akrish

I just came back from WWW 2010 where I presented a research project I’ve been working on for the majority of my undergraduate years. The project is about building web applications with high level security properties that can be verified in a code review. This post is about the project and why I think it’s really cool.

I’d like to start off by convincing you that we need web applications with verifiable high-level security properties. First, what is a high level security property? It’s an application-specific guarantee about the privacy and integrity of user data maintained by the application. For example, as a user of an online banking application, I’d like some assurance that I cannot lose money unless I have authorized a transaction. I’d also like some guarantee that only I can view my account balances and transaction histories. These are high-level properties regarding the integrity and privacy of my data. And these are the kinds of guarantees that we want with our web applications; it’s not enough to just defend an app from XSS and CSRF.

Since these properties can be violated by the application itself (as opposed to external attackers), we have to make sure that the application does not violate them. This requires a code review. Unfortunately, with state-of-the-art technologies, and with sophisticated, complex applications, these code review are incredibly challenging. I would argue that they are infeasible. Why? Because verifying that a high-level property is achieved involves an exhaustive review of the application. With current application architectures, every object has the privileges necessary to violate whatever security property we’re interested in. In order guarantee that the application satisfies a property, we therefore have to make sure that the entire application does not violate it. Since applications are enormous, this is very challenging.

My project looked at making these code review easier by partitioning an application into components and granting only specific privileges to each component. Partitioning an application and exposing limited privileges facilitates a code review because now only parts of the application have the privileges needed to violate any particular security property. Auditors may not even have to look at certain application modules because they can guarantee a priori that those modules cannot violate the properties we are interested in.

All we’re doing here is bringing the idea of least privilege to web applications. We used an object capability approach to achieving least privilege in application components. Our goal was to confine each application component to a reduced-privilege context. We took a multi-faceted approach. First, we prevented application components from constructing additional privilege. We did this by requiring that applications are written in an object-capability language (in our case Joe-E). Second, we prevented the application from maintaining state outside of a semi-persistent session object (By semi-persistent, I mean that it lives in memory but is maintained across multiple HTTP requests). Combined, these two properties imply that all privileges to user data and resources must reside within the session object. Finally, we use wrapper objects to expose only a subset of the session object to each application component. This effectively confines each application component into a reduced-privilege context.

In terms of implementation, we built Capsules, a prototype framework that extends the Java Servlet Framework with these ideas. As mentioned, we require that applications are written in Joe-E, an object capability subset of Java. We use several Joe-E features to achieve the three aspects of our approach. First, Joe-E prevents objects from constructing privileges from scratch. Secondly, Joe-E allows us to declare application components (called Servlets) as immutable, which, in short, means that they cannot maintain state. Finally, Joe-E allows us to construct wrapper objects that actually encapsulate their internal state, so that Servlets must go through the interfaces exposed by the wrapper rather than using reflection to obtain a reference to the underlying session object. In this way, Joe-E helps us establish these reduced-privilege contexts.

We also conducted an evaluation of this framework by building a simple web mail application and verifying that the application maintains the privacy and integrity of user mailboxes. In this analysis, we discovered that there were several application components that we could completely ignore, simply because they had no way to violate the privacy and integrity properties. While our application was simple, we believe that this kind of analysis will also apply to more sophisticated applications, making it more practical to review these kinds of high-level properties.

So that’s a overview of the Capsules project. I’ve ommited most of the technical details so that I could concisely convey the main points. If you are interested, I encourage you to read our paper or see the slides for my talk (although I don’t think the slides will be very helpful apart from the pretty pictures). Finally, please feel free to contact me if you have questions or are interested in talking to me about the project.

Now that you’ve visited all of the schools you’ve been admitted to, it’s time to make a decision. For some people, this is a really easy process, for others (like me) this is incredibly difficult. A lot of people that I talked to made their decisions for various factors that didn’t really apply to me (i.e. family, girlfriend, etc.). If these “external” factors apply, then you’ll probably look at things like research and prestige.

Note: This article will be predominantly about my personal experience. I don’t really have any experience to talk about anything else. However, I think there may be some takeaways that are more generally applicable.

Disclaimer: A lot of this article is about my perception of graduate schools based on very short visits. At this point, I have no way of confirming these perceptions and I encourage you to make your own observations and come up with your own perceptions. I also do not intend to offend anyone at any of the schools I write about.

