that allows players to get rewards to power up and evolve Pokémon for every kilometer (about 0.6 miles) they walk with their favorite Pokémon. Wu’s walking buddy is Psyduck, which looks like a cross between a yellow duck and a platypus, walks upright and has psychic powers.

During his CNS talk, Wu recalled how he tried his hand at developing a multiplayer game for the first time in CSE 125, a computer science class taught by Voelker. Wu and the rest of a student team created a real-time tactical combat game they called “Geteilte Stadt,” German for “a city divided.” During the class, he learned how to collaborate and work with others on complex technical problems, he said. He learned how to code, by himself and with others, and how to resolve disagreements around technical issues. “It was invaluable,” he said. Wu wore a tuxedo during the CSE 125 final presentations, when all teams demonstrated their games.

Wu was a Jacobs Scholar as an undergraduate at UC San Diego—a select group chosen for their academic achievements, leadership potential and commitment to community service. Jacobs Scholars receive full tuition and living expenses, as well invitations to cultural and other social events hosted by Joan and Irwin Jacobs, and access to a network of current and former Jacobs Scholars. In 2003, he was also a Calit2 Summer Undergraduate Scholar.

After graduating from UC San Diego, Wu earned a master’s in international policy studies and a Ph.D. in physics from Stanford University. He worked at the RAND Corporation and then joined Google as a staff software engineer. At Google, he worked at Niantic Labs, which was then an autonomous unit within the company. There, he helped launch Ingress, the massive mobile augmented reality game that preceded Pokémon GO. Fun fact: most of the Pokéstops and gyms in Pokémon GO are based on Ingress portals.

Wu is currently in the process of earning an MBA from the Haas School of Business at UC Berkeley, even though he works in Seattle, WA.

LINK TO VIDEO OF TALK

Original story posted here:

http://ucsdnews.ucsd.edu/feature/lead_engineer_for_pokemon_go_nabbed_game_building_skills_at_uc_san_diego?utm_campaign=thisweek&utm_medium=email&utm_source=tw-2016-10-20

 

 

Next time you see someone playing Pokémon GO, the popular mobile phone-based game, keep in mind that a Computer Science and Engineering alumnus, Edward Wu (B.S. ’04) leads the groundbreaking game’s technical team.

Wu is a senior product manager at Niantic, the company that makes Pokémon GO and was spun off in October 2015 from Google, where Wu worked previously. He earned a dual bachelor’s degree in computer science and physics, and what he learned at UC San Diego is the basis of his success as an engineer, he said during a talk on campus Oct. 13 organized by the Center for Networked Systems (CNS). “I learned the core algorithms, the core fundamentals here,” Wu said. “There is no substitute for that.”

Wu stayed in touch with CSE Prof. Geoffrey Voelker on and off since 2004, and it was Voelker who invited Wu to speak on campus as part of CNS’s Fall 2016 research review. “Ed is an example for all our students to show that what they’re learning prepares you to go out into the world and make a difference,” said Voelker. “The world is now a different place because of Pokémon GO.”

In his talk, Wu gave an overview of all the engineering and troubleshooting that has to happen for users to catch Pokémon, get supplies, and battle in gyms on their smartphones, at any time and in any place from the United States to France, to Australia. “The key element is overlaying a single, consistent reality over the real world,” Wu explained.

This is all the more challenging because the game has been downloaded by more than 500 million people. Making Pokémon GO work for even a small fraction of these users is no small feat. Wu and his team spent most of July 2016 in a sleepless state while they were launching the game around the world. Demand was 50 times more than Niantic projected.

But Pokémon GO is more than just a game, Wu said. “It’s about going outside, going on walks and meeting people in the real world,” he said. The game requires players to walk around and hit up designed spots, called Pokéstops, to get supplies. Players need to physically be near the gym where they want to do battle. Players have logged more than 4.6 billion kilometers (about 2.8 billion miles) between the game’s launch in July and August of this year—that’s half the distance between Earth and Pluto.

Niantic also recently introduced a feature that allows players to get rewards to power up and evolve Pokémon for every kilometer (about 0.6 miles) they walk with their favorite Pokémon. Wu’s walking buddy is Psyduck, which looks like a cross between a yellow duck and a platypus, walks upright and has psychic powers.

During his CNS talk, Wu recalled how he tried his hand at developing a multiplayer game for the first time in CSE 125, a computer science class taught by Voelker. Wu and the rest of a student team created a real-time tactical combat game they called “Geteilte Stadt,” German for “a city divided.” During the class, he learned how to collaborate and work with others on complex technical problems, he said. He learned how to code, by himself and with others, and how to resolve disagreements around technical issues. “It was invaluable,” he said. Wu wore a tuxedo during the CSE 125 final presentations when all teams demonstrated their games.

Wu was a Jacobs Scholar as an undergraduate at UC San Diego—a select group chosen for their academic achievements, leadership potential and commitment to community service. Jacobs Scholars receive full tuition and living expenses, as well as invitations to cultural and other social events hosted by Joan and Irwin Jacobs, and access to a network of current and former Jacobs Scholars. In 2003, he was also a Calit2 Summer Undergraduate Scholar.

After graduating from UC San Diego, Wu earned a master’s in international policy studies and a Ph.D. in physics from Stanford University. He worked at the RAND Corporation and then joined Google as a staff software engineer. At Google, he worked at Niantic Labs, which was then an autonomous unit within the company. There, he helped launch Ingress, the massive mobile augmented reality game that preceded Pokémon GO. Fun fact: most of the Pokéstops and gyms in Pokémon GO are based on Ingress portals.

Wu is currently in the process of earning an MBA from the Haas School of Business at UC Berkeley, even though he works in Seattle, WA.

Nearly a dozen UC San Diego graduate students spent the summer doing real-world R&D in industry. They were on internships with companies that turn to the university’s Center for Networked Systems (CNS) as a training ground for top students in systems and networking.

The companies included some of the hottest names in California high tech. Three students interned at Facebook: Louis DeKoven, Panagiotis Vekris, and Arjun Roy, and they worked, respectively, with advisors Mark Hammell, Nektarios Leontiadis, Aveek Chaudhuri and James Zeng (all of Facebook). Louis DeKoven must have felt right at home, after having done previous internships at Facebook the previous summer, and working with them as a research contractor in the first half of 2016 (a part-time position he resumed after the end of the internship). His latest internship focused on security research. Arjun Roy worked on a project about data center fault detection. Panagiotis Vekris (M.S. ’14) previously interned at Microsoft, and expects to finish his Ph.D. in 2017. Vekris’s research interests have been in programming languages, program analysis, verification and type systems.

The only other CNS member employing multiple interns over the summer of 2016 was Microsoft, in its Microsoft Research unit.  CSE graduate students Marc Adrysco both spent their internships with the company in Redmond, WA. (Andrysco worked full-time for two years at Microsoft prior to enrolling in the Ph.D. program at UC San Diego.)

Among CNS member companies, Rob McGuinness interned at Google, where he worked with three advisors (including former CNS director Amin Vahdat) on sorting large data sets on Google’s cluster infrastructure, McGuinness’s UC San Diego advisor is CNS co-director George Porter.

Alex Forencich did his degrees in electrical engineering at UC San Diego (B.S., M.S., ’12, ’15) and expects to finish his Ph.D. in 2017. Since 2012, his research has focused on high-performance data center networking in CNS, and Forencich spent this summer at IBM.

Eric Seidel expects to complete his Ph.D. in computer science in 2017. His research area includes working on refinement type-based verifier for Haskell, and verified memory safety and functional correctness of Data Text library, in which he discovered and fixed a memory bug in the process. This summer he interned at Bloomberg with the company’s Mario Longobardi. In particular, Seidel worked on the information and publishing giant’s Haskell infrastructure.

Niki Vazou has also worked on LiquidHaskell, a static verifier for Haskell source code based on liquid types. In graduate school she has already done two summer internships at Microsoft, but this summer she spent at Awake Networks in Mountain View, CA. With a few dozen personnel, Awake is building a next-generation network security and analytics platform.

Sunjay Cauligi, who graduated from the University of Washington in June 2015 and received the award for outstanding computer-engineering senior, has two fellow UW alumni as his advisors in CSE: CNS co-director Stefan Savage and CSE Prof. Geoffrey Voelker. After finishing his first year in grad school, Cauligi spent the summer at Uber (with advisor Tao Peng), working on a good-user model using machine learning to exempt users with a history of non-fraudulent activity from having to suffer through the suite of fraud checks every user goes through during every trip request.

Finally, the only San Diego destination for a CNS intern this summer was Qualcomm, Inc. Ph.D. students Zhaomo Yang worked on isolating Linux device drivers using software-based fault isolation. His advisor at Qualcomm was Robert Turner, while his CNS mentor and advisor was CNS research scientist and CSE alumnus Kirill Levchenko (Ph.D. ‘08). Yang impressed attendees at the CNS 2016 Spring Research Review in April with a talk on “Fine-Grained Fault Isolation for Deep Packet Inspection Engines.”

Among the UC San Diego advisors in the program this summer, CSE Prof. Ranjit Jhala oversaw four graduate students working at Bloomberg (Eric Seidel), Awake Networks (Niki Vazou), Facebook (Panagiotis Vekris), and Microsoft Research (Marc Andrysco).  CNS co-director Stefan Savage and Geoffrey Voelker advised two students: Louis DeKoven at Facebook and Sunjay Cauligi at Uber. Other UC San Diego advisors included Steven Swanson and Alex Snoeren.

CNS fosters relationships between industry and CNS graduate students by hosting twice-yearly research reviews that bring everyone together to share ideas. Additionally, the relationships that CNS faculty have with industry can lead to internships opportunities.

Note: The CNS Fall 2016 Research Review is scheduled for October 13-14 at UC San Diego. To register or request an invitation, email cns@ucsd.edu or call 858-534-5948.

 

Most of the Ph.D. and M.S. students who worked in the labs of Center for Networked Systems (CNS) member faculty are well-positioned to land a great job after graduation. A few remain in academia, but the vast majority go to jobs in the technology industry, and not just any jobs. According to a survey of 16 CNS-affiliated graduate students who matriculated in 2015-2016, fully half of the mostly Computer Science and Engineering graduates now work for Google, with others going to fast-track jobs at Apple, Facebook, and other tech giants.

Staying in academia

Only a few graduating CNS students are staying in academic environments. According to CNS co-director George Porter, “that’s more than 18 percent of our 16 recent graduates, and that’s probably pretty standard among the top 20 schools.”

After working with his advisor, CSE Prof. YY Zhou, Peng (Ryan) Huang (Ph.D. ’16) was offered a tenure-track position as Assistant Professor in computer science at Johns Hopkins University. He was offered the job because the university is trying build a new area of strength in Huang’s area – computer systems. “I’m particularly interested in understanding growing problems in real-world systems and reflecting that understanding in new techniques to improve system reliability,” says Huang. In his dissertation, Huang analyzed the distinctive characteristics of failures in industrial-strength cloud systems. (For more on Huang, see news release at http://www.cse.ucsd.edu/node/2982.)

Since graduating in June 2015, Baris Aksanli (Ph.D. ’15) remains affiliated with CNS as a postdoctoral researcher in Tajana Rosing’s lab. Then in August 2016, he became an Assistant Professor in the Electrical and Computer Engineering department of San Diego State University (SDSU), where Aksanli teaches embedded-systems courses and real-time operating systems. On the research side he continues to work on energy efficiency in various domains, including embedded systems, data centers, Internet of Things, and cyber-physical systems. Aksanli did two internships in graduate school, one at Intel (in 2012), the other at Lawrence Berkeley National Laboratory (2011).

Bharathan Balaji (Ph.D. ’16), who previously received his M.S. in 2011 from the ECE department before transferring to CSE, is also remaining in academia. He recently joined UCLA as a postdoctoral researcher in the lab of Prof. Mani Srivastava, a longtime collaborator of Balaji’s UCSD advisor Rajesh Gupta (and co-advisor Yuvraj Agarwal, now at Carnegie Mellon). Balaji’s research focused on improving energy efficiency of buildings by creating software applications that exploit existing infrastructure to provide services such as information organization, fault detection, personalized control, and sensing when an occupant is in the building. As a grad student, Balaji did an internship at Ericsson Research (working on a Wi-Fi-based occupancy sensing solution).

Google hires 50% of CNS recent graduates

Google may be the most sought-after employer of computer science Ph.D. graduates, so it’s perhaps no surprise that Google hired more CNS recent graduates than any other company (all of them armed with degrees from CSE at UC San Diego). Fully half of the graduates – eight of the 16 CNS recent alumni – are now employed at Google.

