SyNeRG is a research group in the Electrical and Computer Engineering Department at the University of British Columbia. Browse the pages for more information. If you are a prospective student, you should read the introductory page first.
Venue:
2020 Kaiser Bldg.
Friday, May 7th
Coffee start - 9:30-9:45
Introductions – 9:45-10
“Long Presentations” will include 15 minutes of presentation time and 15 minutes of discussion/questions.
“Short Presentations” will include 5 minutes of presentation time and 5 minutes for questions.
Session 1(Optimization) – 10-12
Emalayan Vairavanathan: Short Presentation
“File System in the sky”
Pranab Kini: Long Presentation
“Speculative Authorization”
Abdullah Gharaibeh: Long Presentation
“Size Matters: Space/Time Tradeoffs to Improve GPGPU”
Theepan Moorthy: Long Presentation
“Process-Level Memory Contention Analysis”
Lunch 12-13:30
Session 2 (Design) 13:30-15:30
Debojit Dhar: Short Presentation
“Energy efficient data acquisition systems for sensor networks.”
Samer Al-Kiswany: Long Presentation
“Versatile File System”
Fahimeh Raja: Long Presentation
“Investigating an Appropriate Design for Personal Firewalls.”
Maliha: Long Presentation
“Improving file system performance via hybrid storage”
Coffee break – 15:30-16:00
Alireza Rostamzadeh: Short Presentation
“Spatial-Temporal Analysis of Information Propagation in Vehicular Networks”
Lauro Beltrao Costa: Long Presentation
“Automatic configuration of a distributed file system”
Sarah Motiee: Long Presentation
“The principle of least privilege (PLP)”
Yazan Boshmaf: Short Presentation
“How Many Attackers Did You Befriend Today? An Automated Social Engineering Attack in Social Networking Sites.”
San-Tsai Sun: Short Presentation
“Towards True Single Sign-On for the Web”
Closing – 17:45
Social Activity: Bowling (optional)
Directions to Bowling Alley
—————————————————————————————-
San-Tsai Sun
“Towards True Single Sign-On for the Web”
Current Web single sign-on (SSO) protocols impose a cognitive burden on web users and reduce the usability of login forms at relying parties (RPs). We propose a new Web SSO solution that requires minimal user interaction and does not require RPs to modify their login forms. Our approach builds OpenID support into web browsers, hides OpenID identifiers from users by using their existing email accounts, extends the OpenID protocol to perform authentication directly by browsers, and introduces an OpenIDAuth HTTP access authentication scheme to convey authenticated identities automatically into websites that support OpenID for authentication. Based on our approach, web users authenticate with their existing email accounts/passwords directly within a browser. With the users’ consent, their identities transparently flow into OpenID-enabled websites without additional log-on steps.
Back to Session 3
—————————————————————————————-
Debojit Dhar
“Energy efficient data acquisition systems for sensor networks.”
Sensor networks are getting popular by the day and we are finding new applications that can be catered using sensor networks. With time we have seen shrunken sizes of sensors which are more and more powerful than its predecessors but the energy supply to these nodes still remains as a major bottleneck. We are yet to come up with energy sources that would out-run the battery life of the AA-batteries that are used with most sensor nodes till date. Researchers are still to come up with a solution that would allow a deployment to last for a substantial amount of time without running out of power.
Looking at the energy spent by a node, major energy costs for each sensor are sensing and communicating sensed results back to the sink. However, the energy spent over communicating is significantly larger than its counterpart. My research is focused at reducing this energy cost by applying compressed sensing techniques to sensor networks. Some of the theoretical results indicate multi-fold savings in energy from the existing communication standards. A successful deployment that takes advantage of these techniques would lead to extended lifetimes of sensor nodes inside the network.
Back to Session 2
—————————————————————————————-
Lauro Costa
“Automatic configuration of a distributed file system”
Storage systems fix design decisions in order to make the system simpler to manage and still useful for a broad range of applications, providing a “one size fits all” solution. Since the “one size fits all” leaves room for optimizations, some works proposed a versatile storage system. The versatility for these systems is the ability to provide a set of configurable optimizations that can be configured by the administrator or the running application. Although versatility allows applications to obtain better performance from the storage system, it brings new responsibilities to the administrator who has to tune the storage system. Manually configuring the storage system might not be a desired task to the administrator for several reasons: lack of knowledge about the application or workload, workload can change, and performance tuning is time-consuming. We propose to design a solution to support the administrator to correctly configure the file system in order to improve the application performance. As a first case for this solution, we present how a file system can use our architecture to turn similarity detection optimization on or off. We showed what each of the components in our proposed architecture needs for this optimization and how we implemented. Finally, we present our initial evaluation.
