Bharat B. Madan

Security analysis of SITAR intrusion tolerance system

Security is an important QoS attribute for characterizing intrusion tolerant computing systems. Frequently however, the security of computing systems is assessed in a qualitative manner based on the presence and absence of certain functional characteristics and security mechanisms. Such a characterization is not only ad hoc, it also lacks rigorous scientific and systematic basis. Some recent research efforts have emphasized the need for a quantitative assessment of security attributes for intrusion tolerant systems. Intrusion tolerant systems are not only complex, but also have to operate in an environment made unpredictable due to the unpredictable actions of bona-fide and non bona-fide users. This makes quantitative security analysis a difficult problem. Earlier approaches to security modelling have been based on the use of Markov models. Capturing details of real architectures in a manually constructed Markov model is difficult. We advocate the use of higher level formalism based on stochastic Petri nets for modelling and quantitative security analysis of intrusion tolerant systems. To validate our approach, we use an experimental intrusion tolerant systems known as the SITAR (scalable intrusion tolerant architecture) currently being implemented jointly at MCNC and Duke University as our target system. It is shown that the resulting analysis is useful in determining gains in security by reconfiguring such a system in terms of increase in redundancy under varying threat levels.

Combined Guard Channel and Mobile-Assisted Handoff for Cellular Networks

For cellular communication systems, mobility and limited radio coverage of a cell require calls to be handed over from one base station system (BSS) to another. Due to the limited bandwidth available in various cells, there is a finite probability that an ongoing call, while being handed off, may get dropped. Minimizing the dropping of ongoing calls during handoff is an important design criterion. Some digital cellular systems, e.g., the global system for mobile communications and the IS-136, use mobile-assisted handoff (MAHO), in which a mobile terminal (MT) assists its BSS, and a mobile switching center in making handoff decisions. MAHO requires an MT to regularly report, back to its serving BSS, its current radio-link state [defined in terms of the received signal strength indicator (RSSI) and the bit error rate (BER)] of transmissions received from neighboring BSSs. Some researchers have suggested that a base station needs to give priority to the handoff calls over the new calls. This requires each cell to reserve a number of guard channels (GCs) to be used exclusively for processing of the handoff calls. Since MAHO makes handoff decisions based solely on RSSI/BER measurements, there is a finite probability that some handoff calls may get dropped due to the nonavailability of free channels in the neighboring cell to which the call is being handed off. Conversely, if a handoff decision is based solely on the availability of a free channel, without regard to the signal quality, it may result in some of the handed-off calls being dropped due to poor signal quality. In this paper, we propose a new handoff technique by combining the MAHO and GC techniques. In the proposed technique, the MT reports back not only the RSSI and the BER but the number of free channels that are available for the handoff traffic as well. This will ensure that a handed-off call has acceptable signal quality as well as a free available channel. The performance of this handoff technique is analyzed using an analytical model whose solution gives the desired performance measures in terms of blocking and dropping probabilities.

StackOFFence: a technique for defending against buffer overflow attacks

Software coding practices, in the interest of efficiency, often ignore to enforce strict bound checking on buffers, arrays and pointers. This results in software code that is more vulnerable to security intrusions exploiting buffer overflow vulnerabilities. Unfortunately, such attacks form the most common type of security threats to the computer and information systems, making it imperative to find efficient solutions for the buffer overflow vulnerabilities. Typically, an attacker is able to affect a successful intrusion by causing buffer overflow in the stack frame of a function call, thereby causing the valid return address to get overwritten by a malicious value. This allows the attacker to redirect the return from a function call to a malicious piece of code introduced by the attacker. Depending on the nature of the malicious code, the attacker is able to compromise availability, integrity, or confidentiality of a system. Researchers have suggested transforming the return address or even using an entirely separate stack for managing the return addresses. This paper describes a simple technique that ensures the integrity of the return address by pushing on the stack two copies of the return address, a transformed (or encrypted) return address value along with the original one. Before popping the return address, two return address values are compared to detect any malicious activity, thus preventing the exploitation of the stack based buffer overflow vulnerabilities. The proposed modification may be implemented at the CPU architecture level or by simple modification to the compilers prologue and epilogue code.

Space-time Coordinated Distributed Sensing Algorithms for Resource Efficient Narrowband Target Localization and Tracking

Distributed sensing has been used for enhancing signal to noise ratios for space-time localization and tracking of remote objects using phased array antennas, sonar, and radio signals. The use of these technologies in identifying mobile targets in a field, emitting acoustic signals, using a network of low-cost narrow band acoustic micro-sensing devices randomly dispersed over the region of interest, presents unique challenges. The effects of wind, turbulence, and temperature gradients and other environmental effects can decrease the signal to noise ratio by introducing random errors that cannot be removed through calibration. This paper presents methods for dynamic distributed signal processing to detect, identify, and track targets in noisy environments with limited resources. Specifically, it evaluates the noise tolerance of adaptive beamforming and compares it to other distributed sensing approaches. Many source localization and direction-of-arrival (DOA) estimation methods based on beamforming using acoustic sensor array have been proposed. We use the approximate maximum likelihood parameter estimation method to perform DOA estimation of the source in the frequency domain. Generally, sensing radii are large and data from the nodes are transmitted over the network to a centralized location where beamforming is done. These methods therefore depict low tolerance to environmental noise. Knowledge based localized distributed processing methods have also been developed for distributed in-situ localization and target tracking in these environments. These methods, due to their reliance only on local sensing, are not significantly affected by spatial perturbations and are robust in tracking targets in low SNR environments. Specifically, Dynamic Space-time Clustering (DSTC)-based localization and tracking algorithm has demonstrated orders of magnitude improvement in noise tolerance with nominal impact on performance. We also propose hybrid algorithms for energy efficient robust performance in very noisy environments. This paper compares the performance of hybrid algorithms with sparse beamforming nodes supported by randomly dispersed DSTC nodes to that of beamforming and DSTC algorithms. Hybrid algorithms achieve relative high accuracy in noisy environments with low energy consumption. Sensor data from a field test in the Marine base at 29 Palms, CA, were analyzed for validating the results in this paper. The results were compared to “ground truth” data obtained from GPS receivers on the vehicles.

