CyLab names 2021 Presidential Fellows

Since 2014, CyLab has recognized high-achieving Ph.D. students pursuing security and/or privacy-related research with a CyLab Presidential Fellowship. Fellowships cover one year of tuition.

“The committee had a hard time deciding among many extremely qualified students this year,” says CyLab’s Nicolas Christin, who chaired this year’s selection committee. “The fellows that were selected represent the best of the best Carnegie Mellon, and CyLab, have to offer, and we are fortunate to have them here.”

In addition to Christin, this year’s selection committee included Giulia Fanti, Corina Pasareanu, and Rohan Padhye. 

This year’s CyLab Presidential Fellowship recipients are:

Nirav Atre

Ph.D. student in the Computer Science Department (CSD), advised by CSD Professor Justine Sherry

Atre’s research focuses on a class of cyberattacks known as algorithmic complexity attacks (ACAs). When a malicious hacker deploys an ACA, they send traffic that is designed to be extremely expensive to process, bringing computer servers to a crawl and ruining the browsing experience for regular users. Atre is working to develop general techniques to protect vulnerable network deployments from the debilitating impact of ACAs.

Denial-of-Service (DoS) attacks such as ACAs are purported to cost the industry upwards of $10 billion per year in lost revenue and operational expenses.

“This fellowship will support my efforts to implement practical defenses against such attacks, to shield service providers from the associated costs, and to ensure that users experience uninterrupted service,” says Atre.

Tianshi Li

Ph.D. student in the Human-Computer Interaction Institute (HCII), advised by HCII Professor Jason Hong

Li’s research focuses on helping developers make privacy-friendly apps. She’s particularly interested in understanding why developers create apps that violate users’ expectations of privacy. She believes that if developers had tools to make protecting users’ privacy an easier task, then the apps they create would more likely prioritize protecting user privacy.

“Most developers are not privacy experts, while they have little support to comply with the ever-growing privacy requirements,” says Li. “This fellowship will help me continue exploring the design space of developer tools for privacy and release the tools I built to benefit real-world developers and their users.”

Yifan Song

Ph.D. student in CSD, advised by CSD Professor Vipul Goyal

Song’s research focuses on the notion of multi-party computation (MPC), which allows several mutually distrusted parties to compute a common function while protecting the privacy of their inputs. MPC is a powerful tool to solve the privacy issue and has many applications in the real world, such as distributed voting and private bidding and auctions. Song aims to improve the concrete efficiency of MPC to make it more practical for real world applications. 

“I feel very honored to be selected as one of the CyLab Presidential Fellows,” Song says. “This fellowship represents as a recognition of my previous achievements and my future plans, and it will encourage me to continue doing research along the line of efficient MPC.”

Milijana Surbatovich

Ph.D. student in Electrical and Computer Engineering (ECE), advised by ECE Professors Limin Jia and Brandon Lucia

Surbatovich’s research focuses on intermittently-powered energy-harvesting devices, which are devices that do not need battery maintenance, instead operating only when energy is available to harvest and thus frequently turning on and off. While maintenance freedom enables these devices to be deployed in exciting new environments—such as in tiny-satellites or smart city sensing—this intermittent operational cycle makes proving necessary software correctness and security properties difficult. Her research aims to provide both formal models of correctness properties and the runtime systems that guarantee these properties.

“The support from this fellowship will allow me to pursue my research in operationalizing formal correctness reasoning to provide practical tools and systems that programmers can use to guarantee that their intermittent-computing applications will run correctly and securely,” Surbatovich says.