Defense Notices


All students and faculty are welcome to attend the final defense of EECS graduate students completing their M.S. or Ph.D. degrees. Defense notices for M.S./Ph.D. presentations for this year and several previous years are listed below in reverse chronological order.

Students who are nearing the completion of their M.S./Ph.D. research should schedule their final defenses through the EECS graduate office at least THREE WEEKS PRIOR to their presentation date so that there is time to complete the degree requirements check, and post the presentation announcement online.

Upcoming Defense Notices

Jennifer Quirk

Aspects of Doppler-Tolerant Radar Waveforms

When & Where:


Nichols Hall, Room 129 (Apollo Auditorium)

Committee Members:

Shannon Blunt, Chair
Patrick McCormick
Charles Mohr
Alessandro Salandrino
Zsolt Talata

Abstract

The Doppler tolerance of a waveform refers to its behavior when subjected to a fast-time Doppler shift imposed by scattering that involves nonnegligible radial velocity. While previous efforts have established decision-based criteria that lead to a binary judgment of Doppler tolerant or intolerant, it is also useful to establish a measure of the degree of Doppler tolerance. The purpose in doing so is to introduce a Doppler "quasi-tolerant" trade-space that can ultimately inform automated/cognitive waveform design in increasingly complex and dynamic radio frequency (RF) environments. This idea of Doppler quasi-tolerance leads to the development of random FM (RFM) waveforms that retain a degree of Doppler tolerance while still providing the diversity of a nonrepeating waveform structure. The ensuing ambiguity functions split the delay/Doppler ridge into a variety of different patterns. Since these patterns are known at transmission, a strategy for appropriate coherent slow time combining is demonstrated in simulation. Separately, the application of slow-time coding (STC) to the Doppler-tolerant linear FM (LFM) waveform has been examined for disambiguation of multiple range ambiguities. However, using STC with non-adaptive Doppler processing often results in high Doppler "cross-ambiguity" side lobes that can hinder range disambiguation despite the degree of separability imparted by STC. To enhance this separability, a gradient-based optimization of STC sequences is developed, and a "multi-range" (MR) modification to the reiterative super-resolution (RISR) approach that accounts for the distinct range interval structures from STC is examined. The efficacy of these approaches is demonstrated using open-air measurements. Pulse agility is an alternative range disambiguation technique that relies on pulse-to-pulse waveform separability. Although pulse-agile waveforms are often uncorrelated and therefore amenable to range disambiguation, they may exhibit poor Doppler tolerance. To preserve Doppler tolerance and achieve separability, a class of hybrid waveforms is developed whereby a phase code is embedded on an LFM base waveform. A gradient-based optimization is developed for this waveform structure to achieve enhanced suppression of range-folded scattering in desired delay/Doppler regions. The Doppler tolerance and separability of the optimized waveforms are examined in simulation, and open-air measurements are used to demonstrate the range disambiguation capability.


Abdalla Hassan Eltom

Bringing Anytime Perception to Real Hardware: An Embedded Deployment of the Autoware Stack with Dynamic Resolution Scaling

When & Where:


Nichols Hall, Room 250 (Gemini Conference Room)

Committee Members:

Heechul Yun, Chair
Prasad Kulkarni
Shawn Keshmiri


Abstract

Deploying deep neural networks for perception on autonomous vehicles forces a compromise between how accurately the system perceives and how quickly it responds. This compromise is especially binding on embedded compute platforms, where limited processing power means a high-accuracy detector may fail to finish within the control loop's timing budget, leaving the vehicle to act on outdated information. Anytime perception offers a way to manage this by adjusting inference cost at runtime, but its benefits have so far been shown mainly in simulation, with little evidence from physical deployment.

This thesis provides that evidence. We take MURAL — a multi-resolution anytime LiDAR detector previously integrated into the Autoware stack and evaluated in the AWSIM simulator — and deploy it on a physical mid-size rover, running the full sensing-to-actuation pipeline on a single NVIDIA Jetson AGX Orin. Reaching a working deployment required substantial adaptation of a stack originally built for full-scale vehicles in simulation, from retargeting the vehicle model to rover scale to bringing the entire pipeline on-board a single embedded device.

