Xusheng Xiao focuses on intersection of software engineering and computer data security
Case Western Reserve University data scientist Xusheng Xiao will use a National Science Foundation (NSF) CAREER award to investigate how computer and mobile-device apps may use consumers’ sensitive personal data—and then leverage that knowledge to detect abnormal behaviors from hackers.
Xiao, an assistant professor of computer and data sciences, said the NSF CAREER award would also help him develop more understandable language that automatically explains to users when and why certain apps are using their sensitive data.
“The key task is to develop techniques to analyze the behaviors from a large pool of popular apps that are considered benign,” he said. “Then we build a knowledge base of these learned behaviors, use that knowledge to detect abnormal behaviors and better describe and communicate those behaviors.”
Xiao was awarded $500,000 over five years to support his research. The NSF Faculty Early Career Development Award is considered the agency’s most prestigious grant to junior faculty members.
Xiao hopes to also integrate the new tools into undergraduate and graduate education and raise public awareness of the importance of mobile-app security.
He was among four Case Western Reserve University researchers selected for the award this year—all from the Case School of Engineering. (The other researchers will be announced in separate stories in The Daily)
“We are honored to have a deep bench of early-career researchers gaining recognition on a national level,” said Venkataramanan “Ragu” Balakrishnan, the Charles H. Phipps Dean of the Case School of Engineering. He noted that many users of technology who benefit from advances in computer science don’t understand how using certain devices may expose their personal data, or how to protect that data.
“Xusheng’s innovative work addresses this critical shortfall by building better, stronger applications for these technologies, while also making technologies easier, more understandable and, ultimately, safer for the average user,” Balakrishnan said.
Xiao’s research interests encompass both software engineering and computer security. He concentrates on making software and computer systems more “Reliable, Intelligent, Secure and Efficient (RISE),” also the name of his Case Western Reserve lab.
More specifically, he and his lab members are researching and developing automated analysis techniques for mobile app security, system/enterprise security, blockchain security, automated software testing, program analysis and bug detection.
This new NSF-funded work is in addition to Xiao’s ongoing collaboration with Yinghui Wu, also an assistant professor of computer and data sciences.
The two recently received a three-year, $500,000 NSF grant to investigate the viability of their novel approach to build a better defense system against data breaches in large enterprises and organizations.
Xiao and members of his lab have also worked with companies such as NEC and Microsoft and have been granted six U.S. patents. Some of his research has been supported by Samsung and the U.S. Department of Energy.
The lab has also developed other security analysis tools for mobile apps called AppContext and WHYPER, which are available to anyone to download and use.
For more information, contact Mike Scott at mike.scott@case.edu.
This article was originally published July 15, 2021.