On September 15, Wilson Wing-Soon Lian (M.S., Ph.D. ’13, ’16) defends his dissertation on “JIT Spraying Threats on ARM and Defense by Diversification”. Lian’s dissertation committee was co-chaired by his advisors, Stefan Savage and Hovav Shacham. Lian says his research interests are “broadly in security and privacy, but lately I’ve been looking at the security of Just-In-Time compilers.” As a graduate student from 2010 to 2016, he was hired and re-hired at Google for three summer internships in 2012, 2013 and 2015, so it’s no surprise that, with his Ph.D. in sight, Lian has already accepted a job at… Google. He’ll be a full-time software engineer.

Jagannathan Venkatesh (Ph.D. ‘16) graduated in June after defending his dissertation on “A Context-Aware Approach to Residential Grid Automation.” In his thesis, Venkatesh proposed “using context – additional high-level information – about elements of the smart grid (sources, loads and storage) to improve the efficiency of its operations.” At the all-campus graduation ceremony, his advisor Tajana Rosing was on hand (pictured at right with Venkatesh). Today the CSE and CNS alumnus works at Google, where he had previously done three internships in 2011, 2012 and 2013, including the development of a testing framework for video ads, a tool to search, analyze and debug Google’s social back-end data, and designing user interfaces that are intuitive to users and reusable by developers.

Mike Conley (M.S., Ph.D. ’12, ’15) completed graduate school in computer science under George Porter and Amin Vahdat. His primary research interests were in the areas of big data, I/O-intensive computation, distributed systems, cloud computing, MapReduce, data centers and high-speed sorting. Conley’s doctoral dissertation on “Achieving Efficient I/O with High-Performance Data Center Technologies,” focused on the performance of storage and network I/O in large-scale distributed systems (notably on TritonSort and Themis), and he demonstrated how to run such applications on a wide variety of hardware platforms, from solid-state disks to supercomputers. Since October 2015, Conley has been a software engineer at Google in Mountain View, CA, where he also did internships in 2010 and 2011.

Tristan Halvorson (Ph.D. ’15) studied the domain name market, measuring the market with web and whois data to determine the goal of domain name registrants. Previously with his advisors Stefan Savage and Geoffrey Voelker, Halvorson investigated email spam from a monetary perspective by measuring many email spammers’ costs and revenue. He also spent the summer of 2012 on an internship with Yahoo!’s email anti-spam team, with whom he analyzed data on Hadoop to look for compromised webmail accounts.) On graduation, he joined Google as a software engineer.

Rishi Kapoor (M.S., Ph.D ’11, ’15) is now a software engineer at Google, where he had previously done two summer internships in the company’s platform networking group. He completed his Ph.D. under Amin Vahdat and George Porter. His research interests were in areas including systems, data center networks, distributed networks and network security.  Kapoor’s primary focus was on integrating the end-host stack with the data center network fabric. “By coupling the end host and the data center network fabric,” argued Kapoor, “it is possible to achieve stringent performance properties of next-generation data center networks and applications.”

He (Lonnie) Liu (Ph.D. ’15) joined Google after completing his doctorate, despite having done two summer internships at Microsoft Research. He worked under Geoffrey Voelker and Stefan Savage in the Systems and Networking group of CSE. Liu was the first author of a December 2015 published report on “Scheduling Technologies for Circuit/Packet Networks”, co-authored with his advisors as well as other CNS members including George Porter, Alex Snoeren and George Papen.

Malveeka Tewari (M.S., Ph.D. ’11, ’15) worked under advisors George Porter and Amin Vahdat. Her areas of interest included Networked Systems, Distributed Computing, Data Center Networks, and Software-Defined Networks. As a graduate student, she did one internship at Amazon Web Services and spent the summers of 2011 and 2012 at Google in Mountain View, CA. For her dissertation, Tewari focused on “Enabling Fine-Grained Network Flow Management in Data Center Networks and Servers.” She now works at Google as a software engineer.

After completing her computer-science degree in June, Liqiong Yang (M.S. ’16) became one of the latest CSE graduates hired by Google, which she joined in August as a software engineer in the Cloud SQL group. Yang was a computer-science research assistant for two years at Peking University before enrolling in the master’s program at UC San Diego in 2012. She also did a software engineering internship at China’s Baidu, Inc., and, in summer 2015, Yang did an internship with CSE Prof. YY Zhou’s Whova startup. She has also TA’d courses in discrete mathematics (CSE 20) and operating systems (CSE 120).

Apple, Facebook lead other high-tech hires

Following Bhanu Chandra Vattikonda’s move to Apple after the 2014-2015 school year (and getting his Ph.D. under Alex Snoeren), another CNS student accepted an employment offer at Apple. Keaton Mowery (Ph.D. ’15) now works there too, after finishing his dissertation under Hovav Shacham. His research interests focused on web security, privacy and general systems security.

Neha Chachra (Ph.D. ’15) is now a research scientist at Facebook. As a member of the Systems and Networking group in CSE, she was advised by professors Stefan Savage and Geoffrey Voelker (her co-authors on a paper delivered at the 2015 Internet Measurement Conference (“Affiliate Crookies: Characterizing Affiliate Marketing Abuse”). Chachra defended her dissertation in December 2015.

Karyn Benson (Ph.D. ’16) used UC San Diego’s Network Telescope while working and doing research on networks and security in the Center for Applied Internet Data Analysis (CAIDA) in the San Diego Supercomputer Center (SDSC). Under advisors Alex Snoeren and K.C. Claffy as well as SDSC’s Alberto Dainotti, she wrote her dissertation on “Opportunistic Internet Measurement with Darknet Traffic.” Benson is now at Akamai Technologies as a performance engineer.

Jinseok Yang (M.S., Ph.D. ’11, ’15) worked under Tajana Rosing starting in 2011. He completed his doctorate in Communication Theory and Systems. Primarily focused on embedded systems, Yang joined LG Advanced Research, after having done a summer internship at in 2012. While in ECE, Yang’s research focused on energy efficiency and data quality in distributed wireless sensor networks, including performance optimization. Eventually those interests evolved beyond sensor networking to include other aspects of networking systems, including applications to the smart grid, sensor swarms (on the multi-university TerraSwarm project launched in 2013) and recommendation systems. Before UC San Diego, Yang received a first master’s degree in 2008 from Ajou University, where he also did his undergraduate work in his native Korea.

Matthew Der (M.S., Ph.D. ’13, ’15) was advised by Lawrence Saul, Stefan Savage and Geoffrey Voelker. His research focused on machine learning and applications to security, in particular, web page clustering and classification. His dissertation focused on “Investigating Large-Scale Internet Abuse Through Web Page Classification.” In the summers of 2011 and 2012, Der interned at Google in San Francisco.  Notable publications included “Knock It Off: Profiling the Online Storefronts of Counterfeit Merchandise,” jointly with CNS member faculty Saul, Savage and Voelker. After graduation, Der returned home to Richmond, VA, to become CTO for Notch, a software consulting firm.

 

 

After completing graduate school in Computer Science and Engineering (CSE) at UC San Diego, Sarah Meiklejohn (Ph.D. ’14) moved half-way round the world to become a professor of computer science and cybersecurity at University College London in the UK. She continued to do groundbreaking work on cryptocurrency and blockchain technology, and in February 2016 she returned briefly to San Diego to present a paper at the 2016 Network and Distributed System Security (NDSS) Symposium. The topic: “Centrally Banked Cryptocurrencies.”

In it, Meiklejohn and fellow University College London professor George Danezis envisioned a cryptocurrency called RSCoin that could be issued by a central bank and which could get around some of the pitfalls inherent in Bitcoin, the most widely used cryptocurrency today. Those obstacles: scalability, transparency, and governments’ inability to control the supply of Bitcoin.

Sarah Meiklejohn is already one of the best-known experts in the world on the subject of Bitcoin and other cryptocurrencies. The CSE alumna co-authored a series of high-profile papers starting with “A Fistful of Bitcoins,” which she presented at the 2013 Internet Measurement Conference in Barcelona. In it, Meiklejohn and her co-authors presented a “longitudinal characterization of the Bitcoin network, focusing on the growing gap — due to certain idioms of use — between the potential anonymity available in the Bitcoin protocol design and the actual anonymity that is currently achieved by users.” Put simply, the Bitcoin to which many criminals flocked to take advantage of its vaunted anonymity, was found to be not so anonymous after all.

(A further journal iteration of “A Fistful of Bitcoins” was published in the Communications of the ACM in April 2016, again with co-authors including one of her Ph.D. advisors, Stefan Savage, director of the Center for Networked Systems at UC San Diego.)

Meiklejohn also included Bitcoin in her Ph.D. dissertation on “Flexible Models for Secure Systems,” for which she received UC San Diego’s 2015 Chancellor’s Dissertation Medal. She was nominated for the medal by her other Ph.D. advisor, CSE professor Mihir Bellare, who noted that Meiklejohn’s thesis helped shape government policy, including through a novel technique to track Bitcoins that is “now used as a key forensic tool by law enforcement.”

In 2015, Meiklejohn and fellow UCL professor Danezis noticed something in the Bank of England’s One Bank Research Agenda. “The Bank speculated on how central banks might issue cryptocurrency,” recalls Meiklejohn. “That is what got us started.” The result was an academic article by Meiklejohn and Danezis on “Centrally Banked Cryptocurrencies,” which she presented at NDSS 2016. The paper introduced a cryptocurrency framework called RSCoin. Like Bitcoin, it would be a decentralized blockchain-based transaction ledger where all computers in a network must approve a transaction before it is recorded in a new ‘block’. That is how new Bitcoins and other blockchain-based currencies generate digital money supply.

But unlike Bitcoin, the RSCoin framework “decouples the generation of monetary supply from the maintenance of the transaction ledger.” In short, whereas the supply of Bitcoin is determined (up to a maximum) by the number of new blocks created using decentralized computers, the supply of RSCoin would be decided by the central bank (as occurs with the money supply of regular currency).

In addition to giving that power to a central bank, RSCoin would get around another challenge to the Bitcoin market: scalability. The computational costs of generating new Bitcoin means that the Bitcoin system can handle only seven transactions per second, whereas PayPal processes 100 transactions per second, and credit-card company Visa as many as 7,000 transactions per second.

As proposed by Meiklejohn and Danezis, RSCoin would remain based on blockchain technology, but a central bank could appoint a limited number of banks to process RSCoin transactions for the ledger through a “distributed set of authorities, or mintettes, to prevent double-spending.” The central bank would hold a signing key with which it could effectively maintain control over supply of the digital currency.

“While monetary policy is centralized, RSCoin still provides strong transparency and auditability guarantees,” explained Meiklejohn at NDSS 2016. “We have demonstrated, both theoretically and experimentally, the benefits of a modest degree of centralization, such as the elimination of wasteful hashing and a scalable system for avoiding double-spending attacks.”

The researchers also argue that RSCoin would not sacrifice transparency, and it would use cryptography to combat counterfeiting.

The researchers at UCL tested their envisioned cryptocurrency on Amazon Web Services’ cloud computing platform, and they have published code for RSCoin in the Github repository.  Whether RSCoin or a cryptocurrency like it ever sees the light of day is purely speculative. So far, it has been a research-only effort, but it wouldn’t be surprising if a central bank looks seriously at their research. After all, a number of countries are already exploring the use of blockchain technology for their own purposes. The People’s Bank of China, for example, recently announced that it is working with Citibank and Deloitte on a cybercurrency based on blockchain technology, and Australia’s largest stock exchange is looking at distributed ledger technology to replace current clearing and settlement services subsequent to buy-or-sell stock transactions.

Meanwhile, the UC San Diego alumna continues to play a critical role in studying and discussing innovations in cryptocurrency. In June 2016 Meiklejohn co-organized the Summer School on Blockchain Technologies for the International Association for Cryptologic Research (IACR), and last February in Barbados, she co-chaired the third Workshop on Bitcoin and Blockchain Research.

Related Links

Sarah Meiklejohn Website http://www0.cs.ucl.ac.uk/staff/S.Meiklejohn/

Centrally Banked Cryptocurrencies Paper  http://www0.cs.ucl.ac.uk/staff/S.Meiklejohn/files/ndss16.pdf

 

SIGCOMM 2016 – the week-long annual meeting of the ACM Special Interest Group on Data Communication – wrapped up Aug. 26 in Florianopolis, Brazil – the first time the conference has taken place in Latin America. The event moves to Los Angeles for SIGCOMM 2017, and UC San Diego computer scientist Alex Snoeren will co-chair the 2017 conference. CSE Prof. Snoeren (right) is a faculty member of the Center for Networked Systems (CNS), and one of half a dozen CNS members who have played leadership roles in one of the largest professional research communities in systems and networking.

2017 will not be the first time that CNS’s Snoeren has helped organize the SIGCOMM conference. In 2008, he co-chaired the committee responsible for workshops and tutorials. Other current or former faculty from UC San Diego have co-chaired SIGCOMM’s program committee. Former CNS director Amin Vahdat co-chaired the program committee in Brazil this year with Stanford’s Sachin Katti. (Vahdat remains an adjunct professor in CSE, but his primary employer now is Google.)

