Mudhakar Srivatsa - Academia.edu (original) (raw)
Papers by Mudhakar Srivatsa
IEEE Transactions on Knowledge and Data Engineering, 2015
ABSTRACT In collaborative environments, members may try to acquire similar information on the web... more ABSTRACT In collaborative environments, members may try to acquire similar information on the web in order to gain knowledge in one domain. For example, in a company several departments may successively need to buy business intelligence software and employees from these departments may have studied online about different business intelligence tools and their features independently. It will be productive to get them connected and share learned knowledge. We investigate fine-grained knowledge sharing in collaborative environments. We propose to analyze members’ web surfing data to summarize the fine-grained knowledge acquired by them. A two-step framework is proposed for mining fine-grained knowledge: (1) web surfing data is clustered into tasks by a nonparametric generative model; (2) a novel discriminative infinite Hidden Markov Model is developed to mine fine-grained aspects in each task. Finally, the classic expert search method is applied to the mined results to find proper members for knowledge sharing. Experiments on web surfing data collected from our lab at UCSB and IBM show that the fine-grained aspect mining framework works as expected and outperforms baselines. When it is integrated with expert search, the search accuracy improves significantly, in comparison with applying the classic expert search method directly on web surfing data.
Expert Systems with Applications, 2015
ABSTRACT Humans or intelligent software agents are increasingly faced with the challenge of makin... more ABSTRACT Humans or intelligent software agents are increasingly faced with the challenge of making decisions based on large volumes of streaming information from diverse sources. Decision makers must process the observed information by inferring additional information, estimating its reliability and orienting it for decision-making. In this paper, we propose a stream-reasoning framework that achieves all these goals. While information is streamed as unstructured reports (e.g., text in natural language) from unreliable sources, our framework first converts it into a structured form using Controlled English and then it derives some facts that are useful for decision-making, and estimates the trust in these facts. Lastly, various facts are fused based on their trustworthiness. This process is totally undertaken on streaming information resulting in new facts being inferred from incoming information which immediately goes through trust assessment framework and trust is propagated to the inferred fact. In this paper, we propose a comprehensive framework where unstructured reports are streamed from heterogeneous and potentially untrustworthy information sources. These reports are processed to extract valuable uncertain information, which is represented using Controlled Natural Language and Subjective Logic. Additional information is inferred using deduction and abduction operations over subjective opinions derived from the reports. Before fusing extracted and inferred opinions, the framework estimates trustworthiness of these opinions, detects conflicts between them, and resolve these conflicts by analysing evidence about the reliability of their sources. Lastly, we describe an implementation of the framework using International Technology Alliance (ITA) assets (Information Fabric Services and Controlled English Fact Store) and present an experimental evaluation that quantifies the efficiency with respect to accuracy and overhead of the proposed framework.
Proceedings of the 22nd ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems - SIGSPATIAL '14, 2014
MILCOM 2013 - 2013 IEEE Military Communications Conference, 2013
ABSTRACT The use of social media to report and track events of significance is being widely adopt... more ABSTRACT The use of social media to report and track events of significance is being widely adopted by individuals. These social media reports are tagged with metadata that are rich sources of information. In this paper, we are interested in the space-time metadata and use these to model the spread of events in space and time. In particular, we illustrate the spread of one particular event-gas shortage in the aftermath of Hurricane Sandy. We show that classical overload failure models (used in modeling cascading failures in smart power grids) and epidemiological models (used in modeling the spread of infectious diseases) are inaccurate in modeling such an event and develop new models to accurately capture the spread of this event. We evaluate the accuracy of our model using over 2 million tweets collected over a period of 22 days and show that we perform significantly better than standard epidemiological models.
