25.Mitigation
of Control Channel Jamming under Node Capture Attacks.
View:-
Abstract
| Basepaper
26.Multi-core
Supported Network and System Security and Security in Next
Generation Wireless Networks.
View:-
Abstract
27 .Dynamic Routing with Security Considerations.
View:-
Abstract
| Basepaper
28 .Detecting Malicious Packet Losses.
View:-
Abstract
| Basepaper
29 .Multipath Dissemination in Regular Mesh Topologies.
View:-
Abstract
| Basepaper
30 .A Faithful Distributed Mechanism for Sharing theCost of
Multicast Transmissions.
View:-
Abstract
| Basepaper
31 .Movement-Assisted Connectivity Restoration inWireless
Sensor and Actor Networks.
View:-
Abstract
| Basepaper
32 .Evaluating the Vulnerability of Network Traffic Using
Joint Security and Routing Analysis.
View:-
Abstract
| Basepaper
33 .The Effectiveness of Checksums for Embedded Control Networks.
View:-
Abstract
| Basepaper
34 .Multiple Routing Configurations for Fast IP Network Recovery.
View:-
Abstract
| Basepaper
35 .Monitoring the Application-Layer DDoS Attacks for Popular
Websites.
View:-
Abstract
| Basepaper
36 .Flexible Rollback Recovery in Dynamic Heterogeneous Grid
Computing.
View:-
Abstract
| Basepaper
37 .Scalable Routing in Cyclic Mobile Networks.
View:-
Abstract
| Basepaper
38.A
safe mobile agent system for distributed intrusion detection.
View:-
Abstract
39 .Enforcing Minimum-Cost Multicast Routingagainst Selfish
Information Flows.
View:-
Abstract
| Basepaper
40 .SIMPS: Using Sociology for Personal Mobility.
View:-
Abstract
| Basepaper
41 .Capturing Router Congestion and Delay.
View:-
Abstract
| Basepaper
42 .Spatio-Temporal Network Anomaly Detection by Assessing
Deviations of Empirical Measures.
View:-
Abstract
| Basepaper
43.Security
Analysis of the SASI Protocol.
View:-
Abstract
| Basepaper
44.Continuous
Monitoring of Spatial Queries in Wireless Broadcast Environments.
View:-
Abstract
| Basepaper
45.Mobile
Agent Based Distributed Intrusion Detection System.
View:-
Abstract
46.Evaluating
the Vulnerability of Network Traffic Using Joint Security
and Routing Analysis.
View:-
Abstract
| Basepaper
47.Effective
Collaboration with Information Sharing in Virtual Universities-java-2009
This paper appears in: Knowledge and Data Engineering, IEEE
Transactions on
Publication Date: June 2009 Volume: 21, Issue: 6
Abstract
:- A global education
system, as a key area in future IT, has fostered developers
to provide various learning systems with low cost. While a
variety of e-learning advantages has been recognized for a
long time and many advances in e-learning systems have been
implemented, the needs for effective information sharing in
a secure manner have to date been largely ignored, especially
for virtual university collaborative environments. Information
sharing of virtual universities usually occurs in broad, highly
dynamic network-based environments, and formally accessing
the resources in a secure manner poses a difficult and vital
challenge. This paper aims to build a new rule-based framework
to identify and address issues of sharing in virtual university
environments through role-based access control (RBAC) management.
The framework includes a role-based group delegation granting
model, group delegation revocation model, authorization granting,
and authorization revocation. We analyze various revocations
and the impact of revocations on role hierarchies. The implementation
with XML-based tools demonstrates the feasibility of the framework
and authorization methods. Finally, the current proposal is
compared with other related work.
48.Compaction
of Schedules and a Two-Stage Approach for Duplication-Based
DAG Scheduling-java-2009
IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED
SYSTEMS, VOL. 20, NO. 6, JUNE 2009
Abstract
:- Many DAG scheduling algorithms generate
schedules that require prohibitively large number of processors.
