HP newsroom blog
cancel
Showing results for 
Search instead for 
Did you mean: 
Published: September 30, 2016

 

Malware Lab at HP's Bristol-based Security LabMalware Lab at HP's Bristol-based Security Lab

 

The landscape of software attacks is both evolving and growing, as an ever wider variety and quantity of advanced malware is developed and released. It’s no longer enough for security solutions to track the signatures of known malware and their derivatives. Today, they must identify previously unrecognized vulnerabilities – so-called Zero Days – and proactively protect against malware that causes them, without ever having encountered that malware before.

In HP’s Bristol-based Security Lab, the team is using statistical and behavioral analysis techniques to study and detect malware. 

“By doing advanced analytics and detection research, we can find malware that can’t be identified through conventional methodologies,” says Jonathan Griffin, senior researcher in the Lab.

To inform their strategies, HP’s researchers need to keep abreast of malware state-of-the-art and have therefore created a dedicated malware lab to support that approach.

“Malware labs are isolated, protected environments that let us investigate how a particular piece of malicious software carries out its attack,” explains Simon Shiu, Head of Security Research for HP Labs. “They let us capture and experiment with the malicious software with no danger of accidentally infecting our own network or anyone else.”

HP’s malware lab helps its researchers both understand their adversaries and test techniques for detecting, mitigating, and recovering from real world attacks. “Having a lab like this allows us to test how robust what we are doing really is from an overall, architectural point of view,” Shiu explains.

There’s a useful analogy here with laboratories that help us understand infectious diseases, adds Griffin.  “We can’t just do forensic analysis on dead samples,” he says. “We have to watch how they behave live to know what they’re doing.”  

As a complement to their malware lab, the HP Labs security team is also developing techniques to simulate malware and the behaviors they typically exhibit. 

“Simulating a piece of malware allows us to easily tweak its behaviors and to mimic its evolution over time,” Shiu says. “We predict how the malware will change, and then test possible behavioral evolutions against our security techniques and see if they are still able to mitigate the danger.”

The overall process moves us towards a truly evidence-based method for assessing how useful any malware detection technique will actually be in a real world environment, Shiu argues.

It’s essential to improve how we test the efficacy of our malware detection approaches, he believes. “For any idea that we have, we need to answer: how future-proof is it? How robust is it? What assumptions do we need to make to be confident that it will be effective? That’s what our research is pushing towards.”

    HP Labs
Published: June 19, 2017

Simon Shiu, Director of HP's Security LabSimon Shiu, Director of HP's Security LabThe recent appointment of Professor Mark Ryan as inaugural HP Chair in Cyber Security at the University of Birmingham is already paying dividends in terms of deeper understanding of global cyber security challenges and closer collaboration between industry and academia in solving them, says Simon Shiu, director of HP’s Security Lab.

“We’ve known Mark for a long time and admired his work, but in formalizing our relationship we’re creating a new pathway for developing promising approaches to some of the thorniest issues in our field,” Shiu noted recently. 

To better inform his future academic research at the beginning of his five-year term as HP Chair, Professor Ryan embedded himself at HP Labs for three months earlier this year.

“I was particularly impressed by the researchers’ knowledge and energy, and by their strong focus on the needs of the company in terms of innovation,” Ryan reports. “And I was able to find out a lot about what HP Labs is doing and to begin to think about how to bring that to Birmingham.”Professor Mark RyanProfessor Mark Ryan

HP researchers benefitted, too. “Mark brings a broad perspective and being part of academia means he tracks and links to what’s going on there more effectively than we can,” says Shiu, adding that Ryan’s presence brought a welcome dimension of academic experience to the methodologies his team is using.

In addition, Ryan’s visit helped both sides better understand the practical aspects of organizing industry-academic partnerships for impactful research and the intricacies of successfully raising funding for their joint research projects.   It also inspired a number of research ideas. One relates to our security research for homes and offices of the future, another was 3D printing.

