|
|
Systems & Networking
Interns and Visiting Researchers
Each summer the Systems and
Networking Research Group at Microsoft Research has several
outstanding students from top schools join the group for research internships.
Many of the research projects they have pursued have resulted in refereed
research publications, including those winning best paper awards.
This page lists the interns who have worked with us in 2004.
2004 Research Interns
TBD
This summer I and David Brumley worked with Helen Wang on the
Shield Project,
building a generic application-level protocol analyzer (GPA). We designed a
policy language for specifying protocol analyzers and an engine that
interprets the policy and parses protocol messages. The intent is that a
protocol would be specified in its entirety in the policy language, and as
vulnerabilities in the application are discovered, checks would be added to
the policy to catch exploit attempts. An important challenge in our design
has been making the language general enough to support a large number of
protocols yet simple enough so that creating policies is straightforward and
not error-prone. To simplify policy design, we identified a number of
protocol abstractions, such as sessions and layering, and added support for
them in the language. And to reduce the chance of errors we introduced both
static and dynamic safety checks, as well as restricted the expressiveness
of the language. We validated our language by specifying a large number of
both binary and text-based protocols; we have also built translators from
ASN.1 and IDL to our policy language.
Our implementation includes support for incremental, event-driven parsing
and execution of policies, as well as a number of optimization, both of
which are essential for the Shield application. We have tested the
implementation using HTTP network traces taken from the microsoft.com web
server.
This summer I and Nikita Borisov worked with Helen Wang on the
Shield Project,
building a generic application-level protocol analyzer (GPA). We designed a
policy language for specifying protocol analyzers and an engine that
interprets the policy and parses protocol messages. The intent is that a
protocol would be specified in its entirety in the policy language, and as
vulnerabilities in the application are discovered, checks would be added to
the policy to catch exploit attempts. An important challenge in our design
has been making the language general enough to support a large number of
protocols yet simple enough so that creating policies is straightforward and
not error-prone. To simplify policy design, we identified a number of
protocol abstractions, such as sessions and layering, and added support for
them in the language. And to reduce the chance of errors we introduced both
static and dynamic safety checks, as well as restricted the expressiveness
of the language. We validated our language by specifying a large number of
both binary and text-based protocols; we have also built translators from
ASN.1 and IDL to our policy language.
Our implementation includes support for incremental, event-driven parsing
and execution of policies, as well as a number of optimization, both of
which are essential for the Shield application. We have tested the
implementation using HTTP network traces taken from the microsoft.com web
server.
TBD
Least privilege is a well-known principle in building secure software:
users should only have the privileges necessary to accomplish the task they
need to accomplish. Unfortunately, the normal Windows experience is still
that every user needs to be an administrator, which is a big security
concern. This summer, we built the
Strider Security Check Tracer to make it easier for developers or system
administrators to identify applications' least-privilege incompatibilities
(i.e., unnecessary dependencies on admin privileges). We have verified that
the tracer successfully captured all causes of the least-privilege
incompatibilities in every example application that we have so far
collected. This is joint work with John Dunagan, Chad Verbowski and Yi-Min
Wang.
This summer I have been working with Feng Zhao and Jie Liu in the
Networked Embedded Computing group. As networked embedded devices such as
wireless sensors become more prevalent, we need better, more scalable ways
to organize and program them. Our group is developing new architectures,
models, and tools for organizing and programming these systems.
This summer, I worked on a multi-tier architecture for wireless sensor
networks. At the bottom tier of the hierarchy, cheap, programmable sensor
nodes transmit data about the physical environment. The middle tier consists
of more capable and powerful nodes called microservers, which receive the
sensor data and perform computations. At the highest tier, users initiate
queries and other application requests using PC- and server-class devices.
We have developed a service model to program the microservers. Services
are loosely coupled components encapsulating data and computation, and they
can be dynamically discovered and composed to form a program that may span
across multiple microserver nodes. This summer, I created a microserver
runtime system which accepts service compositions described in an XML format
and dynamically instantiates the requested services based on this
description. The runtime system uses a publish/subscribe execution model to
enable run-time adaption. This architecture can enable task analysis to
achieve resource efficiency, which is especially critical in energy- and
bandwidth-constrained devices.
I'm working on lightweight threads and endpoints for the Singularity
research operating system. The most significant component of this work is
stack linking-that is, allowing a thread's stack to grow and shrink
dynamically. With this mechanism in place, we can avoid large preallocated
stacks, which are the main obstacle to lightweight threads. This mechanism
is implemented with the help of some modifications to the Bartok compiler.
In particular, Bartok now provides a call graph analysis that minimizes the
number of stack checks that must be added during compilation.
Project: Deeply embedded and densely distributed networked systems that
can sense and control the environment, perform local computations, and
communicate the results will allow us to interact with the physical world on
space and time scales previously unimaginable. This enabling nature of
sensor actuator networks has contributed to a groundswell of research on
both the system issues encountered when building such networks and on the
fielding of new classes of applications.
I spent this summer working with Feng Zhao, Jie Liu, Elaine Cheong, and
Kamin Whitehouse, in the Networked Embedded Computing Group, to help
establish the Microsoft efforts in this exciting area. My work has focused
on building a new lab, helping to field and demonstrate a sensor network
application and prototyping a Microsoft platform that can support sensor
network (and ubiquitous computing) research.
