Patterns and Interactions in Network Security

Networks play a central role in cyber-security: networks deliver security attacks, suffer from them, defend against them, and sometimes even cause them. This article is a concise tutorial on the large subject of networks and security, written for all those interested in networking, whether their specialty is security or not. To achieve this goal, we derive our focus and organization from two perspectives. The first perspective is that, although mechanisms for network security are extremely diverse, they are all instances of a few patterns. Consequently, after a pragmatic classification of security attacks, the main sections of the tutorial cover the four patterns for providing network security, of which the familiar three are cryptographic protocols, packet filtering, and dynamic resource allocation. Although cryptographic protocols hide the data contents of packets, they cannot hide packet headers. When users need to hide packet headers from adversaries, which may include the network from which they are receiving service, they must resort to the pattern of compound sessions and overlays. The second perspective comes from the observation that security mechanisms interact in important ways, with each other and with other aspects of networking, so each pattern includes a discussion of its interactions.Comment: 63 pages, 28 figures, 56 reference

A Study of the Learnability of Relational Properties: Model Counting Meets Machine Learning (MCML)

This paper introduces the MCML approach for empirically studying the learnability of relational properties that can be expressed in the well-known software design language Alloy. A key novelty of MCML is quantification of the performance of and semantic differences among trained machine learning (ML) models, specifically decision trees, with respect to entire (bounded) input spaces, and not just for given training and test datasets (as is the common practice). MCML reduces the quantification problems to the classic complexity theory problem of model counting, and employs state-of-the-art model counters. The results show that relatively simple ML models can achieve surprisingly high performance (accuracy and F1-score) when evaluated in the common setting of using training and test datasets - even when the training dataset is much smaller than the test dataset - indicating the seeming simplicity of learning relational properties. However, MCML metrics based on model counting show that the performance can degrade substantially when tested against the entire (bounded) input space, indicating the high complexity of precisely learning these properties, and the usefulness of model counting in quantifying the true performance

Towards a theory of conceptual design for software

Concepts are the building blocks of software systems. They are not just subjective mental constructs, but are objective features of a system's design: increments of functionality that were consciously introduced by a designer to serve particular purposes. This essay argues for viewing the design of software in terms of concepts, with their invention (or adoption) and refinement as the central activity of software design. A family of products can be characterized by arranging concepts in a dependence graph from which coherent concept subsets can be extracted. Just as bugs can be found in the code of a function prior to testing by reviewing the programmer's argument for its correctness, so flaws can be found in a software design by reviewing an argument by the designer. This argument consists of providing, for each concept, a single compelling purpose, and demonstrating how the concept fulfills the purpose with an archetypal scenario called an 'operational principle'. Some simple conditions (primarily in the relationship between concepts and their purposes) can then be applied to reveal flaws in the conceptual design.SUTD-MIT International Design Centre (IDC