Category Archives: Chen-CS

Bo Chen Receives $250K NSF Award for Mobile PDE Systems Research

Bo Chen, CS

Bo Chen, assistant professor of computer science and member of the Institute of Computing and Cybersystems Center for  Cybersecurity, is the principal investigator on a project that has received a $249,918 research and development grant from the National Science Foundation. The project is entitled, “SaTC: CORE: Small: Collaborative: Hardware-Assisted Plausibly Deniable System for Mobile Devices.” This is a potential three-year project.

Abstract: Mobile computing devices typically use encryption to protect sensitive information. However, traditional encryption systems used in mobile devices cannot defend against an active attacker who can force the mobile device owner to disclose the key used for decrypting the sensitive information. This is particularly of concern to dissident users who are targets of nation states. An example of this would be a human rights worker collecting evidence of untoward activities in a region of oppression or conflict and storing the same in an encrypted form on the mobile device, and then being coerced to disclose the decryption key by an official. Plausibly Deniable Encryption (PDE) has been proposed to defend against such adversaries who can coerce users into revealing the encrypted sensitive content. However, existing techniques suffer from several problems when used in flash-memory-based mobile devices, such as weak deniability because of the way read/write/erase operations are handled at the operating systems level and at the flash translation layer, various types of side channel attacks, and computation and power limitations of mobile devices. This project investigates a unique opportunity to develop an efficient (low-overhead) and effective (high-deniability) hardware-assisted PDE scheme on mainstream mobile devices that is robust against a multi snapshot adversary. The project includes significant curriculum development activities and outreach activities to K-12 students.

This project fundamentally advances the mobile PDE systems by leveraging existing hardware features such as flash translation layer (FTL) firmware and TrustZone to achieve a high deniability with a low overhead. Specifically, this project develops a PDE system with capabilities to: 1) defend against snapshot attacks using raw flash memory on mobile devices; and 2) eliminate side-channel attacks that compromise deniability; 3) be scalable to deploy on mainstream mobile devices; and 4) efficiently provide usable functions like fast mode switching. This project also develops novel teaching material on PDE and cybersecurity for K-12 students and the Regional Cybersecurity Education Collaboration (RCEC), a new educational partnership on cybersecurity in Michigan.

Publications related to this research:

[DSN ’18] Bing Chang, Fengwei Zhang, Bo Chen, Yingjiu Li, Wen Tao Zhu, Yangguang Tian, Zhan Wang, and Albert Ching. MobiCeal: Towards Secure and Practical Plausibly Deniable Encryption on Mobile Devices. The 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN ’18), June 2018 (Acceptance rate: 28%)
[Cybersecurity ’18] Qionglu Zhang, Shijie Jia, Bing Chang, Bo Chen. Ensuring Data Confidentiality via Plausibly Deniable Encryption and Secure Deletion – A Survey. Cybersecurity (2018) 1: 1.
[ComSec ’18 ] Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen Tao Zhu, Yingjiu Li, and Zhan Wang. User-Friendly Deniable Storage for Mobile Devices. Elsevier Computers & Security, vol. 72, pp. 163-174, January 2018
[CCS ’17] Shijie Jia, Luning Xia, Bo Chen, and Peng Liu. DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer. 2017 ACM Conference on Computer and Communications Security (CCS ’17), Dallas, Texas, USA, Oct 30 – Nov 3, 2017 (Acceptance rate: 18%)
[ACSAC ’15] Bing Chang, Zhan Wang, Bo Chen, and Fengwei Zhang. MobiPluto: File System Friendly Deniable Storage for Mobile Devices. 2015 Annual Computer Security Applications Conference (ACSAC ’15), Los Angeles, California, USA, December 2015 (Acceptance rate: 24.4%)
[ISC ’14] Xingjie Yu, Bo Chen, Zhan Wang, Bing Chang, Wen Tao Zhu, and Jiwu Jing. MobiHydra: Pragmatic and Multi-Level Plausibly Deniable Encryption Storage for Mobile Devices. The 17th Information Security Conference (ISC ’14), Hong Kong, China, Oct. 2014

Link to more information about this project: https://snp.cs.mtu.edu/research/index.html#pde


Bo Chen is PI of $200K NSF Research and Development Grant

Bo Chen (CS/CyberS) is Principal Investigator on a project that has received a $199,975 research and development grant from the National Science Foundation. The project is titled “EAGER: Enabling Secure Data Recovery for Mobile Devices Against Malicious Attacks.” This is a potential two-year project.

Abstract: Mainstream mobile computing devices like smart phones and tablets currently rely on remote backups for data recovery upon failures. For example, an iPhone periodically stores a recent snapshot to iCloud, and can get restored if needed. Such a commonly used “off-device” backup mechanism, however, suffers from a fundamental limitation that, the backup in the remote server is not always synchronized with data stored in the local device. Therefore, when a mobile device suffers from a malware attack, it can only be restored to a historical state using the remote backup, rather than the exact state right before the attack occurs. Data are extremely valuable for both organizations and individuals, and thus after the malware attack, it is of paramount importance to restore the data to the exact point (i.e., the corruption point) right before they are corrupted. This, however, is a challenging problem. The project addresses this problem in mobile devices and its outcome could benefit billions of mobile users.

