Papers by Boleslaw Szymanski
… 2003. Proceedings. 19th …, Jan 1, 2003
This paper addresses the problem of detecting masquerading, a security attack in which an intrude... more This paper addresses the problem of detecting masquerading, a security attack in which an intruder assumes the identity of a legitimate user. Many approaches based on Hidden Markov Models and various forms of Finite State Automata have been proposed to solve this problem. The novelty of our approach results from the application of techniques used in bioinformatics for a pair-wise sequence alignment to compare the monitored session with past user behavior. Our algorithm uses a semi-global alignment and a unique scoring system to measure similarity between a sequence of commands produced by a potential intruder and the user signature, which is a sequence of commands collected from a legitimate user. We tested this algorithm on the standard intrusion data collection set. As discussed in the paper, the results of the test showed that the described algorithm yields a promising combination of intrusion detection rate and false positive rate, when compared to published intrusion detection algorithms.
Computational statistics & data analysis, Jan 1, 2008
computers & security, Jan 1, 2009
Collaborative network defense a b s t r a c t Studies of worm outbreaks have found that the speed... more Collaborative network defense a b s t r a c t Studies of worm outbreaks have found that the speed of worm propagation makes manual intervention ineffective. Consequently, many automated containment mechanisms have been proposed to contain worm outbreaks before they grow out of control. These containment systems, however, only provide protection for hosts within networks that implement them. Such a containment strategy requires complete participation to protect all vulnerable hosts. Moreover, collaborative containment systems, where participants share alert data, face a tension between resilience to false alerts and quick reaction to worm outbreaks. This paper suggests an alternative approach where an autonomous system in an internetwork, such as the Internet, protects not only its local hosts, but also all hosts that route traffic through it, which we call internetwork-centric containment. Additionally, we propose a novel reputation-based alerting mechanism to provide fast dissemination of infection information while maintaining the fairness of the system. Through simulation studies, we show that the combination of internetwork-centric containment and reputation-based alerting is able to contain an extremely virulent worm with relatively little participation in the containment system. In comparison to other collaborative containment systems, ours provides better protection against worm outbreaks and resilience to false alerts.
The Internet infrastructure, which has become so critical in our everyday lives, needs automated ... more The Internet infrastructure, which has become so critical in our everyday lives, needs automated protection from worm attacks. We propose a system that uses the ideas of reputation and recommendation to effectively quarantine random scanning worms on the Internet. A trust model, based on the passing of recommendations among participating autonomous systems, is used to modulate a localized reputation value that indicates the notoriety, or disrepute, of the attacker. This allows us to enact localized blocking of worm traffic commensurate with the notoriety of the attacker, eventually leading to a global blocking strategy for globally notorious attackers. Unlike previous attempts at collaborative worm containment, our approach's reliance on a trust model provides resilience to Byzantine failures and allows it to be used within the Internet at-large, rather than restricting it to enterprise networks within a single administrative domain. Using simulations, we demonstrate that our reputation-based system is capable of quickly quarantining worms that are many orders of magnitude more virulent than worms released into the Internet thus far. We also discuss the possible uses of the system in quarantining other types of malicious behavior, such as spam and viruses, which have widereaching global effects.
Evolutionary algorithms (EAs) require large scale computing resources when tackling real world pr... more Evolutionary algorithms (EAs) require large scale computing resources when tackling real world problems. Such computational requirement is derived from inherently complex fitness evaluation functions, large numbers of individuals per generation, and the number of iterations required by EAs to converge to a satisfactory solution. Therefore, any source of computing power can significantly benefit researchers using evolutionary algorithms. We present the use of volunteer computing (VC) as a platform for harnessing the computing resources of commodity machines that are nowadays present at homes, companies and institutions. Taking into account that currently desktop machines feature significant computing resources (dual cores, gigabytes of memory, gigabit network connections, etc.), VC has become a cost-effective platform for running time consuming evolutionary algorithms in order to solve complex problems, such as finding substructure in the Milky Way Galaxy, the problem we address in d...
Lecture Notes in Computer Science, 2004
The emergence of low-cost PC clusters together with the standardization of programming models (MP... more The emergence of low-cost PC clusters together with the standardization of programming models (MPI and OpenMP) have paved the way for parallel computing to come into production use. In all domains of high performance computing, parallel execution routinely is considered as one of the major sources of performance. In some domains, like computational. uid dynamics, commercial codes already o. er parallel execution as an option. In new domains, like bioinformatics, parallel execution is considered early in the ...
6th Annual Conference of the International Technology Alliance in Network and Information Science, ACITA 2012, Southampton, UK, September 17-21, 2012, , ACITA, Bootley Park, UK, Sep 1, 2012
We show that query delegation to well connected hub nodes is beneficial in scale free networks an... more We show that query delegation to well connected hub nodes is beneficial in scale free networks and that knowing the location of the data is beneficial for choosing where to evaluate a query in all topologies. We ascertain that a semi-join strategy can be beneficial in distributed topologies when the join attributes are small, there is repetition of join attributes or the join produces a small number of results. We show that the cost of scaling a network is better in the preferential attachment network, indicating that a hypercube is more suitable ...
