Northeastern University College of Computer and Information Science Fri, 29 Aug 2014 18:57:59 +0000 en-US hourly 1 New Study: Activists Pose Easy Target for Nation-State Attackers Fri, 22 Aug 2014 17:26:07 +0000

Lean operations and a lack of technical staff make non-governmental organizations a prime, and relatively soft, target for well-funded adversaries, according to an academic study of a four-year campaign targeting one such group.

In a paper to be delivered at the USENIX Security Conference next week, six academic researchers analyzed nearly 1,500 suspicious e-mail messages targeting the World Uyghur Congress (WUC). The team found that, while the malware managed to reliably evade detection by many antivirus programs, the attacks were relatively unsophisticated, using known vulnerabilities that had already been patched. The social engineering tactics, however, were very targeted and convincing, with the majority written in the native language, referring to events of interest to the NGO and appearing to come from known contacts, said Engin Kirda, a professor of computer science at Northeastern University and a co-author of the paper.

“You read about sophisticated attacks, but the malware that we analyzed was pretty standard,” Kirda said. “It was not some ground breaking obfuscation or malware.”

Kirda collaborated with three researchers from the Max Planck Institute for Software Systems and two others from the National University of Singapore on the project. The research underscores that attackers only use the level of technical sophistication necessary to complete their operation, Kirda said.

Unfortunately, non-governmental organizations tend to be vulnerable to attack. The WUC, which advocates on issues involving the Uyghur Euroasian minority of 10 million people in China, used older versions of Windows, relied on antivirus software, and lacked the technical sophistication found in many enterprises. The group is funded, in part, by the US-based National Endowment for Democracy.

“The lack of resources is always a problem,” Kirda said. “Our aim should be to create technology that will trickle down to people and protect them more completely.”

Almost half the attacks used a real organizational event, such as a conference, as a lure to convince a target to open the attachments. Of the nearly 1,500 e-mails analyzed by the researchers, nearly 1,176 contained malicious attachments, mainly Office documents. The e-mails targeted more than 700 people at 108 different organizations through carbon-copied recipients, including the Australian Uyghur Association, Radio Free Asia, and NASA Jet Propulsion Laboratory.

Unlike the trend in opportunistic attacks, which generally target vulnerabilities in Java browser plugins, the WUC’s attackers started the campaign in 2009 by attaching PDF files with exploits that would compromise systems through Adobe’s Acrobat. Soon after, however, the attackers switched to using Microsoft Office documents, which constituted the vector for the lion’s share of attacks analyzed by the researchers.

The WUC has suffered a number of disruptive attacks in the past five years, including a two-week denial-of-service attack on its website in 2011 and a flood of phone calls and more than 15,000 spam messages in a single week.

About a quarter of the attacks matched the signatures of other operations attributed to nation-state actors, Kirda said. Despite some of the attacks being more than four years old, no antivirus program detected all the malware.

Organizations that believe they could be targeted by such attacks should take more concrete steps to protect themselves. Upgrading systems to more modern operating systems and regularly patching those systems can help immensely, Kirda said.

“Make sure you have all the updates; make sure you use a browser that is not standard; and pursue more training—talk about the threat,” he said.

Article from

]]> 0
Carla Brodley Appointed Dean of the College of Computer and Information Science Fri, 22 Aug 2014 13:12:54 +0000 Carla Brodley

North­eastern Uni­ver­sity has appointed Dr. Carla E. Brodley as dean of the Col­lege of Com­puter and Infor­ma­tion Sci­ence, effec­tive Aug. 1, 2014.

Brodley comes to North­eastern from Tufts Uni­ver­sity, where she is cur­rently pro­fessor of com­puter sci­ence with a sec­ondary appoint­ment in the Clin­ical and Trans­la­tional Sci­ence Insti­tute of the Tufts Med­ical Center. From 2010 through 2013 she chaired the Depart­ment of Com­puter Sci­ence at Tufts.

She is an inter­na­tion­ally rec­og­nized researcher in machine learning and knowl­edge dis­covery in data­bases who has applied her exper­tise to prob­lems in per­son­al­ized and evidence-​​based med­i­cine, med­ical imaging, neu­ro­science, remote sensing, and com­puter secu­rity. A widely pub­lished scholar, her research has been funded by a wide range of fed­eral agen­cies, cor­po­ra­tions and foun­da­tions, among them the National Sci­ence Foun­da­tion, the National Insti­tutes of Health, NASA, DARPA, IBM, and the Mul­tiple Scle­rosis Society.

