Preemptive mobile code protection using spy agents

This thesis introduces 'spy agents' as a new security paradigm for evaluating trust in remote hosts in mobile code scenarios. In this security paradigm, a spy agent, i.e. a mobile agent which circulates amongst a number of remote hosts, can employ a variety of techniques in order to both appear 'normal' and suggest to a malicious host that it can 'misuse' the agent's data or code without being held accountable. A framework for the operation and deployment of such spy agents is described. Subsequently, a number of aspects of the operation of such agents within this framework are analysed in greater detail. The set of spy agent routes needs to be constructed in a manner that enables hosts to be identified from a set of detectable agent-specific outcomes. The construction of route sets that both reduce the probability of spy agent detection and support identification of the origin of a malicious act is analysed in the context of combinatorial group testing theory. Solutions to the route set design problem are proposed. A number of spy agent application scenarios are introduced and analysed, including: a) the implementation of a mobile code email honeypot system for identifying email privacy infringers, b) the design of sets of agent routes that enable malicious host detection even when hosts collude, and c) the evaluation of the credibility of host classification results in the presence of inconsistent host behaviour. Spy agents can be used in a wide range of applications, and it appears that each application creates challenging new research problems, notably in the design of appropriate agent route sets

Formation of a Wireless Communication System Based on a Swarm of Unmanned Aerial Vehicles

Проблематика. На даний час бурхливо розвивається новий напрямок в техніці рухомих систем, пов'язаний із застосуванням множини/групи рухомих багатофункціональних вузлів, які можуть створювати різні просторово-розподілені структури для різних застосувань: від розважальних шоу, до розвідувальної мережі. Йдеться про техніку малих безпілотних літальних апаратів(БЛА), частіше званих дронами, та їх використання в області побудови телекомунікаційних систем. Мета. Метою роботи є розробка основних принципів і стратегій для формування неоднорідної безпроводової системи зв'язку на базі рою безпілотних літаючих апаратів. Методи. Досліджуються структурно-функціональні методи побудови безпроводової мережі. Результати. Представлені сценарії централізованої і розподіленої побудови безпроводової мережі керування рою БЛА, проведена оцінка ускладнення функціональності вузлів рою в разі розподіленого сценарію. Розроблено схему поетапної реалізації життєвого циклу рою БЛА для послуг зв'язку. Представлений«молекулярний» сценарій просторової самоорганізації дронів-вузлів рою, який може бути реалізований за допомогою процедур«ланцюжка» і«спалаху». Запропоновано побудови деяких стратегій управління роєм: централізоване і децентралізоване з Ведучим, колективне само керування з обміном інформацією, децентралізоване керування з прогнозуванням, самоорганізація без обміну інформацією. Висновки. Розроблено основні принципи і стратегії формування неоднорідної безпроводової системи зв'язку на базі рою безпілотних літаючих апаратів. Розроблено стратегію колективного управління роєм дронів.Background. Currently, a new direction in the technology of mobile systems is rapidly developing, associated with the use of a set / group of mobile multifunctional elements that can create different spatially-distributed structures for various applications: from entertainment shows to intelligence networks. This is a technique of small unmanned aerial vehicles (UAV), often called drones, and their use in the field of building telecommunication systems. Objective. The aim of the work is to develop the basic principles and strategies for the formation of a heterogeneous wireless communication system based on a swarm of unmanned aerial vehicles. Methods. We study the structural and functional methods of building a wireless network. Results. Scenarios of centralized and distributed building of a wireless network of control of a swarm of UAVs are presented, assessment of the complexity of the functionality of swarm nodes inthe case of a distributed scenario is carried out. A schemeof phased implementation of the life cycle of a UAV swarm for communication services has been developed. The “molecular” scenario of spatial self-organization of the swarm-nodes of the swarm is presented, which can beimplemented using the “chain” and “flash” procedures. The proposed construction of some strategies for managing the swarm: centralized and decentralized with the Leader, collective self-management with information sharing,decentralized management withforecasting, self-organization without information sharing. Conclusions. The basic principles and strategies for the formation of a heterogeneous wireless communication system based on a swarm of unmanned aerial vehicles have been developed. A collective management strategy for a swarm of drones was developed. Keywords:swarm of unmanned aerial vehicles; drone swarm; communication system; life cycle; control network.Проблематика. В настоящее время очень бурно развивается новое направление в технике подвижных систем, связанное с применением множества/группы подвижных многофункциональных элементов, которые могут создавать различные пространственно-распределенные структуры для различных применений: от развлекательных шоу, до разведывательной сети. Речь идет о технике малых беспилотных летающих аппаратов(БЛА), чаще называемых дронами, и их использование в области построения телекоммуникационных систем. Цель. Целью работы является разработка основных принципов и стратегий для формирования неоднородной беспроводной системы связи на базе роя беспилотных летающих аппаратов. Методы. Исследуются структурно-функциональные методы построения беспроводной сети. Результаты. Представлены сценарии централизованного и распределенного построения беспроводной сети управления роя БЛА, проведена оценка усложнения функциональности узлов роя в случае распределенного сценария. Разработана схема поэтапной реализации жизненного цикла роя БЛА для услуг связи. Представлен«молекулярный» сценарий пространственной самоорганизации дронов-узлов роя, который может быть реализован посредством процедур

