Put José M.F. Moura on the IEEE President Ballot!

José Moura was nominated to be considered as a candidate for IEEE President. The IEEE Board of Directors (BoD) is the body that decides who the candidates will be. They were also behind the proposed IEEE constitutional amendment that was opposed by more than 25 IEEE Societies because it was a rather naked power grab that would have moved much of the constitution to bylaws that could be amended by a small group of individuals, reducing regional representation, and reducing technical activities representation. You can think of it as an attempt by the BoD to Make IEEE Great Again. Prof. Moura spoke up against the amendment (including at an ITSOC BoG meeting) and in the end the amendment did not pass.

It is likely that the BoD’s decision to not nominate him is retaliation for his actions in defense of what he (and many others) felt are the best interests of the IEEE. While this Trump-esque approach to handling dissent may be popular in Washington, it seems quite inappropriate for an international organization such as IEEE. There is a petition at the IEEE website to put him on the ballot. It needs around 4,000 signatures and students members are also welcome to sign. You sign in with your IEEE account and then go to “Annual Election Petitions.” Note this is not a vote for him, but rather allowing him to be on the ballot. Please consider signing!

Tracks: I’m just a soul whose intentions are good

I’m in a bit of a creative rut so I return to the same favorites, many introduced to me by others. This one has a narrative arc though, albeit bittersweet. A present for my cousin.

  1. A Summer Song (Chad & Jeremy)
  2. Golden Age (Chris Staples)
  3. Kaze Wo Atsumete (Happy End)
  4. Soda Shop (Jay Brannan)
  5. Who’s bitten you (Hannah and Sam)
  6. Here Comes a Special Boy (Freezepop)
  7. I Wish You (CAPSULE)
  8. Wedding Daze (Daniel Wilson)
  9. Clay (feat. Marina Price) (Manatee Commune)
  10. I Need A Dollar (Aloe Blacc)
  11. Turn It Around (Lucius)
  12. A Beautiful Woman (Deradoorian)
  13. Temper Temper  (Tuscadero)
  14. Cool Yourself (Thao and the Get Down Stay Down)
  15. (I’ve Got) The Sanctioned Blues (Ultimate Painting)
  16. Get Me Away From Here, I’m Dying (Belle & Sebastian)
  17. Don’t Let Me Be Misunderstood (Nina Simone)
  18. I Like My Face (Miss Erika)
  19. Awkward (Lightning Love)
  20. Ten-Twenty-Ten (Generationals)
  21. Silver Lining (Unplugged) (Stiff Little Fingers)

Postdoctoral Associate at DIMACS

DIMACS, the Center for Discrete Mathematics and Theoretical Computer Science, invites applications for various postdoctoral associate positions for 2017-18. Applicants should be recent Ph.D.’s with interest in DIMACS areas, such as computer science, discrete mathematics, statistics, physics, operations research, and their applications. There are four positions available:

  1. a one-year postdoctoral associateship investigating modeling of anomaly detection in multi-layer networks,
  2. a two-year associateship in collaboration with the Institute for Advanced Study (IAS) in Princeton, NJ emphasizing theoretical computer science and discrete mathematics,
  3. a position associated with the Simons Collaboration on Algorithms and Geometry which also emphasizes theoretical computer science and discrete mathematics and could be hosted at Rutgers/DIMACS,
  4. a two-year associateship in theoretical machine learning in the Department of Computer Science at Rutgers.

See the DIMACS website for application information.

Applications have various deadlines, beginning December 1, 2016. See website for details.
DIMACS Center, Rutgers University, 96 Frelinghuysen Road, Piscataway, NJ 08854-8018;
Tel: 848-445-5928; Email: postdoc at dimacs.rutgers.edu. DIMACS is an EO/AA employer.

