CS Spotlight Series: A Conversation with Professor Benjamin Ujcich

Posted in News Story  |  Tagged

By Mariam Khan, Georgetown University

As part of our CS Spotlight Series, we spoke with Professor Benjamin Ujcich, Assistant Professor in the Department of Computer Science at Georgetown University. His work focuses on network security and the security implications of modern computer network architectures.

What is your main research focus area, and what motivated you to go into that field?

We interact with networks constantly: browsing the Internet, perhaps through a wireless network like 5G, and indirectly with data centers handling our requests. Traditionally, determining how data was routed through networks was managed in a decentralized way, but in recent years we’ve made networks more programmable through what’s termed “software-defined networking” (SDN). SDN centralizes the decision-making in a piece of software, which makes it easier to quickly respond to, say, attackers trying to attack your network. At the same time, it also creates new vulnerabilities, because if attackers compromise the decision-making, they can reconfigure entire networks and cause all kinds of issues.

My research takes the principles of designing secure systems and software and applies them to this often overlooked layer of cybersecurity. We are seeing increasing evidence of the network infrastructure being the stepping stone of broader security and privacy attacks with wide-reaching impacts, such as the recent Salt Typhoon attack against US 5G infrastructure.

How did your journey from studying computer engineering lead you to specialize in this? What motivated you to narrow your focus?

One time during a vacation while in high school, I figured out how to connect my laptop to the Internet through my mobile phone (what we call a “personal hotspot” today). This was before smartphones were available and when phones had almost no Internet capabilities, so it was neither an easy nor straightforward process. I set it up and tested it out as a passenger on a long drive in the middle of nowhere, and it worked! I remember thinking at the time that it was the coolest thing ever (even if we take ubiquitous connectivity for granted today!), and that got me interested in understanding how networks actually work.

During my undergraduate studies, I joined a research team studying programmable networks, which were just beginning to emerge. That exposure to cutting-edge work convinced me I wanted to build a career in this field. I was very lucky to be able to join in on weekly meetings with the university’s network engineers, where I began to more fully appreciate the issues that practitioners face with running real networks.

When I started graduate studies, my advisor was focused on cybersecurity, which paired well with my interest in networks. That’s when my focus narrowed to network security, looking not just at connectivity, but how to make systems resilient against attacks.

What has it been like building your research lab and working with students at Georgetown?

I started during the pandemic, which was an unusual time to build a lab, but it’s been rewarding. I’ve had two Ph.D. students graduate, I’m currently working with one Ph.D. student and a master’s student, and I have another Ph.D. student joining soon.

One highlight has been receiving the NSF CAREER Award for research about understanding the security implications of intent-based networking. This award is given annually to around 500 early-career faculty across the US in scientific fields. It affirms that the challenges I’m addressing are not only technically significant but also impactful at a broader societal level.

You mentioned intent-based networking. For someone who doesn’t understand it, what is it?

Programmable networks make configuration easier but also more complex, with many protocols and details to manage. Intent-based networking shifts the focus from how to configure a network to what you want it to achieve. You can declare high-level goals, like allowing certain departments in an organization to communicate, and the system translates that into low-level network configurations. My research looks at how to maintain observability and security in these systems, given that their reconfigurability can accidentally create vulnerabilities.

Has your work led to any real-world software vulnerability discoveries?

Yes. In the cybersecurity community, the MITRE Common Vulnerabilities and Exposures (CVE) database contains publicly known vulnerabilities in software projects. If someone detects a vulnerability, they disclose it to the vendor, a fix is made, and then it’s released and given a unique identifier so everyone knows to upgrade and prevent the vulnerability from being exploited. Based on our research, we’ve discovered and disclosed at least 21 CVE vulnerabilities related to programmable networks. This kind of software impacts systems and networks you interact with daily, even if you don’t see it directly as a user.

What are the current challenges you see in cybersecurity and network security today?

Particularly over the last two years or so, there has been significant interest in trying to understand how large language models (LLMs) are affecting and could affect computer systems and networks. For instance, you could poison what the LLM thinks the world is, and change the outcome of the decision it might have. Security systems have lots of alerts and false positives; there’s concern that the information coming into these systems could lead the model astray. There’s also hallucination, where an LLM gives a completely wrong answer very confidently. In security, we typically want provable guarantees: either something is “secure” or it is not “secure”. LLMs may not be able to tell you that with certainty.

What advice would you give to students curious about entering cybersecurity or network security—and how can they keep up with emerging trends?

I would give three pieces of advice:

First, focus on the fundamentals of secure system design. A lot of these principles go back to the 1970s. The technologies change, but the underlying principles don’t.

Second, try to imagine what assumptions a designer has made when designing a computer system, network, or piece of software, and then consider what happens if those assumptions are broken. It’s thinking like an adversary, but that mindset helps uncover vulnerabilities in ways that only seem obvious after the fact.

Third, there will always be careers in this space, even if what they look like may change. AI is in demand, but cybersecurity is close behind. If you can combine the two, there are tons of opportunities.

Read more about Professor Benjamin Ujcich’s research here.