Since 1995, the Triangle Computer Science Distinguished Lecturer Series (TCSDLS) has been hosting influential university researchers and industry leaders from computer-related fields as speakers at the three universities within the Research Triangle Area. The lecturer series, sponsored by the Army Research Office (ARO), is organized and administered by the Computer Science departments at Duke University, NC State University, and the University of North Carolina at Chapel Hill. This proposal argues for continuation, for an additional 3 years, of this highly successful lecturer series

The goal of this project is to develop an extensible framework for designing and using derived data in answering database queries efficiently. The outcomes of the project are expected to be general and independent of a specific data model (e.g., relational or XML), while giving guarantees with respect to query-performance improvement. The approach consists of developing and evaluating mathematical models and algorithms for common types of queries on relational and XML data. Expected outcomes of the project include automated tuning of data-access characteristics in a variety of applications, thus enhancing the quality of user interactions with data-intensive systems.

This research applies methods of dependency tracing and analysis and formal measures of entrenchment toward the identification of deception and deceivers in large scale activity graphs.

This project builds on the SILO project that started in 2006 to design a new architecture for the Internet. In this new project, we will collaborate with teams of researchers from the University of Kentucky, the University of Massachusetts, and RENCI, to design critical parts of a new architecture for the Internet that will support the flexible use of widely applicable information transport and transformation modules to create good solutions for specific communication applications. The key idea is to allow a network to offer information transformation services at the edge or in the core transparently to the application, and creating a framework in which application can issue a request not only for communication but for specific reusable services. We also propose research tasks that will enable network virtualization and isolation seamlessly at many levels, currently a difficult but highly relevant problem in practical networking.

The goal of this project is to develop and deploy a GENI instrumentation framework, integrate it into one of thecfive control framework prototypes, and develop a set of experimenter capabilities to enable cross-layer experimentation in the optical substrate.

This proposal proposes to build an outdoor wireless mesh testbed comprised of a large number of low-cost experimental fabricated nodes and a small number of commercially available nodes. The testbed will be built in two stages: in the first stage, nodes placed on pushcarts will be temporarily placed outdoors for trials and tests; in the second phase, permanent antenna placements will be installed on equipment poles over a large area of the Centennial Campus of North Carolina State University. The testbed will leverage experience of, as well as enable the research of NCSU researchers participating in the Secure Open Systems Institute (SOSI), currently engaged in DoD, NSF, and other projects. Current and envisaged research activities of SOSI researchers address secure and redundant routing, energy-efficient routing, topology control, localization, cross-layer optimization, security and performance of SIP and VoIP, secure virtualization of network and compute resources, social networking. The proposed testbed will provide realistic large-scale outdoor wireless network environments for evaluating and validating the ideas, protocols and systems conceived from these activities. The data and experience gained from operating and managing a real network environment will also provide practical insights for students and researchers on the operation of large-scale heterogeneous mesh networks that help identify new security and performance problems and develop their practical solutions.

Extreme high-performance computing (HPC) systems have needs that are fundamentally different from a desktop computer or even a typical server. However, the runtime or operating systems used in most HPC deployments is a general purpose OS that is not designed for an HPC environment. This mismatch leads to many inefficiencies and scalability problems. For example, commodity OSs have noise that gets multiplied in HPC to the point that it can contribute a significant slow-down. This research will examine alternatives to a commodity-based OS in HPC computing systems

NOAA awarded $12.5 Million to fund the Interdisciplinary Scientific Environmental Technology (ISET) Cooperative Research and Education Center. NC A&T State University is the lead institution. The team includes a diverse network of scientists, and engineers from A&T, NC State University, University of Minnesota, University of North Carolina at Pembroke, City University of New York, University of Alaska Southeast, California State University-Fresno, Fisk University as well as industrial, state and federal government partners. NC State University is the lead university for the research thrust on the analysis of global observing systems that includes numerical and physical research and analysis of hurricanes.

Recent research shows that students are capable of writing a peer-reviewed textbook for their own course. The pedagogical advantages are numerous. Instead of being merely the consumers of knowledge, students become co-producers. This forces them to learn the material in greater depth, and to reflect upon it more frequently. The natural medium for creating such a textbook is a wiki, because it standardizes the format and makes it easy to edit parts of a larger work. This project is building a software system to manage creation and peer review of a wiki textbook, automating features such as rubric creation by students, double-blind feedback between author and reviewer, quality-control strategies for student peer reviews, and support for flow management to allow different chapters of the text to be written and reviewed at different times during the course. It promises to bring wiki textbook-writing to a much wider audience. The project addresses several high?profile needs in American education. Students hone composition skills writing for authentic purposes and audiences. Peer-reviewing fosters critical analysis and teaches them how to provide meaningful feedback. The project is socially relevant, as Wiki textbooks are freely available to a global audience, helping to combat the problem of rising textbook costs. The project has the potential to benefit at-risk students, since students receive feedback while they still have a chance to improve their work. This helps nontraditional students stay on task, and typically offers the most benefit to students who underperform as measured by exams and standardized tests

We propose to explore the new computing model of offering computation- and/or data-intensive cloud services on active nodes serving on-demand utility computing users. More specifically, we plan to (1) assess the efficacy of resource sharing between foreground interactive utility computing workloads and background high-throughput cloud computing workloads on multi-core servers, in terms of energy saving and performance interference; (2) develop a scheduling and load management middleware that performs dynamic background workload distribution considering the energy-performance tradeoff; and (3) exploits the use of GPGPUs for cloud services on active nodes running foreground workloads mainly on the CPUs.

Large-scale virtualized computing infrastructures have become important platforms for many real-world systems such as cloud computing, virtual computing lab, and massive information processing. However, due to its inherent complexity and sharing nature, virtualized computing infrastructures are inevitably prone to various system anomaly problems such as software/hardware failures, performance anomalies, and malicious attacks. The goal of this project is to develop a new predictive anomaly management system to enhance the resilience of virtualized computing infrastructure. The major contributions will be an integrated framework consisting of four synergistic techniques: 1) scalable runtime virtual machine monitoring; 2) self-evolving online anomaly prediction; 3) speculative anomaly diagnosis; and 4) online anomaly correction.