A leader in com­puting research, Dr. Brodley’s achieve­ments have con­tributed greatly to the advance­ment of the changing field of com­puter sci­ence,” said Stephen W. Director, provost and senior vice pres­i­dent for aca­d­emic affairs. “An accom­plished leader and scholar, she will take Northeastern’s lead­er­ship in com­puter sci­ence to the next level-​​both within and beyond CCIS.”

Brodley serves on the boards of the Inter­na­tional Machine Learning Society and DARPA’s Infor­ma­tion Sci­ence and Tech­nology Board. Among her many pro­fes­sional recog­ni­tions, she has received an NSF CAREER Award and mem­ber­ships to the Defense Sci­ence Study Group of DARPA and the AAAI Exec­u­tive Council.

North­eastern is a uni­ver­sity on the move and I am thrilled to be joining as the next dean of the Col­lege of Com­puter and Infor­ma­tion Sci­ence,” Brodley said. “In today’s infor­ma­tion driven age it is more impor­tant than ever to inte­grate com­puting and infor­ma­tion sci­ence into every aca­d­emic field. I look for­ward to working with fac­ulty, staff, and stu­dents to build upon the great momentum that has already made CCIS one of the nation’s most exciting inter­dis­ci­pli­nary colleges.”

She is also a member of the edi­to­rial boards of Machine Learning, Journal of Machine Learning Research, and Data Mining and Knowl­edge Dis­covery. She is co-​​chairing the 2014 con­fer­ence of the Asso­ci­a­tion for the Advance­ment of Arti­fi­cial Intel­li­gence and from 2008–2011 co-​​chaired the Com­mittee on the Status of Women in Com­puting Research.

Brodley was awarded the bachelor’s degree in math­e­matics and com­puter sci­ence from McGill Uni­ver­sity in 1985 and earned her doc­torate in com­puter sci­ence from the Uni­ver­sity of Mass­a­chu­setts at Amherst in 1994. Prior to joining Tufts, she was on the elec­trical and com­puter engi­neering fac­ulty at Purdue Uni­ver­sity, where she was hon­ored with the Ruth and Joel Spira Out­standing Teacher award in 1998. In 2010, the Uni­ver­sity of Mass­a­chu­setts rec­og­nized Brodley with the Alumni award for Out­standing Educator.

In an email to the fac­ulty of CCIS, Director thanked Larry Finkel­stein for his out­standing con­tri­bu­tions as dean of the col­lege for 12 years. “Larry’s ded­i­ca­tion to the col­lege and to the uni­ver­sity, in addi­tion to his strong lead­er­ship throughout his tenure as dean, has been key in helping the col­lege achieve the level of excel­lence it enjoys today,” he wrote.

]]> 0
A Virtual Outbreak Offers Hints Of Ebola’s Future Fri, 15 Aug 2014 14:57:20 +0000 Kenyan health officials take the temperatures of passengers arriving at the Nairobi airport on Thursday. Kenya has no reported cases of Ebola, but it's a transportation hub and so is on alert.While the Ebola outbreak continues to rage in West Africa, it is also unfolding — in a virtual sense — inside the computers of researchers who study the dynamics of epidemics.

Policymakers look to these simulations to get a sense of how the outbreak might spread. They also can use them to run experiments to see which public health measures should take priority.

“I’ve spent a lot of time doing computer models of disease transmission, but rarely does it involve something in Africa. Africa is often overlooked,” says Bryan Lewis, a computational epidemiologist at Virginia Tech.

So when a defense agency called him a few weeks ago and asked him to model the Ebola outbreak, he was excited by the challenge.

Lewis started plugging data into his computer. He uses the official numbers of how many people have died or gotten infected, even though those are probably underestimates. And he says health officials really don’t have a handle yet on other important stuff that’s going on — like how many infected people stay at home versus go to a hospital, or how burial practices spread infection.

“Some of those factors are the ones that are hard to measure,” he says. “You’ve got to choose how much of this complexity you care to explicitly represent.”

