UW MSR Summer Institute 2014

Security Analytics: Challenges, Opportunities, and New Directions

Attendees

CSE Home

Home

Attendees

Aaron Alva
Johnson Apacible
Dave Aucsmith
Brandon Baker
Arun Balakrishnan
Nicolas Christin
Crispin Cowan
David Cross
Weidong Cui
Dave Dittrich
Miro Enev

Roxana Geambasu
Dan Halperin
Cormac Herley
Bill Howe
Mobin Javed
Yoshi Kohno
Arvind Krishnamurthy
Brian LaMacchia
Mathias Lecuyer
Wenke Lee
Adam Lerner

Mark McGovern
Emily McReynolds
Peter Ney
Jim O'Leary
Davi Ottenheimer
Vern Paxson
Marcus Peinado
Zulfikar Ramzan
Franzi Roesner
Stefan Savage

Robert Sim
Ian Smith
Jay Stokes
Lee Tien
Janice Tsai
Paul Vines
Geoff Voelker
John Walton
Gang Wang
Helen Wang

Aaron Alva is a J.D. candidate, and recent graduate of a M.S. in Information Management at the University of Washington. Aaron's interests are at the intersection of law and cybersecurity. He is currently a MSR intern working in Microsoft's Trustworthy Computing. Aaron has conducted research on cloud forensics and digital evidence admissibility; and has worked on legal compliance requirements engineering with Carnegie Mellon's CERT. He is a member of the American Bar Association's Information Security Committee, and a NSF CyberCorps scholarship recipient.

David Aucsmith is the Senior Director of Microsoft's Institute for Advanced Technology in Governments. He is responsible for technical relationships with agencies of the United States and other Governments, as well as on select special projects.

Before joining Microsoft in August 2002, Aucsmith was the chief security architect for Intel Corporation from 1994 to 2002. He has worked in a variety of security technology areas including secure computer systems, secure communications systems, random number generation, cryptography, steganography and network intrusion detection. Aucsmith is a former officer in the U.S. Navy and has been heavily involved in computer security and cybercrime issues for more than 30 years. He has been an industry representative to numerous international, government and academic organizations including the technical advisory boards of the National Security Agency, the National Reconnaissance Office, the National Academy advisory board on Survivability and Lethality Analysis and the Directorate Advisory Council for the National Security Directorate of Pacific Northwest National Labs. He is co-chairman of the FBI's Information Technology Study Group, a member of the Secret Service Task Force on Computer Aided Counterfeiting, a member of the President's Task Force on National Defense and Computer Technology and a member of the Department of Defense's Global Information Grid Senior Industry Review Group. Aucsmith was also U.S. industry representative to the G8 Committee on Organized, Transnational, and Technological Crime where he participated directly in the G8 summits in Paris, Berlin and Tokyo.

Aucsmith holds 33 patents for digital security and is a member of the advisory board for the College of Computing at the Georgia Institute of Technology. Aucsmith holds a Bachelor of Science degree in biochemistry from the University of Georgia and Master of Science degrees in physics from the Naval Postgraduate School and information and computer sciences from the Georgia Institute of Technology respectively. Additionally, he has a Certificate in Fine Arts Photography from the University of Washington. He is the author of numerous papers and currently lectures at the Naval Postgraduate School, the Naval War College, and the Air Command and Staff College.

Brandon Baker is a security engineer at Google overseeing the security of Google's Cloud Platform, working on kernel and virtualization security, detecting attacks and abuse, and thwarting malicious use of the Cloud. Prior to joining Google in 2010, Brandon worked on Trusted Computing and other security topics at Microsoft.

Nicolas Christin is an Assistant Research Professor in Electrical and Computer Engineering at Carnegie Mellon University, where he is also affiliated with CyLab, the computer and information security research center. Most of his work is at the boundary of systems and policy research, with a slant toward security aspects. He has most recently focused on online crime, security economics, and psychological aspects of computer security.