Large-scale hosting infrastructures have become important platforms for many real-world systems such as cloud computing, virtual computing lab, enterprise data centers, and web hosting services. However, system administrators are often overwhelmed by the tasks of correcting various system anomalies such as performance bottlenecks, resource hotspots, and service level objective (SLO) violations. The goal of this project is to develop novel online anomaly prediction and diagnosis techniques to achieve robust continuous system operation. The major contributions will be an integrated framework consisting of three synergistic techniques: i) self-compressing information tracking to achieve low-cost continuous system monitoring; ii) online anomaly prediction that can raise advance alerts to impending anomalies; and iii) just-in-time anomaly diagnosis that can perform online anomaly diagnosis while the system approaches the anomaly state.

This proposal will study methods to visualize simulation ensembles, large sets of simulation results generated by repeatedly executing a simulation across a range of input parameter values. Ensembles will be provided by collaborators in astrophysics, meteorology, high energy physics, and statistics. The goal of our research is to identify effective techniques to visualize ensembles containing 100s or 1000s of simulation runs. We propose to combine techniques from perceptual and multidimensional visualization to build images that present some or all of the results to an end-user, in a manner that allows him to explore, validate, discover, and analyze individual values within the ensemble.

Alternative splicing (AS) is an important mechanism of gene regulation that contributes to transcriptome and proteome diversity. The role of AS in specific biological processes is largely uninvestigated. Our goal is to measure extent and functional significance of AS in Arabidopsis thaliana defense against the bacterial pathogen Pseudomonas syringae pv tomato (Pst). Specific objectives include 1) discover Pst-induced AS via long-read mRNA-Seq, 2) characterize genome-wide AS and gene expression patterns associated with Arabidopsis-Pst interactions via short-read mRNA-Seq, and 3) determine the impact of AS on protein structure, validate selected AS isoforms and perform functional analysis of selected AS genes.

For this project, we will explore the potential benefits of symptomatic and syndromic surveillance using existing NCB-Prepared data sources, including EMS, ED and poison control data, to improve surveillance capacity and outbreak response relating to the area of food safety. During the initial phase, we will examine two years of NCB-Prepared national poison control data to evaluate its utility related to evaluating trends in foodborne illness. This initial phase will produce preliminary statistics by working with the SAS analytics team of NCB-Prepared to incorporate poison control data into the system. Some possible analytical techniques employed may include descriptive statistics, Fourier analysis and cluster analysis. Results from this phase will provide a baseline for identifying potential foodborne illness outbreaks in the future as part of the NCB-Prepared system. This first phase will demonstrate basic functionality of the poison control data by July 30, 2012. During the second phase, we will continue to explore relationships between the poison control, EMS and ED data in relationship to their ability to improve early detection of potential foodborne illness outbreaks. After the first phase, project will have a national poison center data set relating to food safety issues available covering at least 10 year. For example, we will select key national outbreaks and determine if the historical data provided to NCB-Prepared could have been used to provide earlier signals that an outbreak was ongoing. A preliminary result will be produced for this second phase by September 30. Additional efforts will be made to help the team explore relationships between the poison control, EMS and ED data as they pertain to foodborne illness outbreaks.

Stealthy rootkit attacks are one of the most foundational threats to cyberspace. With the capability of subverting the software root of trust of a computer system, i.e., the operating system (OS) or the hypervisor, a rootkit can instantly take over the control of the system and stealthily inhabit the victim. To effectively mitigate and defeat them, researchers have explored various solutions. Unfortunately, the state-of-the-art defense is mainly reactive and in a fundamentally disadvantageous position in the arms-race against these stealthy attacks. The proposed research aims to fundamentally change the arms-race by proposing a systematic immunization approach to proactively prevent and exterminate rootkit attacks. Inspired by our human immune system and fundamental biological design principles, the proposed approach transforms system software (i.e., the OS and the hypervisor) so that the new one will tip the balance of favor toward the rootkit defense. To accomplish that, we will investigate a suite of innovative techniques to preserve kernel/hypervisor control flow integrity and evaluate their effectiveness with real-world malware and infrastructures. The proposed education components include the creation and dissemination of unique hands-on course materials with live demos, lab sessions, and tutorials.

Research in virtualization technologies has gained significant momentum in recent years. One of the basic yet powerful enabling function in many virtualization research efforts is virtual machine introspection or VMI: Observing a VM's states and events from outside the VM. The goal of this project is to develop OpenVMI: a software-based research infrastructure for VMI, which is expected to enable new research and education opportunities, including, but not limited to, safe malware experiments, intelligent virtual infrastructure management etc.

Kernel rootkit attacks are one of the most stealthy yet foundational threats to cyberspace. Unfortunately, current research and practice in kernel rootkit defense is mainly reactive and in a fundamentally disadvantageous position relative to the kernel attackers. In this work, we advocate the development of strategic kernel rootkit defense that is proactive with early kernel rootkit threat indication, automatic when performing rootkit attack avoidance and forensics, and integrated with all these capabilities enabled under the same architecture for production systems. Specifically, we envision a virtualization-based rootkit-prevention architecture that is capable of (1) indicating a kernel rootkit threat before it strikes, (2) avoiding the attack by ?steering? the targeted production system away from the threat, and (3) profiling the (possibly zero-day) kernel rootkit for future kernel protection. The architecture is deployable in a wide range of virtualization-based cyber infrastructures, such as data centers, enterprises, and cloud computing environments (e.g., VCL).

Botnets are recognized as one of the most serious threats to today's Internet. To combat them, one key step is to effectively understand how the botnet members communicate with each other. Unfortunately, the trend of adopting various obfuscation schemes (e.g., encryption) in recent bots greatly impedes our understanding. The main thrust of this research is the investigation of several interrelated key techniques to overcome the above challenges and significantly enrich the understanding of botnet command and control.