The roster of CNS faculty members co-chairing the SIGCOMM program committee in recent years includes (pictured below, left to right) Amin Vahdat (2016), Stefan Savage (2008), Geoffrey Voelker (2010), and George Varghese (2012). SIGCOMM 2012 took place shortly before Varghese left UC San Diego to become a Principal Researcher at Microsoft Research. (Varghese also won the ACM SIGCOMM Award in 2014 for his “sustained and diverse contributions to network algorithmics, with far-reaching impact in both research and industry.”)

In addition to faculty who co-chaired SIGCOMM’s program committee through the years, other faculty have contributed to the process as a member of the committee (e.g., CNS co-director George Porter and ECE’s George Papen sat on the committee in 2015, and CSE’s Hovav Shacham did likewise with CNS research scientist Kirill Levchenko in 2012.

Indeed, every year since 2000, there has been a minimum of one CNS faculty member helping to chart the direction and agenda of SIGCOMM and its annual meeting. And in each of the past two years, four computer scientists and engineers have represented CNS and UC San Diego on the 2015 (Savage, Voelker, Porter and Papen) and 2016 (Vahdat, Papen, Snoeren and Voelker) program committees.

It’s not just CNS faculty who have taken on the responsibility of helping to steer SIGCOMM. In late August, CSE alumna Renata Teixeira (Ph.D. ’05) attended SIGCOMM in Brazil in her capacity as Vice Chair of the society – a position she will hold through June 2017.  The Brazilian-born Teixeira did her doctorate under CSE Prof. Geoffrey Voelker, one of CNS’s founding faculty members in 2004. Still a citizen of her native Brazil, Teixeira is also a French citizen, after working for France’s National Institute for Computer Science and Applied Mathematics (INRIA Paris) since she left UC San Diego in 2006 (after receiving CSE’s Best Dissertation Award for her doctoral thesis on network sensitivity to intradomain routing changes).

Tajana Rosing is among the latest faculty in the Computer Science and Engineering (CSE) department rewarded with endowed chairs at the University of California San Diego. The campus named professor Rosing to the John J. and Susan M. Fratamico Endowed Chair in the Jacobs School of Engineering.

Established in 2012 with a $750,000 gift from the Fratamicos, the endowed chair supports multidisciplinary research that includes engineering and the life sciences. Rosing is the inaugural holder of the chair.

“This honor allows me the freedom to focus on new and challenging research questions over the summer with my best and brightest students,” said Rosing, who joined the CSE faculty in 2005. “That kind of freedom wouldn’t be possible without the funding from the Fratamico chair.”

The computer-engineering professor is affiliated with the Qualcomm Institute and Contextual Robotics Institute as well as the Center for Networked Systems. Rosing is also a member of the Centers for Wearable Sensors, Energy Research, Sustainable Power and Energy, as well as Wireless and Population Health Systems and the San Diego Supercomputer Center.

The department and the campus are planning to honor Rosing at an event scheduled for January. “We are extremely thankful to longtime San Diegans John and Susan Fratamico for making it possible to bestow on Rosing a long-overdue honor in recognition of her ambitious research agenda and its real-world applications,” said CSE department chair Dean Tullsen. “Endowed chairs are often awarded to retain exceptional scholars, and in Professor Rosing’s case, her creativity and approach to research have had a deep impact on innovation in computer engineering.”

On the research side, Rosing’s System Energy Efficiency Lab (SEELab) focuses on energy efficiency in all kinds of systems, from sensor nodes to data centers, transport networks and power grids. In addition to energy-efficient computing, her primary research interests include context-aware computing, human-cyber-physical system design, embedded systems hardware and software design, resource management at the system level, and the design of approximate and highly efficient architectures. Going forward, Rosing will continue investigating efficient, distributed data collection, aggregation and processing of this data in the context of smart cities, wireless healthcare, the distributed Smart Grid for electricity, and Internet of Things applications.

Rosing is a leading researcher in the area of using information present in wireless systems to achieve more efficient system operation. This information can come from sensors’ observations of human behavior and needs, and also from various other environmental sensing systems, both stationary and mobile.  Rosing’s recent work has focused on efficiently extracting knowledge about context from such sensing sources, and leveraging that knowledge to implement distributed control algorithms for large-scale Internet of Things applications underlying Smart Cities infrastructure.  A recent example includes using drones to detect areas of higher air pollution collaboratively and dynamically, and to provide this feedback in real time in emergencies (e.g., forest fires), and in normal daily life (such as air pollution due to recent fertilization of nearby fields, or due to higher than normal and localized smog conditions).

The computer engineer has also leveraged context to optimize the operation and design of embedded systems by maximizing energy efficiency in exchange for controllable and tolerable inaccuracies in computation.  According to Rosing, this research resulted in systems that are up to 1,000 times more energy efficient with less than a 10 percent error in computation.  “These systems are especially applicable to many Internet of Things applications where the data sources themselves are not completely accurate,” said Rosing, noting that sensors can often have around 10 percent inaccuracy. “The large scale of data that is analyzed requires the application of statistical machine learning to provide information needed for feedback to people (e.g., local air-quality problems) or for control of other devices (e.g., where drones need to fly).

Since 2013, Rosing has played a leadership role in the TerraSwarm Research Center, a consortium addressing the huge potential (and associated risks) of pervasive integration of smart, networked sensors and actuators in the connected world. The center is administered by the Semiconductor Research Corp. (SRC), with funding from DARPA and SRC industry partners including Intel, IBM, Texas Instruments and other companies.  Rosing’s work on TerraSwarm focuses on context-aware computing with applications to proactive worlds and smart cities. Similarly, her work on air-quality monitoring in the CitiSense project with its principal investigator, CSE Prof. Bill Griswold, is part of the initial infrastructure for the Smart City testbed.

Asked about the real-world impact of her research in a recent issue of the UC San Diego alumni magazine Triton, Rosing cited longer battery life for smartphones. “My work involves optimizing the battery life, communication and storage of portable electronic devices, including cell phones, laptops and sensors,” Rosing told the magazine. “I also work on large systems, for example, optimizing smart servers to maximize quality of service while minimizing power consumption.”

“This research translates into significant energy savings,” she added.

In addition to teaching at the graduate (including Introduction to Embedded Systems) and undergraduate level (Introduction to Digital System Design), Rosing has taught an embedded systems course that is part of the Master of Advanced Studies program in Wireless and Embedded Systems (WES 237A) at UC San Diego, and more recently has taught the Introduction to the Internet of Things course (CSE 291).

Before UC San Diego, Rosing was a full-time researcher at HP Labs focusing on low-power wireless media and embedded systems. While at HP Labs in Palo Alto, she finished her M.S. and Ph.D. degrees at Stanford in 2000 and 2001, respectively. Rosing’s doctoral dissertation topic was “Dynamic Management of Power Consumption.” Prior to HP Labs and Stanford, she worked as a senior design engineer at Altera Corporation.

John Fratamico is the senior vice president and general manager of the Advanced Concepts Business Unit of Science Applications International Corporation (SAIC) and serves on the Council of Advisors at the Jacobs School. Susan Fratamico is the director of Strategic Planning at San Diego Gas & Electric (SDG&E).

In the interview with Triton magazine, Rosing was asked, “Throughout history, whose chair would you most want to sit in?” Her reply: “Marie Curie—she was amazing!”

Related Links

Tajana Rosing Website
Triton Q&A with Tajana Rosing
TerraSwarm Research Center

Intel expects to start selling 3D Xpoint storage class memory (SCM) before the end of 2016 in the form of its Optane solid-state device (SSD). But experts believe the real payoff from SCM will come when systems connect the SCM directly to the processor, yielding hybrid memory systems that include volatile and non-volatile memories. Computer engineers in CSE and the Center for Networked Systems (CNS) at UC San Diego anticipate that these new memory systems will provide software with sub-microsecond, high-bandwidth access to persistent data.

But there’s a catch: According to CSE Prof. Steven Swanson and Ph.D. student Jian Xu, existing file systems built for spinning or SSDs create software overheads that can obscure the gains expected from SCM systems.

Enter NOVA, a log-structured file system proposed by Xu and Swanson in a paper* delivered earlier this year at the USENIX Conference on File and Storage Technologies (FAST) in Santa Clara, and a variation presented at UC San Diego’s 2016 Non-Volatile Memory Workshop (organized by Swanson). The proposed NOVA system is designed to maximize performance on hybrid volatile/non-volatile memory systems, while providing strong consistency guarantees. In the paper’s abstract, Xu and Swanson explained, “NOVA adapts conventional log-structured file system techniques to exploit the fast random access that SCMs provide. In particular, it maintains separate logs for each inode to improve concurrency and stores the file data outside the log to minimize log size and reduce garbage collection costs.

The system’s logs therefore provide metadata, data, and mmap atomicity and focus on simplicity and reliability, keeping complex metadata structures in DRAM to accelerate lookup operations. “NOVA’s multi-log design achieves high concurrency, efficient garbage collection and fast recovery,” said Xu in his presentation to the FAST audience. “NOVA also outperforms existing file systems while providing stronger consistency and atomicity guarantees.” Indeed, experimental results showed that in write-intensive workloads, NOVA provides 22% to 216x throughout improvement compared to state-of-the-art file systems, and 3.1x to 13.5x improvement compared to file systems that provide equally strong data consistency guarantees.

“Upcoming [SCM] technologies… promise faster writes, higher endurance and greater longevity than the NAND flash used in today’s SSDs,” wrote storage expert Robin Harris in reviewing the NOVA paper for his blog, StorageMojo. “Systems won’t be able to take advantage of [SCM] technology until their DRAM and disk I/O stacks are re-engineered for the specific advantages and quirks of [SCM].”

 

 

 

 

Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practice of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.

Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.

The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123, Alex C. Snoeren, based upon criteria set by him for the given final project assigned each year.

 

Previous Recipients of the CNS Espresso Prize for Excellence in Networking:

2016 Undergraduate recipient: Conner Johnston
2014 Undergraduate recipient: Aaron Yip Ming Wong
2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
2013 Undergraduate recipient: Jacob Maskiewicz
2013 Graduate recipient: Vidya Kirupanidhi

Just days after he accepted the prestigious ACM-Infosys Foundation Award, University of California San Diego professor Stefan Savage received another honor: the UC San Diego Jacobs School of Engineering announced that Savage has been awarded an endowed faculty chair named for two of the school’s major donors: the Irwin Mark and Joan Klein Jacobs Chair in Information and Computer Science.

The appointment of Savage to the Jacobs Chair was the second faculty chair announcement in as many weeks. Previously, CSE computer graphics and vision professor Ravi Ramamoorthi was tapped to be the inaugural holder of the Ronald L. Graham Chair of Computer Science (for details, click here for news release). The Graham Chair was named for professor Ron Graham, who recently retired but maintains an emeritus faculty position in the department. In doing so, Graham – the previous holder of the Jacobs Chair – relinquished it, thus paving the way for Stefan Savage to assume the endowed chair.

“From the moment he arrived at UC San Diego in 2001, Stefan Savage has been a star on the CSE faculty, with broad interests in systems and networking as well as security,” said CSE Chair Rajesh Gupta.

Added Jacobs School Dean Al Pisano: “The Jacobs Chair is the oldest in the Jacobs School, and it was important that its holder be a professor who is not only a great researcher and teacher, but also that he or she have played a critical role beyond the campus, as Professor Savage has done in cybersecurity.”

On June 11, the Association for Computing Machinery (ACM) presented Savage with the ACM-Infosys Foundation Award at its annual awards banquet in San Francisco. The honor recognized the finest recent innovations by young scientists and system developers in the computing field. The Infosys Foundation provides financial support for the $175,000 annual award.

“Keeping networks secure is an ongoing battle,” said ACM President Alexander L. Wolf. “Stefan Savage has shifted thinking and prompted us to ask ourselves how we might impede the fundamental support structure of an attacker. His frameworks will continue to significantly influence network security initiatives in the coming years.”

“Dr. Savage is a true innovator, pursuing his curiosity and passion toward new frontiers in cybersecurity and exemplifying the kind of work that the ACM-Infosys Foundation Award is proud to support,” added Infosys CEO and Managing Director, Dr. Vishal Sikka. “Dr. Savage has dedicated his career to analyzing, protecting and strengthening the systems and networks that make our digital age possible. From network congestion control, worms and malware to wireless security, his work has helped advance a wide range of areas.”

One day before he accepted the ACM-Infosys Foundation Award, Savage was in Seattle at his alma mater, the University of Washington (UW). The university’s Computer Science and Engineering department presented him on June 10 with its Alumni Achievement Award.

Savage joined UC San Diego in 2000 as an acting assistant professor until he defended his dissertation at UW in January 2002.

Surprisingly, Savage did not start out in computer science, much less cybersecurity. He earned his undergraduate degree in Applied History at Carnegie Mellon University. For graduate school he switched to Computer Science for his Ph.D. at UW under advisors Brian Bershad and Tom Anderson.

