Abel Sanchez

Parallel multiclass classification using SVMs on GPUs

The scaling of serial algorithms cannot rely on the improvement of CPUs anymore. The performance of classical Support Vector Machine (SVM) implementations has reached its limit and the arrival of the multi core era requires these algorithms to adapt to a new parallel scenario. Graphics Processing Units (GPU) have arisen as high performance platforms to implement data parallel algorithms. In this paper, it is described how a naïve implementation of a multiclass classifier based on SVMs can map its inherent degrees of parallelism to the GPU programming model and efficiently use its computational throughput. Empirical results show that the training and classification time of the algorithm can be reduced an order of magnitude compared to a classical multiclass solver, LIBSVM, while guaranteeing the same accuracy.

Securing advanced metering infrastructure using intrusion detection system with data stream mining

Advanced metering infrastructure (AMI) is an imperative component of the smart grid, as it is responsible for collecting, measuring, analyzing energy usage data, and transmitting these data to the data concentrator and then to a central system in the utility side. Therefore, the security of AMI is one of the most demanding issues in the smart grid implementation. In this paper, we propose an intrusion detection system (IDS) architecture for AMI which will act as a complimentary with other security measures. This IDS architecture consists of three local IDSs placed in smart meters, data concentrators, and central system (AMI headend). For detecting anomaly, we use data stream mining approach on the public KDD CUP 1999 data set for analysis the requirement of the three components in AMI. From our result and analysis, it shows stream data mining technique shows promising potential for solving security issues in AMI.

Interoperable internet scale security framework for RFID networks

It is estimated that over 3 billion radio frequency identification (RFID) tags have been deployed through 2007. Most tags are used in supply chains where the electronic product code (EPC) and associated business event data are transmitted through RFID networks. Security and privacy issues are critically important in RFID networks because EPC data and their associated business events are valuable assets. Companies need to share these data with restricted business partners and, under some conditions, such as product recall, more widely with regulators and non business partners. At present, no security or privacy framework has been chosen as an EPCglobal standard due to the difficulty of sharing information between parties who have no direct business relationships and hence no business rules for sharing these data. To date, no security schemes have been deployed that can support multiple identity techniques and interchangeable complex business rules, as required by RFID networks. In this paper, we propose an Interoperable Internet Scale Security framework (IISS) for RFID networks. IISS performs authentication and authorization based on an aggregation of business rules, enterprise information, and RFID tag information. IISS provides a protocol for several authentication schemes and identity techniques detailed here. It also provides an engine for reasoning over business rules across domains. Moreover, IISS is able to resolve provenance information of RFID tags, which can identify the track of a particular piece of EPC data. We describe the IISS framework and the ontologies to model the information in IISS. We also discuss how the IISS framework can be developed for access control in RFID enabled supply chains.

A malicious activity detection system utilizing predictive modeling in complex environments

Complex enterprise environments consist of globally distributed infrastructure with a variety of applications and a large number of activities occurring on a daily basis. This increases the attack surface and narrows the view of ongoing intrinsic dynamics. Thus, many malicious activities can persist under the radar of conventional detection mechanisms long enough to achieve critical mass for full-fledged cyber attacks. Many of the typical detection approaches are signature-based and thus are expected to fail in the face of zero-day attacks. In this paper, we present the building-blocks for developing a Malicious Activity Detection System (MADS). MADS employs predictive modeling techniques for the detection of malicious activities. Unlike traditional detection mechanisms, MADS includes the detection of both network-based intrusions and malicious user behaviors. The system utilizes a simulator to produce holistic replication of activities, including both benign and malicious, flowing within a given complex IT environment. We validate the performance and accuracy of the simulator through a case study of a Fortune 500 company where we compare the results of the simulated infrastructure against the physical one in terms of resource consumption (i.e., CPU utilization), the number of concurrent users, and response times. In addition to an evaluation of the detection algorithms with varying hyper-parameters and comparing the results.