There is an alarming trend that elusive malware is armed with techniques that detect, evade, and subvert malware detection facilities of the victim. On the defensive side, a fundamental limitation of traditional host-based anti-malware systems is that they run inside the very hosts they are protecting, making them vulnerable to malware's counter-detection and subversion. To address this limitation, solutions using virtual machine (VM) technologies advocate placing the malware detection facility outside of the protected VM. However, a dilemma exists between these two approaches: The "out of the box" approach gains tamper resistance at the cost of losing the native, semantic view of the host enjoyed by the "in the box" approach. To resolve the above dilemma, a new approach called OBSERV ("Out of the Box with SEmantically Reconstructed View") is introduced to achieve the advantages of both camps by reconstructing the semantic internal view of a VM from external, low-level observations. OBSERV enables two exciting malware defense opportunities: (1) malware detection by view comparison and (2) real-time detection and stoppage of kernel-level rootkits. The broader impact of this research is two-fold: (1) It will enhance the trustworthiness and effectiveness of widely deployed anti-malware systems. Moreover, OBSERV is expected to be viewed favorably by the anti-virus software industry because of its support for existing off-the-shelf anti-virus software. (2) Results from this research will lead to the development of education materials for undergraduate and graduate courses and for professional training sessions.

This program will establish a national Secure Open Systems Institute (SOSI), located on North Carolina State’s premier Centennial Campus that will be a global center for Open Source security research and development. The goals are twofold. First, SOSI will significantly contribute to strengthening mission critical information technology infrastructures vital to the Department of Defense, state and nation. Second, SOSI will accelerate the creation and growth of high tech industries in North Carolina and beyond by providing a centralized repository of research results, testing tools and qualification services.

It has long been recognized that affect is central to cognition and learning. Affect plays a particularly important role in the rich interactions offered by game-based learning environments. Devising computational models of affect recognition and affect expression could significantly increase the efficacy of interactive learning environments. In this project, we propose an inductive approach to affect modeling that induces models of affect recognition and affect expression from students' physiological signals and from event streams generated by game-based learning environments. The resulting models will be empirically evaluated with respect to their accuracy, efficiency, and contribution to student learning gains and motivation.

By leveraging intelligent cyberlearning technologies, rich media, and advanced digital storytelling, the Future Worlds demonstration project will enable children at a museum to take virtual journeys through time to explore the impact of social and economic decisions on the environment. Guided by a virtual environmentalist who will narrate their journeys and offer problem-solving advice, visitors will travel to the past, present, and future to explore the relationship between conservation decisions, energy use, and population growth on Earth's ecosystem.

Recent years have seen a growing recognition of the transformative potential of game-based learning technologies. Crystal Island is an intelligent game-based learning environment we have developed for middle grade students. To date, more than 1,000 students have used Crystal Island, and rigorous studies have demonstrated that it helps students achieve significant learning gains. In the proposed work, Crystal Island will be extended to provide literacy education for middle grade students. The project will focus on the deployment of Crystal Island in classrooms of low SES rural middle schools in eastern North Carolina.

The goal of the Leonardo project is to develop an intelligent cyberlearning system for interactive scientific modeling. Students will use Leonardo's intelligent virtual science notebooks to create and experiment with interactive models of physical phenomena. As students design and test their models, Leonardo's intelligent virtual tutors will engage them in problem-solving exchanges in which they will interactively annotate their models as they devise explanations and make predictions. During the project, the Leonardo virtual science notebook system will be rolled out to 60 classrooms in North Carolina, Texas, and California.

Multiple representations are central to the creative process. The objective of the project is to design and empirically evaluate an interactive creativity environment that supports the automatic mapping of one representation to another that is fundamentally different but complementary. In particular, the proposed work will focus on the design, implementation, and evaluation of the Narrative Theatre, an interactive narrative-centered creativity environment. Rigorous comparative studies using both quantitative and qualitative methods will explore the hypothesis that the multiple representations supported by the Narrative Theatre will significantly enhance the creative process in measurable ways.

Despite the great promise offered by game-based learning environments for elementary science education, realizing its potential poses significant technological challenges. In this project we will develop a full suite of intelligent game-based learning environment technologies for elementary science education. To promote effective science learning, we will create intelligent game-based learning environment technologies that leverage the rich interactive 3D game environments provided by commercial game engines and the inferential capabilities of intelligent tutoring systems. We will also provide a comprehensive empirical account of the cognitive processes and results of elementary students interacting with intelligent game-based learning environments for science education.

Intelligent tutoring systems leverage artificial intelligence technologies to create effective learning experiences for students. The project targets the design, implementation, and empirical validation of an integrated model of cognitive and affective scaffolding for intelligent tutoring systems. Computational models of tutorial strategies will be automatically acquired through machine learning techniques from human-human tutorial dialogue traces. The resulting models of cognitive and affective scaffolding, which are based on hierarchical hidden Markov models, will be incorporated into an intelligent tutoring system, JavaTutor. JavaTutor will be evaluated with first year university computer science students to assess its impact on student learning gains and motivation.

While individual workstations in scientific research environments have become more powerful, they cannot meet the needs of today's interactive data processing tasks. Meanwhile, idle desktop resources are not efficiently utilized. This project aims at harnessing the collective idle resources within institutional boundaries to speed up computation- or data-intensive tasks routinely executed on desktop machines. We will build a novel desktop parallel computing framework, which will integrate distributed computing and storage resources to create an execution platform similar to that provided by a parallel computer, while maintaining the comfort and responsiveness of desktop sequential computing and the autonomy of resource donors.

Xioasong Ma's joint work with NCSU and Oak Ridge National Laboratories (ORNL) will bridge the gap between the two organizations in a practical manner to cooperatively research parallel I/O in conjunction with the Genomes to Life (GTL) and Scientific Data management projects within the Computer Science and Mathematics Division at ORNL.

We propose to explore the new computing model of offering computation- and/or data-intensive cloud services on active nodes serving on-demand utility computing users. More specifically, we plan to (1) assess the efficacy of resource sharing between foreground interactive utility computing workloads and background high-throughput cloud computing workloads on multi-core servers, in terms of energy saving and performance interference; (2) develop a scheduling and load management middleware that performs dynamic background workload distribution considering the energy-performance tradeoff; and (3) exploits the use of GPGPUs for cloud services on active nodes running foreground workloads mainly on the CPUs.

