I work in diverse set of research are in security, systems and networking. Below are highlights of the key thrusts I am or have been involved in over the years. This is a subset of the work but fairly representative of my technical interests.
Adversarial Machine Learning
Description: Machine learning is revolutionizing technology and society. However, like any technology, it can be misused by adversaries and our understanding of the potential threats remains limited. If machine learning is to part of any critical decision making process, we must be able to detect and mitigate threats at both training and inference phases. In this vein of research, I have studied a myriad of threats to machine learning at all stages of its lifecycle and proposed a variety of methods that bring us closer towards trustworthy machine learning systems.
- co-PI, MURI: Cohesive and Robust Human-Bot Cybersecurity Teams, Army Research Office, $6,000,0000 (PSU award $739,527), 07/01/2021-06/30/2026, Collaborators: Many.PI, Mapping Black-Box Attack Metrics and Parameter Spaces in Machine Learning, US Army Aviation and Missile Research, Development and Engineering Center, $436,677 (PSU award $436,677), 6/25/2019-6/24/2022, Collaborators: (single PI). PI, SaTC CORE: Frontier: Collaborative: End-to-End Trustworthiness of Machine-Learning Systems, NSF (CNS), $9,649,366 (PSU award $2,044,550), 8/15/2018-3/31/2023, Collaborators: Boneh (Stanford), Chaudhuri (UCSD), Evans (Virginia), Jha (Wisconsin), Liang (Stanford), Song (Berkeley).co-PI, MURI: Cohesive and Robust Human-Bot Cybersecurity Teams, Army Research Office, $6,000,0000 (PSU award $739,527), 07/01/2021-06/30/2026, Collaborators: Many.PI, Mapping Black-Box Attack Metrics and Parameter Spaces in Machine Learning, US Army Aviation and Missile Research, Development and Engineering Center, $436,677 (PSU award $436,677), 6/25/2019-6/24/2022, Collaborators: (single PI).
- Patrick McDaniel, Nicolas Papernot, and Berkay Celik, Machine Learning in Adversarial Settings. IEEE Security &
Privacy Magazine, 14(3), May/June, 2016.Ryan Sheatsley, Blaine Hoak, Eric Pauley, Yohan Beugin, Michael Wiesman, and Patrick McDaniel. On the Robustness
of Domain Constraints. Proceedings of the ACM Conference on Computer and Communications Security (CCS), ACM, November
2021.Rauf Izmailov, Shridatt Sugrim, Ritu Chadha, Patrick McDaniel, and Ananthram Swami. Enablers Of Adver- sarial
Attacks in Machine Learning. Proceedings of the Military Communications Conference (MILCOM), IEEE, October 2018.Florian Tramer, Alexey Kurakin, Nicolas Papernot, Ian Goodfellow, Dan Boneh, and Patrick McDaniel. Ensemble
Adversarial Training: Attacks and Defenses. International Conference on Learning Representations (ICLR) 2018.
Vancouver, Canada. accepted as poster.Nicolas Papernot, Patrick McDaniel, Arunesh Sinha, and Michael Wellman. SoK: Security and Privacy in Ma- chine
Learning. 2018 IEEE European Symposium on on Security and Privacy, IEEE, April 2018. London, UK.Kathrin Grosse, Nicolas Papernot, Praveen Manoharan, Michael Backes, and Patrick McDaniel. Adversarial Examples
for Malware Detection. 22nd European Symposium on Research in Computer Security (ESORICS 17), September 2017. Oslo,
Norway.Nicolas Papernot, Patrick McDaniel, Ian Goodfellow, Somesh Jha, Z. Berkay Celik, and Ananthram Swami. Practical
Black-Box Attacks against Machine Learning. ACM Asia Conference on Computer and Communications Security (ASIACCS)
2017, April 2017.Nicolas Papernot, Patrick McDaniel, Ananthram Swami, and Richard Harang. Crafting Adversarial Input Se- quences
for Recurrent Neural Networks. Proceedings of the Military Communications Conference (MILCOM), IEEE 2016.Nicolas Papernot, Patrick McDaniel, Xi Wu, Somesh Jha, and Ananthram Swami. Distillation as a Defense to
Adversarial Perturbations Against Deep Neural Networks. Proceedings of the 37th IEEE Symposium on Security and
Privacy, May 2016. San Francisco, CA.Nicolas Papernot, Patrick McDaniel, Somesh Jha, Matt Fredrikson, Z. Berkay Celik, and Ananthram Swami. The
Limitations of Deep Learning in Adversarial Settings. Proceedings of the 1st IEEE European Symposium on Security and
Privacy, IEEE 2016. Saarbrucken, Germany.Ian Goodfellow, Patrick McDaniel, and Nicolas Papernot, Making machine learning robust against adversarial
inputs. Communications of the ACM, ACM, 61(7):56-66, June/July, 2018.
