August 18, 2023
The 2023 UNC-Intel Research Experience for Undergraduate Students (REU) wrapped up with a closing ceremony on July 28. The ceremony featured research presentations by each of the participating students: Kimberly Brown, Muna Lentison, Andrew Lockard, Rutva Mehta, Madukaife Okafor, and Jayden Rogers. In addition to the cohort, the event was attended by UNC Computer Science faculty, staff, and graduate students and by industry mentors from Intel.
The UNC-Intel REU is a summer-long program to bring undergraduate computer science students to Chapel Hill to conduct research in the areas of hardware and system security under the guidance of UNC CS faculty and Intel researchers. The 2023 program was the second held at UNC in partnership with Intel, and the cohort doubled in size from the inaugural year.
In addition to learning about systems security, hardware security, and privacy, the cohort got to make connections with Intel mentors and experience life as a researcher at UNC. They attended weekly workshops on both computer security topics and diversity, equity, and inclusion (DEI) principles. Outside of work hours, the group bonded with social events in Chapel Hill and throughout the Triangle area.
With the 2023 program coming to an end, the cohort gathered with advisors, mentors, program staff, and research group members in person and virtually to celebrate the research they undertook this summer. The projects covered a wide range of privacy and security issues on hardware designs, cloud computing, networking, and telecommunication.
With this experience and the connections they have made, the students of the 2023 cohort will return to their schools for their junior year with additional expertise to bring to future research and a better understanding of how industry and academia can shape their future.
“Authenticating Key-Value Data on an Untrusted Cloud”
Undertaken by Muna Lentison
Advised by UNC’s Don Porter, Jaehyun Han, and Yizheng Jiao and Intel’s Olu Oniyinde and Michael LeMay
As more and more data is outsourced to third-party cloud providers, users encounter the problem of authenticating their data, or ensuring that the data they get back from the cloud is the same data they uploaded to the cloud initially. Cryptographic hashing techniques can detect data corruption, but only at significant computational expense–at least 10 times the computing resources, even using state-of-the-art methods. Lentison’s summer project was to measure the impact on performance of different design parameters in a data authentication scheme for an untrusted cloud data service.
“Fairness Across Network Congestion Control Protocols”
Undertaken by Kimberly Brown
Advised by UNC’s Jasleen Kaur and Intel’s Vani Yalapalli and Wendell Scruggs
The Transmission Control Protocol (TCP) influences how most internet users access data and messages on remote servers. Round-trip Time (RTT) refers to the amount of time that passes between a user initiating a request to the server and the user receiving the data, and it can be affected by factors like server response time, network congestion, and the type of connection being made. TCP throughput is considered “RTT-fair” when the protocol can alleviate substantial differences in throughput for different users with different RTTs. Brown identified a recently published scheme purporting to provide RTT fairness and undertook a series of experiments to evaluate the claim, ultimately determining that the algorithm is not RTT fair for all TCP protocols.
“Network Privacy and Security”
Undertaken by Madukaife Okafor
Advised by UNC’s Saba Eskandarian and Matthew Gregoire and Intel’s Fahimeh Rezaei and John Robinson
Routers that we use to access the internet record activity from all connected devices in order to meter data usage and monitor for network strength and security. What most users don’t think about is that the data that a router collects can be used to learn a lot about individual users. Okafor wrote an algorithm to analyze router logs and list the IP address used by each user connected to the router. The algorithm can be used to demonstrate how much information our local internet infrastructure can gather about our online activities.
“Preparing Hardware Designs for Symbolic Execution”
Undertaken by Jayden Rogers
Advised by UNC’s Cynthia Sturton and Kaki Ryan and Intel’s John Matthews and Kendall Bailey
Sturton’s research group previously developed a symbolic execution engine for use with hardware designs. The engine is used to determine which inputs will result in various states of the hardware, which is helpful in designing, debugging, and securing hardware. The symbolic execution analysis must begin with the hardware in its reset state, and doing this manually can be tedious and introduce user errors. Rogers developed a script that works with a particular tool to pull reset-state information about a hardware design and make it available to the symbolic execution engine, limiting the amount of manual analysis needed.
“Relighting for Preserving Privacy During Zoom Calls”
Undertaken by Rutva Mehta
Advised by UNC’s Roni Sengupta, Jun Myeong Choi, and Max Christman and Intel’s Fillipe Souza and Mir Ahsan
Zoom meetings have become part and parcel of our everyday work life. While various hardware and software security measures have been implemented to make Zoom calls safe, sophisticated machine learning models can determine private information about the user. For example, a model can be trained to predict whether one of the participants is paying attention to the Zoom call and even try to predict what that user is doing on their computer screen during the call. Mehta’s project showed that AI-based facial relighting techniques, which have primarily been used for aesthetics rather than privacy, can be a potential defense against these vulnerabilities.
“Testing Hyperproperties with Hamming Codes”
Undertaken by Andrew Lockard
Advised by UNC’s Sridhar Duggirala and Intel’s James Cavanaugh and Chris McConnell
The integration of software into physical devices like sensors and smart appliances has highlighted the importance of security and privacy in computation and communication. Hyperproperties are used as tools for modeling and verifying if a given computational process preserves privacy by quantifying its information leakage. Lockard investigated coding schemes such as Hamming codes that are used for data transmission through communication channels that can introduce errors during transmission. Andrew has modeled information leakage as a hyperproperty and demonstrated that Hamming codes do not contribute to the information leakage during transmission.