In High-End Computing (HEC), faults have become the norm rather than the exception for parallel computation on clusters with 10s/100s of thousands of cores. As the core count increases, so does the overhead for fault-tolerant techniques that rely on checkpoint/restart (C/R) mechanisms. At 50% overheads, redundancy is a viable alternative to fault recovery and actually scales, which makes the approach attractive for HEC. The objective of this work to the develop a synergistic approach by combining C/R-based fault tolerance with redundancy in computer to achieve high levels of resilience. This work alleviates scalability limitations of current fault tolerant practices. It contributes to fault modeling as well as fault detection and recovery in significantly advancing existing techniques by controlling levels of redundancy and checkpointing intervals in the presence of faults. It is transformative in providing a model where users select a target failure probability at the price of using additional resources.

Assuring deadlines of embedded tasks for contemporary multicore architectures is becoming increasingly difficult. Real-time scheduling relies on task migration to exploit multicores, yet migration actually reduces timing predictability due to cache warm-up overheads and increased interconnect traffic. We propose a fundamentally new approach to increase the timing predictability of multicore architectures aimed at task migration in embedded environments making three major contributions. 1. We develop novel strategies to guide migration based on cost/benefit tradeoffs exploiting both static and dynamic analyses. 2. We devise mechanisms to increase timing predictability under task migration providing explicit support for proactive and reactive real-time data movement across cores and their caches. 3. We propose rate- and bandwidth-adaptive mechanisms as well as monitoring capabilities to increase predictability under task migration. Our work aims at initiating a novel research direction investigating the benefits of interactions between hardware and software for embedded multicores with respect to timing predictability.

The objective of this work is to provide functionality for the Berkeley Lab Checkpoint/Restart (BLCR) Linux module to support advanced fault-tolerant capabilities, which are of specific value in the context of large-scale computational science codes running on high-end clusters. We have developed a set of techniques to reduce this checkpoint/restart overhead. We propose to integrate a job pause mechanism, live migration support and an incremental checkpoiting mechanism into the latest BLCR version.

The objective of this work is to systematically model and study large-scale reliability, to develop novel, scalable mechanisms in support of proactive FT and to significantly enhance reactive FT. The proposed work promises contributions in modeling reliability, monitoring system health and devising novel reactive as well as proactive schemes to tolerate faults. Overall, this work is targeted at alleviating limitations of current reactive FT schemes. It contributes to fault modeling and health monitoring, it significantly advances transparent checkpointing techniques, and it combines them with novel proactive approaches.

For large-scale high-performance computing (HPC) systems with 10s/100s of thousands of cores, faults have become the norm rather than the exception. The objective of the proposed work is to alleviate scalability limitations of current fault tolerant practices on petascale installations, which could pave the path for forthcoming exascale systems. To this end, we propose to develop and evaluate advanced mechanisms to make large-scale HPC jobs resilient to failures. We will combine and then evaluate in-place rollback with redundant computing. We will develop techniques to detect and to recover from silent data corruption.

Scalability is one of the key challenges to computing with hundreds if not thousands of processor. Yet, testing software at scale with hundreds of processing cores is impossible if system software with privileged access rights needs to be modified. The inability to change system software at will in large-scale computing installations thus impedes progress in system software. This project creates a mid-size computational infrastructure, called ARC (A Root Cluster), that directly supports research into scalability for system-level software solutions. ARC empowers users temporarily with administrator (root) rights and allows them to replace arbitrary components of the software stack. Such replacements range from entire operating systems over drivers, kernel modules to runtime libraries, middleware and system tools. ARC ultimately enables a multitude of systems research directions to be assessed under scalability that could otherwise not be conducted. Through ARC, methodologies for scalability of experimental system software in various institutional projects and beyond can be explored and systematically improved. ARC is positioned to benefit the software systems community and indirectly science in general by this assessment of system software requirements at scale.

Parallel I/O benchmarks are crucial for application developers, I/O software/hardware designers, and center administrators. However, currently there lack portable and comprehensive I/O benchmarks for high-end storage systems. We address this gap by proposing automatic generation of parallel I/O benchmarks. More specifically, we target the automated creation of application I/O benchmarks.

This is a pilot internship program between NCSU and Cisco for 4 undergraduate students to learn through working part-time on real life problems for Cisco with the hope that this pilot program can grow and develop into a long term working relationship. Specifically, NCSU students will participate in Cisco Software Application Support plus Upgrades (SASU) projects and/or conduct research for SASU. This will be done with an understanding that the interns are students, and as such are learning and being trained with the training coming from both the Cisco (for SASU-specific skills), and NCSU (through the undergraduate program they are enrolled in) in general relevant skills.

Energy infrastructure is a critical underpinning of modern society that any compromise or sabotage of its secure and reliable operation will have a prominent impact on people's daily lives and the national economy. Past failures such as the massive northeastern power blackout of August 2003 have revealed serious defects in both system-level management and device-level designs. This project proposes a hardware-in-the-loop reconfigurable system with embedded intelligence and resilient coordination schemes to tackle the vulnerabilities of the power grid. As a part of the collaborative research project, the research efforts at NCSU will focus on the threats to existing state estimation algorithms and their defenses.

Sensor networks are ideal candidates for a wide range of applications, such as monitoring of critical infrastructures, data acquisition in hazardous environments, and military operations. It is usually necessary to reprogram sensor nodes after they are deployed through wireless links. In this project, we will investigate secure, robust, and DoS-resilient remote program of sensor nodes through wireless links. We expect to develop three groups of fundamental techniques as a result, including secure and proactively robust encoding of binary code images, DoS-resilient mechanisms for authenticating binary images, and efficient and effective techniques for remote sensor programming in hybrid sensor networks.

Sensor networks are ideal candidates for a wide range of applications such as critical infrastructure protection. It is necessary to guarantee the trustworthiness and resilience of sensor networks as well as the sensing applications. The objective of this project is to develop practical techniques for building trustworthy and resilient sensor networks as well as instructional materials that facilitate the education of these techniques. The research activities are focused on practical broadcast authentication, trustworthy and resilient clock synchronization, and light-weight and collaborative intrusion detection in sensor networks, seeking effective integration of cryptographic techniques, application semantics, and other knowledge or constraints.

This project consists of three technical thrusts: (1) Thrust 1 -- new security architecture and services that better isolate different customers' workloads and enhance their trustworthiness; (2) Thrust 2 -- protection of management infrastructure against malicious workloads; and (3) Thrust 3 -- protection of hosted workloads from potentially malicious management infrastructure. The first thrust explores new opportunities to enhance the trustworthiness of virtual cloud computing against mutual threats between workloads as well as external security threats, while the last two address the service providers' security concerns for customers' workloads and customers' security concerns for the service providers, respectively.

