Ad hoc network security and modeling with stochastic petri nets

Advances in wireless technology and portable computing along with demands for high user mobility have provided a major promotion toward the development of ad hoc networks. These networks feature dynamic topology, self-organization, limited bandwidth and battery power of a node. Unlike the existing commercial wireless systems and fixed infrastructure networks, they do not rely on specialized routers for path discovery and traffic routing. Security is an important issue in such networks. Typically, mobile nodes are significantly more susceptible to physical attacks than their wired counterparts. This research intends to investigate the ad hoc network routing security by proposing a performance enhanced Secure ad hoc On-demand Routing protocol (SOR). Specifically, it presents a method to embed Security Level into ad hoc on-demand routing protocols using node-disjoint multipath, and to use maximum hopcount to restrict the number of routing packets in a specific area. The proposed scheme enables the use of security as a marked factor to improve the relevance of the routes discovered by ad hoc routing protocols. It provides customizable security to the flow of routing protocol messages. In general, SOR offers an alternative way to implement security in on-demand routing protocols. Ad hoc network is too complex to allow analytical study for explicit performance expressions. This research presents a Stochastic Petri net-based approach to modeling and analysis of mobile ad hoc network. This work illustrates how this model is built as a scalable model and used to exploit the characteristics of the networks. The proposed scheme is a powerful analytical model that can be used to derive network performance much more easily than a simulation-based approach. Furthermore, the proposed model is extended to study the performance of ad hoc network security by adding multipath selection and security measurement parameters. This research gives a quantificational measurement to analyze the performance of a modified SPN model under the effect of multipath and attack of a hypothetical compromised node

Effects of Communication Protocol Stack Offload on Parallel Performance in Clusters

The primary research objective of this dissertation is to demonstrate that the effects of communication protocol stack offload (CPSO) on application execution time can be attributed to the following two complementary sources. First, the application-specific computation may be executed concurrently with the asynchronous communication performed by the communication protocol stack offload engine. Second, the protocol stack processing can be accelerated or decelerated by the offload engine. These two types of performance effects can be quantified with the use of the degree of overlapping Do and degree of acceleration Daccs. The composite communication speedup metrics S_comm(Do, Daccs) can be used in order to quantify the combined effects of the protocol stack offload. This dissertation thesis is validated empirically. The degree of overlapping Do, the degree of acceleration Daccs, and the communication speedup Scomm characteristic of the system configurations under test are derived in the course of experiments performed for the system configurations of interest. It is shown that the proposed metrics adequately describe the effects of the protocol stack offload on the application execution time. Additionally, a set of analytical models of the networking subsystem of a PC-based cluster node is developed. As a result of the modeling, the metrics Do, Daccs, and Scomm are obtained. The models are evaluated as to their complexity and precision by comparing the modeling results with the measured values of Do, Daccs, and Scomm. The primary contributions of this dissertation research are as follows. First, the metric Daccs and Scomm are introduced in order to complement the Do metric in its use for evaluation of the effects of optimizations in the networking subsystem on parallel performance in clusters. The metrics are shown to adequately describe CPSO performance effects. Second, a method for assessing performance effects of CPSO scenarios on application performance is developed and presented. Third, a set of analytical models of cluster node networking subsystems with CPSO capability is developed and characterised as to their complexity and precision of the prediction of the Do and Daccs metrics

