Monday
Jul302012

Tech Talk Video: Why Do Airplanes Crash?

We are pleased to announce the availability of a new tech talk video. The video presents work on a PSU Captsone Project by Chris Andrew, Kayla Seliner, Mark Craig, and Trang Nguyen. For more details, see the talk announcement For more videos, please visit our Vimeo channel.
Wednesday
Jul252012

Tech Talk: Comprehensive Analysis of the Android Ecosystem

Galois is pleased to host the following tech talk. These talks are open to the interested public--please join us! (There is no need to pre-register for the talk.)

Please note the unusual time for this talk, it is on Thursday, 02 August 2012.

title: Comprehensive Analysis of the Android Ecosystem

speaker: Iulian Neamtiu

time: Thursday, 02 August 2012, 10:30am

location:
Galois Inc.
421 SW 6th Ave. Suite 300,
Portland, OR, USA
(3rd floor of the Commonwealth building)

abstract:

The relative novelty and rapid evolution pace of the Android ecosystem (platform, vendor-installed apps and third-party apps) means both the platform and apps receive little scrutiny. Hence there is a need for tools that assess, monitor and verify all components of the Android ecosystem. This lack of tools and scrutiny is particularly problematic when combined with the open nature of Google Play, the main app distribution channel.

In the first part of this talk we will focus on multi-layer profiling of Android apps using ProfileDroid, a tool and framework we developed at UC Riverside. ProfileDroid is useful for a variety of Android app analyses, from performance to usability to security. ProfileDroid monitors and correlates the behavior of an app at four layers: (a) static, or app specification (b) user interaction, (c) operating system, and (d) network layer. Using ProfileDroid on 27 free and paid Android apps, we have revealed: (a) discrepancies between the app specification and app execution, (b) free versions of apps could end up costing more than their paid counterparts, due to an order of magnitude increase in traffic, (c) most network traffic is not encrypted, (d) apps communicate with many more sources than users might expect.

In the second part of the talk we will present results from our long-term permission evolution study of the Android ecosystem---platform and 237 apps---over three years. We found that the platform has increased the number of dangerous permissions and does not move towards finer-grained permissions, and that app developers do not follow the principle of least privilege. We will also briefly discuss our efforts with static information flow tracking for Android apps, as well as building a log-and-replay system for Android.

bio: Iulian Neamtiu is an assistant professor in the Department of Computer Science and Engineering at the University of California, Riverside. He received his Ph.D. from the University of Maryland, College Park in 2008. His current research focuses on analyzing and improving the Android ecosystem, programming languages (type systems, static and dynamic analysis, parallelism), software engineering (software evolution, empirical studies, debugging), and on-the-fly software updates.

Thursday
Jun282012

Tech Talk: Programming with Narrowing

Galois is pleased to host the following tech talk. These talks are open to the interested public--please join us! (There is no need to pre-register for the talk.)

title: Programming with Narrowing

speaker: Sergio Antoy, Portland State University

time: Tuesday, 3 July 2012, 10:30am

location:
Galois Inc.
421 SW 6th Ave. Suite 300,
Portland, OR, USA
(3rd floor of the Commonwealth building)

abstract:
In this talk, I will introduce narrowing, the characterizing feature of functional logic programming, from the programmer's viepoint. Narrowing promotes non-determinism and it enables computing with incomplete or unknown information. After a short and informal presentation of Curry, the leading functional logic language, I will discuss a few examples showing that narrowing and its associated non-determinism support programming at a very high level of abstraction.

bio: Sergio Antoy is a professor of Computer Science at Portland State University, that he joined in 1990, and an associate chair for graduate education. He regularly teaches undergraduate and graduate courses in the area of programming. He received a PhD degree in Computer Science for the University of Maryland in 1987. Sergio's research is on narrowing strategies and the implementation of functional logic programming languages.

Tuesday
May292012

Why Do Airplanes Crash? Building an Open-Source Aircraft Sensor System

Galois is pleased to host the following tech talk. These talks are open to the interested public--please join us! (There is no need to pre-register for the talk.)

title: Why Do Airplanes Crash? Building an Open-Source Aircraft Sensor System

speaker: PSU Captsone Project: Chris Andrew, Kayla Seliner, Mark Craig, and Trang Nguyen

time: Tuesday, 05 June 2012, 10:30am

location:
Galois Inc.
421 SW 6th Ave. Suite 300,
Portland, OR, USA
(3rd floor of the Commonwealth building)

abstract:

On October 7, 2008, the flight control system of Qantas flight 72 malfunctioned without warning. The failure caused the aircraft to violently pitch down with an acceleration of -0.8g, pitching passengers and crew into the roof of the cabin resulting in many injuries. In the investigation that followed, the malfunction was attributed to a software problem in the Air Data Inertial Reference Unit. These units are utilized on all modern passenger jets, but are proprietary devices not open to public scrutiny.

This capstone project develops an open source Air Data Inertial Reference Unit using four redundant Arduino boards each with a microcontroller, 3D gyroscope and accelerometer. Faults are injected into the system through software and outputs are monitored over serial ports allowing the user to test effectiveness of fault-tolerant algorithms to mask fail silent and byzantine faults in the sensors. Failures in ADIRU systems are usually complex in nature and arise under very anomalous circumstances suggesting that fault-tolerant system design could benefit from the diverse testing and evaluation that can occur in an open source community. This project demonstrates the low entry-cost to building a fault-tolerant system for open-source design and experimentation..

bio: The presenters are Portland State ECE seniors: Chris Andrew, Kayla Seliner, Mark Craig, and Trang Nguyen. Their advisors are Prof. Christof Teuscher (PSU) and Dr. Lee Pike (Galois inc.).

Friday
May042012

Tech Talk: An Analysis of Analysis

Galois is pleased to host the following tech talk. These talks are open to the interested public--please join us! (There is no need to pre-register for the talk.)

Please note the unusual date and time for this talk, it is on Friday, 11 May 2012, at 10:30am

title: An Analysis of Analysis

speaker: Charles Parker

time: Friday, 11 May 2012, 10:30am

location:
Galois Inc.
421 SW 6th Ave. Suite 300,
Portland, OR, USA
(3rd floor of the Commonwealth building)

abstract:

A basic problem in computer science is binary classification, in which an algorithm applies a binary label to data based on the presence or absence of some phenomenon. Problems of this type abound in areas as diverse as computational biology, multimedia indexing, and anomaly detection. Evaluating the performance of a binary labeling algorithm is itself a complex task, often based on a domain-dependent notion of the relative cost of "false positives" versus "false negatives". As these costs are often not available to researchers or engineers, a number of methods are used to provide a cost-independent analysis of performance. In this talk, I will examine a number of these methods both theoretically and experimentally. The presented results suggest a set of best practices for evaluating binary classification algorithms, while questioning whether a cost-independent analysis is even possible.

bio: Charles Parker received his Ph.D. in Computer Science in 2007 under Professor Prasad Tadepalli at Oregon State University. His thesis, "Structured Gradient Boosting", presented a gradient-based approach to structured prediction useful in information retrieval and planning domains. From 2007 to 2011, he worked for the Eastman Kodak Company on various problems in data mining, scanned document analysis, and consumer video indexing. He currently works for BigML, Inc., helping to develop a web-scale infrastructure and interface for machine learning. His work has appeared in ICML, AAAI, ICDM, and other notable venues.