282 research outputs found
LightBox: Full-stack Protected Stateful Middlebox at Lightning Speed
Running off-site software middleboxes at third-party service providers has
been a popular practice. However, routing large volumes of raw traffic, which
may carry sensitive information, to a remote site for processing raises severe
security concerns. Prior solutions often abstract away important factors
pertinent to real-world deployment. In particular, they overlook the
significance of metadata protection and stateful processing. Unprotected
traffic metadata like low-level headers, size and count, can be exploited to
learn supposedly encrypted application contents. Meanwhile, tracking the states
of 100,000s of flows concurrently is often indispensable in production-level
middleboxes deployed at real networks.
We present LightBox, the first system that can drive off-site middleboxes at
near-native speed with stateful processing and the most comprehensive
protection to date. Built upon commodity trusted hardware, Intel SGX, LightBox
is the product of our systematic investigation of how to overcome the inherent
limitations of secure enclaves using domain knowledge and customization. First,
we introduce an elegant virtual network interface that allows convenient access
to fully protected packets at line rate without leaving the enclave, as if from
the trusted source network. Second, we provide complete flow state management
for efficient stateful processing, by tailoring a set of data structures and
algorithms optimized for the highly constrained enclave space. Extensive
evaluations demonstrate that LightBox, with all security benefits, can achieve
10Gbps packet I/O, and that with case studies on three stateful middleboxes, it
can operate at near-native speed.Comment: Accepted at ACM CCS 201
Empirical exploration of air traffic and human dynamics in terminal airspaces
Air traffic is widely known as a complex, task-critical techno-social system,
with numerous interactions between airspace, procedures, aircraft and air
traffic controllers. In order to develop and deploy high-level operational
concepts and automation systems scientifically and effectively, it is essential
to conduct an in-depth investigation on the intrinsic traffic-human dynamics
and characteristics, which is not widely seen in the literature. To fill this
gap, we propose a multi-layer network to model and analyze air traffic systems.
A Route-based Airspace Network (RAN) and Flight Trajectory Network (FTN)
encapsulate critical physical and operational characteristics; an Integrated
Flow-Driven Network (IFDN) and Interrelated Conflict-Communication Network
(ICCN) are formulated to represent air traffic flow transmissions and
intervention from air traffic controllers, respectively. Furthermore, a set of
analytical metrics including network variables, complex network attributes,
controllers' cognitive complexity, and chaotic metrics are introduced and
applied in a case study of Guangzhou terminal airspace. Empirical results show
the existence of fundamental diagram and macroscopic fundamental diagram at the
route, sector and terminal levels. Moreover, the dynamics and underlying
mechanisms of "ATCOs-flow" interactions are revealed and interpreted by
adaptive meta-cognition strategies based on network analysis of the ICCN.
Finally, at the system level, chaos is identified in conflict system and human
behavioral system when traffic switch to the semi-stable or congested phase.
This study offers analytical tools for understanding the complex human-flow
interactions at potentially a broad range of air traffic systems, and underpins
future developments and automation of intelligent air traffic management
systems.Comment: 30 pages, 28 figures, currently under revie
An integrated framework on autonomous-EV charging and autonomous valet parking (AVP) management system
Autonomous vehicles (AVs) transform traditional commuting by decreasing congestion, improving road safety, and naturally integrate better with electric controls for flexible implementation of autonomous driving technologies. Indeed, electric-powered AVs or autonomous electric vehicles (AEVs) are benefiting each other in many aspects. While autonomy brings great efficiency in driving as well as battery use, EVs require less maintenance and drastically cut fuel costs. With AVs, a pivotal concern is within the realm of long-range Autonomous Valet Parking (LAVP), such as diverse customer demands on parking (or drop-off / pick-up) for various journey planning. On the other hand, electric-powered AVs are typically with limited cruising range, and locating convenient charging services are also among the major impediments. As of yet, recent studies have started to investigate EV charging and LAVP in isolation as they rarely consider a joint optimization on user trip and energy refueling. Rather, we target in this work the integration of vehicle charging with autonomy in the sense of a systemic approach. Specifically, we propose an integrated AEV charging and LAVP management scheme, to resolve critical decision-making on convenient charging and parking management upon customer requirements during their journeys. The proposed scheme jointly considers charging reservations as well as parking duration at car parks (CPs), aiming to enable accurate predictions on future charging (and parking) states at CPs. Results show the advantage of our proposal over benchmarks, in terms of enhanced customer experiences in traveling period, as well as charging performances at both AEV and CP sides. Particularly, effective load balancing can be achieved across the network regarding the amount of charged as well as parked vehicles
Recommended from our members
Vulnerability and resilience analysis of the air traffic control sector network in China
Sustainability and its component resilience have become an important issue that cannot be neglected in airspace planning and development. Resilience, as an emerging system concept, is critical to sustainability in many fields. With the rapidly growing demand in China’s air transportation sector, airspace congestion and flight delays have become a major issue in the fast development of this sector, and threatens the sustainability and resilience of air traffic control (ATC) systems such as waste of resources, air pollution, etc. Sectors, the basic units of an ATC system, play a significant role in ensuring the safe and smooth operations of day-to-day flights. In this paper, we apply the complex network theory to establish a model of China’s air sector network (CASN) and examine a series of characteristic parameters with an empirical analysis on its vulnerability and resilience. Through a simulation-based approach, the CASN’s resilience was quantitatively assessed with a resilience indicator (RI) in different scenarios to identify the optimal recovery strategy for building higher system resilience. The results show that the CASN has a lengthy average shortest path and a small clustering coefficient, which demonstrates a hybrid topological feature. We have also found that betweenness has the greatest impact on the resilience and has managerial implications to understand the relationship between vulnerability and resilience in CASN, so as to achieve the resilience and sustainability of CASN.</jats:p
Performance and Design of Composite Modular System with Tenon Connections for Multi-Storey Buildings
Modular building is an innovative construction method based on advanced manufacturing technologies, which is a more eco-friendly, effective, and cost-saving alternative than conventional methods. The primary objective of this thesis is to design a sufficient composite modular system for multi-storey applications and provide design recommendations based on system-level analyses under earthquakes, winds, and sudden column losses.
In the course of this thesis, a numerical model is first created for an existing tenon-connected inter-module connection to investigate its effects on the building’s lateral resistance. A cohesive interface model is used to account for the weld fracture. Due to the semi-rigid connectivity, there are around 53% and 28% reductions in the yield and maximum capacity of the building, respectively. The displacement coefficient method per American guidelines FEMA-356 is then adopted to predict the maximum deformation of the modular buildings under different design seismic loads. To strengthen the modular buildings, a novel composite modular system is newly proposed, which consists of concrete-filled steel tubular columns, laminated double beams, and integrated composite slabs. The structural responses of the composite modular buildings are assessed under design wind actions per Australian Standards AS 1170.0-2. The results indicate that the proposed buildings have sufficient design capacity but insufficient deflection control. The progressive collapse analysis is performed on the buildings in sudden column loss scenarios per Unified Facilities Criteria UFC 4-023-03. The results show that alternate load paths are activated after the notional column removals, and the progressive collapse is unlikely for the scenarios under consideration. Finally, the suitable dynamic increase factors of 1.90 and 1.60 are recommended for the 4- and 12-storey modular buildings, respectively, allowing peak dynamic responses to be predicted using the static approach
A Heckman selection model for the safety analysis of signalized intersections
published_or_final_versio
- …