To addressthis problem, we propose a generic algorithm, SC,
to minimize the processor requirement of any given valid schedule.
SC preserves theschedule length of the original schedule and
reduces processor count by merging processor schedules and
removing redundant
duplicate tasks. To the best of our knowledge, this is the
first algorithm to address this highly unexplored aspect of
DAG scheduling. Onaverage, SC reduced the processor requirement
91, 82, and 72 percent for schedules generated by PLW, TCSD,
and CPFD algorithms,respectively. SC algorithm has a low complexity
(OðjN j3Þ) compared to most duplication-based algorithms.
Moreover, it decouplesprocessor economization from schedule
length minimization problem. To take advantage of these features
of SC, we also propose ascheduling algorithm SDS, having the
same time complexity as SC. Our experiments demonstrate that
schedules generated by SDS areonly 3 percent longer than CPFD
(OðjN j4Þ), one of the best algorithms in that respect.
SDS and SC together form a two-stage scheduling
algorithm that produces schedules with high quality and low
processor requirement, and has lower complexity than the comparablealgorithms
that produce similar high-quality results.
Index Terms—Scheduling and task partitioning, task duplication,
algorithms, multiprocessor systems.
49.Beyond
Output Voting: Detecting Compromised Replicas Using HMM-Based
Behavioral Distance-java-2009
Debin Gao, Michael K. Reiter, Senior Member, IEEE Computer
Society, and Dawn Song
Abstract
:- Many host-based anomaly detection techniques
have been proposed to detect code-injection attacks on servers.
The vastmajority, however, are susceptible to “mimicry”
attacks in which the injected code masquerades as the original
server software,including returning the correct service responses,
while conducting its attack. “Behavioral distance,”
by which two diverse replicasprocessing the same inputs are
continually monitored to detect divergence in their low-level
(system-call) behaviors and hencepotentially the compromise
of one of them, has been proposed for detecting mimicry attacks.
In this paper, we present a novelapproach to behavioral distance
measurement using a new type of Hidden Markov Model, and present
an architecture realizing thisnew approach. We evaluate the
detection capability of this approach using synthetic workloads
and recorded workloads of productionweb and game servers,
and show that it detects intrusions with substantially greater
accuracy than a prior proposal on uringbehavioral distance.
We also detail the design and implementation of a new architecture,
which takes advantage of virtualization tomeasure behavioral
distance. We apply our architecture to implement intrusion-tolerant
web and game servers, and throughtrace-driven simulations
demonstrate that it experiences moderate performance costs
even when thresholds are set to detect stealthymimicry attacks.Index
Terms—Intrusion detection, replicated system, output
voting, system call, behavioral distance.
49.BSM R Byzantine-Resilient Secure Multicast Routing in Multihop
Wireless Networks-java-2009
IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 8, NO. 4, APRIL
2009 445
Reza Curtmola, Student Member, IEEE, and Cristina Nita-Rotaru,
Senior Member, IEEE
Abstract
:-Multihop wireless networks rely on node
cooperation to provide multicast services. The multihop communication
offers
increased coverage for such services but also makes them more
vulnerable to insider (or Byzantine) attacks coming fromcompromised
nodes that behave arbitrarily to disrupt the network. In this
work, we identify vulnerabilities of on-demand multicast
routing protocols for multihop wireless networks and discuss
the challenges encountered in designing mechanisms to defend
againstthem. We propose BSMR, a novel secure multicast routing
protocol designed to withstand insider attacks from colluding
adversaries.
Our protocol is a software-based solution and does not require
additional or specialized hardware. We present simulation
results thatdemonstrate that BSMR effectively mitigates the
identified attacks.
Index Terms—Multihop wireless networks, secure multicast
routing, Byzantine resiliency, Byzantine attacks.
