Roxana Geambasu

Navigation

• Overview
• Research
• Publications
• Teaching
• Resume

Research

Broadly speaking, I am interested in computer systems research, including distributed systems, the Web, security and privacy, operating systems, and databases. More specifically, my current research focuses on the challenges and opportunities created by today's emerging technologies, such as the Web, cloud computing, and powerful mobile devices. Brief descriptions of my research projects follow.

For descriptions of the exciting projects in our broader systems group at Columbia, please see our Software Systems Lab page.

Current Projects

• CleanOS: New Mobile OS Abstractions for Managing Sensitive Data. Today's mobile OSes, such as Android, mismanage sensitive data in a variety of ways, placing it at great risk in face of physical or software attacks. For example, OSes accumulate significant amounts of sensitive data in cleartext memory; file systems retain deleted files by not purging their contents; and applications cache sensitive data indefinitely in memory for performance or convenience. CleanOS is a new mobile operating system designed to manage sensitive data rigorously and maintain a clean environment at any point in time. CleanOS introduces a new abstraction, called a sensitive data object, which tracks sensitive data in RAM and on disk and automatically encrypts it if it's not used for a period of time. Read about our initial steps on CleanOS in our OSDI 2012 paper.
• Evade: Cloud Architectures for Dealing with Intrusion Alarms. Large-scale clouds are magnets for increasingly sophisticated intrusion attacks. Intrusion detection systems have long been designed to detect and prevent such attacks, but they present a difficult challenge: achieving high detection rates results in huge numbers of false positives, for which no good mechanisms to handle them exist. We are building Evade, a new cloud architecture designed to deal with intrusion alarms cheaply and gracefully.
• Promiscuous: Scalable, Consistent Firehose for Data-Driven Service Integrations. Data has become the principal asset of the Internet era, which everyone strives to acquire and process. A new economy is emerging, in which striking amounts of continuously changing user data is being sold and shared for others to process upon. That economy needs to be controlled so that information can be shared efficiently, with strong semantic guarantees, and securely across multiple applications. To this end, we are building Promiscuous, an easy-to-use, strong-semantics, secure Web programming framework for large-scale, data-driven Web service integrations. This project is in collaboration with Prof. Jason Nieh from Columbia.
• vTube: An Interactive Repository of Executable Content for Long-term Content Preservation. Humangous amounts of data, software, and research artifacts are being produced today, including photos, documents, games, applications, and scientific models. While many techniques exist to ensure the availability of these digital contents in the short to medium term, little is known about long-term preservation. What will happen with these contents 50 years from now, when most of the libraries, codecs, OSes, and hardware platforms that they were created for will have evolved in non-backward-compatible ways? In collaboration with Prof. Mahadev Satyanarayanan from CMU and Dr. Kaustubh Joshi from ATT, we are building infrastructure necessary for long-term preservation and convenient access of such digital artifacts despite infrastructural change. Read about our first step toward this goal in our SoCC 2013 paper, which describes vTube, a YouTube-like system that stores, archives, and streams executable content, i.e., data or software plus all of their dependencies.

Notable Recent Projects

Past Projects

• CloudViews: Web Service Composition in Public Clouds. Today's migration of Web services to public clouds such as Amazon AWS creates an unprecedented environment where a myriad of Web services are co-located on the same cloud or the same data center. CloudViews investigates the unique opportunities for Web service sharing and composition that is spawned by the public-cloud environment. CloudViews' vision is described in our HotCloud 2009 paper.
• Menagerie: Personal Web-Data Organization. The radical shift from the desktop to Web-based services is scattering personal data across a myriad of Web sites, such as Yahoo! Mail, Google Docs, Facebook, and Amazon S3. Menagerie addresses some of the data management challenges raised by this dispersion by providing users and applications with a uniform view of all scattered Web data. More details about Menagerie can be found in our WWW 2008 paper.
• Fault-tolerant File System Specifications. During my summer internship with Microsoft Research (Silicon Valley) in 2007, I worked on creating and analyzing formal specifications for several fault-tolerant file systems: Niobe, GFS, and Chain Replication. Our goal was to explore the extent to which formal methods could help in fault-tolerant file system analysis, design, and comparison. Our results and experience are described in our DSN-DCCS 2008 paper.
• HomeViews: Personal File Organization and Sharing. Today's users possess enormous amounts of data. To facilitate the organization and sharing of their data, we designed HomeViews, a peer-to-peer data management system that allows users to create database-style views of their data and share them securely with other users. Details about this system are available in our SIGMOD 2007 paper.
• FlowDB: Using Relational Databases in Network Intrusion Analysis. In the FlowDB project, we investigated whether out-of-the-box relational databases are amenable for use as backends for network intrusion detection systems (NIDSs). To cope with high input rates, these systems typically come with their own custom storage backends. These custom solutions, however, impose severe limitations on query processing at forensic analysis time. In FlowDB, we evaluated a set of techniques for making relational databases amenable for use under NIDSs. Our results are described in our NetDB 2007 paper.