Welcome to the Systems and Internet Infrastructure Security (SIIS) Laboratory in the department of Computer Science and Engineering at Penn State, and member lab of the Network and Security Research Center (NSRC). The SIIS Laboratory develops advanced security technologies for critical components of the modern computing infrastructure. Our researchers consider security problems at all levels of systems design, from theoretical cryptography to physical hardware. Our research has been published in top academic venues in security, networking, operating systems, software engineering, and cryptography, as well as featured in many outlets in popular press.

News

October 29, 2008: Android Tutorial

SIIS graduate student William Enck and Professor Patrick McDaniel gave a tutorial entitled "Understanding Android's Security Framework" at the ACM Conference on Computer and Communications Security (CCS). The slides and example programs are publically available.

September 18, 2008:

The research report "Characterizing the Limitations of Third-Party EAS Over Cellular Text Messaging Services" written by Patrick Traynor, Penn State and SIIS Lab alumnus and current Assistant Professor in the school of Computer Science at the Georgia Institute of Technology, has been published by 3G Americas. Press release.

September 10, 2008:

The book "Operating System Security" written by Trent Jaeger is available. The goal of the book is to help system designers and implementors to understand the requirements for operating systems that effectively enforce security and how to balance functionality and security.

September 9, 2008:

Professor Adam Smith received a Faculty Early Career Development award (CAREER) from the National Science Foundation. The CAREER program offers "the National Science Foundation's most prestigious awards in support of junior faculty who exemplify the role of teacher-scholars through outstanding research, excellent education and the integration of education and research within the context of the mission of their organizations." Congratulations to Professor Smith!.

September 5, 2008:

The paper "Implicit Flows: Can't Live With 'Em, Can't Live Without 'Em", written by Dave King, Boniface Hicks, Michael Hicks, and Trent Jaeger, has been accepted at the 4th International Conference on Information Systems Security (ICISS).

August 29, 2008:

PhD candidate Joshua Schiffman has been awarded one of the University Graduate Fellowships. These awards are based on the quality and accomplishments of the students. Congratulations to Joshua on his award.

August 28, 2008:

The book "Security for Telecommunication Networks" written by Patrick Traynor, Patrick McDaniel and Thomas LaPorta is available. The book is designed to help researchers interested in networking and security get involved in securing telecommunication systems.

August 18, 2008:

The papers "PinUP: Pinning User Files to Known Applications" written by William Enck, Patrick McDaniel, and Trent Jaeger, and "Defending Against Attacks on Main Memory Persistence" written by William Enck, Kevin R. B. Butler, Thomas Richardson, Patrick McDaniel, and Adam Smith, and "New Side Channel Attacks Targeting Passwords" written by Albert Tannous, Jonathan Trostle, Mohamed Hassan, Stephen E. McLaughin, and Trent Jaeger have been accepted to the 24th Annual Computer Security Applications Conference (ACSAC) to be held December 8-12 in Anaheim, California.

August 13, 2008:

On August 9, 2008, a federal court judge issued a temporary restraining order against three MIT student researchers to prevent a public presentation about vulnerabilities in the Massachusetts Bay Transit Authority (MBTA) fare payment system. Such legal actions pose significant threat to academic security researchers. A letter supporting an appeal, signed by a number of computer scientists, including the SIIS Lab's Professor Patrick McDaniel, concludes with the following:

"In sum, we are concerned that the pall cast by the temporary restraining order will stifle research efforts and weaken academic computing research programs. In turn, we fear the shadow of the law's ambiguities will reduce our ability to contribute to industrial research in security technologies at the heart of our information infrastructure."

The Electronic Frontier Foundation webpage contains more complete details on the case.

August 1, 2008:

Professor Patrick McDaniel has been selected to serve as Associate Editor of the IEEE Transactions on Computers. IEEE Transactions on Computers is a publication in the fields of computer organizations and and architectures, operating systems, software systems, and communication protocols, real-time systems and embedded systems, digital devices, computer components, and interconnection networks, specification, design, prototyping, and testing methods and tools, performance, fault tolerance, reliability, security, and testability, case studies and experimental and theoretical evaluations, and new applications and trends. Congratulations to Professor McDaniel on his selection to the editorial board.

  • News Archive

    • Upcoming Events

    Mission

    The following mission statement best sums up the activities of the SIIS Laboratory:

    The SIIS Laboratory promotes student and scientific advancement through the investigation of emerging technologies upon which computer, network, and information security is based.

    Credo

    I cannot think of a better statement of how I feel about scientific discovery than the following poem by Bill Watterson. I think it truly reflects the dual promise of both fun and discovery, which I feel should be the real objectives of any scientific endeavor. Put another way, life is simply too short to do work that is not both simultaneously engaging and enjoyable. To wit:

    Explorers are we, intrepid and bold,
    Out in the wild, amongst wonders untold.
    Equipped with our wits, a map, and a snack,
    We're searching for fun we're on the right track!

    - Bill Watterson, Author of Calvin and Hobbes

    Sponsors

    The laboratory is actively seeking sponsorship for its activities. We are receiving or have received support from the following agencies and organizations:


       

    Contact Information

    This webpage details the laboratory objectives and past and current research. If you are interested in learning more about the laboratory, current research, or possibilities for sponsorship, please contact the lab directly. All electronic communications should be directed to the laboratory administration at siis@cse.psu.edu. All physical correspondence should be directed to:

    Systems and Internet Infrastructure Laboratory
    Department of Computer Science and Engineering
    The Pennsylvania State University
    344 IST Building
    University Park, PA 16802

    Other laboratory contact information:

    Phone: +1 (814) 863-3599
    Fax: +1 (814) 865-3176
    Web: http://siis.cse.psu.edu/

    Note: Given the large number of applicants, the laboratory must defer all admissions issues to the department of Computer Science and Engineering. Hence, if you are a student looking to be admitted to Penn State University, contact the department directly. If you are already a student at Penn State and wish to participate in SIIS research, please contact one of the faculty members in the lab.