Arun K. Sood

Range image segmentation combining edge-detection and region-growing techniques with applications sto robot bin-picking using vacuum gripper

A new segmentation algorithm that can be used for robot applications is presented. The input images are dense range data of industrial parts. The image is segmented into a number of surfaces. The segmentation algorithm uses residual analysis to detect edges, then a region-growing technique is used to obtain the final segmented image. The use of the segmentation output for determining the best holdsite position and orientation of objects is studied. As compared to techniques based on intensity images, the use of range images simplifies the holdsite determination. This information can then be used to instruct the robot to grip the object and move it to the required position. The performance of the algorithm on a number of range images is presented. >

Pulse and staircase edge models

Present step and ramp edge models are inadequate for the edges detected by multi-resolution operators. Since the isolated edges rarely occur in the real scenes, we propose new edge models based on the pulse and staircase functions. In these models we include the effect of one edge on a neighboring edge. This effect propagates through to the higher operator sizes. Depending on the mutual polarities of the steps in the staircase and pulse functions, the edge points related to these discontinuities attract or repel each other when the operator size increases. In the case of staircase function, when the edge points attract each other at some scale they collapse into one.

Engine Fault Analysis: Part I-Statistical Methods

Several studies have been performed to detect faults in engines. Fourier series and autocorrelation-based methods have been shown to be useful for this purpose. However, these and other methods discussed in the literature cannot locate the fault. In this paper, the focus is on techniques that will enable the location of the fault. In general, our approach involves the analysis of the instantaneous angular velocity of the flywheel. Three methods of analysis are presented. The first method depends on the computation of a set of statistical correlations. The second method is based on evaluation of similarity measures. These methods are able to locate faults in several tests that have been performed. The third approach uses pattern recognition methods and involves three stages¿data extraction, functional approximation to determine a feature vector, and classification based on a Bayesian approach. This method is computationally more complex than the other approaches. However, on the basis of the experimental results it appears that the third method leads to a lower error rate. Cases involving faults in one and two cylinders are presented.

Securing Web Servers Using Self Cleansing Intrusion Tolerance (SCIT)

The number of malware attacks is increasing, Companies have invested millions of dollars in intrusion detection and intrusion prevention (ID/IP) technologies and products, yet many web servers are hacked every year. The current reactive methods of security have proven to be inadequate because the “bad guys” are always one step ahead of the Intrusion Detection/Intrusion Prevention community. Our research seeks to prove the feasibility of a completely new and innovative theory of server security called “Self-Cleansing Intrusion Tolerance” (SCIT). SCIT shifts the focus from detection and prevention to containing losses. SCIT uses virtualization technology in a new and unique way to make it more difficult for attackers to do damage/acquire data by reducing a server’s exposure time from several months to less than a minute. In this way we increase the dependability of the server and provide a new way to balance the trade-off between security and availability. We have applied SCIT to multiple types of servers (DNS, SSO and Web), in this paper we will focus on securing web servers using SCIT. Based on the results of load testing of a web application for various load scenarios under both scit and non-scit environments, we will clearly show that SCIT provides a high degree of security with little degradation in overall response time of the application.

Engine Fault Analysis: Part II---Parameter Estimation Approach

The general fault analysis problem can be divided into two parts: fault detection and diagnosis (location). Fourier series, autocorrelation, and other techniques have been used for fault detection. However, these approaches cannot be utilized for locating the faults. In this paper a methodology is presented to locate faulty cylinder(s). The procedure involves the development of a mathematical model of the engine dynamics. This model takes into consideration the cylinder gas pressure, engine inertia, and load. The resultant torque is computed by using parameter estimation techniques. The parameter estimation technique employed can determine time-varying parameters without prior knowledge of the structure of the parameter. In the problem at hand, this is an important requirement. The resultant torque is the net of the cylinder gas torque and the frictional torque. The model and the estimation procedure have been verified by performing tests on a single-cylinder engine. A discriminant function has been defined to classify the performance of each cylinder. Our results indicate that the amplitude of the resultant torque can be used to identify the faulty cylinder(s). We have verified this approach by tests and studies on a six-cylinder engine. In our experiments we have studied cases involving one or two faulty cylinders.