What’s more, they can’t assume this will play out like past Ebola outbreaks — those hit much smaller populations in more isolated, rural areas.

Despite all this uncertainty, Lewis says his models have been able to predict the course of the epidemic so far.

“At the moment, these models — at least for Sierra Leone and Liberia — we aren’t putting in any mitigating factors. We’re just letting these things run unthrottled,” Lewis says. “And they’ve just been surging up. And they’ve been, unfortunately, accurate in the last couple of weeks in terms of the number of cases coming out.”

He says if you just kept this simulation going on and on, it shows Ebola spreading across the continent. But this scenario he’s constructed doesn’t include all the public health measures starting to ramp up now.

“We know in the real world there are efforts being directed out there, there are resources being allocated,” says Lewis. “Until we understand that better and can incorporate that into the model, I don’t think it’s very useful to speculate out past a week or two.”

Some computer simulations focus on the risk of Ebola spreading to other countries. Alessandro Vespignani, at Northeastern University with joint appoint­ments in the Col­lege of Sci­ence and the Col­lege of Com­puter and Infor­ma­tion Sci­ence, creates those models, using information about air travel and other kinds of transportation.

His work suggests that Ebola could find its way to African nations like Ghana, Gambia, and Senegal. “There is a tangible risk of spreading in the region to other countries,” says Vespignani, “probably in the ballpark of 20 to 30 percent in the next few weeks.”

He notes poor countries might have trouble keeping an imported case from spreading. And the larger this outbreak gets, the harder it will be to contain.

So while his model currently suggests that the risk of Ebola reaching the U.S. or Europe in the next six weeks or so is very small — just a small percentage — that could change if the outbreak in Africa continues to grow.

Vespignani says we need “to extinguish the fire,” so that Ebola doesn’t really become a threat to the rest of the world in the next months.

Given that all this modeling is as much an art as a science, different groups working on the problem have been comparing notes. They’ve also been fielding calls from government officials and policymakers.

Martin Meltzer, who heads up the unit at the Centers for Disease Control and Prevention that’s been creating computer models of the outbreak, says that people always ask him the same two questions: “How many people are going to die, and when is this going to end?”

He tells them too much is unknown to give any reliable answer.

Mostly, he says, the models just illustrate the need for old, tried-and-true methods for disease control, such as quickly identifying patients and isolating them.

“Modeling won’t stop this disease,” says Meltzer. “We know how to stop this disease. It’s fairly simple and it’s a matter of getting the simple activities and practices in action — in place, on the ground.”

That’s the struggle now, he says. Because while it’s easy to change a line of computer code in a simulated epidemic and, say, reduce a transmission rate by 80 percent, it’s a lot harder to do that in the real world.

Listen to the story at

]]> 0
New Algorithm Gives Credit Where Credit is Due Fri, 15 Aug 2014 14:49:26 +0000 Robert Gray Dodge Chair Installation Ceremony: Laszlo Barabasi

It makes sense that the credit for sci­ence papers with mul­tiple authors should go to the authors who per­form the bulk of the research, yet that’s not always the case.

Now a new algo­rithm devel­oped at Northeastern’s Center for Com­plex Net­work Research helps sheds light on how to prop­erly allo­cate credit.

The research was pub­lished this month in Pro­ceed­ings of the National Academy of Sci­ences in a paper co-​​authored by Hua-​​Wei Shen, a vis­iting scholar at North­eastern and asso­ciate pro­fessor at the Insti­tute of Com­puting Tech­nology at the Chi­nese Academy of Sci­ences, and Albert-​​László Barabási, the Robert Gray Dodge Pro­fessor of Net­work Sci­ence and a Dis­tin­guished Uni­ver­sity Pro­fessor at Northeastern.

Using the algo­rithm, which Shen devel­oped, the team revealed a new credit allo­ca­tion system based on how often the paper is co-​​cited with the other papers pub­lished by the paper’s co-​​authors, cap­turing the authors’ addi­tional con­tri­bu­tions to the field.

The idea behind this is that based on an author’s pre­vious line of work, people have a per­cep­tion of where the credit lies,” explained Barabási, the director of the Center for Com­plex Net­work Research. “And the algorithm’s goal is simply to extract that perception.”

