Amitabha Das - Academia.edu (original) (raw)
Papers by Amitabha Das
Watermarking video content using visual cryptography and scene averaged image
2010 IEEE International Conference on Multimedia and Expo, 2010
Abstract With the increasing convergence of network, services, and devices, more number of end us... more Abstract With the increasing convergence of network, services, and devices, more number of end user devices are accessing digital media content which were hitherto accessible mainly from computers and television sets. This makes the digital media more prone to illegal ...
ACM SIGCOMM Computer Communication Review, 1993
We present a new class of interconnection topologies called the Linear Recursive Networks. It is ... more We present a new class of interconnection topologies called the Linear Recursive Networks. It is shown that each member oft his fairly large class of network topologies possesses a recursively-decomposable structure. The path and connectivity properties of the entire class of networks are analyzed and found to have useful features. It is also demonstrated that Point-To-Point or Broadcasting/Gathering operations can be performed efficiently on all Linear Recursive Networks. The preliminary results suggest that the Linear Recursive Networks potentially have many applications.
Proceedings of the 2009 Ieee International Conference on Multimedia and Expo, Jun 28, 2009
In this paper, we propose a joint digital watermarking protocol for the multiparty multilevel DRM... more In this paper, we propose a joint digital watermarking protocol for the multiparty multilevel DRM architecture using Garner's algorithm for the Chinese remainder theorem (CRT). Our protocol exploits the incremental nature of the computation of CRT by the Garner's algorithm. The proposed joint watermarking protocol embeds a single watermark signal into the content while taking care of the various security concerns such as proof of involvement in the distribution chain, nonrepudiation of the involvement and protection against false framing of the different parties involved. Further, in the event of nding an illegal copy of the content, the identities of all the parties involved in that content distribution chain can be traced back by extracting the watermark information.
Corr, Nov 25, 2004
Anomaly-based intrusion detection (AID) techniques are useful for detecting novel intrusions into... more Anomaly-based intrusion detection (AID) techniques are useful for detecting novel intrusions into computing resources. One of the most successful AID detectors proposed to date is stide, which is based on analysis of system call sequences. In this paper, we present a detailed formal framework to analyze, understand and improve the performance of stide and similar AID techniques. Several important properties of stide-like detectors are established through formal proofs, and validated by carefully conducted experiments using test datasets. Finally, the framework is utilized to design two applications to improve the cost and performance of stide-like detectors which are based on sequence analysis. The first application reduces the cost of developing AID detectors by identifying the critical sections in the training dataset, and the second application identifies the intrusion context in the intrusive dataset, that helps to fine-tune the detectors. Such fine-tuning in turn helps to improve detection rate and reduce false alarm rate, thereby increasing the effectiveness and efficiency of the intrusion detectors.
Method and System for Preauthenticating a Mobile Node
Variable-length signatures for intrusion detection
Interspeech, 2008
This paper presents a comparative study on the usability of a service presented in telephone, PC-... more This paper presents a comparative study on the usability of a service presented in telephone, PC-based web interface, and mobile/ multi-modal variants. The goal is not to analyze individual strengths and weaknesses of the different modalities, but to understand the user's perception of the SUMI criteria (efficiency, affect/ likability, helpfulness, control, learnability), and the overall impression of a service with respect to the access variant tested. As multi-modality is often framed as a technology to make usage more "intuitive", we were particularly interested in the differences between experienced and novice users. To this end, we conducted a study with 80 participants and conclude that, while multi-modality is accepted by experienced users, it seems to be asking too much from novice users, particularly with respect to learnability and efficiency.
An improvement to the reliability of IEEE 802.11 broadcast scheme for multicasting in mobile ad hoc networks
2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004., 2004
Broadcasting is one of the essential communication models of MANETs. Many MANET multicast routing... more Broadcasting is one of the essential communication models of MANETs. Many MANET multicast routing protocols rely heavily upon MAC layer's broadcast support. However, the broadcast mechanism of the standard IEEE 802.11 cannot provide reliable broadcasting service. In this paper, we improve the IEEE 802.11 broadcast mechanism's reliability by introducing the adaptive round-robin acknowledge and retransmit (ARAR) scheme. Different from the
A Parallel Processing Paradigm for Irregular Applications
ABSTRACT
A Flow Control Framework for Improving Throughput and Energy Efficiency in CSMA/CA based Wireless Multihop Networks
2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks(WoWMoM'06), 2006
In a CSMA/CA based multihop wireless network, excessive interference at a receiver or a potential... more In a CSMA/CA based multihop wireless network, excessive interference at a receiver or a potential forwarding node causes severe blocking and reduction in throughput. The unbalanced interference forces the node to consume more time receiving packets rather than sending them, ...