By carrying the complete stack onto real hardware, this work makes it possible to evaluate anytime perception under the conditions it was designed for: a full autonomous-driving pipeline running on an edge device in the physical world. We assess, through end-to-end physical experiments, whether dynamically scaling detection resolution delivers a real performance benefit on embedded hardware — providing, to our knowledge, the first true evaluation of anytime perception for edge-deployed autonomous driving.


Past Defense Notices

Dates

Fatima Al-Shaikhli

Fiber Property Characterization based on Electrostriction

When & Where:


Nichols Hall, Room 250 (Gemini Room)

Committee Members:

Rongqing Hui, Chair
Shannon Blunt
Shima Fardad


Abstract

Electrostriction in an optical fiber is introduced by the interaction between the forward propagated optical signal and the acoustic standing waves in the radial direction resonating between the center of the core and the cladding circumference of the fiber. The response of electrostriction is dependent on fiber parameters, especially the mode field radius. A novel technique is demonstrated to characterize fiber properties by means of measuring their electrostriction response under intensity modulation. As the spectral envelope of electrostriction-induced propagation loss is anti-symmetrical, the signal-to-noise ratio can be significantly increased by subtracting the measured spectrum from its complex conjugate. It is shown that if the transversal field distribution of the fiber propagation mode is Gaussian, the envelope of the electrostriction-induced loss spectrum closely follows a Maxwellian distribution whose shape can be specified by a single parameter determined by the mode field radius. 


Sohaib Kiani

Exploring Trustworthy Machine Learning from a Broader Perspective: Advancements and Insights

When & Where:


Nichols Hall, Room 250 (Gemini Room)

Committee Members:

Bo Luo, Chair
Alexandru Bardas
Fengjun Li
Cuncong Zhong
Xuemin Tu

Abstract

Machine learning (ML) has transformed numerous domains, demonstrating exceptional per-

performance in autonomous driving, medical diagnosis, and decision-making tasks. Nevertheless, ensuring the trustworthiness of ML models remains a persistent challenge, particularly with the emergence of new applications. The primary challenges in this context are the selection of an appropriate solution from a multitude of options, mitigating adversarial attacks, and advancing towards a unified solution that can be applied universally.

The thesis comprises three interconnected parts, all contributing to the overarching goal of improving trustworthiness in machine learning. Firstly, it introduces an automated machine learning (AutoML) framework that streamlines the training process, achieving optimum performance, and incorporating existing solutions for handling trustworthiness concerns. Secondly, it focuses on enhancing the robustness of machine learning models, particularly against adversarial attacks. A robust detector named "Argos" is introduced as a defense mechanism, leveraging the concept of two "souls" within adversarial instances to ensure robustness against unknown attacks. It incorporates the visually unchanged content representing the true label and the added invisible perturbation corresponding to the misclassified label. Thirdly, the thesis explores the realm of causal ML, which plays a fundamental role in assisting decision-makers and addressing challenges such as interpretability and fairness in traditional ML. By overcoming the difficulties posed by selective confounding in real-world scenarios, the proposed scheme utilizes dual-treatment samples and two-step procedures with counterfactual predictors to learn causal relationships from observed data. The effectiveness of the proposed scheme is supported by theoretical error bounds and empirical evidence using synthetic and real-world child placement data. By reducing the requirement for observed confounders, the applicability of causal ML is enhanced, contributing to the overall trustworthiness of machine learning systems.


Prashanthi Mallojula

On the Security of Mobile and Auto Companion Apps

When & Where:


Nichols Hall, Room 246 (Executive Conference Room)

Committee Members:

Bo Luo, Chair
Alex Bardas
Fengjun Li
Hongyang Sun
Huazhen Fang

Abstract

Today’s smartphone platforms have millions of applications, which not only access users’ private data but also information from the connected external services and IoT/CPS devices. Mobile application security involves protecting sensitive information and securing communication between the application and external services or devices. We focus on these two key aspects of mobile application security.