50.Fast Intra-Network and Cross-Layer Handover (FINCH) for
WiMAX and Mobile Internet-java-2009
IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 8, NO. 4, APRIL
2009
Jui-Hung Yeh, Member, IEEE, Jyh-Cheng Chen, Senior Member,
IEEE, and
Prathima Agrawal, Fellow, IEEE
Abstract
:- To support
fast and efficient handovers in mobile WiMAX, we propose Fast
Intra-Network and Cross-layer Handover
(FINCH) for intradomain (intra-CSN) mobility management. FINCH
is a complementary protocol to Mobile IP (MIP), which deals
withinterdomain (inter-CSN) mobility management in mobile
WiMAX. FINCH can reduce not only the handover latency but
also the end-toendlatency for MIP. Paging extension for FINCH
is also proposed to enhance the energy efficiency. The proposed
FINCH is especiallysuitable for real-time services in frequent
handover environment, which is important for future mobile
WiMAX networks. In addition,. This is especially beneficial
for the integration of heterogeneousnetworks, for instance,
the integration of WiMAX and WiFi networks. Both mathematical
analysis and simulation are developed to
analyze and compare the performance of FINCH with other protocols.
The results show that FINCH can support fast and efficient
link layer and intradomain handovers. The numerical results
can also be used to select proper network configurations.
51.Accurately
Measuring Denial of Service in Simulation and Testbed Experiments-java-2009
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL.
6, NO. 2, APRIL-JUNE 2009
Abstract
:- Researchers in the denial-of-service (DoS)
field lack accurate, quantitative, and versatile metrics to
measure service denialin simulation and testbed experiments.
Without such metrics, it is impossible to measure severity
of various attacks, quantify successof proposed defenses,
and compare their performance. Existing DoS metrics equate
service denial with slow communicationlow throughput, high
resource utilization, and high loss rate. These metrics are
not versatile because they fail to monitor all trafficparameters
that signal service degradation. They are not quantitative
because they fail to specify exact ranges of parameter valuesthat
correspond to good or poor service quality. Finally, they
are not accurate since they were not proven to correspond
to humanperception of service denial. We propose several DoS
impact metrics that measure the quality of service experienced
by users duringan attack. Our metrics are quantitative: they
map QoS requirements for several applications into measurable
traffic parameters withacceptable, scientifically determined
thresholds. They are versatile: they apply to a wide range
of attack scenarios, which we demonstrate via testbed experiments
and simulations. We also prove metrics’ accuracy through
testing with human users.
52.Decompositional
rule extraction from support vector machine by active learning-java-2009
This paper appears in: Knowledge and Data Engineering, IEEE
Transactions on
Publication Date: Feb. 2009
Volume: 21, Issue: 2
Abstract
:- Support vector machines (SVMs) are currently
state-of-the-art for the classification task and, generally
speaking, exhibit good predictive performance due to their
ability to model nonlinearities. However, their strength is
also their main weakness, as the generated nonlinear models
are typically regarded as incomprehensible black-box models.
In this paper, we propose a new active learning-based approach
(ALBA) to extract comprehensible rules from opaque SVM models.
Through rule extraction, some insight is provided into the
logics of the SVM model. ALBA extracts rules from the trained
SVM model by explicitly making use of key concepts of the
SVM: the support vectors, and the observation that these are
typically close to the decision boundary. Active learning
implies the focus on apparent problem areas, which for rule
induction techniques are the regions close to the SVM decision
boundary where most of the noise is found. By generating extra
data close to these support vectors that are provided with
a class label by the trained SVM model, rule induction techniques
are better able to discover suitable discrimination rules.
This performance increase, both in terms of predictive accuracy
as comprehensibility, is confirmed in our experiments where
we apply ALBA on several publicly available data sets.
53.Storing
and indexing spatial data in P2P systems-java-2009
This paper appears in: Knowledge and Data Engineering, IEEE
Transactions on
Publication Date: Feb. 2009
Volume: 21, Issue: 2
Abstract
:- The peer-to-peer
(P2P) paradigm has become very popular for storing and sharing
information in a totally decentralized manner. At first, research
focused on P2P systems that host 1D data. Nowadays, the need
for P2P applications with multidimensional data has emerged,
motivating research on P2P systems that manage such data.
