Tae Oh

SAINT: Self-Adaptive Interactive Navigation Tool for Cloud-Based Vehicular Traffic Optimization

This paper proposes a self-adaptive interactive navigation tool (SAINT), which is tailored for cloud-based vehicular traffic optimization in road networks. The legacy navigation systems make vehicles navigate toward their destination less effectively with individually optimal navigation paths rather than network-wide optimal navigation paths, particularly during rush hours. To the best of our knowledge, SAINT is the first attempt to investigate a self-adaptive interactive navigation approach through the interaction between vehicles and vehicular cloud. The vehicles report their navigation experiences and travel paths to the vehicular cloud so that the vehicular cloud can know real-time road traffic conditions and vehicle trajectories for better navigation guidance for other vehicles. With these traffic conditions and vehicle trajectories, the vehicular cloud uses a mathematical model to calculate road segment congestion estimation for global traffic optimization. This model provides each vehicle with a navigation path that has minimum traffic congestion in the target road network. Using the simulation with a realistic road network, it is shown that our SAINT outperforms the legacy navigation scheme, which is based on Dijkstras algorithm with a real-time road traffic snapshot. On a road map of Manhattan in New York City, our SAINT can significantly reduce the travel delay during rush hours by 19%.

Reeling In Cognitive Radio: The Issues of Regulations and Policies Affecting Spectrum Management

One of today’s most important developing wireless technologies is Cognitive Radio (CR). In our current fixed-assignment spectrum management policy, much of the available frequencies go unused. CR aims to make use of this unutilized space to provide wireless broadband services. This paper aims to give a background to CR and describe the key players in standardization and allocation of the unused spectrum. Furthermore, it discusses the policies and policy makers that are guiding the future of CR.

Developing Automated Input Generator for Android Mobile Device to Evaluate Malware Behavior

According to International Data Corporation (IDC), Android accounted for 81% of all smartphone shipments in the third quarter of 2013. With the increase in smartphones, mobile application installs from Google Play have reached more than 48 billion app installs as revealed by Sundar Pichai, senior vice president, Chrome and Apps at Google I/O 2013. Thus, Android application development has become increasingly popular with the need of an effective software solution for application development and testing. While most Android applications are developed in Java, the Android framework is quite different fromm typical Java frameworks. Thus, while development or testing of Android applications, the user needs to be aware of all the terms and concepts specific to the Android framework such as activity, views and the Android SDK in general. A key to successfully develop Android applications is not just understanding the core Android concepts but also testing the functionality of the application before it is published in the Android market. The most important part of testing is simulating inputs to the application which closely resemble the inputs that users are actually going to provide once the application is downloaded. Coupled with inputs, another important facet of Android testing is to ensure maximum code coverage while the application is tested. This is largely dependent on the inputs supplied while testing the application. To achieve automated testing with these criteria in mind, it is challenging to ensure ideal testing of Android applications. Our focus of Android testing was therefore to devise a solution which matches or at least closely resembles the ideal testing of Android applications. In this talk, we present an automated input generator which systematically scans the user interface of an application and simulates clicking of each object one-by-one till there are no objects left or till the system has covered the maximum amount of possible views in the user interface of the application. The simulation of inputs is not just random inputs but systematic, valid inputs. The underlying principle behind this approach is the depth first search algorithm which traverses throughout the application to cover as many layers of the applications user interface as possible. The purpose of using input generator to evaluate the mobile device malware in the virtual environment. The proposed input generator is fully automated and it is therefore difficult to devise a generalized automated solution for all Android applications. Moreover, the system takes the user interface of the application into account and it is therefore challenging to include applications with complex user interfaces such as large application or games. Therefore, the proposed idea is currently tested only on simple applications. Future functionality takes into account complex applications while the basic idea of traversing the applications user interface will remain the same. We evaluated the technique by comparing it on a high level detail with the existing input generating tools such as Monkey and Monkey Runner. The proposed input generating technique is not only more efficient while generating valid inputs as compared to randomized inputs but also more easier to use than tools such as Monkey Runner. In other words, the idea of the proposed input generator couples the simplicity of the random approach in the Monkey tool along with the benefit of ensuring valid inputs in the Monkey Runner tool while ensu ring maximum code coverage.

Teaching high-assurance internet protocol encryption (haipe) using opnet modeler simulation tool

HAIPE is a primary encryption technology in the Department of Defense (DoD) Networks and has been a critical architecture component of net-centric operation. It is a fairly new encryption technology similar to Internet Protocol Security (IPSec), and it is not easy to teach different components of HAIPE in a traditional classroom environment. However, Optimum Network (OPNET) Modeler tool with extensive features of HAIPE offers practical experience of the encryption technology to students. A combination of theoretical teaching and practical experience provide easier and in-depth understanding of the technology. This paper discusses how the OPNET Modeler tool can benefit students in the understanding of HAIPE technology and discusses the features in the tool offers that can be used for effective teaching. Lastly, this paper discusses how this tool can be used to meet configuration, visual, and trade-off learning objectives.