It was already clear at that point that Savage would be able to write his own ticket in academia. He received job offers from Carnegie Mellon, Cornell, MIT, Stanford, UC Berkeley and UC San Diego, plus several others. He says that he picked UC San Diego because it was the best “cultural fit”.

“My research career has been idiosyncratic to say the least and I have been incredibly lucky to not only have colleagues who are intellectually broad and curious, but also an administration that understands the value of supporting those qualities,” noted Savage.

Much of Savage’s early research focused on operating systems. In 2010 ACM named him a Fellow of the association, citing his “contributions to large-scale systems and network security.” Then in 2013, ACM honored him again with the ACM SIGOPS Mark Weiser Award – referring specifically to his creativity and innovation in operating systems research.

He then turned his attention to battling cyber drug crime and shutting down counterfeit software sales by tracking the flow of money to the source. In one high-profile study, Savage and colleagues determined that, for each $100 purchase of Viagra in response to a spam email, spammers needed to send approximately 12 million emails – but that spammers could still make a profit due to very low costs.

“Some of our most influential work involved purchasing counterfeit drugs from criminals to track the flow of money across the world,” said Savage. “This not the kind of research methodology that makes campus administrators comfortable, but while it would have been easy to tell us we couldn’t do it, the core philosophy at UC San Diego has always been to ‘find a way’ to make the research mission succeed.”

Savage also co-founded several research centers to pursue work on security. The Center for Automotive Embedded Systems focused on the growing concentration of electronics in the automotive sector. He also led the Collaborative Center for Internet Epidemiology and Defense (CCIED) to find new ways to defend against Internet attacks. (The center, funded by a National Science Foundation CyberTrust grant, was a partnership with the International Computer Science Institute (ICSI) at Berkeley.) After the completion of the CCIED project, Savage and his counterpart at ICSI set up an interdisciplinary research partnership in 2012 with former CSE postdoctoral researcher Damon McCoy, now a professor at New York University. Their Center for Evidence-Based Security Research (CESR) is funded by NSF through its Secure and Trustworthy Cyberspace program, through 2017, with additional funds coming from industry partners.

In addition to co-leading the highly successful Center for Networked Systems (CNS), Savage also leads the security and cryptography group at UCSD and is an active collaborator with Peter Cowhey in the School of Global Policy and Strategy (GPS) on security policy. With Cowhey, he also co-teaches a popular course on security policy.

Among his other distinctions, Savage was awarded a faculty research fellowship from the Alfred P. Sloan Foundation (2004). To date, he has published more than 130 peer-reviewed journal articles and conference papers on topics as diverse as the economics of e-crime, characterizing availability, automotive systems and security, routing protocols, and data center virtualization.

Click here to read the full news release on the CSE website.  
2015 ACM-Infosys Foundation Award in the Computing Sciences
2016 UW CSE Alumni Achievement Award
Center for Evidence-Based Security Research
Stefan Savage Homepage

As more postdoctoral researchers and Ph.D. candidates make the rounds of universities in the market for new faculty in computer science, computer engineering or bioinformatics, another CSE soon-to-be-graduate is headed to teach and do research in computer science at Johns Hopkins University.

Peng (Ryan) Huang recently cut short his tour of potential employers when, just two days after interviewing at Johns Hopkins, its CS department offered him a tenure-track faculty position. He ended up canceling interviews on several other campuses. Huang is set to graduate this year, but he has decided to do a postdoctoral fellowship prior to taking up residence at Johns Hopkins in Fall 2017. (He is still deciding where to do his postdoc.)

It appears that Johns Hopkins found in Huang someone who could help build a new area of strength for its Computer Science department. His research area is computer systems. “I’m particularly interested in understanding growing problems in real-world systems and reflecting that understanding in new techniques to improve system reliability,” said Huang, whose advisor is CSE Prof. Yuanyuan (YY) Zhou.

In his dissertation, Huang analyzes the distinctive characteristics of failures in industrial-strength cloud systems. Motivated by those findings, he then tackled a common source of failures in the cloud: configuration errors. To tackle those errors, Huang designed a specification language and a framework by which to validate configuration for cloud-scale systems efficiently. “Thanks to Prof. Zhou and UCSD,” he said, “I had opportunities to conduct many of my research projects in a practical setting by collaborating with leading companies, including Microsoft, Teradata, and Facebook.”

 

 

The Center for Networked Systems (CNS) is proud to announce Electrical Engineering undergraduate Valeria Gonzalez as the recipient of the Alan Turing Memorial Scholarship! The 2015-2016 academic year is the inaugural year for the Turing ($10,000) scholarship and is awarded to a UC San Diego undergraduate student majoring in computer science, or any program touching on networked systems, who is active in supporting the LGBT community. All scholarship recipients will have the opportunity to be involved in CNS research projects of mutual interest and will be invited to the CNS Research Reviews.

While the campus scholarship office handled applications, CNS co-director and CSE Prof. George Porter says the center was impressed with Gonzalez. “We met with her and she’s a wonderful person and very interested in research, which is great,” said Porter. “I am confident that she’ll attend graduate school and continue her pursuit of research.”

 

More information about the scholarship
Please donate here

 

Spring 2016 CNS Research Review! A special thank you to Alex Gantman and Peter Lee for their keynote presentations.

 

Thank you to Professors Steven Swanson, Hovav Shacham, George Porter and Graduate Students Tianyin Xu, Karyn Benson, Arjun Roy, Steven Hill, Ryan Huang, Tiange Wu, Zhaomo Yang and Max Mellette for your presentations on your current work. The review was a great success thanks to you!

The Computer Science and Engineering department was well represented at ASPLOS 2016, the 21st ACM International Conference on Architectural Support for Programming Languages and Operating Systems. It took place April 2-6 at Georgia Tech in Atlanta. CSE Prof. Yuanyuan (YY) Zhou is chairing the conference this year. She also chaired the Program Committee, which included fellow CSE Prof. Michael Taylor. Zhou calls ASPLOS “the premier forum for multidisciplinary systems research spanning computer architecture and hardware, programming languages and compilers, operating systems and networking, as well as applications and user interfaces.” Zhou notes that sessions dealt with performance, energy and thermal efficiency, as well as resiliency, security and sustainability, as computer scientists grapple with the explosion of big data, increasing human-centered applications, and widely varying scales from ultra-low-power wearable devices to exascale parallel and cloud computing. The program included two keynotes, a debate, and 53 papers.

CSE Prof. Stefan Savage is the recipient of the 2015 ACM-Infosys Foundation Award in the Computing Sciences. ACM, the Association for Computing Machinery, and the Infosys Foundation cited Savage for innovative research in network security, privacy and reliability that has taught cybersecurity experts to view attacks and attackers as elements of an integrated technological, societal and economic system.

Savage is also the Co-Director of the Center for Networked Systems (CNS) at UC San Diego, and his impact on the field of network security stems from the systematic approach he takes to assessing problems and combating adversaries ranging from malicious software and computer worms to distributed attacks.

The ACM-Infosys Foundation Award recognizes the finest recent innovations by young scientists and system developers in the computing field. An endowment from the Infosys Foundation provides financial support for the $175,000 annual award. ACM will present the ACM-Infosys Foundation Award at its annual awards banquet on June 11 in San Francisco.

“Keeping networks secure is an ongoing battle,” explained ACM President Alexander L. Wolf. “Coming up with a technical advancement to block an adversary is important. But, very often, the adversaries soon find new ways in. Stefan Savage has shifted thinking and prompted us to ask ourselves how we might impede the fundamental support structure of an attacker. His frameworks will continue to significantly influence network security initiatives in coming years.”

Stefan Savage is a member of the CSE department’s Systems and Networking Group in the Jacobs School of Engineering. A Sloan Fellow and ACM Fellow, he is also a past recipient of the ACM SIGOPS Mark Weiser Award, which is given annually to an individual who has demonstrated creativity and innovation in operating systems research. Savage has published more than 100 peer-reviewed journal and conference papers in the wide-ranging areas of the economics of e-crime, characterizing availability, routing protocols, and data center virtualization.

“Stefan’s work is creative and a fantastic exemplar of how computer science is solving societal problems that go beyond engineering and science into economics, government and public policy,” said CSE Chair Rajesh Gupta. “His pioneering work in cybersecurity is already having repercussions in sectors as disparate as automotive security, electronic voting, and black-market pharmaceuticals.”

“Dr. Savage has dedicated his career to analyzing, protecting, and strengthening the systems and networks that make our digital age possible. From network congestion control, worms and malware to wireless security, his work has helped advance a wide range of areas,” said Dr. Vishal Sikka, Chief Executive Officer & Managing Director of Infosys. “Dr. Savage is a true innovator, pursuing his curiosity and passion toward new frontiers in cybersecurity, and exemplifying the kind of work that the ACM-Infosys Foundation Award is proud to support.”

Savage’s unique methodology is perhaps best exemplified in his recent work to combat unsolicited electronic messages (spam). Along with his collaborators, including professors Geoffrey M. Voelker at UC San Diego and Vern Paxson at UC Berkeley, Savage designed investigations to understand how spammers make money, as well as what might be done to disrupt this fundamental incentive. In one project, he and his colleagues infiltrated a “botnet” by which spammers sent billions of emails via infected computers, and uncovered fascinating insights into the economics of spam schemes. For example, the research demonstrated that for each $100 purchase of Viagra, the spammers needed to send approximately 12,000,000 spam emails. And although this would seem to infer a poor return on investment, Savage’s team determined that the spammers’ low cost structure allowed them to extract a profit of $1.5 – $2 million per year.

Having shown that spam remained profitable in spite of existing defenses, Savage’s team then mounted a large-scale study to identify other bottlenecks in the spam business model that might be targeted more effectively. By tracking millions of spam emails and identifying the individual services required to monetize them – domain registrars, name servers, Web hosting services, payment processors and so on – they were able to construct a complete model of dependencies in the spam supply chain. Their work showed that of all these resources, the merchant bank accounts used to receive credit card payments were the most valuable and vulnerable to disruption. Based on these results, anti-counterfeiting organizations, brand holders and government agencies worked with Visa, MasterCard and their member banks to shutter these merchant accounts and put direct financial pressure on spammers.

In another study, Savage worked with his former student at UC San Diego, Tadayoshi Kohno, now a Professor of Computer Science and Engineering at University of Washington, and a group of students to examine the emerging trends of computerized control and connectivity in automobiles. By seeking to analyze the security of a test automobile from many points of entry, the group found that someone without any physical access to the vehicle could exercise arbitrary control from a remote distance, including disabling the brakes, controlling the engine, tracking the vehicle, and listening to conversations among passengers. Savage and the group worked closely with manufacturers to eliminate or mitigate these vulnerabilities in millions of automobiles and also helped drive international standards bodies and the National Highway Traffic Safety Administration to adopt cybersecurity as a key area of responsibility.

Savage received a B.S. degree in Applied History from Carnegie Mellon University and earned a Ph.D. in Computer Science from the University of Washington.

Related Links

ACM-Infosys Foundation Award
ACM
Infosys
UCSD CSE Newsletter

 

 

CSE Prof. Yuanyuan (YY) Zhou participated on March 18 in the 2nd Annual OLP Women’s Symposium at the Academy of Our Lady of Peace in San Diego. The symposium featured prominent women leaders on multigenerational panels as they shared insights with future leaders and innovators of the world. Prof. Zhou participated on the panel of women in science, technology, engineering and math (STEM) fields, which included experts from industry and academia. The discussions on other panels covered a wide array of topics aimed at helping the next generation of women leaders manage the many aspects of being a woman in the workforce. Local companies led by I.E. Pacific, Inc., sponsored this year’s symposium. The Academy of Our Lady of Peace is an all-girls high school that has been “empowering and educating women since 1882”.

CNS Co-Director Stefan Savage is on the steering committee of USENIX Enigma, a new, three-day security conference geared towards those working in both industry and research. The inaugural conference took place this week at the Hyatt Regency San Francisco, and Savage made headlines with his Jan. 26 talk on “Modern Automotive Vulnerabilities: Causes, Disclosures and Outcomes.”

In his presentation on Tuesday, Savage caught the attention of attendees when he noted that his team of researchers were able to control a vehicle by playing a song with malicious code encoded in one of the tracks. “Basically, give me 18 seconds of playtime and we can insert the attack code,” Savage told a reporter from the UK publication The Register.

Savage said that specific flaw has since been addressed, but automobiles remain vulnerable because automakers use a government-mandated OBD-II port, which opens up the car’s network. “For cars, the original equipment manufacturer is not the developer, they are the integrator, so there are software supply chain issues,” he said. “Source code is frequently not available, so code inspection does not work, since no party in the world has access to all of a car’s source code.

The Register quoted Savage as saying that the industry must “adopt automatic wireless software updates to fix problems as they are discovered.” Predicted Savage: “Every manufacturer now either has remote update or will shortly announce it. The cost of not having it is just too great.”