Attack tolerant architecture for big data file systems

Data driven decisions derived from big data have become critical in many application domains, fueling the demand for collection, transportation, storage and processing of massive volumes of data. Such applications have made data a valuable resource that needs to be provided appropriate security. High value associated with big data sets has rendered big data storage systems attractive targets for cyber attackers, whose goal is to compromise the Confidentiality, Integrity and Availability of data and information. Common defense strategy for protecting cyber assets has been to first take preventive measures, and if these fail, detecting intrusions and finally recovery. Unfortunately, attackers have developed tremendous technical sophistication to defeat most defensive mechanisms. Alternative strategy is to design architectures which are intrinsically attack tolerant. This paper describes a technique that involves eliminating single point of security failures through fragmentation, coding, dispersion and reassembly. It is shown that this technique can be successfully applied to routing, networked storage systems, and big data file systems to make them attack tolerant.

Distributed network control for mobile multi-modal wireless sensor networks

A sensor network operates on an infrastructure of sensing, computation, and communication, through which it perceives the evolution of events it observes. We propose a fusion-driven distributed dynamic network controller, called MDSTC, for a multi-modal sensor network that incorporates distributed computation for in-situ assessment, prognosis, and optimal reorganization of constrained resources to achieve high quality multi-modal data fusion. For arbitrarily deployed sensors, a certain level of data quality cannot be guaranteed in sparse regions. MDSTC reallocates resources to sparse regions; reallocation of network resources in this manner is motivated by the fact that an increased density of sensor nodes in a region of interest leads to better quality data and enriches the network resilience. Simulation results in NS-2 show the effectiveness of the proposed MDSTC.

Path preserving scale down for validation of internet inter-domain routing protocols

New solutions have been proposed to address problems with the Internets interdomain routing protocol, BGP. Before their deployment, validation of incremental performance gains and backwards compatibility is necessary. For this task, the Internets large size and complexity make all techniques but simulation infeasible. When performing large scale network simulations, memory requirements for routing table storage can become a limiting factor. This work uses model reduction to mitigate this problem, with reduction defined in terms of the number of routers. Our framework uses path properties specific to interdomain routing to define the conditions of a path-preserving scale-down transformation. For implementation, vertex contraction and deletion were used to remove routers from a preliminary nominal network model. Vertex contraction was seen to violate the conditions of the transformation. A small subgraph from a measured topology is used for experimental validation. Routing tables are compared to show equivalence under the model reduction

Modeling and simulation of integrated voice/data cellular communication with generally distributed delay for end voice calls

Cellular networks are gradually shifting from voice only to voice and data due to increased demand for WWW, FTP and multi-media messaging. This has substantially increased the volume of cellular data traffic. Schemes have been proposed for co-existence and fair sharing of the available bandwidth between circuit switched voice and packetized data traffic. One popular scheme is based on delaying the last incoming acceptable voice call for a random amount of time and utilizing this time to service the accumulated data traffic to prevent excessive queuing delay in delivering the data traffic. However, this delay time has been usually modeled as being exponentially distributed. In this paper, this delay is modeled as a uniformly distributed random variable instead. This scheme is extended by delaying more than one call. Performance measures like voice and data blocking probability is plotted as function of last call delay

Algorithmic Approaches for a Dependable Smart Grid

We explore options for integrating sustainable and renewable energy into the existing power grid, or even create a new power grid model. We present various theoretical concepts necessary to meet the challenges of a smart grid. We first present a supply and demand model of the smart grid to compute the average number of conventional power generator required to meet demand during the high consumption hours. The model will be developed using Fluid Stochastic Petri Net (FSPN) approach. We propose to model the situations that need decisions to throttle down the energy supplied by the traditional power plants using game-theoretic online competitive models. We also present in this paper the power-down model which has shown to be competitive in the worst case scenarios and we lay down the ground work for addressing the multi-state dynamic power management problem.

Dynamic data-driven sensor network adaptation for border control

Given a specific scenario for the border control problem, we propose a dynamic data-driven adaptation of the associated sensor network via embedded software agents which make sensor network control, adaptation and collaboration decisions based on the contextual information value of competing data provided by different multi-modal sensors. We further propose the use of influence diagrams to guide data-driven decision making in selecting the appropriate action or course of actions which maximize a given utility function by designing a sensor embedded software agent that uses an influence diagram to make decisions about whether to engage or not engage higher level sensors for accurately detecting human presence in the region. The overarching goal of the sensor system is to increase the probability of target detection and classification and reduce the rate of false alarms. The proposed decision support software agent is validated experimentally on a laboratory testbed for multiple border control scenarios.