Back to Session 3
—————————————————————————————-
The principle of least privilege (PLP), one of the most important rules in computer security, requires that users and their programs be granted the most restrictive set of privileges possible for performing required tasks. If a system is designed, configured, and used in accordance with this principle, damages caused by security incidents are minimized. Low-privileged user accounts and user account control (UAC) in Windows Vista and Windows 7 are two practical implementations of this principle. To be successful, however, users must apply due diligence, using appropriate accounts and paying attention to UAC prompts. With a user study and contextual interviews, we investigated the motives, understanding, behaviour, and challenges users face when using different types of user accounts and the UAC. This talk presents the findings of this study, our recommendations for improving the UAC and LUA approaches and our plans for the future work.
Back to Session 3
—————————————————————————————-
Fahimeh Raja
“Investigating an Appropriate Design for Personal Firewalls.”
Even though personal firewalls are an important aspect of security for the users of personal computers, little attention has been given to their usability. We conducted semi-structured interviews with a diverse set of participants to gain an understanding of their knowledge, requirements, perceptions, and misconceptions of personal firewalls. Through a qualitative analysis of the data, we found that most of our participants were not aware of the functionality of personal firewalls and their role in protecting computers. Most of our participants required different levels of protection from their firewalls in different contexts. The most important factors that affect their security requirements are their activity, the network settings, and the people in the network. The requirements and preferences for their interaction with a firewall varied based on their level of security knowledge and expertise. We discuss implications of our results for the design of personal firewalls. We recommend integrating the personal firewall with other security applications, adjusting its behavior based on users’ level of security knowledge, and providing different levels of protection based on context. We also provide implications for automating firewall decisions and designing better warnings and notices.
Back to Session 2
—————————————————————————————-
Pranab Kini
“Speculative Authorization”
Authorization is imperative for securing enterprise systems, but computing authorization responses adds latency in the system, affecting its responsiveness. The latency ranges from a few milliseconds to several seconds, making the authorization mechanism one of the performance bottlenecks in distributed enterprise systems. In this talk, we present techniques to predict the requests that could possibly be made by the subjects when they log in the system. The techniques are developed using the principles of machine learning. Authorization responses to these predicted requests are computed even before the actual requests are made and cached, thus reducing the latency. We evaluate our algorithms using the log traces obtained from UBC and demonstrate that our algorithms can correctly predict 58% of the requests. We also show that our algorithms keep the false positives to the minimum.
Back to Session 1
—————————————————————————————-
Yazan Boshmaf
“How Many Attackers Did You Befriend Today? An Automated Social Engineering Attack in Social Networking Sites.”
Although social networking sites provide rich profile privacy settings for their users, many of these settings are based on the assumption that individuals to whom a user is connected are trusted and genuinely benign. Thus, most of this protection is lost once this trust is exploited by a malicious “friend”. In this work-in-progress research, we discuss how an adversary can craft a fictitious user profile that is socially compatible with a target user profile (i.e., the victim) using only publicly accessible information. Next, we argue about how easy it is for the adversary to deceptively (still benignly) connect to the target victim using this profile. Finally, we propose a new approach to mitigate this and related attacks using collaborative security principles adapted to online social networks.
Back to Session 3
—————————————————————————————-
Abdullah Gharaibeh
“Size Matters: Space/Time Tradeoffs to Improve GPGPU Applications Performance”
GPUs offer drastically different performance characteristics compared to traditional multicore architectures. To explore the tradeoffs exposed by this difference, we refactor MUMmer, a widely-used, highly-engineered bioinformatics application which has both CPU- and GPU-based implementations. We synthesize our experience as three high-level guidelines to design efficient GPU-based applications. First, the host to device data transfers add sizeable overheads that may overshadow the computational advantages offered by GPUs; hence minimizing the communication overheads is as important as optimizing the computation. Second, compared to traditional multiprocessor architectures, GPUs’ higher computational power per byte of memory makes trading-off additional per thread processing time for a more compact in-memory representation an attractive technique to increase overall performance (by enabling higher parallelism levels and reducing transfer overheads). Finally, ensuring that the chosen solution entails low pre- and post-processing overheads is essential to maximize the overall performance gains. Based on these insights, MUMmerGPU++, our GPU-based design of the MUMmer sequence alignment tool, achieves, on realistic workloads, up to fourteen fold speedup compared to the original CPU-based version, and, more importantly, up to four-fold speedup compared to its highly optimized GPU port.