The majority of the proposed techniques are based either on
the distribution of centralized indexes or on the reduction
of multidimensional data to one dimension. Our goal is to
create from scratch a technique that is inherently distributed
and also maintains the multidimensionality of data. Our focus
is on structured P2P systems that share spatial information.
We present SpatialP2P, a totally decentralized indexing and
searching framework that is suitable for spatial data. SpatialP2P
supports P2P applications in which spatial information of
various sizes can be dynamically inserted or deleted, and
peers can join or leave. The proposed technique preserves
well locality and directionality of space.
54.IMine-Index
support for Item Set Mining-java-2009
This paper appears in: Knowledge and Data Engineering, IEEE
Transactions on
Publication Date: April 2009
Volume: 21, Issue: 4
Abstract
:- This paper presents the IMine index, a
general and compact structure which provides tight integration
of item set extraction in a relational DBMS. Since no constraint
is enforced during the index creation phase, IMine provides
a complete representation of the original database. To reduce
the I/O cost, data accessed together during the same extraction
phase are clustered on the same disk block. The IMine index
structure can be efficiently exploited by different item set
extraction algorithms. In particular, IMine data access methods
currently support the FP-growth and LCM v.2 algorithms, but
they can straightforwardly support the enforcement of various
constraint categories. The IMine index has been integrated
into the PostgreSQL DBMS and exploits its physical level access
methods. Experiments, run for both sparse and dense data distributions,
show the efficiency of the proposed index and its linear scalability
also for large datasets. Item set mining supported by the
IMine index shows performance always comparable with, and
sometimes better than, state of the art algorithms accessing
data on flat file.
55.Generating
the number of clustering in unlabeled data set-java-2009
This paper appears in: Knowledge and Data Engineering, IEEE
Transactions on
Publication Date: March 2009 Volume: 21, Issue: 3
Abstract
:- Clustering
is a popular tool for exploratory data analysis. One of the
major problems in cluster analysis is the determination of
the number of clusters in unlabeled data, which is a basic
input for most clustering algorithms. In this paper we investigate
a new method called DBE (dark block extraction) for automatically
estimating the number of clusters in unlabeled data sets,
which is based on an existing algorithm for visual assessment
of cluster tendency (VAT) of a data set, using several common
image and signal processing techniques. Basic steps include:
1) generating a VAT image of an input dissimilarity matrix;
2) performing image segmentation on the VAT image to obtain
a binary image, followed by directional morphological filtering;
3) applying a distance transform to the filtered binary image
and projecting the pixel values onto the main diagonal axis
of the image to form a projection signal; 4) smoothing the
projection signal, computing its first-order derivative, and
then detecting major peaks and valleys in the resulting signal
to decide the number of clusters. Our new DBE method is nearly
"automatic", depending on just one easy-to-set parameter.
Several numerical and real-world examples are presented to
illustrate the effectiveness of DBE.
56.EVALUATING
THE VULNERABILITY OF NETWORK TRAFFIC USING JOINT SECURITY
AND ROUTING ANALYSIS-java-2009
Patrick Tague, Student Member, IEEE, David Slater, Student
Member, IEEE,
Jason Rogers, and Radha Poovendran, Senior Member, IEEE
Abstract
:- Joint analysis of security and routing
protocols in wireless networks reveals vulnerabilities of
secure network traffic thatremain undetected when security
and routing protocols are analyzed independently. We formulate
a class of continuous metrics to
evaluate the vulnerability of network traffic as a function
of security and routing protocols used in wireless networks.
We develop twocomplementary vulnerability definitions using
set theoretic and circuit theoretic interpretations of the
security of network traffic, allowinga network analyst or
an adversary to determine weaknesses in the secure network.
