Successes and Failures applying to SaTC /TWC/TC/CT

1. Successes and Failures applying to SaTC/TWC/TC/CT Nikita Borisov University of Illinois at Urbana-Champaign

2. My SaTC Experience • First PI experience in 2006 • Four funded projects through some version of SaTC • Vulnerability signatures in intrusion detection • Security and privacy in building automation • Network traffic analysis • Anonymous communications (CAREER) • About as many rejections • Half dozen panels

3. Vulnerability Signatures • Traditional signatures in intrusion detection: recognize attack • E.g., “AAAA….AAAA?idapi.ida” for CodeRed • Too specific: • CodeRed II used “NNNN….NNNN?idapi.ida” • Vulnerability signatures: recognize attack vector • Challenge: faithfully reconstruct application parsing state with high performance

4. Behind the Proposal • Genesis: internship at Microsoft Research as graduate student • Development: • Identify basic research challenges • Create evaluation strategy • Collaboration: • Two senior co-PIs / mentors

5. Building Automation • Newer buildings use networked sensors and controls for lights, doors, HVAC, etc. • Opportunity for applications that enrich inhabitants’ lives • Woefully insecure • Challenge: design interface that enables applications while preserving important privacy and security constraints

6. Behind the Proposal • Genesis: Class project on applications for building automation • Development: • Identify general principles that can be applied in this setting • Collaboration: • My co-instructor in the course

7. Traffic Analysis • Encrypted network traffic contains patterns: packet sizes, timings, counts, … • Side channel that reveals information • User identity • Password characters • Web page content • VoIP phrases • Challenge: Rigorous, systematic understanding of attacks and defenses

8. Behind the Proposal • Genesis: Attack paper on network watermarking schemes • Development: • Identify several important problems • Formulate fundamental theoretic questions • Connect them to experimental validation plan • Collaboration: • Co-author from attack paper • Another communications expert • Senior mentor

9. Anonymous Communications • Internet communication leaks metadata about interests, relationships, behavior, etc. • This information is (ab)used by ISPs, employers, advertisers, intelligence agencies, repressive regimes, … • Anonymity networks, such as Tor help protect metadata, but at a large performance cost • Challenge: creating scalable, high-performance overlay networks while minimizing leaked information

10. Behind the Proposal • Genesis: PhD work, followed by several years of research • Development: • Detailed description of next few research papers • Collaboration: • Support letters from foreign collaborator

11. Lessons from Rejections • SaTC panelists are notorious skeptics! • Your job to convince them your approach will work and be secure • Missing related work can be a killer • Spend twice as much time as you think you need • Avoid being too broad

12. Closing Thoughts • Get thee on a panel! • Can’t beat first-hand experience • PMs often struggle to fill slots • Get co-PIs with prior SaTC successes • Can be helpful even at a low commitment level • Enjoy the experience! • Even unfunded proposals have payoffs