A new MRF model for robust estimate of occlusion and motion vector fields
Proceedings of International Conference on Image Processing, 1997
This paper proposes a new Markov random field (MRF) model for the detection of occluded regions i... more This paper proposes a new Markov random field (MRF) model for the detection of occluded regions in image sequences. Motion vectors are not defined in an occluded region, thus the regions with high motion compensated prediction error are commonly regarded as occluded regions. However, badly motion compensated pixels will also appear as occluded pixels, making it difficult to distinguish the
Synchronized and Concurrent Enabling of Neighborhood Transmission (scent) - a MAC Protocol for Concurrent Transmission in Wireless
Proceedings. 2003 International Conference on Cyberworlds, 2003
Information and infrastructure security is a serious issue of global concern. As the last line of... more Information and infrastructure security is a serious issue of global concern. As the last line of defense for security infrastructure, intrusion detection techniques are paid more and more attention. In this paper, one anomalybased intrusion detection technique (ScanAID: Statistical ChAracteristics of N-grams for Anomaly-based Intrusion Detection) is proposed to detect intrusive behaviors in a computer system. The statistical properties in sequences of system calls are abstracted to model the normal behaviors of a privileged process, in which the model is characterized by a vector of anomaly values of N-grams. With a reasonable definition of efficiency parameter, the length of an N-gram and the size of the training dataset are optimized to get an efficient and compact model. Then, with the optimal modeling parameters, the flexibility and efficiency of the model are evaluated by the ROC curves. Our experimental results show that the proposed statistical anomaly detection technique is promising and deserves further research (such as applying it to network environments).
20th Annual Computer Security Applications Conference, 2004
Anomaly-based Intrusion Detection (AID) techniques are useful for detecting novel intrusions with... more Anomaly-based Intrusion Detection (AID) techniques are useful for detecting novel intrusions without known signatures. However, AID techniques suffer from higher false alarm rate compared to signature-based intrusion detection techniques. In this paper, the concept of intrusion context identification is introduced to address the problem. The identification of the intrusion context can help to significantly enhance the detection rate and lower the false alarm rate of AID techniques. To evaluate the effectiveness of the concept, a simple but representative scheme for intrusion context identification is proposed, in which the anomalies in the intrusive datasets are visualized first, and then the intrusion contexts are identified from the visualized anomalies. The experimental results show that using the scheme, the intrusion contexts can be visualized and extracted from the audit trails correctly. In addition, as an application of the visualized anomalies, an implicit design drawback in t-stide is found after careful analysis. Finally, based on the identified intrusion context and the efficiency comparison, several findings are made which can offer useful insights and benefit future research on AID techniques.
Models and Protocol Structures for Software Agent Based Complex E-Commerce Transactions
Lecture Notes in Computer Science, 2001
The use of autonomous software agents enable new types of complex transactions for electronic com... more The use of autonomous software agents enable new types of complex transactions for electronic commerce where multiple agents can exchange their values to complete a single transaction. However, most of the existing transaction protocols support only simple transactions and are not sufficient for more flexible and complex transaction scenarios. In this paper, we provide a complex transaction model which describes
IFIP International Federation for Information Processing, 2007
An intrusion detection system usually infers the status of an unknown behavior from limited avail... more An intrusion detection system usually infers the status of an unknown behavior from limited available ones via model generalization, but the generalization is not perfect. Most existing techniques use it blindly (or only based on specific datasets at least) without considering the difference among various application scenarios. For example, signature-based ones use signatures generated fi-om specific occurrence environments, anomaly-based ones are usually evaluated by a specific dataset. To make matters worse, various techniques have been introduced recently to exploit too stingy or too generous generalization that causes intrusion detection invalid, for example, mimicry attacks, automatic signature variation generation etc. Therefore, a critical task in intrusion detection is to evaluate the effects of model generalization. In this paper, we try to meet the task. First, we divide model generalization into several levels, which are evaluated one by one to identify their significance on intrusion detection. Among our experimental results, the significance of different levels is much different. Under-generalization will sacrifice the detection performance, but over-generalization will not lead to any benefit. Moreover, model generalization is necessary to identify more behaviors in detection, but its implications for normal behaviors are different from those for intrusive ones.
