Download
slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
David Evans (and CS students) evans@cs.virginia.edu http://www.cs.virginia.edu/~evans PowerPoint Presentation
Download Presentation
David Evans (and CS students) evans@cs.virginia.edu http://www.cs.virginia.edu/~evans

David Evans (and CS students) evans@cs.virginia.edu http://www.cs.virginia.edu/~evans

134 Views Download Presentation
Download Presentation

David Evans (and CS students) evans@cs.virginia.edu http://www.cs.virginia.edu/~evans

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. A Smorgasbord of Security, a Smattering of Swarm Programming, and Sampling of Static Checking and a Splash of Web Sites David Evans (and CS students) evans@cs.virginia.edu http://www.cs.virginia.edu/~evans University of Virginia Department of Computer Science

  2. Security Dan Rubin: Online Voting Security Phil Varner: Voting analysis Jennifer Kahng: User Interfaces for Security Web Julie Vogelman: Framework for usability experiments Felipe Huice: biographical server Lightweight Static Analysis Chris Barker: porting Win32/Unix Programming the Swarm Ryan Persaud: Swarm Primitives Adam Trost: Swarming defense for RoboCup Menu CS 390

  3. Security Projects • Dan Rubin: on-line voting • Phil Varner: security analysis of VoteHere.net • Jennifer Kahng: user interfaces for security CS 390

  4. Remote Online Voting SecurityDaniel Rubin, rubin@virginia.edu Does this look familiar? CS 390

  5. Dan Rubin Remote Online Voting Security • Could the Internet save our elections? • Should be more convenient • Should be more accurate (no chads!) • Not so fast! • The Internet is not very secure • Hackers could sabotage an election • Everyone doesn’t have a computer (or know how to use one) CS 390

  6. Dan Rubin What I’ve learned • Internet Voting works in theory, not in practice • Too many risks (e.g. AZ had 60 minute downtime, Studco down 90 minutes) • Too big of a target for attackers • Look for it in the future, not in the Fall CS 390

  7. Dan Rubin Project • Analyze two remote elections • Arizona Dem. Primary Student Council CS 390

  8. Vote Early, Vote Often, VoteHere:A Security Analysis of VoteHerePhil Varner How can we assess the security of an on-line voting system? “...in the wake of 2000's fiasco, electoral reform bills are on the agenda in nearly every state-Katherine Harris last week recommended that Florida spend $200 million to adopt E-voting-and Adler's company is a hot property. Cisco Systems and Compaq together have given VoteHere $10 million.” CS 390

  9. Phil Varner Project • Developed FaSSAMM - Fairly Simple Security Analysis and Modeling Methodology • Combines several analysis tools - attack trees, attackers, abuse cases • Used this to analyze VoteHere for security vulnerabilities • Created an easy to understand, easy extensible description of security problems CS 390

  10. Phil Varner Results • Found the methodology development was more interesting than the actual analysis • Found numerous security vulnerabilities (as expected) • Didn’t find anything revolutionary, but developed a methodology and applied it to a real system CS 390

  11. Do you want to erase your hard-drive and launch a denial-of-service attack on the NSA?

  12. Does Everyone Always Click Ok?Jennifer Kahng • Anecdotal Evidence (and preliminary experiment on CS110 students) that almost everyone always clicks Ok to almost everything • Can we measure this? • Can we design dialog boxes that are less prone to auto-clicking? CS 390

  13. Jennifer Kahng Project(or How Jen Annoyed People) • Put fake security messages on the Oracle of Bacon’s Star Links page • 4 different looking messages over 4 days • Messages deviated from “standard” messages as days progressed • Several hundred visitors saw each message CS 390

  14. Jennifer Kahng 37% clicked Continue 31% clicked Continue animated 2% typed in “yes” 31.1% clicked Continue

  15. Jennifer Kahng Conclusions • Getting people to pay attention is • difficult unless you really want to • make them angry. • Even sysadmins always click “Ok” • Only two people (of > 700) emailed • the webmaster about potential • security vulnerability.  • People are stupid CS 390

