Welcome Seminar

Date/Time: Monday, August 28th, 4:10 p.m - 5:00 p.m. in Barnard Hall 108
Facilitator: Dr. John Paxton

Driving Data Science for National Security Missions

Date/Time: Monday, September 18that 4:10 p.m. in Barnard 108
Speaker: Dr. Aaron Luttman, Senior Technical Advisor at Pacific Northwest National Laboratory [PNNL] & Guest Instructor at Montana State University
Data Science – and modern machine learning in particular – has become ubiquitous in business and industry, but it also has the potential to revolutionize the way the US and other nations approach their national security. In the US, in particular, the government is funding Artificial Intelligence and Machine Learning (AIML) research, development, and operationalization across all branches and agencies, including the military and homeland security. In this presentation, we will highlight some AIML advances from the US National Laboratory complex to demonstrate how advanced AIML research can contribute to national defense. We will also discuss opportunities here at Montana State University (including through CSCI 494) to learn more, get involved, and pursue careers in national security data science.

Brief Bio: Dr. Luttman began his career working in industry at a startup company focused on computer vision, then turned to academic research as a professor of mathematics at Clarkson University. He joined the US Department of Energy research complex at the Nevada National Security Site, leading a team of engineers and scientists in the development and deployment of diagnostic systems for explosives-driven experiments. Aaron is now a researcher and technical advisor at Pacific Northwest National Laboratory as well as adjunct faculty in the Gianforte School of Computing at Montana State University.

Title To Be Determined

Date/Time: Monday, November 13that 4:10 p.m. in Barnard 108
Speaker: Dr. Francisco Ortega
Brief Bio: TBD

End-of-Year Awards Seminar

Date/Time: Monday, May 1stat 4:10 p.m. in Barnard 108

Overview: Everyone will have a chance to share a significant accomplishment from this past year, as well as something that they look forward to doing this summer.  The following award winners, as well as Honorable Mentions will also be announced: Outstanding Undergraduate Course Assistant, Outstanding Graduate Teaching Assistant, Outstanding Undergraduate Researcher, Outstanding M.S. Researcher and Outstanding Ph.D. Researcher.  Food and beverages will be present!

Understanding and Improving Secure Development from a Human-Centered Perspective

Date/Time: Monday, March 20that 4:10 p.m. in Barnard 108
Speaker: Kelsey Fulton, PhD candidate University of Maryland
Secure software development remains a difficult and expensive task. In order to make progress, it is important to understand the human and organizational factors that help – or harm – secure development processes. My work aims to understand these factors through the use of qualitative and quantitative methodology, including interviews, large-scale surveys, and code review for vulnerabilities. In this talk, I will highlight how and why developers introduce vulnerabilities, as well as why current secure tooling, interventions, and organizational processes fail developers and security professionals and how we can improve them. First, I will discuss why and how developers introduced, found, and fixed different types of vulnerabilities, empirically uncovering an overwhelming need for investment in tooling or processes that can uncover and correct conceptual misunderstandings of security concepts. Then, I will present two studies exploring current issues with secure tooling and security communities through the use of interviews and a survey. Going forward, I plan to study the security assumptions developers make in order to improve security tooling, processes, and resources.

Brief Bio: Kelsey Fulton is a sixth year PhD candidate at the University of Maryland. Their research applies a human-centric approach to secure software development with an emphasis on mental models and processes of software developers and the usability and improvement of secure development tools. Their work has been published in top security conferences and recognized with a best paper award at the USENIX Security Symposium. They received their master's degree in computer science from University of Maryland in 2019 and their bachelor's degree in computer science and mathematics from Millersville University in 2017.

Practical Adversarial Malware Example Attacks and Defenses

Date/Time: Monday, March 6that 4:10 p.m. in Barnard 108
Speaker: Dr. Fangtian Zhong, Assistant Professor - University of Central Missouri
Abstract: Machine Learning allows computers to learn from experience and understand the world in terms of a hierarchy of concepts, each being defined through its relations to more straightforward concepts. Extensive and beautiful prospects for the global machine learning market spur the development of various applications in language translation, image recognition, social media, speech recognition, malware detection, etc. Unfortunately, it also stimulates the potential of sophisticated adversaries to attack them. Nevertheless, there is no practical adversarial malware example to successfully attack a collection of third-party black-box malware detectors in the real world since they combine machine learning techniques with classical techniques. Additionally, whether static or dynamic, existing methods for malware classification suffer from stubborn knowledge barriers, limited computing resources, and conservative feasibility. In this presentation, I will apply machine learning to reinforce the capacity of malware to attack anti-virus products and improve the defensive performance of malware detectors effectively and efficiently.

