The brave new world of computer security

09/10/15 – BOSTON, MA. – Cristina Nita-Rotaru, Associate Professor in the Department of Computer Science. Her research lies at the intersection of information security, distributed systems, and computer networks. Photo by: Matthew Modoono/Northeastern University

We all worry about computer and network security, but Cristina Nita-Rotaru, a new professor in Northeastern’s College of Computer and Information Science, has been doing something about it: For 17 years she’s been researching how to keep our information both accessible and safe.

Nita-Rotaru is an expert on “distributed systems”—collections of computers that work together to achieve a goal. We rely on distributed systems when we read our email on gmail, access our music in the cloud, or shop online. Critical services, such as banking systems, also use distributed systems.

“Distributed systems facilitate access to data even if some computers go down,” says Nita-Rotaru. “They accomplish this by copying the data across several computers, and keeping it consistent as multiple users access and change it. For example, they guarantee that multiple clients shopping on a website don’t buy the same object and are charged just once.”

Her work must balance the yin and yang of our networked world: data availability against system dependability. That means she designs distributed systems that can “withstand compromise”—they still work despite misconfigurations and malicious attacks.

There’s a story we tell students when teaching security. You take a computer, and you lock it in a safe. You have a secure system. But what good is it? To be useful, computers must interact with each other through network protocols, which opens the door for attacks. So you have to weigh and measure tradeoffs.
— Cristina Nita-Rotaru, professor, College of Computer and Information Science

“There’s a story we tell students when teaching security,” she says. “You take a computer, and you lock it in a safe. You have a secure system. But what good is it? To be useful, computers must interact with each other through network protocols, which opens the door for attacks. So you have to weigh and measure tradeoffs.”

Recently, Nita-Rotaru and her collaborators analyzed the security and performance capabilities of Google’s new networking protocol QUIC—or, Quick UDP Internet Connections—a part of the Chrome browser.  She also oversaw the development of a technology called State-based Network AttacK Explorer, or SNAKE, that automatically targets attacks that could sabotage conversations between computers.

The pace of computer science research is lightning quick compared to that of other scientific disciplines, in terms of how the technology evolves and the challenges those changes present. That makes Northeastern an ideal place for Nita-Rotaru.

“Northeastern is an institution dedicated to redefining what higher education is,” she says. Its commitment to research, she notes, positively impacts our everyday lives.