Privacy
Description: As technology propagates into our daily lives, so does the risk of potential misuse of such systems. This can cause privacy harm to individuals, organizations, and our society. Privacy is first and foremost about control. People must have the right to know and decide what exact data, systems can collect about them and how they can process it. Today, such user's control and overview is still limited. As researchers, we can bring awareness, develop tools and solutions, and participate in public policy, as to improve standard privacy practices. Through my research on Android and IoT, I have studied how applications and systems collect and leak sensitive data and proposed automated ways to analyze such informations flows. This has resulted in intense (and ongoing) discussions between privacy experts, the press, regulators, consumer groups, and industry.
- PI, CNS Core: Medium: Automated IoT Safety and Security Analysis and Synthesis, NSF (CNS), $272,033 (PSU award $272,033), 6/25/2019-6/24/2022, Collaborators: Tan (Penn State).
- Yohan Beugin, Quinn Burke, Blaine Hoak, Ryan Sheatsley, Eric Pauley, Gang Tan, Syed Rafiul Hussain, and Patrick
McDaniel. Building a Privacy-Preserving Smart Camera System. Proceedings on Privacy Enhancing Technologies (PETS),
July 2022.Leonardo Babun, Z Berkay Celik, Patrick McDaniel, and A Selcuk Uluagac. Real-time Analysis of Privacy-(un)aware
IoT Applications. Privacy Enhancing Technologies Symposium (PETS) 2021.Z. Berkay Celik, Leonardo Babun, Amit Kumar Sikder, Hidayet Aksu, Gang Tan, Patrick McDaniel, and A. Selcuk
Uluagac. Sensitive Information Tracking in Commodity IoT. Proceedings of the 27th USENIX Security Symposium, August
2018. Baltimore, MD.Nicolas Papernot, Patrick McDaniel, Arunesh Sinha, and Michael Wellman. SoK: Security and Privacy in Machine
Learning. 2018 IEEE European Symposium on on Security and Privacy, IEEE, April 2018. London, UK.Li Li, Alexandre Bartel, Tegawende Bissyande, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer,
Eric Bodden, Damien Octeau, and Patrick McDaniel. IccTA: Detecting Inter-Component Privacy Leaks in Android Apps.
Proceedings of the 37th International Conference on Software Engineering (ICSE), May 2015. Florence, Italy.
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon,
Damien Octeau, and Patrick McDaniel. FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware
Taint Analysis for Android Apps. Proceedings of the 35th Conference on Programming Language Design and Implementation
(PLDI), June 2014. Edinburgh, UK.William Enck, Peter Gilbert, Byung-gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth.
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. Proceedings of the 9th
USENIX Symposium on Operating Systems Design and Implementation (OSDI), October 2010. Vancouver, BC.
Smartphone/IoT Application Security
Description: Smartphones and IoT have emerged as an essential vehicle for information access and personal communication. However, the fluidity of application markets and structures of the underlying mobile hand operating systems complicate smartphone security. Over the last 4 years I have worked wih a number of students and researchers across the country to investigate the security of phones and IoT devices and applications they support. This effort has spanned projects in, among other topics, systems design, policy, and program analysis.
- PI, CNS Core: Medium: Automated IoT Safety and Security Analysis and Synthesis, NSF (CNS), $272,033 (PSU award $272,033), 6/25/2019-6/24/2022, Collaborators: Tan (Penn State).co-PI, TC: Medium: Collaborative Research: Building Trustworthy Applications for Mobile Devices, NSF (CNS),
$1,386,518 (PSU award $350,000), 8/1/2011-7/31/2014, Collaborators: PSU (McDaniel), Wisconsin (Banerjee, Jha, Swift).PI, TC: Medium: Collaborative Research: Security Services in Open Telecommunications Networks, NSF (CNS),
$1,386,518 (PSU award $594,941), 08/01/09-08/01/12, Collaborators: PSU (McDaniel, La Porta), UPenn (Blaze), Columbia
(Schulzrinne).
- Adrien Cosson, Amit Kumar Sikder, Leonardo Babun, Z. Berkay Celik, Patrick McDaniel, and Selcuk Uluagac. Sentinel: A Robust Intrusion Detection System for IoT Networks Using Kernel-Level System Information. In 6th ACM/IEEE Conference on Internet of Things Design and Implementation (IoTDI), April 2021. Leonardo Babun, Z Berkay Celik, Patrick McDaniel, and A Selcuk Uluagac. Real-time Analysis of Privacy-(un)aware IoT Applications. Privacy Enhancing Technologies Symposium (PETS) 2021.Michael Norris, Z. Berkay Celik, Prasanna Venkatesh, S. Zhao, Patrick McDaniel, Anand Sivasubramaniam, and Gang Tan. IoTRepair: Systematically addressing device faults in commodity IoT. In 5th ACM/IEEE Conference on Internet of Things Design and Implementation (IoTDI), April 2020. William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon Cox, Jaeyeon Jung, Patrick
McDaniel, and Anmol Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on
Smartphones. ACM Transactions on Computer Systems (TOCS), 2014.William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth,
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. Communications of the
ACM, 57(3), March, 2014. Research Highlight.Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel, Semantically Rich Application-Centric
Security in Android. Security and Communication Networks, 5(6):658-673, 2012.Damien Octeau, Daniel Luchaup, Matthew Dering, Somesh Jha, and Patrick McDaniel. Composite Constant Propagation:
Application to Android Inter-Component Communication Analysis. Proceedings of the 37th International Conference on
Software Engineering (ICSE), May 2015.Li Li, Alexandre Bartel, Tegawende Bissyande, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer,
Eric Bodden, Damien Octeau, and Patrick McDaniel. IccTA: Detecting Inter-Component Privacy Leaks in Android Apps.