Security Requirements Embedded in MS Programs in Information Sciences and Technologies

This paper reviews and assesses the current coverage of security topics in the masters programs and proposes the best method for educating students in an Information Sciences and Technologies curriculum at Rochester Institute of Technology. We start by describing a case study of student projects in a data-warehousing course to motivate the need to cover security topics in our curriculum. We then discuss security topics related to the modern computing landscape, which we plan to cover in our MS programs: Internet of Things, Big Data and Cloud Computing. We describe a multi-threaded approach to introduce security into our programs by spreading the topics across core and elective courses that have related topics.

Cloud-based Android botnet malware detection system

Increased use of Android devices and its open source development framework has attracted many digital crime groups to use Android devices as one of the key attack surfaces. Due to the extensive connectivity and multiple sources of network connections, Android devices are most suitable to botnet based malware attacks. The research focuses on developing a cloud-based Android botnet malware detection system. A prototype of the proposed system is deployed which provides a runtime Android malware analysis. The paper explains architectural implementation of the developed system using a botnet detection learning dataset and multi-layered algorithm used to predict botnet family of a particular application.

Survey on protocols and applications for vehicular sensor networks

This article surveys protocols and applications for the driving safety and efficiency in vehicular sensor networks. Nowadays, most vehicles are equipped with Global Positioning System navigation systems in the form of a dedicated navigator or smartphone app. Also, the government regulation requires vehicles to be equipped with dedicated short-range communication device for the communications among vehicles or between vehicles and infrastructure for a safety purpose. Because of this trend, many applications in vehicular networks can be envisioned for the safety of drivers and pedestrians as well as driving efficiency and fuel saving. To support these applications, protocols in physical, link, and network layers are designed and tailored for the optimal performance. This article summarizes and analyzes the state-of-art articles in the protocols and applications for vehicular sensor networks in order to shed the light of research direction on the audience in vehicular sensor networks.

Android botnet categorization and family detection based on behavioural and signature data

Predicting application performing malicious activity based on its behavioural analysis is extremely difficult compare to signature based approach. But considering the rapid development and slight changes in code allowing avoiding of signature-based malware analysis has made behaviour-based analysis more and more important in recent years. In last decade there is unimagined and trilling growth in the mobile market, which is unquestionably dominated by Android OS. Android has very fast growing application markets that have been targeted by underground malware distribution networks. There are larger numbers of new application stores across the globe apart from leaders of App market like Google Play Store, Amazon etc. It is very important to test the possible ways of behaviour based malware analysis in Android. Research focuses on creating a working prototype of a system that takes different behavioural parameters of Android application as input and perform analysis using artificial intelligence approach. During the implementation signature based detection methods were also included in the implemented prototype.

Mobile device penetration testing framework and platform for the mobile device security course

The authors have developing mobile device evaluation and testing platform to evaluate the mobile malware. Using the platform, the authors have created several courses in mobile device security. One of the important requirements is to provide students with a safe and sandboxed environment for malware analysis. Other features include tool enhanced lab environment, updated malware repository, log collection and exact assistance. Java based client-server application have been created to serve these requirements. Also a framework to perform mobile malware analysis and mobile penetration testing is proposed and implemented under this research work. Paper focuses on analysing requirements for such coursework to perform mobile malware analysis and mobile application penetration testing. Paper also gives details about the tools created and framework implemented to successfully teach Advanced Mobile Device Security course and perform interactive lab exercises.

STMAC: Spatio-Temporal Coordination-Based MAC Protocol for Driving Safety in Urban Vehicular Networks

In this paper, we propose a spatio-temporal coordination-based media access control (STMAC) protocol for efficiently sharing driving safety information in urban vehicular networks. STMAC exploits a unique spatio-temporal feature characterized from a geometric relation among vehicles to form a line-of-collision graph, which shows the relationship among vehicles that may collide with each other. Based on this graph, we propose a contention-free channel access scheme to exchange safety messages simultaneously by employing directional antenna and transmission power control. Based on an urban road layout, we propose an optimized contention period schedule by considering the arrival rate of vehicles at an intersection in the communication range of a road-side unit to reduce vehicle registration time. Using theoretical analysis and extensive simulations, it is shown that STMAC outperforms legacy MAC protocols especially in a traffic congestion scenario. In the congestion case, STMAC can reduce the average superframe duration by 66.7%, packet end-to-end delay by 68.3%, and packet loss ratio by 88% in comparison with the existing MAC protocol for vehicle-to-infrastructure communication, based on the IEEE 802.11p.