Accessible Access Control

programmer from behind and programming code on computer monitor. focus on monitor

Researchers:

Jean Mayo, PI, Associate Professor, Computer Science

Ching-Kuang Shene, co-PI, Professor, Computer Science

Steven Carr, co-PI, Adjunct, Computer Science, Michigan Technological University

Chaoli Wang, co-PI

Sponsor: National Science Foundation

Amount of Support: $199,164

Duration of Support: 3 years

Abstract: Access control is a last line of defense for protecting computer system resources from a compromised process. This is a primary motivation for the principle of least privilege, which requires that a process be given access to only those resources it needs in order to complete its task. Enforcement of this principle is difficult. A strict access control policy can contain tens of thousands of rules, while errors in the policy can interrupt service and put system resources at risk unnecessarily. This project is developing materials that facilitate education on modern access control models and systems. A policy development system leverages visualization to enhance student learning. The policy development system allows graphical development and analysis of access control policies. It runs at the user-level, so that student work does not impact operation of the underlying system and so that access to a specific operating system is not required. A set of web-based tutorials is being developed that are suitable for study out of the classroom. The project results will increase the number of institutions that offer deep coverage of access control in their curriculum and will facilitate development of the relevant expertise by workers who are not able to pursue formal education. Computer system security breaches cost companies billions of dollars per year. By helping to create a workforce trained to use modern access control systems effectively, this project increases the ability of industry to protect electronic data.

Publications: Carr, Steve and Mayo, Jean. “Workshop on Teaching Modern Models of Access Control Hands-on: Tutorial Presentation,” J. Comput. Sci. Coll., v.32, 2016, p. 35–36. doi:1937-4771

More info.

Multistatic GPR for Explosive Hazards Detection (Phase I & II)

Researcher: Timothy Havens, PI, William and Gloria Jackson Associate Professor of Computer Systems, and Director, Institute of Computing and Cybersystems

Sponsor: Akela, Inc. / U.S. Army

Amount of Support: $83,359

Abstract: In this project researchers examine how unmanned aerial vehicles and terrestrial GPR can coordinate to improve buried explosive hazard detection performance.

National University Rail (NURail) Center – Tier I

Researchers:

Pasi Lautala, PI, Associate Professor, Civil and Environmental Engineering, and Director, Rail Transportation Program, Michigan Tech Transportation Institute

Timothy Havens, Co-PI, William and Gloria Jackson Associate Professor of Computer Systems, and Director, Institute of Computing and Cybersystems

Philart Jeon, Co-PI, Adjunct Associate Professor, Computer Science and CLS

Paul Sanders, Co-PI, Patrick Horvath Endowed Professor of Materials Science and Engineering

Sponsor: US Department of Transportation / RITA

Amount of Support: $299,966

Abstract: The National University Rail (NURail) Center is a consortium of seven partner colleges and universities offering an unparalleled combination of strengths in railway transportation engineering research and education in North America. The NURail Center is the first USDOT OST-R University Transportation Center dedicated to the advancement of North American rail transportation. The Center is headquartered at the University of Illinois at Urbana-Champaign and includes researchers and educators who are experts and national leaders in railway infrastructure, systems and vehicles from seven prestigious academic institutions in the United States.

Implementation of Unmanned Aerial Vehicles (UAVs) for Assessment of Transportation Infrastructure

Copter flight against the blue sky. RC aerial drone.

Researchers:

Colin Brooks, PI, PhD Student, Biological Sciences

Timothy Havens, Co-PI, William and Gloria Jackson Associate Professor of Computer Systems

Kuilin Zhang, Co-PI, Assistant Professor, Civil and Environmental Engineering

Richard Dobson, Co-PI

Tess Ahlborn, Co-PI, Professor, Civil and Environmental Engineering

A. Mukherjee, Co-PI, Associate Professor, Civil and Environmental Engineering

Sponsor: Michigan Dept. Transportation (MDOT)

