ADVANCED RANDOM TIME QUEUE BLOCKING WITH TRAFFIC PREDICTION FOR DEFENSE OF LOW-RATE DOS ATTACKS AGAINST APPLICATION SERVERS

Among many strategies of Denial of Services, low-rate traffic denial-of-service (DoS) attacks are more significant. This strategy denies the services of a network by detection of the vulnerabilities in performance of the application. In this research, an efficient defence methodology is developed against low-rate DoS attack in the application servers. Though, the Improved Random Time Queue Blocking (IRTQB) technique can eliminate the vulnerabilities in the network and also avoiding the attacker from capturing all the server queue positions by defining a spatial similarity metric (SSM). However, the differentiation of the attack requests from the legitimate users’ is not always efficient since only the source IP addresses and the record timestamp are considered in the SSM. It was improved by using Advanced Random Time Queue Blocking (ARTQB) scheme that employed Bandwidth utilization of attacker in IRTQB to detect the DoS attack that normally consumes a huge number of resources of the server. However, this method becomes ineffective when the attack consumes more network traffic. In this paper, an efficient detection technique called Advanced Random Time Queue Blocking with Traffic Prediction (ARTQB-TP) is proposed for defining SSM which contains, Source IP, timestamp, Bandwidth between two requests and the difference between the attack traffic and legitimate traffic. The ARTQB-TP technique is utilized to reduce the attack efficiency in 18 different server configurations which are more vulnerable to the DoS attacks and where the attacks may also have a chance to improve its effectiveness. Experimental results show that the proposed system performs better protection of application servers against the LRDoS attacks by solving its impacts on any kind of server architectures and reduced the attack efficiencies of all the types of attack strategies

New Data Protection Abstractions for Emerging Mobile and Big Data Workloads

Two recent shifts in computing are challenging the effectiveness of traditional approaches to data protection. Emerging machine learning workloads have complex access patterns and unique leakage characteristics that are not well supported by existing protection approaches. Second, mobile operating systems do not provide sufficient support for fine grained data protection tools forcing users to rely on individual applications to correctly manage and protect data. My thesis is that these emerging workloads have unique characteristics that we can leverage to build new, more effective data protection abstractions. This dissertation presents two new data protection systems for machine learning work-loads and a new system for fine grained data management and protection on mobile devices. First is Sage, a differentially private machine learning platform addressing the two primary challenges of differential privacy: running out of budget and the privacy utility tradeoff. The second system, Pyramid, is the first selective data system. Pyramid leverages count featurization to reduce the amount of data exposed while training classification models by two orders of magnitude. The final system, Pebbles, provides users with logical data objects as a new fine grained data management and protection primitive allowing data management at a higher level of abstraction. Pebbles, leverages high level storage abstractions in mobile operating systems to discover user recognizable application level data objects in unmodified mobile applications

Effectiveness of entropy-based features in high-and low-intensity DDoS attacks detection

DDoS attack detection using entropy-based features in network traffic has become a popular approach among researchers in the last five years. The use of traffic distribution features constructed using entropy measures has been proposed as a better approach to detect Distributed Denial of Service (DDoS) attacks compared to conventional volumetric methods, but it still lacks in the generality of detecting various intensity DDoS attacks accurately. In this paper, we focus on identifying effective entropy-based features to detect both high- and low-intensity DDoS attacks by exploring the effectiveness of entropy-based features in distinguishing the attack from normal traffic patterns. We hypothesise that using different entropy measures, window sizes, and entropy-based features may affect the accuracy of detecting DDoS attacks. This means that certain entropy measures, window sizes, and entropy-based features may reveal attack traffic amongst normal traffic better than the others. Our experimental results show that using Shannon, Tsallis and Zhou entropy measures can achieve a clearer distinction between DDoS attack traffic and normal traffic than Rényi entropy. In addition, the window size setting used in entropy construction has minimal influence in differentiating between DDoS attack traffic and normal traffic. The result of the effectiveness ranking shows that the commonly used features are less effective than other features extracted from traffic headers

