David Mohaisen

COVID19 Era

02/24/20

Hisham Alasmary's final defense.

06/01/20

Mo Abuhamad's final defense.

06/04/20

Rhongho Jang's final defense.

06/08/20

Jinchun Choi's final defense.

06/10/20

Jeman Park's final defense.

10/14/20

Presenter: Ulku Meteriz. Don't Skype and Type: Acoustic Eavesdropping in Voice-Over-IP; Alberto Compango, Mauro Conti, Daniele Lain, Gene Tsudik; ASIACCS 2017
Presenter: Muhammad Saad. BITE: Bitcoin Lightweight Client Privacy using Trusted Execution. Sinisa Matetic, Karl Wüst, Moritz Schneider, and Kari Kostiainen, ETH Zurich; Ghassan Karame, NEC Labs; Srdjan Capkun, ETH Zurich. USENIX Security 2019.

10/21/20

Presenter: Mohammed Al kinoon. Cyber-analytics: Modeling factors associated with healthcare data breaches (own work)
Presenter: Abdulrahman Alabduljabbar. Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning. Hamza Harkous, Kassem Fawaz, Rémi Lebret, Florian Schaub, Kang G. Shin, Karl Aberer: USENIX Security Symposium 2018: 531-548

10/28/20

Presenter: Sultan Alshamrani. EDA: Easy Data Augmentation Techniques for Boosting Performance on Text Classification Tasks; Jason Wei, Kai Zou; EMNLP-IJCNLP 2019
Presenter: Ahmed Abusnaina. Papernot, Nicolas, and Patrick McDaniel. "Deep k-nearest neighbors: Towards confident, interpretable and robust deep learning." arXiv preprint arXiv:1803.04765 (2018).

11/4/20

Presenter: Yu Mi. Classic Meets Modern: A Pragmatic Learning-Based Congestion Control for the Internet (sigcomm 20)
Presenter: Afsah Anwar. E. Cozzi et al. "The Tangled Genealogy of IoT Malware" ACSAC 2020

11/11/20

Presenter: Ulku Meteriz. Zoom on the Keystrokes: Exploiting Video Calls for Keystroke Inference Attacks. Mohd Sabra, Anindya Maiti, Murtuza Jadliwala. Network and Distributed Systems Security (NDSS) Symposium 2021
Presenter: Muhammad Saad. Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability. Giulio Malavolta , Pedro Moreno Sanchez, Clara Schneidewind, Aniket Kate , and Matteo Maffei. NDSS 2019

11/18/20

Presenter: Mohammed Al kinoon. PrivacyProtector Privacy - Protected patient data collection in IoT based Healthcare Systems
Presenter: Abdulrahman Alabduljabbar. A. Benjamin, et al. "Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Data Flow Analysis with PoliCheck." 29th USENIX Security Symposium, 2020

11/25/20

Presenter: Sultan Alshamrani. Attention-based LSTM for Aspect-level Sentiment Classification" by Yequan Wang, Minlie Huang, Xiaoyan Zhu, Li Zhao. 2016 Conference on Empirical Methods in Natural Language Processing (EMNLP)
Presenter: Ahmed Abusnaina. Hu, Shengyuan, et al. "A new defense against adversarial images: Turning a weakness into a strength." Advances in Neural Information Processing Systems. 2019.

12/2/20

Presenter: Yuanjun Dai. Accelerating distributed reinforcement learning with in-switch computing ISCA '19: The 46th Annual International Symposium on Computer Architecture
Presenter: Yu Mi. TCP ≈ RDMA: CPU-efficient Remote Storage Access with i10 (NSDI '20)

12/9/20

Presenter: David Mohaisen. Information Leakage in Embedding Models (CCS 2020)
Presenter: Afsah Anwar. All Things Considered: An Analysis of IoT Devices on Home Networks (USENIX Sec 2019)

12/16/20

Presenter: Ulku Meteriz. Usage Patterns of Privacy-Enhancing Technologies (ACM CCS 2020)
Presenter: Muhammad Saad. BDoS: Blockchain Denial-of-Service Attacks (CCS 2020)