Proceedings of the 37th International Conference on Software Engineering (ICSE), May 2015.Matthew Dering and Patrick McDaniel. Android Market Reconstruction and Analysis. Proceedings of the Military
Communications Conference (MILCOM), October 2014. Baltimore, MD.Wenhui Hu, Damien Octeau, Patrick McDaniel, and Peng Liu. Duet: Library Integrity Verification for Android
Applications. Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), July
2014. Oxford, United Kingdom.Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon,
Damien Octeau, and Patrick McDaniel. FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware
Taint Analysis for Android Apps. Proceedings of the 35th Conference on Programming Language Design and Implementation
(PLDI), June 2014.Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon.
Effective Inter-Component Communication Mapping in Android: An Essential Step Towards Holistic Security Analysis.
Proceedings of the 22th USENIX Security Symposium, August 2013. Washington, DC.Damien Octeau, Somesh Jha, and Patrick McDaniel. Retargeting Android Applications to Java Bytecode. 20th
International Symposium on the Foundations of Software Engineering (FSE), November 2012. Research Triangle Park, NC.
(best artifact award).Patrick McDaniel, Bloatware Comes to the Smartphone. IEEE Security & Privacy Magazine, 10(4), May/June,
2011.Patrick McDaniel and William Enck, Not So Great Expectations: Why Application Markets Haven't Failed Security.
IEEE Security & Privacy Magazine, 8(5):76--78, September/October, 2010.Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel, Semantically Rich Application-Centric
Security in Android. Security and Communication Networks, 2012. to appear.William Enck, Machigar Ongtang, and Patrick McDaniel, Understanding Android Security. IEEE Security &
Privacy Magazine, 7(1):50--57, January/February, 2009.William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri. A Study of Android Application Security.
Proceedings of the 20th USENIX Security Symposium, August 2011. San Francisco, CA.Machigar Ongtang, Kevin Butler, and Patrick McDaniel. Porscha: Policy Oriented Secure Content Handling in
Android. Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC), December 2010. Austin, TX.William Enck, Peter Gilbert, Byung-gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth.
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. Proceedings of the 9th
USENIX Symposium on Operating Systems Design and Implementation (OSDI), October 2010. Vancouver, BC.Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. Semantically Rich Application-Centric
Security in Android. Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC), pages 340-349,
December 2009. Honolulu, Hawaii. (best paper).William Enck, Machigar Ongtang, and Patrick McDaniel. On Lightweight Mobile Phone App Certification. Proceedings
of the 16th ACM Conference on Computer and Communications Security (CCS), pages 235-245, November 2009.
Network Security
Description: Networking as a discipline and the Internet as an artifact have changed just about everything in our society in the last 15 years. One area that has been neglected (to our great misery and continued peril) is that of protecting the network that serves us. This research focuses on addressing the threats against these increasingly complex networks. One core area I have been involved in is the study of routing security. As the Internet's de facto interdomain routing protocol, the Border Gateway Protocol (BGP) is the glue that holds the disparate parts of the Internet together. A major limitation of BGP is its failure to adequately address security. Recent high-profile outages and security analyses clearly indicate that the Internet routing infrastructure is highly vulnerable. Moreover, the design of BGP and the ubiquity of its deployment have frustrated past efforts at securing inter- domain routing. I have explored the limitations and advantages of proposed security extensions to BGP, and attempted to understand why no solution has yet struck an adequate balance between comprehensive security and deployment cost.
- co-PI, SaTC: CORE: Small: Adversarial Network Reconnaissance in Software Defined Networking, NSF (CNS), $500,000 (PSU award $500,000), 1/1/2020-12/31/2022, Collaborators: He (Penn State).Co-PI, Security for Internet/IMS Convergence, Cisco, $100,000, 9/1/07-8/31/08, Collaborators: PSU (La Porta,
McDaniel).PI, Automated Configuration with the PRESTO Network Management Platform, AT&T, $50,000, 6/1/06-5/31/07.PI, Testbed for Network-Scale Countermeasure Evaluation, Cisco, $45,938, (9/1/05-8/31/06).Co-PI, NSF CyberTrust: Collaborative Research: Testing and Benchmarking Methodologies for Future Network
Security Mechanisms (EMIST), NSF/DHS, $5,344,459 (PSU award $2,533,447), 8/1/04-8/31/06, Collaborators: PSU (Kesidis,
Miller, Liu), Purdue (Fahmy, Rosenberg, Spafford, Shroff, Brodley), UCDavis (Wu, Levitt, Bishop, Rowe), ICSI/Berkeley
(Paxson, Floyd, Weaver).