For me, the decision was ultimately between Carnegie Mellon University and MIT. While I visited both Princeton and the University of Washington, and both are excellent schools, I decided not to consider them for various reasons. I felt that I would not be happy at Princeton because there isn’t really much around except for the school and I felt that the students lived almost like undergrads, which I definitely didn’t want. At UW, there was only one professor who I was interested in working with and I felt it was kind of a risk to go to a school where there was only one potential advisor.

I really enjoyed my visit to CMU. First of all, my brother is a grad student there, so I got to hang out with him and meet a lot of his friends. I think part of the reason that I liked it so much was that his friends and the other students made me feel really welcome. Of course, I got to meet with several faculty members that I am interested in working with and I felt that I connected with some of them as well. It seemed like a much more friendly place and consequently, I left with a really warm feeling about the place.

I also enjoyed my visit to MIT but definitely less than the CMU one. The visit was less organized, which lead me to believe that they didn’t care as much about their admits (and consequently their students). Further, I didn’t get to interact with nearly as many grad students as I did at other schools, and this lead me to believe that the students were not as social as at other schools. At the same time, I met with a couple of professors that I was excited about working with, and of course, people are doing amazing research there. Ultimately, the social stuff doesn’t matter as much as the quality of research that I’ll be doing and I felt that at going to MIT I would have the opportunity to do really interesting stuff.

As a mentioned, I had a really hard time deciding between CMU and MIT. This was mostly because my intuition was telling me to choose CMU, but almost everyone else I talked to pushed me towards MIT. Usually, what other people think doesn’t really concern me, but for some reason this time it really made me doubt my gut; I think part of this was that my roommates were relentless in convincing me to choose MIT.

Ultimately, I decided on CMU for several reasons. For one, after reading several computational biology papers, I started to feel that I was more interesting in the methods side of the field and less interested in the data side. The research going on at MIT is definitely more data-driven, whereas at CMU there are people interested in biological results as well as methods. In terms of methods, I’m interested in machine learning approaches and CMU is basically the place to be for machine learning research.

Additionally, I mentioned that I felt more welcome at CMU and along with this, I felt that I would fit in better socially there. I don’t think this should be discounted, because I’m going to be a grad student for several years; if I’m unhappy, I’m very likely to quit or leave with a masters, which is not my goal. Obviously, it’s hard to determine where you will be happy from just a visit weekend, but it’s still something you should think about. Anyway, when making a decision between similar programs (in terms of research), you may want to think about your expected happiness.

One reason that a lot of my friends pushed me towards MIT was this prestige issue. Certainly, MIT has a better reputation that CMU in the eyes of the general public. However, in the CS community, both schools are pretty equivalent and in the machine learning community, I would argue that CMU is a little more prestigious. I think a lot of people are inclined to think about this because attending a prestigious institution will open doors for you later on in life. For most degrees, I agree; however, for PhD. programs, I’m not sure how true this is, especially when considering schools like MIT and CMU. Once you finish your doctorate, doors are going to open for you depending on the quality of your publications; your graduate institution will only help you in so far as it will influence your research.

One thing that helped me out a lot was talking to a bunch of people all over the place. I talked to my brother and a friend of his at CMU, friends at Berkeley, and people I knew at MIT. I also sent emails and had phone conversations with professors and other researchers at both CMU and MIT to get a better feel for what the environments were like at both places. Don’t hesitate to do this, but be aware that no one is going to make the decision for you. Most people you talk to will say something like, “Well you’re in a good place because you can’t go wrong.” While this is reassuring, it also doesn’t really help you in making a decision.

Finally, go with your intuition. That book “Blink” would recommend the same thing (I think). When you’re faced with a decision like I was, you really can’t go wrong and there are obviously some reasons why you’re tending to a particular place. Just go with it, I’m sure you’ll be happy.

———

I guess that’s the end of my series of posts on graduate school. I’d be really happy to hear wether people are finding this useful or not. Also if you have any comments or disagreeing opinions, please let me know.

Sometime in February or March you’ll start hearing back from schools. Unless you are incredibly brilliant, you’ll probably get into some and not get into others. If you only get into one school, and you’re set on going to grad school, then you don’t really have much of a decision to make. I guess you could decide whether that school is good for you and if it isn’t look for a job or something. This article won’t talk much about this scenario because I don’t know anything about it.