12/23/20

Presenter: Mohammed Al kinoon. Digital Healthcare-Associated Infection: A Case Study on the Security of a Major Multi-Campus Hospital System
Presenter: Abdulrahman Alabduljabbar. VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity (CCS 2020)

12/30/20

Presenter: Sultan Alshamrani. SoK: Hate, Harassment, and the Changing Landscape of Online Abuse, IEEE Symposium on Security and Privacy (SP)
Presenter: Ahmed Abusnaina. Gotta Catch'Em All: Using Honeypots to Catch Adversarial Attacks on Neural Networks (CCS 2020)

1/6/21

Presenter: Yuanjun Dai. Distributed Machine Learning with a Serverless Architecture(INFOCOM 2019)
Presenter: Yu Mi. BeauCoup: Answering Many Network Traffic Queries, One Memory Update at a Time (SIGCOMM'20)

1/13/21

Presenter: Muhammad Saad. Vivek Kumar Bagaria, Sreeram Kannan, David Tse, Giulia C. Fanti, Pramod Viswanath: Prism: Deconstructing the Blockchain to Approach Physical Limits. 585-602
Presenter: Afsah Anwar. Abbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Ali Razmjoo-Qalaei, Mohammad-Reza Zamiri-Gourabi, Jack W. Davidson: MalMax: Multi-Aspect Execution for Automated Dynamic Web Server Malware Analysis. 1849-1866

1/20/21

Presenter: Ulku Meteriz. Liwei Song, Reza Shokri, Prateek Mittal: Privacy Risks of Securing Machine Learning Models against Adversarial Examples. 241-257
Presenter: Runyu Ma. Liveness is Not Enough: Enhancing Fingerprint Authentication with Behavioral Biometrics to Defeat Puppet Attacks (Security'20)

1/27/21

Presenter: Mohammed Al kinoon. Ben Weinshel, Miranda Wei, Mainack Mondal, Euirim Choi, Shawn Shan, Claire Dolin, Michelle L. Mazurek, Blase Ur: Oh, the Places You’ve Been! User Reactions to Longitudinal Transparency About Third-Party Web Tracking and Inferencing. 149-166
Presenter: Abdulrahman Alabduljabbar. Mainack Mondal, Günce Su Yilmaz, Noah Hirsch, Mohammad Taha Khan, Michael Tang, Christopher Tran, Chris Kanich, Blase Ur, Elena Zheleva: Moving Beyond Set-It-And-Forget-It Privacy Settings on Social Media. 991-1008

2/3/21

Presenter: Sultan Alshamrani. Hate lingo: A target-based linguistic analysis of hate speech in social media (ICWSM 2018) and Deep Learning for Hate Speech Detection in Tweets (Poster, WWW 2017)
Presenter: Ahmed Abusnaina. Florian Tramèr, Pascal Dupré, Gili Rusak, Giancarlo Pellegrino, Dan Boneh: AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning. 2005-2021

2/10/21

Presenter: Yuanjun Dai. Inference DAG/DNN architecture via network trace
Presenter: Yu Mi. Adaptive Defense: Drawing defense policies from well-elaborated monitoring system

02/26/21

Saad's final defense.

06/16/21

Afsah's final defense.

Pre-COVID19

A security researcher, a safety engineer, and a regulator walk into a bar: Lessons learned from 9 months of institutional anthropology at the FDA

Speaker: Prof. Eugene Vasserman (Kansas State University) Date:: Jan. 17, 2020

Abstract: Medical cyber-physical systems (mCPS) occupy a fairly unique sub-area of CPS -- the number and diversity of stakeholders and technologies is truly massive. All stakeholders have an interest in improving the security of mCPS, so why has there has been little progress in the area? My recent experience at the FDA sheds some light on this mystery. In this talk, I discuss the diversity of stakeholders and the effect on progress in the field, the lack of trained personnel and the reasons behind it, as well as one of the most fundamental problems -- the ineffectiveness of inter-stakeholder communication. I touch on the particular hardware and software engineering challenges of mCPS, where devices range from those which must run for a decade on a tiny non-replaceable battery, to mains-powered workstations and even mini-clusters. Finally, I talk about the difficulty of moving academic research into practice (and the reasons behind this phenomenon), and also cover some myths about FDA's regulation of medical devices, especially security and software updates.