The only other speaker in the session on security in autos was CSE alumnus Tadayoshi Kohno (Ph.D. ’06). Savage sat on Kohno’s Ph.D. dissertation committee with two other CSE faculty, Mihir Bellare and Daniele Micciancio. Today, Kohno is a professor of computer science and engineering at the University of Washington. Kohno’s talk focused on “Computer Security and the Internet of Things.”

A former postdoctoral researcher in CSE’s Security group from 2009 to 2011, Damon McCoy also spoke at USENIX Enigma. His topic: “Bullet-Proof Credit Card Processing.” McCoy is now a professor of computer science and engineering at New York University, where his primary research focus is on online payment systems, the economics of cybercrime. automotive systems, privacy-enhancing technologies and “censorship resistance.”

Read the news article in The Register.

Congratulations to YY Zhou for receiving the 2015 SIGOPS Marc Weiser Award!

The annual award given at the ACM Symposium on Operating Systems Principles recognizes individuals who have displayed outstanding creativity and innovation in their approaches to computer systems research throughout their careers.  YY was recognized “for innovative and creative contributions to detecting and recovering from defects in complex computer systems.”

Full Story:  JSOE News Release

 

CNS is pleased to announce the winner of the CNS 2015 Grace Hopper Travel grant: PhD student, Vicky Papavasileiou was chosen to represent CNS at this premier event for women in computing.

 

 

 

 

A recent alumnus of CSE’s BS/MS program, Ian Foster (MS ’15), gave a high-profile talk this week at the Aug. 10-11 USENIX Workshop on Offensive Technologies (WOOT 2015) in Washington, D.C., on the eve of the much larger USENIX Security conference. Foster (who is now at Salesforce), CSE Prof. Stefan Savage, Qualcomm Institute programmer-analyst Andrew Prudhomme (who worked on the project in Savage’s CSE 227 class), and CSE postdoctoral researcher Karl Koscher made international headlines with their paper, “Fast and Vulnerable: A Story of Telematic Failures.”

For the full story: http://cse.ucsd.edu/node/2851

Fox News

CBS News 

the Washington Post

YAHOO! Tech

Wired

Engadget

CNET

BoingBoing

Gizmodo

CNN Money

A team from CSE is getting ready to attend the flagship annual conference of the ACM Special Interest Group on Data Communication on applications, technologies, architectures and protocols of computer communication. The week-long SIGCOMM 2015 takes place in London, UK, starting Aug. 17, and three CSE faculty members will attend – George Porter, Alex Snoeren and Geoffrey Voelker – as will PhD student Arjun Roy (PhD ’16) (at left). The reason? When Roy interned at Facebook, he worked on a project to measure their datacenter network. The results of the joint UC San Diego-Facebook investigation are to be published in a paper at SIGCOMM: “Inside the Social Network’s (Datacenter) Network.” Snoeren and Porter co-authored the article with grad student Roy and two colleagues from Facebook, Hongyi Zeng and Jasmeet Bagga.

See full story: http://cse.ucsd.edu/node/2845

In the Workshop on Offensive Technologies (WOOT) where the paper on automotive hacking was presented (see stories above), another former member of CSE’s Security and Cryptography group had new research to present. E alumnus Stephen Checkoway (PhD ‘12) presented a paper with the eye-catching title, “Run-DMA”.

See the full story: http://cse.ucsd.edu/node/2853

CSE postdoctoral researcher Karl Koscher was the first author on another paper presented at the Workshop on Offensive Technologies, jointly with Microsoft’s David Molnar and CSE alumnus Tadayoshi Kohno (PhD ’06), who was Koscher’s advisor at the University of Washington. They presented a system called SURROGATES to emulate and instrument embedded systems in near-real time, enabling a variety of dynamic analysis techniques.

For the full story: http://cse.ucsd.edu/node/2852

Research dating back to 2010 in the lab of CSE Prof. Stefan Savage is still making headlines. In an article published by dozens of newspapers this week, the Associated Press reported that hackers are still able to hack automotive systems from a distance — forcing Fiat Chrysler to become the first automaker to recall cars to patch a cybersecurity problem. It recalled 1.4 million Jeeps after a Jeep in St. Louis was hacked by “white hat” hackers using a laptop in Pittsburgh.

In the AP article, CSE alumnus Yoshi Kono, who worked with Savage and continues to work on cybersecurity as a professor at the University of Washington, notes that the “adversary only needs to find one way to compromise the system, where a defender needs to protect against all ways” of hacking a car.

See full story: http://cse.ucsd.edu/node/2848

This week Google partially lifted the curtain of secrecy surrounding the homegrown network architecture it built over the past decade to handle the massive amount of Internet traffic through the search giant’s servers. To divulge the details, Google selected an adjunct CSE professor to go public. Amin Vahdat, who started advising Google while he was still teaching at UC San Diego and leading the university’s Center for Networked Systems (CNS), is now a full-time Google Fellow and Technical Lead for Networking at the company, and he remains an adjunct member of the CSE faculty.

Vahdat gave a presentation at the 2015 Open Network Summit on June 17, “revealing for the first time the details of five generations of our in-house network technology,” according to Google. While Vahdat was careful about not divulging too many proprietary details, he presented a first look into Google’s data center network design and implementation, focusing on the data, control and management plane principles underpinning five generations of our network architecture.”

To encourage a more diverse community in computer science education and research, the Center for Networked Systems (in partnership with private donors), established the Alan Turing Memorial Scholarship on June 1, 2015. The scholarship will be awarded annually to an enrolled undergraduate computer-science or computer-engineering major in UC San Diego’s Computer Science and Engineering (CSE) department.

Please help support a better tomorrow by making your tax deductible gift at any amount here. Your gift can have a tremendous impact on a student’s future and on the computer science and engineering community.

Calit2’s Qualcomm Institute Press Release

UC San Diego News Center

LGBT Weekly

Related Links:
Scholarship Video (YouTube)

Postdoctoral Researcher Karl Koscher’s work on the security flaws associated with automobiles was recently featured on the TV news program, 60 Minutes. In this episode which talks in general about the security of the Internet of Things, Dr. Koscher demonstrated how he can remotely hack into an automobile and take over its operation.

To watch the episode: http://www.cbsnews.com/…/darpa-dan-kaufman-internet-securi…/

For more information about Dr Kosher’s work: http://www.autosec.org/

For more than a century, IEEE has conferred the distinction of Fellow upon those of its members with extraordinary accomplishments in any of the fields of endeavor that are of interest to IEEE. In November 2015, YY Zhou was named a IEEE Fellow for “contributions to scalable algorithms and tools for computer reliability.

Michael Conley, a PhD student in the CSE department, once again won a data sort world record in multiple categories while competing in the annual Sort Benchmark competition. Leading a team that included Professor George Porter and Dr. Amin Vahdat, Conley employed a sorting system called Tritonsort that was designed not only to achieve record breaking speed but also to maximize system resource utilization. Tritonsort tied for the “Daytona Graysort” category and won outright in both the “Daytona” and “Indy” categories of the new “Cloudsort” competition. To underscore the effectiveness of their system resource utilization scheme as compared to the far more resource intensive methods followed by their competitors, it’s interesting to note that the 2011 iteration of Tritonsort still holds the world record for the “Daytona” and “Indy” categories of the “Joulesort” competition.

To see all the details about the competition, read here.

And to read about Tritonsort, see this article (pdf).

CNS is pleased to announce the winners of the CNS 2014 Grace Hopper Travel grant: PhD students Malveeka Tewari and Soohyun Nam. Both students were chosen to represent CNS at this premier event for women in computing.

CNS welcomes its newest member, CSR Technology, Inc. CSR Technology solves the challenges and delivers the core innovations that enable their customers to win in the global consumer electronics market. Their technologists create innovative and integrated platforms, helping their customers turn great ideas into market-leading products. We are looking forward to many future productive collaborations with CSR!

The head of the CAIDA research group at the San Diego Supercomputer Center, kc claffy, was named one of the two recipients of this year’s IEEE Internet Award “for seminal contributions to the field of Internet measurement, including security and network data analysis, and for distinguished leadership in and service to the Internet community by providing open access data and tools.”

Begun in 1999, the IEEE Internet Award is given to an individual or small number of collaborators who have provided exceptional contributions to the advancement of Internet technology for network architecture, mobility, and/or end-use applications.

Sometimes the best way to judge the importance of work is to view it in hindsight. An idea that might have seemed important or groundbreaking at the time of its publication can prove to be a dead end while another modest proposal that was overlooked when it first came out eventually becomes the way that things are done in its field. With this in mind, many sub-fields in computer science have taken to presenting annual “test of time” awards to work that has proven to be most influential. Every year at the ACM Symposium on Principles of Programming Languages (POPL), the program committee announces the recipient of the POPL Most Influential Paper Award. The committee goes back a decade to the POPL program and determines which of the papers published ten years prior has proven to be of the greatest contemporary value to the field.

In January 2014, the POPL committee recognized the 2004 paper, “Abstractions from Proofs,” co-authored by CNS Professor Ranjit Jhala while he was finishing up his doctoral work at UC Berkeley with his colleagues Tom Henzinger, Rupak Majumdar, and Ken McMillan. The committee explained that in this paper Jhala and his team “demonstrated a fundamental generalization of Craig interpolation to program analysis by predicate abstraction, opening the door for interpolation to be applied to abstraction refinement for ‘infinite-state’ systems.” Prior to the publication of this paper, interpolation had only been used by those researching programming languages in the model checking of “finite-state” systems. The award committee further praised how Jhala’s paper “showed how interpolation offers a fundamental way to explain abstraction refinement in a logical framework, and has led to many extensions to increase the power of abstraction in program analysis.

Every fall, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practice of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve some problem posed by the instructor. The prize is awarded by Professor Alex C Snoeren in two categories, one for the best undergraduate project and the other to the best graduate.

This year’s recipients are:

Undergraduate category: Jacob Maskiewicz
Graduate category: Vidya Kirupanidhi

In December 2013, the Association for Computing Machinery (ACM) made its annual recognition of members from academic institutions, companies, and research labs all over the world who “have achieved advances in computing research and development that are accelerating the digital revolution and impacting every dimension of how we live, work, and play … worldwide.” Those recognized by ACM are thereafter designated to be Fellows of the Association.

CNS is proud to report that CSE Professor YY Zhou was one of 50 ACM members named Fellows in 2013 for her “contributions to software reliability and quality.”

Congratulations to Stefan Savage for receiving the 2013 SIGCOPS Marc Weiser award!

The annual award given at the ACM Symposium on Operating Systems Principles recognizes individuals who have displayed outstanding creativity and innovation in their approaches to computer systems research throughout their careers.

See the article from the University of Washington.

CNS researchers George Porter and Yeshaiahu Fainman recently published an article in Science detailing their new design for how data centers in the future can increase the amount of traffic they handle.

Link to article. (pdf)

In September 2013, VMWare became the newest Sponsor of CNS when it elected to support the project, “Virtualization and Next-generation Storage” headed by CSE faculty member Steven Swanson.

Every year, CNS provides an all expense travel grant to send students to the annual Grace Hopper Celebration of Women in Computing. Recipients are chosen based upon their participation in CNS and on the quality of a submitted essay outlining why they wish to go.

This year, CNS was able to award three travel grants to CSE PhD students Xinxin Jin, Karyn Benson, and Natalie Larson.

The Grace Hopper conference is a premier networking and career enhancement conference for women in computing, but few students have an opportunity to attend since they usually have to pay from their own funds. Nonetheless, students are aware of its value. Xinxin Jin talked in her essay about how exposing herself to successful women in computing will help her to build confidence in her career. Karyn Benson spoke about how instrumental mentoring by a female computer scientist has been in her career and how she hopes to become a mentor to other women in turn. Finally, Natalie Larson wrote that “the conference has great potential to affect growth for me… I am in the early stages of my PhD– my second year …and while I have done many academic internships, I have never worked in an industry internship and have little experience interacting with industry leaders. Participating in the conference this year would mean a lot for me.”

Forbes magazine checks in with PhD student Sarah Meiklejohn about just how (not) private Bitcoin purchases can be.

Link to article.

CNS is pleased to announce that George Porter and Alex Snoeren were awarded a three year NSF NeTS Large grant for their work on hybrid circuit/packet data center designs. Though the demand to increase the scale of data centers is ever increasing, growth is currently limited by the problem of being able to provide sufficient internal network connectivity. In their project proposal, Porter and Snoeren suggest that a solution to this problem could be reached by abandoning today’s electrically packet-switched technology and adopting optical circuit switching. If they are successful, they will develop a hybrid switch that will have a capacity that is several orders of magnitude greater than an electrical packet switch and yet whose performance will be largely indistinguishable from the current technology. However, the change in technology will also necessitate a complete revolution in the way that data centers are networked.

