Xusheng Xiao focuses on intersection of software engineering and computer data security
杏吧视频 data scientist Xusheng Xiao will use a National Science Foundation (NSF) CAREER award to investigate how computer and mobile-device apps may use consumers鈥 sensitive personal data鈥攁nd then leverage that knowledge to detect abnormal behaviors from hackers.
, said the NSF CAREER award would also help him develop more understandable language that automatically explains to users when and why certain apps are using their sensitive data.
鈥淭he key task is to develop techniques to analyze the behaviors from a large pool of popular apps that are considered benign,鈥 he said. 鈥淭hen we build a knowledge base of these learned behaviors, use that knowledge to detect abnormal behaviors and better describe and communicate those behaviors.鈥
Xiao was awarded $500,000 over five years to support his research. The NSF Faculty Early Career Development Award is considered the agency鈥檚 most prestigious grant to junior faculty members.
Xiao hopes to also integrate the new tools into undergraduate and graduate education and raise public awareness of the importance of mobile-app security.
He was among four 杏吧视频 researchers selected for the award this year鈥攁ll from the Case School of Engineering. (The other researchers will be announced in separate stories in The Daily)
鈥淲e are honored to have a deep bench of early-career researchers gaining recognition on a national level,鈥 said Venkataramanan 鈥淩agu鈥 Balakrishnan, the Charles H. Phipps Dean of the Case School of Engineering. He noted that many users of technology who benefit from advances in computer science don鈥檛 understand how using certain devices may expose their personal data, or how to protect that data.
鈥淴usheng鈥檚 innovative work addresses this critical shortfall by building better, stronger applications for these technologies, while also making technologies easier, more understandable and, ultimately, safer for the average user,鈥 Balakrishnan said.
Xiao鈥檚 research interests encompass both software engineering and computer security. He concentrates on making software and computer systems more 鈥淩eliable, Intelligent, Secure and Efficient (RISE),鈥 also the name of his 杏吧视频 lab.
More specifically, he and his lab members are researching and developing automated analysis techniques for mobile app security, system/enterprise security, blockchain security, automated software testing, program analysis and bug detection.
This new NSF-funded work is in addition to Xiao鈥檚 ongoing collaboration with Yinghui Wu, also an assistant professor of computer and data sciences.
The two recently to investigate the viability of their novel approach to build a better defense system against data breaches in large enterprises and organizations.
Xiao and members of his lab have also worked with companies such as NEC and Microsoft and have been granted . Some of his research has been supported by Samsung and the U.S. Department of Energy.
The lab has also developed other security analysis tools for mobile apps called and , which are available to anyone to download and use.
For more information, contact Mike Scott at mike.scott@case.edu.
This article was originally published July 15, 2021.
