Schedule of Talks

• August 31, 2020: 3:30 PM PST, at EP 202

Speaker: Hasan Jamil, Department of Computer Science, University of Idaho

Title: An SQL^o front-end for Non-Monotonic Inheritance and De-referencing.

Abstract: While the interest in supporting object-oriented (OO) features such as non-monotonic inheritance and structure traversal in popular database query engines such as SQL fell out of vogue a decade or so ago, application developers have continued to craft these nifty features on an ad hoc and case by case basis. In this paper, we revisit these issues with new insights and demonstrate that the OO extension of SQL we propose is sufficient and powerful enough for at least modeling classes, non-monotonic inheritance and de-referencing in which simple tweaking of SQL with {\em tuple ID} helps capture these OO features cleanly and empower application developers with a powerful knowledge modeling tools.

Bio Sketch: Hasan Jamil is a CS Faculty at the University of Idaho.

• September 21, 2020: 3:30 PM PST, at EP 202

Speaker: Terence Soule, Department of Computer Science, University of Idaho.

Title: Evolvy Bugs? Pew Pew! Evolving Behaviors in a Mobile Space Shooter

Abstract: It is widely assumed that incorporating evolution has great potential to make video games much more challenging and compelling because the enemy population will adapt to the players' decisions and strategies. However, some game genres are better suited to incorporating evolutionary mechanics than others. In particular because evolution typically requires large population sizes and many generations it is difficult to incorporate in a casual, mobile game. First, because gameplay in a casual game usually only lasts for a few minutes’ evolution may not be able to rely on long time-scales. Second, because in a mobile game space (both memory and screen space) is limited evolution may not be able to rely on large populations. In this research we present our strategies for overcoming these limitations while developing the evolutionary, casual, mobile space shooter: “Evolvy Bugs? Pew Pew!”.

Bio Sketch: Dr. Terence Soule joined the University of Idaho as a faculty member in 2000. He is currently Chair of the Computer Science Department, an adjunct faculty member in Bioinformatics and Computational Biology, and the co-founder of the Polymorphic Games studio. Dr. Soule’s research focuses on the use of simulated evolution to evolve solutions to complex problems, including the evolution of cooperation and evolutionary learning by opponents in video games. He has published more than 60 research papers and is the editor of several volumes of conference proceedings.

• September 28, 2020: 3:30 PM PST, at EP 202

Speaker: Karen Thurston, Graduate Student, Department of Computer Science, University of Idaho.

Title: MACH-T: A Behavior-based Node Trust Evaluation Algorithm for Building Ad hoc Mobile Networks.

Abstract: MACH-T is a novel behavior-based algorithm for mobile ad hoc network node trust building. MACH-T uses historical mobile node geographic location traces to incrementally calculate node trust values based on the concepts of geographical node capability, commitment, and consistency. Motivation for this work is to increase resiliency in community and public service networks. Resiliency may be economically enhanced by building new ad hoc networks of private mobile devices and joining these to public service networks at specific trusted points. Resiliency in such ad hoc networks relies on security which is in turn built on trust. By first establishing trust, message confidentiality, privacy, and integrity may be implemented by well-known cryptographic means. In this article, we describe the MACH-T algorithm for automatically evaluating the trust of ad hoc network nodes. We also describe our experiments and results from evaluating MACH-T using real GPS traces from the Microsoft Research Geolife project. Our results show that MACH-T can successfully build a reliable trust value and corresponding confidence value based on learnt patterns of time spent in certain qualifying geographic locations.

Bio Sketch: Karen Thurston is a PhD student in the Department of Computer Science at the University of Idaho in Coeur d’Alene Campus. She received her MS degree in computer science from California State University, Sacramento in 1992 and worked for many years in industry as a software developer, systems analyst, project manager, independent verification and validation (IV&V) analyst, and consultant. She is currently teaching computer science online for Long Beach City College, Long Beach, California. Her current research focuses on trust algorithms for mobile ad hoc networks (MANETs).

• October 5, 2020: 3:30 PM PST, at EP 202

Speaker: Faisal Abdullah, Evolve Security, New York.

Title: Cybersecurity Risk Assessment.