Crispin Cowan entered the security arena in 1998 at the Seventh USENIX Security Symposium with the StackGuard paper, which introduced stack canaries for buffer overflow protection, a technique now used on nearly all platforms. From 1999 to 2007 he was the founding CTO of Immunix, which was acquired by Novell in 2005 to incorporate AppArmor into SUSE Linux. Since 2008, Crispin has worked for Microsoft, continuing his work adding security value to existing operating systems, but now doing it for Windows. Crispin is especially interested in usable security and effective sandboxing, and so has contributed to improving usability in UAC and to building the app container feature to allow users to run Windows Store Apps with confidence. Crispin's contribution to the recent Windows 8.1 release has been enhancing the systematic security reviews to ensure that all Windows features ship with appropriate security considerations in mind. He holds a Ph.D. from the University of Western Ontario and a Master's in Mathematics from the University of Waterloo.

David Cross is Partner Engineering Director in the Microsoft Trustworthy Computing Security organization currently focused on building a security analytics center of excellence. He joined Microsoft in 1998 and has made significant technical and architectural contributions to Microsoft products ranging from Windows 2000 all the way through the Windows 8.1/Windows Server 2012 R2 cycles to advancing the enterprise firewall product line in the Microsoft Israel Development Center as the Product Unit Manager of the Forefront Threat Management Gateway product team. He has led innovation on numerous security technologies including encryption, PKI and authentication as well as next generation private cloud solutions and services based on Windows Server. In addition, David has been a contributing author on a number of whitepapers and Microsoft Press books regarding Microsoft security and PKI in addition to being an inventor in excess of 25 patents on primarily security, but also numerous distributed and cloud computing technologies. Prior to joining Microsoft, he spent two years as a Project Manager and Senior Architect with the Microsoft Solution Provider/Partner community and five years active duty with the aviation electronic warfare community of the United States Navy. David holds a B.S. in Computer Information Systems as well as an MBA in Management Information Systems.

Weidong Cui is a Senior Researcher at the Microsoft Research Redmond Lab. Weidong received his Ph.D. (2006) and M.S. (2003) degrees from the University of California, Berkeley, and his M.E. (2000) and B.E. (1998) degrees from Tsinghua University. Weidong enjoys building real-world systems to tackle hard problems. He led the development of KOP, a state-of-the-art Windows kernel rootkit detection system, which is currently used by several Microsoft products. He also pioneered the research on automatic protocol reverse engineering and transferred reverse engineering technologies into Microsoft products. Weidong received the Gold Star award and multiple technology transfer awards for his impact on Microsoft products. Weidong's research interests are on security and systems. He currently works on crash dump triage and cloud security.

Dave Dittrich is a Principal Software Engineer/Computer Specialist in the Applied Physics Laboratory at the University of Washington. He has been involved in investigating and countering computer crimes going back to the late-1990s and has been invited to speak around the world about what he has learned. Dave was the first person to describe the technical details of DDoS attack tools in 1999, was an early researcher into bots and botnets, and one of the first to study P2P for botnet command and control. Dave has pushed the limits, but he tries to do it in a way that is ethically defensible. He has written extensively on ethics and the "Active Response Continuum," serves on one of the UW's Institutional Review Boards evaluating human subjects research, and he and Erin Kenneally recently co-authored the Department of Homeland Security documents, "The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research" and "Applying Ethical Principles to Information and Communication Technology Research: A Companion to the Department of Homeland Security Menlo Report."

Miro Enev received his PhD from the University of Washington's Computer Science and Engineering Department in June of 2014 where his thesis focus was on Machine Learning applications for Information Privacy in Emerging Sensor Contexts. Currently Miro works at Belkin International as a Senior Machine Learning Engineer where he develops novel algorithms to empower the next generation of Smart Homes and Internet of Things in the home. His interests are in advancing smart ML/AI technologies while respecting human values in emerging technology ecosystems through quantitative methods for utility and privacy balance.

