Network


Latest external collaboration on country level. Dive into details by clicking on the dots.

Hotspot


Dive into the research topics where John M. Zachary is active.

Publication


Featured researches published by John M. Zachary.


IEEE Internet Computing | 2003

Protecting mobile code in the world

John M. Zachary

Proposed applications for mobile code systems include autonomous shopping agents, autonomic systems, distributed sensor network applications, and interstellar space networks. I argue the case for mobile code systems as the next-generation distributed programming paradigm and discuss the security problems that must be addressed before this vision is practically realizable. The security discussion will focus on protecting mobile code programs that execute in the wild from malicious actions by remote hosts.


Second IEEE International Information Assurance Workshop, 2004. Proceedings. | 2004

Conversation exchange dynamics for real-time network monitoring and anomaly detection

John M. Zachary; John C. McEachen; Daniel W. Ettlich

We present a model for real-time network monitoring and anomaly detection that provides a holistic view of network conversation exchanges. We argue that monitoring and anomaly detection are necessary mechanisms for ensuring secure and dependable network computing infrastructure. The model for network traffic exchange is based on a modified Ehrenfest urn model. The motivation for the model is heavily influenced by the success of statistical physics to provide macrostate descriptions of physical systems when the exact microstate parameters of each element in the system precludes understanding from first principles. The conversation exchange dynamics model for real-time network monitoring and anomaly detection is formally described. The model induces a unique real-time visualization capability for network monitoring and detection of anomalous events. An implementation of the model and visualization capability is presented along with laboratory tests and successful detection of real world events, including a Code Red worm attack.


Mobile Networks and Applications | 2003

Bidirectional mobile code trust management using tamper resistant hardware

John M. Zachary; Richard R. Brooks

Trust management in a networked environment consists of authentication and integrity checking. In a mobile computing environment, both remote hosts and mobile code are suspect. We present a model that addresses trust negotiation between the remote host and the mobile code simultaneously. Our model uses tamper resistant hardware, public key cryptography, and one-way hash functions.


military communications conference | 2003

A decentralized approach to secure management of nodes in distributed sensor networks

John M. Zachary

Distributed sensor networks are a promising technology for surveillance and reconnaissance in many applications, such as next generation C4ISR and the digital battlefield. The dearth of effective security mechanisms are a main obstacle to the acceptance of distributed sensor networks. As research pushes sensor nodes to be smaller and ubiquitous, security issues become paramount. Security in sensor networks needs to be considered during the early phases of development. This paper describes a decentralized solution to the problem of securely checking node membership in ad hoc sensor networks. This method does not require each node to maintain a membership list, does not require communication between the base station and verifying node, and it efficiently handles dynamic membership events (node leaves and joins). It is based on the concept of quasi-commutative hash functions, also called one-way accumulators. The paper analyzes resource requirements and suggests new ways to optimize the use of one-way accumulators while maintaining security in sensor node applications.


international conference on information technology and applications | 2005

Real-Time Representation of Network Traffic Behavior for Enhanced Security

John C. McEachen; John M. Zachary

This paper presents a model for real-time network monitoring and anomaly detection that provides a holistic view of network conversation exchanges. We argue that monitoring and anomaly detection are necessary mechanisms for ensuring secure and dependable network computing infrastructure. The model for network traffic exchange is based on a modified Ehrenfest urn model and combines statistical physics and queuing theory to provide macrostate descriptions of complex networked systems when the exact microstate parameters of each element in the system precludes global understanding from first principles. The conversation exchange dynamics model for real-time network monitoring and anomaly detection is formally presented in this context as a system-driven data reduction model. The model induces a unique real-time visualization capability for network monitoring and detection of anomalous events. An implementation of the model and visualization capability is presented along with laboratory tests and successful detection of computer network attacks


hawaii international conference on system sciences | 2005

A Novel Approach to Accentuating Anomalous Events in Complex Network Systems

John C. McEachen; John M. Zachary

We consider the computer network as a complex, interacting system and present a novel approach to representing anomalous events that occur within the network. This approach is essentially a form of intelligent data reduction that facilitates scalable monitoring of large systems. Specifically, we develop macrostate descriptions of complex networked systems in situations where exact microstate parameters of each element in the system preclude global understanding from first principles. This aids in identifying violations of network policy such as network attacks and misconfigurations. This approach has been verified in several environments. Example responses from network attacks simulated in the laboratory including those contained in the DARPA Lincoln Lab IDS test data as well as from operational network traffic are presented. These results suggest that our approach presents a unique perspective on anomalies in computer network traffic.


midwest symposium on circuits and systems | 2004

A model of conversation exchange dynamics for detection of epidemic-style network attacks

S. Mylavarapu; John M. Zachary; D. Ettlich; John C. McEachen; D. Ford

Epidemic-style network attacks, such as worms, have increased in frequency over the past several years as computer networks have grown in bandwidth and scope. Mechanisms to contain these types of attacks depend on rapid and effective detection of their existence, which corresponds to anomalous network traffic behavior. These behaviors are typically associated with denial of service, probing, and buffer overflow attacks. We present a model called conversation exchange dynamics (CED) and analyze its ability to detect network anomalies by observing anomalous packets amongst traffic generated in a controlled test environment. We present configuration issues and show the successful ability of this model to detect anomalous packets and even network attacks that exhibit behavior pathologies similar to network worms.


international symposium on circuits and systems | 2004

Differentiating network conversation flow for intrusion detection and diagnostics

John C. McEachen; John M. Zachary; Daniel W. Ettlich

We present a novel approach to detecting anomalous network events. Specifically, a method for characterizing and displaying the flow of conversations across a distributed system with a high number of interacting entities is discussed and analyzed. Results from simulated laboratory experiments as well as observations from operational network traffic are presented. These results suggest that our approach presents a unique perspective on anomalies in computer network traffic. Additionally, this approach produces a normal statistic that could viably be analyzed with ML/MSE estimators.


Lecture Notes in Computer Science | 2004

Modeling Traffic Flow Using Conversation Exchange Dynamics for Identifying Network Attacks

Sudhamsu Mylavarapu; John C. McEachen; John M. Zachary; Stefan L. Walch; John S. Marinovich

We present a novel approach to identifying anomalous network events Specifically, a method for characterizing and displaying the flow of conversations across a distributed system with a high number of interacting entities is discussed and analyzed. Results from from attacks contained in the DARPA Lincoln Lab IDS test data and from operational network traffic are presented. These results suggest that our approach presents a unique perspective on anomalies in computer network traffic.


ICECS'05 Proceedings of the 4th WSEAS international conference on Electronics, control and signal processing | 2005

Conversation exchange dynamics: a new signal primitive for visualizing network intrusion detection

John C. McEachen; John M. Zachary; Junling Wang; Kah Wai Cheng

Collaboration


Dive into the John M. Zachary's collaboration.

Top Co-Authors

Avatar
Top Co-Authors

Avatar

Junling Wang

University of South Carolina

View shared research outputs
Top Co-Authors

Avatar

Kah Wai Cheng

Naval Postgraduate School

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Richard R. Brooks

University of South Carolina

View shared research outputs
Top Co-Authors

Avatar

S. Mylavarapu

University of South Carolina

View shared research outputs
Top Co-Authors

Avatar

Stefan L. Walch

Naval Postgraduate School

View shared research outputs
Top Co-Authors

Avatar

Sudhamsu Mylavarapu

University of South Carolina

View shared research outputs
Researchain Logo
Decentralizing Knowledge