- Mingli Yu, Tian Xie, Ting He, Patrick McDaniel, and Quinn Burke, Flow Table Security in SDN: Adversarial Reconnaissance and Intelligent Attacks. IEEE/ACM Transactions on Networking, 29:1063-6692, December, 2021.Tian Xie, Ting He, Patrick McDaniel, and Namitha Nambiar. Attack Resilience of Cache Replacement Policies. IEEE International Conference on Computer Communications (INFOCOM), IEEE, May 2021.Phillip Koshy, Diana Koshy, and Patrick McDaniel. An Analysis of Anonymity in Bitcoin Using P2P Network Traffic.
Proceedings of Financial Cryptography 2014, International Financial Cryptography Association (IFCA), February 2014.
Christ Church, Barbados.Patrick Traynor, Kevin Butler, William Enck, Kevin Borders, and Patrick McDaniel, malnets: Large-Scale Malicious
Networks via Compromised Wireless Access Points. Journal of Security and Communication Networks (SCN), 2(3):102-113,
March, 2010.Kevin Butler, Toni Farley, Patrick McDaniel, and J. Rexford, A Survey of BGP Security Issues and Solutions.
Proceedings of the IEEE, 2010(1):100-122, January, 2010.William Enck, Thomas Moyer, Patrick McDaniel, Shubho Sen, Panagiotis Sebos, Sylke Spoerel, Albert Greenberg,
Yu-Wei Sung, Sanjay Rao, and William Aiello, Configuration Management at Massive Scale: System Design and Experience.
IEEE Journal on Selected Areas in Communications (JSAC), 27(3):323-335, 2009.Wesam Lootah, William Enck, and Patrick McDaniel, TARP: Ticket-based Address Resolution Protocol. Computer
Networks, Elsevier, 51(15):4322--4337, October, 2007.Patrick McDaniel, William Aiello, Kevin Butler, and John Ioannidis, Origin Authentication in Interdomain
Routing. Journal of Communication Networks, Elsevier, 50(16):2953-2980, November, 2006.William Enck, Patrick McDaniel, Shubho Sen, Panagiotis Sebos, Sylke Spoerel, Albert Greenberg, Sanjay Rao, and
William Aiello. Configuration Management at Massive Scale: System Design and Experience. Proceedings of the USENIX
Annual Technical Conference, June 2007. Santa Clara, CA.Anusha Sriraman, Kevin Butler, Patrick McDaniel, and Padma Raghavan. Analysis of IPv4 Address Space Delegation
Structure. 12th IEEE Symposium on Computers and Communications (ISCC), July 2007. Aveiro, Portugal.Kevin Butler, William Aiello, and Patrick McDaniel. Optimizing BGP Security by Exploiting Path Stability.
Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), pages 298-310, November 2006.
Alexandria, VA.Sophie Qiu, Patrick McDaniel, Fabian Monrose, and Avi Rubin. Characterizing Address Use Structure and Stabillity
of Origin Advertisement in Interdomain Routing. 11th IEEE Symposium on Computers and Communications, pages 489-496,
June 2006. Pula-Cagliari, Sardinia, Italy.Patrick McDaniel, Shubho Sen, Oliver Spatscheck, Jacobus Van der Merwe, William Aiello, and Charles Kalmanek.
Enterprise Security: A Community of Interest Based Approach. Proceedings of Network and Distributed Systems Security
2006 (NDSS), February 2006. San Diego, CA.William Aiello, John Ioannidis, and Patrick McDaniel. Origin Authentication in Interdomain Routing. Proceedings
of 10th ACM Conference on Computer and Communications Security (CCS), ACM, pages 165-178, October 2003. Washington,
DC.Geoff Goodell, William Aiello, Tim Griffin, John Ioannidis, Patrick McDaniel, and Avi Rubin. Working Around BGP:
An Incremental Approach to Improving Security and Accuracy of Interdomain Routing. Proceedings of Network and
Distributed Systems Security 2003 (NDSS), Internet Society, pages 75-85, February 2003. San Diego, CA.Matt Blaze and Patrick McDaniel. Below the Salt: The Dangers of Unfulfilled Physical Media Assumptions. In
Proceedings of Seventeenth International Workshop on Security Protocols, April 2009. Cambridge, England.