This proposal proposes to build a virtual computing testbed for research and education in information security at North Carolina State University. The proposed virtual computing testbed will be developed on the basis of the current Virtual Computing Lab (VCL) environment to provide a test environment for rapid development and testing of a variety of ongoing research projects as well as support the experimental components in system oriented information security courses. The results and experience gained from operating and managing a real computing environment will also provide practical insights for students and researchers on the operation of virtual computing infrastructures that help identify new security and performance problems and develop their practical solutions

The Web is evolving from a resource for finding/verifying facts, to one used to support complex problem solving and exploratory tasks in a variety of domains. Thus, the traditional search paradigm targeted primarily at fact-finding, and is predicated on users knowing what they want and how to search for it, is unsuitable for such situations. This project focuses on developing support for advanced query models that capture the iterative process typical of problem solving and exploratory tasks where at each step users may only be able to formulate vague queries. It proposes to develop semantic techniques for integrating information created across the multiple steps of such tasks as and also predict and recommend other potentially relevant and informative data that the user may have missed.

The grant money will be used to turn the Master of Science in Computer Networks to a Professional Science Master (PSM).

There are many ways that computers attached to the Internet can be infected by malicious software. Virus and computer worm writers go to great pains to make their software difficult to detect. We have developed a method for identifying infectious software, before it succeeds, that is fast and very general. This method has been tested on a wide variety of software and shown to be effective. We propose now to automate this method to a greater degree. Essentially every method of detection relies upon human intelligence to guide the search for uniquely identifying properties of infectious software. We propose to instead use techniques of data mining that will automatically search for and evaluate such properties. A key characteristic that is exploited is that there are few true innovations in the design of infectious software, but many imitations or variations. Our method looks for the unvarying, common properties of such software. The benefit will be automated defenses that adapt rapidly to changing threats, including previously-unknown, or "zero-day", threats.

NCSU through the Graduate Industrial Trainee ("GIT") Student will provide research and analysis to SAS as set forth in this Agreement. Such research and analysis shall include, but is not limited to, research, generation, testing, and documentation of operations research software. GIT Student will provide such services for SAS' offices in Cary, North Carolina, at such times as have been mutually agreed upon by the parties. GIT Student agrees to abide by SAS' policies and procedures regarding security of SAS' facilities and computing resources.

In this collaborate research between NCSU and ETRI, both institutions investigate the application service architectures for future internet testbeds. The collaboration includes surveys, architecture designs and validation of the application service architectures for various types of future internet services

This project develops a high-level notion of context that exploits the capabilities of next genera-tion networks to enable applications that deliver better user experiences. In particular, it exploits mobile devices always with a user to capture key elements of context: the user's location and, through localization, characteristics of the user's environment.

Optical networking forms the foundation of the global network infrastructure, hence the planning and design of optical networks is crucial to the operation and economics of the Internet and its ability to support critical and reliable communication services. With this research project we aim to make contributions that will lead to a quantum leap in the ability to solve optimally a range of optical design problems. In particular, we will develop compact formulations and solution approaches that can be applied efficiently to instances encountered in Internet-scale environments. Our goal is to lower the barrier to entry in fully exploring the solution space and in implementing and deploying innovative designs. The solutions we will develop are "future-proof" with respect to advances in DWDM transmission technology, as the size of the corresponding problem formulations is independent of the number of wavelengths.

Dr. Nagiza Samatova's joint work with NC State University and Oak Ridge National Laboratory (ORNL) will provide the interface between the two organizations aiming to collaboratively address computational challenges in the Scientific Data Management, and the Large-Scale Analysis of DOE-mission applications. (Supplement)

Accelerating the rate of insight and scientific productivity demands new solutions to managing the avalanche of data expected in extreme-scale. Our approach is to use tools that can reduce, analyze, and index the data while it is still in memory (referred to as "in-situ" processing of data). ). In order to deal with the large amount of data generated by the simulations, our team has partnered with many application teams to deliver proven technology that can accelerate their knowledge discovery process. These technologies include ADIOS, FastBit, and Parallel R. In this proposal we wish to integrate these technologies together, and create a runtime system that will allow scientist to create an easy-to-use scientific workflow system, that will run in situ, in extra nodes on the system, which is used to not only accelerate their I/O speeds, but also to pre-analyze, index, visualize, and reduce the overall amount of information from these solutions.

Dr. Nagiza Samatova's joint work with NC State University and Oak Ridge National Laboratory (ORNL) will provide the interface between the two organizations aiming to collaboratively address computational challenges in the Scientific Data Management, Data-Intensive Computing for Understanding Complex Biologicial Systems, Knowledge Integration for the Shewanella Federation, and the Large-Scale Analysis of Biologicial Networks with Applications to Bioenergy Production.

The specific objectives of the proposal are as follows: 1. Design and develop data mining kernels and algorithms for acceleration on hybrid architectures which include many-core systems, GPUs, and other accelerators. 2. Design and develop approximate scalable algorithms for data mining and analysis kernels enabling faster exploration, more efficient resource usage, reduced memory footprint, and more power efficient computations. 3. Design and develop index-based data analysis and mining kernels and algorithms for performance and power optimizations including index-based perturbation analysis kernels for noisy and uncertain data. 4. Demonstrate the results of our project by enabling analytics at scale for selected applications on large-scale HPC systems.

Computational science applications have been described as having one of seven motifs (the ?seven dwarfs?), a particular pattern of computation and communication. While the exercise has not been performed, one can imagine that these applications can also be grouped into a number of data model motifs, describing the way data is organized and accessed during simulation and analysis. The goal of this project is to determine the data model motifs present in computational science applications, to identify where current I/O software falls short in usability and performance for each of these motifs, and to construct a software toolkit for developing optimized I/O support for computational science data models at exascale.

Terascale computing and high-throughput experiments enable studies of complex natural phenomena, on a scale not possible just a few years ago. With this opportunity, comes a new problem - the massive quantities of complex so data produced. However, answers to fundamental science questions remain largely hidden in these data. The goal of this work is to provide a scalable high performance data analytics technologies to help application scientists extract knowledge from these raw data. Towards this goal, this project will research and develop methodologies for addressing key bottlenecks, and provide proof-of-principle demonstrations on the DOE applications.