In the first part of this dissertation, we aim to ensure the security of user information collected by mobile apps. Mobile apps seek consent from users to approve various permissions to access sensitive information such as location and personal information. However, users often blindly accept permission requests and apps start to abuse this mechanism. As long as a permission is requested, the state-of-the-art security mechanisms will treat it as legitimate. We ask the question whether the permission requests are valid? We attempt to validate permission requests using statistical analysis on permission sets extracted from groups of functionally similar apps. We detected mobile applications with abusive permission access and measure the risk of information leaks through each mobile application.

Second, we propose to investigate the security of auto companion apps. Auto companion apps are mobile apps designed to remotely connect with cars to provide features such as diagnostics, navigation, entertainment, and safety alerts. However, this can lead to several security threats, for instance, onboard information of vehicles can be tracked or altered through a malicious app. We design a comprehensive security analysis framework on automotive companion apps all stages of communication and collaboration between vehicles and companion apps such as connection establishment, authentication, encryption, information storage, and Vehicle diagnostic and control command access. By conducting static and network traffic analysis of Android OBD apps, we identify a series of vulnerability scenarios. We further evaluate these vulnerabilities with vehicle-based testing and identify potential security threats associated with auto companion apps


Michael Neises

Trustworthy Measurements of a Linux Kernel and Layered Attestation via a Verified Microkernel

When & Where:


Nichols Hall, Room 246 (Executive Conference Room)

Committee Members:

Perry Alexander, Chair
Drew Davidson
Matthew Moore
Cuncong Zhong
Corey Maley

Abstract

Layered attestation is a process by which one can establish trust in a remote party. It is a special case of attestation in which different layers of the attesting system are handled distinctly. This type of trust is desirable because a vast and growing number of people depend on networked devices to go about their daily lives. Current architectures for remote attestation are lacking in process isolation, which is evidenced by the existence of virtual machine escape exploits. This implies a deficiency of trustworthy ways to determine whether a networked Linux system has been exploited. The seL4 microkernel, uniquely in the world, has machine-checked proofs concerning process confidentiality and integrity. The seL4 microkernel is leveraged here to provide a verified level of software-based process isolation. When complemented with a comprehensive collection of measurements, this architecture can be trusted to report its own corruption. The architecture is described, implemented, and tested against a variety of exploits, which are detected using introspective measurement techniques.


Blake Douglas Bryant

Building Better with Blocks – A Novel Secure Multi-Channel Internet Memory Information Control (S-MIMIC) Protocol for Complex Latency Sensitive Applications

When & Where:


Eaton Hall, Room 2001B

Committee Members:

Hossein Saiedian, Chair
Arvin Agah
Perry Alexander
Bo Luo
Reza Barati

Abstract

Multimedia networking is the area of study associated with the delivery of heterogeneous data including, but not limited to, imagery, video, audio, and interactive content. Multimedia and communication network researchers have continually struggled to devise solutions for addressing the three core challenges in multimedia delivery: security, reliability, and performance. Solutions to these challenges typically exist in a spectrum of compromises achieving gains in one aspect at the cost of one or more of the others. Networked videogames represent the pinnacle of multimedia presented in a real-time interactive format. Continual improvements to multimedia delivery have led to tools such as buffering, redundant coupling of low-resolution alternative data streams, congestion avoidance, and forced in-order delivery of best-effort service; however, videogames cannot afford to pay the latency tax of these solutions in their current state.

I developed the Secure Multi-Channel Internet Memory Information Control (S-MIMIC) protocol as a novel solution to address these challenges. The S-MIMIC protocol leverages recent developments in blockchain and distributed ledger technology, coupled with creative enhancements to data representation and a novel data model. The S-MIMIC protocol also implements various novel algorithms for create, read, update, and delete (CRUD) interactions with distributed ledger and blockchain technologies. For validation, the S-MIMIC protocol was integrated with an open source open source First-Person Shooter (FPS) videogame to demonstrate its ability to transfer complex data structures under extreme network latency demands. The S-MIMIC protocol demonstrated improvements in confidentiality, integrity, availability and data read operations under all test conditions. Data write performance of S-MIMIC is slightly below traditional TCP-based networking in unconstrained networks, but matches performance in networks exhibiting 150 milliseconds of delay or more.