Biography: Eugene Vasserman is an Associate Professor in the Department of Computer Science at Kansas State University, specializing in the security of distributed systems. He is also the director of the Kansas State University Center for Information and Systems Assurance. He received a B.S. in Biochemistry and Neuroscience with a Computer Science minor from the University of Minnesota in 2003. His M.S. and Ph.D. in Computer Science are also from the University of Minnesota, in 2008 and 2010, respectively. His current research is chiefly in the area of security for medical cyber-physical systems, security usability, and user education. His past work spans the gamut from security vulnerabilities emergent from the BGP infrastructure of the internet, to energy depletion attacks in low-power systems, to secure hyper-local social networking, to privacy and censorship resistance on a global scale (systems capable of supporting up to a hundred billion users). In 2013, he received the NSF CAREER award for work on secure next-generation medical systems. He spent the 2016-2017 academic year on sabbatical at the FDA, serving as a security subject matter expert, taking regulator certification classes, and organizing and running a public workshop focused on regulatory science gaps in the way medical device security is handled. He has served on numerous program committees, including USENIX Security, ACSAC, PETS, USEC, ASIACCS, HotWiSec, WPES, SecureComm, and chaired the 2014 USENIX HealthTech Summit. He is a member of the UL 2900 standardization process for cybersecurity of network-connectable devices, the AAMI interoperability working group, and the AAMI / UL 2800 standards effort for medical device interoperability.

Dissecting the Performance of Strongly-Consistent Replication Protocols

Speaker: Prof. Murat Demirbas (University at Buffalo) Date:: May 3, 2019

Abstract: Many distributed databases employ consensus protocols to ensure that data is replicated in a strongly-consistent manner on multiple machines despite failures and concurrency. Unfortunately, these protocols show widely varying performance under different network, workload, and deployment conditions, and no previous study offers a comprehensive dissection and comparison of their performance. To fill this gap, we study single-leader, multi-leader, hierarchical multi-leader, and leaderless (opportunistic leader) Paxos-based protocols, and present a comprehensive evaluation of their performance in local area networks (LANs) and wide area networks (WANs). We present an analytic modeling of the protocols using queuing theory and show simulations under varying controlled parameters. To cross-validate the analytic model, we also present empirical results from our prototyping and evaluation framework, Paxi. https://github.com/ailidani/paxi We distill our findings to simple throughput and latency formulas over the most significant parameters. These formulas enable the developers to decide which category of protocols would be most suitable under given deployment conditions.

Biography: Murat Demirbas is a Professor of Computer Science & Engineering at University at Buffalo, SUNY. Murat received his Ph.D. from The Ohio State University in 2004 and did a postdoc at the Theory of Distributed Systems Group at MIT in 2005. His research interests are in distributed and networked systems and cloud computing. Murat received an NSF CAREER award in 2008, UB Exceptional Scholars Young Investigator Award in 2010, UB School of Engineering and Applied Sciences Senior Researcher of the Year Award in 2016. He maintains a popular blog on distributed systems at http://muratbuffalo.blogspot.com

Sampling and Sketching Billion-Scale Networks: Theory Meets Practice

Speaker: Prof. Thang N. Dinh (Virginia Commonwealth University) Date:: Feb. 22, 2019

Abstract: Big graphs have become increasingly popular in many domains from the Internet of Things, Social Networks, and the Web of Knowledge to name a few. Graph data are now measured in terabytes, heading towards petabytes, with billions of nodes and edges. For example, Facebook now contains 1.5 billion monthly active users and generate 60 terabytes data every day; the Internet of Things are predicted to contain more than 20.8 billion devices by 2020. Mining and querying such graphs powers many applications in social networks, personal recommendation, fraud and cybersecurity threats detection, and many others. However, mining such humongous graphs is extremely challenging. Not only the graphs do not fit into the memory and storage of a single machine, but also the existing methods provide little guarantees on the quality and the confidence of the solution. In this talk, we will introduce novel sampling and sketching frameworks to mine billion-scale graphs with high confidence, near-optimal solutions, and, especially, high practical efficiency. As a consequence, hard optimization problems in networks with billions of edges can be now solved in few minutes or seconds using parallel computation.