Amount of Support: $598,526

Abstract: As unmanned aerial vehicle (UAV) technology has advanced to become more capable at lower cost, it offers transportation agencies a more rapid and safer alternative to collect data for a variety of applications, including condition assessment, traffic monitoring, construction, asset management, operations, and other applications. Through successful research, development, and demonstrations during Phase 1 of this project, the Michigan Tech team was able to test multiple sensors on a Michigan-made multirotor UAV platform, along with other UAVs, enabling the collection of data types such as optical light detection and ranging (LiDAR) and thermal to achieve a detailed view of a bridge deck both on the surface and subsurface. These methods were developed to represent the type of data collected through Michigan Department of Transportation (MDOT) manual inspections. Further development of UAV technology for the use of transportation infrastructure assessment is required in order to fully implement these technologies into MDOT day-to-day operations. By successfully continuing UAV research and development for MDOT, the Michigan Tech team will produce practical applications of large datasets that will support MDOT’s business models and decision making processes.

Heterogeneous Multisensor Buried Target Detection Using Spatiotemporal Feature Learning

Researchers:

Timothy Havens, PI, William and Gloria Jackson Associate Professor of Computer Systems

Timothy Schulz, Co-PI, University Professor, Electrical and Computer Engineering

Sponsor: U.S. Army Research Office

Amount of Support: $285,900 (for the first year out of a potential 3-year project totaling $983,124)

Abstract: This project will investigate theory and algorithms for multisensor buried target detection that achieve high probability of detection and classification with low false-alarm-rate. The primary sensors of interest are multisensor FLGPR (i.e., FLGPR plus other sensor modalities, such as thermal video or LIDAR) and acoustic/seismic systems, although our methods will be applicable to other modalities as well.

Advanced Signal Processing and Detection Algorithms for Handheld Explosive Hazard Detection

Researchers:

Joseph Burns, PI, Senior Research Scientist, Michigan Tech Research Institute (MTRI)

Timothy Havens, Co-PI, William and Gloria Jackson Associate Professor of Computer Systems, and Director, Institute of Computing and Cybersystems

Brian Thelen, Co-PI

Mark Stuff, Co-PI

Joel LeBlanc, Co-PI

Adam Webb, Co-PI

Sponsor: U.S. Army

Amount of Support: $1,238,255

Abstract: The project investigates theory and algorithms for multi sensor buried target detection that achieve high probability of detection and classification with low false-alarm rate. The primary sensors of interest are handheld GPR and electromagnetic induction sensors.

Adaptive Memory Resource Management in a Data Center -A Transfer Learning Approach

Digital illustration of Cloud computing devices

Researcher: Steven Carr, PI

Sponsor: National Science Foundation, CSR: Small: Collaborative Research

Amount of Support: $112,000

Duration of Support: 5 years

Abstract: Cloud computing has become a dominant scalable computing platform for both online services and conventional data-intensive computing (examples include Amazon’s EC2, Microsoft’s Azure, IBM’s SmartCloud, etc.). Cloud computing data centers share computing resources among a large set of users, providing a cost effective means to allow users access to computational power and data storage not practical for an individual. A data center often has to over-commit its resources to meet Quality of Service contracts. The data center software needs to effectively manage its resources to meet the demands of users submitting a variety of applications, without any prior knowledge of these applications.

This work is focused on the issue of management of memory resources in a data center. Recent progress in transfer learning methods inspires this work in the creation of dynamic models to predict the cache and memory requirements of an application. The project has four main tasks: (i) an investigation into how recent advancements in transfer learning can help solve data center resource management problems, (ii) development of a dynamic cache predictor using on-the-fly virtual machine measurements, (iii) creation of a dynamic memory predictor using runtime characteristics of a virtual machine, and (iv) development of a unified resource management scheme creating a set of heuristics that dynamically adjust cache and memory allocation to fulfill Quality of Service goals. In tasks (i)-(iii), transfer learning methods are employed and explored to facilitate the transfer of knowledge and models to new system environments and applications based on extensive training on existing systems and benchmark applications. The prediction models and management scheme will be evaluated on common benchmarks including SPEC WEB and CloudSuite 2.0. The results of this research will have broad impact on the design and implementation of cloud computing data centers. The results will help improve resource utilization, boost system throughput, and improve predication performance in a cloud computing virtualization system. Additionally, the methods designed and knowledge they impart will advance understanding in both systems research and machine learning.