Roxana Geambasu is an Assistant Professor of Computer Science at Columbia University. She joined Columbia in Fall 2011 after finishing her Ph.D. at the University of Washington. For her work in cloud and mobile data management, she received a Microsoft Research Faculty Fellowship, an NSF CAREER award, an Honorable Mention for the 2013 inaugural Dennis M. Ritchie Doctoral Dissertation Award, a William Chan Memorial Dissertation Award, two best paper awards at top systems conferences, and a Google Faculty Research Award.

Daniel Halperin is the Director of Research for Scalable Analytics at the UW eScience Institute. He is the technical lead for the [Myria project for Big Data as a Service](myria.cs.washington.edu), works on [SQLShare](sqlshare.escience.washington.edu), and has led several eScience Institute incubator projects with groups around UW. Prior to eScience, Dr. Halperin completed his Ph.D. on wireless networking at UW's department of Computer Science & Engineering. His research projects on datacenter networks and on security for implantable medical devices have won multiple best paper awards, and his work has been featured in several stories in the New York Times and on PBS Nova ScienceNOW.

Bill Howe is the Associate Director of the UW eScience Institute and holds an Affiliate Assistant Professor appointment in Computer Science & Engineering, where he studies data management, analytics, and visualization systems for science applications. Howe has received two Jim Gray Seed Grant awards from Microsoft Research for work on managing environmental data, has had two papers elected to VLDB Journal's "Best of Conference" issues (2004 and 2010), and co-authored what are currently the most-cited papers from both VLDB 2010 and SIGMOD 2012. Howe serves on the program and organizing committees for a number of conferences in the area of databases and scientific data management, and serves on the Science Advisory Board of the SciDB project. He has a Ph.D. in Computer Science from Portland State University and a Bachelor's degree in Industrial & Systems Engineering from Georgia Tech.

Mobin Javed is a fourth year Ph.D. student in Computer Science at U.C. Berkeley, advised by Vern Paxson. She received her B.S. and M.S. from National University of Sciences and Technology, Pakistan. Her research focuses on leveraging data science to discover emerging security and privacy threats. She analyzes real world data from large-scale networked systems to illuminate the activities of adversaries in the evolving Internet landscape. Some of her major projects are: (i) detection of stealthy and coordinated attacks, (ii) measurement of device-tracking information/browsing-profile leakage, and (iii) measurement of large-scale Internet censorship. This summer she is interning at Microsoft Research, Redmond where she is studying fraudulent activity being conducted using Azure, Microsoft's Cloud Platform.

Tadayoshi Kohno (Yoshi) is an Associate Professor in the University of Washington Department of Computer Science and Engineering, an Adjunct Associate Professor in the UW Information School, and a Visiting Researcher at Microsoft Research. Kohno received his Ph.D. from the University of California at San Diego.

Arvind Krishnamurthy is an Associate Professor of Computer Science and Engineering at the University of Washington. His research interests span all aspects of building practical and robust computer systems. His recent work is aimed at making improvements to the robustness, security, and performance of Internet-scale systems. Projects include OneSwarm, uProxy, Reverse traceroute, BotLab, and Scatter.

Dr. Brian A. LaMacchia -- "bal" to his friends -- is one of a handful of applied cryptographers at Microsoft. Brian leads the Security & Cryptography team within Microsoft Research Technologies (MSR-T); his organization conducts security- & crypto-related research and advanced development. Brian is also a founding member of the Microsoft Cryptography Review Board and consults on security and cryptography architectures, protocols and implementations across the company. Before moving into Corporate R&D, Brian was the architect for cryptography in the Windows Security group. Prior positions Brian has held at Microsoft include Development Lead for .NET Framework Security and Program Manager for core cryptography in Windows 2000. Before joining Microsoft, Brian was a member of the Public Policy Research Group at AT&T Labs--Research in Florham Park, NJ. Brian received S.B., S.M., and Ph.D. degrees in Electrical Engineering and Computer Science from MIT in 1990, 1991, and 1996, respectively.

Mathias Lecuyer is a PhD candidate at Columbia University. He joined the CS department after having graduated from Ecole Polytechnique in Paris, and spending a year as a member of Brown Institute for Media Innovation, on the development of secure publishing platforms for citizen journalism. His research interests are distributed systems, security and privacy. Recently, he worked on providing transparency for private data usage in Web services.