Evaluating Resilience of Cyber-Physical-Social Systems

Nowadays, protecting the network is not the only security concern. Still, in cyber security, websites and servers are becoming more popular as targets due to the ease with which they can be accessed when compared to communication networks. Another threat in cyber physical social systems with human interactions is that they can be attacked and manipulated not only by technical hacking through networks, but also by manipulating people and stealing users’ credentials. Therefore, systems should be evaluated beyond cy- ber security, which means measuring their resilience as a piece of evidence that a system works properly under cyber-attacks or incidents. In that way, cyber resilience is increas- ingly discussed and described as the capacity of a system to maintain state awareness for detecting cyber-attacks. All the tasks for making a system resilient should proactively maintain a safe level of operational normalcy through rapid system reconfiguration to detect attacks that would impact system performance. In this work, we broadly studied a new paradigm of cyber physical social systems and defined a uniform definition of it. To overcome the complexity of evaluating cyber resilience, especially in these inhomo- geneous systems, we proposed a framework including applying Attack Tree refinements and Hierarchical Timed Coloured Petri Nets to model intruder and defender behaviors and evaluate the impact of each action on the behavior and performance of the system.Hoje em dia, proteger a rede não é a única preocupação de segurança. Ainda assim, na segurança cibernética, sites e servidores estão se tornando mais populares como alvos devido à facilidade com que podem ser acessados quando comparados às redes de comu- nicação. Outra ameaça em sistemas sociais ciberfisicos com interações humanas é que eles podem ser atacados e manipulados não apenas por hackers técnicos através de redes, mas também pela manipulação de pessoas e roubo de credenciais de utilizadores. Portanto, os sistemas devem ser avaliados para além da segurança cibernética, o que significa medir sua resiliência como uma evidência de que um sistema funciona adequadamente sob ataques ou incidentes cibernéticos. Dessa forma, a resiliência cibernética é cada vez mais discutida e descrita como a capacidade de um sistema manter a consciência do estado para detectar ataques cibernéticos. Todas as tarefas para tornar um sistema resiliente devem manter proativamente um nível seguro de normalidade operacional por meio da reconfi- guração rápida do sistema para detectar ataques que afetariam o desempenho do sistema. Neste trabalho, um novo paradigma de sistemas sociais ciberfisicos é amplamente estu- dado e uma definição uniforme é proposta. Para superar a complexidade de avaliar a resiliência cibernética, especialmente nesses sistemas não homogéneos, é proposta uma estrutura que inclui a aplicação de refinamentos de Árvores de Ataque e Redes de Petri Coloridas Temporizadas Hierárquicas para modelar comportamentos de invasores e de- fensores e avaliar o impacto de cada ação no comportamento e desempenho do sistema

Designing, Building, and Modeling Maneuverable Applications within Shared Computing Resources

Extending the military principle of maneuver into war-fighting domain of cyberspace, academic and military researchers have produced many theoretical and strategic works, though few have focused on researching actual applications and systems that apply this principle. We present our research in designing, building and modeling maneuverable applications in order to gain the system advantages of resource provisioning, application optimization, and cybersecurity improvement. We have coined the phrase “Maneuverable Applications” to be defined as distributed and parallel application that take advantage of the modification, relocation, addition or removal of computing resources, giving the perception of movement. Our work with maneuverable applications has been within shared computing resources, such as the Clemson University Palmetto cluster, where multiple users share access and time to a collection of inter-networked computers and servers. In this dissertation, we describe our implementation and analytic modeling of environments and systems to maneuver computational nodes, network capabilities, and security enhancements for overcoming challenges to a cyberspace platform. Specifically we describe our work to create a system to provision a big data computational resource within academic environments. We also present a computing testbed built to allow researchers to study network optimizations of data centers. We discuss our Petri Net model of an adaptable system, which increases its cybersecurity posture in the face of varying levels of threat from malicious actors. Lastly, we present work and investigation into integrating these technologies into a prototype resource manager for maneuverable applications and validating our model using this implementation

Modelling and performance analysis of mobile ad hoc networks

PhD ThesisMobile Ad hoc Networks (MANETs) are becoming very attractive and useful in many kinds of communication and networking applications. This is due to their efficiency, relatively low cost, and flexibility provided by their dynamic infrastructure. Performance evaluation of mobile ad hoc networks is needed to compare various architectures of the network for their performance, study the effect of varying certain network parameters and study the interaction between various parameters that characterise the network. It can help in the design and implementation of MANETs. It is to be noted that most of the research that studies the performance of MANETs were evaluated using discrete event simulation (DES) utilising a broad band of network simulators. The principle drawback of DES models is the time and resources needed to run such models for large realistic systems, especially when results with a high accuracy are desired. In addition, studying typical problems such as the deadlock and concurrency in MANETs using DES is hard because network simulators implement the network at a low abstraction level and cannot support specifications at higher levels. Due to the advantage of quick construction and numerical analysis, analytical modelling techniques, such as stochastic Petri nets and process algebra, have been used for performance analysis of communication systems. In addition, analytical modelling is a less costly and more efficient method. It generally provides the best insight into the effects of various parameters and their interactions. Hence, analytical modelling is the method of choice for a fast and cost effective evaluation of mobile ad hoc networks. To the best of our knowledge, there is no analytical study that analyses the performance of multi-hop ad hoc networks, where mobile nodes move according to a random mobility model, in terms of the end-to-end delay and throughput. This work ii presents a novel analytical framework developed using stochastic reward nets and mathematical modelling techniques for modelling and analysis of multi-hop ad hoc networks, based on the IEEE 802.11 DCF MAC protocol, where mobile nodes move according to the random waypoint mobility model. The proposed framework is used to analysis the performance of multi-hop ad hoc networks as a function of network parameters such as the transmission range, carrier sensing range, interference range, number of nodes, network area size, packet size, and packet generation rate. The proposed framework is organized into several models to break up the complexity of modelling the complete network and make it easier to analyse each model as required. This is based on the idea of decomposition and fixed point iteration of stochastic reward nets. The proposed framework consists of a mathematical model and four stochastic reward nets models; the path analysis model, data link layer model, network layer model and transport layer model. These models are arranged in a way similar to the layers of the OSI protocol stack model. The mathematical model is used to compute the expected number of hops between any source-destination pair; and the average number of carrier sensing, hidden, and interfering nodes. The path analysis model analyses the dynamic of paths in the network due to the node mobility in terms of the path connection availability and rate of failure and repair. The data link layer model describes the behaviour of the IEEE 802.11 DCF MAC protocol. The actions in the network layer are modelled by the network layer model. The transport layer model represents the behaviour of the transport layer protocols. The proposed models are validated using extensive simulations