We formalize node capture attacks using the vulnerability
metric as a nonlinear integer programming minimization problem
and propose the GNAVE algorithm, a Greedy Nodecapture Approximation
using Vulnerability Evaluation. We discuss the availability
of security parameters to the adversary and showthat unknown
parameters can be estimated using probabilistic analysis.
We demonstrate vulnerability evaluation using the proposed
metrics and node capture attacks using the GNAVE algorithm
through detailed examples and simulation.
57.On
the Security of Route Discovery in MANETs-java-2009
Abstract
:- Mobile ad
hoc networks (MANETs) are collections of wireless mobile devices
with restricted broadcast range and resources, and no fixed
infrastructure. ROUTING is a basic functionality for multihop
mobile ad hoc networks (MANETs). These networks are decentralized,
with nodes acting both as hosts and as routers, forwarding
packets for nodes that are not in transmission range of each
other. Communication is achieved by relaying data along appropriate
routes that are dynamically discovered and maintained through
collaboration between the nodes. Discovery of such routes
is a major task, both from efficiency and security points
of view. Recently, a security model tailored to the specific
requirements of MANETs was introduced by Acs, Buttya?
Among the novel characteristics of this security model is
that it promises security guarantee under concurrent executions,
a feature of crucial practical implication for this type of
distributed computation. A novel route discovery algorithm
called endairA was also proposed, together with a claimed
security proof within the same model. In this project, we
show that the security proof for the route discovery algorithm
endairA is flawed, and moreover, this algorithm is vulnerable
to a hidden channel attack.
58.SERVICE
ORIENTED ARCHITECTURAL MODEL FOR ONLINE STATE ESTIMATION OF
MULTI AREA POWER SYSTEMS-java-2009
Academic Open Internet Journal ISSN 1311-4360 www.acadjournal.com
Volume 19, 2006
Abstract
:- Web services, and more in general service-oriented
architectures (SOA),
are emerging as the technologies and architectures of choice
for implementingdistributed architectural models for performing
on-line load flow monitoring of multiareapower systems in
a complete secure distributed and platform independentenvironment.
On-line load flow monitoring requires the calculation of power
flowsolutions by using real time data obtained from the power
system clients. Theproposed SOA model for on-line load flow
monitoring is highly distributed and hasinherent features
such as scalability, reliability and also uses available computingpower,
hence economic feasibility is taken care mplicitly.Keywords
– On-line Load flow monitoring, Web service, service-oriented
architecture
59.Open
Smart Classroom: Extensible and Scalable Learning System in
Smart Space Using Web Service Technology-java-2009
This paper appears in: Knowledge and Data Engineering, IEEE
Transactions on
Publication Date: June 2009
Volume: 21, Issue: 6
Abstract
:- Real-time interactive virtual classroom
with teleeducation experience is an important approach in
distance learning. However, most current systems fail to meet
new challenges in extensibility and scalability, which mainly
lie with three issues. First, an open system architecture
is required to better support the integration of increasing
human-computer interfaces and personal mobile devices in the
classroom. Second, the learning system should facilitate opening
its interfaces, which will help easy deployment that copes
with different circumstances and allows other learning systems
to talk to each other. Third, problems emerge on binding existing
systems of classrooms together in different places or even
different countries such as tackling systems intercommunication
and distant intercultural learning in different languages.
To address these issues, we build a prototype application
called Open Smart Classroom built on our software infrastructure
based on the multiagent system architecture using Web Service
technology in Smart Space. Besides the evaluation of the extensibility
and scalability of the system, an experiment connecting two
Open Smart Classrooms deployed in different countries is also
undertaken, which demonstrates the influence of these new
features on the educational effect. Interesting and optimistic
results obtained show a significant research prospect for
developing future distant learning systems.