Biography: Thang N. Dinh, received the Ph.D. degree in computer engineering from the University of Florida in 2013. He is an Assistant Professor at the Department of Computer Science, Virginia Commonwealth University. His research interest include Blockchain, Security, Billion-scale Graph Mining, and Approximation Algorithms. He has published many papers in top venues SIGMOD, SIGMETRICS, ICDM, CIKM, MOBICOM, MOBISYS including 6 best paper awards and nominations. He has served on the program committees of various conferences such as INFOCOM, ICDCS, Hypertext, ICC. He is a program co-chair of COCOON’16, CSoNet’14, and an editor of Springer Journal in Computational Social Networks. He co-founded Fractal, a secure, scalable, and sustainable platform for decentralized applications.

Challenges in DDoS Defense and a New Approach with Trusted Hardware

Speaker: Prof. Min Suk Kang (National University of Singapore) Date:: Dec. 10, 2018

Abstract: Large botnet-based Distributed Denial-of-Service (DDoS) attacks have recently demonstrated unprecedented damage. However, the best-known end-to-end availability guarantees against flooding attacks require costly global-scale coordination among autonomous systems (ASes). A recent proposal called routing around congestion (or RAC) claimed to provide strong end-to-end availability to a selected critical flow. In the first part of the talk, we will present our recent in-depth analysis of the (in)feasibility of the RAC defense. We show a fundamental trade-off between the two necessary properties of the proposed RAC defense, and as a result, the RAC defense is not just ineffective but nearly unusable in practice. In the second part of the talk, we will present a highly effective new approach to DDoS defense --- a secure in-network filtering or the idea of empowering DDoS victims to install in-network traffic filters in the upstream transit networks. We argue that all existing in-network filtering ideas are impractical due to the lack of verifiable filtering --- no one can check if the filtering service executes the filter rules correctly as requested by the DDoS victims. We show the technical feasibility of verifiable in-network filtering, called VIF, that offers filtering verifiability to DDoS victims and neighbor ASes. Our large-scale simulations of two realistic attacks (i.e., DNS amplification, Mirai-based flooding) show that only a small number (e.g., 5–25) of large IXPs are needed to offer the VIF filtering service to handle the majority (e.g., up to 80–90%) of DDoS traffic.

Biography: Min Suk Kang is an Assistant Professor of Computer Science Department, School of Computing at National University of Singapore. His research interests lie in the field of network and distributed systems security, wireless network security, and blockchain security. He obtained his PhD degree in Electrical and Computer Engineering from Carnegie Mellon University in 2016 under the supervision of Virgil D. Gligor in CyLab. He received BS and MS degrees in EECS at Korea Advanced Institute of Science and Technology (KAIST) in 2006 and 2008, respectively.