To test its hypoth­esis, the team looked at Nobel prize-​​winning papers in which the Nobel com­mittee and the sci­ence com­mu­nity decided to whom the pri­mary credit for a dis­covery should go. In 81 per­cent of the papers related to physics, chem­istry, and med­i­cine that they looked at, the credit allo­ca­tion algo­rithm found that the authors deserving of the most credit cor­re­sponded to the Nobel laureate.

In all, the team looked at 63 prize-​​winning papers using the algo­rithm. In another finding, the algo­rithm showed physi­cist Tom Kibble, who in 1964 wrote a research paper on the Higgs boson theory, should receive the same amount of credit as Nobel prize win­ners Peter Higgs and François Englert.

A world-​​​​renowned net­work sci­en­tist, Barabási has joint appoint­ments in the Col­lege of Sci­ence and the Col­lege of Com­puter and Infor­ma­tion Sci­ence at North­eastern. The paper builds upon his research in the sci­ence of suc­cess, which uses a math­e­mat­ical model for quan­ti­fying the long-​​term suc­cess of indi­vidual researchers.

Barabási explained that the tra­di­tional system of credit allo­ca­tion varies depending on the field of research, and being the first author listed on a paper does not mean that person would receive the most credit. In biology, for example, the authors listed first and last on a paper are gen­er­ally the one’s who receive credit while in physics the author list is often alphabetical.

If you are not an insider in the field, you have absolutely no idea who should get the credit for the paper,” Barabási said.

While the sci­ence com­mu­nity is usu­ally cor­rect when allo­cating credit to authors, some­times credit can go to the wrong person. In their paper, the researchers wrote that “the ability to accu­rately mea­sure the rel­a­tive credit of researchers could poten­tially impact hiring, funding, and promotions.”

Barabási also noted this new algo­rithm could help pro­fes­sors from dif­ferent dis­ci­plines who col­lab­o­rate on a research paper deter­mine to whom the com­mu­nity would credit the paper.

]]> 0
Researchers Aim to Thwart Targeted Cyberattacks Wed, 13 Aug 2014 13:00:22 +0000 Engin Kirda

When it comes to Internet attacks, hackers have tra­di­tion­ally taken a blanket approach, sending out mal­ware to large, random groups of people and hoping that some­thing would stick. But in recent years, the stan­dard oper­ating pro­ce­dure has shifted.

In the past we used to see these oppor­tunistic attacks where people get ran­domly attacked on the Internet,” said North­eastern pro­fessor Engin Kirda, a cyber­se­cu­rity expert who holds joint appoint­ments in the Col­lege of Com­puter and Infor­ma­tion Sci­ence and the Depart­ment of Elec­trical and Com­puter Engi­neering. “But lately we’ve seen orga­ni­za­tions and some­times even coun­tries specif­i­cally tar­geting an orga­ni­za­tion with the aim of indus­trial espionage.”

In ground­breaking new research to be pre­sented at the top-​​tier USENIX Secu­rity con­fer­ence this month, Kirda and his col­lab­o­ra­tors at the Max Plank Insti­tute in Ger­many and the Uni­ver­sity of Sin­ga­pore ana­lyzed what they called tar­geted, sophis­ti­cated attacks via email against a non­govern­mental orga­ni­za­tion in China called the World Uyghur Con­gress. The WUC rep­re­sents a large ethnic minority in China and was the victim of sev­eral sus­pected tar­geted attacks over the course of sev­eral years.

What they found was that “the lan­guage and sub­ject matter of mali­cious emails were intri­cately tai­lored to appear familiar, normal, or friendly,” in which the sender was imper­son­ating someone else to lure the recip­ient into opening an attach­ment or URL. As Kirda put it, “all hall­marks of social engineering.”

People started talking about this five, six years ago, but we didn’t see a lot of evi­dence of tar­geted attacks,” said Kirda, who directs Northeastern’s Insti­tute for Infor­ma­tion Assur­ance. “Now we’re seeing it a lot. So people know these things are hap­pening but in terms of sci­en­tific results, there wasn’t much out there because it’s dif­fi­cult to get the data.”

For their study, the NGO offered to share data directly with the researchers: Two vol­un­teers from the com­pany offered up more than 1,000 sus­pi­cious emails that were also sent to a total of more than 700 unique email addresses, including top offi­cials at the orga­ni­za­tion as well as jour­nal­ists, politi­cians, aca­d­e­mics, and employees of other NGOs.