A primary goal of the project is to enable recovery of mobile devices to the corruption point after malware attacks. The malware being considered is the OS-level malware which can compromise the OS and obtain the OS-level privilege. To achieve this goal, the project combines both the traditional off-device data recovery and a novel in-device data recovery. Especially, the following research activities are undertaken: 1) Designing a novel malware detector which runs in flash translation layer (FTL), a firmware layer staying between OS and flash memory hardware. The FTL-based malware detector ensures that data being committed to the remote server will not be tampered with by the OS-level malware. 2) Developing a novel approach which ensures that the OS-level malware is not able to corrupt data changes (i.e., delta) which have not yet been committed to the remote server. This is achieved by hiding the delta in the flash memory using flash storage’s special hardware features, i.e., out-of-place update and strong physical isolation. 3) Developing a user-friendly approach which can allow users to conveniently and efficiently retrieve the delta hidden in the flash memory for data recovery after malware attacks.

Link to an Unscripted article about related research at  https://www.mtu.edu/unscripted/stories/2018/march/how-to-speed-up-bare-metal-malware-analysis-and-better-protect-mobile-devices.html.


ICC Members Receive Achievement Awards at Annual Banquet

Soner Onder, Bo Chen, Kevin TrewarthaAt the annual awards banquet of the Michigan Tech Institute of Computing and Cybersysytems (ICC), on Friday, April 12, three ICC members received the ICC Achievement Award in recognition of their exceptional contributions to research and learning in the fields of computing.

Soner Önder, director of the ICC Center for Scalable Architectures and Systems and professor of computer science, was recognized for his research in next-generation architectures. Önder is principal investigator of three National Science Foundation (NSF) grants, and he has three NSF grant proposals under review.

“Soner is one of our very top researchers in terms of research expenditures and new awards,” said Tim Havens, ICC director and the William and Gloria Jackson Associate Professor of Computer Systems. “He is also active in developing and implementing the ICC vision and activities.”

Kevin Trewartha, a member of the ICC’s Center for Human-Centered Computing, was recognized for his interdisciplinary and collaborative research at the intersection of technology and human motor movement. Trewartha is an assistant professor with a dual appointment in the departments of Cognitive and Learning Sciences and Kinesiology and Integrative Physiology.

“Kevin encompasses the best of the ICC vision,” said Beth Veinott, director of the ICC Center for Human-Centered Computing and associate professor of cognitive and learning sciences.

Trewartha is co-principal investigator, with ICC member Shane Mueller, of a new, three-year, interdisciplinary and collaborative project funded by the National Institutes of Health. For this research, Trewartha and Mueller are working with UP Health Systems Portage and five graduate and three undergraduate students to investigate how technology supports earlier diagnosis of the neurodegenerative diseases.

Bo Chen, a member of the ICC’s Center for Cyber-Physical Systems and assistant professor of computer science, was recognized for his teaching and research in cybersecurity of mobile devices.

Chen is the co-PI of two external grants on cybersecurity from the National Science Administration, and he has submitted numerous cybersecurity proposals to NSF, NSA, Microsoft, and Google.

“Dr. Bo Chen has demonstrated achievements and contributions to the mission of the ICC since coming to Michigan Tech as a tenure-track CS faculty in fall ’17,” said ICC members Guy Hembroff and Yu Cai in their nomination, adding that during that short time, “Dr. Chen has published one book, five journal papers, and 10 conference papers, and in 2017 he was awarded a Distinguished Paper Award from the prestigious cybersecurity venue, the Annual Computer Security Application Conference (ACSAC ’17).”

Chen is the faculty coach for the MTU NCL (National Cyber League) cyber competition team, and during the fall 2018 regular season under Chen’s leadership, a Michigan Tech CS undergraduate student placed 36th out of 3,350 players in NCL cyber competition. Dr. Chen was also recently recognized for receiving an exceptional “average of seven dimensions” student evaluation score for his teaching, among additional accolades.

The ICC, founded in 2015, promotes collaborative, cross-disciplinary research and learning experiences in the areas of cyber-physical systems, cybersecurity, data sciences, human-centered computing, and scalable architectures and systems. It provides faculty and students the opportunity to work across organizational boundaries to create an environment that mirrors contemporary technological innovation.

Five research centers comprise the ICC. The ICC’s 50 members, who represent 15 academic units at Michigan Tech, are collaborating to conduct impactful research, make valuable contributions in the field of computing, and solve problems of critical national importance.

Visit the ICC website at icc.mtu.edu. Contact the ICC at icc-contact@mtu.edu or 906-487-2518.


Computer Science Workshop Held April 5-7

Explore CSR GroupMichigan Tech hosted the workshop “Exploring Computer Science Research” last Friday – Sunday (April 5-7). The workshop was one of 15 Google has sponsored in the U.S. and was organized by four CS Faculty: Leo Ureel, Linda Ott, Jean Mayo and Laura Brown; Jean Mayo and Laura Brown are members of the ICC. The workshop was for women and underrepresented groups to explore research and graduate school opportunities in computer science.

There were 26 attendees from six universities and colleges across Michigan and Wisconsin. Over the course of the weekend each student participated in a research experience, investigating a research question with a faculty mentor. Topics included:

Machine Vision – Robert Pastel, ICC Center for Human-Centered Computing

Data Science in Energy Systems – Laura Brown, ICC Center for Data Sciences

Cybersecurity and Privacy in Storage Systems – Bo Chen, ICC Center for Cybersecurity

Agent-based Simulations in Education – Leo Ureel

Human Computer Interactions: Natural Language Processing for Assistive Technologies – Keith Vertanen, ICC Center for Human-Centered Computing

After learning about and working on their research topics, the students presented out to the group. In addition to their research experiences, attendees learned about different job opportunities after graduate school, heard how to apply to graduate schools and talked to current graduate students about the graduate school experience and their research.

Guest speakers included Niloofar Gheissari and Anja Gruenheid, two Google employees, Pushpalatha Murthy, Dean of the Graduate School and Robin Hunicke, our keynote speaker from the University of California Santa Cruz and Funomena.