UW computer scientists tout achievements and explain industry shortcomings

UW computer scientists tout achievements and explain industry shortcomings

MADISON, Wis. – Major advancements in computing performance were developed at the computer science and electrical engineering departments at the University of Wisconsin-Madison.
Innovations that have increased microprocessor performance, distributed database architectures, grid and cluster computing were some of the technologies touted by Professor Guri Sohi, department chair, and other faculty last Wednesday at Accelerate Madison’s monthly meeting.
Pentium-class microprocessor designs and resulting performance have drawn from a breakthrough called “out-of-order execution.” The first scalable distributed database, an advance that affected the development of modern enterprise databases, was also developed in the department, Sohi told the audience.
Like other Accelerate Madison presentations, the talk was recorded by Sonic Foundry, and a webcast is available.
One of the first university computer science departments, UW’s was founded in 1963. It consistently ranks as one of the top 10 in the country, according to the school’s Web site. The department now has 33 tenured and tenure-track faculty, more than 400 students, and a budget of approximately $13 million yearly. “The computer industry is not very good at supporting research,” Sohi said, explaining that most of the money came from federal funding.
Sohi discussed Moore’s Law — the observation Gordon Moore made in 1965 that the number of transistors on an integrated circuit tends to double every couple of years. Sohi predicted that, in order to cram more processing power into next-generation computers, manufacturers would go even further.
In the near future, he said, “you won’t be able to buy a computer chip that has only one processor on it.”
Computing in a flock
To make use of all that computing power, another UW project concentrates on distributed computing, which has been in use in academia for years and is now rapidly gaining corporate popularity.
“If scientists need it today and push for it, there’s a good chance that two, three, four years down the road, businesses will need it as well,” said Miron Livny, a computer science professor at UW-Madison who works with the Condor distributed computing project.
Condor, an architecture designed to deliver consisted processing power calculations that could take weeks or months to complete, distributes jobs across a computer cluster.
The project is used by many on-campus researchers, including the computer science department. “We really get a feeling for whether what we are doing is right or wrong,” Livny said. The number of off-campus users has also been steadliy increasing.
The Condor project incorporates about 2000 servers on the UW-Madison campus, which allow researchers to harness supercomputing power without needing actual supercomputer hardware, Livny said.
The system also finds use in media, with Core Digital Pictures having used it to aanimate the X-Men movies, among others.
Bank security: gone in eight minutes
Banks might be expected to have the toughest security around. But Professor Somesh Jha recalled that in a test run, a National Security Agency “Red Team” managed to execute a controlled break-in to a Swiss bank’s central data server within eight minutes (the identity of the bank was not disclosed.)
“Attackers are getting very good at changing their attacks,” Jha said. That means they can, for example, often slip past blacklists by pretending to be someone they’re not.
One of the things Jha’s team is looking at is the “background radiation of the Internet” — information being sent to unused Internet addresses, often by malicious code that strikes at random. By monitoring traffic that should not exist, they hope to gain information on the behavior and security of the Internet.
His team’s other projects include the detection of malicious computer code such as viruses (code that infects files), worms (code that attacks computers directly) or trojans (which look like benign software).
“A lot of organizations think, ‘If we have a firewall, we’re fine,'” he said. But that may not be enough, especially in the case of trojans, named after the legendary Trojan Horse, which people install on their own computers because they look like useful software.
That category includes “spyware” such as Kazaa, a popular peer-to-peer music sharing program that collects user information and sends it back to a central server, he said.
Virus scanners are also vulnerable, he said, because they often look for specific patterns of malicious code that can be easily changed. In recent test results that Jha displayed, three major commercial anti-virus packages — Norton, McAfee and Sophos — missed the majority of the landmark viruses released over the last five years, simply because they look for “signatures” that can be modified without changing the functionality of the virus.
That means, for example, that whenever a new virus comes out, typical anti-virus software has no defense against it until the anti-virus company issues an update, and users install it.
Which is not to say that virus scanners should be scrapped. But it does mean, Jha said, that anti-virus software needs to adopt more intelligent methods for detecting malicious code.