2015 IEEE 28th Computer Security Foundations Symposium, 2015
ABSTRACT Choosing a hard-to-guess secret is a prerequisite in many security applications. Whether... more ABSTRACT Choosing a hard-to-guess secret is a prerequisite in many security applications. Whether it is a password for user authentication or a secret key for a cryptographic primitive, picking it requires the user to trade-off usability costs with resistance against an adversary: a simple password is easier to remember but is also easier to guess; likewise, a shorter cryptographic key may require fewer computational and storage resources but it is also easier to attack. A fundamental question is how one can optimally resolve this trade-off. A big challenge is the fact that an adversary can also utilize the knowledge of such usability vs. security trade-offs to strengthen its attack. In this paper, we propose a game-theoretic framework for analyzing the optimal trade-offs in the face of strategic adversaries. We consider two types of adversaries: those limited in their number of tries, and those that are ruled by the cost of making individual guesses. For each type, we derive the mutually-optimal decisions as Nash Equilibria, the strategically pessimistic decisions as maximin, and optimal commitments as Strong Stackelberg Equilibria of the game. We establish that when the adversaries are faced with a capped number of guesses, the user's optimal trade-off is a uniform randomization over a subset of the secret domain. On the other hand, when the attacker strategy is ruled by the cost of making individual guesses, Nash Equilibria may completely fail to provide the user with any level of security, signifying the crucial role of credible commitment for such cases. We illustrate our results using numerical examples based on real-world samples and discuss some policy implications of our work.
In both commercial and defense sectors a compelling need is emerging for rapid, yet secure, disse... more In both commercial and defense sectors a compelling need is emerging for rapid, yet secure, dissemination of information to the concerned actors. Traditional approaches to information sharing (such as Multi-Level Security (MLS)) adopted a node-centric model wherein each user (social subjects) and each object (information object) is treated in isolation (e.g., using clearance levels for subjects and sensitivity levels for objects in MLS). Over the last two decades information sharing models have been enriched to partially account for relationships between subjects (e.g., Role-based Access Control (RBAC)), relationships between objects (e.g., Chinese-wall model), and relationships between subjects and objects (e.g., Separation of Duty (SoD) constraints).
Traditional approaches to information sharing use a highly conservative approach to deduce the me... more Traditional approaches to information sharing use a highly conservative approach to deduce the meta-data for an output object x derived from input ob-jects y 1 , y 2 , · · · , y n (e.g.: maximum over the se-curity labels of all input objects). Such approaches does not account for functions that explicitly down-grade the value of an object. Consequently, the se-curity labels in traditional approaches tend to mono-tonically increase as newer objects are derived from existing ones. In this paper we present a novel meta-data calculus for securing information flows. The metadata calculus defines a metadata vector space that supports a time varying value function that is computed as a function of the object's metadata and operators + and · to compute the metadata of an output object that is derived by downgrad-ing, transforming or fusing other objects. We also describe a concrete realization of our metadata cal-culus wherein the tightness of our value estimates competes in an optimiza...
Social influences, the phenomena that one individual's actions can induce similar behaviors a... more Social influences, the phenomena that one individual's actions can induce similar behaviors among his/her friends via their social ties, have been observed prevail-ingly in socially networked systems. While most exist-ing work focuses on studying general, macro-level influ-ence (e.g., diffusion); equally important is to understand social influence at microscopic scales (i.e., at the gran-ularity of single individuals, actions, and time-stamps), which may benefit a range of applications. We propose µSI, a microscopic social-influence model wherein: indi-viduals' actions are modeled as temporary interactions between social network (formed by individuals) and ob-ject network (formed by targets of actions); one indi-vidual's actions influence his/her friends in a dynamic, network-wise manner (i.e., dependent on both social and object networks). We develop for µSI a suite of novel inference tools that enable to answer questions of the form: How may an occurred interaction tri...
Lecture Notes in Computer Science, 2006
Recently, we have seen increasing numbers of denial of service (DoS) attacks against online servi... more Recently, we have seen increasing numbers of denial of service (DoS) attacks against online services and web applications either for extortion reasons, or for impairing and even disabling the competition. These DoS attacks have increasingly targeted the application level. Application level DoS attacks emulate the same request syntax and network level traffic characteristics as those of legitimate clients, thereby making the attacks much harder to be detected and countered. Moreover, such attacks usually target bottleneck resources such as disk bandwidth, database bandwidth, and CPU resources. In this paper we propose server-side middleware to counter application level DoS attacks. The key idea behind our technique is to adaptively vary a client's priority level, and the relative amount of resources devoted to this client, in response to the client's past requests in a way that incorporates application level semantics. Application specific knowledge is used to evaluate the cost and the utility of each request and the likelihood that a sequence of requests are sent by a malicious client. Based on the evaluations, a client's priority level is increased or decreased accordingly. A client's priority level is used by the server side firewall to throttle the client's request rate, thereby ensuring that more server side resources are allocated to the legitimate clients. We present a detailed implementation of our approach on the Linux kernel and evaluate it using two sample applications: Apache HTTPD micro-benchmarks and TPCW. Our experiments show that our approach incurs low performance overhead and is resilient to application level DoS attacks.