Виявлення сигналів з використанням дискретної обробки атрактора Дуффінга

The results of detection of periodic signals using the chaos theory based on discrete processing of the Duffing attractor in the Poincare section were considered.A chaotic Duffing system characterized by high sensitivity to periodic signals and a possibility of implementation by means of a relatively simple circuit was chosen for the study.Response of the Duffing system to the periodic influence was analyzed. It was shown that when amplitude of periodic components of the input signal grows at a frequency of driving oscillations, there is a shift of the phase trajectory along the Poincare section which is characterized by fractal geometry. Types of the Duffing attractor changes that result from the influence of a periodic input signal were determined. Control regions for recording types of the phase trajectory dynamics were identified in the phase plane formed by the output signal and its derivative. In accordance with the characteristics of the obtained phase trajectories, a truth table was constructed. It enables estimation of influence of the periodic component with a sufficiently large time sampling increment which is important for ensuring speed of the signal processing devices. Transforms were obtained that describe the process of detecting periodic signals by discrete processing of the Duffing attractor in the Poincare section.Based on the formulated transforms and the truth table, a block diagram of a device for detecting periodic signals in noise was proposed. The proposed device can be used as an input unit to implement the Duffing system based on an analog electric circuit.Values of discrete estimates of amplitude of the periodic component of the input signal according to the shift of the phase trajectory of the Duffing system with respect to the attractor in the Poincare section were obtained. According to the modeling results, the proposed circuit makes it possible to detect periodic signals at low values of the signal-to-noise ratio.Рассмотрены результаты обнаружения периодических сигналов с использованием теории хаоса, на основе дискретной обработки аттрактора Дуффинга в сечении Пуанкаре.Для проведения исследований избрана хаотическая система Дуффинга, которая характеризуется высокой чувствительностью к сигналам периодической формы, и может быть реализована относительно несложной схемой.Проведен анализ реакции системы Дуффинга на периодическое воздействие. Показано, что при увеличении амплитуды периодических составляющих входного сигнала на частоте задающих колебаний, происходит смещение фазовой траектории вдоль сечения Пуанкаре, который характеризуется фрактальной геометрией. Определены типы изменений аттрактора Дуффинга, которые возникают в результате действия периодического сигнала на входе. В фазовой плоскости, образованной выходным сигналом и его производной, выделены контрольные области для фиксации типов динамики фазовой траектории. В соответствии с характеристиками полученных фазовых траекторий, построена таблица истинности, которая позволяет выполнять оценку влияния периодической составляющей с достаточно большим шагом дискретизации по времени, что важно для обеспечения производительности устройств обработки сигналов.Получены функционалы, описывающие процесс обнаружения периодических сигналов путем дискретной обработки аттрактора системы Дуффинга в сечении Пуанкаре.На основе сформулированных функционалов и таблицы истинности предложена структурная схема устройства для обнаружения периодического сигнала в шуме. В предложенном устройстве, в качестве входного блока, может использоваться реализация системы Дуффинга на основе аналоговой электрической цепи.Получены значения дискретных оценок амплитуды периодической составляющей входного сигнала по смещению фазовой траектории системы Дуффинга относительно аттрактора в сечении Пуанкаре. Согласно результатам проведенного моделирования, предложенная схема позволяет обнаруживать периодические сигналы при низких значениях отношения сигнал/шумРозглянуто результати виявлення періодичних сигналів з використанням теорії хаосу, на основі дискретної обробки атрактора Дуффінга у перерізі Пуанкаре.Для проведення досліджень обрано хаотичну систему Дуффінга, яка характеризується високою чутливістю до сигналів періодичної форми, і може бути реалізована відносно нескладною схемою.Проведено аналіз реакції системи Дуффінга на періодичний вплив. Показано, що при збільшенні амплітуди періодичних складових вхідного сигналу на частоті задаючих коливань, відбувається зсув фазової траєкторії вздовж перерізу Пуанкаре, який характеризується фрактальною геометрією. Визначено типи змін атрактора Дуффінга, які виникають внаслідок дії періодичного сигналу на вході. У фазовій площині, утвореній вихідним сигналом і його похідною, виділено контрольні області для фіксації типів динаміки фазової траєкторії. Відповідно до характеристик отриманих фазових траєкторій, побудовано таблицю істинності, яка дозволяє виконувати оцінку впливу періодичної складової із достатньо великим кроком дискретизації за часом, що важливо для забезпечення швидкодії пристроїв обробки сигналів. Отримано функціонали, які описують процес виявлення періодичних сигналів шляхом дискретної обробки атрактора системи Дуффінга у перерізі Пуанкаре.На основі сформульованих функціоналів та таблиці істинності запропоновано структурну схему пристрою для виявлення періодичного сигналу в шумі. У запропонованому пристрої, в якості вхідного блоку, може використовуватися реалізація системи Дуффінга на основі аналогового електричного кола.Отримано значення дискретних оцінок амплітуди періодичної складової вхідного сигналу за зміщенням фазової траєкторії системи Дуффінга відносно атрактора у перерізі Пуанкаре. Згідно з результатами проведеного моделювання, запропонована схема дозволяє виявляти періодичні сигнали при низьких значеннях відношення сигнал/шу

