Xusheng Xiao focuses on intersection of software engineering and computer data security
窪蹋勛圖厙 data scientist Xusheng Xiao will use a National Science Foundation (NSF) CAREER award to investigate how computer and mobile-device apps may use consumers sensitive personal dataand then leverage that knowledge to detect abnormal behaviors from hackers.
, said the NSF CAREER award would also help him develop more understandable language that automatically explains to users when and why certain apps are using their sensitive data.
The key task is to develop techniques to analyze the behaviors from a large pool of popular apps that are considered benign, he said. Then we build a knowledge base of these learned behaviors, use that knowledge to detect abnormal behaviors and better describe and communicate those behaviors.
Xiao was awarded $500,000 over five years to support his research. The NSF Faculty Early Career Development Award is considered the agencys most prestigious grant to junior faculty members.
Xiao hopes to also integrate the new tools into undergraduate and graduate education and raise public awareness of the importance of mobile-app security.
He was among four 窪蹋勛圖厙 researchers selected for the award this yearall from the Case School of Engineering. (The other researchers will be announced in separate stories in The Daily)
We are honored to have a deep bench of early-career researchers gaining recognition on a national level, said Venkataramanan Ragu Balakrishnan, the Charles H. Phipps Dean of the Case School of Engineering. He noted that many users of technology who benefit from advances in computer science dont understand how using certain devices may expose their personal data, or how to protect that data.
Xushengs innovative work addresses this critical shortfall by building better, stronger applications for these technologies, while also making technologies easier, more understandable and, ultimately, safer for the average user, Balakrishnan said.
Xiaos research interests encompass both software engineering and computer security. He concentrates on making software and computer systems more Reliable, Intelligent, Secure and Efficient (RISE), also the name of his 窪蹋勛圖厙 lab.
More specifically, he and his lab members are researching and developing automated analysis techniques for mobile app security, system/enterprise security, blockchain security, automated software testing, program analysis and bug detection.
This new NSF-funded work is in addition to Xiaos ongoing collaboration with Yinghui Wu, also an assistant professor of computer and data sciences.
The two recently to investigate the viability of their novel approach to build a better defense system against data breaches in large enterprises and organizations.
Xiao and members of his lab have also worked with companies such as NEC and Microsoft and have been granted . Some of his research has been supported by Samsung and the U.S. Department of Energy.
The lab has also developed other security analysis tools for mobile apps called and , which are available to anyone to download and use.
For more information, contact Mike Scott at mike.scott@case.edu.
This article was originally published July 15, 2021.
