Pompeo Faruolo

Maintaining dynamic minimum spanning trees: An experimental study

We report our findings on an extensive empirical study on the performance of several algorithms for maintaining minimum spanning trees in dynamic graphs. In particular, we have implemented and tested several variants of the polylogarithmic algorithm by Holm et al., sparsification on top of Fredericksons algorithm, and other (less sophisticated) dynamic algorithms. In our experiments, we considered as test sets several random, semi-random and worst-case inputs previously considered in the literature together with inputs arising from real-world applications (e.g., a graph of the Internet Autonomous Systems).

Engineering a secure mobile messaging framework

It is quite usual in the world of scientific software development to use, as black boxes, algorithmic software libraries without any prior assessment of their efficiency. This approach relies on the assumption that the experimental performance of these libraries, although correct, will match the theoretical expectation of their algorithmic counterparts. In this paper we discuss the case of SEESMS (Secure Extensible and Efficient SMS). It is a software framework that allows two peers to exchange encrypted and digitally signed SMS messages. The cryptographic part of SEESMS is implemented on top of the Java BC library (The Legion of Bouncy Castle, 2010), a widely used open-source library. The preliminary experimentations conducted on SEESMS, discussed in Castiglione et al. (2010), revealed some unexpected phenomena like the ECDSA-based cryptosystem being generally and significantly slower than the RSA-based equivalent. In this paper, we analyze these phenomena by profiling the code of SEESMS and expose the issues causing its bad performance. Then, we apply some algorithmic and programming optimizations techniques. The resulting code exhibits a significant performance boost with respect to the original implementation, and requires less memory in order to be run.

Maintaining Dynamic Minimum Spanning Trees: An Experimental Study

We report our findings on an extensive empirical study on several algorithms for maintainingminim um spanningtrees in dynamic graphs. In particular, we have implemented and tested a variant of the polylogarithmic algorithm by Holm et al., sparsification on top of Fredericksons algorithm, and compared them to other (less sophisticated) dynamic algorithms. In our experiments, we considered as test sets several random, semi-random and worst-case inputs previously considered in the literature.

Experiments on Improving Sensor Pattern Noise Extraction for Source Camera Identification

The source camera identification problem is concerned with the identification of the camera that has been used to generate a digital picture. A widely adopted identification technique, proposed by Lukas in [1], relies on the usage of the pattern noise left by the camera sensor as a fingerprint. This technique may perform badly when applied to images that have undergone lossy compression techniques, such as being saved as a low-quality JPEG image. In this paper, we firstly analyze the experimental performance of the identification technique by Lukas, when dealing with JPEG images saved using increasing compression rates. Then, we investigate if and how some of the enhanced sensor pattern noise extraction techniques proposed in literature are able to improve on the original technique in the considered cases. Our results show that, on a side, an increase in the compression rate of a JPEG image deeply affects the effectiveness of the identification process carried out using the Lukas technique. On the other side, we show that at least two of the considered enhanced sensor pattern noise extraction techniques succeed in recovering most part of this degradation.

JIVE: Java Interactive Software Visualization Environment

JIVE (Java interactive software visualization environment) is a system for the visualization of Java coded algorithms and data structures. It supports the rapid development of interactive animations through the adoption of an object oriented approach. JIVE introduces several significant innovations such as a distributed architecture able to separate transparently the visualization activity from the underlying communication needed to support it. Therefore, it becomes possible to use JIVE in a variety of scenarios ranging from debugging algorithms to software visualization in virtual classrooms environments. Moreover, JIVE uses a zoomable user interface for representing algorithms: seamless visualization of both small and large data sets is achieved by using semantic zooming. Finally, JIVE comes with a collection of already animated data types including data structures provided by the Java standard library

A review of security attacks on the GSM standard

The Global Systems for Mobile communications (GSM) is the most widespread mobile communication technology existing nowadays. Despite being a mature technology, its introduction dates back to the late eighties, it suffers from several security vulnerabilities, which have been targeted by many attacks aimed to break the underlying communication protocol. Most of these attacks focuses on the A5/1 algorithm used to protect over-the-air communication between the two parties of a phone call. This algorithm has been superseded by new and more secure algorithms. However, it is still in use in the GSM networks as a fallback option, thus still putting at risk the security of the GSM based conversations. The objective of this work is to review some of the most relevant results in this field and discuss their practical feasibility. To this end, we consider not only the contributions coming from the canonical scientific literature but also those that have been proposed in a more informal context, such as during hacker conferences.

Does path cleaning help in dynamic all-pairs shortest paths?

In the dynamic all-pairs shortest path problem we wish to maintain information about distances in a weighted graph subject to dynamic operations such as edge insertions, edge deletions, and edge weight updates. The most efficient algorithms for this problem maintain a suitable superset of shortest paths in the graph. This superset retains information about the history of previous graph updates so as to avoid pathological situations where algorithms are continuously forced to rebuild large portions of their data structures. On the other hand, the set of maintained paths may grow too large, resulting in both prohibitive space consumption and inefficient updates. To circumvent this problem, the algorithms perform suitable path cleaning operations. In this paper, we implement and experiment with a recent efficient algorithm by Thorup, which differs from the previous algorithms mainly in the way path cleaning is done, and we carry out a thorough experimental investigation on known implementations of dynamic shortest path algorithms. Our experimental study puts the new results into perspective with respect to previous work and gives evidence that path cleaning, although crucial for the theoretical bounds, appears to be instead of very limited impact in practice.

Reliable Accounting in Grid Economic Transactions

In the Grid computing model a remote service is provided by a resource owner to a client. The resource owner executes a client job and charges the client for a corresponding fee. In this paper we discuss the main weakness of many existing models for performing such a kind of transaction, i.e., the strong assumption that both the resource owner and the clients are honest. Then, we propose a new security model in which either the resource owners or the clients (or both) may not be honest. Our model introduces a trusted third party, referred to as “Grid Manager”. We describe in details the role of the Grid Manager and argue the advantages of our proposal with respect to the current state-of-the art.

Providing privacy for Web services by anonymous group identification

In this paper we present a SOAP extension for protecting the privacy of users of a Web service. This extension allows a user to prove to a remote SOAP server to be member of a trusted group without revealing his/her identity. Our extension has been designed as to ensure interoperability among SOAP applications written in different programming languages. We developed also some implementations of our extension using different programming languages. Moreover, we conducted an extensive experimentation of our implementation to prove its feasibility in a real-world context. In sums, our work suggests that privacy can be added to Web services with very little impact on the application developer and without compromising the performance of Web services.

Reliable accounting in grids

Grid computing is a distributed environment in which a remote service is provided by a resource owner to a client by means of a grid infrastructure. One of the major expectations for grid computing is about the rising of a market where users pay to access the computational and storage capacity offered by a resource owner. In this scenario, all the steps of the economic transaction related to the fulfilment of a service are accomplished with the mediation of the grid infrastructure. Several economic models have been proposed for determining how to charge the services offered through a grid. In this paper, we outline one important security issue that may arise in models where services are priced according to the amount of resources they consume. Our contribution is to propose a new security model where secure grid transactions are possible even when resource owners and clients are corrupted.