“These subjects bring up all kinds of things that academics rarely think about, because they’re often most focused on consumer issues like privacy and less aware of industry concerns,” Ryan explains. “These can range from providing assurance to a CIO or multiple CIOs, through to how to convince 3rd parties of the integrity of 3D designs and printed parts” 

Now that Ryan is back at the University of Birmingham, where he heads the Security and Privacy research group in the university’s School of Computer Science, he’s also thinking more broadly about the field.

“One thing that interests me at present is the balance between privacy and security,” Ryan says. “We repeatedly see this tension between maintaining our privacy and allowing the state or a company to provide the services that we’d like them to make available. How do we get that balance right?”

In response, Ryan is working on new ways of conceiving the challenge, combining elements of engineering, psychology, sociology, and law, in the hope of inspiring new technologies that find the right balance between these often opposing requirements.

Shiu is looking forward to Ryan’s bringing those ideas back to HP Labs.

“Being a world class research center of excellence on security involves more than technology, we have to be on top of the economic, societal and geopolitical trends that give context for how cyber threats are emerging,” he says.

This kind of multi-disciplinary approach will be essential if HP is to make good on its ambitious vision of a world where a convergence of the Internet of Things and blended reality technologies let people navigate through the world both seamlessly and securely, Shiu believes.

The cyber physical systems of the future will be very different from those of today and yet will need to be both safe and also easy to use. “But meanwhile the security problem is not going away,” says Shiu. “In fact, it’s only getting harder. So this vision of secure but seamless computing will be a really tough thing to achieve.”

One solution might lie in designing security systems and user interfaces that let users understand the real consequences of taking a particular action, suggests Ryan.

“We already have plenty of occasions in our digital lives where we think: what bad things might happen if I clicked on that email or that link?” he says. “So one question would be, can we provide interfaces and security for the systems of the future that are transparent enough for users to know with certainty whether that click will be safe or not?”

Published: May 23, 2017

From left: HP Labs researchers Alex Thayer and Ian RobinsonFrom left: HP Labs researchers Alex Thayer and Ian RobinsonTo understand how people will interact with digital technologies in the future, it’s useful to think in terms of “mixed reality,” argues HP Labs researcher and Chief Experience Architect Alex Thayer.

“We’ll certainly have access to virtual reality, where people will work within an entirely digital environment, and also new augmented reality technologies, which layer digital information over what you’re seeing in the real world,” Thayer explains. “But at HP Labs, we don’t expect one to be more important than the other – instead we use a lens that includes them both, which we call “mixed reality.”

The key to predicting the shape of this mixed reality future is to focus on what people will want technology to do for them, adds Thayer’s HP Labs colleague, Ian Robinson.

“Rather than placing bets on any specific technology in the abstract, you need to start by asking: What is it you are trying to achieve through your interaction with a computer?” he says. “And then you ask: What is the most intuitive way to interact with that computer to make that happen?”

This perspective informs the research program underway at HP’s Immersive Experiences Lab, where both Robinson and Thayer are based, to envision how users’ experience of computing will change over the next five to twenty years.

 

HP ZVR Virtual Reality DisplayHP ZVR Virtual Reality Display

 New tools for interaction – and new expectations

 If user experience research used to focus on the design and implementation of interfaces and tools like 2D graphics, video displays, keyboards, joysticks, and mice, the advent of relatively cheap and more user-friendly immersive technologies, from VR headsets to devices that let you ‘touch’ and manipulate virtual objects, has broadened the range of potential solutions available to fit any particular need.

It’s also raised user expectations. “People want the tools they use to navigate their mixed reality experiences to replicate the feel and ease of use they experience in interacting with the analog world,” notes Thayer.

“That’s really difficult, technically,” he acknowledges, “but the reason we have to do it is because people want to use the same tools in the analog and virtual worlds, to have a seamless workflow across them both.”

These new tools can’t yet do everything people want, HP Labs research is showing. A virtual reality experience remains very hard to share, for example, so its potential as a tool for collaboration remains underutilized.

But Immersive Experiences Lab investigations are also helping understand how the mixed reality experience can be advanced to meet needs like these.

