CSE PhD alumnus Qi Alfred Chen has been selected as the recipient of the ProQuest Distinguished Dissertation award from the Rackham Graduate School for his dissertation, “Securing Smart, Connected Systems Through Systematic Problem Analysis and Mitigation.” The award recognizes exceptional and unusually interesting work produced by doctoral students in the last phase of their graduate work.
Chen is now a tenure-track Assistant Professor at the University of California, Irvine’s Department of Computer Science. Chen received his MS (2014) and PhD (2018) degrees from U-M under the guidance of Prof. Z. Morley Mao.
His dissertation research was dedicated to developing proactive defense approaches to the new security challenges of a hyper-connected world. Smart, connected systems like smartphone networks, smart homes, and connected transportation technologies demand better security approaches than the ad hoc and reactive systems in current use. Instead, Chen’s approaches can systematically discover, analyze, and mitigate new security problems in these modern systems.
“So far we’ve found these systems are in fact relatively easy to trick,” Chen wrote in a post on The Conversation. “Just one car that’s transmitting fake data can cause enormous traffic jams, and several attack cars could work together to shut down whole areas.”
Chen’s dissertation focused on the two most fundamental capabilities in any smart, connected system: network stack and smart control. His work demonstrated that program analysis and network measurement can be used to identify new code-level and network-level security challenges in these systems and gain insights into the severity of different threats. Chen was able to leverage these techniques to discover a new attack vector (US-CERT alert TA16-144A) caused by the recent expansion in the domain name system, and new algorithm-level security vulnerabilities in the next-generation smart transportation systems.
On the defense side, these techniques were also used in his research to build the first automated detection tool for packet injection vulnerabilities, a recurring problem in network communication protocols.