Physical science applications such as nanoscience, fusion science, climate and biology generate large-scale data sets from their simulations and high throughput technologies. This necessitates scalable technologies for processing and analyzing this data. We plan to research and develop advanced data mining algorithms for knowledge discovery from this complex, high-dimensional, and noisy data. We will apply these technologies to DOE-mission scientific applications related to fusion energy, bioenergy, understanding the impacts of climate extremes, and insider threat detection and mitigation.

Physical science applications such as nanoscience, fusion science, climate and biology generate large-scale data sets from their simulations and high throughput technologies. This necessitates scalable technologies for processing and analyzing this data. We plan to research and develop advanced data mining algorithms for knowledge discovery from this complex, high-dimensional, and noisy data. We will apply these technologies to DOE-mission scientific applications related to fusion energy, bioenergy, understanding the impacts of climate extremes, and insider threat detection and mitigation.

The goal is to provide a computational capability for effective and efficient exploration of high-resolution climate networks derived from multivariate, uncertain, noisy and spatio-temporal climate data. We plan to increase the efficiency and climatologically relevancy of the network patterns identification through integrated research activities focused on: (a) supporting comparative analysis of multiple climate networks; (b) constraining the search space via exploiting the inherent structure (e.g., multi-partite) of climate networks; (c) establishing the foundation to efficiently update solutions for perturbed (changing) graphs; and (d) designing and implementing parallel algorithms scalable to thousands of processors on multi-node multi-core supercomputer architectures.

This project will develop policy-based service governance modules for the Oceanographic Observatories Initiative (OOI) Cyberinfrastructure. The main objectives of the proposed project include (1) formulating the key conceptual model underlying the patterns of governance; (2) formalizing "best practices" patterns familiar to the scientific community and seeding the cyberinfrastructure with them; (3) understanding user requirements for tools that support creating and editing patterns of governance

This project will develop a computational approach to trust geared toward enhancing the quality of information in tactical networks. In particular, this project will develop a trust model that takes into account various objective and subjective qualities of service as well as the social relationships among the parties involved in a network who originate, propagate, or consume information. The proposed approach will build an ontology for quality of information and its constituent qualities, and will expand existing probabilistic techniques to multivalued settings. The project will develop a prototype software module that realize the techniques for producing trust assessments regarding the information exchanged.

This project will develop policy-based service governance modules for the Oceanographic Observatories Initiative (OOI) Cyberinfrastructure. The main objectives of the proposed project include (1) formulating the key conceptual model underlying the patterns of governance; (2) formalizing "best practices" patterns familiar to the scientific community and seeding the cyberinfrastructure with them; (3) understanding user requirements for tools that support creating and editing patterns of governance.

NCSU graduate student will develop a machine learning approach to linking extreme atmospheric ridging events with extreme surface temperatures, employing a Gaussian Process (GP)-based predictive analysis tool that leverages the predictive value of spatial and temporal correlations and builds on ORNL’s past success in spatial classification, temporal change prediction, and parallelizing GP for large spatiotemporal extents.

With the increasing volume and complexity of data produced by ultra-scale simulations and high-throughput experiments, understanding the science is largely hampered by the lack of comprehensive, end-to-end data management solutions ranging from initial data acquisition to final analysis and visualization. The SciDAC-1 Scientific Data Management (SDM) Center succeeded in bringing an initial set of advanced data management technologies to DOE application scientists in astrophysics, climate, fusion, and biology. Building on our early successes, we will improve the SDM framework to address the needs of ultra-scale science.

In partnership with industry and faculty from across the country, this project will develop a transformative approach to developing the communication abilities (writing, speaking, teaming, and reading) of Computer Science and Software Engineering students. We will integrate communication instruction and activities throughout the curriculum in ways that enhance rather than replace their learning technical content and that supports development of computational thinking abilities of the students. We will implement the approach at two institutions. By creating concepts and resources that can be adapted by all CS and SE programs, this project also has the potential to increase higher education's ability nationwide to meet industry need for CS and SE graduates with much better communication abilities than, on average, is the case today. In addition, by using the concepts and resources developed in this project, CS and SE programs will be able to increase their graduates' mastery of technical content and computational thinking.

Jamming resistance is crucial for applications where reliable wireless communication is required, such as rescue missions and military applications. Spread spectrum techniques such as Frequency Hopping (FH) and Direct Sequence Spread Spectrum (DSSS) have been used as countermeasures against jamming attacks. However, these anti-jamming techniques require that senders and receivers share a secret key to communicate with each other, and thus are vulnerable to insider attacks where the adversary has access to the secret key. The objective of this project is to develop a suite of techniques to defend against insider jammers in DSSS and FH based wireless communication systems. We will develop novel and efficient insider-jamming-resistant techniques for both DSSS- and FH-based wireless communication systems. Our proposed research consists of two thrusts. The first thrust is to develop novel spreading/despreading techniques, called DSD-DSSS (which stands for DSSS based on Delayed Seed Disclosure), to enhance DSSS-based wireless communication to defend against insider jamming threats, while the second thrust is to develop a new approach, called USD-FH (which stands for FH based on Uncoordinated Seed Disclosure), to enable sender and receivers using FH to communicate without pre-establishing any common secret hopping pattern. A key property of our new approaches is that they do not depend on any secret shared by the sender and receivers. Our solution has the potential to significantly enhance the anti-jamming capability of today?s wireless communication systems.

In this project, a system providing intelligence to WiFi AP scan operations will be studied and developed for Android-operated smart devices, to reduce energy consumption in using WiFi chipsets. We ultimately aim at eliminating WiFi scans when users are mainly moving around their living boundaries by predicting which WiFi AP to connect without scanning. The prediction will be performed based on matching algorithms that find the similarity between a short term observation of cellular signal information measured in a smart device and a database of WiFi APs containing cellular base station IDs and their signal strength information per WiFi AP accumulated whenever the device is connected to a specific WiFi AP. Given our small scale measurement of energy consumption showing that WiFi scan operations drain about 10~15% of battery capacity of smartphones in their daily usages, our proposed algorithm is expected to be able to save substantial amount of energy in smart devices.