Abstract: Cybersecurity risk management is both an art and a science. Organizations must first identify the risks to their data and information assets to mitigate them effectively. This talk will cover qualitative and quantitative risk analysis techniques that can be used to identify and quantify both accidental and malicious threats to computer systems within an organization. In addition to technical solutions, the talk considers strategies and policies that will provide cost effective and highly secure systems.

Bio Sketch: Dr. Faisal Abdullah is a multi-disciplinary educator and cybersecurity specialist with over 16 years of experience in academia and cybersecurity consulting. He has been the recipient of over $500,000 in grants from U.S. Department of Defense (DoD) and the National Security Agency (NSA). Faisal specializes in cybersecurity risk management for large and mid-sized organizations. He currently serves as the Director of Academy and Security Consultant at Evolve Security. He holds CISA and CISSP certifications.

• October 12, 2020: 3:30 PM PST, at EP 202

Speaker: Omar Alghushairy, Graduate Student, Department of Computer Science, University of Idaho

Title: An Efficient Local Outlier Factor for Data Stream Processing.

Abstract: In the era of big data, outlier detection has become an important task for many applications, such as detecting fraud transactions in credit card and network intrusion detection system. Data streams are an important type of big data, which recently has gained a lot of attention from researchers. Nevertheless, there are challenges in applying traditional outlier detection algorithms for data streams. One of the well-known algorithms of outlier detection is Local Outlier Factor (LOF). The issue with LOF is that it needs to store the whole dataset with its distances’ results in memory. In addition, it needs to start from the beginning and recalculate all processes if any change happens in the dataset, such as inserting a new data point.

Streaming data is a form of big data that keeps growing indefinitely and, as such, a unique feature of streaming data is its velocity. As the data keeps growing, it cannot be stored as a whole in the computer memory. So, specific designs are needed for LOF in data stream processing.

Bio Sketch: Omar received his Bachelor’s degree in information systems from King Abdulaziz University, Jeddah, Saudi Arabia, and his Master’s degree in computer science from the University of Bridgeport, CT USA. Currently, he is a PhD. candidate at the University of Idaho in CS Department and his research interests include data analysis, local outlier detection, data stream, and machine learning.

• October 19, 2020: 3:30 PM PST, at EP 202

Speaker: Ryan Hruska, Graduate Student, Department of Computer Science, University of Idaho

Title: N-dimensional time series analysis for detecting adversary behavior in computer networks.

Abstract: Modern security information and event management (SIEM) systems leverage advances in big-data storage and analytics capabilities to collect, store, and analyze system and network logs in attempt to detect intrusions and other potential threats. This project is seeking to advance the state-of-the-art in log, netflow, and packet analysis relevant SIEM systems. Specifically, this project seeks to develop an advanced database architecture and analysis methodology for host log and netflow analysis for historical and incident investigation. This included the integration of a scalable computational database with machine-learning methodologies to enable in-database analytics. This capability has the potential to eliminate the need to perform computational expensive extract, transform, load (ETL) processes required for in-depth analysis.

Bio Sketch: Ryan Hruska is Research Scientist within the Infrastructure Assurance and Analysis Division at the Idaho National Laboratory (INL). He has over 16 years of experience developing innovative technology solutions for the Department of Energy (DOE), Department of Homeland Security (DHS), and Department of Defense (DOD). His current research includes leading the develop of the All Hazards Analysis (AHA) Framework and Essential Function Analysis Capability (EFAC) for mission assurance modeling. His research interests include machine learning, data analysis, critical infrastructure modeling, cyber-security, remote sensing, and decision support systems. He has a M.S. in both Computer & Environmental Sciences, which includes a Geographic Information Systems Certificate, and a B.S. in Cartography from the University of Idaho. In addition, he is currently pursuing a PhD in Computer Science. Mr. Hruska is a Certified Information System Security Professional (CISSP) and current member of the IEEE Computer & Computational Intelligence Societies, Association for Computing Machinery (ACM), and has served as an adjunct professor for remote sensing in Idaho State University’s Department of Geosciences.

• October 26, 2020: 3:30 PM PST, at EP 202

Speaker: John Shovic, Department of Computer Science, University of Idaho.

