ICSI hosts basic, pre-competitive research of fundamental importance to computer science and engineering. Projects are chosen based on the interests of the Institute’s principal investigators and the strengths of its researchers and affiliated UC Berkeley faculty.

Recent projects are listed below; the full list of each group's projects is accessible via the links listed in the sidebar.

Co-Design of Network, Storage and Computation Fabrics for Disaggregated Datacenters

Traditional datacenters are built using servers, each of which tightly integrates a small amount of CPU, memory and storage onto a single motherboard. The slowdown of Moore's Law has led to surfacing of several fundamental limitations of such server-centric architectures (e.g, the memory-capacity wall making CPU-memory co-location unsustainable). As a result, a new computing paradigm is emerging --- a disaggregated datacenter architecture, where each resource type is built as a standalone "blade" and a network fabric interconnects the resource blades within and across datacenter racks.

Networking and Security
Universal Packet Scheduling

This project addresses a seemingly simple question: Is there a universal packet scheduling algorithm? More precisely, researchers are analyzing whether there is a single packet scheduling algorithm that, at a network-wide level, can perfectly match the results of any given scheduling algorithm. The question of universal packet scheduling is being investigated from both a theoretical and empirical perspective.

Networking and Security
Bro Intrusion Detection System Refinements

ICSI is working with LBNL on refinements to Zeek (formerly known as Bro). The work includes troubleshooting and resolving the most complex problems with the Zeek network monitor, development/integration of the communication framework, development and implementation of new features for the Input framework, and development of a persistence solution for the NetControl and Catch-and Release frameworks of Zeek/Bro. Zeek/Bro is an open-source network intrustion detection system developed at ICSI and LBNL which is currently in use at Fortune 500 companies, universities, and governments.

Networking and Security
Teaching Security

The Teaching Security project is providing classroom-ready materials to support high-school teachers in teaching about important cybersecurity principles, helping students understand the major vulnerabilities, why they occur, and what defensive strategies can be used. The materials focus on inquiry-based activities and hands-on interactive apps and demos that allow students to explore for themselves how cybersecurity works.

Audio and Multimedia, Usable Security and Privacy
Multimodal Feature Learning for Understanding Consumer Produced Multimedia Data

ICSI is working with LLNL on ongoing work on feature extraction and analytic techniques that map raw data from multiple input modalities (e.g., video, images, text) into a joint semantic space. This requires cutting edge research in multiple modalities, as well as in the mathematical methods to learn the semantic mappings.

Audio and Multimedia
When do Computers Discriminate? Toward Informing Users About Algorithmic Discrimination

In this collaborative project with University of Maryland, ICSI researchers are tackling the challenge of explaining what constitutes unacceptable algorithmic discrimination. Getting the answer to this question right is key to unlocking the potential of automated decision systems without eroding the ability of people to get a fair deal and advance in society.

Networking and Security
Variable Precision Computing LDRD Project

Large-scale physics simulations pose a significant challenge on the currently available computational resources, because of the costs of both communication and storage largely exceeding the cost of the actual computation. The efficient management of the Exascale data flows generated by a large-scale simulation is still an unsolved problem. This project aims to provide an initial solution to this problem.

Research Initiatives
Theory and Practice of Randomized Algorithms for Ultra-Large-Scale Signal Processing

The dramatic increase in our abilities to observe massive amounts of measurements coming from distributed and disparate high-resolution sensors have been instrumental in enhancing our understanding of many physical phenomena. Signal processing (SP) has been the primary driving force in this knowledge of the unseen from observed measurements. However, in the last decade, the exponential increase in observations has outpaced our computing abilities to process, understand, and organize this massive but useful information.

Big Data
Usable Security of Emerging Healthcare Technologies for Seniors

Older adults (65+) are becoming primary users of technologies, including emerging smart systems, especially in health care. However, such technologies are often not designed for older users and can pose serious privacy and security concerns due to their novelty, complexity, and propensity to collect vast amounts of sensitive information.

Usable Security and Privacy
Towards Automated Testing and Discovery of Interoperability

The difficulty of automated testing and discovery in interoperability depends on information explicitly known. Interoperability remains a challenging unsolved problem that depends on manual error-prone solutions and costs billions annually. The goal of this research is to investigate automated approach to verification and discovery of interoperability based on recently developed theory of property-based interoperability. This may enable the next generation of automatically composable and reconfigurable systems.