As smart devices like smartphones and tablet computers become prevalent, TCP performance over cellular networks is of growing importance. However, various measurement studies reveal that TCP suffers from excessively long delay as well as throughput degradation in cellular networks. In this project we will conduct extensive experiments over the 3G/4G networks of various cellular network carriers and investigate several under-developed issues: the current 3G/4G networks are over-buffered (termed as bufferbloat) and the excessive buffers void TCP congestion control who relies on packet loss to detect network congestion. Since all the overshot packets are absorbed by the buffers, no packet is lost and TCP will keep increasing its congestion window even if it is already much larger than the underlying bandwidth-delay product. To mitigate such problems, smartphones set the maximum receive buffer size to a relatively small value. Although this simple provisional scheme alleviates the aforementioned problem, it is losing performance in a number of scenarios due to its static nature. Through this project, we aim at proposing an adaptive receive window adjustment algorithm that requires changes only in receiver-side and implement it in Android phones and tablets.

In the proposed work, we will investigate innovative techniques to enable efficient I/O staging at a variety of locations in the HEC storage stack. The proposed work will improve the application-visible I/O performance in Peta-scale applications and explore the scalable incorporation of solid state drives (SSDs) into the HEC I/O hierarchy.

Simulating realistic mobility patterns of mobile devices is important for the performance study of mobile networks because deploying a real testbed of mobile networks is extremely difficult, and furthermore, even with such a testbed, constructing repeatable performance experiments using mobile devices is not trivial. Humans are a big factor in simulating mobile networks as most mobile nodes or devices (cell phones, PDAs and cars) are attached to or driven by humans. Emulating the realistic mobility patterns of humans can enhance the realism of simulation-based performance evaluation of human-driven mobile networks. Our NSF-funded research that ends this year has studied the patterns of human mobility using GPS traces of over 100 volunteers from five different sites including university campuses, New York City, Disney World, and State Fair. This research has revealed many important fundamental statistical properties of human mobility, namely heavy-tail flight distributions, self-similar dispersion of visit points, and least-action principle for trip planning. Most of all, it finds that people tend to optimize their trips in a way to minimize their discomfort or cost of trips (e.g., distance). No existing mobility models explicitly represent all of these properties. Our results are very encouraging and the proposed research will extend the work well beyond what has been accomplished so far. . We will perform a measurement study tracking the mobility of 100 or 200 students in a campus simultaneously, and analyze the mobility patterns associated with geo-physical and social contexts of participants including social networks, interactions, spatio-temporal correlations, and meetings. . We will cast the problem of mobility modeling as an optimization problem borrowing techniques from AI and Robotics which will make it easy to incorporate the statistical properties of mobility patterns commonly arising from group mobility traces. The realism of our models in expressing human mobility will surpass any existing human mobility models. . We will develop new routing protocols leveraging the researched statistical properties found in real traces to optimize delivery performance. The end products of the proposed research is (a) a new human mobility model that is capable of realistically expressing mobility patterns arising from reaction to social and geo-physical contexts, (b) their implementation in network simulators such as NS-2/3 and GloMoSim, (c) mobility traces that contain both trajectories of people in a university campus and contact times, (d) new efficient routing protocols for mobile networks

Real-time systems often exhibit some level of non-determinism with regard to defect observability. Testers frequently must run tests multiple times in order to have some assurance that the test actually passes. This costs industry significant time and effort. No one has yet studied these defects to understand why they exhibit non- determinism and what techniques or tools can be used to better observe the software and control the non-determinism.

The work outlined in this proposal focuses on the use of security metrics to prioritize risk-based software engineering for security. Specifically, the objective of this proposal is to build a predictive model based upon security metrics obtained from code artifacts, inspections, and testing to highlight vulnerability-prone and attack-prone components for the risk-based prioritization of re-design, inspection, and testing efforts. The model will be built and validated through detailed analysis of industrial code and data of CACC members: automated static analysis alerts, other static metrics to be determined, inspection records, testing records, and customer-reported problems.

Our nation's critical infrastructure demands that our current and future IT professionals have the knowledge, tools, and techniques to produce reliable and trustworthy software. The objective of this research is to extend, validate, and disseminate a software development practice to aid in the prevention of computer-related disasters. The practice is based upon test-driven development (TDD), a software development technique with tight verification and validation feedback loops. The proposed work extends the TDD practice and provides a supportive open-source tool for explicitly situating security and reliability as primary attributes considered in these tight feedback loops.

We propose to build, evolve, and validate a statistical prediction model whereby security-related ASA alerts from one or more tools and other software metrics are used to predict the actual overall security of a system. Our research involves collecting and analyzing a significant amount of data on software programs including security-related ASA alerts and actual security vulnerabilities and exploits, based upon inspections, testing failures, field failures, and reported exploits.

North Carolina State University (NCSU), led by the Department of Computer Science and the Institute of Advanced Analytics in conjunction with the Institute for Next Generation IT Systems (ITng), will create and manage a Science of Security Lablet (SOSL) research organization on behalf of the National Security Agency (NSA). The SOSL research organization will conduct and coordinate basic science research projects focused on the Science of Security. SOSL will coordinate with related Lablet activities sponsored by NSA at Carnegie Mellon University and at University of Illinois at Urbana Champaign (UIUC). SOSL will also coordinate with the Security Science Virtual Organization at Vanderbilt University. The coordination will be in the form of workshops and technical exchanges.

National efforts are focused on improving medical quality and reducing medical costs by implementing standardized electronic medical record keeping. However, rural health care providers and those who have small offices may not have the financial resources or expertise to purchase and maintain necessary expensive hardware and software applications which are necessary to join in this move toward electronic medical records (EMRs). We propose that the electronic medical records (EMR) application needs of rural and small-practice ambulatory health care providers be satisfied via open source EMR applications.

The proposed project is an extension of the BPC-A STARS Alliance. Our goal continues to be to broaden participation in computing (BPC) through the STARS Alliance, a Southeastern partnership to implement, institutionalize and disseminate effective practices for recruiting, bridging, retaining and graduating women, under-represented minorities and persons with disabilities into computing disciplines. With this proposal, additional academic institutions will join the STARS Alliance. NC State will continue to work with our own Student Leadership Corps, and with our demonstration and evaluation tasks, and it will act as the initial mentor for the new regional institutions.

