Four members of BUILDS traveled to the University of Connecticut to participate in a Software Challenge at the CyberSEED conference, put on by UCONN’s Comcast Center of Excellence for Security Innovation on October 19th-21st. The challenge was a binary reversing and stack smashing exploitation challenge. Allan Wirth (President), Huy Le (Vice President), Andrew Trainor (Secretary) and Quentin Li participated in the 30 hour event and placed 2nd out of 12 teams, winning $10k.
Half of the winnings will be going to BUILDS so that they can buy some new equipment and perhaps give people small travel grants for various competitions, etc.
The Smart-city Cloud-based Open Platform & Ecosystem (SCOPE) will develop cloud computing–based services and products to solve urban problems ranging from traffic congestion to dirty air with a grant from the National Science Foundation (NSF).
SCOPE will be coordinated by the Hariri Institute for Computing and Computational Science & Engineering and led by faculty investigators from several disciplines—computer science, electrical and computer engineering, earth and environment, strategy and innovation, and city planning and urban affairs. The NSF has funded SCOPE with a three-year, $850,000 grant. With contributions from the partners, its total budget exceeds $1 million.
SCOPE principal investigator Azer Bestavros, a College of Arts & Sciences computer science professor and the Hariri Institute’s founding director, says BU and its SCOPE partners—an array of Massachusetts businesses, city and state agencies, and planning groups—could have their first products available within the grant’s three-year life. A product or service could be offered for free or for a price, depending on which partner—business, public agency, or university—is offering it.
Professor Sharon Goldberg has been published in Communications of ACM, Volume 57, Number 10. Her article, Why is it taking so long to secure internet routing?, is about the vulnerability of BGP (Border Gateway Protocol), which plays a vital role in keeping the Internet together.
BGP (Border Gateway Protocol) is the glue that sticks the Internet together, enabling data communications between large networks operated by different organizations. BGP makes Internet communications global by setting up routes for traffic between organizations—for example, from Boston University’s network, through larger ISPs (Internet service providers) such as Level3, Pakistan Telecom, and China Telecom, then on to residential networks such as Comcast or enterprise networks such as Bank of America.
While BGP plays a crucial role in Internet communications, it remains surprisingly vulnerable to attack. The past few years have seen a range of routing incidents that highlight the fragility of routing with BGP. They range from a simple misconfiguration at a small Indonesian ISP that took Google offline in parts of Asia,32 to a case of BGP-based censorship that leaked out of Pakistan Telecom and took YouTube offline for most of the Internet,2 to a routing error that caused a large fraction of the world’s Internet traffic to be routed through China Telecom,6 to highly targeted traffic interception by networks in Iceland and Belarus.34
People have been aware of BGP’s security issues for almost two decades and have proposed a number of solutions, most of which apply simple and well-understood cryptography or whitelisting techniques. Yet, many of these solutions remain undeployed (or incompletely deployed) in the global Internet, and the vulnerabilities persist. Why is it taking so long to secure BGP?
The answer to this question lies in the fact that BGP is a global protocol, running across organizational and national borders. As such, it lacks a single centralized authority that can mandate the deployment of a security solution; instead, every organization can autonomously decide which routing security solutions it will deploy in its own network. Thus, the deployment becomes a coordination game among thousands of independently operated networks. This is further complicated by the fact that many security solutions do not work well unless a large number of networks deploy them.
Professor Margrit Betke and PhD Students Danna Gurari, Diane Theriault, and Mehrnoosh Sameki win Best Paper Award
Danna Gurari, Diane Theriault, Mehrnoosh Sameki, and Margrit Betke’s paper, “How to use level set methods to accurately ﬁnd boundaries of cells in biomedical images? Evaluation of six methods paired with automated and crowdsourced initial contours,” won Best Paper Award for Innovative Idea at the Interactive Medical Image Computing Workshop (IMIC), held in Boston on September 14, 2014. IMIC was held in conjunction with MICCAI 2014.
Danna led this work as the first author, Diane helped with her expertise in cell image analysis, and Mehrnoosh ran the crowdsourcing experiments. Mehrnoosh gave an enthusiastic presentation, which had been perfected by the valuable feedback from the IVC research group.
Professors Mark Crovella (PI) and Evimaria Terzi (co-PI) of the Computer Science Department received a National Science Foundation award entitled “Structural Matrix Completion for Data Mining Applications.” Congratulations to Mark and Evimaria!
A common problem arising in science and engineering is that a dataset may only be partially measured. Often the complete dataset is naturally expressed as a matrix – for example, traffic flows in a city, gene expression across a set of treatments, or ratings of movies for users. The matrix completion problem seeks to infer the missing entries of a matrix, under a low-rank assumption. To date, most matrix completion methods do not actually check whether the known entries contain sufficient information to complete the matrix. Recently, however, a new and very different class of “structural” methods have emerged, which analyze the information content of the visible matrix entries, and so can determine whether accurate completion is possible. From a data mining standpoint, the implications of structural matrix completion methods are largely unexplored. This project will investigate how to leverage structural matrix completion methods to attack a host of data analysis problems, including developing new methods for active matrix completion, new approaches to cross-validating matrix completion results, and new strategies for general matrix completion.
