Shambhu J. Upadhyaya

Coordination in emergency response management

Developing a framework to analyze coordination patterns occurring in the emergency response life cycle.

Linear circuit fault diagnosis using neuromorphic analyzers

This paper presents a method of analog fault diagnosis using neural networks. The primary focus of the paper is to provide robust diagnosis using a simple mechanism for automatic test pattern generation while reducing test time. A new diagnosis framework consisting of a white noise generator and an artificial neural network for response analysis and classification is proposed. This approach moves the diagnosis of analog circuits closer to the goal of built-in test. Networks of reasonable dimension are shown to be capable of robust diagnosis of analog circuits including effects due to tolerances.

Towards a theory of insider threat assessment

Insider attacks are a well-known problem acknowledged as a threat as early as 1980s. The threat is attributed to legitimate users who abuse their privileges, and given their familiarity and proximity to the computational environment, can easily cause significant damage or losses. Due to the lack of tools and techniques, security analysts do not correctly perceive the threat, and hence consider the attacks as unpreventable. In this paper, we present a theory of insider threat assessment. First, we describe a modeling methodology which captures several aspects of insider threat, and subsequently, show threat assessment methodologies to reveal possible attack strategies of an insider.

Quantifying trust in mobile ad-hoc networks

This paper introduces a trust-domain based security architecture for mobile ad-hoc networks (MANETs). The aim of this architecture is twofold: to use trust as a basis to establish keys between nodes in a MANET, and to utilize trust as a metric for establishing secure distributed control in infrastructure-less MANETs. We define metrics for nodes to establish and manage trust, and use this mutual trust to make decisions on establishing group and pair-wise keys in the network. The impact of mobility of the nodes on trust establishment is considered and further its use as a means of propagating trust through the network is investigated. We introduce the concept of self-organizing trust-based physical-logical domains (PLDs) as a means of grouping nodes for distributed control in the network.

On programmable memory built-in self test architectures

The design and architectures of a microcode-based memory BIST and programmable FSM-based memory BIST unit are presented. The proposed microcode-based memory BIST unit is more efficient and flexible than existing architectures. Test logic overhead of the proposed programmable versus nonprogrammable memory BIST architectures is evaluated. The proposed programmable memory BIST architectures could be used to test memories in different stages of their fabrication and therefore result in lower overall memory test logic overhead. We show that the proposed microcode-based memory BIST architecture has better extendibility and flexibility while having less test logic overhead than the programmable PSM-based memory BIST architecture.

Security in grid computing: A review and synthesis

This paper provides an extensive survey of the different methods of addressing security issues in the grid computing environment, and specifically contributes to the research environment by developing a comprehensive framework for classification of these research endeavors. The framework presented classifies security literature into System Solutions, Behavioral Solutions, Hybrid Solutions and Related Technologies. Each one of these categories is explained in detail in the paper to provide insight as to their unique methods of accomplishing grid security, the types of grid and security situations they apply best to, and the pros and cons for each type of solution. Further, several areas of research were identified in the course of the literature survey where more study is warranted. These avenues for future research are also discussed in this paper. Several types of grid systems exist currently, and the security needs and solutions to address those needs for each type vary as much as the types of systems themselves. This research framework will aid in future research efforts to define, analyze, and address grid security problems for the many varied types of grid setups, as well as the many security situations that each grid may face.

PHONEY: mimicking user response to detect phishing attacks

Phishing scams pose a serious threat to end-users and commercial institutions alike. Email continues to be the favorite vehicle to perpetrate such scams mainly due to its widespread use combined with the ability to easily spoof them. Several approaches, both generic and specialized, have been proposed to address this problem. However, phishing techniques, growing in ingenuity as well as sophistication, render these solutions weak. In this paper we propose a novel approach to detect phishing attacks using fake responses which mimic real users, essentially, reversing the role of the victim and the adversary. Our prototype implementation called PHONEY, sits between a users mail transfer agent (MTA) and mail user agent (MUA) and processes each arriving email for phishing attacks. Using live email data collected over a period of eight months we demonstrate data that our approach is able to detect a wider range of phishing attacks than existing schemes. Also, the performance analysis study shows that the implementation overhead introduced by our tool is very negligible

A comprehensive reconfiguration scheme for fault-tolerant VLSI/WSI array processors

This paper presents an effective reconfiguration scheme consisting of detailed spare replacement, processor placement, routing, and switch programming mechanisms. A new switch programming scheme is proposed to reduce the hardware overhead of reconfiguration. A thorough yield simulation tool has been developed for accurate prediction of yield by considering the effects of defect clusters and switching network failures. This yield simulation tool can also be used to obtain the information on the performance degradation, spare replacement, processor placement, routing and the switch programming algorithm survival probability.

Profiling Users in GUI Based Systems for Masquerade Detection

Masquerading or impersonation attack refers to the illegitimate activity on a computer system when one user impersonates another user. Masquerade attacks are serious in nature due to the fact that they are mostly carried by insiders and thus are extremely difficult to detect. Detection of these attacks is done by monitoring significant changes in users behavior based on his/her profile. Currently, such profiles are based mostly on the user command line data and do not represent his/her complete behavior in a graphical user interface (GUI) based system and hence are not sufficient to quickly detect such masquerade attacks. In this paper, we present a new framework for creating a unique feature set for user behavior on GUI based systems. We have collected real user behavior data from live systems and extracted parameters to construct these feature vectors. These vectors contain user information such as mouse speed, distance, angles and amount of clicks during a user session. We model our technique of user identification and masquerade detection as a binary classification problem and use support vector machine (SVM) to learn and classify these feature vectors. We show that our technique can provide detection rates of up to 96% with few false positives based on these feature vectors. We have tested our technique with various feature vector parameters and conclude that these feature vectors can provide unique and comprehensive user behavior information and are powerful enough to detect masqueraders

Efficiency of critical incident management systems: Instrument development and validation

There is much literature in the area of emergency response management systems. Even so, there is in general a lacuna of literature that deals with the issue of measuring the effectiveness of such systems. The aim of this study is to develop and validate an instrument to measure the critical factors that contribute to the efficiency of decision support in critical incident management systems (CIMS). The instrument presented in this paper has been developed using a CIMS efficiency model that is based on an adaptation of media richness theory, aspects of the national incident management system (NIMS) and interviews with experts on emergency management. The instrument has been validated through a pretest, followed by a pilot test and, finally, a main field test which includes a survey of 76 experts. The final instrument consists of 28 statistically relevant question items, which form eight constructs. The instrument allows communities to assess both strengths and weaknesses of existing systems. This allows communities to better prepare for disasters as it informs both policies and practice on areas of weakness that need addressing.