An Alternating Trust Region Algorithm for Distributed Linearly Constrained Nonlinear Programs, Application to the AC Optimal Power Flow

A novel trust region method for solving linearly constrained nonlinear programs is presented. The proposed technique is amenable to a distributed implementation, as its salient ingredient is an alternating projected gradient sweep in place of the Cauchy point computation. It is proven that the algorithm yields a sequence that globally converges to a critical point. As a result of some changes to the standard trust region method, namely a proximal regularisation of the trust region subproblem, it is shown that the local convergence rate is linear with an arbitrarily small ratio. Thus, convergence is locally almost superlinear, under standard regularity assumptions. The proposed method is successfully applied to compute local solutions to alternating current optimal power flow problems in transmission and distribution networks. Moreover, the new mechanism for computing a Cauchy point compares favourably against the standard projected search as for its activity detection properties

Evaluating online trust using machine learning methods

Trust plays an important role in e-commerce, P2P networks, and information filtering. Current challenges in trust evaluations include: (1) fnding trustworthy recommenders, (2) aggregating heterogeneous trust recommendations of different trust standards based on correlated observations and different evaluation processes, and (3) managing efficiently large trust systems where users may be sparsely connected and have multiple local reputations. The purpose of this dissertation is to provide solutions to these three challenges by applying ordered depth-first search, neural network, and hidden Markov model techniques. It designs an opinion filtered recommendation trust model to derive personal trust from heterogeneous recommendations; develops a reputation model to evaluate recommenders\u27 trustworthiness and expertise; and constructs a distributed trust system and a global reputation model to achieve efficient trust computing and management. The experimental results show that the proposed three trust models are reliable. The contributions lie in: (1) novel application of neural networks in recommendation trust evaluation and distributed trust management; (2) adaptivity of the proposed neural network-based trust models to accommodate dynamic and multifacet properties of trust; (3) robustness of the neural network-based trust models to the noise in training data, such as deceptive recommendations; (4) efficiency and parallelism of computation and load balance in distributed trust evaluations; and (5) novel application of Hidden Markov Models in recommenders\u27 reputation evaluation

Off-Street Vehicular Fog for Catering Applications in 5G/B5G: A Trust-based Task Mapping Solution and Open Research Issues

One of the key enablers in serving the applications requiring stringent latency in 5G networks is fog computing as it is situated closer to the end users. With the technological advancement of vehicles’ on-board units, their computing capabilities are becoming robust, and considering the underutilization of the off-street vehicles, we envision that the off-street vehicles can be an enormously useful computational source for the fog computing. Additionally, clustering the vehicles would be advantageous in order to improve the service availability. As the vehicles become highly connected, trust is needed especially in distributed environments. However, vehicles are made from different manufacturers, and have different platforms, security mechanisms, and varying parking duration. These lead to the unpredictable behavior of the vehicles where quantifying trust value of vehicles would be difficult. A trust-based solution is necessary for task mapping as a task has a set of properties including expected time to complete, and trust requirements that need to be met. However, the existing metrics used for trust evaluation in the vehicular fog computing such as velocity and direction are not applicable in the off-street vehicle fog environments. In this paper, we propose a framework for quantifying the trust value of off-street vehicle fog computing facilities in 5G networks and forming logical clusters of vehicles based on the trust values. This allows tasks to be shared with multiple vehicles in the same cluster that meets the tasks’ trust requirements. Further, we propose a novel task mapping algorithm to increase the vehicle resource utilization and meet the desired trust requirements while maintaining imposed latency requirements of 5G applications. Results obtained using iFogSim simulator demonstrate that the proposed solution increases vehicle resource utilization and reduces task drop noticeably. This paper presents open research issues pertaining to the study to lead..

From Controlled Data-Center Environments to Open Distributed Environments: Scalable, Efficient, and Robust Systems with Extended Functionality