CS Major Dustin Vandenberg has won a Harold Case Scholarship. This University-wide award goes to rising seniors and is awarded based on scholarship, extracurricular achievements, contributions to the University and scholarly potential. The Harold C. Case Scholarship was established by contributions from students, alumni, staff, faculty, Trustees, and friends of Boston University, in recognition of the achievements of Dr. Case during his tenure as the fifth President of Boston University from 1951 to 1967. The criteria for selection are scholarship, extracurricular achievements, contributions to the University and scholarly potential.
The National Science Foundation’s (NSF) Secure and Trustworthy Cyberspace (SaTC) program announced a $10 million Frontier grant was awarded to Boston University’s Modular Approach to Cloud Security (MACS) project. MACS is one of two new center-scale “Frontier” awards to support large, multi-institution projects that address grand challenges in cybersecurity science and engineering with the potential for broad economic and scientific impact.
The goal of the MACS project is to develop methods for building information systems with meaningful multi-layered security guarantees. Arguably, reasoning about all the security aspects of systems “in one blow” is not feasible. The approach we take is thus modular: We aim at systems that are built from smaller and separable functional components, where the security of each component is asserted individually, and where security of the system as a whole can be derived from the security of its components.
The research team is comprised of experts in different aspects of information security and cryptography. The research is highly collaborative and pools together key areas of expertise in order to provide overall security guarantees. A key component of the project is the Massachusetts Open Cloud, which provides the research team with a test-bed for deploying and testing the developed mechanisms in a production cloud.
Professor Margrit Betke of the Computer Science Department received a National Science Foundation award entitled “RI: Small: Using Humans in the Loop to Collect High-quality Annotations from Images and Time-lapse Videos of Cells.” Congratulations to Margrit!
Sequences of microscopy images of live cells are analyzed by cell biologists to understand cellular processes, for example, to prevent cancer or design bio-materials for wound healing. Research progress is slowed or compromised when scientists find the image analysis efforts too labor-intensive to do themselves and the automation methods too numerous, unreliable, or difficult to use. The project develops image-analysis software to leverage human and computer resources together, in particular on the internet, to create high-quality image interpretations. An expansive benchmark study of detection, segmentation, and tracking algorithms for analyzing images of live cells is conducted, followed by the development of computer-vision approaches to the algorithms. Methods are designed for quantifying annotations, and then a tool is built to use the expertise of cell biologists to judge and select methods that analyze cell images. Crowd-sourcing experiments in which internet workers analyze images are designed and conducted. The quality of these lay workers’ annotations is compared to the quality of annotations by cell biologists and automated methods. Finally, a machine learning system is developed that automatically determines which types of cell images or videos can be analyzed accurately with or without human involvement.
A cross-disciplinary team, including researchers from the BU School of Public Health (SPH), Department of Computer Science, and Department of Electrical and Computer Engineering have won the BU Social Entrepreneurship Award at the BU Tech, Drugs, and Rock n’ Roll (TDRR) event yesterday.
Project SEARCH: Scanning Ears for Child Health
Ear biometrics’ potential for solving patient identification challenges in global field settings
SPH: Prof. Christopher Gill, Elizabeth Ragan, Courtney Johnson
CS: Sarah Adel Bargal
ECE: Cliff Chan, Samuel Howes, Alexander Welles
The idea, proof of concept, and obtaining funding for future work have been done by SPH team members.
The comparative study and development portion of this project has been done as a course project last spring for the courses:
CAS CS 585 Image and Video Computing taught by Diane Theriault
CAS CS 542 Machine learning taught by Prof. Peter Chin
The interesting background story: Christopher Gill, Elizabeth Ragan, and Courtney Johnson had the idea for the system and conducted initial feasibility studies using mouse clicks on images of ears. Fatih Cakir, a CS doctoral student, happened to hear about the project through Prof. Muhammad Zaman in BU Biomedical Engineering. Fatih subsequently followed up with a discussion of the past literature he had surveyed on ear biometrics. When Fatih served as the Teaching Fellow for CS 542 this past spring, he encouraged a team of students in CS 542 to develop the SEARCH ear scanning prototype for the iPhone in their course project. The result is promising, and the team plans to port it to the Android platform and conduct field testing soon.
The National Science Foundation has awarded a grant of $500K to fund Professor Reyzin’s research efforts. The three-year project, titled “Noisy Secrets as Alternatives to Passwords and PKI,” will explore innovative approaches to authentication.
Current approaches, which rely on passwords or trusted authorities, suffer from significant vulnerabilities. This project will investigate using other sources of information that communicating parties share. Many natural sources of such information (such as visual passwords or physical tokens) are noisy, and don’t give the same result each time they are accessed. The funded research will study how this noise can be overcome to give reliable authentication.