CFP: T-SIPN Special Issue on Distributed Signal Processing for Security and Privacy in Networked Cyber-Physical Systems

IEEE Signal Processing Society
IEEE Transactions on Signal and Information Processing over Networks
Special Issue on Distributed Signal Processing for Security and Privacy in Networked Cyber-Physical Systems

GUEST EDITORS:

SCOPE
The focus of this special issue is on distributed information acquisition, estimation, and adaptive learning for security and privacy in the context of networked cyber-physical systems (CPSs) which are engineering systems with integrated computational and communication capabilities that interact with humans through cyber space. The CPSs have recently emerged in several practical applications of engineering importance including aerospace, industrial/manufacturing process control, multimedia networks, transportation systems, power grids, and medical systems. The CPSs typically consist of both wireless and wired sensor/agent networks with different capacity/reliability levels where the emphasis is on real-time operations, and performing distributed, secure, and optimal sensing/processing is the key concern. To satisfy these requirements of the CPSs, it is of paramount importance to design innovative “Signal Processing” tools to provide unprecedented performance and resource utilization efficiency.

A significant challenge for implementation of signal processing solutions in CPSs is the difficulty of acquiring data from geographically distributed observation nodes and storing/processing the aggregated data at the fusion center (FC). As such, there has been a recent surge of interest in development of distributed and collaborative signal processing technologies where adaptation, estimation, and/or control are performed locally and communication is limited to local neighborhoods. Distributed signal processing over networked CPSs, however, raise significant privacy and security concerns as local observations are being shared by neighboring nodes in a collaborative and iterative fashion. On one hand, applications of CPSs are severely safety critical where potential cyber and physical attacks by adversaries on signal processing modules could lead to a variety of severe consequences including customer information leakage, destruction of infrastructures, and endangering human lives. On the other hand, the need for cooperation be- tween neighboring nodes makes it imperative to prevent the disclosure of sensitive local information during distributed information fusion step. At the same time, efficient usage of available resources (communication, computation, bandwidth, and energy) is a pre-requisite for productive operation of the CPSs. To accommodate these critical aspects of CPSs, it is of great practical importance and theoretical significance to develop advanced “Secure and Privacy Preserving Distributed Signal Processing” solutions.

The spirit and wide scope of distributed signal processing in revolutionized CPSs calls for novel and innovative techniques beyond conventional approaches to provide precise guarantees on security and privacy of CPSs. The objective of this special issue is to further advance recent developments of distributed signal processing to practical aspects of CPSs for real-time processing and monitoring of the underlying system in a secure and privacy preserving manner while avoiding degradation of the processing performance and preserving the valuable resources. To provide a systematic base for future advancements of CPSs, this special issue aims to provide a research venue to investigate distributed signal processing techniques with adaptation, cooperation, and learning capabilities which are secure against cyber-attacks and protected against privacy leaks. The emphasis of this special issue is on distributed/network aspects of security and privacy in CPSs. Papers with primary emphasis on forensics and security will be redirected to IEEE Transactions on Information Forensics and Security (TIFS). Topics of interest include, but are not limited to:

  • Security and Privacy of distributed signal processing in networked CPSs.
  • Distributed and secure detection, estimation, and information fusion.
  • Security and privacy of consensus and diffusive strategies in networked systems.
  • Secure and privacy preserving distributed adaptation and learning.
  • Security and privacy of distributed sensor resource management in networked systems.
  • Distributed event-based estimation/control in networked CPSs.
  • Detection and identification of potential attacks on distributed signal processing mechanisms.
  • Application domains including but not limited to, smart grids, camera networks, multimedia network, and vehicular networks.

SUBMISSION GUIDELINES
Authors are invited to submit original research contributions by following the detailed instructions given in the “Information for Authors” page or TSIPN page. Manuscripts should be submitted via Scholar One(Manuscript Central) system. Questions about the special issue should be directed to the Guest Editors.

IMPORTANT DATES:

    • Paper submission deadline: December 15, 2016
    • Notification of the first review: March 1, 2017
    • Revised paper submission: April 15, 2017
    • Notification of the re-review: June 15, 2017
    • Minor revision deadline: August 1, 2017
    • Final notification: September 1, 2017
    • Final manuscript due: October 15, 2017

Publication: Advance posting in IEEExplore as soon as authors approve galley proofs

Expected inclusion in an issue: March 2018

Rutgers has a mobile device privacy violation strategy

Rutgers decided to switch everyone over to an Office 365 system for email. All “official Rutgers business” has to be conducted through our new email accounts. If you try to sync mail to your phone, you are prompted to install a Microsoft app which will manage your account. According to the Rutgers Mobile Device Management Policy we “will be prompted by a notice that states administrators will be allowed to make a number of changes to your device but the University will not utilize those features as they are beyond policy.”