In the new research, the team used soft­ware devel­oped at Las­tine—a secu­rity com­pany Kirda co-founded—as well as other tech­niques to iden­tify some key fea­tures of the WUC attacks. They found that social engi­neering was crit­ical to the attackers’ ability to gain access to vic­tims’ accounts; the sus­pi­cious emails were sent from com­pro­mised accounts within the com­pany or sported email addresses that dif­fered from friendly addresses by a single char­acter or two. Most of the mes­sages sent to WUC and others were in the Uyghur lan­guage, and about a quarter were in English.

They also dis­cov­ered that the vec­tors through which the mal­ware was deliv­ered were most often attached doc­u­ments, rather than ZIP files or EXE files, which were recently reported as the most common vec­tors by recent cyberes­pi­onage reports. In addi­tion, the mal­ware that was deliv­ered to the vic­tims was found to be quite sim­ilar to that used in other recent tar­geted attacks, rather than rep­re­senting so-​​called “zero-​​day mal­ware,” which is mal­ware that has never been observed before.

Kirda noted that stan­dard mal­ware detec­tion soft­ware is insuf­fi­cient for detecting tar­geted attacks because it looks at the sus­pi­cious doc­u­ments as static enti­ties after they’ve per­formed the attack. As a case in point, the research team ana­lyzed the entire body of existing mal­ware detec­tion soft­ware for its ability to detect the mali­cious attach­ments in the email corpus from WUC. No single soft­ware detected all of the mal­ware used in the tar­geted attacks and some mal­ware evaded all of the soft­ware ana­lyzed. Since tar­geted attacks uti­lize sophis­ti­cated mal­ware that can adapt to its envi­ron­ment, more sophis­ti­cated detec­tion tech­niques must be used instead, Kirda said.

In an effort to address that problem, his team at Last­line devel­oped soft­ware that is able to ana­lyze mal­ware “on the fly”—to observe it in action and see if it behaves sus­pi­ciously. While more research must be done to broaden the scope, the cur­rent work rep­re­sents an impor­tant first step in ana­lyzing the new wave of tar­geted attacks taking place around the globe.

Under­standing such attacks, Kirda said, is crit­ical to devel­oping soft­ware capable of pro­tecting against them. Last­line develops tech­nology to defend against today’s eva­sive and advanced cyberthreats.

It’s very impor­tant for high-​​tech uni­ver­si­ties like North­eastern to have spin-​​offs because you get the return on invest­ment and you get to see how the real world actu­ally works,” Kirda said. “We get data from the com­pany that we can use in our research.”

]]> 0
#iheartcoop featuring Bryan Ash Thu, 07 Aug 2014 13:06:12 +0000 No one hearted his co-​​op more than Bryan Ash, who was hired by Hub­Spot after a co-​​op stint there. #iheartcoop

]]> 0
Measuring Cultural Evoluation by Tracking Where Notable People Were Born, Died Fri, 01 Aug 2014 19:26:00 +0000 The visualization shows birthplaces in blue and death spots in red of notable people including artists and politicians. It offers a glimpse into the large-scale geographical patterns that shape cultural evolution in  North America.

The visualization shows birthplaces in blue and death spots in red of notable people including artists and politicians. It offers a glimpse into the large-scale geographical patterns that shape cultural evolution in North America.

An international team of researchers, including an art historian and a handful of physicists, have crunched three giant databases that record the births and deaths of notable people to map the geographical creep of culture over two millennia.

The study, published Thursday in the journal Science, presents an unusual way of tracing the arc of history. In lieu of the more typical approach of digging deep into a distinguished individual’s life or a particular time period, the researchers instead marked the discrete beginning and ends of thousands of notable lives, without regard for who they were or in what domain they had distinguished themselves. The people had been included in Freebase, a crowdsourced database of people and two databases of artists.

Mapping and analyzing the many data points left behind by artists, politicians, scientists, and other prominent people will, they hope, point to cultural and intellectual capitals and provide quantitative evidence that will both support historical interpretation and pose new questions.

“Death is certainly not random, in the sense that people tend to die where they migrate to perform their art,” said Albert-László Barabási, a physicist and professor of network science at Northeastern University who was involved in the work. “Looking at one person would not be relevant, because there are so many factors that affect the decision of where one person works and where he or she will die. With hundreds of individuals, they together map out where are the places where they can perform their art the best.”