Developer testing has been widely recognized as an important, valuable means of improving software reliability. However, manual developer testing is often tedious and not sufficient. Automated testing tools can be used to reduce manual testing efforts. This project develops a systematic framework for cooperative developer testing to enable effective, synergetic cooperation between developers and testing tools. This framework centers around test intentions (i.e., what testing goals to satisfy) and consists of four components: intention specification, test generation, test abstraction, and intention inference. The project also includes integrated research and educational plans.

Testing is essential for database applications to function correctly and with acceptable performance when deployed. In practice, it is often necessary for a database software vendor to test their software completely before selling or integrating their package to the database owner. In this proposal, we focus on two bottlenecks in database application testing: functional testing, which is to test whether the applications can perform a set of predefined functions correctly, and performance testing, which is to test whether the applications can function with acceptable performance when deployed.

The objective of this project is to enhance the Software-artifact Infrastructure Repository in order to enable the evaluation of various new research projects on software testing such as unit test generation.

Testing and fault localization are two essential activities performed in virtually every engineering project. These activities can be very laborious and time-consuming. How to improve the effectiveness and efficiency of these two activities has been a major focus in many areas of engineering research. This project will develop effective and efficient fault localization techniques based on combinatorial testing, and adapt these techniques to produce domain-specific techniques applicable to different domains.

Improving software quality is becoming an important yet challenging task in software development, especially for those mission-critical or safety-critical software systems. Many software defects related to correctness, security, and robustness are caused by the incorrect usage of system or application programming interfaces (APIs). We propose to develop new approaches for mining API properties for static verification from the API client call sites in existing code repositories, and then detect violations of these mined API properties to find defects in code repositories.

Security policies such as access control and firewall policies are one of the most fundamental and widely used privacy and security mechanisms. Assuring the correctness of security policies has been a critical and yet challenging task. In this proposal, we propose to develop a uniform representation of security policies across application domains such as XACML access control policies and firewall policies, and a set of novel techniques for testing and verification of both static and stateful policies based on the uniform representation.

In this project, we propose to develop an automated regression unit-test generation and checking tool for object-oriented programs. Given two versions of a class, our tool will generate unit tests for these two versions and then check whether observable outputs of these two versions are different. Besides reporting concrete test inputs that exhibit behavioral differences, our tool will summarize under what conditions these two versions exhibit different behaviors.

This project develops the Access Control Policy Testing (ACPT) tool to support information sharing between affiliated organizations. The sharing of information should comply with security and privacy policies from federal, state, local or tribal security and privacy status. ACPT allows policy authors to compose and combine policies based on predefined templates of practical policy models. ACPT converts resulting models with user-provided attributes to machine-readable XACML representation, which can be directly enforced by information sharing entities.

An increasing number of applications are set within narrative-oriented 3D virtual worlds. Current research on the generation of activities within these worlds holds the promise of tailored experiences customized to individual users? needs. The work described in this project seeks to expand the computational models of narrative being used to AI researchers, specifically to explore formal, plan-based models of actions to create stories that demonstrate complex conflict, rising action, dynamism and intentionality. The work will proceed both formally and empirically, with models being developed motivated by work from narrative theory and cognitive psychology and evaluated using experimental methods.

Through innovative application of computational thinking, this project will build the necessary cyber infrastructure to provide the next generation platform for multi-disciplinary and multi-agency collaboration in crime scene investigation (CSI). Since Daubert v. Merrell Dow Pharmaceuticals, CSI is both a highly visual and quantitative analysis characterized by a time-sensitive need to gather, organize, analyze, model, and visualize large, multi-scale, heterogeneous and context-rich data. CSI is also characterized by a fundamental need for rapid coordination and data translation across disciplines, agencies and levels of expertise as crime scenes are processed, reconstructed, solved and ultimately prosecuted over time, often critically in front of lay-people comprising a jury. Current methods of CSI are hindered by a lack of cyber infrastructure and protocols for virtual access to expertise and inadequate repositories of key data. From a computational e-Science perspective, forensic science is ripe for revolution through the development of a cyber infrastructure that will provide both new core data resources and collaboration capabilities in CSI for analysis and communication. Through remote access to data, tools and experts, as well as holistic integration of diverse data streams to virtually reconstruct and preserve actual crime scenes, the application of computational thinking to CSI will enable meta-analysis of evidentiary data and transform research and education for CSI professionals, legal professionals, forensic scientists, and K-20 students. The transformative research goal of this project is to develop a pioneering platform for interdisciplinary, cyber-enabled crime reconstruction through innovative methodology and engagement (IC-CRIME). The IC-CRIME platform will enable collaborative engagement in a 3D virtual reconstructed crime scene that incorporates multi-layer, scale-variant data and objects, including new critical data resources. The proposed cyber infrastructure will allow novice users to embed, interact with and analyze multi-layered data and objects within reconstructed crime scene in such a way that provides lucid spatial insight for users while simultaneously preserving quantitative geospatial relationships among evidentiary components as meaning is gleaned from data. The transformative educational goal of this project is to develop a team-based inter-disciplinary educational tool for professionals and K-20 that provides experiential, problem-based learning opportunities in a data-intensive virtual environment.

Online social networks not only greatly expand the scale of people's social connections, but also have the potential to become an open computing platform, where new types of services can be quickly offered and propagated through existing social structures. Mechanisms for trust management of privacy protection are integral to the future success of online social networks. In this project, we develop theoretical and practical techniques for the management of trust and privacy for social networks. Some of the innovative expected results include a formal trust model and trust policy languages for social networks, privacy preserving feedback management, and graph anonymization techniques for the sharing of social network data.

The correct and reliable operation of an information system relies not only on users' capabilities, but oftentimes on users' obligations. The management of obligations in security policies imposes significant challenges since obligations bear different properties from access control. This project develops a comprehensive framework for the management of obligations, including obligation modeling, specification, analysis, monitoring and discharges. Though the framework is formal in nature, and is designed on purpose to be general, the evaluation of its usefulness and effectiveness is firmly grounded on real applications, in particular, in the context of cross-domain data sharing systems and privacy policy enforcement systems.