A Multiprocessor Architecture for the (M, L)-Algorithm Suitable for VLSI Implementation

The (M, L) -algorithm has been widely used in speech and image encoding. Recently, use of (M, L) -Iike algorithms has been suggested for decoding phase codes. With its ever-increasing use, there arises a need to explore architectures suitable for real-time applications. Toward this end, we present a multiprocessor architecture for the (M, L) algorithm that employs an SIMD (single instruction-multiple data) machine structure. The considerations involved in interconnection network design are discussed. The main functions of the network controller are switch state selection and synchronization. The number of switching elements required is significantly less than the elements required in the universal permutation network. These features make this architecture suitable for VLSI implementation. The tradeoff between number of processors and encoding time is also discussed.

Closing cluster attack windows through server redundancy and rotations

It is well-understood that increasing redundancy in a system generally improves the availability and dependability of the system. In server clusters, one important form of redundancy is spare servers. Cluster security, while universally recognized as an important subject in its own right, has not often been associated with the issue of redundancy. In prior work, we developed a self-cleansing intrusion tolerance (SCIT) architecture that strengthens cluster security through periodic server rotations and self-cleansing. In this work, we consider the servers in the cleansing mode as redundant, spare hardware and develop a unified control algorithm that manages the requirements of both security and service availability. We show the advantages of our algorithm in the following areas: (1) Intrusion tolerance through constant server rotations and cleansing, (2) Survivability in events of server failures, (3) Guarantee of service availability as long as the cluster has a minimum number of functioning servers, and (4) Scalability, the support of using high degrees of hardware/server redundancy to improve security and fault tolerance. We provide proofs for important properties of the proposed algorithm. The effects of varying degrees of server redundancy in reducing attack windows are investigated through simulation.

Secure, Resilient Computing Clusters: Self-Cleansing Intrusion Tolerance with Hardware Enforced Security (SCIT/HES)

The formidable difficulty in securing systems stems in large part from the increasing complexity of the systems we build but also the degree to which we now depend on information systems. Complex systems cannot be fully verified under all possible conditions. Self cleansing intrusion tolerance (SCIT) servers go through periodic cleaning. SCIT can be used to create secure and robust cluster of servers without the impossible requirement of having perfect security on each server in the cluster. In this paper, we identify six SCIT security primitives that must be satisfied. We present a SCIT hardware enhanced (SCIT/HES) implementation that guarantees the incorruptibility of SCIT operations

A Comparison of Intrusion-Tolerant System Architectures

With the advancing sophistication of security attacks, protecting open systems is increasingly challenging. Intrusion tolerance should be part of overall in-depth security. This article compares three types of intrusion tolerant system architectures.

Class-based access control for distributed video-on-demand systems

The focus of this paper is the analysis of threshold-based admission control policies for distributed video-on-demand (VoD) systems. Traditionally, admission control methods control access to a resource based on the resource capacity. We have extended that concept to include the significance of an arriving request to the VoD system by enforcing additional threshold restrictions in the admission control process on request classes deemed less significant. We present an analytical model for computing blocking performance of the VoD system under threshold-based admission control. Extending the same methodology to a distributed VoD architecture we show through simulation that the threshold performance conforms to the analytical model. We also show that threshold-based analysis can work in conjunction with other request handling policies and are useful for manipulating the VoD performance since we are able to distinguish between different request classes based on their merit. Enforcing threshold restrictions with the option of downgrading blocked requests in a multirate service environment results in improved performance at the same time providing different levels of quality of service (QoS). In fact, we show that the downgrade option combined with threshold restrictions is a powerful tool for manipulating an incoming request mix over which we have no control into a workload that the VoD system can handle.