In many ways, the findings will be unsurprising, confirming things we might have guessed. Places such as Hollywood and Los Angeles tend to be “death attractors,” where the notable deaths outnumber the notable births. The Boston area is more of a cradle than a grave; it tends to produce more notable people than ones who die here.

Maximilian Schich, associate professor of arts and technology at the University of Texas at Dallas, began the work when he was a post-doctoral researcher in Boston and notes that he may even have contributed to the city’s pattern of being a birthplace for notable people — he started his family when he lived in the area, then moved to Texas when he began his own independent research career.

Digging into any particular location, however, could reveal how patterns change over time or provide a window into what cities are cultural magnets in other countries. In the Boston area, there are places, such as Jamaica Plain, Brookline, and Newton, that tend to have more notable deaths than births as well as places such as Allston, Malden, East Boston, or Dorchester where more notable people were born than died.

“On the local level, you can see this intuitive reflection of the relative attractiveness of places,” Schich said.

The work had somewhat unconventional beginnings. For years, Schich worked as an art historian in a Northeastern laboratory that was best known for its work in a totally different area, discerning human migration patterns by analyzing cellphone data. What interested the physicists who were trying to understand human migration about his project was the idea that they could look to see what those migration patterns looked like over a lifetime and over centuries. What drew Schich to hang out with a bunch of physicists was a desire to bring the statistical tools of the quantitative sciences to a field in which scholars usually read hundreds of books and specialized in distinct time periods.

Schich and colleagues used three databases that listed the birth and death places of notable people — one that listed all-around prominent people and two that focused on artists. What the physicists found was that despite the advent of the discovery of America and the invention of different modes of travel, human migration patterns did not change dramatically through the ages. Over eight centuries, they found, the average distance between a person’s birth and death place increased, but did not even double — from 133 miles from cradle to grave in the 1300s to 237 miles in the 21st century.

They also found patterns that suggested the ebb and flow of cultural capitols. Although Paris and New York have been death attractors for a long time, for example, there are fluctuations that raise questions. New York, for example, went through a period in the 20s and 30s where it tended to be a birthplace for notable people more than it was a place for Last Rites.

There are also small towns, around the Alps, for example, or the French Riviera, that attract deaths even though they are neither large cities, nor cultural hot spots. The data revealed the rise of Rome and the subsequent growth of regional clusters in other parts of Europe.

“Collectively, putting these pieces of data together, we get a big picture of all the history of humanity as we know it today,” Barabási said.

Erez Lieberman Aiden, a professor of genetics at Baylor College of Medicine, who was not involved in the work, said that what he appreciated about the new study was the way it incorporated geography. Attempts to use quantitative tools to understand the humanities have often mined text to find patterns in words or phrases, or looked at change over time, because dates are a fairly straightforward type of data to use.

“I view this paper as doing the important work of figuring out, methodologically, how one can look at cultural changes not only across time, but across space,” Aiden said.

Geographical information can be harder to digitize, Aiden said, but especially prior to the Internet it was a key factor in understanding how people influence one another and how ideas spread.

Published in the Boston Globe

]]> 0
How to Secure the Cloud Fri, 01 Aug 2014 12:54:20 +0000 Vladimir Torchilin

For many of us, the pri­mary reason we use “the cloud” is for storage—whether it’s storing email through ser­vices like Gmail and Yahoo!, photos on Flickr, or per­sonal doc­u­ments on Dropbox. Many orga­ni­za­tions like hos­pi­tals and banks uti­lize the cloud to store data on patient and cus­tomer information.

But there’s also a com­pu­ta­tional side to the cloud that comes into play when, say, we search for an old email or per­form com­plex analyses of large vol­umes of data stored there.

Regard­less of the sce­nario, it’s clear that pre­cious per­sonal infor­ma­tion is stored in the cloud, and we’d like to think it’s secure up there. Enter Daniel Wichs, an assis­tant pro­fessor in the Col­lege of Com­puter and Infor­ma­tion Sci­ence. He is part of a multi-​​university research team that is working to make sure the cloud is as secure as pos­sible. The project is sup­ported by a grant project announced Thursday by the National Sci­ence Foundation’s Secure and Trust­worthy Cyber­space pro­gram and is a part of a larger NSF effort to sup­port foun­da­tional cyber­se­cu­rity research and education.

