(all sections in reverse chronological order)
Note: projects which are still ongoing have shorter, more vague descriptions and do not list collaborators.
My Group’s Projects
Incremental Deployment of Future Internet Architectures (2014-present)
How can we incrementally deploy future Internet architecture without subverting current networks?
Security and Fault Tolerance in Software-Defined Networks (2012-present)
How do we prevent incorrect behavior in software-defined networks (SDNs) from severely hindering the availability or correctness of routing in intra-domain networks?
A Scalable and Trustworthy Entity Validation Infrastructure (2012-present)
Today’s entity validation infrastructures (such as DNSSEC, BGPSEC, and CA-based PKIs) suffer from scalability and security problems for a variety of reasons. In this project, we aim to characterize what a “good” infrastructure should look like and propose a new design that achieves these characteristics.
ECO-DNS: Expected Consistency Optimization in DNS (2012-2013)
We develop a lightweight system called ECO-DNS that proactively updates the DNS cache for certain records in order to ensure maximal consistency.
Other Academic Projects
Deep Analysis of Passwords (2012-present)
We study how users create passwords in great detail, from how they choose each part of their password to the types of words they use.
A Self-Healing Intrusion Detection System (2013)
Joint work with Tiffany Bao, Alan Keith, and Kyle Soska
In this project for the CMU ECE course 18-739C (Special Topics in Security: Vulnerability, Defense Systems, and Malware Analysis), we developed an intrusion detection system that is able to detect exploits in running binary programs, suspend execution, generate and apply a patch that avoids the exploit, and resumes execution. We do this by collecting training data on “normal” execution, that is, execution with benign inputs with which the program has been well-tested. We then use this data to generate constraints on the program state, and if during execution the program ever violates this state, we know that something might be amiss. We suspend execution and determine what feature of the program state violates our constraints, then generate a series of candidate patches that might rectify the problem. When we find one that results in the program behaving properly, we resume execution with that patch applied.
We tested our implementation on two traditional buffer overflow variants, as well as one buffer overflow that uses implicit data flow (and hence cannot be easily caught with taint analysis). We were able to find and generate a working patch (in real-time) in 40 and 24 seconds on average for the traditional buffer overflows and 51 seconds on average in the implicit buffer overflow. We were also able to identify multiple working patches, as there are often multiple ways to avoid an exploit or undesired state. While our implementation is currently a proof-of-concept, it can already be applied to many vulnerable applications, and we hope that this work will provide a fertile ground for addressing additional challenges in this space, such as ensuring program correctness in all cases and patching larger, more complex programs.
Improving the Security of Android Inter-Component Communication (2011-2012)
Applications in Google’s Android operating system consist of a set of components which communicate with each other using messages called Intents. At the time of this project, Intents were handled in such a way that app developers could easily and inadvertently write insecure code, which malicious adversaries could leverage to leak sensitive information or cause undesired behavior. Based on recommendations in a paper by Chin et al, we modified Android’s default Intent handling mechanism to err on the side of safety in these situations, except where the developer clearly states otherwise. We were able to close a substantial number of these security holes with our fixes.
This project was presented as a short paper and poster at the IFIP/IEEE International Symposium on Integrated Network Management (IM) in May 2013.