“We’re working, for example, with creative professionals like architects, engineers, and animators to first understand what they need to get done and then develop concepts for new user interfaces that allow them to do their work more efficiently,” says Thayer.

These research partners are then invited to interact with simplified instantiations of the ideas and their feedback is used to further refine the concept. That in turn feeds into HP’s business planning processes, enabling the company to anticipate specific kinds of customer needs and create technologies that are best able to help customers be more effective in doing their work.

“This isn’t so much about creating a specific new product,” notes Robinson. “The value here is in prototyping and then testing ideas as quickly as possible to see whether they are addressing the needs we’ve identified.”

This effort is one aspect of a broad investigation underway at HP Labs into the future of work.

Even with laptops and other mobile devices available to us today, we still work at desks, Thayer observes. “And that’s likely to remain true, even with VR,” he says. “VR might let us all physically walk through a shared virtual space, but that’s not feasible if people are gathered in one office to do it, just from a space-management perspective.”

If we’re unlikely to work by wandering around virtual worlds anytime soon, that doesn’t mean we are destined to stick with current computer interfaces like flat screen displays.

“I’m pretty sure most of us will end up using some kind of VR or AR at our desks,” suggests Thayer, “which raises the question of what that experience should look like. The work we do at HP Labs to interact with, and therefore understand, the future needs of our users is helping us define that for the industry.”

Published: April 19, 2017

Research engineers Andrew Fitzhugh and Alex JuResearch engineers Andrew Fitzhugh and Alex Ju

“HP’s Multi Jet Fusion 3D printing technology has the potential to offer capabilities that haven’t existed before, especially through its ability to vary both color and material strength at the same time with unprecedented accuracy,” notes HP Labs research engineer Andrew Fitzhugh.  

“So every now and then,” he says, “we try to do projects that explore the limits of the printers and materials we’re developing, just to see what’s possible.”

A recent example is a collaborative effort between researchers in HP’s Print Adjacencies and 3D Lab, where Fitzhugh is based, and colleagues from the company’s Immersive Experiences Lab that explores the impact 3D printing could have on wearables, a product category that includes jewelry, clothing, and items like watches, badges, and fitness trackers that have elements of technology embedded in them.

HP’s Multi Jet Fusion approach to 3D printing leverages the company’s 30-plus years of experience in inks and jettable agents, precision low-cost mechanics, and material science, and offers a path to securing unprecedented levels of control over material properties such as color, elasticity, conductivity, and, potentially, translucency at an individual voxel (the 3D equivalent of a pixel) level.

In the case of wearables, HP’s technology could provide a way to print complex, colorful, and fine-detailed accessories that are currently impossible to create. 

05_2_post_web.jpg

“When I’m designing for conventional metals and gems, I have to assume that each component in the design has only one color,” explains researcher Alex Ju, who trained originally in jewelry and metalsmithing and worked with Immersive Experiences Lab colleague Ji Won Jun to design the wearable prototypes.

“But the kinds of pieces we’ve made in this project can have color anywhere. Where you put the color also has no impact on how hard they are to create, so you have access to a new range of aesthetic possibilities for these kinds of items,” Ju says.

In addition to offering designers a new creative pallet to work from, the HP print process allows for complete customization. In the future, it might cost no more to print a million individually unique wearables than a million that are exactly alike.

“Jewelry is very personal,” observes Ju.  “3D printing gives us the opportunity to offer that at a mass manufacturing scale.” 

06_2_post_web.jpg

The project has spurred other potentially valuable insights for vendors of wearable items. At present, for example, jewelry making is a laborious process, requiring assembly from multiple individual parts. But the HP team’s experiments are helping them understand how pieces that are multi-jointed, and that feature areas of both flexibility and strength, can be created in a single unit.

“It suggests we have the potential to reduce manufacturing steps and really streamline and reduce the cost of the wearable manufacturing process,” says Fitzhugh.

The project is helping HP refine its own 3D print technology at a foundational level too. “Efforts like this can tell us where strength, color, or finish is important or not,” he says. “That helps us understand how we can further develop the technology to better meet needs of users.”

