COLLOQUIUM Department of Computer Science and Engineering University of South Carolina Lannan (Lisa) Luo Abstract As the digital brainpower of the IT revolution, software has become an important driving force of today?s economy as well as an indispensable element of personal life. Hence, the security of the software and systems becomes increasingly important. In this talk, I will present my work on analyzing and enhancing software and systems security, which applies rich and powerful software analysis methodologies. A particular emphasis is placed on two problems: automatically detecting software plagiarism and automatically discovering vulnerabilities in Android Framework. First, I will present CoP, a technique that can be applied to detect software plagiarism. Identifying similar code segments among programs is faced with a notorious challenge caused by code obfuscation and is even more difficult when the source code is unavailable. I will present how CoP addresses them. Then, I will present Centaur, a technique that applies symbolic execution to Android Framework aiming at discovering vulnerabilities and generating proof-of-concept exploits automatically. Android Framework is an integral and foundational part of the Android system, containing multiple million lines of code. Despite extensive work on Android, most of the existing tools are only capable of analyzing Android applications. There is a severe lack of techniques and tools for insecurity analysis of the underlying framework code in Android. Due to unique characteristics of Android Framework, many challenges are raised when conducting such program analysis as symbolic execution and taint analysis. I will show how we overcame these challenges and implemented the system for insecurity analysis of Android Framework. Finally, I will conclude the talk with a brief discussion on future research directions. Lannan (Lisa) Luo is a Ph.D. candidate in the College of Information Sciences and Technology at The Pennsylvania State University, under the supervision of Prof. Peng Liu. She received her B.S. in Telecommunications Engineering from Xidian University, Xi?an, China in 2009, and M.S. in Communications and Information Systems from The University of Electronic Science and Technology of China in 2012. Her research interests are software and systems security. During her PhD study, she mainly works on the software piracy problem and mobile computing security. Her research work has been published in FSE (Best Paper Award nomination), ICSE, DSN, and TSE. She did an internship at Microsoft Research Asia in 2015. Find more about her here: http://www.personal.psu.edu/lzl144/.

COLLOQUIUM Department of Computer Science and Engineering University of South Carolina Yonghong Yan Date: March 2, 2017 Time: 3:00-4:15pm Place: 300 Main B101 Abstract In this era of multicore, manycore and heterogeneous architectures with deep memory systems, portable parallel programming has become much more challenging than ever for both computation-intensive scientific and engineering applications, and applications that involve large-scale data processing such as computer vision or machine learning. It requires applications to expose significantly more concurrency at multiple levels including intra-node and inter-node, and to optimize local and shared data access with regard to the memory hierarchy of SRAM, DRAM, HBM, and storage. In this talk, the speaker will highlight the latest development of node-level parallel programming models for extreme scale performance, and discuss challenges and ongoing work in his research team for compiler and runtime systems to realize those models for many-/multi-core CPUs and GPUs. The talks will conclude with the discussion of memory-centric architecture and programming for future computer systems. Dr. Yonghong Yan is an Assistant Professor from Oakland University, Rochester MI, and a member of OpenMP Architectural Review Board and OpenMP Language Committee. Dr. Yan is an expert in parallel computing, compiler technology and high performance computer architecture and systems. He is an NSF CAREER awardee. His research team develop intra-/inter-node programming models, compiler, runtime systems and performance tools based on OpenMP, MPI and LLVM compiler, explore conventional and advanced computer architectures including CPU, vector, GPU, MIC, FPGA, and dataflow system, and support applications ranging from classical HPC, to big data analysis and machine learning, and to computer imaging. The ongoing development can be found from https://github.com/passlab. Dr. Yan received his PhD degree in computer science from University of Houston, has a bachelor degree in mechanical engineering, and loves physics and electric engineering as well. Apart from all those, he enjoys playing sports, fishing, writing science fictions, and playing with kids.