Quarc: an architecture for efficient on-chip communication

The exponential downscaling of the feature size has enforced a paradigm shift from computation-based design to communication-based design in system on chip development. Buses, the traditional communication architecture in systems on chip, are incapable of addressing the increasing bandwidth requirements of future large systems. Networks on chip have emerged as an interconnection architecture offering unique solutions to the technological and design issues related to communication in future systems on chip. The transition from buses as a shared medium to networks on chip as a segmented medium has given rise to new challenges in system on chip realm. By leveraging the shared nature of the communication medium, buses have been highly efficient in delivering multicast communication. The segmented nature of networks, however, inhibits the multicast messages to be delivered as efficiently by networks on chip. Relying on extensive research on multicast communication in parallel computers, several network on chip architectures have offered mechanisms to perform the operation, while conforming to resource constraints of the network on chip paradigm. Multicast communication in majority of these networks on chip is implemented by establishing a connection between source and all multicast destinations before the message transmission commences. Establishing the connections incurs an overhead and, therefore, is not desirable; in particular in latency sensitive services such as cache coherence. To address high performance multicast communication, this research presents Quarc, a novel network on chip architecture. The Quarc architecture targets an area-efficient, low power, high performance implementation. The thesis covers a detailed representation of the building blocks of the architecture, including topology, router and network interface. The cost and performance comparison of the Quarc architecture against other network on chip architectures reveals that the Quarc architecture is a highly efficient architecture. Moreover, the thesis introduces novel performance models of complex traffic patterns, including multicast and quality of service-aware communication

Structure discovery techniques for circuit design and process model visualization