It also points to additional potential applications and uses for the technology – for ID bands, sportswear, or household accessories, perhaps – that hardware researchers don’t typically have the opportunity to explore. With that in mind, many of the wearables created during the collaboration are both able to move kinetically and contain electronic elements. 

“Alex is designing things that we would never have the bandwidth to think about or design expertise to create,” Fitzhugh says.  

That’s likely to prove valuable when the next generation of HP 3D print technologies become commercially available.

“Designers in many fields, are not used to creating with the freedom that this technology can give them,” says Ju. “This work tells us a lot about what needs to happen to develop an ecosystem in which people can take full advantage of the capabilities we’re hoping to provide.” 

07_1_post_web.jpg

 

Published: April 05, 2017

 

CSCW 2017.jpg

  

Senior Manager Alex Thayer, PhDSenior Manager Alex Thayer, PhDHP Immersive Experiences Lab senior manager Alex Thayer, PhD recently represented HP Labs at the Association for Computing Machinery (ACM) conference on Computer-Supported Cooperative Work and Social Computing (CSCW) in Portland, Oregon. The meeting is one of the most significant annual gatherings of industry and academic researchers interested in how the design and use of technology impacts human communities. We checked in with Thayer on his return to find out what he had learned and how that could be relevant to HP’s research agenda.

 

HP: What’s the appeal of CSCW for you and your lab?

CSCW is not a huge conference but it's extremely high value because of who is there – and it’s why HP was a conference sponsor this year. CSCW attracts a lot of researchers, professors, and their students who are interested in creating technology prototypes and then seeing how people respond to them out in the world, which is what we do in our lab. So it’s a great way to see what other research teams are up to and to foster connections with them – it’s also proven to be a fertile source for future interns and early career hires.

 

HP: Can you share a session or talk that you found especially noteworthy?

One of the most interesting sessions for me was about parenting. Often technology and parenting gets reduced to a question of how much screen time kids should have. But there are far more profound things to talk about. There was a paper in that session, for example, about a project in Taiwan called WAKEY, which used a parentally-controlled animatronic rabbit to help young kids wake up more efficiently in the morning. It was able to do that. But just as significantly, the researchers found it helped dads in this specific culture relate to their kids. They have all these video clips of the dads playing on the floor, making silly voices, dancing with their children. The researchers told the audience that many of these dads in their study had never done those things with their kids before.

 

HP: What was your take away from that?

Part of why we do things in our lab is to find the unintended consequences of technology interventions – and this was a great example. The researchers thought they were going to help kids wake up better. What they found, though, was this little rabbit was also a great mediator between a three or four-year-old kid and their dad. There can be a heavy cultural weight to overcome when you try to just be a silly dad with your kid. This technology enabled a shift in the parent/child relationship that the dads seemed to be happy about. It made these dads' relationships with their kids more resilient, more fun. 

 

HP: Are you also interested in how technology can impact relationships?

Very much so. This research echoes efforts like Project Jetty, which connects family members who have expressed a desire to have a closer connection. That’s also about aspirational identity – about using technologies to help people feel better about themselves and their lives.

 

HP: Can you pick out another presentation you thought was notable?

Another one from the same session was interesting in terms of how we design our experiments. This was a case study of two romantic couples who essentially lived with an always-on Skype connection to one another over a period of many weeks. One of the couples ended up splitting up and it was very possible, although not proven, that the experiment had contributed to the demise of their relationship. So that was a good reminder of the care we need to take as we create design concepts and research prototypes, and then put them into peoples' lives

 

HP: Will that change how you run your investigations?

We don’t ever run experiments that are as risky to the participants as that study might have been, even though those participants were all volunteers. But what was striking here was that all the most interesting, most provocative questions raised by the study were around relationships, not technology. It’s a reminder that change doesn't just come from new electronics or software – it can come from how people use technologies that already exist. So it’s important for us to remember that rethinking how to apply technologies can have as much power as inventing them in the first place.