Towards Automatic Assembly of Privacy-Preserved Intrusion Signatures
Lecture Notes in Computer Science, 2007
Intrusion signatures are used to detect and/or prevent fast-spreading worms or exploits, and usua... more Intrusion signatures are used to detect and/or prevent fast-spreading worms or exploits, and usually, constructing these signatures is an automatic pro- cess without human intervention for the sake of speed. In principle, the automatic signature construction process can produce not only true-positive intrusion sig- natures but also false-positive ones, the latter of which poses a grave problem because they can be misused to disclose privacy information. Manual signature checking (for a whitelist) can solve the problem, but it slows down the reaction time for an attack dramatically. In this paper, we propose a mechanism to generate signatures automatically while preserving the privacy information. Essentially, we transform the original feature values within an audit trail instance into feature ranges, and then use these feature ranges to construct a privacy-preserved intru- sion signature. Our current focus is on the methods constructing feature ranges, and for this purpose, several methods are proposed to discover feature ranges. The experimental results are quite encouraging: the transformation from values to ranges leads not only to the preservation of privacy but also to the enhancement of the detection performance.
A parallel sorting algorithm for a novel model of computation
International Journal of Parallel Programming, 1991
The computational complexity of a parallel algorithm depends critically on the model of computati... more The computational complexity of a parallel algorithm depends critically on the model of computation. We describe a simple and elegant rule-based model of computation in which processors apply rules asynchronously to pairs of objects from a global object space. Application of a rule to a pair of objects results in the creation of a new object if the objects satisfy
USAID: Unifying Signature-Based and Anomaly-Based Intrusion Detection
Lecture Notes in Computer Science, 2005
... The experimental results show that USAID can achieve uniform level of efficiency to detect bo... more ... The experimental results show that USAID can achieve uniform level of efficiency to detect both known (99.78%) and new intrusions (98.18%), with a significantly reduced false alarm rate (1.45%). ... As before, we can deduce the detection performance of USAID as follows. ...
A Secure Payment Protocol Using Mobile Agents in an Untrusted Host Environment
Lecture Notes in Computer Science, 2001
... overview of the complete payment protocol, followed by a detailed discussion of the core secu... more ... overview of the complete payment protocol, followed by a detailed discussion of the core secure payment protocol ... 2 The Model of Mobile Agents Based E-Commerce System ... The Bank provides a set of basic banking services that includes checking accounts, lines of electronic ...
Watermarking video content using visual cryptography and scene averaged image
2010 IEEE International Conference on Multimedia and Expo, 2010
Abstract With the increasing convergence of network, services, and devices, more number of end us... more Abstract With the increasing convergence of network, services, and devices, more number of end user devices are accessing digital media content which were hitherto accessible mainly from computers and television sets. This makes the digital media more prone to illegal ...
ACM SIGCOMM Computer Communication Review, 1993
We present a new class of interconnection topologies called the Linear Recursive Networks. It is ... more We present a new class of interconnection topologies called the Linear Recursive Networks. It is shown that each member oft his fairly large class of network topologies possesses a recursively-decomposable structure. The path and connectivity properties of the entire class of networks are analyzed and found to have useful features. It is also demonstrated that Point-To-Point or Broadcasting/Gathering operations can be performed efficiently on all Linear Recursive Networks. The preliminary results suggest that the Linear Recursive Networks potentially have many applications.
Proceedings of the 2009 Ieee International Conference on Multimedia and Expo, Jun 28, 2009
In this paper, we propose a joint digital watermarking protocol for the multiparty multilevel DRM... more In this paper, we propose a joint digital watermarking protocol for the multiparty multilevel DRM architecture using Garner's algorithm for the Chinese remainder theorem (CRT). Our protocol exploits the incremental nature of the computation of CRT by the Garner's algorithm. The proposed joint watermarking protocol embeds a single watermark signal into the content while taking care of the various security concerns such as proof of involvement in the distribution chain, nonrepudiation of the involvement and protection against false framing of the different parties involved. Further, in the event of nding an illegal copy of the content, the identities of all the parties involved in that content distribution chain can be traced back by extracting the watermark information.
Corr, Nov 25, 2004
Anomaly-based intrusion detection (AID) techniques are useful for detecting novel intrusions into... more Anomaly-based intrusion detection (AID) techniques are useful for detecting novel intrusions into computing resources. One of the most successful AID detectors proposed to date is stide, which is based on analysis of system call sequences. In this paper, we present a detailed formal framework to analyze, understand and improve the performance of stide and similar AID techniques. Several important properties of stide-like detectors are established through formal proofs, and validated by carefully conducted experiments using test datasets. Finally, the framework is utilized to design two applications to improve the cost and performance of stide-like detectors which are based on sequence analysis. The first application reduces the cost of developing AID detectors by identifying the critical sections in the training dataset, and the second application identifies the intrusion context in the intrusive dataset, that helps to fine-tune the detectors. Such fine-tuning in turn helps to improve detection rate and reduce false alarm rate, thereby increasing the effectiveness and efficiency of the intrusion detectors.