Cyber-Security Collaborative Research Alliance
Description: The goal of the Models for Enabling Continuous Reconfigurability of Secure Missions (MACRO) Cyber-Security Collaborative Research Alliance (CRA) program is to understand and model the risks, human behaviors and motivations, and attacks within Army cyber-maneuvers. Such understanding and models will lead to an asymmetric advantage in cyber domains against known and unknown attackers both in the ability to detect and thwart attacks as well as allow mission progress in the face of ongoing and evolving threats. The overarching scientific goal of this effort is to develop a rigorous science of cyber-decision making that enables military environments to a) detect the risks and attacks present in an environment, b) understand and predict the motivations and actions of users, defenders, and attackers, c) alter the environment to securely achieve maximal maneuver success rates at the lowest resource cost. Ultimately we wish to dictate and control the evolution of cyber-maneuvers and adversarial actions.
- PI, Models for Enabling Continuous Reconfigurability of Secure Missions (MACRO) Cyber-Security Collaborative
Research Alliance (CRA), Army Research Laboratory, $24.1 million ($48.2 millon with renewal), 9/20/2013-9/19/2023
(renewable at 5 years), Collaborators: PSU, Carnegie Mellon, Indiana, UC Davis, UC Riverside, ARL, CERDEC.
- Alexander Kott, Ananthram Swami, and Patrick Drew McDaniel, Security Outlook: Six Cyber Game Changers for the
Next 15 Years. IEEE Computer, 47(12):104-106, 2014.Patrick McDaniel, Brian Rivera, and Ananthram Swami, Toward a Science of Secure Environments. IEEE Security
& Privacy Magazine, 12(5), July?august, 2014.Patrick McDaniel, Trent Jaeger , Thomas F. La Porta, Nicolas Papernot Robert J. Walls, Alexander Kott, Lisa
Marvel, Ananthram Swami Prasant Mohapatra, Srikanth V. Krishnamurthy, and Iulian Neamtiu. Security and Science of
Agility. First ACM Workshop on Moving Target Defense (MTD 2014), November 2014. Scottsdale, AZ.Alessandro Oltramari, Lorrie Cranor, Robert J. Walls, and Patrick McDaniel. Building an Ontology of Cyber
Security. Proc. Intl. Conference on Semantic Technologies for Intelligence, Defense, and Security (STIDS), November
2014.
Storage Security and Data Provenance
Description: As computing models change, so too do the demands on storage. Distributed and virtualized systems introduce new vulnerabilities, assumptions, and performance requirements on disks. However, traditional storage systems have very limited capacity to implement needed "advanced storage" features such as integrity and data isolation. This is largely due to the simple interfaces and limited computing resources provided by commodity hard-drives. A new generation of storage devices affords better opportunities to meet these new models, but little is known about how to exploit them. This research is focused on the investigation of security architectures that use advanced storage techniques to address security, performance, and functional requirements of emerging environments.
- PI, NSF HECURA: Collaborative Research: Secure Provenance in High-End Computing Systems, NSF (CCF), $1,000,000
(PSU award $307,073), 08/1/09-8/31/13, Collaborators: PSU (McDaniel), UIUC (Winslett), Stonybrook (Sion, Zadok).Co-PI, Exploiting Asymmetry in Performance and Security Requirements for I/O in High-end Computing, NSF (CFF),
$699,690, 9/1/06-8/31/10, Collaborators: PSU (McDaniel, Sivasubramaniam).
- Jing Tian, Kevin R. B. Butler, Patrick McDaniel, and Padma Krishnaswamy. Securing ARP From the Ground Up.
CODASPY '15: Proceedings of the 5th ACM Conference on Data Application and Security and Privacy, March 2015. San
Antonio, TX, USA.Devin J. Pohly, Stephen McLaughlin, Patrick McDaniel, and Kevin Butler. Hi-Fi: Collecting High-Fidelity
Whole-System Provenance. Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC), December
2012. Orlando, Florida.Patrick McDaniel, Data Provenance and Security. IEEE Security & Privacy Magazine, 9(3), March/April, 2011.Kevin Butler, Stephen McLaughlin, Thomas Moyer, and Patrick McDaniel, New Security Architectures Based on
Emerging Disk Functionality. IEEE Security and Privacy Magazine, 8(5), October, 2010.Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Kells: A Protection Framework for Portable Data.
Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC), December 2010. Austin, TX.Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Disk-Enabled Authenticated Encryption. Proceedings of
the 26th IEEE Symposium on Massive Storage Systems and Technologies (MSST), May 2010.Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Rootkit-Resistant Disks. Proceedings of the 15th ACM
Conference on Computer and Communications Security (CCS), November 2008. Alexandria, VA.Patrick McDaniel, Kevin Butler, Stephen McLaughlin, Radu Sion, Erez Zadok, and Marianne Winslett. Towards a
Secure and Efficient System for End-to-End Provenance. the 2nd USENIX Workshop on the Theory and Practice of
Provenance, February 2010. San Jose, CA.Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Non-Volatile Memory and Disks: Avenues for Policy
Architectures. Proceedings of the 1st ACM Computer Security Architectures Workshop, November 2007. Alexandria, VA.Shiva Chaitanya, Kevin Butler, Patrick McDaniel, and Anand Sivasubramaniam. Design, Implementation and
Evaluation of Security in iSCSI-based Network Storage Systems. Proceedings of 2nd International Workshop on Storage
Security and Survivability (StorageSS 2006), October 2006. Alexandria, Virginia
SmartGrid and Control Systems Security
Description: As SmartGrid development progresses, new technologies like AMI, microgrids and transmission and distribution automation introduce new vulnerabilities into the electric grid and the world at large. In order for society to make informed decisions about the deployment and implementation of these devices, detailed information about these vulnerabilities and the necessary mitigation strategies is necessary. The objective of this research is to analyze the security vulnerabilites of SmartGrid devices and to develop mitigation strategies. Much of the work to date has focused on penetration testing of commercial smart meters and their communication interfaces (see papers below).
- PI, Closing the Loop on Security Testing and Security Requirements, Security and Software Engineering Research
Center, $31,000, 8/1/2011-7/31/2012.co-PI, Managing Security and Vulnerability Risks in the Smart Grid, Institute for CyberScience and The Penn
State Institutes of Energy and the Environment, $31,000, 08/1/09-12/16/09, Collaborators: PSU (Blumsack, McDaniel).PI, Smart Grid Cyber Security Research, Lockheed Martin, $250,000, 1/1/10-12/16/10.PI, Utility Grid Automation and Risk Management, Lockheed Martin, $400,000, (11/30/08-12/16/09).
- Patrick McDaniel and Stephen McLaughlin. Structured Security Testing in the Smartgrid. Proceedings of 5th
International Symposium on Communications, Control, and Signal Processing, May 2012. Rome, Italy. Invited Paper.Stephen McLaughlin, Patrick McDaniel, and William Aiello. Protecting Consumer Privacy from Electric Load
Monitoring. The 18th ACM Conference on Computer and Communications Security (CCS), October 2011. Chicago, IL.Stephen McLaughlin, Devin Pohly, Patrick McDaniel, and Saman Zonouz. A Trusted Safety Verifier for Process
Controller Code. Proc. ISOC Network and Distributed Systems Security Symposium (NDSS), February 2014. San Diego, CA.Stephen McLaughlin and Patrick McDaniel. SABOT: Specification-based Payload Generation for Programmable Logic
Controllers. 19th ACM Conference on Computer and Communications Security (CCS), October 2012.Weining Yang, Ninghui Li, Yuan Qi, Wahbeh Qardaji, Stephen McLaughlin, and Patrick McDaniel. Minimizing Private
Data Disclosures in the Smart Grid. 19th ACM Conference on Computer and Communications Security (CCS), October 2012.Kevin Butler, Stephen McLaughlin, Thomas Moyer, and Patrick McDaniel, New Security Architectures Based on
Emerging Disk Functionality. IEEE Security and Privacy Magazine, 8(5), October, 2010.Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Kells: A Protection Framework for Portable Data.
Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC), December 2010. Austin, TX.Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Disk-Enabled Authenticated Encryption. Proceedings of
the 26th IEEE Symposium on Massive Storage Systems and Technologies (MSST), May 2010.Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Rootkit-Resistant Disks. Proceedings of the 15th ACM
Conference on Computer and Communications Security (CCS), November 2008. Alexandria, VA.Patrick McDaniel, Kevin Butler, Stephen McLaughlin, Radu Sion, Erez Zadok, and Marianne Winslett. Towards a
Secure and Efficient System for End-to-End Provenance. the 2nd USENIX Workshop on the Theory and Practice of
Provenance, February 2010. San Jose, CA.Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Non-Volatile Memory and Disks: Avenues for Policy
Architectures. Proceedings of the 1st ACM Computer Security Architectures Workshop, November 2007. Alexandria, VA.Shiva Chaitanya, Kevin Butler, Patrick McDaniel, and Anand Sivasubramaniam. Design, Implementation and
Evaluation of Security in iSCSI-based Network Storage Systems. Proceedings of 2nd International Workshop on Storage
Security and Survivability (StorageSS 2006), October 2006. Alexandria, Virginia
Information Flow/High Integrity Systems
Description: Increasingly prevalent and costly vulnerabilities in software systems mandate stronger guarantees than provided by widely used, ad hoc, informal, and social assurance practices. Such practices are common because there exists no tractable framework for proving or even broadly reasoning about the correctness of an implementation based on a scientific ground truth. Built on decades of rigorous work on the foundations of security, the information flow and integrity guarantees provided by emerging programming languages and systems are now reaching practicality. However, it is not known how to apply these technologies to provide high-assurance systems. This research investigate architectures exploiting these new capabilities, with a focus security typed languages (e.g., Jif), MAC systems (e.g., SELinux), and integrity measurement (e.g., TPMs).