COLLOQUIUM Department of Computer Science and Engineering University of South Carolina Mahanth Gowda Abstract Motion tracking is a broad and classical problem that dates back many decades. While significant advances have come from the areas of robotics, control systems, and signal processing, the emergence of mobile and IoT devices is ushering a new age of embedded, human-centric applications. Fitbit is a simple example that has rapidly mobilized proactive healthcare; medical rehabilitation centers are utilizing wearable devices towards injury diagnosis and prediction. In this talk, I will discuss a variety of (new and old) IoT applications that present unique challenges at the intersection of mobility, multi-modal sensing, and indirect inference. For instance, I will discuss how inertial sensors embedded in balls, racquets, and shoes can be harnessed to deliver real-time sports analytics on your phone. In a separate application, I will show how GPS signals can be utilized to track the 3D orientation of an aggressively flying drone, ultimately delivering the much needed reliability against crashes. I will also show how injecting controlled mobility into conventional wireless infrastructure can open new opportunities in indoor WiFi and outdoor cellular networks. I will end with how arm motions of an individual can be inferred from smartwatch sensors alone, even when her arm and body are moving simultaneously (e.g., dancing). In general, I hope to show that information fusion across wireless signals, sensors, and physical models can together deliver motion-related insights, useful to a range of applications in IoT, healthcare, and cyber physical systems. Mahanth Gowda is a PhD candidate in the Computer Science department at the University of Illinois, Urbana Champaign (UIUC). His research interests include wireless networking, mobile sensing, and wearable computing, with applications to IoT, cyber physical systems, and human gesture recognition. He has published across diverse research forums, including NSDI, Mobicom, WWW, Infocom, Hotnets, ASPLOS, etc. Prior to joining UIUC, Mahanth obtained his M.S. from Duke University, and a B.Tech from Indian Institute of Technology, Varanasi. He has interned at Microsoft Research, IBM Labs, and recently at the wearable computing group at Intel.

COLLOQUIUM Department of Computer Science and Engineering University of South Carolina Rong Su Abstract We are at the dawn of the 4th industrial revolution - the era of the ICT backed Smart Manufacturing (or Industry 4.0). Among all challenges, the problem of how to model and manage efficiently the low volume high mixed (LVHM) manufacturing processes has been gaining more and more attentions from both academia and industry, owing to the rise of the maker/Do-It-Yourself (DIY) culture around the world. The major challenges in both modelling and operation planning are due to the complexity resulted from the scale and heterogeneity of the system, and the sophistication of relevant operations. In this talk I will first briefly mention one novel event-based modelling framework for cyber physical material handling, which, by separating operations and the corresponding materials, can significantly improve reusability of pre-developed models, making it potentially feasible to support a “drag and play” strategy, when constructing or reconfiguring a material handling system without a need of starting from scratch. After that, I will focus on a novel task routing and scheduling approach within a distributed synthesis framework based on time weighted discrete-event models. By going through an example of operation planning for linear cluster tools, I will show the potential advantage of this supervisor synthesis approach. In addition, I will show that the same modelling and synthesis framework can be applied to robot motion planning problems, accompanied by large–scale case studies in a simulated environment. Dr. Rong Su obtained his Bachelor of Engineering degree from University of Science and Technology of China in 1997, and Master of Applied Science and PhD degrees from University of Toronto in 2000 and 2004, respectively. After being affiliated with University of Waterloo and Technical University of Eindhoven, he joined Nanyang Technological University in 2010. Dr Su’s research interests include discrete event system theory, model-based fault diagnosis, operation planning and scheduling and control of multi-agent systems, with applications in smart manufacturing, intelligent transportation, human-robot interface, power management and smart buildings. He has more than 110 publications and 2 patents in the aforementioned areas. So far he has been involved in several projects funded by Singapore National Research Foundation (NRF), Singapore Agency of Science, Technology and Research (A*STAR), Singapore Ministry of Education (MoE), Singapore Civil Aviation Authority (CAAS) and Singapore Economic Development Board (EDB). Dr Su is a senior member of IEEE, and an associate editor for Journal of Discrete Event Dynamic Systems: Theory and Applications, Transactions of the Institute of Measurement and Control, and Journal of Control and Decision. He is also the Chair of the Technical Committee on Smart Cities in the IEEE Control Systems Society.