Brief Bio: Dr. Fangtian Zhong received his Ph.D. from George Washington University in 2021. After that, he worked as a postdoctoral scholar at The Pennsylvania State University and The University of Notre Dame. He is currently a tenure track assistant professor at the University of Central Missouri. His research primarily focuses on software security, program analysis, and machine learning for cybersecurity. He has published research papers at highly reputable venues, including IEEE TC, IEEE IoTJ, Computers & Security, ACM CIKM, etc.

Rank-based Losses in Robust Machine Learning

Date/Time: Friday, March 3rd at 4:10 p.m. in Barnard 347
Speaker: Shu Hu, Post-Doctoral Fellow at Carnegie Mellon University
In forming learning objectives, one often times needs to aggregate a set of individual values into a single output. The ranking order reflects the most fundamental relation among individual values in designing losses. Such cases occur in the aggregate loss, which combines individual losses of a learning model over each training sample, and in the individual loss for multi-label learning, which combines prediction scores over all class labels. In this talk, I will discuss the importance of designing robust models through the use of rank-based losses in standard training.  Specifically, I will introduce the AoRR aggregate loss for binary/multi-class classification at the sample level and the TKML individual loss for multi-label/multi-class classification at the label level, respectively. Furthermore, I will present rank-based methods for creating adversarial perturbations (TKML-AP) that can be used to attack top-k multi-label learning-based image annotation systems. By utilizing these methods, we can verify the vulnerabilities of these systems.Lastly, I will discuss how to extend the AoRR loss to adversarial training and introduce the Outlier Robust Adversarial Training (ORAT) method. ORAT is designed to be robust in the face of low-quality training data and potential adversarial attacks at inference time. By using these rank-based losses, we can create more robust and secure models that are better equipped to handle a wide range of challenges in real-world applications.

Brief Bio: ShuHu is currently a Post-Doctoral Fellow at Carnegie Mellon University. He obtained his Ph.D. degree from University at Buffalo, SUNY in 2022. Before that, he received his M.A. degree in Mathematics from University at Albany, SUNY in 2020, and his M.Eng. degree in Software Engineering from the University of Science and Technology of China in 2016. His research interests include Machine Learning, Digital Media Forensics, Cybersecurity, and Computer Vision. He published more than 21 papers at top-tier conferences and leading journals, including NeurIPS, ICCV, AAAI, Journal of Machine Learning Research, Pattern Recognition, Computer Networks, etc. He is the recipient of the Machine Intelligence Research Outstanding Reviewer Award (2023), SUNY Buffalo's CSE Best Ph.D. Dissertation Award (2022), SUNY Buffalo's Honorable Mention Award of Agrusa CSE Student Innovation Competition (2021), and first place in the graduate poster competition (2020) at SUNY Buffalo. His GAN-generated face detection works have been highlighted by several media, such as BBC and WKBW-TV.

Proof Blocks: Autogradable scaffolding activities for learning to write proofs

Date/Time: Tuesday, February 21st, 4:10 p.m. - 5:00 p.m. in Barnard Hall 108
Speaker: Seth Poulsen, PhD Candidate inComputer Scienceat the University of Illinois Urbana-Champaign
Writing mathematical proofs is one of the most important and difficult skills that students must learn in computing theory. Proof Blocks is a software tool that provides students with a scaffolded proof-writing experience: students drag and drop prewritten proof lines into the correct order instead of starting from scratch. This helps students identify parts of proofs and how to construct an argument from those parts. Additionally, students receive immediate feedback on their work. We have shown that Proof Blocks problems are an effective learning tool, helping students learn proof by induction faster than writing proofs from scratch. We have also shown that they are effective as test questions, allowing accurate measurement of student knowledge. Proof Blocks are graded using a novel algorithm which efficiently calculates the shortest edit sequence from a student submission to any topological sort of the directed acyclic graph that represents the logical structure of the proof

The Practitioners’ Point of View on the Effects of Technical Debt

Date/Time: Monday, February 13th, 4:10 p.m. - 5:00 p.m. in Barnard Hall 108
Speaker: Dr. Rodrigo Spínola, Associate Professor in the Department of Computer Science at Virginia Commonwealth University
Technical debt (TD) contextualizes the problem of pending software development tasks as a type of debt that brings a short-term benefit to the project, usually in terms of increased development speed or shortened time to market, but which may have to be paid with interest later in the development process. It is common for a software project to incur debt during its development. However, its presence brings risks to the project and makes it difficult to manage. TD can affect projects in different ways. Having information about the possible effects of TD could aid the prioritization of TD items to pay off by supporting a more precise impact analysis and the identification of corrective actions to minimize possible negative consequences for the project. In this talk, I will present results from the InsighTD Project (a globally distributed family of industrial surveys on TD) on the effects of TD. Also, I will discuss how the set of effects was organized into probabilistic cause-effect diagrams, which represent knowledge about the common effects of the presence of the debt. Finally, as TD potentially occurs as a result of poor decisions that affect software development tasks, one might expect that practitioners following different process models, such as agile, hybrid or traditional, perceive and manage the effects of TD differently. In this talk, I will also discuss the potential relationship between development process models and TD effects.