- Co-PI, System-Wide Information Flow Enforcement, BAA 06-11-IFKA, "National Intelligence Community Enterprise
Cyber Assurance Program", $496,000, 2/1/07-8/1/08, Collaborators: PSU (Jaeger, McDaniel).PI, CAREER: Realizing Practical High Assurance through Security-Typed Information Flow Systems, NSF (CNS),
$400,000, 1/2/07-1/1/12.Co-PI, CT-IS: Shamon: Systems Approaches for Constructing Distributed Trust, NSF (CNS), $400,000,
9/1/06-8/31/10, Collaborators: PSU (Jaeger, McDaniel).PI, Collaborative Research: CT-T: Flexible, Decentralized Information-flow Control for Dynamic Environments, NSF
(CFF), $1,057,427 (PSU award $234,585), 8/1/05-7/31/08, Collaborators: PSU (McDaniel), UPenn (Zdancewic), Maryland
(Hicks), GMU (Winsborough).PI, Extending Developer Tools for Security-typed Languages, Software Engineering Research Center, Sponsor:
Motorola, $23,200, 7/1/05-6/30/06.
- Thomas Moyer, Trent Jaeger, and Patrick McDaniel. Scalable Integrity-Guaranteed AJAX. Proceedings of the 14th
Asia-Pacific Web Conference (APWeb), April 2012. Kunming, China.Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger, Scalable Web Content
Attestation. IEEE Transactions on Computers, April, 2011.Joshua Schiffman, Thomas Moyer, Trent Jaeger, and Patrick McDaniel, Network-based Root of Trust for
Installation. IEEE Security & Privacy Magazine, pages 40-48, Jan/Feb, 2011.Boniface Hicks, Sandra Rueda, Luke St. Clair, Trent Jaeger, and Patrick McDaniel, A Logical Specification and
Analysis for SELinux MLS Policy. ACM Transactions on Information and System Security (TISSEC), 13(26), 2010.Patrick McDaniel and Atul Prakash, Enforcing Provisioning and Authorization Policy in the Antigone System.
Journal of Computer Security, 14(9):483--511, November, 2006.Patrick McDaniel and Atul Prakash, Methods and Limitations of Security Policy Reconciliation. ACM Transactions
on Information and System Security (TISSEC), Association for Computing Machinery, 9(3):259-291, August, 2006.Thomas Moyer, Trent Jaeger, and Patrick McDaniel. Scalable Integrity-Guaranteed AJAX. Proceedings of the 14th
Asia-Pacific Web Conference (APWeb), April 2012. Kunming, China. Invited Paper. Boniface Hicks, Sandra Rueda, David King, Thomas Moyer, Joshua Schiffman, Yogesh Sreenivasan, Patrick McDaniel,
and Trent Jaeger. An Architecture for Enforcing End-to-End Access Control over Web Applications. Proceedings of the
Fifteenth ACM Symposium on Access Control Models and Technologies (SACMAT 2010), pages 163-172, June 2010. Pittsburgh,
PA.Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger. Scalable Asynchronous Web
Content Attestation. Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC), pages 95-104,
December 2009. Honolulu, Hawaii.Joshua Schiffman, Thomas Moyer, Christopher Shal, Trent Jaeger, and Patrick McDaniel. Justifying Integrity Using
a Virtual Machine Verifier. Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC), pages
83-92, December 2009. Honolulu, Hawaii.Luke St. Clair, Joshua Schiffman, Trent Jaeger, and Patrick McDaniel. Establishing and Sustaining System
Integrity via Root of Trust Installation. 23rd Annual Computer Security Applications Conference (ACSAC), pages 19-29,
December 2007. Miami, FL.Boniface Hicks, Tim Misiak, and Patrick McDaniel. Channels: Runtime System Infrastructure for Security-typed
Languages. 23rd Annual Computer Security Applications Conference (ACSAC), pages 443-452, December 2007. Miami, FL.Boniface Hicks, Sandra Rueda, Trent Jaeger, and Patrick McDaniel. From Trusted to Secure: Building and Executing
Applications that Enforce System Security. Proceedings of the USENIX Annual Technical Conference, June 2007. Santa
Clara, CA.Boniface Hicks, Kiyan Ahmadizadeh, and Patrick McDaniel. Understanding Practical Application Development in
Security-Typed Languages. 22st Annual Computer Security Applications Conference (ACSAC), pages 153--164, December
2006. Miami, Fl. (best student paper).Joshua Schiffman, Thomas Moyer, Hayawardh Vijayakumar Trent Jaeger, and Patrick McDaniel. Seeding Clouds with
Trust Anchors. Proccedings of CCSW 2010: The ACM Cloud Computing Security Workshop, October 2010. Chicago, IL.William Enck, Sandra Rueda, Yogesh Sreenivasan, Joshua Schiffman, Luke St. Clair, Trent Jaeger, and Patrick
McDaniel. Protecting Users from "Themselves". Proceedings of the 1st ACM Computer Security Architectures Workshop,
November 2007. Alexandria, VA. Boniface Hicks, David King, and Patrick McDaniel. Jifclipse: Development Tools for Security-Typed Applications.