Title: Robotic Research and Laboratories at the University of Idaho CDA.

Abstract: The Robotics program in Computer Science consists of three specialized courses Advanced Robotics 1/2 and Machine Vision (both graduate and undergrad versions) and a selection of Embedded Systems course and AI courses. We use the Vandal Manufacturing Automation Laboratory (VMAL) to train Computer Scientists in programming robotic using modern software design and with the use of Artificial Intelligence programming techniques for machine vision and sensor data analysis. Our program is designed to be very much a complement to a mechanical engineering based program, with our emphasis on not building robots, but rather programming robots and building software systems designed for tough manufacturing and vision problems. We have both mobile robots and full size manufacturing robots. We have a heavy emphasis on embedded systems in robotics. This presentation will focus on the program and highlight the graduate and undergraduate research we are performing in the robotics group.

Bio Sketch: Dr. Shovic joined Computer Science Faculty at the University of Idaho in Coeur d’Alene in 2017. His technical expertise is focused on the following fields: Manufacturing Robotics and applications of advanced AI techniques to Robotics, Embedded Systems and Real Time Operating Systems. Dr. Shovic joins the University after spending the last 8 years at a medical software startup company, InstiComm. He has worked in industry and academia for over thirty years and has founded multiple companies: Advance Hardware Architectures, TriGeo Network Security, Blue Water Technologies, InstiComm, SwitchDoc Labs and bankCDA.

He has also served as a Professor of Computer Science at Eastern Washington University, Washington State University and the University of Idaho. Dr. Shovic has given over 80 invited talks and has published over 70 papers on a variety of topics on Robotics, Sensors, HIPAA, GLB, computer security, computer forensics, embedded systems and others. He has written two books published by Wiley and Sons and APress, and is working on a number of projects involving applying AI techniques in Robotics both in Industrial Robotics and in Underwater Autonomous Drones.

• November 2, 2020: 3:30 PM PST, at EP 202

Speaker: Philip Freeman, Senior Technical Fellow, Boeing Research & Technology, The Boeing Company.

Title: Trends in industrial robotics.

Abstract: Robotics is going through a renaissance where new capabilities in autonomy, sensing, control, and collaboration are enabling breakthrough performance in industry. This presentation covers a range of areas of robotics research and development at Boeing from recent technology implementations on the factory floor to our thoughts on the next challenges in industrial robotics. Emphasis is on intelligent control, usable systems, and networked automation as key trends.

Bio Sketch: Senior Technical Fellow, Boeing Research & Technology, The Boeing Company.

• November 9, 2020: 3:30 PM PST, via Zoom

Speaker: Ali Mili, Department of Computer Science, NJIT.

Title: The Bane of Generate-and-Validate Program Repair: Too Much Generation, Not Enough Validation.

Abstract: To repair a program does not mean to make it (absolutely) correct; it only means to make it more-correct than it was originally. This is not a mundane academic distinction: given that typical software products have a dozen faults per KLOC, program repair tools ought to be geared toward transforming an incorrect program into another incorrect, albeit more-correct, program. Yet in the absence of a formal definition of relative correctness, program repair methods and tools have resorted to approximations of absolute correctness. In this talk we show that this state of affairs has caused such tools to generate massive search spaces, which are then searched using criteria that feature poor precision and poor recall. We show how relative correctness may reduce search spaces and enhance patch validation.

Bio Sketch: Ali Mili is professor of computer science and associate dean of the Ying Wu college of computing at NJIT .

• November 16, 2020: 3:30 PM PST, at EP 202

Speaker: Konstantinos Kolias, Department of Computer Science, University of Idaho.

Title: Analyzing Acoustic Emissions for Breaking Physical Locks.

Abstract: Side-channel analysis has been abused for inferring secret cryptographic keys from computer systems or for leaking sensitive information from air-gapped networks. Side-channels that can be taken advantage to perform such malicious activities include electromagnetic radiation, power consumption patterns, acoustic emanations. More specifically, in the past acoustic signals have been abused to infer keyboard typing without having a direct line of sight to the keyboard. In this work, we will present a methodology for capturing acoustic signals emitted when the key enters inside a lock. The sounds the key produces depend on the height of its edges. These signals can be analyzed to infer an approximation of the morphology of the key. The blueprints of the key can then be used to 3-D print a copy of the physical key.