2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06), 2006
Denial of Service (DoS) attacks attempt to consume a server's resources (network bandwidth, compu... more Denial of Service (DoS) attacks attempt to consume a server's resources (network bandwidth, computing power, main memory, disk bandwidth etc) to near exhaustion so that there are no resources left to handle requests from legitimate clients. An effective solution to defend against DoS attacks is to filter DoS attack requests at the earliest point (say, the web site's firewall), before they consume much of the server's resources. Most defenses against DoS attacks attempt to filter requests from inauthentic clients before they consume much of the server's resources. Client authentication using techniques like IPSec or SSL may often require changes to the client-side software and may additionally require superuser privileges at the client for deployment. Further, using digital signatures (as in SSL) makes verification very expensive, thereby making the verification process itself a viable DoS target for the adversary. In this paper, we propose a light-weight client transparent technique to defend against DoS attacks with two unique features: (i) Our technique can be implemented entirely using JavaScript support provided by a standard client-side browser like Mozilla FireFox or Microsoft Internet Explorer. Client transparency follows from the fact that: (i) no changes to client-side software are required, (ii) no client-side superuser privileges are required, and (iii) clients (human beings or automated clients) can browse a DoS protected website in the same manner that they browse other websites. (ii) Although we operate using the client-side browser (HTTP layer), our technique enables fast IP level packet filtering at the server's firewall and requires no changes to the application(s) hosted by the web server. In this paper we present a detailed design of our technique along with a detailed security analysis. We also describe a concrete implementation of our proposal on the Linux kernel and present an evaluation using two applications: bandwidth intensive Apache HTTPD and database intensive TPCW. Our experiments show that our approach incurs a low performance overhead and is resilient to DoS attacks.
Journal of Network and Computer Applications
Technology is improving day-by-day and so is the usage of mobile devices. Every activity that wou... more Technology is improving day-by-day and so is the usage of mobile devices. Every activity that would involve manual and paper transactions can now be completed in seconds using your fingertips. On one hand, life has become fairly convenient with the help of mobile devices, whereas on the other hand security of the data and the transactions occurring in the process have been under continuous threat. This paper, re-evaluates the different policies and procedures used for preserving the privacy of sensitive data and device location. Policy languages have been very vital in the mobile environments as they can be extended/used significantly for sending/receiving any data. In the mobile environment users always go to service providers to access various services. Hence, communications between the service providers and mobile handsets needs to be secured. Also, the data access control needs to be in place. A section of this paper will review the communication paths and channels and their rel...
Proceedings of the 16th ACM symposium on Access control models and technologies - SACMAT '11, 2011
Information leakage via the networks formed by subjects (e.g., Facebook, Twitter) and objects (e.... more Information leakage via the networks formed by subjects (e.g., Facebook, Twitter) and objects (e.g., blogosphere) − some of whom may be controlled by malicious insiders − often leads to unpredicted access control risks. While it may be impossible to precisely quantify information flows between two entities (e.g., two friends in a social network), this paper presents a first attempt towards leveraging recent advances in modeling socio-information networks to develop a statistical risk estimation paradigm for quantifying such insider threats. In the context of socio-information networks, our models estimate the following likelihoods: prior flow − has a subject s acquired covert access to object o via the networks? posterior flow − if s is granted access to o, what is its impact on information flows between subject s ′ and object o ′ ? network evolution − how will a newly created social relationship between s and s ′ influence current risk estimates? Our goal is not to prescribe a one-size-fits-all solution; instead we develop a set of composable network-centric risk estimation operators, with implementations configurable to concrete socio-information networks. The efficacy of our solutions is empirically evaluated using real-life datasets collected from the IBM SmallBlue project and Twitter.
