View
227
Download
4
Category
Preview:
Citation preview
Dipartimento di Informatica, Sistemistica e ComunicazioneDipartimento di Informatica, Sistemistica e Comunicazione
Università degli Studi di Milano – BicoccaUniversità degli Studi di Milano – Bicocca
Claudio Ferretti Alberto Leporati
{ferretti,leporati}@disco.unimib.it{ferretti,leporati}@disco.unimib.it
DISCo WS - Milan - June 16, 2009 2
Research Areas and Approaches
Open Source:Source code available ...... from Operating Systems to Applications
Computer Security:on Networks, and in Applications
The Lab explores these (then new) technological areas
It established links to: students, professors, companies
DISCo WS - Milan - June 16, 2009 3
Activities...
...with students:Theses (around 20 per year)“LUGs”
...with our University:
Making open source tools available in shared laboratories
Training skilled technicians
...with Companies
Stages
Joint research
DISCo WS - Milan - June 16, 2009 4
Research Activities: PhD students
A. Gallini:
Computational and Programming Models for Molecular-scale devices based machines
S. Orciari:
Integration of 3G and wireless LAN architectures: a perspective on authentication
S. Felloni:
Decoherence, inaccuracy and errors in quantum information processing
DISCo WS - Milan - June 16, 2009 5
Theoretical backgrounds,and technological interests
Faculty staff in OpenIt also do research in the BIMIB Lab
Research topics are strongly influenced by such scientific backgrounds (theoretical models and their properties)
In OpenIt, we link models to applications
Also, OpenIt supports technical developments required by researches in BIMIB
DISCo WS - Milan - June 16, 2009 6
Research Activities: papers
Some research papers:
• D. Molteni, C. Ferretti, G. Mauri. Frequency Membrane Systems. Computing and Informatics, 2008.
• A. Leporati, C. Ferretti, G. Mauri, M.J. Pérez-Jiménez, C. Zandron. Complexity aspects of polarizationless membrane systems. Natural Computing, 2008.
• A. Leporati, S. Felloni. Three “Quantum” algorithms to solve 3-SAT. Theoretical Computer Science, 2007.
DISCo WS - Milan - June 16, 2009 7
About funding and grants
ERC Starting Grant proposal:
“Theoretical Foundations of Computer
and Network Security”
Topic: the computational model called “membrane systems” can be used to formalize highly structured computer networks, which require the definition of provably secure firewall rules
DISCo WS - Milan - June 16, 2009 8
Results and Demonstrators
Bio-inspired computational models became:
A Java-based parallel simulator, tested on a small clusterAn adaptive and fault-tolerant (simulated) “Bio-Floor”: Someone on the floor (yellow dot) moving up, and tiles light up anticipating his movement
Further computational models:
An obfuscating processor, based on “register machines”
DISCo WS - Milan - June 16, 2009 9
Activities...
DISCo WS - Milan - June 16, 2009 10
Activities...
DISCo WS - Milan - June 16, 2009 11
More specific: Security
“Obfuscating” network traffic:a distributed system mixing false and real traffic to defeat its analisys
Assisted generation of firewalls' ACLs:from simple checking to automatic building
with the help from traffic samples
On these topics: ongoing collaboration with “TELCO” laboratory
Obfuscating software:On these topics: ongoing collaboration with “ESSERE” laboratory
DISCo WS - Milan - June 16, 2009 12
More specific: Open Source
We are interested in making good use of source code, especially available in the open source technological arena
A whole growing area is that of fruitfully mixing static information (source code) and information gathered at runtime (e.g.: syscall tracing)
Expected areas of application:
extracting Patternssecurity Checkssmart debugging tools
In collaboration with “ESSERE”
DISCo WS - Milan - June 16, 2009 13
Theory, also
About extracting Patterns:• Tracing the execution of a given program, in
addition to the static analysis of the source code, helps in recognizing programming patterns in that software product
• the problem opens interesting theoretical issues, for example concerning the computational complexity of this pattern extraction , when patterns are modeled as graphs
Security checks on applications:• Adding runtime informations to static analysis
helps in reducing false positives, or in defining heuristics
DISCo WS - Milan - June 16, 2009 14
Approach: integration inopen source tools
Given the availability of (open) source code:
whenever possible we develop tools as extensions to existing projects, or as plugins for them…
DISCo WS - Milan - June 16, 2009 15
Approach: integration inopen source tools
Example: a tool developed as a plugin for the Eclipse IDE platform
Recommended