Link to additional info here.

A Controls Approach to Improve How Society Interacts with Electricity

Researchers:

Laura Brown, PI, Associate Professor, Computer Science

Wayne Weaver, Dave House Associate Professor, Mechanical Engineering-Engineering Mechanics

Chee-Wooi Ten, Associate Professor, Electrical and Computer Engineering

Sponsor: National Science Foundation: Collaborative Research: CRISP Type 2: Revolution through Evolution

Amount of Support: $699,796

Duration of Support: 4 years

Abstract: This CRISP project addresses the challenges associated with the rapid evolution of the electricity grid to a highly distributed infrastructure. The keystone of this research is the transformation of power distribution feeders, from relatively passive channels for delivering electricity to customers, to distribution microgrids, entities that actively manage local production, storage and use of electricity, with participation from individual customers. Distribution microgrids combine the advantages of the traditional electricity grid with the advantages of emerging distributed technologies, including the ability to produce and use power locally in the event of grid outages. The project will result in a unified model that incorporates key aspects of power generation and delivery, information flow, market design and human behavior. The model predictions can be used by policymakers to guide a transition to clean energy via distribution microgrids. The expectation is to enable at least 50% of electric power to come from renewable resources. This cannot be done with either the traditional grid, due to its limited capacity to accommodate intermittent renewable power sources, or with fully decentralized approaches, which would not be affordable for most utility customers.

This project addresses many socio-technological gaps necessary to translate from research discovery to commercial applications. To date, there is no theoretical framework to ensure system stability as renewable energy routed through power electronics replaces traditional rotating machinery. To achieve an optimal mix of storage performance and information bandwidth and to design nonlinear controllers, we will use Hamiltonian Surface Shaping Power Flow Control theory. We will study methods to detect malicious tampering with information flows. The complex interaction of intermittent resources, human behavior and market structures will be modeled in an agent-based simulation. System inputs will be provided by utility and meteorological data, and by behavioral models that incorporate information obtained by surveys, interviews and metering data. Emergent system dynamics will be abstracted and studied using dynamical complex network theory, to explore stability limits as a function of human behavior and market design. Finally, the effect of enhanced controllability of distribution systems on the robustness of large energy-information-social networks will be analyzed using interdependent Markov-chain models. Graduate students involved in this program will be exposed to a unique combination of skills from engineering, data analysis and social sciences; such cross-disciplinary training will prepare them for leadership roles in the emerging energy economy of tomorrow.

The ITSEED: Active Learning Laboratory Experiments for IT Security Education

Researchers

Xinli Wang, PI

Guy C. Hembroff, Associate Professor, College of Computing

Sponsor: National Science Foundation

Amount of Support: $199,934

Duration of Support: 4 years

The goal of this research is to enhance the security component in undergraduate IT education to meet the strong demand for security professionals in IT fields.

It has been widely admitted by researchers, educators and students that the benefits of hands-on lab experiments are threefold in IT security education:

  • They expose students to the real-world challenges of computer and network security.
  • They help students consolidate and gain in-depth understanding of the knowledge presented in class lectures.
  • These hands-on activities help students to be better prepared for their careers in industry.

This project will develop a collection of instructional hands-on laboratories for undergraduate IT security education to achieve the following objectives:

  • To provide students with an active-learning environment by challenging them with real-world problems in the field of IT security.
  • To provide students with the opportunity to learn from experiences with advanced technologies and well developed tools which will make them better prepared for their careers in industry.
  • To help instructors prepare and deliver security courses more effectively and efficiently by making the lab experiments publicly accessible through the Internet.

This project is a collaborative effort between Michigan Technological University and the University of Washington Tacoma.

Visit the National Science Foundation page for this research.

