Publications
Secure input validation in Rust with parsing-expression grammars
Summary
Summary
Accepting input from the outside world is one of the most dangerous things a system can do. Since type information is lost across system boundaries, systems must perform type-specific input handling routines to recover this information. Adversaries can carefully craft input data to exploit any bugs or vulnerabilities in these...
Security and performance analysis of custom memory allocators
Summary
Summary
Computer programmers use custom memory allocators as an alternative to built-in or general-purpose memory allocators with the intent to improve performance and minimize human error. However, it is difficult to achieve both memory safety and performance gains on custom memory allocators. In this thesis, we study the relationship between memory...
Rulemaking for insider threat mitigation
Summary
Summary
This chapter continues the topic we started to discuss in the previous chapter – the human factors. However, it focuses on a specific method of enhancing cyber resilience via establishing appropriate rules for employees of an organization under consideration. Such rules aim at reducing threats from, for example, current or...
Detecting food safety risks and human trafficking using interpretable machine learning methods
Summary
Summary
Black box machine learning methods have allowed researchers to design accurate models using large amounts of data at the cost of interpretability. Model interpretability not only improves user buy-in, but in many cases provides users with important information. Especially in the case of the classification problems addressed in this thesis...
A secure cloud with minimal provider trust
Summary
Summary
Bolted is a new architecture for a bare metal cloud with the goal of providing security-sensitive customers of a cloud the same level of security and control that they can obtain in their own private data centers. It allows tenants to elastically allocate secure resources within a cloud while being...
Learning network architectures of deep CNNs under resource constraints
Summary
Summary
Recent works in deep learning have been driven broadly by the desire to attain high accuracy on certain challenge problems. The network architecture and other hyperparameters of many published models are typically chosen by trial-and-error experiments with little considerations paid to resource constraints at deployment time. We propose a fully...
Improving security at the system-call boundary in a type-safe operating system
Summary
Summary
Historically, most approaches to operating sytems security aim to either protect the kernel (e.g., the MMU) or protect user applications (e.g., W exclusive or X). However, little study has been done into protecting the boundary between these layers. We describe a vulnerability in Tock, a type-safe operating system, at the...
MOVPE growth of LWIR AlInAs/GaInAs/InP quantum cascade lasers: impact of growth and material quality on laser performance
Summary
Summary
The quality of epitaxial layers in quantum cascade lasers (QCLs) has a primary impact on QCL performance, and establishing correlations between epitaxial growth and materials properties is of critical importance for continuing improvements. We present an overview of the growth challenges of these complex QCL structures; describe the metalorganic vapor...
Effect of surface roughness and H-termination chemistry on diamond's semiconducting surface conductance
Summary
Summary
The H-terminated surface of diamond when activated with NO2 produces a surface conduction layer that has been used to make FETs. Variations in processing can significantly affect this conduction layer. This article discusses the effect of diamond surface preparation and H termination procedures on surface conduction. Surface preparations that generate...
SIAM data mining "brings it" to annual meeting
Summary
Summary
The Data Mining Activity Group is one of SIAM's most vibrant and dynamic activity groups. To better share our enthusiasm for data mining with the broader SIAM community, our activity group organized six minisymposia at the 2016 Annual Meeting. These minisymposia included 48 talks organized by 11 SIAM members.