Making Software More Reliable by Uncovering Hidden Dependencies

As software grows in size and complexity, it also becomes more interdependent. Multiple internal components often share state and data. Whether these dependencies are intentional or not, we have found that their mismanagement often poses several challenges to testing. This thesis seeks to make it easier to create reliable software by making testing more efficient and more effective through explicit knowledge of these hidden dependencies. The first problem that this thesis addresses, reducing testing time, directly impacts the day-to-day work of every software developer. The frequency with which code can be built (compiled, tested, and package) directly impacts the productivity of developers: longer build times mean a longer wait before determining if a change to the application being build was successful. We have discovered that in the case of some languages, such as Java, the vast majority of build time is spent running tests. Therefore, it's incredibly important to focus on approaches to accelerating testing, while simultaneously making sure that we do not inadvertently cause tests to erratically fail (i.e. become flaky). Typical techniques for accelerating tests (like running only a subset of them, or running them in parallel) often can't be applied soundly, since there may be hidden dependencies between tests. While we might think that each test should be independent (i.e. that a test's outcome isn't influenced by the execution of another test), we and others have found many examples in real software projects where tests truly have these dependencies: some tests require others to run first, or else their outcome will change. Previous work has shown that these dependencies are often complicated, unintentional, and hidden from developers. We have built several systems, VMVM and ElectricTest, that detect different sorts of dependencies between tests and use that information to soundly reduce testing time by several orders of magnitude. In our first approach, Unit Test Virtualization, we reduce the overhead of isolating each unit test with a lightweight, virtualization-like container, preventing these dependencies from manifesting. Our realization of Unit Test Virtualization for Java, VMVM eliminates the need to run each test in its own process, reducing test suite execution time by an average of 62% in our evaluation (compared to execution time when running each test in its own process). However, not all test suites isolate their tests: in some, dependencies are allowed to occur between tests. In these cases, common test acceleration techniques such as test selection or test parallelization are unsound in the absence of dependency information. When dependencies go unnoticed, tests can unexpectedly fail when executed out of order, causing unreliable builds. Our second approach, ElectricTest, soundly identifies data dependencies between test cases, allowing for sound test acceleration. To enable more broad use of general dependency information for testing and other analyses, we created Phosphor, the first and only portable and performant dynamic taint tracking system for the JVM. Dynamic taint tracking is a form of data flow analysis that applies labels to variables, and tracks all other variables derived from those tagged variables, propagating those tags. Taint tracking has many applications to software engineering and software testing, and in addition to our own work, researchers across the world are using Phosphor to build their own systems. Towards making testing more effective, we also created Pebbles, which makes it easy for developers to specify data-related test oracles on mobile devices by thinking in terms of high level objects such as emails, notes or pictures

Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network

Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial-of-Service vulnerabilities due to timestamp reference, field size and format, and verification rule. This research aims to prevent temporal DoS vulnerabilities on IPv6 link-local networks by enhancing Trust-ND without jeopardizing its original structure to retain its advantages over SEND. The proposed enhanced version of Trust-ND, called eTrustND, addresses the vulnerabilities in three stages, (i) Timestamp Formulation, (ii) Enhanced Trust-ND, and (iii) Rule-based verification mechanism. The first stage changes the reference time from system time to UTC, the 24-hour time format in hexadecimal to epoch second in integer. It also increases the precision from one hundredth to one ten-thousandth second. The second stage utilizes the Trust-ND’s Reserved field for the sub-second value and changes the timestamp field data type from byte to IntField. The third stage proposes a rule-based verification mechanism to handle out-of-sync computer clocks, preventing temporal DoS vulnerabilities. The experiment results on a testbed demonstrate that eTrustND prevents temporal-based DoS vulnerabilities without jeopardizing the original Trust-ND packet structure and adding overheads (computation and bandwidth)

Improvement of DDoS attack detection and web access anonymity

The thesis has covered a range of algorithms that help to improve the security of web services. The research focused on the problems of DDoS attack and traffic analysis attack against service availability and information privacy respectively. Finally, this research significantly advantaged DDoS attack detection and web access anonymity.<br /