Method and System for Preauthenticating a Mobile Node
Variable-length signatures for intrusion detection
Interspeech, 2008
This paper presents a comparative study on the usability of a service presented in telephone, PC-... more This paper presents a comparative study on the usability of a service presented in telephone, PC-based web interface, and mobile/ multi-modal variants. The goal is not to analyze individual strengths and weaknesses of the different modalities, but to understand the user's perception of the SUMI criteria (efficiency, affect/ likability, helpfulness, control, learnability), and the overall impression of a service with respect to the access variant tested. As multi-modality is often framed as a technology to make usage more "intuitive", we were particularly interested in the differences between experienced and novice users. To this end, we conducted a study with 80 participants and conclude that, while multi-modality is accepted by experienced users, it seems to be asking too much from novice users, particularly with respect to learnability and efficiency.
An improvement to the reliability of IEEE 802.11 broadcast scheme for multicasting in mobile ad hoc networks
2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004., 2004
Broadcasting is one of the essential communication models of MANETs. Many MANET multicast routing... more Broadcasting is one of the essential communication models of MANETs. Many MANET multicast routing protocols rely heavily upon MAC layer's broadcast support. However, the broadcast mechanism of the standard IEEE 802.11 cannot provide reliable broadcasting service. In this paper, we improve the IEEE 802.11 broadcast mechanism's reliability by introducing the adaptive round-robin acknowledge and retransmit (ARAR) scheme. Different from the
A Parallel Processing Paradigm for Irregular Applications
ABSTRACT
A Flow Control Framework for Improving Throughput and Energy Efficiency in CSMA/CA based Wireless Multihop Networks
2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks(WoWMoM'06), 2006
In a CSMA/CA based multihop wireless network, excessive interference at a receiver or a potential... more In a CSMA/CA based multihop wireless network, excessive interference at a receiver or a potential forwarding node causes severe blocking and reduction in throughput. The unbalanced interference forces the node to consume more time receiving packets rather than sending them, ...
A new MRF model for robust estimate of occlusion and motion vector fields
Proceedings of International Conference on Image Processing, 1997
This paper proposes a new Markov random field (MRF) model for the detection of occluded regions i... more This paper proposes a new Markov random field (MRF) model for the detection of occluded regions in image sequences. Motion vectors are not defined in an occluded region, thus the regions with high motion compensated prediction error are commonly regarded as occluded regions. However, badly motion compensated pixels will also appear as occluded pixels, making it difficult to distinguish the
Synchronized and Concurrent Enabling of Neighborhood Transmission (scent) - a MAC Protocol for Concurrent Transmission in Wireless
Proceedings. 2003 International Conference on Cyberworlds, 2003
Information and infrastructure security is a serious issue of global concern. As the last line of... more Information and infrastructure security is a serious issue of global concern. As the last line of defense for security infrastructure, intrusion detection techniques are paid more and more attention. In this paper, one anomalybased intrusion detection technique (ScanAID: Statistical ChAracteristics of N-grams for Anomaly-based Intrusion Detection) is proposed to detect intrusive behaviors in a computer system. The statistical properties in sequences of system calls are abstracted to model the normal behaviors of a privileged process, in which the model is characterized by a vector of anomaly values of N-grams. With a reasonable definition of efficiency parameter, the length of an N-gram and the size of the training dataset are optimized to get an efficient and compact model. Then, with the optimal modeling parameters, the flexibility and efficiency of the model are evaluated by the ROC curves. Our experimental results show that the proposed statistical anomaly detection technique is promising and deserves further research (such as applying it to network environments).