USC Cyber Security Club is hosting a public Town Hall featuring USC's new Chief Information Officer, Doug Foster. We will hear about his vision for USC and learn about what it takes to become a CIO. If you've ever had a problem with a USC system, you can discuss your issue with the CIO himself. The event will be held Friday February 24 at 5:30pm in Swearingen 1C01 (Amoco Hall). Everyone is welcome. Thanks, Ronni Wilkinson Information Technology Services College of Engineering and Computing University of South Carolina

COLLOQUIUM Department of Computer Science and Engineering University of South Carolina Shiyi Wei Abstract Software is ubiquitous. As its importance grows, the mistakes made by programmers have an increasingly negative effect, leading to critical failures and security exploits. As software complexity and diversity grows, such negative effects become even more likely. Automated program analysis has the potential to help. A program analysis tool approximates possible executions of a program, and thereby can discover otherwise hard-to-find errors. However, significant challenges must still be overcome to make program analysis tools practical for real-world software. I have gained substantial experience in building novel program analysis tools whose aim is to produce more secure and reliable software. Recently, I have focused on the challenge of building analysis tools that perform well (i.e., can analyze realistic code in a reasonable amount of time) and are precise (i.e., do not produce too many "false alarms"). To this end, I have developed an approach that systematically uncovers sources of imprecision and performance bottlenecks in program analysis. The goal is to significantly reduce the time-consuming manual effort otherwise required during analysis design process. In addition, I have designed an adaptive analysis, in which appropriate techniques are selected based on the coding styles of the target programs. Selection is based on heuristics derived from a machine learning algorithm. The idea is that precise techniques can be deployed only as where and when they are needed, leading to a better balance overall. Shiyi Wei is a post-doctoral associate at University of Maryland, College Park. He obtained his Ph.D. in Computer Science from Virginia Tech in 2015, and B.E. in Software Engineering from Shanghai Jiao Tong University in 2009. His research interests span the areas of Programming Languages, Software Engineering and Security. The goal of his research is to make program analysis practical for improving the security and reliability of real-world software. He has published articles at top venues in his areas of interest, such as PLDI, FSE, ECOOP, and ISSTA. He has interned at IBM T. J. Watson Research Center.

COLLOQUIUM Department of Computer Science and Engineering University of South Carolina Zhichuan Huang Abstract The White House announced Smart Cities Initiative with $160 million investment to address emerging challenges in this inevitable urbanization. Under the scope of this initiative, my work addresses emerging problems in the smart energy systems in connected communities with a data-driven approach, including sensing hardware design, streaming data collection to data analytics and privacy, system modeling and control, application design and deployments. In this talk, I will focus on an example of data driven solutions for data and energy management in smart grids. I will first show how to collect the energy data from large-scale deployed low cost smart meters and minimize the communication and storage overhead. Then I will show how we can conduct energy data analytics with the collected energy data and utilize data analytics results for real-time energy management in a microgrid to minimize the operational cost. Finally, I will present real-world impact of my research and some future work about CPS in smart cities. Zhichuan Huang is a Ph.D. candidate in Department of Computer Science and Electrical Engineering at University of Maryland, Baltimore County. He is interested in incorporating big data analytics in Cyber-Physical Systems (also known as Internet of Things under some contexts) for data driven applications in Smart Connected Communities. His current focus is on data driven solutions for smart energy systems including from sensing hardware design, streaming data collection to data analytics and privacy, system modeling and control, application design and deployments. His technical contributions have led to more than 20 papers, featuring 14 first-author papers in premier venues, e.g., IEEE BigData, ICCPS, IPSN, RTSS and best paper runner-up in BuildSys 2014.

