successes and failures applying to satc /twc/tc/ct
DESCRIPTION
Successes and Failures applying to SaTC /TWC/TC/CT. Nikita Borisov University of Illinois at Urbana-Champaign. My SaTC Experience. First PI experience in 2006 Four funded projects through some version of SaTC Vulnerability signatures in intrusion detection - PowerPoint PPT PresentationTRANSCRIPT
Successes and Failures applying to SaTC/TWC/TC/CT
Nikita BorisovUniversity of Illinois at Urbana-
Champaign
My SaTC Experience
• First PI experience in 2006• Four funded projects through some version of
SaTC– Vulnerability signatures in intrusion detection– Security and privacy in building automation– Network traffic analysis– Anonymous communications (CAREER)
• About as many rejections• Half dozen panels
Vulnerability Signatures
• Traditional signatures in intrusion detection: recognize attack– E.g., “AAAA….AAAA?idapi.ida” for CodeRed
• Too specific:– CodeRed II used “NNNN….NNNN?idapi.ida”
• Vulnerability signatures: recognize attack vector• Challenge: faithfully reconstruct application
parsing state with high performance
Behind the Proposal
• Genesis: internship at Microsoft Research as graduate student
• Development: – Identify basic research challenges– Create evaluation strategy
• Collaboration:– Two senior co-PIs / mentors
Building Automation
• Newer buildings use networked sensors and controls for lights, doors, HVAC, etc.
• Opportunity for applications that enrich inhabitants’ lives
• Woefully insecure• Challenge: design interface that enables
applications while preserving important privacy and security constraints
Behind the Proposal
• Genesis: Class project on applications for building automation
• Development: – Identify general principles that can be applied in
this setting• Collaboration:– My co-instructor in the course
Traffic Analysis
• Encrypted network traffic contains patterns: packet sizes, timings, counts, …
• Side channel that reveals information– User identity– Password characters– Web page content– VoIP phrases
• Challenge: Rigorous, systematic understanding of attacks and defenses
Behind the Proposal
• Genesis: Attack paper on network watermarking schemes
• Development: – Identify several important problems– Formulate fundamental theoretic questions– Connect them to experimental validation plan
• Collaboration: – Co-author from attack paper– Another communications expert– Senior mentor
Anonymous Communications
• Internet communication leaks metadata about interests, relationships, behavior, etc.
• This information is (ab)used by ISPs, employers, advertisers, intelligence agencies, repressive regimes, …
• Anonymity networks, such as Tor help protect metadata, but at a large performance cost
• Challenge: creating scalable, high-performance overlay networks while minimizing leaked information
Behind the Proposal
• Genesis: PhD work, followed by several years of research
• Development:– Detailed description of next few research papers
• Collaboration:– Support letters from foreign collaborator
Lessons from Rejections
• SaTC panelists are notorious skeptics!– Your job to convince them your approach will
work and be secure• Missing related work can be a killer– Spend twice as much time as you think you need
• Avoid being too broad
Closing Thoughts
• Get thee on a panel!– Can’t beat first-hand experience– PMs often struggle to fill slots
• Get co-PIs with prior SaTC successes– Can be helpful even at a low commitment level
• Enjoy the experience!– Even unfunded proposals have payoffs