  16. Web Projects Julie Vogelman: Framework for Web Site Analysis Felipe Huice: Biographical Database Server

  17. Julie Vogelman Web Site Analysis Framework • How should we decide if one web site design is better than another? • Many books written on this topic, but they are written by artists (subjective and contradictory) • Can we answer design questions quantitatively? • What is the most readable type and size of a font on a web page? Arial? Times New Roman? • How much white space is needed? • How much is too much bold for text? CS 390

  18. Julie Vogelman Framework Modified apache web server to randomly deliver different versions of site. Web Server Version 2 Version 1 Log Files Analyze the log files to see how visitors react differently. Web Analysis Tool CS 390

  19. Julie Vogelman Experiments • CS110 “Volunteers” • Had a directed task • How quickly could they accomplish it? (Did it depend on the site design.) • Small sample, hard to make conclusions • Web visitors to LCLint site • Hard to judge what their goals are (is it better if they click on the wrong link more quickly?) • Thousands of visitors CS 390

  20. Felipe Huice Personal Information Database • Most people (Computer Science Graduate students) are too lazy to make and update personal web pages • Too much work • Not enough benefit • Can we make it less work and more benefit? • Solution: automatic creation of home pages from personal information files (.plan files) CS 390

  21. Felipe Huice Design Description • Scripts populate database from .plan files • PHP scripts provide search capabilities and displays the home pages CS 390

  22. Felipe Huice Advantages • Any CS Graduate student can have a home page created in 1 or 2 minutes • Searches that currently could take hours can be done in a minute • Anyone with access to the Internet can view the information CS 390

  23. Lightweight Static Analysis Chris Barker: Porting UNIX/Windows

  24. A Gross Oversimplification all Formal Verifiers Bugs Detected LCLint Compilers none Low Unfathomable Effort Required CS 390

  25. Chris Barker Shift from UNIX to Windows • PCs running Microsoft products have grown increasingly popular. • Software companies are feeling a market demand to offer their products on WIN32 systems. • Porting software from UNIX to WIN32 often results in bugs in the ported code. CS 390

  26. Chris Barker The Search for the Bugs • Researched past ports to create a list of porting issues • Priority values mean opposite things • Treatment of files and sockets, unsafe calls, etc. • Created annotations in LCLint to find these bugs using • Warn on Use • Variable States • Global States • Verified that LCLint could find these issues in a real application CS 390

  27. Programming the Swarm Ryan Persaud: Swarm Primitives Adam Trost: Swarming Defense

  28. Programming the Swarm: Long-Range Goal Cement 10 GFlop CS 390

  29. What’s Changing • Execution Platforms • Not computers (98% of processors sold this year) • Small and cheap • Execution environment • Interact with physical world • Unpredictable, dynamic • Programs • Old style of programming won’t work • Is there a new paradigm? CS 390

  30. Swarm Programming • Primitives describe group behaviors • What are the primitives? • How are they specified? • Important to understand both functional (how the state changes) and non-functional (power use, robustness, efficiency, etc.) properties • Construct complex behaviors by composing primitives • Predict behavior of result • Pick the right primitives based on description of desired non-functional properties CS 390

  31. Ryan Persaud Swarm PrimitivesRyan Persaud Initial, Clumped Configuration Final, Dispersed Configuration Each bug looks only at its immediate neighbors. Moves randomly if they are too close. How long will it take? How much does communication help? CS 390

  32. Ryan Persaud Experiments CS 390

  33. Swarming DefenseAdam Trost • Simulate Soccer Defense as a Swarm Program: • Defensive tactics describe desired global properties (e.g., defend the middle in from of the goal well) • Different global properties interact to produce emergent behavior • Synthesize individual player behaviors based on the desired global properties CS 390

  34. RoboCup 2001 • Playing simulated soccer games is “serious academic stuff” - international conference focuses on cooperation between autonomous agents in dynamic multiagent environments • Soccer Simulation League • Server acting as the field is a dynamic environment • 11 players are the swarm devices • Hint: to qualify for RoboCup 2002/Japan, we probably need offense also! CS 390

  35. Summary • Your thesis should be your own project • Better to do “all” of a “small” project, than a little piece of a “big” project • Start with a question, not something to implement • Alan Kay’s Third Law: “If you have an idea, and it’s not a good idea, take a nap instead of implementing it.” • I’ll supervise (almost) anything if you can convince me it is interesting • When in doubt, click “Ok” CS 390