The past two decades have witnessed several paradigm shifts in computing environments. Starting from cloud computing which offers on-demand allocation of storage, network, compute, and memory resources, as well as other services, in a pay-as-you-go billingmodel. Ending with the rise of permissionless blockchain technology, a decentralized computing paradigm with lower trust assumptions and limitless number of participants. Unlike in the cloud, where all the computing resources are owned by some trusted cloud provider, permissionless blockchains allow computing resources owned by possibly malicious parties to join and leave their network without obtaining permission from some centralized trusted authority. Still, in the presence of malicious parties, permissionlessblockchain networks can perform general computations and make progress. Cloud computing is powered by geographically distributed data-centers controlled and managed by trusted cloud service providers and promises theoretically infinite computing resources. On the other hand, permissionless blockchains are powered by open networks of geographically distributed computing nodes owned by entities that are not necessarily known or trusted. This paradigm shift requires a reconsideration of distributed data management protocols and distributed system designs that assume low latency across system components, inelastic computing resources, or fully trusted computing resources.In this dissertation, we propose new system designs and optimizations that address scalability and efficiency of distributed data management systems in cloud environments. We also propose several protocols and new programming paradigms to extend the functionality and enhance the robustness of permissionless blockchains. The work presented spans global-scale transaction processing, large-scale stream processing, atomic transaction processing across permissionless blockchains, and extending the functionality and the use-cases of permissionless blockchains. In all these directions, the focus is on rethinking system and protocol designs to account for novel cloud and permissionless blockchain assumptions. For global-scale transaction processing, we propose GPlacer, a placement optimization framework that decides replica placement of fully and partial geo-replicated databases. For large-scale stream processing, we propose Cache-on-Track (CoT) an adaptive and elastic client-side cache that addresses server-side load-imbalances that occur in large-scale distributed storage layers. In permissionless blockchain transaction processing, we propose AC3WN, the first correct cross-chain commitment protocol that guarantees atomicity of cross-chain transactions. Also, we propose TXSC, a transactional smart contract programming framework. TXSC provides smart contract developers with transaction primitives. These primitives allow developers to write smart contracts without the need to reason about the anomalies that can arise due to concurrent smart contract function executions. In addition, we propose a forward-looking architecture that unifies both permissioned and permissionless blockchains and exploits the running infrastructure of permissionless blockchains to build global asset management systems

Configuring and Auditing VPC Network Traffic Using a Private Hyperledger Blockchain

Organizations with cloud computing operations set up connectivity between their networks to facilitate secure, low cost communication. Such inter-organization connectivity opens up network boundaries to applications running in networks that belong to cross-border business units or organizations. Participating organizations require secure, tamper-proof audit trails of communications across network boundaries without relying on the cloud provider. This disclosure describes blockchain-based techniques to provide trust, immutability, and independent verifiability of audit logs of network traffic between organizations. A permission-based blockchain built using hyperledger fabric is provided to enable efficient audit of network communication between networks belonging to different parties or entities. A private blockchain network for a VPC (virtual private cloud) network connection is configured to efficiently store network traffic data as a distributed ledger

Distributed DDoS Defense:A collaborative Approach at Internet Scale

Distributed large-scale cyber attacks targeting the availability of computing and network resources still remain a serious threat. To limit the effects caused by those attacks and to provide a proactive defense, mitigation should move to the networks of Internet Service Providers (ISPs). In this context, this thesis focuses on a development of a collaborative, automated approach to mitigate the effects of Distributed Denial of Service (DDoS) attacks at Internet Scale. This thesis has the following contributions: i) a systematic and multifaceted study on mitigation of large-scale cyber attacks at ISPs. ii) A detailed guidance selecting an exchange format and protocol suitable to use to disseminate threat information. iii) To overcome the shortcomings of missing flow-based interoperability of current exchange formats, a development of the exchange format Flow-based Event Exchange Format (FLEX). iv) A communication process to facilitate the automated defense in response to ongoing network-based attacks, v) a model to select and perform a semi-automatic deployment of suitable response actions. vi) An investigation of the effectiveness of the defense techniques moving-target using Software Defined Networking (SDN) and their applicability in context of large-scale cyber attacks and the networks of ISPs. Finally, a trust model that determines a trust and a knowledge level of a security event to deploy semi-automated remediations and facilitate the dissemination of security event information using the exchange format FLEX in context of ISP networks

Peer-to-Peer Secure Multi-Party Numerical Computation Facing Malicious Adversaries

We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and other tasks, where the computing nodes is expected to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we try to bridge the gap between theoretical algorithms in the security domain, and a practical Peer-to-Peer deployment. We consider two security models. The first is the semi-honest model where peers correctly follow the protocol, but try to reveal private information. We provide three possible schemes for secure multi-party numerical computation for this model and identify a single light-weight scheme which outperforms the others. Using extensive simulation results over real Internet topologies, we demonstrate that our scheme is scalable to very large networks, with up to millions of nodes. The second model we consider is the malicious peers model, where peers can behave arbitrarily, deliberately trying to affect the results of the computation as well as compromising the privacy of other peers. For this model we provide a fourth scheme to defend the execution of the computation against the malicious peers. The proposed scheme has a higher complexity relative to the semi-honest model. Overall, we provide the Peer-to-Peer network designer a set of tools to choose from, based on the desired level of security.Comment: Submitted to Peer-to-Peer Networking and Applications Journal (PPNA) 200