This talk will provide an overview of the available platforms and
describe our own platform efforts at Microsoft. In particular, we have
prototyped a new hardware platform for sensor networks based on the
Microsoft SPOT Stamp and the Chipcon CC2420 radio. This platform supports
the IEEE 802.15.4 PHY and elements of the MAC. Our library implementation
includes a simple, UdpClient-like application programming interface, and
sample applications for interoperability with IEEE802.15.4 motes that run
TinyOS.
Privacy-Preserving Friends Troubleshooting Network. In this summer,
I worked with Helen on privacy-preserving automatic misconfiguration
troubleshooting in Peer-to-Peer networks. We have designed, implemented, and
evaluated Friends Troubleshooting Network, a peer-to-peer overlay network
that aggregates privacy-sensitive configuration data from peers to carry out
PeerPressure-based misconfiguration root-cause diagnosis. The links between
FTN nodes reflect the friendship of their owners. The FTN manifests
recursive trust rather than transitive trust. In FTN, we use historyless and
futureless random-walk for integrated search and cluster-based parameter
aggregation to achieve privacy. Many of our design decisions are guided by a
real-world friends network topology obtained from the MSN IM network. FTN
poses interesting tradeoffs between privacy and protocol efficiency which we
have analyzed in detail with the real-world friends network data. The
performance of our current prototype allows enterprise users to diagnose
misconfigurations in a minute with a high privacy guarantee.
Project: Real-time CPU Scheduling in Managed Code. This summer, I ported
the
Rialto scheduler and its associated
simulator from the SOSP
'97 version to C#. This was done so that it could be the first-cut
real-time scheduler for the Singularity project. This involved taking a
scheduler and simulator in C++, translating the code into managed code,
making the scheduler modular, and refactoring the code so that the scheduler
could run (unmodified) in the kernel of the Singularity operating system.
Additionally, my summer project included adding multi-processor support to
the simulator, and updating the API to reflect the new work being done in
multi-resource scheduling. Validation of this work is in the form of a
working kernel scheduler and a few test commands to verify that the CPU
reservations are being honored, writing a non-real time round-robin
scheduler for comparison and validation, testing both schedulers in the
simulator as a uniprocessor with a set of extensive simulation tests, and
testing the round-robin scheduler in the simulator on the same simfiles with
2-4 processors.
This summer I worked with Jitu Padhye and Victor Bahl on developing a new
MAC protocol that uses a low bandwidth channel for control purposes.
Spectrum is available in multiple frequency bands. Each frequency band has
different propagation characteristics. We proposed to use bandwidth at lower
frequencies for a low rate, high range control channel. Bandwidth at higher
frequencies is used for a high rate, low range data channel. The project is
exploring the benefits of control channel MAC with omni as well as
directional antennas on the data channel.
TBD
TBD
TBD
TBD
This summer I worked with Galen Hunt on the Singularity project.
TBD
This summer I worked with Alec Wolman on studying the characteristics of
the WLAN at Microsoft. As part of the project I enhanced the polling utility
to collect the SNMP data from various access points, designed and perform
experiments to validate the information collected for each OID that the SNMP
polling software currently collects from the Access Points, and refined the
list of OIDs that we collected based on these results. This data needs to be
analyzed to see if the WLAN was similar or different from the others.
This summer I've been working with Dan Simon to help ameliorate
unintended code paths from accessing sensitive resources, such as local
files. These bugs represent a large number of security bugs in existing
software projects, such as Internet Explorer, that often support a highly
componentized architecture with plug-in script engines. The interaction of
the dynamic components is often difficult for the developer to foresee. The
bugs do not rely on buffer overruns, so it is unlikely that moving to a type
safe language like Java or C# will solve the problem. The work focuses on
managed code applications since they offer a finer grained security model
than an unsafe language.
I developed a tool that allows developers to analyze their application
and use Code Access Security to enforce a policy that restricts which
resources a particular function can access.
TBD
This summer I worked with Jitu Padhye and Venkat Padmanabhan on
developing a tool called TCPscope. TCPscope was built as a part of the
NetHealth project whose goals are to develop tools and techniques to monitor
and analyze computer networks, and detect and diagnose problems in them.
TCPscope is one such tool, which analyzes the network to estimate various
metrics of each TCP connection, from the vantage point of a client host. The
metrics we calculate include throughput, RTT, packet loss rate, and packet
retransmission & reordering rates. We also developed a GUI which draws
graphs for sequence number progression, CWND progression, and several other
cumulative statistics of a TCP connection.
TBD
TBD
My project: FDR - Flight Data Recorder. In this project we are trying to
use black-box analysis to the persistent state changes to manage changes on
a computer. Persistent state here means the registry system and file system.
Our goal of this project is: given all the registry and file modification
traces of some machine, we can automatically group them into meaningful
groups that are corresponding to the actions happened on that machine.
During the summer we've finished initial algorithm design and implemented a
GUI to present results. Later we are wishing to refine it and do more
experiment using more traces.
TBD
Systems and Networking Research Group | Interns and visitors from all years
|