It is with much sadness that we announce the death of Dr. Rene Cruz. A professor in the Electrical and Computer Engineering department and a founding member of CNS, Dr Cruz passed away on June 30 after a battle with cancer. He will be fondly remembered and all the students, staff, researchers, and faculty at CNS extend their condolences to Dr. Cruz’s family, friends, and colleagues.

Since joining CNS in 2009, George Porter has been an innovative and creative researcher and a tireless liaison to industry. CNS Interim Director Stefan Savage is please to acknowledge Dr. Porter’s success by appointing him as the Associate Director of CNS.

Stefan Savage was interviewed for a piece that aired on January 11, 2013 on NPR’s Planet Money about his research on the underground spam economy. In the piece, he talks about how his team has uncovered the economic relationship between underground spammers and online pharmacies. He also answers the question that everyone has wanted to know about online pharmacies, but has been afraid to ask: are they for real?

Interview.

Computer scientists at the University of California, San Diego, the International Computer Science Institute at Berkeley and George Mason University have received a $10 million, five-year grant from the National Science Foundation to map out the illicit activities taking place in the cybersecurity underworld and to understand how the mind of a cybercriminal works.

“Fighting cyber threats requires more than just understanding technologies and the risks they’re associated with; it requires understanding human nature,” said Stefan Savage, a professor of computer science at the Jacobs School of Engineering at UC San Diego, and one of the lead researchers on the grant. “At its heart, cyber security is a human issue. It’s about conflict, and computers are merely the medium where this conflict takes place.”

Among their goals, the researchers will investigate how criminals make money, their economic and social relationships, and the various ways they interact with victims and defenders to achieve their goals. The researchers hope that by better understanding these dynamics, they will be able to identify the best opportunities for interventions and defenses against cybercrime.

Economics come to the forefront in understanding how the world of modern cybercrime works, including the motives behind the vast majority of Internet attacks, and the elaborate marketplaces that support them. Social interactions are key to understanding how venues such as Facebook and Twitter present new opportunities for attacks and manipulation, and to understanding the relationships among cybercriminals, who heavily rely upon one another for services and know-how.

Savage will work with six other UC San Diego researchers, including social scientist James Fowler, best known for his work on social contagion. The basic idea for this project is that technological security depends on the human factor, Fowler said. “I love that engineers and computer scientists are acknowledging that security depends as much on human behavior as it does on technology,” he said. “I look forward to working with them to help tackle these problems.”

The UC San Diego team is joining forces with a team of eight researchers at the UC Berkeley-affiliated International Computer Science Institute, led by Vern Paxson, a professor of computer science, and with Damon McCoy, an alumnus of the UC San Diego group and now a faculty member at George Mason University.

This effort is an extension of an ongoing collaboration in cybersecurity that the Berkeley and San Diego teams have built by working together for over a decade. In just the last year, Paxson and Savage’s team made headlines for a study that charted the complete “value chain” for email spam – the technical and economic relationships involved in making spam profitable. Researchers also identified which links in the value chain were the most vulnerable. By carefully tracking payment information across an array of test purchases, they showed that just three banks handled payments for 95 percent of spam-advertised products. This finding, what the researchers call a “choke point,” suggested that targeting the economics of spam could ultimately be more effective than only addressing its technical symptoms. Today, this approach is being tested through collaborations between financial institutions, brand holders and government agencies.

The NSF grant will fund this kind of interdisciplinary work, but with greater breadth and scale. Researchers will focus on four key areas:

The economics of E-crime: Researchers will try to get a better grasp of how cybercriminals make money in different scams. They will examine both advertising schemes, such as spam and search engine abuse, as well as theft of user data, such as financial account credentials. They will also get a better understanding of the infrastructure that cybercriminals rely on, including phishing kits, malware distribution and botnets.

The role of online social networks: Facebook and Twitter have become a new battleground in cybersecurity, where criminals exploit users’ trust to various ends. Researchers will map out the ecosystem of attackers that prey in social networks and the ways in which social manipulation is crucial to their activities. They will then try to understand the extent to which unsafe online behavior is learned and transmitted through online social networks and how these findings might be harnessed to improve online safety.

Underground social networks: Researchers will study the nature of “trust among thieves” and map out how relationships among criminals are established, maintained and evolve. Scientists will attempt to understand how cybercriminals go from being new to the field to becoming criminal masterminds. They will also try to understand how ideas are generated in the cybercrime underground; how new scams spread; and how trust is managed in building criminal relationships.

Efficacy of intervention: Finally, the researchers hope to measure the relationship between security practices and security “outcomes,” including understanding how different defenses, interventions and educational strategies actually impact the success of cyber attacks.

The other researchers from the Jacobs School of Engineering involved on the grant are computer science professors Geoffrey Voelker, Lawrence Saul and Alex Snoeren from the Department of Computer Science and Engineering, as well as research scientists Kirill Levchenko and Erin Kenneally, a cyberforensics specialist at the Center for Advanced Computational Science Engineering.

The ICSI researchers led by Vern Paxson are Mark Allman, Chris Grier, Chris Hoofnagle, Dan Klein, Christian Kreibich, Deirdre Mulligan and Nicholas Weaver.

CNS is proud to announce that we have added four new faculty members to our roster, all of whom bring to the Center an exciting perspective on the work that can be done in systems and networking research. James Fowler s Professor of Medical Genetics and Political Science at the University of California, San Diego. His work lies at the intersection of the natural and social sciences, with a focus on social networks, behavioral science, evolution, politics, genetics, and big data.

Ranjit Jhala specializes in researching problems in Programming Languages and Software Engineering, specifically focusing on techniques for building reliable computer systems. His work draws from, combines, and contributes to the areas of model checking, program analysis and automated deduction.

Sorin Lerner’s research interests lie in programming language and analysis techniques for making software systems easier to write, maintain and understand, including static program analysis, domain specific languages, compilation, formal methods and automated theorem proving.

Steven Swanson research focuses on understanding the implications of emerging technology trends on computing systems. He leads the Non-Volatile Systems Laboratory where he oversees a wide range of projects related to non-volatile memories, how computer systems can leverage them to increase performance and efficiency, and other system-level issues they raise (e.g., in security).

CNS is happy to announce two winners for this year’s Grace Hopper Travel Grant contest: Christine Chan and Shikha Jain.
Christine, an ECE PhD student who works with Professor Tajana Rosing, stated in her application that she wanted to attend the Grace Hopper conference “to meet the women who have come before me, found their standing, and will continue to push innovation in our field.” Shikha, a MS student advised by Professor Alin Deutsch, acknowledged in her application the importance of women’s professional conferences and societies to her growth as a computer scientist. Shikha also expressed her confidence in women’s ability to become successful regardless of the struggles they face. “My strong belief is that every woman has the capability of excelling in her professional life while fulfilling her responsibilities towards her family and friends. All it takes is strong determination and passion for one’s profession and interests.”

The 2013 Grace Hopper Travel Grant program will solicit applications in August 2013. If you have questions, please contact Kathy Krane at kkrane@ucsd.edu.

Congratulations Christine and Shikha!

In July of 2012, CNS was happy to welcome Microsoft as its newest Sponsor-level corporate member. Microsoft has long engaged CNS faculty on various levels of research collaboration, has been an active participant in CNS events, and has also been a frequent provider of summer internships and post-graduation employment to CNS masters and doctoral students. Becoming a Sponsor is just the next step in the natural evolution of a longstanding and mutually beneficial relationship.

In July, Google announced that two recipients in its latest round of its prestigious Research Award Program were researchers at CNS. Research Scientist Kenneth Yocum has received support for his project “An App-Store Framework for Data Center Networks” and CSE Professor Hovav Shacham was awarded for his proposal on “Quantifying Browser Fingerprinting on the Web.”

In February, the ACM Symposium on High-Performance Parallel and Distributed Computing (HPDC) celebrated its twentieth year by identifying twenty of the “most influential” papers published in the history of its proceedings. Among these was a paper presented in 1997 whose lead author is CSE Professor and Google Fellow Amin Vahdat, entitled “WebOS: Operating System Services for Wide Area Applications.” In the paper, Professor Vahdat and his colleagues at UC, Berkeley and UT, Austin described a service, WebOS, that provided “basic operating systems services needed to build applications that are geographically distributed, highly available, incrementally scalable, and dynamically reconfiguring.” The ideas outlined in this paper were a radical proposal for solving the then growing problem of how to provide ease of use for wide area resources. Though rejected from a number of conferences and then widely overlooked at first, the basic framework described in this paper is now commonly employed by such on-demand cloud service providers as EC2 Amazon Web Services and Microsoft’s Windows Azure.

A groundbreaking study by CNS researchers on the underground spam economy was profiled in Businessweek the week of December 12, 2012. The study, by a group headed by CNS Director Stefan Savage and consisting of researchers from CNS and UC Berkeley. The article provides a high level overview of spammers’ business model along with a number of interesting statistics about the spam economy, such as the percentage of Americans who have purchased goods and services through spam advertisements (12%) and the number of businesses (45) behind 69,002 web sites.

Businessweek article.

Original publication.

Every year, ACM recognizes those of it members whose careers show distinction. The Distinguished Member Grade recognizes those ACM members with at least 15 years of professional experience and 5 years of continuous Professional Membership who have achieved significant accomplishments or have made a significant impact on the computing field. This year, CNS faculty member YY Zhou has been named as one of 49 new Distinguished Scientist inductees.

Link to awards page.

One of the highest forms of recognition that a computer scientist can receive is to be named as an ACM Fellow. On December 8, 2011, ACM named 46 new inductees “for their achievements in computer science and information technology and for their significant contributions to the ACM.” CSE Professor and former CNS Director AmIn Vahdat was recognized for “contributions to data center scalability and management.” CSE Professor Keith Marzullo was recognized for “contributions to distributed systems and service to the computing community.”

Link to the article.

On December 5, 2011, CNS Director Stefan Savage published an essay on entitled, “In Planning Digital Defenses, the Biggest Obstacle Is Human Ingenuity” in which he reframes the question of how security researchers must think to anticipate threats to online security to be faced in the next decade.

Link to the article.

I am happy to announce that CSE Ph.D. student Neha Chachra has won the first annual CNS Grace Hopper Travel Grant!

In Neha’s winning essay, she stated that the Grace Hopper conference is “a great venue for showcasing my research work, finding potential collaborators, being exposed to and inspired by new ideas…” as well as being ” a great avenue to engage prospective employers… The Grace Hopper Conference is synonymous with opportunities for women in computing at all stages of their careers. It will be a great opportunity to advance my career, and a great avenue to give back to the community.”

Congratulations to Neha!

The 2012 CNS Grace Hopper Travel Grant application will open in August 2012. If you have any questions, please contact Kathryn Krane (kkrane@ucsd.edu)

In August, CNS Research Scientist George Porter and CSE Professor Amin Vahdat were awarded a NSF grant for their proposal to study highly efficient, pipeline-oriented data-intensive scalable computing (DISC). An increasing number of common place applications such as search engines, social networking sites, and biological and scientific programs are making use of DISC to solve computing problems. However, explains Dr. Porter, “the potential benefits of deploying applications at this scale will only be possible if they can be deployed in a sustainable, efficient manner.” This project proposes to find a way to increase per-node efficiency of DISC computing. These reductions would result in the need for fewer machines and less energy usage, thereby reducing the total capital and operational costs of large installations. The possible benefit to commercial, academic, and non-profit enterprises would be considerable. In addition to these already remarkable advantages, the work would also make computing more resilient to common disk failures at significantly less cost and complexity when compared to current solutions.

CNS Research Scientist George Porter recently was awarded a prestigious NetApp Faculty Fellowship. This fellowship program was established by NetApp to fund innovative research on data storage and related topics that help to foster relationships between academic researchers and engineers and researchers at NetApp. Only eight to ten fellowships are given per year, with only one previous recipient (YY Zhou) being at UC San Diego. Dr. Porter will use the funds to research new ways to incorporate networked storage within highly efficient data-intensive computing environments.

Not content to rest upon their laurels, a team of Center for Networked Systems (CNS) data center researchers broke two of their own world records set in 2010, and then succeeded in setting three more, when their system, Tritonsort-MR, sorted a terabyte (1 trillion bytes) of data in 106 minutes. The competition that they entered, the Sort Benchmark, is the large-scale data processing world’s Formula One World Championship and Daytona 500 rolled into one, and it attracts competitors from academic and industrial labs all over the world who vie to implement ever faster data center designs.

The CNS group consists of Dr. Amin Vahdat, Dr. George Porter, and Ph.D. students Alex Rasmussen and Michael Conley. Last year, they won in the “Indy” category for the “Gray” and “Minutesort” categories, racing to sort 1 TB of data as quickly as possible and as much data as possible in a single minute, respectively. The “Indy” category represents a parameter that exists only for the purpose of the competition, so that designing a system to compete here is comparable to constructing a racing vehicle that could only ever be driven on a track. But building on their successful foray in 2010, the team decided to take their game to a new level by adjusting their system to compete in the “Daytona,” or general purpose, category.