The col­lab­o­ra­tive “Fron­tier” project includes researchers from North­eastern, Boston Uni­ver­sity, the Mass­a­chu­setts Insti­tute of Tech­nology, and the Uni­ver­sity of Con­necticut. The team will deploy and test the mech­a­nisms they develop in this project using the Mass­a­chu­setts Open Cloud—a part­ner­ship of state gov­ern­ment, industry, and uni­ver­si­ties including North­eastern that is designed to create a new public cloud com­puting mar­ket­place to help spur innovation.

We’re devel­oping tools at all levels of the system,” said Wichs, a cryp­tog­raphy expert who will focus his efforts on this area of the project.

Encryp­tion,” he explained, “is a pro­ce­dure we’ve been thinking about basi­cally since the dawn of time, but we’ve only had good ways of doing it since the 70s.” Until recently, even the best encryp­tion strate­gies were lim­ited when it comes to cloud com­pu­ta­tion, he said, adding that “The problem is that stan­dard ways of encrypting data render it use­less. Once encrypted, there is no way to per­form any com­pu­ta­tion over it.”

Patient data is a prime example. If a hos­pital wants to con­duct large-​​scale analyses on this infor­ma­tion, it is lim­ited to looking at local com­puters because fed­eral Health Insur­ance Porta­bility and Account­ability Act, or HIPAA, laws pre­vent it from sharing pri­vate details about patients with external enti­ties. The hos­pital can easily store encrypted patient infor­ma­tion, but it can’t uti­lize the increased com­pu­ta­tional powers of external com­puters to ana­lyze it because encryp­tion pre­vents that possibility.

In recent years, a new method for com­puting on encrypted data has come about that has the poten­tial to change all that. “I can send you encrypted data, you run the com­pu­ta­tion and then send me back the encrypted answer,” Wichs explained. “I can decrypt the answer because I have the secret key, but you never learn anything.”

This break­through presents great promise, but the approach is still too inef­fi­cient to be widely useful, Wichs said. With this grant, Wichs will try to change that. By devel­oping new the­o­ret­ical methods for encrypting data and per­forming com­pu­ta­tions on that data, he hopes to pro­vide a new level of secu­rity to cloud-​​based computing.

We want to take a stan­dard pro­gram and con­vert it to work on encrypted data,” he said. Prior approaches needed to first con­vert the pro­gram into a much less effi­cient cir­cuit rep­re­sen­ta­tion before being able to eval­uate it on encrypted data. Wichs is working to build new encryp­tions schemes that can eval­uate stan­dard pro­grams directly.

The research project aligns with North­eastern emphasis on use-​​inspired research that solves global chal­lenges, par­tic­u­larly in the areas of secu­rity, health, and sustainability.

]]> 0
The Race Against the T Mon, 28 Jul 2014 19:55:40 +0000 ravert

On Friday, Michael Ravert, CIS’16, attempted to answer a ques­tion many Bosto­nians have pos­tu­lated for years: can the average person outrun the MBTA’s Green Line?

On that day, the answer was yes. But it was pretty close.

Ravert is cur­rently working on co-​​op at Run­K­eeper, a Boston-​​based com­pany that cre­ated a GPS fitness-​​tracking app. He and three of coworkers raced a trolley on the Green Line’s B branch down Com­mon­wealth Avenue, starting from the Boston Col­lege sta­tion and ending about four miles away at Bland­ford Street sta­tion near Ken­more Square.

The final result: Ravert crossed the finish line first in a time of 24:08. The trolley made it in 24:49.

This was an awe­some expe­ri­ence,” Ravert said after run­ning. “This was a fun race to do. We did a great job pacing each other.”

Run­K­eeper and event-​​organizing web­site The Boston Cal­endar coor­di­nated the event, dubbed “Outrun the Green Line.” Ravert said he signed up because it was a great way to get to know his new col­leagues better.

An email was sent out about a month ago and I had just started my co-​​op so I fig­ured it would be fun,” Ravert said. “I didn’t really think any­thing of it until a couple weeks ago when the race really started to become pop­ular online.”

