Projects
ICSI hosts basic, pre-competitive research of fundamental importance to computer science and engineering. Projects are chosen based on the interests of the Institute’s principal investigators and the strengths of its researchers and affiliated UC Berkeley faculty.
Recent projects are listed below; the full list of each group's projects is accessible via the links listed in the sidebar.
When the DNS fails, nothing works. One does not need to look beyond many real-world advertising campaigns to appreciate that naming is one of the foundational elements upon which most higher layer Internet services are built. We use names as rendezvous points between users and services (e.g., www.twitter.com). Yet, we do not use names directly in traffic routing. Rather, we turn names into IP addresses via the Domain Name System (DNS). A DNS lookup is therefore a prerequisite for most Internet transactions.
The amount of data in our world has exploded, with data being at the heart of modern economic activity, innovation, and growth. In many cases, data are modeled as matrices, since an m x n matrix A provides a natural structure to encode information about m objects, each of which is described by n features. As a result, linear algebraic algorithms, and in particular matrix decompositions, have proven extremely successful in the analysis of datasets in the form of matrices.
The International Computer Science Institute (ICSI) in Berkeley, CA is the home to one of six NSA-funded lablets focused on security and privacy research. ICSI's lablet is led by Dr. Serge Egelman, head of the Usable Security and Privacy Research group at ICSI, and includes collaborators at Cornell Tech and UC Berkeley. Other lablets are centered at University of Kansas, Vanderbilt University, Carnegie-Mellon University, University of Illinois-Champaign, and North Carolina State University.
It has long been understood that privacy and usability are often in tension: the privacy controls that are often mandated by workplace environments are difficult to use, which results in either low rates of compliance, negative impacts on job performance (e.g., being unable to perform various tasks due to access control restrictions), or inadvertent disclosure of sensitive information (i.e., privacy breaches).
Older adults (65+) are becoming primary users of technologies, including emerging smart systems, especially in health care. However, such technologies are often not designed for older users and can pose serious privacy and security concerns due to their novelty, complexity, and propensity to collect vast amounts of sensitive information.
The Teaching Security project is providing classroom-ready materials to support high-school teachers in teaching about important cybersecurity principles, helping students understand the major vulnerabilities, why they occur, and what defensive strategies can be used. The materials focus on inquiry-based activities and hands-on interactive apps and demos that allow students to explore for themselves how cybersecurity works.
There exists a mature ecosystem of developers and service providers that produce mobile applications, often offering them at zero up-front cost. These free apps are supported by advertising networks, who distribute software libraries that developers use for drop-in integration of ad delivery and audience tracking functionality. However, integrated advertiser code and core application code run with the same access privileges, a security and privacy risk not readily apparent to end-users and developers alike.
Increasingly, decisions and actions affecting people's lives are determined by automated systems processing personal data. Excitement over the positive contributions of these systems has been accompanied by serious concerns about their opacity and the threats that they pose to privacy, fairness, and other values. Recognizing these concerns, this project seeks to enable real-world automated decision-making systems to be accountable for privacy and fairness.
Self-organizing network (SON) algorithms that were designed for the self-configuration, self-optimization, and self-healing of today's 4G networks exhibit various drawbacks. The two most severe drawbacks are (1) so-called SON use case coordination - the coordination of conflicting network parameter changes - which can lead to sub-optimal network configurations and, more likely, to a worsening of network performance, and (2) a qualitative and quantitative lack of input information to the SON, making reliable network management cumbersome.
This collaborative project led by LLNL is part of the DARPA TRAnsforming DESign (TRADES) program, and focuses on modeling, analysis and synthesis of complex parameterized multi-scale material structures.
The large-scale data being generated in many application domains promise to revolutionize scientific discovery, engineering and technological development, social science understanding, and our ability to monitor masses and influence behavior in subtle ways. In most applications, however, this promise has yet to be fulfilled. One major reason for this is the dificulty of using, in a low-friction manner, cutting-edge algorithmic and statistical tools to explore the data and develop domain-informed models of the processes generating the data.
In this collaborative project with UC Berkeley, ICSI PIs are working with the lead developer of the "Snowflake" censorship circumvention system to refine the code for production deployment in both the Tor Browser Bundle and as a stand-alone application. The work includes developing instrumentation to measure the usage of Snowflake as its deployment rolls out and analyzing the results to assess Snowflake's impact on enabling circumvention.
One of the Internet’s greatest strengths is the degree to which it facilitates access to any of its resources from users anywhere in the world. Various forces, however, have arisen that restrict particular users from accessing particular destinations, resulting in a "balkanization" of the network. This project explores apt methodologies for understanding such balkanization, an effort we will undertake in the context of examining "regional discrimination," i.e., the degree to which certain web services deny or degrade access to users from particular geographic regions.
In this ICSI project, researchers are working to improve speech recognition from noisy, often distorted audio taken from the body cameras of working police officers during traffic stops. This is part of a larger project at Stanford to extract information from these data. The Stanford project is focused on the analysis of the interactions between the officers and the communities they serve, in the hope that they could help to transform the relationship between the police and communities, produce solid data on officer-community interaction, and inform officer training programs.
A common informal definition of interoperability refers to the ability of a system, whose interfaces are completely understood, to work with other products or systems, present or future, without any restricted access or implementation. In the context of computational design and manufacturing, interoperability subsumes the problems of data sharing, exchange, and translation, as well as the problems of systems integration.
As scientific research requires free exchange of information and ideas among collaborators world-wide, scientists depend critically on full and open access to the Internet. Yet in today’s world, such open access also exposes sites to incessant network attacks. Some of the most powerful networks today remain particularly hard to defend: for the 100G environments and backbones that facilitate modern data-intensive sciences, classic inline firewalls remain infeasible options.
Your mobile phone hosts a rich array of information about you and your behavior. This includes a wide range of unique identifiers and sensitive personal information that enables online tracking, often times for delivering targeted advertisement. It is, however, striking how little insight and control we, as mobile users have into the operation and performance of our devices, into how (or whether) they protect information we entrust to them, and who they share it with.
A key ingredient of any scenario in cloud-based design and manufacturing and, more generally, in cybermanufacturing is the notion of virtualization of software and hardware resources in terms of open, interoperable and composable services. Such virtualization has proved challenging because modern manufacturing information systems are conceived and implemented as a federated integration of proprietary software tools that communicate via customized translators or by exchanging variety of neutral file formats.
Today’s wireless communications solutions provide infrastructure for delivering content. Content delivery occurs either within a constraint island of coverage, within the reach, for example, of a wireless local area network (WLAN), or ubiquitously from anywhere to anywhere using, for example, cellular infrastructure. Content delivered can be, for example, voice, videos, images, and web information. Unfortunately however, wireless communications infrastructure available to us today does not allow for the remote control of real or virtual objects, as end-to-end latency far exceeds 10ms.
Researchers at ICSI are leveraging well-studied individual differences in the psychology literature in order to improve computer security outcomes. Specifically, they are looking at how people with different decision-making styles may be more or less receptive to different types of security messaging. Applying techniques from behavioral economics, the goal is to frame security mitigations for individual users so that they see the security messages that are most likely to have an effect on them.