Information & Resources
Research
Awards and Grants | News | Upcoming Events | Mission | Credo | Sponsors | Contact
Welcome to the Systems and Internet Infrastructure Security (SIIS) Laboratory in the department of Computer Science and Engineering at Penn State, and member lab of the Network and Security Research Center (NSRC). The SIIS Laboratory develops advanced security technologies for critical components of the modern computing infrastructure. Our researchers consider security problems at all levels of systems design, from theoretical cryptography to physical hardware. Our research has been published in top academic venues in security, networking, operating systems, software engineering, and cryptography, as well as featured in many outlets in popular press.
Awards and Grants
November 2, 2009:
The Communication Network Research Center (NSRC) will start a new interdisciplinary research center with approximately $35.5 million in funding over 10 years from the Army Reseach Lab. These new center will be extremely beneficial for both the Center and SIIS lab as one of the Center member research laboratories. Congratulations to the NSRC faculty for this achievement and specially to Professor Adam Smith, SIIS lab faculty, as he is one of the researchers in the new center.
September 15, 2009:
Dr. Patrick McDaniel was awarded two National Science Foundation grants entitled "Security Services in Open Telecomunnications Networks" and "Secure Provenance in High-End Computing Systems". Congratulations Professor McDaniel!. More Information.
September 1, 2009:
Dr. Trent Jaeger was awarded two National Science Foundation grants entitled "Techniques to Retrofit Legacy Code with Security" and "Establishing Integrity in Dynamic Networks of Cyber Physical Devices". Congratulations Professor Jaeger!. More information.
July 9, 2009:
Professor Adam Smith will be receiving the NSF PECASE award from President Obama in a White House ceremony this Fall. "The Presidential Early Career Award for Scientists and Engineers (PECASE) program was established to identify and honor outstanding scientists and engineers that show exceptional potential for leadership at the frontiers of knowledge". Congratulations to Professor Smith.
April 17, 2009:
Professor Patrick McDaniel received the Outstanding Research Award from the Penn State Engineering Society (PSES).The Penn State Engineering Society Outstanding Research Award recognizes individuals who, by their contributions to knowledge, have brought recognition to themselves, the College, and Penn State. Congratulations to Professor McDaniel. Official Announcement.
News
November 17, 2009:
The paper "On Cellular Botnets: Measuring the impact of Malicious Devices on Cellular Network Core" written by Patrick Traynor, Michael Lin, Machigar Ongtang, Vikhyath Rao, Trent Jager, and Patrick McDaniel, presented at CCS 2009, was featured on New Scientist .
October 20, 2009:
Professor Patrick McDaniel was featured on State College News in a faculty Q&A.
October 20, 2009:
SIIS Lab student, Thomas Moyer, has been selected as a finalist to the CSAW Research Award Committee for his work on Scalable Web Content Attestation. This work studies the reasons why trusted hardware is becoming common in computers, but is seeing little adoption. Below, Tom describes his work: "Current commodity trusted hardware is very slow and as such is not used in high load systems, such as web servers. We have built a system that utilizes commodity trusted hardware to provide attestations of both the system state and the content being served with low overhead. We have integrated this system into a web server, and are currently exploring other systems that will benefit from being able to provide attestation of content and system state." Congratulations Tom.
October 13, 2009:
The Networking and Security Research Center Industry Day was held on 13-14 October, 2009.
August 28, 2009:
The papers "Semantically Rich Application-Centric Security in Android" written by Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel, "Scalable Web Content Attestation" written by Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger, and "Justifying Integrity Using a Virtual Machine Verifier" written by Joshua Schiffman, Thomas Moyer, Christopher Shal, Trent Jaeger, and Patrick McDaniel, have been accepted at the 25th Annual Computer Security Applications Conference (ACSAC) to be held December 7-11, in Hawaii, USA.