RFID Technology and Applications: Modeling supply chain network traffic

Introduction and motivation In the future, when the Internet of Things becomes reality, serialized data (typically RFID and/or barcode, based on EPCglobal, DOD/UID, and other standards) can potentially be stored in millions of data repositories worldwide. In fact, large data volumes of serialized information may be coming soon, as the global healthcare industry moves towards deploying anti-counterfeiting standards as soon as 2009. Such data will be sent to enterprise applications through the EPC network infrastructure. The data volume, message volume, communication, and applications with EPC network infrastructure will raise challenges to the scalability, security, extensibility, and communication of current IT infrastructure. Several architectures for EPC network infrastructure have been proposed. So far, most pilots have focused on the physical aspects of tag readings within a small network of companies. The lack of data quantifying the expected behavior of network message traffic within the future EPC network infrastructure is one of the obstacles inhibiting industry from moving to the next level. This chapter presents a simulator aimed at quantifying the message flows within various EPC network architectures in order to provide guidance for designing the architecture of a scalable and secure network. RFID/EPC technology enables the tracking of physical objects through their lifecycles without direct human involvement. Through the wide range of initiatives, such as the one with retail giants (Wal-Mart and Target), and those with the Food and Drug Administration (FDA), numerous state boards of pharmacy, aerospace companies (Airbus and Boeing), and the Department of Defense (DoD), RFID/EPC/UID has demonstrated its great value for business operation automation.

Multi-UAV System for Inventory Automation

This paper discusses the high-level design considerations and implementation challenges of an RFID-reader-equipped multi-UAV (unmanned aerial vehicle) system to aid inventory automation in a warehouse. A preliminary simulation, employing probabilistic-like algorithm for navigation decision, was also conducted to visualize the feasibility of the system.

G-NAS: A grid-based approach for negative authentication

Surveys show that more than 80% authentication systems are password based and these systems are increasingly under direct and indirect attacks. In an effort to protect the Positive Authentication System (PAS), the negative authentication concept was introduced [9]. Here, the representation space of password profile is called self-region; any element outside this self-region is defined as the non-self-region. Then anti-password detectors (clusters) are generated covering most of the non-self-region while leaving some space uncovered to reduce detector generation time and obfuscation. In this work, we investigate a Grid-based NAS approach, called G-NAS, where anti-password detectors are generated deterministically. This approach allows faster detector generation compared to previous NAS approaches. We reported some experimental results of G-NAS using different real-world password datasets. Results demonstrate the efficiency of the proposed approach and exhibited significant improvements compared to NAS approaches. It appears to be more robust and scalable with respect to the size of password profiles and able to update of detector sets on-the-fly.

CoPI: a web-based collaborative planning interface platform

In this paper we present the Collaborative Planning Interface (CoPI), a web-based multiuser collaboration interface platform for planning of complex systems. The interface provides analytical and visualization components to support decision makers. The Interface is designed using a user-centered design approach, while considering existing tools and environments in the field of decision support systems. The architecture and structure of the Interface are described as well as the flow of the user experience within the system. Finally, a case study explains the use of CoPI in collaborative policy planning for large-scale infrastructures.

Towards Cloud-Based Decision Support Platform for Group Decision Making

Nowadays, the shift towards cloud computing services is rapidly increasing. Organizations are leaning more towards adopting cloud-based services to increase their computation and processing power with reduced operational and maintenance costs. Similarly, being in the information age where huge amounts of information are generated daily from multiple interconnected systems makes it more challenging to absorb this information and make accurate informed decisions. Thus, the need for an automated well-structured approach for decision making is evident. Decision Support Systems (DSS) are interactive software-based systems that play a fundamental role as a technology enabler to provide analytical and visualization capabilities to support decision makers make accurate decisions. In this paper, we present an architecture framework for building a cloud-based distributed DSS to facilitate the decision making process for the planning and design of complex systems. The framework provides a group decision making platform to be utilized by different stakeholders. The framework offers a web portal that leverages a collection of new, open-source technologies and protocols as well as open standards. These are important for interoperable access across technologies, platforms, and mobile devices.

Fine-grained encryption for search and rescue operation on Internet of Things

The search and rescue operation is an increasingly important Internet of Things (IoT) application in which the resource-constrained things play the rescue role. Recently, more and more countries/organizations participate in a rescue task. To make the task more effective, they should share their information with each other but different countries have assorted sharing policies. Our investigation shows that access control systems for current search and rescue operations are either coarse-grained or computationally heavy. It cannot satisfy the rescue operations since those things demand lightweight cryptographic operations and the participating countries require flexible policies to protect their classified data. We propose a fine-grained access control system which is not only secure but also efficient. The practical experiments are conducted and its results demonstrate the lightweight cost in simulation.