If you got into more than one school, you have to decide amongst them. In computer science, most schools will invite you to visit for a couple of days (usually a weekend, but not always) to check out the school, the department, and meet with students and professors. I highly recommend going to these visits. First of all, they are really fun, you will meet a lot of new people, include new admits, and you will see the admits over and over again at all of the schools you visit. Secondly, they really help you in choosing schools; if you’re going to spend the next 4-n years of your life somewhere, you don’t want to be making a blind decision. Third, I was mostly done with my undergraduate degree, so academic commitments weren’t really an issue. If you are taking a heavy course load (or otherwise busy) find a way to get your work done so that you can make it to these trips. In other words, don’t use school as an excuse for not going.

I think you should prepare a bit before you visit schools. You’ll probably be meeting with faculty, and you’ll want to get the most out of these meetings to help you make an informed decision. You should be at least familiar with some of their research (read their papers) and prepared to talk to them about it. What you’re really trying to do in these meetings is see if the faculty member would make a good advisor for you. This means you’ll want to be interested in what they’re doing in terms of research, but you’ll also want to connect with them on a personal level. I found that I could connect with professors better if I knew about the work they had done so we had something interesting to talk about. Faculty meetings are probably the most important part of your visits. Really, as a grad student, everything except your research is kind of secondary to your research. And the person guiding your research will be your advisor, so you want to make sure that you choose a good one.

However, other things are also pretty important. I cared a lot about whether I would be happy at a school or not (seems reasonable right?). At some schools I got a lot much better with both the current students and the admits than at other schools, and some schools seemed to be a much better fit for me personality-wise. You should think about these things too, ask students what they do for fun, whether they play sports, etc? If you’re interested in something (like a sport) and want to continue it, see if you can find people interested in the same thing at the schools you’re visiting. These things shouldn’t make or break a school, but if you weigh two or more schools the same in terms of research/advisors, these issues may make a difference.

Another thing you should do is talk to other admitted students in your area. See what they think about the school and if they are considering accepting. This is important because they are all going through the same process and maybe they can contribute some information about something you haven’t realized or thought about. Also see if you get along with those people. This is important because you’ll spend a lot of time interacting with those students and you want to like them.

Some people told me to make lists of the things I found important and be really systematic about my decision making but I decided not to do that. I visited schools and kind of went with my gut to formulate an opinion about them. I can’t really say anything about the systematic approach, but I didn’t really have any issues formulating opinions without it.

Don’t forget that visiting schools should be fun. Most of the time schools plan a lot of fun activities that often involve large amounts of alcohol. Enjoy all of the new people and the new places and keep in mind that you will be fine most places that you go.

next up… deciding!

Here’s what I did with regards to applying for graduate school. Maybe this will only apply for computer science PhD. programs.

First
I got involved in research at the beginning of my sophomore year. That year I didn’t really do much of what I would now consider research, but I showed my advisor that I was a good programmer and a hard worker. Starting in my junior year, he gave me a small research project with the goal of actually publishing the work. We actually submitted a paper and it was accepted to WWW which probably helped me a lot. In addition, I spend the summer after my junior year working full time on a research project.

Doing research asap is important because a. it makes your application look better and b. it helps you decide whether graduate school is right for you. If you’re still young, get involved right away.

The application
Once you’re preparing to apply, it’s kind of too late to get started on a research project. Instead you should focus on your application. Filling out the applications are generally pretty easy; the hard part for you is to write one or more essays. Additionally, schools generally care a lot about your grades and your recommendations.

Academics
Everyone I’ve talked to says grades are important, but your research is more important. Schools generally care to see that you are capable, but it’s not a big deal if you have weaker grades because you’ve been working really hard on research. While you should be getting pretty good grades, it’s more important that you are taking challenging courses and courses that are aligned with your research interests. Taking courses aligned with your interest is important because you will get to know professors in that area, which could lead you to interesting research projects or to good recommendation letters.

Also, if you can, I would recommend taking graduate courses. Generally, you will build a better relationship with your teacher (because classes are smaller) and you will often have a chance to do a research-style project. I asked a teacher from one of my graduate courses for a recommendation because I worked with him pretty closely on my class project. Another graduate course I took pretty much confirmed that I wanted to pursue machine learning.

Jean Yang mentions that if you do have weaker grades you should talk about them in your essays. Saying something about how you spent most of your time on your research would be good justification.

Recommendations
Recommendations are super important. When you think about it, if someone is willing to put his or her reputation on the line to vouch for you, people will take them seriously. Professors generally are candidly honest in their recommendations, because they don’t want to recommend a bad student, which could jeopardize their image. Consequently, if you can get three really good recommendations, then you may be golden.