Graphs are one of the most used abstractions in many knowledge fields because of the easy and flexibility by which graphs can represent relationships between objects. The pervasiveness of graphs in many disciplines means that huge amounts of data are available in graph form, allowing many opportunities for the extraction of useful structure from these graphs in order to produce insight into the data. In this thesis we introduce a series of techniques to resolve well-known challenges in the areas of digital circuit design and process mining. The underlying idea that ties all the approaches together is discovering structures in graphs. We show how many problems of practical importance in these areas can be solved utilizing both common and novel structure mining approaches. In the area of digital circuit design, this thesis proposes automatically discovering frequent, repetitive structures in a circuit netlist in order to improve the quality of physical planning. These structures can be used during floorplanning to produce regular designs, which are known to be highly efficient and economical. At the same time, detecting these repeating structures can exponentially reduce the total design time. The second focus of this thesis is in the area of the visualization of process models. Process mining is a recent area of research which centers on studying the behavior of real-life systems and their interactions with the environment. Complicated process models, however, hamper this goal. By discovering the important structures in these models, we propose a series of methods that can derive visualization-friendly process models with minimal loss in accuracy. In addition, and combining the areas of circuit design and process mining, this thesis opens the area of specification mining in asynchronous circuits. Instead of the usual design flow, which involves synthesizing circuits from specifications, our proposal discovers specifications from implemented circuits. This area allows for many opportunities for verification and re-synthesis of asynchronous circuits. The proposed methods have been tested using real-life benchmarks, and the quality of the results compared to the state-of-the-art.Els grafs són una de les representacions abstractes més comuns en molts camps de recerca, gràcies a la facilitat i flexibilitat amb la que poden representar relacions entre objectes. Aquesta popularitat fa que una gran quantitat de dades es puguin trobar en forma de graf, i obre moltes oportunitats per a extreure estructures d'aquest grafs, útils per tal de donar una intuïció millor de les dades subjacents. En aquesta tesi introduïm una sèrie de tècniques per resoldre reptes habitualment trobats en les àrees de disseny de circuits digitals i mineria de processos industrials. La idea comú sota tots els mètodes proposats es descobrir automàticament estructures en grafs. En la tesi es mostra que molts problemes trobats a la pràctica en aquestes àrees poden ser resolts utilitzant nous mètodes de descobriment d'estructures. En l'àrea de disseny de circuits, proposem descobrir, automàticament, estructures freqüents i repetitives en les definicions del circuit per tal de millorar la qualitat de les etapes posteriors de planificació física. Les estructures descobertes poden fer-se servir durant la planificació per produir dissenys regulars, que son molt més econòmics d'implementar. Al mateix temps, la descoberta i ús d'aquestes estructures pot reduir exponencialment el temps total de disseny. El segon punt focal d'aquesta tesi és en l'àrea de la visualització de models de processos industrials. La mineria de processos industrials es un tema jove de recerca que es centra en estudiar el comportament de sistemes reals i les interaccions d'aquests sistemes amb l'entorn. No obstant, quan d'aquest anàlisi s'obtenen models massa complexos visualment, l'estudi n'és problemàtic. Proposem una sèrie de mètodes que, gràcies al descobriment automàtic de les estructures més importants, poden generar models molt més fàcils de visualitzar que encara descriuen el comportament del sistema amb gran precisió. Combinant les àrees de disseny de circuits i mineria de processos, aquesta tesi també obre un nou tema de recerca: la mineria d'especificacions per circuits asíncrons. En l'estil de disseny asíncron habitual, sintetitzadors automàtics generen circuits a partir de les especificacions. En aquesta tesi proposem el pas invers: descobrir automàticament les especificacions de circuits ja implementats. Així, creem noves oportunitats per a la verificació i la re-síntesi de circuits asíncrons. Els mètodes proposats en aquesta tesi s'han validat fent servir dades obtingudes d'aplicacions pràctiques, i en comparem els resultats amb els mètodes existents

Intrinsically Evolvable Artificial Neural Networks

Dedicated hardware implementations of neural networks promise to provide faster, lower power operation when compared to software implementations executing on processors. Unfortunately, most custom hardware implementations do not support intrinsic training of these networks on-chip. The training is typically done using offline software simulations and the obtained network is synthesized and targeted to the hardware offline. The FPGA design presented here facilitates on-chip intrinsic training of artificial neural networks. Block-based neural networks (BbNN), the type of artificial neural networks implemented here, are grid-based networks neuron blocks. These networks are trained using genetic algorithms to simultaneously optimize the network structure and the internal synaptic parameters. The design supports online structure and parameter updates, and is an intrinsically evolvable BbNN platform supporting functional-level hardware evolution. Functional-level evolvable hardware (EHW) uses evolutionary algorithms to evolve interconnections and internal parameters of functional modules in reconfigurable computing systems such as FPGAs. Functional modules can be any hardware modules such as multipliers, adders, and trigonometric functions. In the implementation presented, the functional module is a neuron block. The designed platform is suitable for applications in dynamic environments, and can be adapted and retrained online. The online training capability has been demonstrated using a case study. A performance characterization model for RC implementations of BbNNs has also been presented

Performance Analysis of Live-Virtual-Constructive and Distributed Virtual Simulations: Defining Requirements in Terms of Temporal Consistency

This research extends the knowledge of live-virtual-constructive (LVC) and distributed virtual simulations (DVS) through a detailed analysis and characterization of their underlying computing architecture. LVCs are characterized as a set of asynchronous simulation applications each serving as both producers and consumers of shared state data. In terms of data aging characteristics, LVCs are found to be first-order linear systems. System performance is quantified via two opposing factors; the consistency of the distributed state space, and the response time or interaction quality of the autonomous simulation applications. A framework is developed that defines temporal data consistency requirements such that the objectives of the simulation are satisfied. Additionally, to develop simulations that reliably execute in real-time and accurately model hierarchical systems, two real-time design patterns are developed: a tailored version of the model-view-controller architecture pattern along with a companion Component pattern. Together they provide a basis for hierarchical simulation models, graphical displays, and network I/O in a real-time environment. For both LVCs and DVSs the relationship between consistency and interactivity is established by mapping threads created by a simulation application to factors that control both interactivity and shared state consistency throughout a distributed environment