Charles Fleming

DiffuseNet: A random walk based anonymity network

In this paper we introduce a new type of anonymity network based on the idea of “scalable anonymity.” While most anonymity networks try to achieve perfect anonymity, DiffuseNet allows the user to select the degree of anonymity they desire, allowing the user to choose a balance between anonymity and latency. It achieves this using a new type of routing based on statistical sampling, rather than a circuit based network.

A first introduction to programming for first-year students at a Chinese university using LEGO MindStorms

In this paper, we describe some of our experiences in incorporating LEGO MindStorms into an introductory programming course. There are three distinguishing features of this course. First, it had a large number of students; almost 500 students were enrolled in it and most of them had minimal to no exposure to programming before taking the course. Second, it is taught at a Sino-British university but located in China-that is, the lessons were given in English and the curriculum met both the UK and Chinese standards. Third, the students had varied interests, ranging from engineering to computer science to industrial design. The experiences described in this paper will be useful to educators who are planning to integrate LEGO MindStorms into their teaching of programming to novice students who are from different backgrounds and with varied interests, enrolled in a large class, and who attend a university outside of developed countries.

A Light Mobile Web Service Framework Based on Axis2

Mobile computing has developed exponentially in the last decade, and these days the world is well into the mobile era. Smart mobile devices, including tablets, pads and smartphones, have left the labs and have become essential in people’s lives. Mobile computing will continue to grow in the next few years in power and pervasiveness and is poised to become the dominant computing technology. Due to power and bandwidth constraints inherent to mobile computing, it is imperative to communicate with web services as efficiently as possible. This need for efficiency motivates our research. In this paper, we develop a theoretical light web service framework and a practical system to test existing technologies and performance of mobile devices. Also, we describe a new service architecture and a mobile portal interface.

Attacking Random Keypads through Click Timing Analysis

This paper introduces a new method for attacking Personal Identification Numbers (PINs) through analysis of time delay between clicks. While click timing attacks are not new, they previously relied on known spacings between keys. In our method, we do not focus on flaws or weaknesses in the system itself, but on the flaws inherent in the human aspect of the system. Our attack exploits unconscious patterns in PIN input that are a side-effect of the human memorization process to narrow the PIN down to a specific class, such as date, greatly reducing the possible set of pass codes. To identify these patterns, we use a series of Support Vector Machines (SVM) as a multi-class classifier. Through analysis of our collected data set we demonstrate that this attack is very effective.

Mobistore: Secure Cloud-like Storage on Mobile Devices

With the rise of smart phones and tablets and the ubiquitous use of computers in daily life, the number of computing devices a user interacts with in a day has grown dramatically in recent years. This growth has led to numerous inconveniences for the user, one of the largest being the difficulty of accessing their data across all the devices they use. While one solution for this is cloud storage services such as Drop box or iCloud, these services are not without drawbacks, such as the need to constant, fast internet connectivity and security issues such as recently publicized hacks of iCloud and secret government accesses of a number of services. In this paper we introduce a new system which takes advantage of the ubiquitous use of smart phones to provide a cloud-like storage service that opportunistically pushes updates to other machines based on location. This system provides similar constant access to user data, while avoiding many of the drawbacks of cloud storage.

Wireless spectrum allocation by simulated annealing

Dynamic spectrum allocation shows great promise in increasing efficient spectrum usage in the face of growing wireless bandwidth demands, but satisfactory solutions to the practical problem of implementation have not yet been found. High utilization solutions have been proposed utilizing a central authority and hierarchical schemes but with high communications overhead and slow response to changing network demands. Heuristic solutions using only local information have also been proposed, but with much lower performance. This paper introduces a formulation of the problem using an annealed Metropolis Hastings algorithm that uses only local information and provably converges to the global optimum, albeit in exponential time. Despite the exponential time required for complete convergence, we show experimentally that it provides superior performance to the state of the art local heuristic solution in approximately the same number of iterations, with identical communication overhead.

An exploration of usable authentication mechanisms for virtual reality systems

Usable security for virtual reality systems (VR) is an area that is relatively underexplored. This research investigates the feasibility of some authentication mechanisms for VR. We implemented three password methods including 3D patterns, 2D sliding patterns, and a PIN system within a VR environment. Two experiments were conducted to test the usability and security level of the three password systems. The results suggested that the 3D password system may have the highest security level among the three systems, whereas the pattern lock and PIN systems were likely to be perceived as more usable.

Wi-Fi Access Point Roaming: Challenges and Potential Solutions

As functionalities in mobile devices have increased significantly in recent years, they have become primary means for staying connected through emails, instant messaging, voice and video calls. These services rely on mobile networks data connection or Wi-Fi connections which are cheaper and faster. They enable communications while moving from one location to another, but during the process of roaming the connections are predisposed to interruptions as the user gets out of the signal range. The current solution is to have multiple relay/repeater access points, nevertheless, short interruptions cause data integrity corruption and also use additional energy cost on the limited battery. To mitigate these issues, we propose a Wi-Fi roaming algorithm capable of automatically switching between access points while maintaining the data streams integrity. After implementation and evaluation of the proposed solution, further refinements are introduced such as seamless transitioning from Wi-Fi to mobile data and vice versa.

User Authentication Interfaces in Mobile Devices: Some Design Considerations

The use of mobile devices has been increasing for the last decade. With more powerful capabilities, they are replacing desktop computers. With this, there are also security concerns, one of which is the user authentication. When dealing with mobile phones, an important aspect is usability, as often users may play more importance to how usable programs or functionalities are than how secure they may be. In this paper, we look at user authentication from the perspective of usability. We aim to see what can constitute secure user authentication interfaces for mobile devices. We explore what has been done, and what considerations, from both the hardware to software to usability issues of these interfaces. We hope that just as important as security is, designers should also look at usability concerns.

Students' perception on the use of visual tilings to support their learning of programming concepts

In this research, we explore the use of visual tiling patterns (tilings for short) in the teaching of basic programming concepts to novice students. Tilings are made by connecting regular polygons side-by-side and their construction can be defined by the use of a simple set of commands. We believe tilings are a suitable context to situate the learning of elementary programming concepts for beginning programmers. The importance of placing commands in a proper sequence, of grouping a set of commands and using them repetitively, and of identifying logical errors can be demonstrated using tilings. We have created a prototype, which allows learners to create tilings based on a simple textual language, and used it within an introductory programming class at a Chinese university, where most students have minimal or no programming experience. After using the prototype in class, we conducted a class survey asking students about their perception of the usefulness of such the tool to support their learning. In this paper, we report the findings and our experiences using the tool.