A Brief History of BioPerl

Large-scale open-source projects face a litany of pitfalls and difficulties. Problems of contribution quality, credit for contributions, project coordination, funding, and mission-creep are ever-present. Of these, long-term funding and project coordination can interact to form a particularly difficult problem for open-source projects in an academic environment. BioPerl was chosen as an example of a successful academic open-source project. Several of the roadblocks and hurdles encountered and overcome in the development of BioPerl are examined through the telling of the history of the project. Along the way, key points of open-source law are explained, such as license choice and copyright. The BioPerl project current status is then analyzed, and four different strategies typically employed by traditional open-source projects at this stage are analyzed as future directions. Strategies such as soliciting donations, securing grants, providing dual-licenses to enhance commercial interest, and the paid provision of support have all been employed in various traditional open-source projects with success, but each has drawbacks when applied to the academy. Finally, the construction of a successful long-term strategy for BioPerl, and other academic open-source projects, is proposed so that such projects can navigate the difficulties

A Pragmatic Approach to DHT Adoption

Despite the peer-to-peer community's obvious wish to have its systems adopted, specific mechanisms to facilitate incremental adoption have not yet received the same level of attention as the many other practical concerns associated with these systems. This paper argues that ease of adoption should be elevated to a first-class concern and accordingly presents HOLD, a front-end to existing DHTs that is optimized for incremental adoption. Specifically, HOLD is backwards-compatible: it leverages DNS to provide a key-based routing service to existing Internet hosts without requiring them to install any software. This paper also presents applications that could benefit from HOLD as well as the trade-offs that accompany HOLD. Early implementation experience suggests that HOLD is practical

Long-term power-law fluctuation in Internet traffic

Power-law fluctuation in observed Internet packet flow are discussed. The data is obtained by a multi router traffic grapher (MRTG) system for 9 months. The internet packet flow is analyzed using the detrended fluctuation analysis. By extracting the average daily trend, the data shows clear power-law fluctuations. The exponents of the fluctuation for the incoming and outgoing flow are almost unity. Internet traffic can be understood as a daily periodic flow with power-law fluctuations.Comment: 10 pages, 8 figure

Repository Replication Using NNTP and SMTP

We present the results of a feasibility study using shared, existing, network-accessible infrastructure for repository replication. We investigate how dissemination of repository contents can be ``piggybacked'' on top of existing email and Usenet traffic. Long-term persistence of the replicated repository may be achieved thanks to current policies and procedures which ensure that mail messages and news posts are retrievable for evidentiary and other legal purposes for many years after the creation date. While the preservation issues of migration and emulation are not addressed with this approach, it does provide a simple method of refreshing content with unknown partners.Comment: This revised version has 24 figures and a more detailed discussion of the experiments conducted by u

Combining Static and Dynamic Analysis for Vulnerability Detection

In this paper, we present a hybrid approach for buffer overflow detection in C code. The approach makes use of static and dynamic analysis of the application under investigation. The static part consists in calculating taint dependency sequences (TDS) between user controlled inputs and vulnerable statements. This process is akin to program slice of interest to calculate tainted data- and control-flow path which exhibits the dependence between tainted program inputs and vulnerable statements in the code. The dynamic part consists of executing the program along TDSs to trigger the vulnerability by generating suitable inputs. We use genetic algorithm to generate inputs. We propose a fitness function that approximates the program behavior (control flow) based on the frequencies of the statements along TDSs. This runtime aspect makes the approach faster and accurate. We provide experimental results on the Verisec benchmark to validate our approach.Comment: There are 15 pages with 1 figur