Thursday, August 21, 2014

Center for Extreme Events Research at UC San Diego / website launch

The Center for Extreme Events Research at the Jacobs School of Engineering is focused on advancing the engineering research essential to protect critical infrastructure and bio-systems from extreme hazardous events.

Jiun-Shyan (JS) Chen is the Director of the Center for Extreme Events Research at UC San Diego. Chen holds the William Prager Endowed Chair in the Department of Structural Engineering at UC San Diego. He is Editor-in-Chief of Interaction and Multiscale Mechanics: an International Journal.

The Center for Extreme Events Research is the second "agile center" to be launched at the Jacobs School of Engineering under the leadership of Dean Albert P. Pisano. (Learn about Pisano's vision for agile centers at the Jacobs School here.)

Researchers find security flaws in backscatter X-ray scanners

A team of researchers from the University of California, San Diego, the University of Michigan, and Johns Hopkins University have discovered several security vulnerabilities in full-body backscatter X-ray scanners deployed to U.S. airports between 2009 and 2013. In laboratory tests, the team was able to successfully conceal firearms and plastic explosive simulants from the Rapiscan Secure 1000 scanner.  The team was also able to modify the scanner operating software so it presents an “all-clear” image to the operator even when contraband was detected.  

The researchers presented their study Aug. 21 at USENIX Security '14 in San Diego. Naturally, they have attracted plenty of media attention. 

A list of links for your reading pleasure:

Wired, Aug. 20, 2014, Researchers Easily Slipped Weapons Past TSA's X-Ray Bodyscanners

UT San Diego, Aug. 20, 2014, Full-body scanners miss guns, explosives

Popular Science, Aug. 21. 2014, Weapons Can Be Carried Easily Through The TSA's Full-Body "Naked" Scanners

CNNMoney, Aug. 21, 2014, Body Scanners Problem: Fails to Detect Guns,

Computerworld, Aug. 21, 2014, Retired US airport body scanners fail to spot guns, knives

MarketWatch, The Wall Street Journal, Aug. 20, 2014, Airport scanners failed to detect guns, knives, explosives

Businessweek, Aug. 20, 2014, TSA Scanners That Saw You Naked Can Be Tricked to Miss Guns, Bombs

Gizmodo, Aug. 20, 2014, It's Shockingly Easy to Hide Guns and Bombs From Backscatter Scanners

Science 2.0, Aug. 20, Low-Tech: Security Flaws In Airport Backscatter X-Ray Scanners

New York Post, Aug. 20, 2014 TSA machines failed to detect guns and bombs

BoingBoing, Aug. 20, 2014, Security researchers buy pornoscanner, demonstrate how to sneak in guns & bombs

Friday, August 15, 2014

Transfer students get help to prepare for the Jacobs School

"You definitely don't want to have three finals on the same day," one student told an audience of 23 incoming transfer students gathered in the Qualcomm Conference Center in Jacobs Hall Thursday morning. They took note.
The students were there for Transfer PrEP, a three-day residential summer program for incoming transfers organized by the Jacobs School's IDEA Student Center. Students go to meet with faculty, teaching assistants, engineering advisers and industry. They also got lab and company tours and heard from alumni about career options.
Thursday morning, they learned about how to pick their classes and sign up for scholarships, among other things, from a group of former transfer students.

Wednesday, August 13, 2014

Get your sweat-powered battery here

Professor Joe Wang is heating up the airwaves and Internet with news of a tattoo "biobattery" that generates energy from sweat. Wenzhao Jia, a postdoctoral researcher in the Wang laboratory, presented a paper on the technology today at the American Chemical Society meeting in San Francisco.

The device works by detecting and responding to lactate, which is naturally present in sweat. Wang's team imprinted a flexible lactate sensor onto temporary tattoo paper. The sensor contained an enzyme that strips electrons from lactate, generating a weak electrical current.

"The current produced is not that high, but we are working on enhancing it so that eventually we could power some small electronic devices," said Jia. Notably, in an experiment with volunteers with a range of fitness levels, the least fit people generated the most energy. As researchers develop wearable sensors for health and fitness and medical monitoring, they will need to figure out how to power them without adding the bulk of heavy conventional batteries. Wang is also the director of the new Center for Wearable Sensors at UC San Diego Jacobs School of Engineering.

Read all the great coverage and watch the video:

Washington Post



Popular Mechanics

Don't drink and drone: Jacobs School alumns launch Kickstarter to create drone pilot flight school

"Don't drink and drone!" That's the advice in this fun video produced by SparkAerial, a start-up co-founded by Jacobs School computer science alums Radley Angelo, Kurt Selander and Austin Hill. The company bills itself as a full-service UAV shop and offers for example custom-built quadcopters and other flying UAVs and aerial cinematography services.

The team got their start in the Engineers for Exploration program here at the Jacobs School. Their got to accompany researcher Albert Lin on his expedition to find Genghis Khan's tomb in Mongolia. Since then, their work has been featured on CNN, Good Morning America and the National Geographic Channel, among many others.

They have recently launched a Kickstarter to create a drone pilot school. So far, with 26 days to go, backers have pledged $3,115 of a $5,000 goal. The money would go to creating an aerial cinematography video training series and an online resource center for aspiring drone pilots.
According to their Kickstarter page:

Our goal here is simple; we want to teach the world how to have fun, fly safe, and capture amazing content. The series covers everything from the basics, like choosing a copter and taking off for the first time, to more advanced piloting maneuvers that will make your video the talk of the town.