Bio Sketch: Constantinos Kolias joined the Computer Science Department at the University of Idaho in 2018. Before that he served as a Research Assistant Professor under the supervision of Angelos Stavrou, in the CS Department at George Mason University. He received his doctorate in 2014 from the University of the Aegean under the supervision of Georgios Kambourakis. His main research interest revolves around security and privacy for the Internet of Things and critical infrastructures. He is also active in the design of intelligent Intrusion Detection Systems (IDS) with a special interest in privacy preserving distributed IDS. Other areas of interest include mobile and wireless communications security, and privacy enchasing techniques for the Internet. In 2015 he created and released the first wireless dataset specifically intended for research in wireless security, namely the AWID dataset. Today AWID has been downloaded and used as a benchmark by hundreds of organizations and universities.

• November 30, 2020: 3:30 PM PST, via Zoom

Speaker: Zakia Sultana, Department of Computer Science, Montclair State University.

Title: A Software Vulnerability Prediction Model using Traceable Code Patterns and Software Metrics.

Abstract: Software security is an important aspect of ensuring software quality. The goal of this study is to help developers evaluate software security at the early stage of development using code patterns and software metrics. For this, we used traceable patterns to predict software vulnerability. The concept of traceable patterns is like design patterns, but they can be automatically recognized and extracted from source code. If these patterns can better predict vulnerable code compared to the traditional software metrics, they can be used in developing a vulnerability prediction model to classify code as vulnerable or not. By analyzing and comparing the performance of traceable patterns with metrics, a vulnerability prediction model has been proposed. This study explored the performance of code patterns in vulnerability prediction and compared them with traditional software metrics. The study found that patterns have a lower false negative rate and higher recall in detecting vulnerable code than the traditional software metrics. In this presentation, we will discuss patterns and metrics based vulnerability prediction models and their prospect in software security. We will also focus on a few recent research relating human error and code smell with software vulnerability.

Bio Sketch: Dr. Kazi Zakia Sultana is an Assistant Professor at Montclair State University, NJ. She completed her Ph.D. from the department of Computer Science and Engineering at Mississippi State University. She received her BS Degree from the department of Computer Science and Engineering, Bangladesh University of Engineering and Technology (BUET), and an MS degree in Computer Science from Wayne State University, MI, USA. She subsequently worked as a Lecturer and then an Assistant Professor in two universities of Bangladesh. Her research interests are in empirical software engineering focusing on vulnerability prediction, software security, software metrics, software quality, software testing.

• December 7, 2020: 3:30 PM PST, at EP 202

Speaker: Jia Song, Department of Computer Science, University of Idaho.

Title: A Fuzzing Tool Based on Automated Grammar Detection.

Abstract: Software testing is an important step in the software development life cycle to ensure the quality and security of software. Fuzzing is a security testing technique which finds vulnerabilities automatically without access the source code. As one of the seven finalist teams of the DARPA Cyber Grand Challenge (CGC), a competition which was designed to spur innovative ideas for automated software repair and software vulnerability detection, our team (team CSDS) developed a fuzzing tool, JIMA-Fuzzing, to automatically find vulnerabilities from the challenge binaries. JIMA-Fuzzing is an effective fuzzing tool which utilizes the grammar detected from network traffic to automatically generate testing files for the target program. Based on the grammar detected from the sample input, the tool selects a portion of the valid user input, and fuzzes that portion. For example, the tool may greatly increase the size of the message, truncate the message, replace numeric values with new values, replace words with numbers, etc. Compared to fuzzing tools guided with symbolic execution or taint analysis, JIMA-Fuzzing takes much less computing power and time to analyze sample input and generate fuzzing files.

Bio Sketch: Dr. Jia Song is an assistant professor in the Department of Computer Science at the University of Idaho. She received her bachelor's in information security from Sichuan University, China. Her master's and doctorate in computer science were received from University of Idaho in 2012 and 2014, respectively. Her research focuses on cybersecurity with an emphasis on design, implementation and verification of high assurance computing systems, software security testing, and vulnerability analysis.