Funding provided by DARPA

Research Initiatives
Scaling Contextual Privacy to MDM Environments

It has long been understood that privacy and usability are often in tension: the privacy controls that are often mandated by workplace environments are difficult to use, which results in either low rates of compliance, negative impacts on job performance (e.g., being unable to perform various tasks due to access control restrictions), or inadvertent disclosure of sensitive information (i.e., privacy breaches).

Usable Security and Privacy
Mobile Dynamic Privacy and Security Analysis at Scale

Current approaches for detecting suspicious application activity on mobile platforms rely on static analysis: reverse-engineering and examining sequences of program code to infer application behavior. This method invariably falls short in that it can only detect what behaviors or capabilities a program might have, and not whether and to what extent a program actually engages in these behaviors. It is also susceptible to code obfuscation techniques commonly used by many mobile applications.

Usable Security and Privacy
Increasing Users' Cyber-Security Compliance by Reducing Present Bias

Despite recent advances in increasing computer security through automation, there are still situations in which humans must manually perform computer security tasks. These tasks may include enabling automatic updates, rebooting machines to apply those updates, configuring automatic backups, or enrolling in two-factor authentication. However, despite viewing these tasks as important for security, many people still choose to ignore them. Two decades of usable security research have shown that these tasks are often seen as annoyances because they are almost never the user's primary objective.

Usable Security and Privacy
Creating an Evolvable, Diverse, and Dynamic Internet

The Internet has ushered in a new era of communication, and has supported an ever-growing set of applications that have transformed our lives. It is remarkable that all this has taken place with an Internet architecture that has remained unchanged for over forty years. While unfortunate, some view this architectural stagnation as inevitable. After all, it has long been a central tenet that the Internet needs a "narrow waist" at the internetworking layer (L3), a single uniform protocol adopted by everyone; given this assumption, changing this layer is inevitably hard.

Networking and Security
Towards Programming Datacenters

Datacenters have redefined the nature of high-end computing, but harnessing their computing power remains a challenging task. Initially, programming frameworks such as MapReduce, Hadoop, Spark, TensorFlow, and Flink provided a way to run large-scale computations. These frameworks took care of the difficult issues of scaling, fault-tolerance, and consistency, freeing the developer to focus on the logic of their particular application. However, each of these frameworks were aimed at a specific computational task (e.g., machine learning, data analytics, etc.), and are not fully general.

Networking and Security
De-Mystifying and Hardening the Domain Name System

When the DNS fails, nothing works. One does not need to look beyond many real-world advertising campaigns to appreciate that naming is one of the foundational elements upon which most higher layer Internet services are built. We use names as rendezvous points between users and services (e.g., Yet, we do not use names directly in traffic routing. Rather, we turn names into IP addresses via the Domain Name System (DNS). A DNS lookup is therefore a prerequisite for most Internet transactions.

Networking and Security
Combining stochastics and numerics for more meaningful matrix computations

The amount of data in our world has exploded, with data being at the heart of modern economic activity, innovation, and growth. In many cases, data are modeled as matrices, since an m x n matrix A provides a natural structure to encode information about m objects, each of which is described by n features. As a result, linear algebraic algorithms, and in particular matrix decompositions, have proven extremely successful in the analysis of datasets in the form of matrices.

Big Data
The Science of Privacy: Implications for Data Usage

The International Computer Science Institute (ICSI) in Berkeley, CA is the home to one of six NSA-funded lablets focused on security and privacy research. ICSI's lablet is led by Dr. Serge Egelman, head of the Usable Security and Privacy Research group at ICSI, and includes collaborators at Cornell Tech and UC Berkeley. Other lablets are centered at University of Kansas, Vanderbilt University, Carnegie-Mellon University, University of Illinois-Champaign, and North Carolina State University.

Usable Security and Privacy
AppCensus: Learn the Privacy Costs of Free Apps

There exists a mature ecosystem of developers and service providers that produce mobile applications, often offering them at zero up-front cost. These free apps are supported by advertising networks, who distribute software libraries that developers use for drop-in integration of ad delivery and audience tracking functionality. However, integrated advertiser code and core application code run with the same access privileges, a security and privacy risk not readily apparent to end-users and developers alike.

Usable Security and Privacy
Accountable Information Use: Privacy and Fairness in Decision-Making Systems

Increasingly, decisions and actions affecting people's lives are determined by automated systems processing personal data. Excitement over the positive contributions of these systems has been accompanied by serious concerns about their opacity and the threats that they pose to privacy, fairness, and other values. Recognizing these concerns, this project seeks to enable real-world automated decision-making systems to be accountable for privacy and fairness.

Networking and Security