Tanya Bragin UW Research

Tanya Bragin

I am a third-year computer science graduate student at the University of Washington. My research interests include computer systems security and reliability. Please refer to my CV for educational background and previous experience.

Malicious Code on the Web

I am involved with the Spyware Project with Alexander Moshchuk, Steve Gribble and Hank Levy. Last year we investigated the spread of spyware on the Internet. Our spyware measurement findings (bibtex) were presented at the Network and Distributed System Security conference in February 2006. We are currently working on various methods for containing this form of malicious code using virtual-machine based solutions. Our results (bibtex) have been recently accepted to Usenix Security 2007. Finally, we have completed a measurement study of the spyware threat in spam URLs. Results are available in a University of Washington technical report (bibtex).

Database Support for Security Applications

Monitoring tools are becoming more central to network security applications, as evidenced by wide-scale deployment of Network Intrusion Detection Systems in internal networks. These devices generate massive amounts of data, presenting interesting domain-specific problems in the database field. Typically, solutions in this area involve custom databases, however we have been able to show that commodity databases are viable in this space as well. This project was done in conjunction with Magdalena Balazinska and Roxana Geambasu. Our findings (bibtex) in this area have recently been accepted to NetDB Workshop colocated with NSDI 2007.

Usable Security

Finally, I am interested in designing computer systems that can be safely used by ordinary people. Many security mechanisms have good theoretical foundations, but are poorly implemented in practice. One of the challenges in this area is lack of appropriate tools for developers aimed at modeling secure behavior in code and protocols. In addition, many security management tools fail to effectively summarize resulting configuration, leading to many errors go unnoticed by the very people trying to maintain system security. In this vein, starting in March I will be doing a usability study of centralized identity management and access control tools.

Distributed Resource Allocation

I have worked on a study of PlanetLab scheduling mechanisms and a prototype of a new federated resources management paradigm, called Tit-for-Tat resource allocation. Please see SIGCOMM 2007 poster abstract (bibtex) for more details.