Most schools ask for 3 letters of recommendation. First of all, recommendation letters should be from faculty members (professors); you want them to have to be accountable. Recommendations from graduate students or from industry (unless from a research lab) don’t really carry much weight. The best recommendations generally come from professors that you have actually done research with. They have the most to say about your research ability because they’ve seen you work. Teachers may not be able to add too much to your application if you haven’t interacted with them much outside of the classroom.

I think it’s pretty tough to get three recommendation letters from people you’ve done research with. Apparently so do people on admissions committees. It’s perfectly reasonable to have 2 recommendations from research advisors and one from a teacher that you had a more-than-normal interaction with. If you take graduate courses you will have a good interaction with your teachers and they will probably be able to write pretty good recommendations.

I got recommendations from my undergraduate research advisor, the professor that I worked with over the summer, and a professor from a graduate course I took. I think this was pretty reasonable.

Essays
Most schools only require that you write a personal statement. This isn’t a personal statement like what you wrote for your undergrad applications. It should really be called a research statement. Applications committees care about what research you did and why that pushes you toward graduate school. Therefore, you should talk about your research experiences and specifically what research you did.

I was talking to a friend of mine who’s thinking about applying in the fall and he was kind of worried that he hadn’t done any cool research. This is pretty normal for undergraduates; I think it’s pretty unlikely that you’ll be doing some cutting edge work. However, there are probably small things that you did that can show off your research abilities. For example, I spent a couple of days research various ways to randomize graphs, just to evaluate the actual algorithm we were working on. I talked about this in my essay and I think it showed that I had some intellectual curiosity.

Your essay should also include some school specific information. Spend some time figuring out why you want to go to each school you’re applying to and write that in your essay. Also look at people who you’d be interested in working with and talk about them briefly in your essay. If anything it shows that you care enough to do some homework on the school.

UC Berkeley also has you write a diversity statement. In this essay, you’re supposed to talk about how your background will contribute to the diversity at Berkeley. I found this essay pretty difficult because I’m an average Indian-American computer scientist. Given that, I talked about the summer I spent in Israel doing research and how I am motivated to collaborate with researchers locally and internationally. Unfortunately, I didn’t get into Berkeley so maybe this wasn’t the best way to go.

The Rest
The rest of the application stuff is straightforward. You have to fill out some personal information, send in transcripts and all of the usual stuff you did as an undergrad. Really at this point most of your work will be in writing essays. However, if you applied for fellowships, you should be able to take a lot of your material from there.

Next up… visiting and making a decision.

I’m going to write about fellowships before actual applications because some fellowship application deadlines are in late october and early november, which is earlier than other deadlines. The three main fellowships that people in computer science tend to apply to are NSF, Hertz and NDSEG. There are often other fellowships that are more specific to your particular research area (a slightly out-of-date list here).

I only applied to NSF, although I initially planned on applying to all three. Hertz is extremely competitive and there’s quite a bit of extra work that needs to be done to apply, such as finding a fourth recommender and writing tons of short essays. I figured that I wouldn’t get it, and it would just be a waste of time for me to apply. I don’t recommend doing this; even if you don’t get the fellowship it’s probably good preparation to think about the questions that they ask you and come up with answers to them. I think it may help a lot when writing application essays. Also, Hertz has a notoriously challenging interview and if you make it to that stage, it is probably a great experience.

I didn’t apply to NDSEG mostly because I got lazy and burnt out. The NDSEG deadline is in early January, so you don’t really have to worry about school or other applications. For me, I had just gone through my most stressful/taxing semester of college and really had no energy to write a couple more essays for the application. Also, I forgot to request transcripts, and by the time I realized, it was too late. In retrospect, I probably should have applied and I’m planning on applying again this year.

Given that I didn’t even apply to Hertz and NDSEG, I’ll just write about NSF. The application itself is just like other applications, there’s some basic personal information, transcripts, three letters of recommendation, and three essays. I may write about letters of recommendation somewhere else, but if you want some guidance in regards to them read Professor Harchol-Balter’s talk-thing. The three essays are: a description of your previous research, a research proposal, and a personal statement. The application committee evaluates your application from two perspectives: intellectual merit and broader impact. Your essays need to be written to address these two criteria.