20th Annual Computer Security Applications Conference, 2004
Anomaly-based Intrusion Detection (AID) techniques are useful for detecting novel intrusions with... more Anomaly-based Intrusion Detection (AID) techniques are useful for detecting novel intrusions without known signatures. However, AID techniques suffer from higher false alarm rate compared to signature-based intrusion detection techniques. In this paper, the concept of intrusion context identification is introduced to address the problem. The identification of the intrusion context can help to significantly enhance the detection rate and lower the false alarm rate of AID techniques. To evaluate the effectiveness of the concept, a simple but representative scheme for intrusion context identification is proposed, in which the anomalies in the intrusive datasets are visualized first, and then the intrusion contexts are identified from the visualized anomalies. The experimental results show that using the scheme, the intrusion contexts can be visualized and extracted from the audit trails correctly. In addition, as an application of the visualized anomalies, an implicit design drawback in t-stide is found after careful analysis. Finally, based on the identified intrusion context and the efficiency comparison, several findings are made which can offer useful insights and benefit future research on AID techniques.
Models and Protocol Structures for Software Agent Based Complex E-Commerce Transactions
Lecture Notes in Computer Science, 2001
The use of autonomous software agents enable new types of complex transactions for electronic com... more The use of autonomous software agents enable new types of complex transactions for electronic commerce where multiple agents can exchange their values to complete a single transaction. However, most of the existing transaction protocols support only simple transactions and are not sufficient for more flexible and complex transaction scenarios. In this paper, we provide a complex transaction model which describes
IFIP International Federation for Information Processing, 2007
An intrusion detection system usually infers the status of an unknown behavior from limited avail... more An intrusion detection system usually infers the status of an unknown behavior from limited available ones via model generalization, but the generalization is not perfect. Most existing techniques use it blindly (or only based on specific datasets at least) without considering the difference among various application scenarios. For example, signature-based ones use signatures generated fi-om specific occurrence environments, anomaly-based ones are usually evaluated by a specific dataset. To make matters worse, various techniques have been introduced recently to exploit too stingy or too generous generalization that causes intrusion detection invalid, for example, mimicry attacks, automatic signature variation generation etc. Therefore, a critical task in intrusion detection is to evaluate the effects of model generalization. In this paper, we try to meet the task. First, we divide model generalization into several levels, which are evaluated one by one to identify their significance on intrusion detection. Among our experimental results, the significance of different levels is much different. Under-generalization will sacrifice the detection performance, but over-generalization will not lead to any benefit. Moreover, model generalization is necessary to identify more behaviors in detection, but its implications for normal behaviors are different from those for intrusive ones.
Towards Automatic Assembly of Privacy-Preserved Intrusion Signatures
Lecture Notes in Computer Science, 2007
Intrusion signatures are used to detect and/or prevent fast-spreading worms or exploits, and usua... more Intrusion signatures are used to detect and/or prevent fast-spreading worms or exploits, and usually, constructing these signatures is an automatic pro- cess without human intervention for the sake of speed. In principle, the automatic signature construction process can produce not only true-positive intrusion sig- natures but also false-positive ones, the latter of which poses a grave problem because they can be misused to disclose privacy information. Manual signature checking (for a whitelist) can solve the problem, but it slows down the reaction time for an attack dramatically. In this paper, we propose a mechanism to generate signatures automatically while preserving the privacy information. Essentially, we transform the original feature values within an audit trail instance into feature ranges, and then use these feature ranges to construct a privacy-preserved intru- sion signature. Our current focus is on the methods constructing feature ranges, and for this purpose, several methods are proposed to discover feature ranges. The experimental results are quite encouraging: the transformation from values to ranges leads not only to the preservation of privacy but also to the enhancement of the detection performance.
A parallel sorting algorithm for a novel model of computation
International Journal of Parallel Programming, 1991
The computational complexity of a parallel algorithm depends critically on the model of computati... more The computational complexity of a parallel algorithm depends critically on the model of computation. We describe a simple and elegant rule-based model of computation in which processors apply rules asynchronously to pairs of objects from a global object space. Application of a rule to a pair of objects results in the creation of a new object if the objects satisfy
USAID: Unifying Signature-Based and Anomaly-Based Intrusion Detection
Lecture Notes in Computer Science, 2005
... The experimental results show that USAID can achieve uniform level of efficiency to detect bo... more ... The experimental results show that USAID can achieve uniform level of efficiency to detect both known (99.78%) and new intrusions (98.18%), with a significantly reduced false alarm rate (1.45%). ... As before, we can deduce the detection performance of USAID as follows. ...
A Secure Payment Protocol Using Mobile Agents in an Untrusted Host Environment
Lecture Notes in Computer Science, 2001
... overview of the complete payment protocol, followed by a detailed discussion of the core secu... more ... overview of the complete payment protocol, followed by a detailed discussion of the core secure payment protocol ... 2 The Model of Mobile Agents Based E-Commerce System ... The Bank provides a set of basic banking services that includes checking accounts, lines of electronic ...