60.BMQ-Processor:
A High-Performance Border-Crossing Event Detection Framework
for Large-Scale Monitoring Applications-java-2009
This paper appears in: Knowledge and Data Engineering, IEEE
Transactions on
Publication Date: Feb. 2009
Volume: 21, Issue: 2
Abstract
:- In this paper,
we present BMQ-Processor, a high-performance border-crossing
event (BCE) detection framework for large-scale monitoring
applications. We first characterize a new query semantics,
namely, border monitoring query (BMQ), which is useful for
BCE detection in many monitoring applications. It monitors
the values of data streams and reports them only when data
streams cross the borders of its range. We then propose BMQ-Processor
to efficiently handle a large number of BMQs over a high volume
of data streams. BMQ-Processor efficiently processes BMQs
in a shared and incremental manner. It develops and operates
over a novel stateful query index, achieving a high level
of scalability over continuous data updates. Also, it utilizes
the locality embedded in data streams and greatly accelerates
successive BMQ evaluations. We present data structures and
algorithms to support 1D as well as multidimensional BMQs.
We show that the semantics of border monitoring can be extended
toward more advanced ones and build region transition monitoring
as a sample case. Lastly, we demonstrate excellent processing
performance and low storage cost of BMQ-Processor through
extensive analysis and experiments.
61.Design
and Evaluation of the iMed Intelligent Medical Search Engine-java-2009
Gang LuoIBM T.J. Watson Research Center, 19 Skyline Drive,
Hawthorne, NY 10532, USA
IEEE International Conference on Data Engineering-
1084-4627/09 $25.00 © 2009 IEEE
Abstract
:- Searching for medical information on the
Web is popular and important. However, medical search has
its own unique requirements that are poorly handled by existing
medical Web search engines. This paper presents iMed, the
first intelligent medical Web search engine that extensively
uses medical knowledge and questionnaire to facilitate ordinary
Internet users to search for medical information. iMed introduces
and extends expert system technology into the search engine
domain. It uses several key techniques to improve its usability
and search result quality. First, since ordinary users often
cannot clearly describe their situations due to lack of medical
background, iMed uses a questionnaire-based query interface
to guide searchers to provide the most important information
about their situations. Second, iMed uses medical knowledge
to automatically form multiple queries from a searcher’
answers to the questions. Using these queries to perform search
can significantly improve the quality of search results. Third,
iMed structures all the search results into a multilevel hierarchy
with explicitly marked medical meanings to facilitate searchers’
viewing. Lastly, iMed suggests diversified,related medical
phrases at each level of the search result hierarchy. These
medical phrases are extracted from the MeSH ontology and can
help searchers quickly digest search results and refine their
inputs. We evaluated iMed under a wide range of medical scenarios.
The results show that iMed is effective and efficient for
medical search
62.Improving
personalization solution through optimal segmentation of customer
bases-java-2009
This paper appears in: Knowledge and Data Engineering, IEEE
Transactions on
Publication Date: March 2009
Volume: 21, Issue: 3
Abstract :-
On the Web, where the search costs are low and the competition
is just a mouse click away, it is crucial to segment the customers
intelligently in order to offer more targeted and personalized
products and services to them. Traditionally, customer segmentation
is achieved using statistics-based methods that compute a
set of statistics from the customer data and group customers
into segments by applying distance-based clustering algorithms
in the space of these statistics. In this paper, we present
a direct grouping-based approach to computing customer segments
that groups customers not based on computed statistics, but
in terms of optimally combining transactional data of several
customers to build a data mining model of customer behavior
for each group. Then, building customer segments becomes a
combinatorial optimization problem of finding the best partitioning
of the customer base into disjoint groups. This paper shows
that finding an optimal customer partition is NP-hard, proposes
several suboptimal direct grouping segmentation methods, and
empirically compares them among themselves, traditional statistics-based
hierarchical and affinity propagation-based segmentation,
and one-to-one methods across multiple experimental conditions.
It is shown that the best direct grouping method significantly
dominates the statistics-based and one-to-one approaches across
most of the experimental conditions, while still being computationally
tractable. It is also shown that the distribution of the sizes
of customer segments generated by the best direct grouping
method follows a power law distribution and that microsegmentation
provides the best approach to personalization.
