2,528 research outputs found

    Advancing Protocol Diversity in Network Security Monitoring

    Get PDF
    With information technology entering new fields and levels of deployment, e.g., in areas of energy, mobility, and production, network security monitoring needs to be able to cope with those environments and their evolution. However, state-of-the-art Network Security Monitors (NSMs) typically lack the necessary flexibility to handle the diversity of the packet-oriented layers below the abstraction of TCP/IP connections. In this work, we advance the software architecture of a network security monitor to facilitate the flexible integration of lower-layer protocol dissectors while maintaining required performance levels. We proceed in three steps: First, we identify the challenges for modular packet-level analysis, present a refined NSM architecture to address them and specify requirements for its implementation. Second, we evaluate the performance of data structures to be used for protocol dispatching, implement the proposed design into the popular open-source NSM Zeek and assess its impact on the monitor performance. Our experiments show that hash-based data structures for dispatching introduce a significant overhead while array-based approaches qualify for practical application. Finally, we demonstrate the benefits of the proposed architecture and implementation by migrating Zeek\u27s previously hard-coded stack of link and internet layer protocols to the new interface. Furthermore, we implement dissectors for non-IP based industrial communication protocols and leverage them to realize attack detection strategies from recent applied research. We integrate the proposed architecture into the Zeek open-source project and publish the implementation to support the scientific community as well as practitioners, promoting the transfer of research into practice

    A hierarchical approach to multi-project planning under uncertainty

    Get PDF
    We survey several viewpoints on the management of the planning complexity of multi-project organisations under uncertainty. A positioning framework is proposed to distinguish between different types of project-driven organisations, which is meant to aid project management in the choice between the various existing planning approaches. We discuss the current state of the art of hierarchical planning approaches both for traditional manufacturing and for project environments. We introduce a generic hierarchical project planning and control framework that serves to position planning methods for multi-project planning under uncertainty. We discuss multiple techniques for dealing with the uncertainty inherent to the different hierarchical stages in a multi-project organisation. In the last part of this paper we discuss two cases from practice and we relate these practical cases to the positioning framework that is put forward in the paper

    TOWARDS DIGITAL TWIN-DRIVEN PERFORMANCE EVALUATION METHODOLOGY OF FMS

    Get PDF
    The paper presents a method of automated modelling and performance evaluation of concurrent production flows carried out in Flexible Manufacturing Systems. The method allows for quick assessment of various variants of such systems, considering their structure and the organization of production flow of possible ways of their implementation. Its essence is the conditions imposed on the designed model, limiting the space of possible variants of the production flow only to deadlock-free variants. The practical usefulness of the model implemented in the proposed method illustrates the example, which describes the simultaneous assessment of alternative variants of the flexible machining module's structure and the planned multi-assortment production. The ability of the method to focus on feasible solutions offers attractive perspectives for guiding the Digital Twin-like scenario in situations caused by the need to change the production flow

    LEGaTO: first steps towards energy-efficient toolset for heterogeneous computing

    Get PDF
    LEGaTO is a three-year EU H2020 project which started in December 2017. The LEGaTO project will leverage task-based programming models to provide a software ecosystem for Made-in-Europe heterogeneous hardware composed of CPUs, GPUs, FPGAs and dataflow engines. The aim is to attain one order of magnitude energy savings from the edge to the converged cloud/HPC.Peer ReviewedPostprint (author's final draft

    Multi-tenant Pub/Sub processing for real-time data streams

    Get PDF
    Devices and sensors generate streams of data across a diversity of locations and protocols. That data usually reaches a central platform that is used to store and process the streams. Processing can be done in real time, with transformations and enrichment happening on-the-fly, but it can also happen after data is stored and organized in repositories. In the former case, stream processing technologies are required to operate on the data; in the latter batch analytics and queries are of common use. This paper introduces a runtime to dynamically construct data stream processing topologies based on user-supplied code. These dynamic topologies are built on-the-fly using a data subscription model defined by the applications that consume data. Each user-defined processing unit is called a Service Object. Every Service Object consumes input data streams and may produce output streams that others can consume. The subscription-based programing model enables multiple users to deploy their own data-processing services. The runtime does the dynamic forwarding of data and execution of Service Objects from different users. Data streams can originate in real-world devices or they can be the outputs of Service Objects. The runtime leverages Apache STORM for parallel data processing, that combined with dynamic user-code injection provides multi-tenant stream processing topologies. In this work we describe the runtime, its features and implementation details, as well as we include a performance evaluation of some of its core components.This work is partially supported by the European Research Council (ERC) un- der the EU Horizon 2020 programme (GA 639595), the Spanish Ministry of Economy, Industry and Competitivity (TIN2015-65316-P) and the Generalitat de Catalunya (2014-SGR-1051).Peer ReviewedPostprint (author's final draft

    Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation

    Full text link
    Largely known for attack scenarios, code reuse techniques at a closer look reveal properties that are appealing also for program obfuscation. We explore the popular return-oriented programming paradigm under this light, transforming program functions into ROP chains that coexist seamlessly with the surrounding software stack. We show how to build chains that can withstand popular static and dynamic deobfuscation approaches, evaluating the robustness and overheads of the design over common programs. The results suggest a significant amount of computational resources would be required to carry a deobfuscation attack for secret finding and code coverage goals.Comment: Published in the proceedings of DSN'21 (51st IEEE/IFIP Int. Conf. on Dependable Systems and Networks). Code and BibTeX entry available at https://github.com/pietroborrello/raindro

    Packet Dispatching Schemes for Three-Stage Buffered Clos-Network Switches

    Get PDF
    Non

    The "MIND" Scalable PIM Architecture

    Get PDF
    MIND (Memory, Intelligence, and Network Device) is an advanced parallel computer architecture for high performance computing and scalable embedded processing. It is a Processor-in-Memory (PIM) architecture integrating both DRAM bit cells and CMOS logic devices on the same silicon die. MIND is multicore with multiple memory/processor nodes on each chip and supports global shared memory across systems of MIND components. MIND is distinguished from other PIM architectures in that it incorporates mechanisms for efficient support of a global parallel execution model based on the semantics of message-driven multithreaded split-transaction processing. MIND is designed to operate either in conjunction with other conventional microprocessors or in standalone arrays of like devices. It also incorporates mechanisms for fault tolerance, real time execution, and active power management. This paper describes the major elements and operational methods of the MIND architecture

    High Availability and Scalability of Mainframe Environments using System z and z/OS as example

    Get PDF
    Mainframe computers are the backbone of industrial and commercial computing, hosting the most relevant and critical data of businesses. One of the most important mainframe environments is IBM System z with the operating system z/OS. This book introduces mainframe technology of System z and z/OS with respect to high availability and scalability. It highlights their presence on different levels within the hardware and software stack to satisfy the needs for large IT organizations

    Logistic system design of an underground freight pipeline system

    Get PDF
    "July 2014."Dissertation Supervisor: Dr. James Noble.Includes vita.Underground Freight Pipeline (UFP) systems utilize the underground space in metro areas that is otherwise not utilized for freight transportation. Two fundamental logistics issues in the design of a UFP system are network configuration and capsule control. This research develops two capsule control models that minimize total tardiness squared of cargo delivery and associated heuristic algorithms to solve large-scale problems. Two network design models are introduced that minimizes both operational and construction cost of UFP system. The UFP network design Comprehensive Model can only be solved to optimality for small sized problem. To reduce the computational complexity, the UFP network design Two Step Model that is able to generate high quality network design solutions is developed. Then, a case study of a UFP network design in Greater New York area is presented.Includes bibliographical references (pages 159-162)
    • 

    corecore