Though the S-MIMIC protocol was evaluated for use in networked videogames, its potential uses are far reaching with promising applicability to medical information, legal documents, financial transactions, information security threat feeds and many other use cases that require security, reliability and performance guarantees.


Zeyan Liu

Towards Robust Deep Learning Systems against Stealthy Attacks

When & Where:


Nichols Hall, Room 246 (Executive Conference Room)

Committee Members:

Bo Luo, Chair
Alex Bardas
Fengjun Li
Zijun Yao
John Symons

Abstract

The deep neural network (DNN) models are the core components of the machine learning solutions. However, their wide adoption in real-world applications raises increasing security concerns. Various attacks have been proposed against DNN models, such as the evasion and backdoor attacks. Attackers utilize adversarially altered samples, which are supposed to be stealthy and imperceptible to human eyes, to fool the targeted model into misbehaviors. This could result in severe consequences, such as self-driving cars ignoring traffic signs or colliding with pedestrians.

In this work, we aim to investigate the security and robustness of deep learning systems against stealthy attacks. To do this, we start by reevaluating the stealthiness assumptions made by the start-of-the-art attacks through a comprehensive study. We implement 20 representative attacks on six benchmark datasets. We evaluate the visual stealthiness of the attack samples using 24 metrics for image similarity or quality and over 30,000 annotations in a user study. Our results show that the majority of the existing attacks introduce non-negligible perturbations that are not stealthy. Next, we propose a novel model-poisoning neural Trojan, namely LoneNeuron, which introduces only minimum modification to the host neural network with a single neuron after the first convolution layer. LoneNeuron responds to feature-domain patterns that transform into invisible, sample-specific, and polymorphic pixel-domain watermarks. With high attack specificity, LoneNeuron achieves a 100% attack success rate and does not compromise the primary task performance. Additionally, its unique watermark polymorphism further improves watermark randomness, stealth, and resistance to Trojan detection.


Jonathan Owen

Real-Time Cognitive Sense-and-Notch Radar

When & Where:


Nichols Hall, Room 129, Ron Evans Apollo Auditorium

Committee Members:

Shannon Blunt, Chair
Chris Allen
Carl Leuschen
James Stiles
Zsolt Talata

Abstract

Spectrum sensing and transmit waveform frequency notching is a form of cognitive radar that seeks to reduce mutual interference with other spectrum users in a cohabitated band. With the reality of increasing radio frequency (RF) spectral congestion, radar systems capable of dynamic spectrum sharing are needed. The cognitive sense-and-notch (SAN) emission strategy is experimentally demonstrated as an effective way to reduce the interference that the spectrum sharing radar causes to other in-band users. The physical radar emission is based on a random FM waveform structure possessing attributes that are inherently robust to range-Doppler sidelobes. To contend with dynamic interference the transmit notch may be required to move during the coherent processing interval (CPI), which introduces a nonstationarity effect that results in increased residual clutter after cancellation. The nonstationarity effect is characterized and compensated for using computationally efficient processing methods. The steps from initial analysis of cognitive system performance to implementation of sense-and-notch radar spectrum sharing in real-time are discussed.


Nick Kellerman

A MISO Frequency Diverse Array Implementation

When & Where:


Nichols Hall, Room 246 (Executive Conference Room)

Committee Members:

