Optimizing the Replication of Multi-Quality Web Applications Using ACO and WoLF

This thesis presents the adaptation of Ant Colony Optimization to a new NP-hard problem involving the replication of multi-quality database-driven web applications (DAs) by a large application service provider (ASP). The ASP must assign DA replicas to its network of heterogeneous servers so that user demand is satisfied and replica update loads are minimized. The algorithm proposed, AntDA, for solving this problem is novel in several respects: ants traverse a bipartite graph in both directions as they construct solutions, pheromone is used for traversing from one side of the bipartite graph to the other and back again, heuristic edge values change as ants construct solutions, and ants may sometimes produce infeasible solutions. Experiments show that AntDA outperforms several other solution methods, but there was room for improvement in the convergence rates of the ants. Therefore, in an attempt to achieve the goals of faster convergence and better solution values for larger problems, AntDA was combined with the variable-step policy hill-climbing algorithm called Win or Learn Fast (WoLF). In experimentation, the addition of this learning algorithm in AntDA provided for faster convergence while outperforming other solution methods

Work-In-Progress: IoT Device Signature Validation

Fingerprinting is an important technique for identifying and characterizing devices on a network in a manner that is resistant to spoofing. Current works describe methods which are limited to identifying one particular component of a device. This paper begins to look at ways in which multiple disparate, but complementary, approaches can be used concurrently to develop a more complete hardware and software profile of network devices and their capabilities. Doing so is particularly important in heterogeneous Internet of Things networks. In this paper we propose a method for synthesizing existing fingerprinting methods based on existing procols and commonly available equipment to create a single consistent, validated, and spoof-resistant profile of network devices. Furthermore, we present and describe the architecture of a prototype system we have constructed which will be used for further study and future work

Trust Models and Risk in the Internet of Things

The Internet of Things (IoT) is envisaged to be a large-scale, massively heterogeneous ecosystem of devices with varying purposes and capabilities. While architectures and frameworks have focused on functionality and performance, security is a critical aspect that must be integrated into system design. This work proposes a method of risk assessment of devices using both trust models and static capability profiles to determine the level of risk each device poses. By combining the concepts of trust and secure device fingerprinting, security mechanisms can be more efficiently allocated across networked IoT devices. Simultaneously, devices can be allowed a greater degree of functionality while ensuring system availability and security. This paper describes the integration of risk assessment into a prototype IoT network. The purpose of this prototype is to explore whether finer-grained security policies based on risk can adequately protect the network while also allowing for efficiency and system functionality to a greater extent than traditional security protocols permit. Furthermore, we demonstrate how identification, trust, and risk can be synthesized to provide a finer degree of control over system security