An Interactive Relaxation Approach for Anomaly Detection and Preventive Measures in Computer Networks

It is proposed to develop a framework of detecting and analyzing small and widespread changes in specific dynamic characteristics of several nodes. The characteristics are locally measured at each node in a large network of computers and analyzed using a computational paradigm known as the Relaxation technique. The goal is to be able to detect the onset of a worm or virus as it originates, spreads-out, attacks and disables the entire network. Currently, selective disabling of one or more features across an entire subnet, e.g. firewalls, provides limited security and keeps us from designing high performance net-centric systems. The most desirable response is to surgically disable one or more nodes, or to isolate one or more subnets.The proposed research seeks to model virus/worm propagation as a spatio-temporal process. Such models have been successfully applied in heat-flow and evidence or gestalt driven perception of images among others. In particular, we develop an iterative technique driven by the self-assessed dynamic status of each node in a network. The status of each node will be updated incrementally in concurrence with its connected neighbors to enable timely identification of compromised nodes and subnets. Several key insights used in image analysis of line-diagrams, through an iterative and relaxation-driven node labeling method, are explored to help develop this new framework

Cellular, Wide-Area, and Non-Terrestrial IoT: A Survey on 5G Advances and the Road Towards 6G

The next wave of wireless technologies is proliferating in connecting things among themselves as well as to humans. In the era of the Internet of things (IoT), billions of sensors, machines, vehicles, drones, and robots will be connected, making the world around us smarter. The IoT will encompass devices that must wirelessly communicate a diverse set of data gathered from the environment for myriad new applications. The ultimate goal is to extract insights from this data and develop solutions that improve quality of life and generate new revenue. Providing large-scale, long-lasting, reliable, and near real-time connectivity is the major challenge in enabling a smart connected world. This paper provides a comprehensive survey on existing and emerging communication solutions for serving IoT applications in the context of cellular, wide-area, as well as non-terrestrial networks. Specifically, wireless technology enhancements for providing IoT access in fifth-generation (5G) and beyond cellular networks, and communication networks over the unlicensed spectrum are presented. Aligned with the main key performance indicators of 5G and beyond 5G networks, we investigate solutions and standards that enable energy efficiency, reliability, low latency, and scalability (connection density) of current and future IoT networks. The solutions include grant-free access and channel coding for short-packet communications, non-orthogonal multiple access, and on-device intelligence. Further, a vision of new paradigm shifts in communication networks in the 2030s is provided, and the integration of the associated new technologies like artificial intelligence, non-terrestrial networks, and new spectra is elaborated. Finally, future research directions toward beyond 5G IoT networks are pointed out.Comment: Submitted for review to IEEE CS&

The Design and Analysis of a Wireless LAN Relayed Frame Protocol Extension

Computing stations networked on wireless LANs (wLANs) typically have a limited range of mobility: the station must always be within an access point’s coverage area. If a station moves outside of that area, and if it is unable to locate another base station within its range to perform a handover of communication connectivity responsibility, then it will ex perience a disruption in network services until it migrates into the coverage area of another wLAN. Typical causes for such losses of service include station migration to outside of the wLAN’s coverage area, changing environmental conditions, and “holes” within the cumu lative cell coverage area of multiple access points. There could be several mobile stations simultaneously sharing the network in a wLAN. Each station may be stationary or in motion for part or all of its service life. How ever, in order to use the wLAN, it must be within service range of a access point. Theoreti cally, if a station is outside the access point’s coverage area, yet its own radio signal is within range of one of the stations which has connectivity with an access point, the isolated station could relay its network negotiations and traffic through a relay station which has direct communication with the access point. Therefore, the station nearer to the base sta tion acts as a relay point for the isolated station out of the access point’s range. In this thesis, the author proposed, the design of a MAC Frame Relaying Protocol Extension which enables this type of dynamic relaying of network frames between stations in wLANs. It requires additional logic in the networking process on both the access point and the stations involved (both relay station and the isolated station) to support the bidirec tional forwarding of network traffic, and the definition of several new message types to support relay connection setup and data exchange. Both cryptography and digital signature concepts are employed to make secure the process of establishing of a relayed network session, and the exchange of data between the end stations. To verify the validity of the protocol extension and to measure its performance, the protocol extension was implemented into an existing and widely accepted wireless network standard, IEEE 802.11. To study its effectiveness and impact on the wLAN protocol, the network simulation software, OPNET, was used. An existing model of IEEE 802.11 was enhanced with the additional logic introduced by the protocol extension. Through simulation, it is proved that the logic presented by the protocol extension is able to function. In addition, the impact to overall network performance, and the quality of service the isolated station experiences during a relayed network session were quantita tively analyzed. Through the OPNET simulation, it was found that overall wLAN perfor mance diminished a moderate amount, while the isolated station experienced a far smaller level of throughput when engaged in a relayed network session, than it did in a normal network session