A Design Technique to Prevent Hardware Trojans from Leaking Sensitive Data

Speaker: Dr. Kevin A. Kwiat (CAESAR Group) Date:: Nov. 30, 2018

Abstract: Opportunities for entrepreneurs to capitalize on the U.S. Air Force’s investment in technology has come to the forefront. An overview of such opportunities will be accompanied by a detailed technology example. Since the turn of the century many integrated circuit (IC) design houses have outsourced the production of their chips to other countries. This has created a new opening for cyber-attacks: when a firm sends out a design to be manufactured overseas, the trustworthiness of the manufactured IC can no longer be guaranteed. It is now possible to insert hardware Trojans directly into a chip during the design and manufacturing process. These hardware Trojans can destroy a chip, reduce performance or even leak sensitive data – including encryption keys. For many in the information assurance arena confidentiality is paramount, so the possibility of a hardware Trojan leaking data is of great concern. This presentation covers U.S. Air Force patent-pending methods of defending against data-leakage hardware Trojans in 2 forms: 1) combinational and 2) sequential logic. Both forms prevent data leakage through a randomized encoding and split manufacturing scheme. Experimental work revealed the power and area overheads associated with these techniques; yet, the Air Force’s risk calculus can be such that these overheads become acceptable – especially when there is only a 3% decrease in performance.

Biography: Kevin A. Kwiat, PhD, is formerly a Principal Computer Engineer with the U.S. Air Force Research Laboratory (AFRL) and has more than 34 years of service and has been awarded 5 patents during that time. While at AFRL, he conducted research and development in a wide scope of areas: high reliability microcircuit selection for military systems, testability; logic and fault simulation; rad-hard microprocessors; benchmarking of experimental designs; distributed processing systems; assured communications; FPGA-based computing; fault tolerance; survivable systems; game theory; cyber-security; and cloud computing. His PhD is in Computer Engineering from Syracuse University. He is co-founder and leader of Haloed Sun TEK of Sarasota, Florida, which is an LLC specializing in technology transfer and has joined forces with the Commercial Applications for Early Stage Advanced Research (CAESAR) Group.

Defending DDos Attacks and Adverse Network Conditions

Speaker: Prof. Max Schuchard (The University of Tennessee, Knoxville). Date:: Nov. 7, 2018

Abstract: The security community has yet to develop a viable and deployable defense against large scale Distributed Denial of Service (DDoS) attacks, despite their increasing prevalence and impact. In this talk, we will explore the viability of effectively mitigating modern DDoS attacks through routing rather than traditional means. I will focus on Nyx, the first system to both effectively mitigate modern DDoS attacks regardless of the amount of traffic under adversarial control and function without outside cooperation or an Internet redesign. Nyx approaches the problem of DDoS mitigation as a path selection problem rather than a filtering problem. This conceptual shift allows Nyx to avoid many of the common shortcomings of existing academic and commercial DDoS mitigation systems. I will discuss a variety of experiments, both in simulation and on the live Internet, which demonstrate the promise of such an approach, and touch on some of the unanswered research questions in this area.

Biography: Dr. Max Schuchard is a professor of Computer Science at the University of Tennessee and director of the VolSec computer security group. Professor Schuchard received his PhD from the University of Minnesota in 2016. His research areas focus on routing security, Distributed Denial of Service attacks, and censorship circumvention.

Building Predictable and Adaptable Mobile Systems

Speaker: Prof. Lukasz Ziarek (SUNY Buffalo). Date:: Mar. 8, 2018

Abstract: Time predictability is a requirement for computer systems that have deadlines to meet, but it is frustratingly difficult to achieve in the complex, layered, execution environments that are common place today. This talk will consider how to bring a degree of time predictability to Android applications. Potential solutions include fundamental changes to the Android framework and the introduction of a new programing model, which focuses on the interplay between real-time activities and the rest of the system. This talk will detail the changes in the Android APIs which are required for developers to express the timeliness requirements of code and how well those requirements can be met on stock hardware in the presence of multiple, potentially interacting applications. The talk will also cover some experimental data validating feasibility over several applications including UAV fight con-trol, implantable medical devices, as well as a wind turbine monitoring device. Lastly, I will discuss future directions, including adding adaptivity to the system to achieve a dynamically defined real-time system.

Biography: Lukasz Ziarek is an assistant professor in the Department of Computer Science and Engineering at the State University of New York at Buffalo. He completed his Ph.D. at Purdue University in 2011. He works at the intersection of program-ming languages, real-time systems, and mobile systems and has published over 55 peer reviewed articles. He has re-ceived several teaching awards, including University at Buffalo Innovative Teaching Award in 2017, the School of Engi-neering and Applied Sciences Early Career Teacher of the Year in 2016, and the CSE Early Career Teacher of the Year in 2015.