 

HP: Which other ideas were circulating this year that resonated for you?

There were a couple of sessions on how to understand people better through social media traffic flows that were very interesting. One paper tracked how the spread of the #blacklivesmatter hash tag on Twitter correlated with the speed at which reports about police-involved deaths of African Americans appeared on Wikipedia. Several years ago such pages would take months to appear, if they were written at all. Now it's a matter of weeks, if that, before a page is up. It’s a very concrete example of how people are using technology platforms to drive social and political information into public view – and of how you can use big data to draw out very human, and in this case socially significant, stories. That work by Marlon Twyman, Brian Keegan, and Aaron Shaw was particularly impactful as a way to understand how social movements evolve and shift.

 

HP: This conference has a social science emphasis whereas HP is known as a company that makes things. So is this all pretty remote from HP’s core interests?

Not at all. HP is all about invention, for sure, but our mission is to ”engineer experiences that amaze” and it’s people we are trying to amaze. In our lab especially, but really across the company, we put people first. One of our lab’s main focus areas is what we call “resilience technology,” or helping people have a stronger sense of purpose, connection, and control in their lives. What I took away from this conference is that we're right to look beyond purely technical solutions to people’s challenges. We need to look deeper than that. How do we support people emotionally? How do we make them more confident in themselves through technology? And I think those are questions that we’re in a very good position to help answer at HP Labs.

Published: March 24, 2017

 HP IonTouch technology. Imager (left) and Rewritable media (Right)HP IonTouch technology. Imager (left) and Rewritable media (Right)

This month HP Labs pilots a new writable, energy-free display technology that could impact a wide swathe of industries, including finance, hospitality, healthcare, security, retail, and transportation.

HP IonTouch is a secure, integrated system for placing and updating timely, personalized visual information onto digital displays embedded in plastic cards of the size, flexibility, and durability of a standard credit card.

“The IonTouch enables non-contact imaging, removing the electronics from conventional electronic paper displays, including the display backplane that requires electrodes, transistors, interconnects, a battery, and a processor” explains HP IonTouch project director Omer Gila. “This allows us to add a high resolution 2.5” display to each card with only an incremental cost of just a few tens of cents”.

The HP Labs effort is unusual for its technical ambition, requiring innovations in hardware, software, and networking as well as the chemistry and physics of a new kind of media – and for taking the company’s research division into the realm of new business creation.

“Developing it has been a huge but rewarding challenge for everyone involved.” notes Gila.

 

The IonTouch Team. From left to right: Bill Holland, David George, Henryk Birecki, Raj Kelekar, Omer Gila, Napoleon Leoni, Anthony McLennan, Chuangyu Zhou, Rares Vernica, Dekel Green, and Mark Huber. Other key contributors include Marc Ramsey and Michael Lee.The IonTouch Team. From left to right: Bill Holland, David George, Henryk Birecki, Raj Kelekar, Omer Gila, Napoleon Leoni, Anthony McLennan, Chuangyu Zhou, Rares Vernica, Dekel Green, and Mark Huber. Other key contributors include Marc Ramsey and Michael Lee.

A new kind of energy free display

The low-cost, energy free display was developed to work with newly-developed IonTouch imagers and creates an image similar to that produced by tablets like the Amazon Kindle, but without the electronics and that remains permanently present unless reimaged by an IonTouch device.

The display media is embedded into individually identifiable plastic IonTouch cards printed by an HP Indigo digital press, resulting in a unique and portable card-sized display that can be erased and rewritten thousands of times to reflect a balance, status, score, or individualized message tailored to the owner.

The current IonTouch technology offers 300 x 300 dpi resolution display in black and white with 16 levels of gray scale. The 2.5” writable area is large enough to feature a clear photo for ID or entertainment, a QR code, and text information together at the same time.

 

A novel, and affordable imaging ecosystem

To realize their vision, HP Labs researchers also had to create an entirely new imaging device to erase and write onto HP IonTouch cards.