Computer Science and Engineering Colloquium Abstract: Billions of devices are connected to the Internet today, significantly changing the threat landscape by lending adversaries unprecedented resources to launch automated attacks, and requiring new threat analysis and defenses. In this talk, I will argue that big data analytics can play an important role in securing the Internet, and exemplify my argument with applications to distributed denial of service (DDoS), malware analysis, and massively multiplayer online role-playing game (MMORPG) bot detection. First, I will present an analytical view of 50,000 unique and verified DDoS attacks on services on the Internet. I will show how adversaries’ spatiotemporal traits follow predictable patterns, consecutive attacks follow certain patterns allowing prediction of future threat, and attackers are highly collaborative. Second, I will show how big data analytics are applied to malware analysis and software behavior profiling, and demonstrate optimizations to scale such analytics. Third, I will discuss an analytics framework for game bot detection in MMORPG using self-similarity of user behavior. By applying this framework to three large online games, I demonstrate how this analytics approach can be used to extract general features of behavior and effectively detect game bots in practice. I will conclude by highlighting my vision of how this analytics approach can be applied to realize effective and proactive defenses, and extended for other applications. Bio: Aziz Mohaisen is an Assistant Professor of Computer Science at the University at Buffalo. The current focus of his research is building security analytics for understanding and defending threat in software and networks, with applications to Malware, DDoS, DNS, MMORPG, IoT, Blockchain, etc. His work has been supported by various awards from NSF, NRF, AFRL and AFOSR. He was the recipient of the US Air Force Summer Faculty Fellowship (2016). Before joining UB in 2015, he was a senior research scientist at Verisign Labs in the Washington D.C. area (2012-2015) and a Research Engineer at ETRI in South Korea (2007-2009). He earned his M.Sc. and Ph.D. in Computer Science from the University of Minnesota in 2012, and was a recipient of the Doctoral Dissertation Fellowship (2011). Aziz is an avid (ultra)marathoner, and when not doing research or running, he likes to explore the world with his three growing kids.

Speaker: Dr. Ron Addie Abstract: It is understood that ICT security can be defined and enforced through rules. In this work, the concept of rules which define and ensure users' access to services is introduced. Examples of how service is hindered by otherwise sensible security rules are presented. The concept of service protection policies is introduced. We use ns3 and Click in simulations to check the consistency of aggregate security policy by checking that service protection rules are valid. We show that these can improve the performance of the network experienced by users and increase network security. Short Bio: Ron Addie received his BSc degree from Monash University in 1972 and completed his PhD at Monash University in the area of semi-Markov queues in 1986. From 1972 to 1992, he worked in Telstra Research Laboratories where he was involved in the development of ATM, teletraffic, and network analysis and design. In 1992 he moved to the University of Southern Queensland, where he holds the position of Associate Professor. His current research interests include queueing theory for long-range dependent traffic, rare event simulation, layered network design, network analysis, design and simulation software and security of web information systems. He is the author or co-author of many journal and conference papers, primarily in the area of communications, with more 1000 citations (according to Google Scholar).

THESIS DEFENSE Department of Computer Science and Engineering University of South Carolina Author : Sendurr Selvaraj Advisor : Dr. Jianjun Hu Date : Jan 6th 2017 Time : 09:30 am – 10:30 am Place : Dean’s Conference room, Swearingen. Abstract India is a vast country with majority of its cities and towns connected through roads. Road transportation contributes to 86% share of the freight transport of the country with trucking companies dominating the entire space. With growing economy and demands raising, the quality of service of the trucking company remains poor. The major reasons are unorganized practice and lack of transparency. Moreover, limited access for customers to reach out to truckers to transport their goods. This thesis aims to create a platform for customers and truckers to realize their needs with a help of a mobile application. Customers can search for truckers nearest to their location based on their needs. In addition, customers can also post their transport requirements which can be viewed by truckers. Truckers have options to update their travel plan well in advance making sure they run on full capacity. The application captures customers’ ratings for truckers thus building truckers’ creditability and in-turn improving quality of service. The platform provides a transparent mode of communication between customers and truckers on finalizing prices and eliminating middlemen, who in reality would draw commissions. The scope of the application can be extended to advertisement feeds, deals and truck sales as a revenue generation model to bare its operational cost.