Patrick McCormick, Chair
Chris Allen
Shannon Blunt
James Stiles

Abstract

Estimating the spatial angle of arrival for a received radar signal traditionally entails measurements across multiple antenna elements. Spatially diverse Multiple Input Multiple Output (MIMO) emission structures, such as the Frequency Diverse Array (FDA), provide waveform separability to achieve spatial estimation without the need for multiple receive antenna elements. A low complexity Multiple Input Single Output (MISO) radar system leveraging the FDA emission structure coupled with the Linear Frequency Modulated Continuous Wave (LFMCW) waveform is experimentally demonstrated that estimates range, Doppler and spatial angle information of the illuminated scene using a single receiver antenna element. In comparison to well-known spatially diverse emission structures (i.e., Doppler Division Multiple Access (DDMA) and Time Division Multiple Access (TDMA)), LFMCW-FDA is shown to retain the full range and Doppler unambiguous spaces at the cost of a reduced range resolution. To combat the degraded range performance, an adaptive algorithm is introduced with initial results showing the ability to improve separability of closely spaced scatterers in range and angle. With the persistent illumination achieved by the emission structure, demonstrated performance, and low complexity architecture, the LFMCW-FDA system is shown to have attractive features for use in a low-resolution search radar context.


Christian Jones

Robust and Efficient Structure-Based Radar Receive Processing

When & Where:


Eaton Hall, Room 2001B

Committee Members:

Shannon Blunt, Chair
Chris Allen
Suzanne Shontz
James Stiles
Zsolt Talata

Abstract

Legacy radar systems largely rely on repeated emission of a linear frequency modulated (LFM) or chirp waveform to ascertain scattering information from an environment. The prevalence of these chirp waveforms largely stems from their simplicity to generate, process, and the general robustness they provide towards hardware effects. However, this traditional design philosophy often lacks the flexibility and dimensionality needed to address the dynamic “complexification” of the modern radio frequency (RF) environment or achieve current operational requirements where unprecedented degrees of sensitivity, maneuverability, and adaptability are necessary.

Over the last couple of decades analog-to-digital and digital-to-analog technologies have advanced exponentially, resulting in tremendous design degrees of freedom and arbitrary waveform generation (AWG) capabilities that enable sophisticated design of emissions to better suit operational requirements. However, radar systems typically require high powered amplifiers (HPA) to contend with the two-way propagation. Thus, transmitter-amenable waveforms are effectively constrained to be both spectrally contained and constant amplitude, resulting in a non-convex NP-hard design problem.

While determining the global optimal waveform can be intractable for even modest time-bandwidth products (TB), locally optimal transmitter-amenable solutions that are “good enough” are often readily available. However, traditional matched filtering may not satisfy operational requirements for these sub-optimal emissions. Using knowledge of the transmitter-receiver chain, a discrete linear model can be formed to express the relationship between observed measurements and the complex scattering of the environment. This structured representation then enables more sophisticated least-square and adaptive estimation techniques to better satisfy operational needs, improve estimate fidelity, and extend dynamic range.

However, radar dimensionality can be enormous and brute force implementations of these techniques may have unwieldy computational burden on even cutting-edge hardware. Additionally, a discrete linear representation is fundamentally an approximation of the dynamic continuous physical reality and model errors may induce bias, create false detections, and limit dynamic range. As such, these structure-based approaches must be both computationally efficient and robust to reality.

Here several generalized discrete radar receive models and structure-based estimation schemes are introduced. Modifications and alternative solutions are then proposed to improve estimate fidelity, reduce computational complexity, and provide further robustness to model uncertainty.


Archana Chalicheemala

A Machine Learning Study using Gene Expression Profiles to Distinguish Patients with Non-Small Cell Lung Cancer

When & Where:


Eaton Hall, Room 2001B

Committee Members:

Zijun Yao, Chair
Prasad Kulkarni
Hongyang Sun


Abstract

Early diagnosis can effectively treat non-small cell lung cancer (NSCLC). Lung cancer cells usually have altered gene expression patterns compared to normal cells, which can be utilized to predict cancer through gene expression tests. This study analyzed gene expression values measured from 15227-probe microarray, and 290 patients consisting of cancer and control groups, to find relations between the gene expression features and lung cancer. The study explored k-means, statistical tests, and deep neural networks to obtain optimal feature representations and achieved the highest accuracy of 82%. Furthermore, a bipartite graph was built using the Bio Grid database and gene expression values, where the probe-to-probe relationship based on gene relevance was leveraged to enhance the prediction performance.