Run­K­eeper cre­ated a web­site for the event where people could mon­itor the run­ners’ and the trolley’s progress. The trolley held a size­able lead on the run­ners during the first half of the race through the hills of Boston’s Brighton and All­ston neigh­bor­hoods. But the run­ners caught up once the road got flatter.

Ravert crossed the finish line as the trolley waited at the inter­sec­tion of Com­mon­wealth Avenue and Blan­ford Street. A runner since high school, Ravert said he didn’t run any­more than usual to pre­pare for the race.

Ravert, who is studying com­puter sci­ence at North­eastern, learned about RunKeeper’s co-​​op at the university’s co-​​op fair. A friend sug­gested he look specif­i­cally at Run­K­eeper because the com­pany com­bines two of his pas­sions: run­ning and com­puter science.

On co-​​op at Run­K­eeper, Ravert has worked on pro­gram devel­op­ment for both Androids and iPhones. He said it’s been a valu­able learning expe­ri­ence thus far, par­tic­u­larly because it’s his first foray into iPhone development.

Ravert attrib­utes his work as a tutor and under­grad­uate teaching assis­tant in the Col­lege of Com­puter and Infor­ma­tion Sci­ence with helping pre­pare him for the co-​​op. “Teaching others cer­tain pro­grams that we use at Run­K­eeper helped me to under­stand them better, as well,” he said.

]]> 0
Global Impact of the Ebola Outbreak Mon, 28 Jul 2014 13:59:28 +0000 Alex VespignaniThe Ebola virus has been spreading in West Africa since March, but the cur­rent out­break over the past few weeks has reached new heights and ele­vated the crisis. More than 650 people have died, and in recent days it was learned that Sierra Leone’s leading Ebola doctor in charge of bat­tling the out­break has him­self con­tracted the virus. Here, net­work sci­en­tist Alessandro Vespig­nani, the Stern­berg Family Dis­tin­guished Pro­fessor of Physics at North­eastern who has devel­oped com­pu­ta­tional models to pre­dict the spread of infec­tious dis­eases, dis­cusses the Ebola out­break. Vespig­nani holds joint appoint­ments in the Col­lege of Sci­ence, the Bouvé Col­lege of Health Sci­ences, and the Col­lege of Com­puter and Infor­ma­tion Sci­ence.

What sparked the recent surge of the Ebola outbreak, and could it have been predicted?

Ebola’s outbreaks among human populations usually result from handling infected wild animals. Although the virus reservoir has not yet been identified with certainty, in Africa fruit bats are believed to be the natural hosts for the virus. It is therefore impossible to predict the start of an outbreak, although it is possible to project its unfolding if containment and mitigation policies are not implemented in a timely manner. Human-to-human transmission mostly occurs through blood or bodily fluids from an infected person, thus affecting mostly caregivers in the family or in healthcare settings where the proper cautions aren’t taken. Isolation of cases in well-equipped healthcare settings and the use of rigid protection protocols for handling burial procedures are crucial for the containment of outbreaks.

How is this outbreak different from those that have occurred in the past?

Since March, the World Health Organization has reported more than 1,000 cases of Ebola with a fatality rate of about 60 percent, depending on the specific places. Although previous outbreaks recorded fatality rates of up to 90 percent, this current outbreak is the worst in terms of the number of infected people. This outbreak is somewhat unique also because it has hit major urban areas such as Conakry, the capital city of Guinea. In the past, Ebola has usually emerged in less populated rural regions. Isolation and control in large cities is obviously more challenging. Capital cities are also major transportation hubs for travelers potentially spreading the outbreak in other geographical regions.

Does this outbreak present an international concern and if so, how great is that concern?

The risk of infection for travelers is minimal because infection results from direct contact with sick individuals. However the presence of the disease in major cities with airports introduces the possibility that infected people not yet in the acute stage of the disease are going to get on a plane and spread the virus internationally. This global spreading can be modeled by using human mobility network data. Although we cannot rule out the possibility of cases spreading to major European or American airport hubs, the probability for these events is quite small because the major airports in the region have limited traffic to international destinations. On the other hand, the persistence in time of the outbreak and the growing number of cases are increasing the probability that we might see it spread internationally. The makes it imperative to win the battle in containing the outbreak in the region as soon as possible.


]]> 0