Five years ago, James Larisch was a first-year computer science major at Northeastern University. If you’d asked him if he wanted to pursue a career in research, the answer would have been a definitive “no”.

Now, Larisch is in his first semester as a PhD student in computer science at Harvard University. He owes his passion for problem solving to the years he spent working as an undergraduate researcher in Northeastern’s College of Computer and Information Science (CCIS).

That work culminated in a paper published in May 2017 as part of the Institute of Electrical and Electronics Engineers (IEEE) Symposium on Security and Privacy. Larisch also presented at the symposium. He is first author on the paper, which describes a system that checks for TLS and SSL certificates that have been revoked. The system allows web browsers to better inform users when they may be sensitive to hacking.

“When you type in https://northeastern.edu, the communication between you and Northeastern is encrypted,” explained Alan Mislove, coauthor on the IEEE paper and Associate Professor and Associate Dean and Director of Undergraduate Programs in CCIS. “The problem is, you need to know that the other person you’re communicating with actually is Northeastern instead of an attacker who’s taken over your network.”

When a website administrator realizes they are being hacked, they can reach out to their certificate authority and have their TLS certificate revoked. However, partly because there are so many to keep track of, browsers often don’t regularly check what certificates have been revoked. Larisch’s solution, which he developed with the help of his advisors during his last two years at Northeastern, makes that process much easier.

The paper, which was awarded the 2017 IEEE Cybersecurity Award for Innovation, details the use of a “cascade filter” to compile a list of all of the TLS certificates on the web, along with information about whether or not they have been revoked. The cascade filter is a collection of bloom filters – data structures that have historically been used to collect data and compress it like an MP3 file. The problem with using a single bloom filter is that information can be lost, creating errors in the data that’s presented.

“If you take a symphony and turn it into an MP3, it won’t be as good as the original symphony,” explained Christo Wilson, also a coauthor and Assistant Professor in CCIS. “Someone with a perfect ear will tell you something’s been lost.”

The researchers realized that they could create a second bloom filter to reduce the number of errors from the first. Though this filter still had problems of its own, adding another filter – and then another and another – eventually reduced the error to zero.

“The proposal was that we have this bloom filter and we know there are going to be errors,” Mislove said. “There’s no reason you couldn’t create another bloom filter with a smaller list of errors and another bloom filter with an even smaller list of errors…until you get to a place where you have no errors. That’s the filter cascade. Each one is lossy [results in lost data] but all together they’re perfect.”

The proposed system would be a one-time install, taking up about 10 megabytes of bandwidth, followed by updates each day that would allow browsers to accurately track revoked certificates.

Wilson compared the daily update process to periodic iPhone app updates. “It’s a similar kind of mechanism,” he said.

David Choffnes, Assistant Professor of computer science at Northeastern, is also a coauthor on the paper, along with researchers at Duke University and the University of Maryland. However, Choffnes, Mislove, and Wilson all maintain that the legwork was done by Larisch.

The researchers hope their tool will pique the interest of web browsers, especially in the wake of security bugs like Heartbleed, a vulnerability in the SSL/TLS mechanism which in a targeted attack in 2014 left thousands of Internet users vulnerable to privacy infringement.

“A huge fraction of the internet potentially had its private key stolen,” Mislove said, adding, “Had James’ solution been deployed, information about all those revoked certificates would have come out the next day, so then everybody would be protected.”

Browsers have already begun to show interest in the tool, but further visibility is key to bringing the filter cascade to market.

“This is a project that is ready for deployment, but we can’t make it happen ourselves,” Choffnes said. “We need people to be aware that this is something they can use.”

He also hopes that the success of the project will help inspire undergraduates to pursue research at Northeastern’s Cybersecurity and Privacy Institute, which lives on the sixth floor of the Interdisciplinary Science and Engineering Complex (ISEC) building.

After all, graduate school wasn’t on the agenda for Larisch until he was three years into his Northeastern career.

“I went to Christo’s office one day and was just kind of like hey so, just curious, what’s grad school all about?” Larisch said.

CCIS hosts an Undergraduate Research Night each fall where students can learn from their peers about available opportunities in research. Choffnes said the most important lesson for students interested in research is “just to know that you can.”

“Anybody with drive at Northeastern can definitely end up with a success story like James,” he said.