Dr. Wenke Lee is a Professor of Computer Science in the College of Computing at Georgia Tech. He also serves as the Director of the Georgia Tech Information Security Center (GTISC). He received his Ph.D. in Computer Science from Columbia University in 1999. Dr. Lee works in systems and network security. His current research projects are in the areas of botnet detection and attribution, malware analysis, virtual machine monitoring, mobile phone security, and detection and mitigation of information manipulation on the Internet, with funding from NSF, DHS, DoD, and the industry. Dr. Lee has published over 100 articles with more than 40 of them cited more than 100 times. In 2006, Dr. Lee co-founded Damballa, Inc., a spin-off from his lab that focuses on botnet detection and mitigation.

Adam Lerner is a 3rd year PhD student in the Security and Privacy Research Lab at UW CSE. He's primarily interested in building tools that measure and resist censorship. He sees security and privacy as a highly interdisciplinary field, finding it important to incorporate social and legal aspects into his research.

Emily McReynolds is the Tech Policy Lab Manager. In addition to managing the Lab, her research interests include data security, privacy and the intersection between corporate data collection and its use by third parties. Emily earned her J.D. from Seattle University with honors, and her L.L.M. in International Economic Law at the Brussels School of International Studies.

Jim O'Leary (@jimio) leads the Application Security team at Twitter. As both a Microsoft and University of Washington alumnus, he spent 7 years in WA, yet had only driven through Cle Elum until now.

Davi Ottenheimer is Senior Director of Trust at EMC. He has over 20 year's experience in managing security operations including a decade of digital forensics and incident response. Formerly he led global communication security at BGI, the world's largest investment fund manager, and was a dedicated paranoid for Yahoo!.

Vern Paxson is a professor of Electrical Engineering and Computer Sciences at UC Berkeley and leader of the Networking and Security group at the International Computer Science Institute in Berkeley. His research focuses heavily on measurement-based analysis of network activity and Internet attacks. He has worked extensively on high performance network monitoring and on cybercrime, and co-directs the Center for Evidence-based Security Research (www.evidencebasedsecurity.org). He is a recipient of the ACM's Grace Murray Hopper Award, the SIGCOMM Award for lifetime contribution to the field of communication networks, and the IEEE Internet Award.

Marcus Peinado is an Architect in the Platform Infrastructure Team at Microsoft Research, Redmond. His work focuses on various aspects of system security and, more recently, on cloud security. He holds a Ph.D. in Computer Science from Boston University.

Zulfikar Ramzan is the Chief Technology Officer of Elastica, Inc. In this role, he drives Elastica's efforts in leveraging data science and machine learning techniques towards improving the security of cloud services. Prior to joining Elastica, Zulfikar was Chief Scientist at Sourcefire (acquired by Cisco), within their cloud technology group. At Sourcefire/Cisco, he was responsible for the technical vision as well as the in-field efficacy of the company's core advanced malware protection offerings. Prior to joining Sourcefire via its acquisition of Immunet in 2010, Zulfikar was Technical Director of Symantec's Security Technology and Response division. In all of these roles, he used techniques from machine learning, large-scale data mining, and information security to protect customers from threats to their data.

Zulfikar has produced a series of cybersecurity educational videos (sourcefire.com/chalktalks) and has also served as a guest faculty for the educational non-profit Khan Academy (khanacademy.org). Zulfikar holds a Ph.D. in Electrical Engineering and Computer Science from the Massachusetts Institute of Technology, with thesis work in cryptography.

Franzi Roesner a researcher in security and privacy with a strong focus on system design, will be joining UW CSE as a faculty member in the fall. Her research has included a comprehensive study of third-party tracking on the Web and the creation of ShareMeNot, a novel defense against "personal" web trackers like the Facebook "Like" button. She has also explored a new approach to permission granting in modern operating systems (particularly mobile devices, such as smart phones), user-driven access control. In this approach, the operating system is able to extract a user's intent to grant a permission (such as allowing an application to access the camera or send an SMS) from the way he or she naturally interacts with any application. Her work on user-driven access control won the Best Practical Paper Award at the 2012 IEEE Symposium on Security and Privacy. Most recently, she has begun focusing on security and privacy for emerging augmented reality technologies. Roesner will receive her PhD from UW CSE in June. She received her BS in Computer Science at UT Austin, where she worked on research in computer architecture.