Intellectual merit is pretty easy to address. In a nutshell, NSF is looking to see if you’re smart. If you’ve done interesting work and if you have some interesting research proposal, you’ll cover this in those two essays. Broader impact is often harder for a lot of people (and it was for me too). Since NSF is a government agency, they want to see that you are inspired to help people, the world, or at least the country. They look for things like interest in education, leadership experience, interest in including underrepresented groups in your area. They want your work to advance society or otherwise contribute to
scientific knowledge.

It can be hard to address broader impact in your essays. One “easy” way to do it is to actually do some stuff as an undergrad that you can talk about. For example, you can be a TA, or better, you can volunteer at local middle or high schools. I’ve heard about undergrads that host these robotics programs at local schools in Berkeley, which I think is a really great thing to do and a great thing to write about. I didn’t really have anything like that to write about, so I tried to spin my research goals as providing an infrastructure for future research. For me, addressing broader impact was definitely the hardest part of
the application. I spent a lot of time figuring out how I would write my personal statement so that I could (in my opinion) cover it. For you, it may be really easy. Since the previous research statement and the research proposal are meant to be quite technical, generally people write about broader impact in the personal statement.

THE ESSAYS

The previous research statement was fairly straightforward for me. I had already prepared an outline of the previous work I done to help my recommenders, so I just transformed this outline into an essay. Since I’ve worked in both security and compbio, I had a bit of trouble trying to unify the essay and explain why I chose compbio over security for the future. My guess is that this probably won’t happen to you. My thoughts on this essay are:

1. Be technical. They want to see that you can communicate your ideas effectively (b/c presumable you’re going to be a leader in your field) and in particular that you can communicate technical ideas effectively. It’s often hard to talk about your work when you abstract away the details, and this may negatively impact the clarity of your writing. At the same time, don’t drown the reader in the details; make sure the high level ideas of your work are clear. For example, I described the technical formulation of the problem that I worked on, but only presented the high-level ideas behind the algorithm we developed. I guess there’s a balance here, but the most important thing is to make sure your ideas get explained clearly; if you have to be technical to do it, then that’s probably fine.

2. Talk about work that you did. If you worked on a project with a graduate student or as part of a larger group, write a bit about the project as a whole, but then talk about the specific problems that you solved. NSF is going to fund you, so they want to see that you can do great work. They don’t really care if your group (or your grad student) can do great work. This can be slightly challenging because you probably aren’t working on super challenging or revolutionary problems by yourself as an undergrad. However, I made small contributions to a larger project that I thought were interesting research and I wrote about them.

The research proposal can be a really hard essay to write. NSF wants to see that you can come up with an interesting research problem and propose a reasonable solution for it. I think it’s really hard to figure out what interesting problems are (and so do a lot of people), so I recommend that you talk to a lot of people about this. Ask your advisor about what’s going on in your area, talk to graduate students other faculty etc. Find a problem that is well-motivated and hopefully related to your prior work. At the same time, you probably shouldn’t write about something revolutionary that will change the world. For example, don’t propose to solve P vs. NP (unless you already know how), people just won’t take you seriously. I chose a really small problem that came up in my compbio work. I talked about that work and said that this was a problem with our existing approach, then I proposed a completely different approach that seemed reasonable. I was fairly technical both in describing the problem and in writing about my approach. I also tied it into some broader impact by saying how the work could benefit society.

The personal statement was definitely the hardest essay for me to write. A large part of this was figuring out how to address broader impact. I wrote about a bunch of random stuff like being a captain on my ultimate frisbee team, teaching a databases class, building a compiler as a class project, and of course, my research. These were loosely related by some learning and adapting that was going on each setting. I brought in broader impact by talking about how computational biology should be a platform for biological research, and that I’m interested in building the robust tools that make this platform possible (an infrastructure for future research). I also talked about how I enjoy teaching and how I think my specific interest (which was finding genes associated with specific genetic diseases) could play a small part in understanding the biology behind genetic disorders. This essay was definitely less technical than the other ones, although I did get into some specifics about my teaching, class projects and research.

The essays are basically the meat of the application. I think it’s worth spending a lot of time on them, because it’ll give you a wealth of ideas that you can tie into your other application essays. My actual personal statement (for schools) was kind of just an amalgam of the three NSF essays I wrote and writing them ahead of time meant that I had all the ideas I wanted to talk about already and just needed to tie them together.

Another large part of the application is the letters of recommendation but I’ll write a bit about that later.

Also, when I get a chance I’ll upload my essays here.