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining - KDD '09, 2009
Modern communication networks generate massive volume of operational event data, e.g., alarm, ale... more Modern communication networks generate massive volume of operational event data, e.g., alarm, alert, and metrics, which can be used by a network management system (NMS) to diagnose potential faults. In this work, we introduce a new class of indexable fault signatures that encode temporal evolution of events generated by a network fault as well as topological relationships among the nodes where these events occur. We present an efficient learning algorithm to extract such fault signatures from noisy historical event data, and with the help of novel space-time indexing structures, we show how to perform efficient, online signature matching. We provide results from extensive experimental studies to explore the efficacy of our approach and point out potential applications of such signatures for many different types of networks including social and information networks.
2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton), 2009
ABSTRACT
2014 IEEE International Conference on Pervasive Computing and Communication Workshops (PERCOM WORKSHOPS), 2014
ABSTRACT The pervasive availability of personal devices such as smartphones, smartwatches, and in... more ABSTRACT The pervasive availability of personal devices such as smartphones, smartwatches, and in-car navigation systems combined with the widespread acceptance of social networks has resulted in an explosion of data about individuals and their interactions in the society. The presence of multiple social networks such as FaceBook, Twitter, and Google Plus results in fragmentation of an individual's online presence. As such, the notion of interacting multiple networks or composite networks is gaining popularity. In this paper, we present a first-of-a-kind framework to analyze such composite networks in an efficient and scalable manner. We propose to use the BSP programming model to analyze composite networks and show the inportance of analyzing such composite networks as opposed to individual networks separately through preliminary experiments on realworld data.
Proceedings of the 2012 SIAM International Conference on Data Mining, 2012
Social influences, the phenomena that one individual's actions can induce similar behaviors among... more Social influences, the phenomena that one individual's actions can induce similar behaviors among his/her friends via their social ties, have been observed prevailingly in socially networked systems. While most existing work focuses on studying general, macro-level influence (e.g., diffusion); equally important is to understand social influence at microscopic scales (i.e., at the granularity of single individuals, actions, and time-stamps), which may benefit a range of applications. We propose µSI, a microscopic social-influence model wherein: individuals' actions are modeled as temporary interactions between social network (formed by individuals) and object network (formed by targets of actions); one individual's actions influence his/her friends in a dynamic, network-wise manner (i.e., dependent on both social and object networks).
2007 IEEE 23rd International Conference on Data Engineering, 2007
We describe DSPHERE 1 − a decentralized system for crawling, indexing, searching and ranking of d... more We describe DSPHERE 1 − a decentralized system for crawling, indexing, searching and ranking of documents in the World Wide Web. Unlike most of the existing search technologies that depend heavily on a page-centric view of the Web, we advocate a source-centric view of the Web and propose a decentralized architecture for crawling, indexing and searching the Web in a distributed source-specific fashion. A fully decentralized crawler is developed to crawl the World Wide Web where each peer is assigned the responsibility of crawling a specific set of documents referred to as a source collection. Link analysis techniques are used for ranking documents. Traditional link analysis techniques suffer from problems like slow refresh rate and vulnerabilities to Web Spam, to counter which, we propose a source-based link analysis algorithm which computes fast and accurate ranking scores for all crawled documents.
IEEE Transactions on Knowledge and Data Engineering, 2015
ABSTRACT In collaborative environments, members may try to acquire similar information on the web... more ABSTRACT In collaborative environments, members may try to acquire similar information on the web in order to gain knowledge in one domain. For example, in a company several departments may successively need to buy business intelligence software and employees from these departments may have studied online about different business intelligence tools and their features independently. It will be productive to get them connected and share learned knowledge. We investigate fine-grained knowledge sharing in collaborative environments. We propose to analyze members’ web surfing data to summarize the fine-grained knowledge acquired by them. A two-step framework is proposed for mining fine-grained knowledge: (1) web surfing data is clustered into tasks by a nonparametric generative model; (2) a novel discriminative infinite Hidden Markov Model is developed to mine fine-grained aspects in each task. Finally, the classic expert search method is applied to the mined results to find proper members for knowledge sharing. Experiments on web surfing data collected from our lab at UCSB and IBM show that the fine-grained aspect mining framework works as expected and outperforms baselines. When it is integrated with expert search, the search accuracy improves significantly, in comparison with applying the classic expert search method directly on web surfing data.
