The Department of Computer Science at Columbia University

1
The Department of Computer Science at Columbia
University

• Henning Schulzrinne, Chair
• Dept. of Computer Science
• Columbia University
• 2005

2
Columbia Computer Science in Numbers

• 34 full-time faculty and lecturers
• visitors, postdocs, adjunct faculty, joint
  appointments (EE, IEOR),

3
Research
Interacting with Humans (5)
Interacting with the Physical World (9)
Making Sense of Data (7)
Systems (11)
Computer Science Theory (8)
Designing Digital Systems (4)
4
Research areas
5
Research
Interacting with Humans (5)
Interacting with the Physical World (9)
6
Newsblaster

• Automatic summarization of articles on the same
  event
• Generation of summary sentences

• Tracking events across days
• Foreign new ? English summaries

7
Task Based Evaluation Do summaries help users
with research?

• Quality of facts gathered significantly better
• With Newsblaster than with no summaries
• User satisfaction higher
• With Newsblaster sentence summaries than Google
  style 1-sentence summaries
• Summaries contributed important facts
• With Newsblaster than Google summaries
• Full multi-document summarization more powerful
  than documents alone or single sentence
  summarization

8
Spoken Language Processing (Julia Hirschberg)

• Detecting and generating speakers emotional
  state
• Corpus-based, using lexical, acoustic and
  prosodic features
• Areas
• Deceptive Speech vs. Truth-telling
• Anger/frustration, confidence/certainty in Online
  Tutoring Systems
• Charismatic Speech What makes some speakers
  charismatic?

9
Research
Systems (11)
10
Distributed Network Analysis (DNA)Faculty
Vishal Misra, Dan Rubenstein

• Mathematical modeling of communication/network
  systems
• also prototype experiment to validate theory
• Topics
• Resilient and Secure Networking
• Wireless (802.11, Mesh)
• Sensor Networks
• Overlay and P2P Networking
• Server Farms
• Analytical Techniques
• Stochastics
• Algorithms
• Control Theory, Queueing Theory, Information
  Theory

11
Distributed Multi-radio Allocation in Wireless
Mesh Networks

• Research Objectives
• Improve the throughput of 802.11 multi-hop
  networks by utilizing multiple channels.
• Develop a fully-distributed, self-stabilizing
  algorithm and protocol that assign channels to
  802.11 nodes.
• Build an experimental system using commodity
  hardware and evaluate the performance of the
  algorithm.

• Approach
• Multi-radio stations
• Semi-static channel assignment
• Goals
• Minimize interference
• Maintain connectivity
• Use self-stabilizing graph coloring algorithm

12
Wireless Mesh Network

• Multi-radio mesh node
• Allocates radios by Self-stabilizing algorithm
  based on graph coloring
• Fully distributed and self-organizing mechanism

• Testbed
• 10 mesh boxes (sponsored by MSR) 5 Desktop PCs
• 802.11b/g/a wireless adapters
• Mesh Connectivy Layer toolkit from
• MSR

• Mesh monitoring system
• Monitors and controls mesh networks from remote
  site
• Consistent throughput improvement of 20-50 for
  network

13
Evolution of VoIP
how can I make it stop ringing?
does it do call transfer?
long-distance calling, ca. 1930
going beyond the black phone
amazing the phone rings
catching up with the digital PBX
1996-2000
2000-2003
2004-
14
Context-aware communication

• context the interrelated conditions in which
  something exists or occurs
• anything known about the participants in the
  (potential) communication relationship
• both at caller and callee

15
Creating services for VoIP

• Telecom model
• Programmers create mass-market applications
• Web model
• Users and administrators create universe of
  tailored applications
• FrontPage for service creation
• Based on presence, location, privacy preferences

16
System Administration

• Not much research done
• Generally ad hoc
• A high percentage of exploits occurs from
  sysadmin failings

17
Patch Management

• Patches have a high probability of breaking
  applications
• Production systems can't be patched without
  testing but exploits frequently show up after
  the patch is released

18
Human Factors

• People don't know how to use security mechanisms
• People don't understand the effects of various
  security settings.
• If a user is running without root/Administrator
  privileges, are there normal operations that that
  person can't do? How do you grant that
  permission only?
• What threats are avoided by running without
  privileges?

19
Developing Profiles of Attackers A Longitudinal
StudyWorminator/PAYLIntrusion Detection Group,
Columbia University
WWW http//worminator.cs.columbia.edu
Email sal_at_cs.columbia.edu
June 14, 2005
Surveillence detected at site B
Objective Deploy a collaborative intrusion
detection and prevention solution capable of
detecting slow and low broad stealthy scans,
reconnaissance activities, and related behavior
as precursors to a worm or targeted attack to
multiple organizations in business longitudes.
Leverage both header and payload anomaly
detection to employ multiple defense strategies,
including signature generation, to proactively
protect vulnerable networks before the attack
happens.
Surveillence detected at site A
Site B
Site A
Common sources of scans for all three sites
Site C
Surveillence detected at site C
Profile and signature generation for defense

• Scientific/Technical Approaches
• Worminator integrates with best-of-breed IDS
  sensors and enables privacy-preserving alert
  exchange between sites, finding and building
  profiles of common sources of scan or attack.
• PAYL (PAYLoad Anomaly Detection) enriches
  Worminator with information about common
  signatures of exploits or attacks, enabling a
  comprehensive response

• Next Generation Attacks
• New worms and attack vectors leverage a hitlist
  to reduce spread time upon launch
• These hitlists are built in massively parallel,
  very slow-and-stealthy fashion
• Critical infrastructure an increasing target
  from these sources
• By rapidly profiling sources of these hitlist
  generators, we can proactively protect vulnerable
  targets, even with zero-day worms

20
Research
Computer Science Theory (8)
21
Foundations of Cryptography The Next Generation

• Traditional Cryptography achieves provable
  security of protocols, but assumes a clean,
  controlled model (e.g., strongly relies on the
  secret keys being completely protected).
• This is not sufficient for the way crypto is used
  today! e.g., over the internet, concurrently
  with many other protocols Crypto used
  everywhere, sometimes on small portable devices
  (smartcard, PDA), thus many opportunities to leak
  key.
• Key exposure is a major cause of security
  breaches, much more so than cryptanalysis.
• Our Work expand theoretical foundations to
  capture provable security against strong,
  realistic attackers, including
• Security when attacker can read the secret key
  (key exposure)
• Security when attacker can modify the secret key
  (tampering)
• Security against side channel attacks (power,
  timing analysis)
• Security in an Internet-like setting (when
  attacker can coordinate across several, unaware
  of each other, protocols).