National Science Foundation Selects the Kahlert School to Serve as the Site for Engaging Undergraduates in Research on Trust and Reproducibility of Intelligent Computation
The National Science Foundation has awarded a prestigious new research experience for undergraduates (REU) site to the Kahlert School of Computing entitled Trust and Reproducibility of Intelligent Computation (TREU). Led by Principal Investigator Prof. Ganesh Gopalakrishnan and Co-Principal Investigator and Director of the School Prof. Mary Hall (pictured above), the TREU REU site will train undergraduate students over 10 weeks during each of its three years. The selected students will learn valuable technical and soft skills to help them to become future leaders in the field of intelligent computational research.
Top Row: Profs. Bhaskara, Eide, Elhabian
Middle Row: Profs. Phillips, Sadayappan, Sundar
Bottom Row: Profs Wiese, Wiese, Zhang
“TREU offers our trainees a unique opportunity to learn about four prominent driving forces behind today's scientific research and connected living, namely high-performance computing and machine learning, cloud, and wireless networking. These topics are prominently represented at the Kahlert School through world-class faculty members and state-of-the-art research facilities. The learning experience will be contextualized and delivered around the themes of responsible research and inclusion.”
- Prof. Ganesh Gopalakrishnan, Principal Investigator
The TREU program will introduce trainees to the basics of many exciting and crucially important computer science research areas. The program emphasizes hands-on demonstration of these technologies and methods to enhance trust and reproducibility. In addition to a wide variety of technical skills, the program will equip trainees to apply the skills in an ethical, inclusive manner.
Students will gain exposure to several concepts throughout the program. Highlights include High-Performance Computing (HPC), image classification using machine learning, advanced wireless networking in the context of the POWDER project, ethics & inclusion, and research training. For a more detailed description of course modules, please visit https://treu.cs.utah.edu/. In addition, trainees will have frequent opportunities to help build their social and academic network while taking advantage of Utah’s abundant and unique natural resources.
“TREU allows the Kahlert School of Computing to build on the multi-million dollar research infrastructure that is University of Utah is uniquely blessed with thanks to prior flagship NSF projects such as Cloudlab and POWDER. We are excited to invite top students from across the nation to spend ten weeks on our beautiful campus over three successive years, and experience world-class research in a picture postcard setting. As is well-known, individuals who have spent time at the University of Utah are our best long-term ambassadors.”
- Prof. Mary Hall, Director, Co-Principal Investigator
TREU welcomes applications from undergraduates across the country at all levels. Students from backgrounds underrepresented in computer science, sophomores or juniors with knowledge of computer science basics, and students interested in graduate school are especially encouraged to apply. Applications close on April 15, 2023.
Mu Zhang Receives $65K Grant from Cisco to Enhance the Security of Smart Contracts
Mu Zhang, an assistant professor at the Kahlert School of Computing, and his research team have received a grant of US $65,421 from Cisco Research to look into safety issues surrounding smart contracts. Zhang’s research aims to develop new techniques to automatically and robustly understand the logic and risks of smart contracts. “It is very exciting to collaborate with industrial partners on solving real-world security problems in Fintech,” said Zhang.
Smart contracts are autonomous computer programs running on top of blockchain technology. Because smart contracts offer the unique ability to enable trustworthy and decentralized transactions, they are used in popular decentralized applications (DApps), such as NFT (Non-Fungible Token) marketplaces, emerging decentralized finance (DeFi) and digital games (e.g. CryptoKitties). Monthly transaction volumes for DApps alone are in billions of US dollars.
Since the use of smart contracts is booming, it is critical to ensure that they are implemented correctly and securely. Yet, current smart contracts can sometimes go wrong. Academic research as well as real-world attacks have shown that flawed logic in smart contracts may lead to severe financial losses. For example, US $60 million was stolen in the infamous DAO attack because of a bug in a smart contract.
Although many researchers have begun looking into the vulnerabilities in smart contracts, identifying faulty logic in them remains difficult. Take auction contracts for example. A “no-reserve” auction is an auction in which the item for sale will be sold regardless of price. As a result, the seller must not be allowed to participate, as the seller can reject an offer simply by placing a higher bid. If it is known that a smart contract is used to implement the auction logic, it can be verified whether it follows the “no-reserve” rule. But how can one tell if the auction is implemented with a smart contract?
Zhang's insight is that the intrinsic logic of financial applications lies in the robust control and data dependencies of smart contract code. For instance, an English auction requires identifying the highest bidder and comparing every new bid with the current highest bid. This means that there is a data dependency between the input (new bid) and the comparison. If a new bid is higher than the previous highest bid, the auction will accept the new bid price as the highest bid. This highlights a control dependency between the comparison result and the following actions.
To capture such dependencies, Zhang plans to perform static control flow and data flow analyses on the code for smart contracts and represent the extracted information as a novel graph. If two graphs are similar, they are likely to be based on the implementation of the same logic. Simply comparing the graph of a program with that of an auction contract can indicate if the auction is implemented via a smart contract program.
Nevertheless, comparing graphs is not trivial. It can be computationally expensive due to the graph isomorphism problem. To solve this problem, Zhang will employ a machine learning technique called graph representation learning. This technique can train a machine learning model to encode only the necessary graph information as a vector. Then, instead of comparing complex graphs, the similarity can be checked quickly check by comparing simple vectors.
Related to this project, Zhang has recently published the paper “Towards Automated Safety Vetting of Smart Contracts in Decentralized Applications,” one of 15 papers that won Best Paper Honorable Mention award at the 2022 ACM Conference on Computers and Communication Security (CCS 2022) in Los Angeles, CA. His research interests more broadly include developing tools to detect, diagnose and address security problems of software systems in different domains.