Minzhe Guo

Controller Placement for Improving Resilience of Software-Defined Networks

Software-defined Network (SDN) is a new architectural framework for networking that decouples control plane from data plane and provides a programmatic interface to network control. SDN enables innovations of networking technologies for Internet and data centers today in order to ease the management of the highly dynamic and complex infrastructure, to support the fine-grained traffic engineering, and to better address the mobility of virtual machines, services, and end-points. However, SDN itself opens many unanswered questions regarding reliability, performance, and security. Controller placement is a critical problem in SDN that may affect many aspects of SDN. This work introduces the use of interdependence network analysis to study the controller placement for network resilience, designs a new resilience metric, and proposes a solution to improve resilience.

A Cloud-based Cyberlearning Environment for Introductory Computing Programming Education

Cloud computing has tremendous potential to meet the current needs of cyber-education. This paper presents a work-in-progress work to promote personalized and collaborative learning in computer science introductory programming courses through the design and development of a live and interactive cloud learning environment.

Diverse virtual replicas for improving intrusion tolerance in cloud

Intrusion tolerance is important for services in cloud to continue functioning while under attack. Byzantine fault-tolerant replication is considered a fundamental component of intrusion tolerant systems. However, the monoculture of replicas can render the theoretical properties of Byzantine fault-tolerant system ineffective, even when proactive recovery techniques are employed. This paper exploits the design diversity available from off-the-shelf operating system products and studies how to diversify the configurations of virtual replicas for improving the resilience of the service in the presence of attacks. A game-theoretic model is proposed for studying the optimal diversification strategy for the system defender and an efficient algorithm is designed to approximate the optimal defense strategies in large games.

Design of Online Runtime and Testing Environment for Instant Java Programming Assessment

In this paper we present an innovative online instant assessment system for interactive teaching and student’s active and collaborative learning introductory Java programming in CS1. This system is designed to facilitate the interaction between the instructor and students, the collaboration between students, and enhance the student’s “learning by doing” active learning model for the CS1 introductory programming course. This novel Java online virtual server engine provides not only a timely controlled environment for the synchronous delivery of interactive teaching and learning modules with instant assessment of student progress in classroom but it also provides a asynchronous off class self-study supplemental environment for student independent learning.

Authentic learning of mobile security with case studies

This work-in-progress paper presents an approach to authentic learning of mobile security through real-world-scenario case studies. Five sets of case studies are being developed to cover the state-of-the-art of mobile security knowledge and practices. Some of the developed case studies are being implemented in related courses and the preliminary feedback is positive.

Work in progress: Real world relevant security labware for mobile threat analysis and protection experience

To address the need for innovative mobile security learning materials and for promoting mobile security education, this paper presents our work-in-progress effort on developing a real-world relevant security labware to provide students with mobile threat analysis and protection experience. A preliminary evaluation has been conducted on the pilot labs and positive feedback has been received.

A hybrid approach for mobile security threat analysis

Research on effective and efficient mobile threat analysis becomes an emerging and important topic in cybersecurity research area. Static analysis and dynamic analysis constitute two of the most popular types of techniques for security analysis and evaluation; nevertheless, each of them has its strengths and weaknesses. To leverage the benefits of both approaches, we propose a hybrid approach that integrates the static and dynamic analysis for detecting security threats in mobile applications. The key of this approach is the unification of data states and software execution on critical test paths. The approach consists of two phases. In the first phase, a pilot static analysis is conducted to identify potential critical attack paths based on Android APIs and existing attack patterns. In the second phase, a dynamic analysis follows the identified critical paths to execute the program in a limited and focused manner. Attacks shall be detected by checking the conformance of the detected paths with existing attack patterns. The method will report the types of detected attack scenarios based on types of sensitive data that may be compromised, such as web browser cookie.

Enhancing the information assurance and security (IAS) in CS education with mobile-device based hands-on labs

To enhance the Information Assurance and Security in computer science (CS) education and to prepare students for the challenges of security issues, this paper presents our ongoing work on developing mobile-based hands-on security learning modules that will be integrated into existing courses in CS curriculum.

Mobile device based authentic learning for computer network and security

Computer networking/security courses are essential parts of college computer science curriculum, and hands-on networking/security experience is well recognized as an effective approach to help students understand better about the network concepts, the layered architecture of network protocols, and network security. A new affordable and easily-adoptable approach to networking/security labs is desirable to enhance network teaching and learning. In this paper, we present our mobile device-based hands-on labware for computer network/security learning, which is guided by authentic learning principles to immerse students in a real world relevant learning environment. The developed labware has been used in various networking and security related courses, and students claim that they can learn more with the hands-on authentic learning experience.

A smart routing scheme for wireless sensor networks

In this paper, we present a smart energy routing scheme for wireless sensor networks in order to improve the overall energy efficiency and the reliability in the network. Preliminary experiments have been conducted in the experiment environment and show a promising result. In the future, we will continue to improve the scheme and conduct more and longer experiments to precisely measure the benefits of our scheme.