The key to the Tritonsort-MR design, says Porter, is seeking an efficient use of resources: “The whole aim of this project is to build balanced systems.” To do this, “we made some improvements on the data structures and algorithms- basically, to make it a lot more efficient in terms of sending records across the network.” The results from their new modifications in the “Daytona” general system not only were successful, but they also proved transferable to the original specialized system built to compete in the “Indy” category. Showing impressive improvements in performance, the team submitted for and won both categories in the “Gray” and “Minutesort” competitions. But beyond the achievement of speed, the efficiency of Tritonsort-MR’s design is remarkable: while the second place team used thirty-five hundred nodes to achieve their result, the Tritonsort-MR team used only fifty-two. If implemented in a real world data center, that would mean that Tritonsort-MR could allow a company to sort data more quickly while only making one-seventh of the investment in equipment, space, and energy costs for cooling and operation.

While winning in these four categories exceeded the team’s original goals from 2010, they found themselves intrigued by a new category on offer in 2011: the 100 Terabyte Joulesort competition in which teams vie to build a system that can sort the greatest number of data records while only consuming one joule of energy (for some idea of how much a joule is, it takes about a million Joules to watch TV for an hour). The introduction of this new category reflects the recognition of an increasingly dire challenge facing industry in trying to solve data intensive computing problems: energy usage. A primary reason that data centers are expensive to operate is because of the staggering scale of their energy consumption. Any design that could increase energy efficiency would have a positive and much needed impact on both the environment and on a company’s bottom line.

Though intrigued by this new opportunity, Rasmussen said that the team was skeptical at first that they could compete in Joulesort arena. “Typically when you look at systems that set records like this, they’re all built out of these incredibly energy efficient pieces.” However, the equipment typically used “you’d never see deployed in an actual data center setting” because of the considerable cost these sophisticated systems demand. The Tritonsort-MR team, on the other hand, was devoted more to the idea of making a system of direct applicability to enterprises with real-world needs and resources than to breaking a record for its own sake. This is reflected, said Rasmussen, in the type of equipment the Tritonsort-MR team employs for its system. “The stuff that we’re using is kind of commodity server stuff. We’ve got machines from HP that are a year and a half old” with multi-core processors and a Cisco Nexus 5596 switch. And as an additional challenge to the efficiency of the design, the team elected not to “do anything special as far as energy optimization is concerned.” But despite placing these limitations upon themselves, Tritonsort-MR won the Joulesort category handily. It was as if instead of building a racing vehicle the average person couldn’t afford and could only drive in special circumstances, the CNS team took a standard four door sedan and made it both remarkably fuel-efficient and the fastest car in the world.

Medals recognizing their accomplishments were awarded by the Sort Benchmark committee at the 2011 ACM SIGMOD conference.

The Tritonsort-MR team would like to acknowledge the support of CNS member company Cisco Systems, Inc. and the National Science Foundation.

Sort Benchmark Homepage.

The Tritonsort-MR team’s web site.

A team led by CNS researchers recently authored a paper wherein they devised a methodology for the empirical study and analysis of the end-to-end resource dependencies that support the spam economy, from advertising to click through to payment and fulfillment. Having profiled the infrastructure, the researchers then analyzed it for potential weaknesses and evaluated possible interventions for their effectiveness and for the breadth of their impact. It is the least studied and understood portion of the spam pipeline, the financial segment, which appears to be the most vulnerable to defense against the entire system.

Read more…

On Friday, March 4, 2011 a networking security research team led by Professor Stefan Savage delivered a report to the National Academy of Sciences’ Transportation Research Board that described vulnerabilities in the wirelessly networked systems of many vehicles currently on the market. These potential weaknesses could be exploited by hackers to gain access to many of the vehicle’s basic systems such as the engine, locks, and braking system.

Related links:

• Automotive Magazine
• New York Times
• CNBC
• Car and Driver

 

In spring 2010, a CNS research team using switches donated by member
company Cisco built TritonSort, a data sorting system designed for a
single purpose: breaking a world record. The team consisted of CSE
Professor Amin Vahdat, Assistant Research Scientist George Porter,
post-doctoral researcher Harsha Madhyastha, Researcher Alex Pucher, and
CSE PhD students Alex Rasmussen, Radhika Niranjan Mysore, and Michael
Conley. Research teams from all over the world annually vie to claim the
top position in the competition they entered, the Sort Benchmark, which
measures the performance of systems that execute very large data sorts.
After months of hard work, the group surpassed their original ambitions
by claiming the world data sorting record in one category while tying
for the record in another.

Link to full article.

Related articles:

• Slashdot
• Sort Benchmark Homepage
• TritonSort Paper

 

Automobiles that have systems controlled or managed by internally and externally networked computer systems are reaching near ubiquity in the United States. Computers in the form of self-contained embedded systems have been integrated into virtually every aspect of a car’s functioning and diagnostics, including the throttle, transmission, brakes, speedometer, climate and lighting controls, external lights, and entertainment. But are these systems secure? It wasn’t until a research team that is led by CNS Interim Director Stefan Savage performed an assessment of the security risks of modern automotive computer systems that this question had been comprehensively evaluated. In a peer-reviewed paper presented at IEEE Symposium on Security and Privacy in Oakland, CA on May 19, 2010 entitled, “Experimental Security Analysis of a Modern Automobile” Professor Savage and his team, which includes CNS faculty member Hovav Shacham, draw attention to potential security issues that can only become more serious as computerized control of and wireless connectivity with automotive systems increases. In addition to presenting their work in an esteemed academic forum, their work was also highlighted in a recent New York Times article, “Cars’ Computer Systems Called at Risk to Hackers.”

Related Links:

• Experimental Security Analysis of a Modern Automobile. K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage. The IEEE Symposium on Security and Privacy, Oakland, CA, May 16-19, 2010
• FAQ about the research paper “Experimental Security Analysis of a Modern Automobile”
• New York Times article, “Cars’ Computer Systems Called at Risk to Hackers.”
• Center for Automotive Embedded Systems Security

 

Professor Stefan Savage, a member of the Computer Science and Engineering department faculty has been appointed as CNS Interim Director while current Director, Professor Amin Vahdat, takes a year of sabbatical leave. Professor Savage has been serving as CNS Associate Director since 2009.

On March 4, at a signing ceremony co-sponsored by Calit2, the Center for Networked Systems (CNS), and the Center for Wireless Communications (CWC), Ericsson became the newest member of the Center for Networked Systems. The ceremony was attended by CNS faculty, Ericsson representatives, Calit2 and CWC researchers, and was presided over by the Dean of the Jacobs School of Engineering, Frieder Seible.

The signing ceremony was followed by a talk by Håkan Eriksson, entitled “Ericsson in Silicon Valley: Merging Mobile Broadband and the Internet.”

Ericsson is a world-leading provider of telecommunications equipment and related services to
mobile and fixed network operators globally. Their dedication to research and development as well as their ongoing commitment to technology leadership in the area of systems and networking makes them an exciting new partner for CNS.

CSE Faculty Rajesh Gupta, Tajana Rosing and Amin Vahdat are part of MuSyc, a group including faculty from UCSD and nine other universities are members of a new research center charged with finding ways to improve the design of computing systems ranging from large data centers to tiny brain sensors. In its first three years, the Multi-Scale Systems Center (MuSyC) will focus on tackling a critical issue affecting multiple scales: energy efficiency.

MuSyC is funded by the Defense Advanced Research Projects Agency (DARPA) and industry members of the Semiconductor Research Corporation (SRC). Its kickoff meeting was held in mid-November.

According to the new research center, its multi-scale approach stems from recognition that “a new generation of applications is emerging that are destined to run in distributed form on a platform that meshes high-performance compute clusters with broad classes of mobiles, surrounded in turn by even larger swarms of sensors. The broad majority of these new applications can be classified as distributed sense and control systems that go substantially beyond the ‘compute’ or ‘communicate’ functions traditionally associated with information technology.”

For the full article please click here.

Center for Networked Systems is excited to announce the appointment of Professor Stefan Savage as Associate Director of the CNS. His research includes the study of high-availability Internet systems, intelligent network traffic analysis and efficient self-configuring wireless networks. Stefan joined the Jacobs School Computer Science and Engineering faculty in January 2001 and has been central to much of the activity in CNS.

Amin Vahdat, Director of CNS and Professor in the department of Computer Science and Engineering, has been awarded the Gordon Engineering Leadership Center’s Gordon Fellows Medal “in recognition of technology innovations in architecture typology, systems and networking and leadership in industry-academic partnership through the UCSD Center for Networked Systems.”

The Gordon Center was established in January 2009 with the mission of educating and training effective engineering leaders who create new products and jobs that benefit society. In order to provide positive role models for students of engineering, the Gordon Center holds an annual awards ceremony to recognize exemplary engineers at the high school, undergraduate, graduate, and professional level. Recipients of the Gordon Fellows Medal not only must be outstanding engineers within their respective fields but must also have a proven record of leadership successes.

To learn more about the Gordon Center’s mission and goals, please click here.

The National Science Foundation (NSF) has awarded a five-year grant for $400,000 to CNS Alumni Jeannie Albrecht for research on managing distributed applications on mobile computing platforms composed of cell phones, vehicles, and embedded sensors. Albrecht earned her Ph. D. from UCSD in 2007, studying under Amin Vahdat and Alex Snoeren. She is currently an assistant professor of computer science at Williams College. Albrecht will direct the project, which is funded as a part of the Faculty Early Career Development (CAREER) Program, one of the most prestigious awards the NSF grants to young scholars that effectively integrate research into their teaching.

Click here to see the full article.

CNS is excited to welcome Yuanyuan Zhou. She joins the Center for Networked Systems as the first holder of the Jacobs School’s Qualcomm Endowed Chair in Mobile Computing. Zhou works in one of the most important areas of computer science: making software systems more reliable. Her research covers three distinct sub-disciplines: computer systems, programming languages/software engineering, and computer architecture. Related to the challenge of making software systems more reliable, Zhou pioneered new techniques for tolerating certain errors in programmer code, rather than the currently impractical goal of eradicating all errors. Zhou brings a software engineering and systems focus to her computer architecture research. Some of her recent architecture work has focused on the difficult problem of identifying potential concurrency-related bugs.

Computer scientists have developed an inexpensive solution for diagnosing delays in data center networks as short as tens of millionths of seconds—delays that can lead to multi-million dollar losses for investment banks running automatic stock trading systems. Similar delays can delay parallel processing in high performance cluster computing applications run by Fortune 500 companies and universities.

This work highlights a fundamental shift happening across the Internet. As computer programs—rather than humans—increasingly respond to streams of information moving across computer networks in real time, millionths of seconds matter. Algorithmic stock trading systems are just one example. Extra microseconds of delay can also mean slower response times across clustered-computing platforms, which can slow down computation-intensive research, such as drug discovery projects.

Computer scientists from University of California, San Diego (George Varghese, Alex Snoeren, and Kirill Levchenko) and Purdue University (Ramana Kompella) presented this work on August 20, 2009 at SIGCOMM, the premier networking conference.

Click here for the full article.

University of California, San Diego computer scientists have created software that they hope will lead to data centers that logically function as single, plug-and-play networks that will scale to today’s massive data center networks. The software system—PortLand—is a fault-tolerant, layer 2 data center network fabric capable of scaling to 100,000 nodes and beyond.

PortLand is fully compatible with existing hardware and routing protocols and holds promise for supporting large-scale, data center networks by increasing inherent scalability, providing baseline support for virtual machines and migration, and dramatically reducing administrative overhead. Critically, it removes the reliance on a single spanning tree, natively leveraging multipath routing and improving fault tolerance.

The computer scientists (Radhika Niranjan Mysore, Andreas Pamboris, Nathan Farrington, Nelson Huang, Pardis Miri, Sivasankar Radhakrishnan, Vikram Subramanya, and Amin Vahdat) reported this advance in data center networking on August 18, 2009 at SIGCOMM, the premier computer networking conference.

Click here for the full article.

Two computer scientists at the University of California, San Diego’s Center for Networked Systems (CNS) are among 60 professors worldwide to receive awards as part of HP’s 2009 Innovation Research Program, which is designed to create opportunities for colleges, universities and research institutes around the world to conduct breakthrough collaborative research with HP. Amin Vahdat and Geoffrey Voelker, professors in UC San Diego’s Jacobs School of Engineering, were granted awards as part of this year’s competitive open call for proposals.

Click here for the full article.

Professor Rene Cruz is the recipient of the 2009 INFOCOM achievement award from the IEEE Communication Society. This prestigious award recognizes Prof. Cruz` contributions in the area of communication networks. The award was announced at the 2009 IEEE INFOCOM Conference, the IEEE flagship conference which addresses key topics and issues related to computer communications, with emphasis on traffic management and protocols for both wired and wireless networks.