Back to Session 1
—————————————————————————————-
Samer Al-Kiswany
Talk title: The Case for a Versatile Storage System
Storage systems in emerging large-scale (a.k.a. peta-scale) computing systems often introduce a performance or scalability bottleneck. To deal with these limitations this project proposes a new operational approach: versatile storage, an application-optimized and highly configurable storage system that harnesses node-local resources, is configured and deployed at application deployment time, and has a lifetime dependent on the application lifetime.
The preliminary prototype evaluation, using synthetic and application-level benchmarks, provides evidence that the versatile storage approach can bring valuable benefits to large scale deployments in terms of storage system performance and scalability.
This talk will present the versatile storage system approach, the system design, and the preliminary prototype evaluation.
Back to Session 2
—————————————————————————————-
Emalayan Vairavanathan
“File System in the sky”
Cloud computing became a cost saving solution in prevalent information technology due to infrastructure investment cost and just-in-time demand. Applications could take the advantages of simple APIs of web services that scale on demand where the reliability and scalability are hidden by underlying platform. Current cloud providers offer various storage solutions with simple APIs with varying performance and reliability metrics. In this paper we characterized Amazon EC2 (Elastic Cloud Computing), EBS (Elastic Block Storage) and S3 (Simple storage service). We proof usage of distributed file system provides high performance in terms of throughput comparing to the storage solutions offered by Amazon such as S3 and EBS. A versatile file system called MosaStore is used as the distributed file system in all the experiments due to its simple deployment setup.
Back to Session 1
—————————————————————————————-
Alireza Rostamzade
“Spatial-Temporal Analysis of Information Propagation in Vehicular Networks”
Analytical modeling of delays in vehicular networks is important because it supports the development of safety-critical applications for intelligent transportation systems. Such analysis is, however, challenging due to the dynamics of such a network. We approach this problem first by using probabilistic modeling. The second way of facing this issue is to use some concepts from graph theory that we are currently working on that.
Back to Session 2
—————————————————————————————-
Maliha Sultana
“Improving file system performance via hybrid storage”
We advance the idea that hybrid storage systems including a combination of solid-state drives and magnetic hard drives can be utilized to obtain significantly improved file system performance. SSDs have much better read access times for data blocks than HDDs, and HDDs, on the other hand, are very attractive because of the much lower cost per gigabyte of storage. In this project we are developing an extension to the traditional file system that would utilize a relatively small SSD and a large HDD to provide the illusion of an SSD with high data capacity. The proposed file system will learn application block access block patterns and migrate blocks between SSD and HDD to ensure that frequently used blocks reside on the SSD and blocks with highly correlated accesses can be read ahead as appropriate from the HDD when a related block is read from the SSD.
Back to Session 2
—————————————————————————————-
Theepan Moorthy
“Process-Level Memory Contention Analysis”
Existing work on chip-multiprocessor (CMP) systems has easily shown that main memory contention degrades overall performance. It has also been shown that isolation of a particular memory component and increasing fairness via its own sharing algorithms is not effective in improving overall performance. From these problems, recent work has demonstrated that throttling or limiting the sources of contention themselves (i.e. cores in the case of CMP) is more optimal for improved system performance.
However, such work still only proposes “blindly” throttling interfering cores without any regard to the underlying SW processes that in fact are the true roots of contention. That is to say that, currently, dynamic limitations to main memory access are imposed on a core without any knowledge of the processes that were executing on the core during the periods of its greatest disturbance to other cores. Having such knowledge exposes to the higher-level OS scheduler the applications, belonging to such processes, which are causing the greatest amounts of memory contention to each other. Armed with this new knowledge, the scheduler itself may determine more optimal scheduling methods to reduce system degradation due to HW memory contention right at the OS level.
Identifying cores that are causing memory contention can be achieved relatively easily with existing built-in hardware monitoring logic on chip. However, tracking the process IDs that were running on such a core when a memory contention event was detected requires the addition of novel real-time Process ID registers and trackers/counters. It is the goal of this work to implement the HW architecture which will enable the OS to obtain more intimate exact knowledge of which of its processes are creating the greatest memory sub-system contention levels. This knowledge in turn can be applied to the creation of more optimal schedulers as already stated.
Back to Session 1