Dr. Xuxian Jiang's team found a data stealing vulnerability in Android v2.3. More details can be found here including the next steps in response to the discovery.
 

Wednesday 7/21/2010

Room 3211, Engineering Building II, NC State University

Plenary

9:00

• Welcome & Introduction - Dennis Kekas
• SOSI Management Overview - Dennis Kekas
• Overview of ITng - Wayne Clark
• SOSI Year 2 Technical Overview - Dr. Peng Ning

Security of cloud computing infrastructure

9:30 - HyperSafe: Enabling Hypervisor Self-Protection from Code-Injection Attacks - Dr. Xuxian Jiang

9:45 - Assuring Runtime Service Integrity in Cloud Systems - Dr. Xiaohui "Helen" Gu

10:00 - Flow Isolation in Optical Networks - Dr. George Rouskas

10:15 - HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity - Dr. Peng Ning

10:30 -- 10:45 Break

Open source software security

10:45 - Automatic Security Testing and Monitoring for Software Applications - Suresh Thummalapenta (On behalf of Dr. Tao Xie)

11:00 - Investigating the Relationship between Developer Collaboration and Software Security - Andy Meneely (On behalf of Dr. Laurie Williams)

11:15 - Towards a Software Reliability Engineering View of Open Source Software Security - Prasanth Anbalagan (On behalf of Dr. Mladen Vouk)

Security of service oriented computing

11:30 - Trustworthy Service Selection Based on Adaptive Exploration - Dr. Munindar Singh

11:45 - A Policy Reasoning Tool for Composite Services - Dr. Ting Yu

12:00 -- 1:00pm Lunch Break

Wireless Security

1:00 - CentMesh -- The Centennial Wireless Mesh Network Testbed - Dr. Mihail Sichitiu

1:15 - Jamming-Resistant Broadcast Using Frequency Hopping in Multihop Networks - Dr. Huaiyu Dai

1:30 - A Routing Layer Approach to Jamming Effect Mitigation in Multihop Wireless Networks - Umang Patel (On behalf of Dr. Rudra Dutta)

1:45 - An Intelligence Sharing Framework for Socialized Mobile Networks - Seongro Yoon (On behalf of Dr. Injong Rhee)

Security in emerging open systems

2:00 - Assessment of Security Functionality in Power Grid Systems - Zhuo Lu (On behalf of Dr. Wenye Wang)

2:15 - Defending Against Sybil Nodes in File-Sharing Systems - Jung Ki So (On behalf of Dr. Douglas Reeves)

2:30 - Identifying Data Attacks in CPS Real-Time Systems - Chris Zimmer (On behalf of Dr. Frank Mueller)

Testbed

2:45 - VCL testbed and wireless mesh testbed - John Bass

3:00 -- 3:15 Break

Wrap-up

3:15

• Second Year Successful Outcomes - Dennis Kekas
• Plan for Year 3 Activities - Dr. Peng Ning

3:30 General Discussion

4:00 Adjourn

Dr. Xuxian Jiang and his graduate student Zhi Wang made a quite a splash after presenting their findings on 'HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow' at the IEEE Symposium on Security and Privacy on May 18, 2010. A list of press articles can be found here. Securing the hypervisor is a fundamental need for creating trust in virtualized computing systems. You can follow Dr. Jiang's work here.

SOSI project reports will be presented at the Institute for Next Generation IT Systems (ITng) Launch event on April 21 and 22, 2010.

The event will be held in Engineering Building 2 on NCSU's Centennial Campus.

• An agenda is listed here.
• Please register here.