Social networks analysis includes examining the actions of entities in a social setting. These ac... more Social networks analysis includes examining the actions of entities in a social setting. These actions can be either interactions between entities (e.g. talking, exchanging items etc.), or actions which do not include interactions, but nevertheless are happening in a social context, hence are influenced by social relations. Such actions often contain behavioral patterns that are specific to the actions involved. It is important to understand such patterns to be able to model social environments reliably. In this work, we introduce a novel method for modeling and classifying behavior of nodes in a social network using Probabilistic Context Free Grammars (PCFGs). Informally, PCFGs are regular context free grammars (consisting of START symbol, terminals, nonterminals
IEEE International Conference on Communications, 2001
The complex and dynamic feature of the Internet requires a scalable and effective network control... more The complex and dynamic feature of the Internet requires a scalable and effective network control. In this paper, a collaborative on-line simulation scheme is proposed to provide the automated and pro-active control functions for the networks. This scheme introduces autonomous on-line simulators into local networks, which continuously monitor the surrounding network conditions, collect the relevant information, communicate with other simulators
… , 2001. ICC 2001. …, Jun 11, 2001
The complexity and dynamics of the Internet is driving the demand for scalable and effective netw... more The complexity and dynamics of the Internet is driving the demand for scalable and effective network control. This paper proposes a collaborative on-line simulation architecture to provide pro-active and automated control functions for networks. The general model includes autonomous on-line simulators which continuously monitor/model the network conditions and execute a search in the parameter state space for better settings of the protocol parameters. The protocol parameters are then tuned by the on-line simulation ...
This paper investigates the application of model-driven techniques to the construction and compos... more This paper investigates the application of model-driven techniques to the construction and composition of services on sensor networks. We present a model that gives the user a visual representation of a service, that can be annotated with semantic information (for example performance characteristics, deployment constraints, policies and rules, etc.) using an appropriate extensible user-oriented vocabulary. We propose the use of UML 2.0 Activity Diagrams as our graphical notation, with semantic annotations represented as properties. We show the transformation of the UML model to a semantic representation conforming to an appropriate ontology and use this as the core model for subsequent static and dynamic analysis. We show how the core model can be used to generate domain-specific representations suitable for input to analysis and development tools. Two examples are given: (i) generation of a Performance Evaluation Process Algebra (PEPA) [1] model, and (ii) generation of a specificat...
Scientific reports, 2014
We investigate the two-word Naming Game on two-dimensional random geometric graphs. Studying this... more We investigate the two-word Naming Game on two-dimensional random geometric graphs. Studying this model advances our understanding of the spatial distribution and propagation of opinions in social dynamics. A main feature of this model is the spontaneous emergence of spatial structures called opinion domains which are geographic regions with clear boundaries within which all individuals share the same opinion. We provide the mean-field equation for the underlying dynamics and discuss several properties of the equation such as the stationary solutions and two-time-scale separation. For the evolution of the opinion domains we find that the opinion domain boundary propagates at a speed proportional to its curvature. Finally we investigate the impact of committed agents on opinion domains and find the scaling of consensus time.
Physical Review E, 2012
We introduce a homogeneous pair approximation to the naming game (NG) model by deriving a six-dim... more We introduce a homogeneous pair approximation to the naming game (NG) model by deriving a six-dimensional Open Dynamics Engine (ODE) for the two-word naming game. Our ODE reveals the change in dynamical behavior of the naming game as a function of the average degree {k} of an uncorrelated network. This result is in good agreement with the numerical results. We also analyze the extended NG model that allows for presence of committed nodes and show that there is a shift of the tipping point for social consensus in sparse networks.
An agent-based model, Naming Game, on 2-dimensional random geographic networks is investigated. N... more An agent-based model, Naming Game, on 2-dimensional random geographic networks is investigated. Naming Game, arising from the linguistic study, is one type of opinion dynamics which captures the large scale agreement by pair-wise communications. Study of this model helps to understand the spatial distribution and propagation of social opinions. A main feature of this model is the automatic emergence of opinion domains which are clusters sharing the same opinion with clear geographic boundaries. We propose a geographic coarsening approach to analyze this model and obtain a PDE for macrostate dynamics. We discuss several properties of the equation such as the stationary solutions and adiabaticity, and find the evolution of opinion domains is qualitatively the same as the Glauber ordering at zero temperature. Finally we consider the effect of committed agents on opinion domains and find the scaling of consensus time.
Physical review. E, Statistical, nonlinear, and soft matter physics, 2014
Agent-based models of the binary naming game are generalized here to represent a family of models... more Agent-based models of the binary naming game are generalized here to represent a family of models parameterized by the introduction of two continuous parameters. These parameters define varying listener-speaker interactions on the individual level with one parameter controlling the speaker and the other controlling the listener of each interaction. The major finding presented here is that the generalized naming game preserves the existence of critical thresholds for the size of committed minorities. Above such threshold, a committed minority causes a fast (in time logarithmic in size of the network) convergence to consensus, even when there are other parameters influencing the system. Below such threshold, reaching consensus requires time exponential in the size of the network. Moreover, the two introduced parameters cause bifurcations in the stabilities of the…
Uploads
Papers by Boleslaw Szymanski