The Alfred P. Sloan Foundation has recognized CSE’s Alex Snoeren with a prestigious research Fellowship! The distinction is one of 116 given annually to young U.S. and Canadian faculty who show “the most outstanding promise of making fundamental contributions to new knowledge.” Snoeren is a member of CSE’s systems group and received the award for his ground-breaking work on Decongestion Control, Secure and Policy-Compliant Source Routing, and Cloud Control with Distributed Rate Limiting.

Faculty, graduate student researchers, and more than 40 representatives of CNS member companies participated in the CNS Winter Research Review held January 14 and 15. The event featured summary reports of CNS-sponsored research projects, a lively student poster session, and several talks by industry representatives, including a keynote speech on cloud computing by the Chief Technology Officer of Amazon, Werner Vogels. Click here for the full news article.

Brad Calder, Director of Engineering and Architect of “Windows Azure Storage” returned to CNS as a distinguished lecturer. Click here for the powerpoint of his lecture.

“CNS professor Kim Claffy, along with UCSD researchers Marián Boguñá and Dmitri Krioukov reveal a previously unknown mathematical model called “hidden metric space” that may explain the “small-world phenomenon” and its relationship to both man-made and natural networks such as human language, as well as gene regulation or neural networks that connect neurons to organs and muscles within our bodies. They have done this through the game Six Degrees of Kevin Bacon.” Click here for the full news article.

In September, 2008 Motorola, Inc. became the newest member of CNS. Motorola is a leader in global communications and is devoted to developing communications solutions with a focus on connectedness and mobility for individuals, governments, and businesses. This dedication to investment in research and to the development of networking and mobile device innovation makes Motorola a natural fit for the mission of CNS.

Dr. Hamid Ahmadi, Corporate Vice President, Senior Fellow and Chief Architect, Motorola Technology, explained that Motorola joined the Center because, “UCSD’s Center for Networking Systems’ (CNS) broad research portfolio and diverse faculty expertise complements Motorola’s research vision of converged computing, content and connectivity to deliver multimedia and information product and service solutions to our customers.

Congratulations to Amin Vahdat, Director of the Center for Networked Systems (CNS) and professor of UCSD’s Computer Science and Engineering Department (CSE). Dr. Vahdat has recently been named Chair of the Science Applications International Corporation’s (SAIC) Computer Science and Engineering Division.

UCSD’s San Diego Supercomputer Center has created a visual depiction of momentary global internet activity, to be displayed as a special exhibit at the New York Museum of Modern Art this month. Center researchers, Young Hyun and Bradley Huffaker, have created the image, which will be featured in the “Design and the Elastic Mind” exhibit at the museum. Click here for the full news article.

Stefan Savage explores the issue of trouble shooting wireless Wi-Fi problems and discusses the automated system he helped to develop regarding this pertinent issue. Dr. Savage presented his research findings at the ACM SIGCOMM Conference, which was held in Kyoto, Japan in late August. Click here for the full news article.

Geoff Voelker and Stefan Savage discuss the differences in infrastructure utilized in distributing spam and hosting online scams. According to their research , most email scams are hosted by an individual Web server. Taking a novel approach, these researchers utilized a spam feed method to check spam embedded in suspect URLs to host servers. Their findings were presented in a paper, which has been accepted for publication at the 2007 USENIX Security Conference. A full press release is available here.

The recent CNS research review was a success. The review was held at UCSD’s Computer Science & Engineering building and attended by sponsors and affiliated companies. To access presentations and related information, please log on to “MEMBERS ONLY” section.

The California Institute for Telecommunications and Information Technology has allocated over $1 million in funding to support four wireless research projects involving wireless communications technology over the span of the next three years. The research endeavor is part of a collaborative effort with Ericsson. The full press release is available here.

Geoff Voelker and Rene Cruz have been named Jacobs School Ericsson Distinguished Scholars. Each award from Ericsson includes $25,000 per year for five years to support teaching, research, and service activities. This award is a part of Ericsson’s long-term engagement with the UCSD division of the California Institute for Telecommunications and Information Technology (Calit2). Voelker and Cruz are co-PIs on a research project titled “Adaptive Systems,” which seeks to ensure an always-on connectivity environment, regardless of location or competing wireless standards deployed in a given space. The full press release is available here.

Alex Snoeren and Bill Lin presented their research on a possible Internet of the future at CNS’ January Research Review. Arguing against the Internet’s standard Transmission Control Protocol (TCP), they instead envision a radically remade internet where, even if some packets are dropped, all the information makes it from sender to receiver. This would be done via “erasure coding,” where portions of information are duplicated on multiple packets. You can read an overview of the research review, as well as more information about Snoeren’s and Lin’s research, here.

Titled “Igniting Innovation,” the annual expo showcased new student research from UCSD’s five engineering departments. It featured a poster session, technical breakout sessions, and remarks by Alan Eustace, VP of Research and Systems Engineering at Google.

UCSD hosted the CNS winter research review. Representatives from affiliated companies may also log in through the “MEMBERS ONLY” link at the left to access materials from the review.

The 2006 summer research review was a success! With 59 people from industry and UCSD, CNS hosted its largest review to date. Representatives from affiliated companies may also log in through the “MEMBERS ONLY” link at the left to access materials from the review.

The Alfred P. Sloan Foundation has recognized Alin Deutsch with a prestigious research Fellowship! Deutsch’s current CNS research focuses on developing a Grid-based processor for XQuery, the World Wide Web Consoritum’s standard XML query language. You can read the full article here.

CNS hosted member company researchers to review current projects and discuss new research. The review also included a student poster session and a tour of the newly opened Calit2 building.

Rene Cruz is creating a new wireless system that will enable DSL and cable modem subscribers to share their Internet connections. Mushroom Networks, Inc, founded by Dr. Cruz, is developing an access point aggregator (similar to a Wi-Fi router) that will connect homes or businesses that reside in close proximity. The complete article can be found here.

Amin Vahdat has been named the new director of the Center for Networked Systems. Vahdat is a professor in the Department of Computer Science and Engineering, and the second director of CNS since it was established in July 2004. Vahdat takes the reins from founding director Andrew Chien, who left to join Intel Corporation as Director of Research. The full press release is available here.

CNS hosted member company researchers to review seven current projects, and to discuss and initiate innovative new projects in Networked Systems.

UCSD’s Center for Networked Systems (CNS) held its first formal research review since the center’s launch last July. On Jan. 19 and 20, faculty researchers updated delegates from CNS’s five industry members on the status of the center’s seven inaugural projects, and laid the groundwork for a new round of projects as well as the center’s first summer research program that will send UCSD students to work in the labs of members AT&T, Alcatel, Hewlett Packard, QUALCOMM, and Sun Microsystems.
Link to full press release.

Chien is one of 20 computer scientists newly elected as a Fellow of the Association for Computing Machinery, the scientific and professional society for computer science and information technology. Chien was cited for his “contributions to high-performance computing systems,” and is the only new Fellow from a California academic institution.

More…

The award to understand “Internet Epidemiology” in alliance with researchers the International Computer Science Institute. More…

Founding Members include AT&T, Alcatel, Hewlett-Packard and QUALCOMM

San Diego, CA, July 23, 2004 – The University of California , San Diego and four international technology leaders have committed approximately $9 million over three years to the Center for Networked Systems (CNS), a new university-industry alliance focused on developing technologies for robust, secure, and open networked systems. The founding members include AT&T, Alcatel, Hewlett-Packard and QUALCOMM Incorporated, spanning a range of technology areas including enterprise computing, networking equipment, and network operations. The contributions leverage more than $10 million in related research activities already underway at UCSD. CNS is a part of the UCSD Jacobs School of Engineering and the California Institute for Telecommunications and Information Technology [ Cal- (IT) 2], a partnership of UCSD and UC Irvine.

“Networks and systems have converged, becoming complex systems in their own right. CNS is the first of its kind devoted specifically to understanding the contribution of networks, pervasive computing and grids as systems,” said CNS founding director Andrew Chien, who is the Science Applications International Corporation (SAIC) professor in Computer Science and Engineering at the Jacobs School. “CNS will also blaze a new trail in its alliance with member companies, which will work closely with our faculty to address the most important obstacles to large, networked systems in both the consumer and enterprise arenas. We believe that some of these obstacles can only be removed through the deep, shared insights of industry and academic researchers.”

Above and beyond their financial contributions, corporate members will inform Center research priorities, monitor breaking research developments, provide research internships, and send researchers to visit UCSD. “Through this collaborative effort, AT&T will be teaming with some of the world’s most talented people on a common goal and sharing its unparalleled networking expertise as a catalyst for faster innovation throughout the industry,” said Hossein Eslambolchi, president of AT&T Global Networking Technology Services and a key architect in founding the Center for Networked Systems at UCSD. “As more research is done in the university environment in partnership with scientists and engineers from different industry disciplines, their combined efforts will achieve greater results than industry or university researchers working independently.”

“Tomorrow’s networked system infrastructures will be multi-technology, multi-vendor, and multi-operator environments,” said Jacobs School Dean Frieder Seible, host of the CNS launch ceremony. “The university recognizes that the only way to meet the challenge of designing these open, shared infrastructures is a focused, collaborative and multi-disciplinary approach with industry.”

CNS builds on UCSD’s established reputation in networking, systems and distributed systems, including grids, large-scale and high-speed measurement, and monitoring of worms and denial-of-service attacks. A critical mass of 16 leading faculty and research scientists from UCSD’s departments of Computer Science and Engineering, Electrical and Computer Engineering, the San Diego Supercomputer Center, Cal-(IT) 2 and the Cooperative Association for Internet Data Analysis (CAIDA) are participating in the Center. CNS researchers will undertake fundamental and long-term research on key challenges to the success of networked systems: robustness; system and application security; manageability; and application/end-user quality of service.

“The emergence of grid computing and pervasive connectivity has given rise to complex open, dynamic systems of global reach,” said Larry Smarr, Cal-(IT) 2 director and the Harry E. Gruber Professor of Computer Science and Information Technologies in the Jacobs School. “Understanding the behavior of these networks as interdependent systems requires sophisticated online and offline measurement and analysis, as well as modeling and experimentation in which CNS will excel."

CNS expects to commit funding immediately to half a dozen projects, to be selected together with its industry members. Each project will attack a critical technical problem or framework, and each team will include a mix of experts from distributed systems, networking, and network elements. The first batch of multi-year projects is expected to cover topics ranging from large-scale network modeling and network security measurement, to the development of new routing architectures that take advantage of optical technologies in new ways.  

Supplemental Quotes

"Cooperative efforts among industry and academia, such as UCSD’s Center for Network Systems, are the cornerstone of developing breakthrough technologies. QUALCOMM is proud to partner with CNS to further research on robust, secure and manageable networks. These developments are crucial to the future growth of wireless technologies." Roberto Padovani, Executive Vice President and Chief Technology Officer, QUALCOMM

“Collaborations between academia and industry foster an environment of innovation and understanding, and nowhere is that combination more important than in the development of open, secure network systems. The future of technologies such as grid computing and advanced network systems are key elements to our business, and HP is pleased to be a founding member of the CNS program and to be able to contribute to the creation of open networked systems.” Patrick Scaglia, VP and Director, Internet Computing Platforms Research Center, HP Labs

“As communications and computing collide to create a new world of public networks, technology leadership is something no one company can achieve in isolation. Alcatel works with research leaders throughout the industry and academia to drive the engineering and technical breakthroughs that will spawn the next round of productivity and lifestyle change. We are excited about the breakthroughs this particular group can generate, and we have committed some of our top contributors to ensure the collaboration is genuinely effective.” Mike Quigley, Senior Executive Vice President, Alcatel“

“This new center underscores our belief that to address major problems, computer scientists must collaborate with researchers from other disciplines. We are delighted that AT&T, Alcatel, Hewlett-Packard and QUALCOMM also see the value in this approach to engineering breakthroughs in networked systems.” Mohan Paturi, Chair, Computer Science and Engineering, UCSD Jacobs School of Engineering

“This is an exciting new venture on the leading edge of industry-academic partnership in co-invention and collaboration. We foresee substantial benefits to society from the Center’s research on these secure networked systems that will underpin tomorrow’s information economy.” Paul Yu, Chair, Electrical and Computer Engineering, UCSD Jacobs School of Engineering

"This new center will benefit from the strong leadership of Dr. Chien and the Jacobs School faculty as well as close engagement between academia and industrial partners. Networking researchers at the San Diego Supercomputer Center, and in particular the CAIDA group, plan to work closely with CNS to achieve new breakthroughs and develop new practices in networked systems." Francine Berman, Director, San Diego Supercomputer Center

Related Links

UCSD Center for Networked Systems
Alcatel
AT&T Labs
Hewlett-Packard
QUALCOMM Incorporated
Jacobs School of Engineering
California Institute for Telecommunications and Information Technology
San Diego Supercomputer Center
CAIDA

Media Contact: Doug Ramsey, (858) 822-5825 or cell (619) 379-2912, dramsey@ucsd.edu