Rapid SoC Design: On Architectures, Methodologies and Frameworks

Modern applications like machine learning, autonomous vehicles, and 5G networking require an order of magnitude boost in processing capability. For several decades, chip designers have relied on Moore’s Law - the doubling of transistor count every two years to deliver improved performance, higher energy efficiency, and an increase in transistor density. With the end of Dennard’s scaling and a slowdown in Moore’s Law, system architects have developed several techniques to deliver on the traditional performance and power improvements we have come to expect. More recently, chip designers have turned towards heterogeneous systems comprised of more specialized processing units to buttress the traditional processing units. These specialized units improve the overall performance, power, and area (PPA) metrics across a wide variety of workloads and applications. While the GPU serves as a classical example, accelerators for machine learning, approximate computing, graph processing, and database applications have become commonplace. This has led to an exponential growth in the variety (and count) of these compute units found in modern embedded and high-performance computing platforms. The various techniques adopted to combat the slowing of Moore’s Law directly translates to an increase in complexity for modern system-on-chips (SoCs). This increase in complexity in turn leads to an increase in design effort and validation time for hardware and the accompanying software stacks. This is further aggravated by fabrication challenges (photo-lithography, tooling, and yield) faced at advanced technology nodes (below 28nm). The inherent complexity in modern SoCs translates into increased costs and time-to-market delays. This holds true across the spectrum, from mobile/handheld processors to high-performance data-center appliances. This dissertation presents several techniques to address the challenges of rapidly birthing complex SoCs. The first part of this dissertation focuses on foundations and architectures that aid in rapid SoC design. It presents a variety of architectural techniques that were developed and leveraged to rapidly construct complex SoCs at advanced process nodes. The next part of the dissertation focuses on the gap between a completed design model (in RTL form) and its physical manifestation (a GDS file that will be sent to the foundry for fabrication). It presents methodologies and a workflow for rapidly walking a design through to completion at arbitrary technology nodes. It also presents progress on creating tools and a flow that is entirely dependent on open-source tools. The last part presents a framework that not only speeds up the integration of a hardware accelerator into an SoC ecosystem, but emphasizes software adoption and usability.PHDElectrical and Computer EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/168119/1/ajayi_1.pd

Rural food security in Mutare District, Zimbabwe, 1947-2010

By taking Mutare District as its lens to explore the dynamics of rural food security in Zimbabwe, this thesis assesses the role of the state in tackling hunger among its rural populations. It examines the impact of colonial and post-colonial food policy on efforts to combat food insecurity. The thesis explores the uneasy options pursued by rural communities in response to droughts and other threats of hunger. It identifies and ranks crop failure as the chief culprit to the district’s efforts towards food security. The thesis illustrates the contestations between the state and its rural people over which sustainable approaches to adopt in order to end hunger and how such debates continually shaped policy. It grapples with questions about the various understandings of food security advanced by scholars within the rural African context. It demonstrates, for instance, that the post-colonial state inherited an erstwhile crop production structure which shunned food crops in favour of cash crops. There was obvious bias against local preferences for a robust, home-grown food regime which did not put rural livelihoods at risk of starvation. The thesis also argues that food can be used as an instrument of war as evidenced during the liberation struggle when the vast majority of people residing in rural areas, particularly women and children, were pushed to the edges of survival. In addition, the thesis demonstrates that the infamous Marange diamonds turned out to be a curse rather than a blessing due to the state’s lack of transparency in the beneficiation chain. It concludes by a detailed examination of the political economy of food aid, demonstrating why donors have not succeeded for long to combat hunger in the district. In light of this background, the thesis provides a more nuanced analysis of the whole question of rural food security using archival material, newspapers, government and civil society reports, interviews and field observation. The thesis benefits from the use of a multi-pronged theoretical framework to capture the disparate themes that form the bedrock of this study

Waveguide Quantum Electrodynamics in Superconducting Circuits

Achieving an efficient interface of light and matter has been a principal goal in the field of quantum optics. A burgeoning paradigm in the study of light-matter interface is waveguide quantum electrodynamics (QED), where quantum emitters are coupled to a common one-dimensional waveguide channel. In this scenario, cooperative effects among quantum emitters emerge as a result of real and virtual exchange of photons, giving rise to new ways of controlling matter. Superconducting quantum circuits offer an exciting platform to study quantum optics in the microwave domain with artificial quantum emitters interfaced to engineered photonic structures on chip. Beyond revisiting the experiments performed in atom-based platforms, superconducting circuits enable exploration of novel regimes in quantum optics that are otherwise prohibitively challenging to achieve. Moreover, the unprecedented level of control over individual quantum degrees of freedom and good scalability of the system provided by state-of-the-art circuit QED toolbox set a promising direction towards the study of quantum many-body phenomena. In this thesis, I discuss waveguide QED experiments performed in superconducting quantum circuits where transmon qubits are coupled to engineered microwave waveguides. Employing the high flexibility and controllability of superconducting quantum circuits, we realize and explore various schemes for generating waveguide-mediated interactions between superconducting qubits. We also demonstrate an intermediate-scale quantum processor based on a dispersive waveguide QED system involving ten superconducting qubits, exploring quantum many-body dynamics in a highly controllable fashion. The work described in the thesis marks an important step towards the construction of scalable architectures for quantum simulation of many-body models and realization of efficient coupling schemes for quantum computation.</p