Proceedings of the 2nd ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS '07), ACM Press,
June 2007. San Diego, CA.Boniface Hicks, Sandra Rueda, Trent Jaeger, and Patrick McDaniel. Integration of SELinux and Security-typed
Languages. Proceedings of the 2007 Security-Enhanced Linux Workshop, March 2007. Baltimore, MD.Trent Jaeger, Patrick McDaniel, Luke St. Clair, Ramon Caceres, and Reiner Sailer. Shame on Trust in Distributed
Systems. Proceedings of the First Workshop on Hot Topics in Security (HotSec '06), July 2006. Vancouver, B.C., Canada.
Telecommunications Security
Description: The nature of telecommunications networks is rapidly changing. Mobile phone frameworks such as Android and Openmoko invite developers and end users to build applications, modify the behavior of the phone, and use network services in novel ways. This offers a promising opportunity to create new, valuable markets and modes of communication. However, the move to open systems alters the underlying performance and security assumptions upon which the network was based. In ongoing work, we have shown that such changes lead to vulnerabilities ranging from merely vexing phone glitches to catastrophic network failures. The current infrastructure lacks the basic protections needed to protect an increasingly open network, and it is unclear what new stresses and threats open systems and services will introduce.
This research seeks to formally and experimentally investigate vulnerabilities and defensive infrastructure addressing vulnerabilities in open cellular operating systems and telecommunications networks. This includes the development of infrastructure for the analysis, configuration, and enforcement of security policy in telecommunications networks.
- PI, TC: Medium: Collaborative Research: Security Services in Open Telecommunications Networks, NSF (CNS),
$1,386,518 (PSU award $594,941), 08/01/09-08/01/12, Collaborators: PSU (McDaniel, La Porta), UPenn (Blaze), Columbia
(Schulzrinne). PI, Characterizing and Mitigating Wireless Systems Vulnerabilities, Defense University Research Instrumentation
Program (DURIP), Army Research Office (ARO), $150,000, 05/22/09-02/28/11, Collaborators: PSU (La Porta, McDaniel).co-PI, Integrity Management for ICT Development, Bell Labs Network Reliability and Security Office,
Alcatel-Lucent , $100,000, 11/30/08-11/30/09, Collaborators: PSU (La Porta, McDaniel).Co-PI, Protecting Services for Emerging Wireless Telecommunications Infrastructure, NSF (CNS), $658,032,
09/01/07-08/31/11, Collaborators: PSU (La Porta, Jaeger, McDaniel).
- Eun Kyoung Kim, Patrick McDaniel, and Thomas La Porta. A Detection Mechanism for SMS Flooding Attacks in
Cellular Networks. Proceedings of the 8th International Conference on Security and Privacy in Communication Networks
(SECURECOMM 2012), September 2012. Padua, Italy.Patrick Traynor, Patrick McDaniel, and Thomas La Porta, Security for Telecommunications Networks. Springer,
Series: Advances in Information Security, July, 2008. ISBN: 978-0-387-72441-6.Patrick Traynor, Chaitrali Amrutkar, Vikhyath Rao, Trent Jaeger, Patrick McDaniel, and Thomas La Porta, From
Mobile Phones to Responsible Devices. Journal of Security and Communication Networks (SCN), 4(6):719 -- 726, June,
2011.Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta, Mitigating Attacks on Open Functionality
in SMS-Capable Cellular Networks. IEEE/ACM Transactions on Networking (TON), 17(1):40-53, 2009.Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta, Exploiting Open Functionality in
SMS-Capable Cellular Networks. Journal of Computer Security, 16(6):713-742, Febraury, 2009.Patrick Traynor, Michael Lin, Machigar Ongtang, Vikhyath Rao, Trent Jaeger, Thomas La Porta, and Patrick
McDaniel. On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core. Proceedings of
the 16th ACM Conference on Computer and Communications Security (CCS), pages 223-234, November 2009.Patrick Traynor, Patrick McDaniel, and Thomas La Porta. On Attack Causality in Internet-Connected Cellular
Networks. Proceedings of the 16th USENIX Security Symposium, pages 1--16, August 2007. Boston, MA.Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta. Mitigating Attacks on Open Functionality
in SMS-Capable Cellular Networks. Proceedings of the Twelfth Annual International Conference on Mobile Computing and
Networking (MobiCom), pages 182-193, September 2006. Los Angeles, CA.William Enck, Patrick Traynor, Patrick McDaniel, and Thomas La Porta. Exploiting Open Functionality in
SMS-Capable Cellular Networks. Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS),
pages 393--404, November 2005. Alexandria, VA.