Stefan Savage is a professor of Computer Science and Engineering at the University of California, San Diego. He received his Ph.D. in Computer Science & Engineering from the University of Washington and a B.S. in Applied History from Carnegie University. Savage's research interests lie at the intersection of distributed systems, networking, and computer security, with a current focus on embedded security and the economics of cybercrime. He currently serves as director of UCSD's Center for Network Systems (CNS) and as co-director for the Center for Evidence-based Security Research (CESR), a joint effort between UCSD and the International Computer Science Institute. Savage is a Sloan Fellow and an ACM Fellow, but is fairly down-to earth guy and only writes about himself in the third person when asked.

Robert Sim is Applied Research Manager in the Windows Services Safety Platform at Microsoft. His team addresses open problems in online user safety and security, and ships spam, malware and account protection features for Outlook.com, Internet Explorer, Family Safety and Microsoft Account. Robert completed a PhD in Computer Science at McGill in 2004, investigating vision-based autonomous mapping frameworks, and worked at Braintech Inc on consumer robots before joining Microsoft in 2008.

Ian Smith is a Master's student at the University of Washington department of Computer Science, where he is a member of the Security and Privacy Lab. His graduate work focuses on designing systems for deidentification and secure data sharing.

Lee Tien is a senior staff attorney with the Electronic Frontier Foundation, a non-profit public-interest group based in San Francisco, California. He specializes in free speech, privacy and security issues. His major current policy issue areas include: telecommunications surveillance and privacy, including national security surveillance; cybersecurity; electronic health records privacy; location privacy; and energy usage data privacy. He received his bachelor's degree from Stanford University and his law degree from UC-Berkeley School of Law.

As the Privacy Manager for Microsoft Research, Janice Tsai and her team of Privacy Leads provide privacy compliance support for all the MSR labs. She is also a Usable Privacy researcher with her PhD in Engineering & Public Policy from Carnegie Mellon.

Paul Vines is a graduate student in the Computer Science & Engineering Department at the University of Washington. He has worked on static analysis for malware detection and is currently working on a covert channel for secure and deniable communication. Paul's interests are on computer security as a whole but with particular interest currently on censorship and privacy.

Geoffrey M. Voelker is a professor at the University of California at San Diego. His research interests include operating systems, distributed systems, computer networks, and security. He received a B.S. degree in Electrical Engineering and Computer Science from the University of California at Berkeley in 1992, and the M.S. and Ph.D. degrees in Computer Science and Engineering from the University of Washington in 1995 and 2000, respectively.

Gang Wang received his B.E. degree in electrical engineering from Tsinghua University, Beijing, China, in 2010. He is currently pursuing the Ph.D. degree in computer science in the University of California at Santa Barbara, advised by Prof. Ben Y. Zhao and Prof. Heather Zheng. His research interests are security and privacy, online social networks, mobile networks and crowdsourcing systems.

Helen J. Wang is a Principal Researcher and Research Manager at Microsoft Research, Redmond. Helen founded the security and privacy research group MSR's Redmond lab. Her research interests are in systems security. She's led numerous projects over her tenure at MSR including PeerPressure, Shield, BrowserShield, MashupOS/Gazelle/ServiceOS, each of which has been technology-transferred into the real-world, impacting Microsoft products as well as the computing industry at large. Helen received SIGMOD Test-of-time award in 2007, Gold Star award and multiple tech-transfer awards from Microsoft and Best Practical Paper from IEEE security and privacy symposium in 2012. Helen received her Ph.D. degree from the Computer Science department of U. C. Berkeley in 2001 and her B.S. in Computer Science from U.T. Austin in 1995.

Please check back for updates.

Last updated: 28 July 2014