Automated security intelligence
Enterprise systems are complex and keep evolving. It is difficult if not impossible to keep track of security vulnerabilities in such systems; many unknown zero-day vulnerabilities exist today. On the other side, it is impossible to train every employee with enough security knowledge and skills. To this end, we propose the automated security intelligence project, inspired by Sun Tzu's Military Principles : "If you know your enemies and yourself, you can win a hundred battles without a single loss."
Big Data analytics
With fast growing volumes of data in our world, the use of big data will become a key to accelerate productivity growth. This project investigates state-of-the-art techniques for mining massive data from various sources. We focus on structured (time series and event logs) and unstructured data (plain text, application traces, and system log files) mining. We are developing advanced analysis engines for mining time series data, complex event processing, graph mining, parallel and distributed mining, stream mining.
Software-defined networking (SDN) enables abstractions that separate the control/management and packet forwarding functions in network devices. By allowing these devices to be controlled through software installed on commodity servers, SDN provides flexible, predictable, reactive, and extensible network control. We study the implications and applications of SDN in enterprise network management, optimization, fault detection and prevention.
Mobile application management
Smartphones and tablets have become the new generation of personal information systems. Third-party apps provide great functionalities to these devices, but in the same time complicate the device security management. To this end, we start the mobile application management for leveraging cloud backend to manage smart devices. As a first step, we focus on using static and dynamic program analysis to detect the malware, information leakage and vulnerable apps to improve the device security.
CLUE: A large system debugging tool with deep analytics
Modern transaction systems may generate billions of log events on millions of transactions on a daily base,
and CLUE offers a debugging tool on those massive and unstructured events to recover transaction traces and mine transaction patterns.
CLUE features novel data mining technology for automated information retrieval, and state-of-art debugging toolset for developing and integrating large-scale distributed transaction systems.