Virtualization Supported Security
My research improves computer security by detecting kernel based rootkits and other malware from the high ground of a hypervisor. The high ground position provides isolation and increased privileges to observe the guest operating system and processes. Increased privilege removes the possibility for spoofing and tainting found in conventional antivirus techniques where the antivirus and malware operate at the same privilege.
To support this project, I developed a KVM virtual machine manager add-on that maps the entire guest memory into the host file system. With the KVM add-on, pre-existing forensic memory analysis tools – originally designed to examine memory dump files offline – can now examine guest state in real-time with native memory performance. These memory mapping techniques will also be extended to enable new virus detection software without compromising guest performance. The KVM add-on has been released as the shm-snapshot element of the open-source LibVMI virtual machine introspection project (http://libvmi.com).
Peter F. Klemperer, Bryan D. Payne, and James C. Hoe, “Efficient Hypervisor Based Malware Detection,” In submission to IEEE Transactions on Dependable and Secure Computing (TDSC).
Benchmarking Introductory Programming Exams
I assisted in the testing of a new benchmark of computer science understanding. The benchmark is intended to measure student understanding of core computer science concepts. To support this study I administered the benchmark to the introductory computer science course I was teaching at the University of California San Diego Computer Science Department and scored the results.
Simon, Judy Sheard, Daryl D’Souza, Peter Klemperer, Leo Porter, Juha Sorva, Martijn Stegeman and Daniel Zingaro. Benchmarking Introductory Programming Exams: Some Preliminary Results. The twelfth annual ACM International Computing Education Research (ICER) Conference, September 2016.
Simon, Judy Sheard, Daryl D’Souza, Peter Klemperer, Leo Porter, Juha Sorva, Martijn Stegeman, Daniel Zingaro. Benchmarking Introductory Programming Exams: How and Why. In Proceedings of the 21st Annual Conference on Innovation and Technology in Computer Science Education (ITiCSE), July 2016.
Photo Tagging for Access Control
I assisted in the development of an 18 participant in-lab user study of whether access control policies could be inferred from photo tags. To support this study I developed custom web-based interfaces for displaying access policy rules inferred from photo tags and for capturing users policy preferences.
Peter Klemperer, Yuan Liang, Michelle Mazurek, Manya Sleeper, Blase Ur, Lujo Bauer, Lorrie Faith Cranor, Nitin Gupta, and Michael Reiter. 2012. Tag, you can see it!: using tags for access control in photo sharing. In Proceedings of the 2012 ACM annual conference on Human Factors in Computing Systems (CHI ’12), 2012.
Reactive Access Control
I assisted in the development of a 24 participant in and out of lab experience-sampling study of whether users could create accurate access control policies dynamically in response to requests (i.e. reactive policy). To support this study I developed a software platform for automatically sending simulated file requests to each participant at random intervals over a period of a week as well as conducting subject interviews.
Michelle L. Mazurek, Peter F. Klemperer, Richard Shay, Hassan Takabi, Lujo Bauer, Lorrie Faith Cranor, Exploring reactive access control, Proceedings of the 2011 Annual Conference on Human Factors in Computing Systems (CHI), 2011.
FPGA Implementation of Reliability and Security Engine
I adapted a previously simulation-only MIPS-like processor core to Xilinx field- programmable gate array (FPGA) implementation and integrated reliability and security hardware-checking modules into the pipeline. I then interfaced the Nallatech PCI-based FPGA carrier card to the x86 host to demonstrate the performance of the Reliability and Security Engine core. I presented the FPGA implementation of the Reliability and Security Engine at the 2007 Workshop on Dependable and Secure Nano-computing and prepared a demonstration for the Trusted Cyber Infrastructure for Power center annual NSF review in 2007.
Karthik Pattabiraman, Peter F. Klemperer, Shelley Chen, Zbigniew Kalbarczyk and Ravi Iyer, An automated end-to-end approach for deriving application-aware error detectors and their hardware implementation, Technical Report, University of Illinois (Urbana-Champaign), June 2007.
Ravishankar Iyer, Zbigniew Kalbarczyk, Karthik Pattabiraman, Wen- Mei Hwu, William Healey, Peter Klemperer and Reza Farivar, Towards Application-aware Security and Reliability, IEEE Security and Privacy Magazine, Jan 2007.
Peter Klemperer, Shelley Chen, Karthik Pattabiraman, Zbigniew Kalbarczyk and Ravishankar Iyer, FPGA Hardware Implementation of Statically Derived Application- aware Error Detectors, Workshop on Dependable and Secure Nano-computing (WDSN), Held in conjunction with the International Conference on Dependable Systems and Networks, 2007. (Presenter)