Reading between the lines of datacenter logs

Speaker: Dr. Nosayba El-Sayed (MIT). Date:: Nov. 22, 2017

Abstract: How can rigorous data analysis, based on various logs collected at large-scale datacenters, help us improve the resilience and performance of these systems and the applications they run? In this talk, I will first show how trace-driven analysis helped us uncover various interesting patterns in the behaviour of jobs running on large clusters, using da-ta from Google, CMU, and Los Alamos National Lab. Our analysis revealed properties that distinguish unsuccessful jobs from others, including certain configuration settings and resource consumption patterns. Using these insights, we de-signed a machine learning-based framework for predicting job terminations with high precision and recall, and demon-strated how these predictions can be used to mitigate the effect of unsuccessful executions in datacenters. In the second half of this talk, I will dig deeper into examining the memory behaviour of applications, since memory accesses limit the performance and scalability of numerous workloads in real systems. I will show how careful cache and memory profiling can help us better understand the way programs interact with the memory hierarchy, while discussing and demonstrating practical use cases for real-world systems.

Biography: Nosayba El-Sayed is a Postdoctoral Associate at CSAIL, MIT. Her research focuses on designing and implementing data-driven techniques that exploit the wealth of data generated in modern platforms to improve the reliability and performance of large-scale datacenters. She completed her PhD at the University of Toronto, during which time she interned at Amazon's Datacenter Global Services division to work on server-outage analysis and prediction. More recently, Nosay-ba has focused on investigating how new features available in modern hardware (e.g. cache par-titioning) can be used to improve datacenter utilization. Nosayba's work was published in confer-ences such as SIGMETRICS, DSN, ICDCS, SC, and HPCA (coming soon). Her work on datacenter reliability received a SIGMETRICS best paper award and was featured in ;login! Usenix Magazine, Data Center Knowledge, and Communications of the ACM.

Hacking Sensors

Speaker: Prof. Yongdae Kim (KAIST). Date:: Oct. 25, 2017

Abstract: Sensors are designed to measure sensor inputs (e.g., physical quantities) and transfer sensor outputs (e.g. voltage signal) into the embedded devices. In addition, sensor‐equipped embedded systems (called sensing‐and‐actuation systems) decide their actuations according to these sensor outputs, and the systems have no doubt whether the sensor outputs are legitimate or not. Sensors are essential components for safety‐critical systems such as self‐driving cars, drones and medical devices. Breaking safety in these systems may cause loss of life or disasters. Because of these safety reasons, sensors are often designed to be robust against failure or faults. However, can they maintain safety under adversarial conditions? In this talk, I detail how sensors can be spoofed or prevented from providing correct operation through regular and sidechannels. Attacks on various devices such as medical devices, drones, and self‐driving cars will be shown. I'll complete the talk with a few directions and guides to prevent these attacks with a few open problems.

Biography: Yongdae Kim is a Professor in the Department of Electrical Engineering and an affiliate professor in the Graduate School of Information Security at KAIST. He received PhD degree from the computer science department at the University of Southern California. Between 2002 and 2012, he was an associate/assistant professor in the Department of Computer Science and Engineering at the University of Minnesota ‐ Twin Cities. Before joining U of Minnesota, he worked as a research staff for two years in Sconce Group in UC Irvine. Before coming to the US, he worked 6 years in ETRI for securing Korean cyberinfrastructure. Between 2013 and 2016, he served as a KAIST Chair Professor. He received NSF career award on storage security and McKnight Land‐Grant Professorship Award from University of Minnesota in 2005. Currently, he is serving as a steering committee member of NDSS, an associate editor for ACM TISSEC, a PC chair for AsiaCCS 2018. His current research interests include security issues for various systems such as cyber physical systems, social networks, cellular networks, P2P systems, medical devices, storage systems, mobile/ad hoc/sensor networks, and anonymous communication systems.

Website last updated on 04/28/2019