Publications and Presentations

Teaching Offensive Security in a Virtual Environment. A Tutorial Presentation at the Seventeenth Annual CCSC Northwestern Regional Conference in Seattle, WA, USA, October 9-10, 2015 and published on the Journal of Computing Sciences in Colleges, October 2015.

Hands-on Exercises for IT Security Education. A paper presented and published on the Proceedings of the 16th Annual Conference on Information Technology Education, in Chicago, IL, USA, September 30 – October 3, 2015.

Certification with Multiple Signatures. A paper presented and published on the Proceedings of the 4th Annual ACM Conference on Research in Information Technology, in Chicago, IL, USA, September 30 – October 3, 2015.

Domain Based Certification and Revocation. A paper presented and published on the Proceedings of the 2015 International Conference on Security and Management (SAM/15), in Las Vegas, NV, US, July 27 – 30, s015.

ITSEED: hands-on labs for IT security education. A workshop at the ACM SIGCSE 2014 in Atlanta, GA, US, March 5-8, 2014.

ITSEED: Development of Instructional Laboratories for IT Security Education. A presentation at the “2013 USENIX Summit for Education in System Administration”, Washington, D.C., US, November 5, 2013.

Administrative Evaluation of Intrusion Detection System. A paper presented on the ACM SIGITE/RiIT 2013, in Orlando, Florida, US, October 10-12, 2013.

Optimal Joint Spectrum Allocation and Scheduling for Cognitive Radio Networks

Researcher: Xiaohua Xu, PI, Affiliate ICC Member

Sponsor: National Science Foundation

Amount of Support: $244,808

Duration of Support: 2 Years

Abstract: Cognitive Radio Network is considered as a promising paradigm for the future networks. To significantly improve spectrum utilization, we conduct optimal or near-optimal joint spectrum allocation and scheduling in cognitive radio networks. We address critical and practical challenges for spectrum allocation and scheduling in cognitive radio networks, in particular multi-hop cognitive radio networks, such as dynamic traffic demands and pattern, unpredictable primary user activity, wireless interference, and coexistence. We develop creative models and algorithms in the framework of restless multi-armed bandit where the problem for spectrum allocation and scheduling in cognitive radio networks is formulated as a partially observable Markov decision process. The proposed methodology is novel in that it intelligently combines the networked multi-armed bandit modeling, graph theory, and communication scheduling theories. The developed algorithms, models, and protocols significantly improve spectrum utilization in future wireless communication systems and advance the fundamental knowledge and understanding of cognitive radio networks. The proposed algorithms, protocols, and models enable future wireless systems to design, deploy, and operate much more efficiently than today’s systems, which will result in significant economical, societal, and public safety impacts

Objectives: The objective of this project is to significantly improve spectrum utilization through conducting optimal or near-optimal joint spectrum allocation and scheduling in cognitive radio networks. The PIs address critical and practical challenges for spectrum allocation and scheduling in cognitive radio networks, in particular multi-hop cognitive radio networks, such as dynamic traffic demands and pattern, unpredictable primary user activity, wireless interference, and coexistence. A test-bed will be set up to extensively evaluate the designed algorithms and protocols.

Broader Impacts: This project significantly improves the design, deployment, and operation of future wireless communication systems. The proposed algorithms, protocols, and models enable future wireless systems to share spectrum much more efficiently than today’s systems, which will result in significant economical, societal, and public safety impacts. In addition, the proposed research is integrated into education and training for both undergraduate and graduate students. This project also significantly broadens the participation of underrepresented minority groups, e.g., the Native Americans in South Dakota.

Publications
Wang, Lixin and Xu, Xiaohua. “Approximation Algorithms for Maximum Weight Independent Set of Links Under the SINR Model,” Ad-hoc \& sensor wireless networks, v.17, 2013, p. 293–311.

Xu, Xiaohua and Li, Xiang-Yang and Song, Min. “Efficient aggregation scheduling in multihop wireless sensor networks with sinr constraints,” Mobile Computing, IEEE Transactions on, v.12, 2013, p. 2518–252.

More details