Brief Bio: Dr. Rodrigo Spínola (www.rodrigospinola.com) is an Associate Professor in the Department of Computer Science at Virginia Commonwealth University, where he leads the Technical Debt Research Team (www.tdresearchteam.com). Previously, he was a Professor of Software Engineering at Salvador University in Brazil (2013-2022). From 2011 to 2012, he was a visiting researcher at the University of Maryland Baltimore County and the Fraunhofer Center for Experimental Software Engineering. He holds PhD and MS degrees from the Federal University of Rio de Janeiro.

My general research interests lie in the areas of Technical Debt in Software Projects, Empirical Software Engineering, and Intelligent Software Solutions for the Health domain. My research focuses on topics including: technical debt management, software quality assurance, software evolution, and software engineering education. In 2021, Prof. Spínola was mentioned by a study published in the Journal of Systems & Software as one of the Top 10 Most Impactful Software Engineering Researchers at the consolidators level (2013-2020). Also, he received the Research Productivity Distinction Grant from the Brazilian National Research Council, an award given to the most productive researchers in their research areas in Brazil.

Prof. Spínola has about 95 papers disseminated in some of the most important peer reviewed conferences and journals of the area. He also commonly reviews scientific papers for prestigious journals like the Information and Software Technology, Journal of Systems and Software, and IEEE Transactions on Software Engineering.

Uncovering Structure in Social Networks / Interprocedural Binary Analysis for Computer-Human Collaboration

Date/Time: Monday, January 23rd, 4:10 p.m. - 5:00 p.m. in Barnard Hall 108
Speaker: Matt Revelle, Senior Principal Research Scientist, Kudo Dynamics LLC
This presentation highlights techniques developed to address two broad objectives: the uncovering of structure in social networks; and the managing of complexity in binary reversing engineering and vulnerability research.

Social networks are defined by relationships between people and permeate all aspects of human life. Improving our understanding of the structure and dynamics of networks enhances our knowledge of many human systems. I present my contributions to the specific tasks of community detection and community evolution prediction. Community detection in networks is a complex problem with many proposed solutions. Existing methods frequently make use of edge density and node attributes; however, the methods ultimately have different definitions of community and build strong assumptions about community features into their models. I propose a new method for community detection, which estimates both per-community feature distributions (topics) and per-node community membership. The method includes only two basic assumptions about community structure: communities are densely connected and have a small network diameter.

Communities in social networks evolve over time as nodes enter and leave the network and their activity behaviors shift. I present a novel graph attention network architecture for predicting community evolution events based on group-node attention. Group-node attention enables support for variable-sized inputs and learned representation of groups based on member and neighbor node features, including temporal information.

As software systems continue to become more prolific, the frequency and potential impact of unknown software vulnerabilities also increases. The reverse engineering of program binaries is often necessary for identifying and understanding software vulnerabilities, and improving the performance of reverse engineers is a crucial component in securing computer systems. Semi-automated analysis workflows which allow reverse engineers to direct automated analyses can improve efficiency and enable the use of analyses that are intractable when applied to a whole program. I present a new software framework for interprocedural binary analysis that supports the interactive construction of interprocedural control-flow graphs (ICFGs). These ICFGs provide a workspace for program exploration and automated simplifications through context- and flow-sensitive analysis.

Brief Bio: Dr. Matthew Revelle is a Senior Principal Research Scientist at Kudu Dynamics and holds a PhD in Computer Science from George Mason University. He has over 20 years of computer science experience, including 10 years of experience in automated and manual vulnerability research, program analysis, reverse engineering, and computer network operations (CNO) development. His doctoral research was in the use of machine learning and data mining for uncovering structure in social networks. Dr. Revelle is currently a principal investigator on the Hardening Development Toolchains Against Emergent Execution Engines program under the Defense Advanced Research Projects Agency (DARPA) and previously supported several other DARPA programs. His research at Kudu Dynamics has included the use of type systems for vulnerability discovery in program binaries, interactive context- and flow-sensitive analysis for computer-human collaboration in vulnerability research, and machine learning to steer automated vulnerability discovery.

Seminars from 2022.