August 15, 2009:
The papers "On Cellular Botnets: Measuring the impact of Malicious Devices on a Cellular Network Core" written by Patrick Traynor, Michael Lin, Machigar Ongtang, Vikhyath Rao, Trent Jaeger, and Patrick McDaniel, and "On Lightweight Mobile Phone Application Certification" written by William Enck, Machigar Ongtang, and Patrick McDaniel, have been accepted at the 16th ACM Conference on Computer and Communications Security (CCS) to be held November 9-13, in Chicago, USA.
August 3, 2009:
Dave King passed his doctoral defense. Congratulations to Dr. King for his great work!
Upcoming Events
November 11, 2009:
William Enck, SIIS Lab student, will present the talk "On Lightweight Mobile Phone Application Certification", at CCS.
Abstract of the talk: "Users have begun downloading an increasingly large number of mobile phone applications in response to advancements in handsets and wireless networks. The increased number of applications results in a greater chance of installing Trojans and similar malware. This talk introduces the Kirin security service for Android, which performs lightweight certification of applications to mitigate malware at install time. Kirin certification uses security rules, which are templates designed to conservatively match undesirable properties in security configuration bundled with applications. We use a variant of security requirements engineering techniques to perform an in-depth security analysis of Android to produce a set of rules that match malware characteristics. Finally, we investigate the security configuration of over 300 popular Android applications to show that this approach can serve as an effective method of mitigating certain types of software misuse on mobile phones."
November 13, 2009:
Joshua Schiffman, SIIS Lab student, will present the talk "Securing Elastic Applications on Mobile Devices for Cloud Computing", at CCSW (CCS Workshop on Cloud Computing Security).
Abstract of the talk: "Cloud computing provides elastic computing infrastructure and resources which enable resource-on-demand and pay-as-you-go utility computing models. We believe that new applications can leverage these models to achieve new features that are not available for legacy applications. In our project we aim to build elastic applications which augment resource-constrained platforms, such as mobile phones, with elastic computing resources from clouds. An elastic application consists of one or more weblets, each of which can be launched on a device or cloud, and can be migrated between them according to dynamic changes of the computing environment or user preferences on the device. This paper overviews the general concept of this new application model, analyzes its unique security requirements, and presents our design considerations to build secure elastic applications. As first steps we propose a solution for authentication and secure session management between weblets running device side and those on the cloud. We then propose secure migration and how to authorize cloud weblets to access sensitive user data such as via external web services. We believe some principles in our solution can be applied in other cloud computing scenarios such as application integration between private and public clouds in an enterprise environment."
Mission
The following mission statement best sums up the activities of the SIIS Laboratory:
|
The SIIS Laboratory promotes student and scientific advancement through the investigation of emerging technologies upon which computer, network, and information security is based. |
Credo
I cannot think of a better statement of how I feel about scientific discovery than the following poem by Bill Watterson. I think it truly reflects the dual promise of both fun and discovery, which I feel should be the real objectives of any scientific endeavor. Put another way, life is simply too short to do work that is not both simultaneously engaging and enjoyable. To wit:
|
Explorers are we, intrepid and bold, Out in the wild, amongst wonders untold. Equipped with our wits, a map, and a snack, We're searching for fun we're on the right track! - Bill Watterson, Author of Calvin and Hobbes |
Sponsors
The laboratory is actively seeking sponsorship for its activities. We are receiving or have received support from the following agencies and organizations:
|
Contact Information
This webpage details the laboratory objectives and past and current research. If you are interested in learning more about the laboratory, current research, or possibilities for sponsorship, please contact the lab directly. All electronic communications should be directed to the laboratory administration at siis@cse.psu.edu. All physical correspondence should be directed to:
|
Systems and Internet Infrastructure Laboratory |
Other laboratory contact information:
|
Phone: +1 (814) 863-3599 |
Note: Given the large number of applicants, the laboratory must defer all admissions issues to the department of Computer Science and Engineering. Hence, if you are a student looking to be admitted to Penn State University, contact the department directly. If you are already a student at Penn State and wish to participate in SIIS research, please contact one of the faculty members in the lab.
NSRC | CSE | Penn State | Contact Us | Copyright 2008 SIIS Lab