CISE Faculty Seminar: Eric Pauley

Details

Zoom Link: https://ufl.zoom.us/j/95787788295

Biography: MadisonEric Pauley is a Ph.D. candidate at the University of Wisconsin–Madison, advised by Patrick McDaniel. His research interests encompass data-driven approaches to evaluating and improving the security of networked software systems, with a particular focus on cloud computing. His work has led to practical improvements in the security of cloud-based systems through both remediations by major providers and services offered by his company, DScope Security. His research in security measurement has earned best paper runner-up at the ACM Internet Measurement Conference, a finalist spot in the CSAW Applied Research Competition, and the UW–Madison Computer Sciences Outstanding Graduate Researcher Award. Eric is also an avid backpacker, instrument-rated private pilot, and birder.

Title of the Talk: Leveraging the Wisdom of Clouds for Internet Security

Abstract: Over the past decade, networked systems have consolidated under just a handful of hyper-scale cloud providers (e.g., AWS, Azure). While this offers logistical and economic advantages, attackers specifically target providers and their customers, a shift that has left traditional network vantage points blind to the most sophisticated adversaries. In this talk, I’ll explore how we adapt Internet measurement to these new deployment models to regain situational awareness and defend modern service deployments. I’ll introduce DScope, a new Internet telescope that continuously relocates its vantage point across the public cloud infrastructure. Unlike prior approaches that use a fixed vantage point, this allows us to observe the most sophisticated attackers that actively avoid existing measurement infrastructure. Our dynamic approach also achieves a statistically representative view of cloud-based attacks, a property that we prove for the first time. Using data from DScope, I’ll also discuss how the shared networking environment of public clouds leads to new vulnerabilities. We’ll examine the problem of latent configuration, which occurs when cloud customers reference network resources that other tenants then reuse. Public clouds uniquely enable this new security risk, but through rigorous analysis and systems design, we can make cloud deployments more secure in practice. I’ll conclude by discussing open problems and future work in leveraging Internet vantage points for security, with a focus on intelligent interactivity and rapid response to emergent threats.