My research confronts issues of security and transparency in computer systems and networks. Within this broad area, my interests span various domains of computing, including operating systems, the cloud, and network communications, as well as both mobile and embedded devices. More information on my work can be found at:
My major research thrusts are:
Detecting and Investigating Intrusions
Modern computing systems are sprawling and complex, creating many opportunities for would-be intruders
to break-in and remain undetected.
Attackers can now dwell inside of networks for months or years before being noticed, as evidenced by numerous
high-profile data breaches in the news.
Our research seeks to empower system defenders by improving the ways in which we audit computers,
allowing them to understand and react to attacks before serious damage is inflicted.
A key technique we leverage in this work isf data provenance, which iteratively parses low-level
events (e.g., Process A read File 1) into a causal dependency graph that describes the entire
history of system execution.
These graphs allow security analysts to identify the root causes of suspicious activities through causal analysis,
and can also be used to improve automated intrusion/anomaly detection systems.
- Adam Bates and Wajih Ul Hassan. Can Data Provenance Put an End to the Data Breach? IEEE Security & Privacy Magazine, July 2019.
- Wajih Ul Hassan, Shengjian Guo, Ding Li, Zhengzhang Chen, Kangkook Jee, Zhichun Li, and Adam Bates.NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage. SOC Network and Distributed System Security Symposium, Februrary 2019.
- Thomas Pasquier, Xueyuan Han, Thomas Moyer, Adam Bates, Olivier Hermant, David Eyers, Jean Bacon, and Margo Seltzer. Runtime Analysis of Whole-System Provenance ACM Conference on Computer and Communications Security (CCS), October 2018.
- Wajih Ul Hassan, Mark Lemay, Nuraini Aguse, Adam Bates, and Thomas Moyer. Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs. ISOC Network and Distributed System Security Symposium (NDSS), February 2018.
- Adam Bates, Dave Tian, Kevin R.B. Butler, and Thomas Moyer. Trustworthy Whole-System Provenance for the Linux Kernel. USENIX Security Symposium (SECURITY), August 2015.
Consumer Device Security
Spanning smart phones and the Internet of Things, consumer-oriented computing devices are diverse and pervasive.
While these technologies create unprecedented opportunity for innovation,
they also expose novel attack surfaces that must be better understood in order to provide adequate protection to end users.
Our work in this space is two fold:
first, to reason about the security challenges created by consumer devices,
but also to identify ways in which these technologies can be leveraged to address the broader goals of computer security.
- Qi Wang, Pubali Datta, Wei Yang, Si Liu, Carl Gunter, and Adam Bates. Charting the Attack Surface of Trigger-Action IoT Platforms. ACM Conference on Computer and Communications Security (CCS), November 2019.
- Wajih Ul Hassan, Saad Hussain, and Adam Bates. Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide? USENIX Security Symposium (SECURITY), August 2018.
- Deepak Kumar, Riccardo Paccagnella, Paul Murley, Eric Hennenfent, Joshua Mason, Adam Bates, and Michael Bailey. Skill Squatting Attacks on Amazon Alexa. USENIX Security Symposium (SECURITY), August 2018.
- Dave (Jing) Tian, Nolen Scaife, Deepak Kumar, Michael Bailey, Adam Bates, and Kevin R. B. Butler. SoK: 'Plug and Pray' Today -- Understanding USB Insecurity in Versions 1 through C. IEEE Symposium on Security and Privacy (Oakland), May 2018.
- Qi Wang, Wajih Ul Hassan, Adam Bates, and Carl Gunter. Fear and Logging in the Internet of Things. ISOC Network and Distributed System Security Symposium (NDSS), February 2018.
Network & Communications Security
An increasing proportion of the global economy is dependent on the security of network communications and infrastructures. Unfortunately, these security properties are violated with alarming frequency due to implementation errors or developer confusion, or because systems are made use of in unanticipated ways. This research seeks to better understanding this breakdown between theory and practice, and identify ways to restore correct functionality in vulnerable networked systems. To this end, my work has considered the security challenges surrounding Software Defined Networks (SDN), the ubiquitous TLS/HTTPS protocols, and legacy telecommunications infrastructure.
- Benjamin E. Ujcich, Samuel Jero, Anne Edmundson, Qi Wang, Richard Skowyra, James Landry, Willam H. Sanders, Christina Rita-Notaru, and Hamed Okravi. Cross-App Poisoning in Software-Defined Networking. ACM Conference on Computer and Communications Security (CCS), October 2018.
- Tianyuan Liu, Avesta Hojjati, Adam Bates and Klara Nahrstedt. AliDrone: Enabling Trustworthy Proof-of-Alibi for Commercial Drone Compliance. IEEE International Conference on Distributed Computing Systems (ICDCS), July 2018.
- Bradley Reaves, Ethan Shernan, Adam Bates, Hank Carter, and Patrick Traynor. Boxed Out: Blocking Cellular Interconnect Bypass Fraud at the Network Edge. 2015 USENIX Security Symposium (SECURITY),
- Adam Bates, Kevin Butler, Micah Sherr, Clay Shields, Patrick Traynor, and Dan Wallach. Accountable Wiretapping -or- I Know They Can Hear You Now. Journal of Computer Security: Volume 23, Issue 2, Pages 167-195. 2015.
- Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, Jing (Dave) Tian, Abdulrahman Alkhelaifi, and Kevin R.B. Butler. Securing SSL Certificate Validation through Dynamic Linking. 21st ACM Conference on Computer and Communications Security (CCS), November 2014.