I Am Not A Lawyer, but it seems a little bad to sign a contract with someone who says “oh don’t worry about those clauses, we will never use them.” So what are we agreeing to let IT admins do?

What IT cannot see:

  • Call and web history
  • Location
  • Email and text messages
  • Contacts
  • Passwords
  • Calendar
  • Camera roll

What IT can see:

  • Model
  • Serial number
  • Operating system
  • App names
  • Owner
  • Device name

So apparently what apps you have is something that your boss should know about. I suppose you can construct a reason for that, but I don’t really know why it’s anyone’s business. I can see it as being rather dangerous — who are they sharing this information with? Also, Rutgers wants to:

  • Reset your device back to manufacturer’s default settings if the device is lost or stolen.
  • Require you to have a password or PIN on the device.
  • Require you to accept terms and conditions.

Hmmm, abstract “terms and conditions.” Ok then… the features they say are out of scope (for now) are:

  • Remove all installed company-related data and business apps. Your personal data and settings aren’t removed.
  • Enable or disable the camera on your device to prevent you from taking pictures of sensitive company data.
  • Enable or disable web browsing on your device.
  • Enable or disable backup to iCloud.
  • Enable or disable document sync to iCloud.
  • Enable or disable Photo Stream to iCloud.
  • Enable or disable data roaming on your device. If data roaming is allowed, you might incur roaming charges.
  • Enable or disable voice roaming on your device. If voice roaming is allowed, you might incur roaming charges.
  • Enable or disable automatic file synchronization while in roaming mode on your device. If automatic file synchronization is allowed, you might incur roaming charges.

Seems like a lot for the dubious value of checking my work email on my phone. I guess I have some startup funds that need spending. Perhaps I can get a “just for work” device that Rutgers can snoop on as much as they like.

Subscribing to the NSF CIF Listserv

Want to get emails from the NSF’s CIF Program?

  • Compose an email to LISTSERV@listserv.nsf.gov
  • Leave the subject blank
  • In the body of the message, just write “SUBSCRIBE CIF-Announce Firstname Lastname” (without the quotes and replacing Firstname and Lastname with your name). Alternatively, you can subscribe anonymously by writing “SUBSCRIBE CIF-Announce ANONYMOUS” (without the quotes).
  • Send the message. You will receive a confirmation email that you have subscribed. Please read the confirmation email since you may need to respond to it.

Problems with the KDDCup99 Data Set

I’ve used the KDDCup99 data set in a few papers for experiments, primarily because it has a large sample size and preprocessing is not too onerous. However, I recently learned (from Rebecca Wright) that for applications to network security, this data set has been discredited as unrepresentative. The paper by John McHugh from ACM TISSEC details the charges. Essentially there was little validation done with regards to checking how representative the data set is.

Why do I bring this up? Firstly, I suppose I should stop using this data set to make claims about anomaly detection (which may be a problem for AISec coming up at the end of the month). However, it’s not clear, from a machine learning perspective, whether the claims one can make about a particular application will generalize within an application domain, given the lack of standardization of data sets even within a particular application. I could do a bunch of experiments on mixtures of Gaussians which might tell me that the convergence rate is what the theory said it should be, but validating on a variety of “non-synthetic” data sets can at least show how performance varies with data sets properties (regardless of the accuracy with respect to the application). So should I stop using the data set entirely?

Secondly, if we want to develop new models and algorithms for machine learning on security applications, we need data sets, and preferably public data sets. This is a real challenge for anyone trying to develop theoretical frameworks that don’t sound too bogus: practice could drive theory, but there is a kind of security through obscurity model in the data gathering/sharing world which makes it hard to understand what the problems are.