When a card is placed in this imager, a simple bar code on the back of the card uniquely identifies it to the HP IonTouch system, allowing the imaging device to retrieve whatever new information needs to be placed on the card. The imager then erases the card’s current display before printing the new information onto its electronic paper via a floating, non-contact print head in much the same way an HP InkJet head prints ink onto conventional paper – but without the ink. The entire process takes less than four seconds.

“The image can be rewritten more than 10,000 times. Each image can stay as it is printed forever, or until you run the card through the imager again,” says HP IonTouch lead engineer Napoleon Leoni. He also notes that the cards are made to be flexible, durable, water-washable, and impact resistant – and can thus easily handle a pocket or wallet environment.

Crucially, they also cost little to produce. Where competing solutions with a comparable electronic screen size cost more than $50 per card to manufacture, HP IonTouch cards are projected to cost less than a couple of dollars to make.

“That really changes the game and opens up IonTouch cards for use in a wide variety of sectors,” Gila suggests. “Since almost every plastic card in the market can benefit from a writable display, we believe the number of potential applications is almost endless.”

Potential uses include gift cards that display personalized messages and are both refreshable and transferable, security badges that are reauthorized daily, smarter hotel door keys and medical cards, and public transport passes and loyalty cards that update their value with every ride or purchase and include fresh information about the service and discounts or offers that are personalized for the user. The technology also has potential application for other kinds of signage, such as durable, low-cost, rewritable shelf labels of the kind used by pharmacies, grocery stores, and other retailers.

 

A strong environmental and security message

 “Making cards rewriteable makes them reusable. This is good for business but also good for the environment as it eliminates millions of wasted cards every year” says Leoni. “Since the only way to change information on the IonTouch cards is via our IonTouch imagers, that also adds another layer of protection, making the cards very secure, too. Being able to update or rotate security codes boosts the security of credit cards and enables reuse of gift cards, replacing the scratchable or permanent security codes they use today.”

Another environmental benefit stems from the cards’ power consumption – they require just a few watts to be written and no power to retain their images, translating to an annual electric bill of a few cents per imager. This also enables new handheld applications where an HP IonTouch imager runs on single battery charge for a whole day.

Creating this novel ion jet imaging technology was just one of many technical challenges that the team of ten or so HP Labs engineers faced and resolved. 

They also added networking and cloud integration to the system, enabling the Linux-based IonTouch imager to link with customer-owned cloud databases. A retailer, for example, may recognize a customer’s gift card as it runs through the imager, immediately debit it for a purchase, and then print the new balance on the card along with a discount for a product relevant to the customer’s previous buying habits. 

 

A new business category

Recognizing their technology’s potential, the researchers from HP’s Print Adjacencies and 3D Lab teamed up with the company’s operations and supply chain teams and its Strategy and Incubation group to design an entirely new HP business concept around the HP IonTouch system.

That led them to develop imagers that are both extremely reliable and yet are “hot swappable”.  “If you have any problem with an imager, our cloud backup system ensures a fast replacement. Just swap in your spare imager, authorize it with your password or code, and off you go,” Gila explains. “Just send the problem unit back to HP for a replacement.”    

Gila believes that convenience and ease of use will keep card-based services in high demand for the next several decades and notes that despite a rise in new payment methods and technologies, the pre-paid card market is still growing, with more than 10 billion new cards issued each year.

“Almost all of them could be made better with our technology,” he says.

 

The pilot

The HP IonTouch pilot currently underway deploys the technology at HP’s own Palo Alto headquarters buildings, featuring an advanced automated digital badge entry system based on IonTouch technology. It includes a touch screen, an imager, a cloud monitoring system, and prints out unique IonTouch visitor badges. These badges display the visitor’s name, that of their host, the date, the name and logo of their company, and a small icon unique to that day, making it easy for security personnel to confirm whether people are present with permission. The system also links to the company’s calendar software, notifying hosts when their guests have arrived.

“The pilot will give us important visibility and valuable feedback on our business and technology, including the imagers, the cards, our software, the user experience, and ease of use” suggests Gila. “We’re very excited to be able to share it with the world.”