Ecologies of Relation: Collectivity in Art and Media

How can relation be considered a creative force in the composition of experience? Investigating the status of relation in art, media, and philosophy, this thesis outlines an account of research-creation as a creative practice and tool for analysis. Research-creation, a term used to describe creative practices comprising artistic and theoretical components, provides the backdrop for a more general discussion of the production of knowledge beyond human cognition. By taking a radical empiricist approach, the thesis proposes to include preindividual, affective, and more-than-human elements in the conception of experience. From this point of view, experience is always relationally composed and manifests itself dynamically as an “ecology.” One way of developing a theory and practice attentive to such ecologies of relation resides in the notion of the collective, which refers here to a dimension of experience that exceeds the mere grouping of individual elements under a common interest, ideology, or social bond. The first chapter analyzes collectivity and relation as activities of emergence and becoming. Considered as ecological activity, collectivity emphasizes how experience comprises spatio-temporal dynamics constituting embodied, actual events and their singular forms of knowledge. Using the work of the SenseLab as exemplary, this chapter clarifies how research-creation might be better understood as an investigation into aesthetic and conceptual practices that mutually shape how forms of knowledge and experience co-emerge. From here, the focus on the ecological relation moves toward immersive media environments, which emphasize perception as a relational act of immediation. Immediation as relational act challenges the paradigm of mediation between humans and machines, and instead inserts their activity into an ecological dynamic. In this chapter, research-creation interlaces with concerns in the field of digital aesthetics. Consequently, the entanglements between different temporalities in digital media processes require a rethinking of affect as a temporal operation, which is the focus of chapter three. In chapters four and the conclusion, research-creation as a relational-ecological practice opens up toward political concerns in urban planning and activism, respectively, allowing for the development of an extended conception of the aesthetic politics of the collective beyond art and academia. From a final speculative outlook the thesis asks how an ecological and collective account of research-creation might turn philosophy into an aesthetic and political practice of activation

Synthesis Of Distributed Protocols From Scenarios And Specifications

Distributed protocols, typically expressed as stateful agents communicating asynchronously over buffered communication channels, are difficult to design correctly. This difficulty has spurred decades of research in the area of automated model-checking algorithms. In turn, practical implementations of model-checking algorithms have enabled protocol developers to prove the correctness of such distributed protocols. However, model-checking techniques are only marginally useful during the actual development of such protocols; typically as a debugging aid once a reasonably complete version of the protocol has already been developed. The actual development process itself is often tedious and requires the designer to reason about complex interactions arising out of concurrency and asynchrony inherent to such protocols. In this dissertation we describe program synthesis techniques which can be applied as an enabling technology to ease the task of developing such protocols. Specifically, the programmer provides a natural, but incomplete description of the protocol in an intuitive representation — such as scenarios or an incomplete protocol. This description specifies the behavior of the protocol in the common cases. The programmer also specifies a set of high-level formal requirements that a correct protocol is expected to satisfy. These requirements can include safety requirements as well as liveness requirements in the form of Linear Temporal Logic (LTL) formulas. We describe techniques to synthesize a correct protocol which is consistent with the common-case behavior specified by the programmer and also satisfies the high-level safety and liveness requirements set forth by the programmer. We also describe techniques for program synthesis in general, which serve to enable the solutions to distributed protocol synthesis that this dissertation explores

Adaptive wide area protection of power systems

Studies of major blackouts reveal that power system protection devices have contributed to a majority of system disturbances. This leads to efforts of improving protection Philosophy;;Analysis shows that conventional protection relies on coordination among stand-alone relays to obtain a dependability-biased component-protection scheme. Whereas it is more desirable and also feasible nowadays for an integrated approach to both component and system protection, provided modern relays possessing the ability of sharing information and applying intelligence in decision-making.;This dissertation proposes the adaptive protection concept for wide area systems. The scope of the research includes identifying and developing the desired architecture, intelligent algorithms and communication needs that facilitate the protection system to avoid and reduce the impact of system emergencies.;The purpose of this research work is to conceptualize and nurture adaptive protection concept for wide area systems, and to conduct feasibility studies to make this concept practically viable. Several case studies are conducted to show the effectiveness of the proposed adaptive protection scheme. In addition, voltage stability, which is a classic wide area problem, can be alleviated with the proposed concept. Steady state and transient simulation studies provided encouraging results. The detailed decision-making algorithms are simulated in several examples for validation of the concept

Logic, parallelism and semantic networks : the binary predicate execution model

This thesis develops the Binary Predicate Execution Model; a distributed, massively-parallel system for semantic networks and knowledge bases that is built on a subset of first-order predicate logic. The use of logic gives the model an easily-understood programming paradigm and a well-defined semantics of execution. When expressed in binary predicates, a simple graphical interpretation can be used. All program facts are represented in an assertion graph. Each vertex is associated with a term appearing in a fact and the edges are labeled with the predicate names. Similar graphs are also associated with each rule body and the query. Finding all possible solutions corresponds to finding all possible matches between the query graph and the assertion graph. Invoking a rule corresponds to substituting the graph of its body constrained by the dependencies between its arguments. This can be implemented in a parallel, message-passing fashion where the assertion graph vertices are active processing elements which asynchronously exchange messages identifying different parts of the query that remain to be matched and containing any binding information from previous matching required to accomplish this. The model is data-driven since every message can be immediately processed without the need for any centralized control or centralized memory. By restricting how functional terms can occur, distributed data structures and remote data look-ups for unification are eliminated. Thus, the model's performance on increasingly larger problems scales-up given increasingly larger machines in most cases. Architectural support for the model is investigated and simulation results of a relatively simple software implementation are reported. This suggests performance on the order of 10^5 logical inferences per second for 256 processing elements in an n-cube configuration. Further research directions, including that of increasing efficiency, are discussed