Human aware robot navigation

Abstract. Human aware robot navigation refers to the navigation of a robot in an environment shared with humans in such a way that the humans should feel comfortable, and natural with the presence of the robot. On top of that, the robot navigation should comply with the social norms of the environment. The robot can interact with humans in the environment, such as avoiding them, approaching them, or following them. In this thesis, we specifically focus on the approach behavior of the robot, keeping the other use cases still in mind. Studying and analyzing how humans move around other humans gives us the idea about the kind of navigation behaviors that we expect the robots to exhibit. Most of the previous research does not focus much on understanding such behavioral aspects while approaching people. On top of that, a straightforward mathematical modeling of complex human behaviors is very difficult. So, in this thesis, we proposed an Inverse Reinforcement Learning (IRL) framework based on Guided Cost Learning (GCL) to learn these behaviors from demonstration. After analyzing the CongreG8 dataset, we found that the incoming human tends to make an O-space (circle) with the rest of the group. Also, the approaching velocity slows down when the approaching human gets closer to the group. We utilized these findings in our framework that can learn the optimal reward and policy from the example demonstrations and imitate similar human motion

Abstracts of Papers, 80th Annual Meeting of the Virginia Academy of Science, May 22-24, 2002, Hampton University, Hampton, Virginia

Abstracts of papers that were presented at the 80th annual meeting of the Virginia Academy of Science

Adaptive Response System for Distributed Denial-of-Service Attacks

The continued prevalence and severe damaging effects of the Distributed Denial of Service (DDoS) attacks in today’s Internet raise growing security concerns and call for an immediate response to come up with better solutions to tackle DDoS attacks. The current DDoS prevention mechanisms are usually inflexible and determined attackers with knowledge of these mechanisms, could work around them. Most existing detection and response mechanisms are standalone systems which do not rely on adaptive updates to mitigate attacks. As different responses vary in their “leniency” in treating detected attack traffic, there is a need for an Adaptive Response System. We designed and implemented our DDoS Adaptive ResponsE (DARE) System, which is a distributed DDoS mitigation system capable of executing appropriate detection and mitigation responses automatically and adaptively according to the attacks. It supports easy integrations for both signature-based and anomaly-based detection modules. Additionally, the design of DARE’s individual components takes into consideration the strengths and weaknesses of existing defence mechanisms, and the characteristics and possible future mutations of DDoS attacks. These components consist of an Enhanced TCP SYN Attack Detector and Bloom-based Filter, a DDoS Flooding Attack Detector and Flow Identifier, and a Non Intrusive IP Traceback mechanism. The components work together interactively to adapt the detections and responses in accordance to the attack types. Experiments conducted on DARE show that the attack detection and mitigation are successfully completed within seconds, with about 60% to 86% of the attack traffic being dropped, while availability for legitimate and new legitimate requests is maintained. DARE is able to detect and trigger appropriate responses in accordance to the attacks being launched with high accuracy, effectiveness and efficiency. We also designed and implemented a Traffic Redirection Attack Protection System (TRAPS), a stand-alone DDoS attack detection and mitigation system for IPv6 networks. In TRAPS, the victim under attack verifies the authenticity of the source by performing virtual relocations to differentiate the legitimate traffic from the attack traffic. TRAPS requires minimal deployment effort and does not require modifications to the Internet infrastructure due to its incorporation of the Mobile IPv6 protocol. Experiments to test the feasibility of TRAPS were carried out in a testbed environment to verify that it would work with the existing Mobile IPv6 implementation. It was observed that the operations of each module were functioning correctly and TRAPS was able to successfully mitigate an attack launched with spoofed source IP addresses

Enhancing the museum experience with a sustainable solution based on contextual information obtained from an on-line analysis of users’ behaviour

Human computer interaction has evolved in the last years in order to enhance users’ experiences and provide more intuitive and usable systems. A major leap through in this scenario is obtained by embedding, in the physical environment, sensors capable of detecting and processing users’ context (position, pose, gaze, ...). Feeded by the so collected information flows, user interface paradigms may shift from stereotyped gestures on physical devices, to more direct and intuitive ones that reduce the semantic gap between the action and the corresponding system reaction or even anticipate the user’s needs, thus limiting the overall learning effort and increasing user satisfaction. In order to make this process effective, the context of the user (i.e. where s/he is, what is s/he doing, who s/he is, what are her/his preferences and also actual perception and needs) must be properly understood. While collecting data on some aspects can be easy, interpreting them all in a meaningful way in order to improve the overall user experience is much harder. This is more evident when we consider informal learning environments like museums, i.e. places that are designed to elicit visitor response towards the artifacts on display and the cultural themes proposed. In such a situation, in fact, the system should adapt to the attention paid by the user choosing the appropriate content for the user’s purposes, presenting an intuitive interface to navigate it. My research goal is focused on collecting, in a simple,unobtrusive, and sustainable way, contextual information about the visitors with the purpose of creating more engaging and personalized experiences