Tuesday, August 12, 2014

CSE-Related Research and Researchers Dominate USENIX Security Forum

Here's an alert to graduate students in CSE who want to attend the 23rd annual USENIX Security Symposium that will take place August 20-22 at the Manchester Grand Hyatt San Diego. The conference has extended the deadline for students to apply for travel, accommodations and/or registration grants to attend this year's event. The new deadline is Monday, July 14, and applications must be submitted online (see link below).
USENIX Security is one of the "big three" conferences in computer security, and this year's meeting is going to showcase the work of current faculty and grad students, but also the work of UC San Diego CSE alumni. CSE Prof. Hovav Shacham (pictured at right) is the senior author of a paper, "On the Practical Exploitability of Dual EC in TLS Implementations," co-authored with colleagues including grad student Jake Maskiewicz and CSE alumni Stephen Checkoway (now at Johns Hopkins) and Tom Ristenpart (University of Wisconsin-Madison). Shacham is also senior author on another paper with co-authors from UC San Diego and the University of Michigan. CSE Ph.D. student Neha Chachra(at left during previous internship at Google), advised by Geoffrey Voelker and Stefan Savage in the Systems and Networking group, is one of the co-authors on a paper titled, "Hulk: Eliciting Malicious Behavior in Browser Extensions." In addition to Chachra, the co-authors on the Hulk paper hail from two other University of California campuses -- three co-authors from UC Santa Barbara, and two from UC Berkeley and the International Computer Science Institute, including senior author Vern Paxson.
In addition to the paper above, CSE alumnus Tom Ristenpart (Ph.D. '10) has three other papers on the USENIX Security program. Both Ristenpart and Georgia Tech professor Alexandra (Sasha) Boldyreva (Ph.D. '04) studied under CSE Prof. Mihir Bellare, and Boldyreva also has a paper at USENIX Security this year. Another CSE alumnus, Stephen Checkoway (Ph.D. '12), had four papers accepted (two of them co-authored with UC San Diego researchers). A fourth CSE alumnus, Chris Kanich (Ph.D. '12) -- now an assistant professor at the University of Illinois at Chicago -- also has a paper ("The Long 'Taile' of Typosquatting Domain Names"). Pictured above (l-r): CSE alumni Ristenpart, Checkoway, Boldyreva and Kanich.
According to Center for Networked Systems director Stefan Savage, CSE's intellectual imprint on USENIX Security 2014 goes beyond the individual papers. "There are two sessions whose purpose is driven by our past work," said Savage. "There is a session on return-oriented programming (ROP) that is driven entirely by Hovav Shacham's seminal work on ROP. On top of that, roughly 75 percent of the side-channel session is motivated by the work Tom Ristenpart did here at UC San Diego on cross-VM attacks in the cloud."

Deciphering CSE's Upcoming Presence at Crypto 2014

CSE professors Mihir Bellare and Daniele Micciancio will be in Santa Barbara August 17-21 for the 34th International Cryptology Conference at UC Santa Barbara. The conference is sponsored by the International Association for Cryptologic Research (IACR), and the general chair of the conference is CSE alumna Alexandra (Sasha) Boldyreva (Ph.D. ’04), who worked in Bellare’s lab and is now an associate professor in Georgia Tech’s Information Security Center.
This year’s IACR Distinguished Lecture will be given by UC San Diego’s Bellare (pictured at left). The title of his talk: “Caught in between theory and practice.”  “This talk explores the culture and motivations of the cryptographic research community,” explains Bellare. “I examine the tension between theory and practice through the lens of my own experience in moving between them. I examine the peer-review process through the lens of psychology and sociology. In both cases the aim is to go from critique to understanding and, eventually, change.”
Bellare also has two other papers at Crypto 2014. In the August 18 opening session, he and colleagues Kenneth G. Paterson (University of London) and Phillip Rogaway (UC Davis) have a paper on "Security of Symmetric Encryption against Mass Surveillance." According to its authors, the research was “motivated by revelations concerning population-wide surveillance of encrypted communications.” In the paper, Bellare and colleagues formalize and investigate the resistance of symmetric encryption schemes to mass surveillance. The research abstract notes that, “We assume that the goal of ‘Big Brother’ is undetectable subversion,” going on to spell out a way to defend against so-called algorithm-substitution attacks (ASAs), which aim to replace a real encryption algorithm with a subverted encryption algorithm.
Separately, Bellare and his postdoc (Viet Tung Hoang), and Ph.D. student Sriram Keelveedhi teamed on a paper called, "Cryptography from Compression Functions: The UCE Bridge to the ROM." UCE stands for Universal Computational Extractor, and ROM is the Random Oracle Model.
Then on August 19, in a session on lattices, Micciancio (at right) and his French postdoc Léo Ducas have a paper on “Improved Short Lattice Signatures in the Standard Model.” They will present “a signature scheme provably secure in the standard model (no random oracles) based on the worst-case complexity of approximating the Shortest Vector Problem in ideal lattices within polynomial factors” – achieving short signatures (consisting of a single lattice vector), and “relatively short” public keys.