Approaching algorithmic power

Contemporary power manifests in the algorithmic. Emerging quite recently as an object of study within media and communications, cultural research, gender and race studies, and urban geography, the algorithm often seems ungraspable. Framed as code, it becomes proprietary property, black-boxed and inaccessible. Framed as a totality, its becomes overwhelmingly complex, incomprehensible in its operations. Framed as a procedure, it becomes a technique to be optimised, bracketing out the political. In struggling to adequately grasp the algorithmic as an object of study, to unravel its mechanisms and materialities, these framings offer limited insight into how algorithmic power is initiated and maintained. This thesis instead argues for an alternative approach: firstly, that the algorithmic is coordinated by a coherent internal logic, a knowledge-structure that understands the world in particular ways; second, that the algorithmic is enacted through control, a material and therefore observable performance which purposively influences people and things towards a predetermined outcome; and third, that this complex totality of architectures and operations can be productively analysed as strategic sociotechnical clusters of machines. This method of inquiry is developed with and tested against four contemporary examples: Uber, Airbnb, Amazon Alexa, and Palantir Gotham. Highly profitable, widely adopted and globally operational, they exemplify the algorithmic shift from whiteboard to world. But if the world is productive, it is also precarious, consisting of frictional spaces and antagonistic subjects. Force cannot be assumed as unilinear, but is incessantly negotiated—operations of parsing data and processing tasks forming broader operations that strive to establish subjectivities and shape relations. These negotiations can fail, destabilised by inadequate logics and weak control. A more generic understanding of logic and control enables a historiography of the algorithmic. The ability to index information, to structure the flow of labor, to exert force over subjects and spaces— these did not emerge with the microchip and the mainframe, but are part of a longer lineage of calculation. Two moments from this lineage are examined: house-numbering in the Habsburg Empire and punch-card machines in the Third Reich. Rather than revolutionary, this genealogy suggests an evolutionary process, albeit uneven, linking the computation of past and present. The thesis makes a methodological contribution to the nascent field of algorithmic studies. But more importantly, it renders algorithmic power more intelligible as a material force. Structured and implemented in particular ways, the design of logic and control construct different versions, or modalities, of algorithmic power. This power is political, it calibrates subjectivities towards certain ends, it prioritises space in specific ways, and it privileges particular practices whilst suppressing others. In apprehending operational logics, the practice of method thus foregrounds the sociopolitical dimensions of algorithmic power. As the algorithmic increasingly infiltrates into and governs the everyday, the ability to understand, critique, and intervene in this new field of power becomes more urgent

Naming and sharing resources across administrative boundaries

I tackle the problem of naming and sharing resources across administrative boundaries. Conventional systems manifest the hierarchy of typical administrative structure in the structure of their own mechanism. While natural for communication that follows hierarchical patterns, such systems interfere with naming and sharing that cross administrative boundaries, and therefore cause headaches for both users and administrators. I propose to organize resource naming and security, not around administrative domains, but around the sharing patterns of users. The dissertation is organized into four main parts. First, I discuss the challenges and tradeoffs involved in naming resources and consider a variety of existing approaches to naming. Second, I consider the architectural requirements for user-centric sharing. I evaluate existing systems with respect to these requirements. Third, to support the sharing architecture, I develop a formal logic of sharing that captures the notion of restricted delegation. Restricted delegation ensures that users can use the same mechanisms to share resources consistently, regardless of the origin of the resource, or with whom the user wishes to share the resource next. A formal semantics gives unambiguous meaning to the logic. I apply the formalism to the Simple Public Key Infrastructure and discuss how the formalism either supports or discourages potential extensions to such a system. Finally, I use the formalism to drive a user-centric sharing implementation for distributed systems. I show how this implementation enables end-to-end authorization, a feature that makes heterogeneous distributed systems more secure and easier to audit. Conventionally, gateway services that bridge administrative domains, add abstraction, or translate protocols typically impede the flow of authorization information from client to server. In contrast, end-to-end authorization enables us to build gateway services that preserve authorization information, hence we reduce the size of the trusted computing base and enable more effective auditing. I demonstrate my implementation and show how it enables end-to-end authorization across various boundaries. I measure my implementation and argue that its performance tracks that of similar authorization mechanisms without end-to-end structure. I conclude that my user-centric philosophy of naming and sharing benefits both users and administrators