Expert Systems with Applications, 2015
ABSTRACT Humans or intelligent software agents are increasingly faced with the challenge of makin... more ABSTRACT Humans or intelligent software agents are increasingly faced with the challenge of making decisions based on large volumes of streaming information from diverse sources. Decision makers must process the observed information by inferring additional information, estimating its reliability and orienting it for decision-making. In this paper, we propose a stream-reasoning framework that achieves all these goals. While information is streamed as unstructured reports (e.g., text in natural language) from unreliable sources, our framework first converts it into a structured form using Controlled English and then it derives some facts that are useful for decision-making, and estimates the trust in these facts. Lastly, various facts are fused based on their trustworthiness. This process is totally undertaken on streaming information resulting in new facts being inferred from incoming information which immediately goes through trust assessment framework and trust is propagated to the inferred fact. In this paper, we propose a comprehensive framework where unstructured reports are streamed from heterogeneous and potentially untrustworthy information sources. These reports are processed to extract valuable uncertain information, which is represented using Controlled Natural Language and Subjective Logic. Additional information is inferred using deduction and abduction operations over subjective opinions derived from the reports. Before fusing extracted and inferred opinions, the framework estimates trustworthiness of these opinions, detects conflicts between them, and resolve these conflicts by analysing evidence about the reliability of their sources. Lastly, we describe an implementation of the framework using International Technology Alliance (ITA) assets (Information Fabric Services and Controlled English Fact Store) and present an experimental evaluation that quantifies the efficiency with respect to accuracy and overhead of the proposed framework.
Proceedings of the 22nd ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems - SIGSPATIAL '14, 2014
MILCOM 2013 - 2013 IEEE Military Communications Conference, 2013
ABSTRACT The use of social media to report and track events of significance is being widely adopt... more ABSTRACT The use of social media to report and track events of significance is being widely adopted by individuals. These social media reports are tagged with metadata that are rich sources of information. In this paper, we are interested in the space-time metadata and use these to model the spread of events in space and time. In particular, we illustrate the spread of one particular event-gas shortage in the aftermath of Hurricane Sandy. We show that classical overload failure models (used in modeling cascading failures in smart power grids) and epidemiological models (used in modeling the spread of infectious diseases) are inaccurate in modeling such an event and develop new models to accurately capture the spread of this event. We evaluate the accuracy of our model using over 2 million tweets collected over a period of 22 days and show that we perform significantly better than standard epidemiological models.
2015 IEEE 28th Computer Security Foundations Symposium, 2015
ABSTRACT Choosing a hard-to-guess secret is a prerequisite in many security applications. Whether... more ABSTRACT Choosing a hard-to-guess secret is a prerequisite in many security applications. Whether it is a password for user authentication or a secret key for a cryptographic primitive, picking it requires the user to trade-off usability costs with resistance against an adversary: a simple password is easier to remember but is also easier to guess; likewise, a shorter cryptographic key may require fewer computational and storage resources but it is also easier to attack. A fundamental question is how one can optimally resolve this trade-off. A big challenge is the fact that an adversary can also utilize the knowledge of such usability vs. security trade-offs to strengthen its attack. In this paper, we propose a game-theoretic framework for analyzing the optimal trade-offs in the face of strategic adversaries. We consider two types of adversaries: those limited in their number of tries, and those that are ruled by the cost of making individual guesses. For each type, we derive the mutually-optimal decisions as Nash Equilibria, the strategically pessimistic decisions as maximin, and optimal commitments as Strong Stackelberg Equilibria of the game. We establish that when the adversaries are faced with a capped number of guesses, the user's optimal trade-off is a uniform randomization over a subset of the secret domain. On the other hand, when the attacker strategy is ruled by the cost of making individual guesses, Nash Equilibria may completely fail to provide the user with any level of security, signifying the crucial role of credible commitment for such cases. We illustrate our results using numerical examples based on real-world samples and discuss some policy implications of our work.
In both commercial and defense sectors a compelling need is emerging for rapid, yet secure, disse... more In both commercial and defense sectors a compelling need is emerging for rapid, yet secure, dissemination of information to the concerned actors. Traditional approaches to information sharing (such as Multi-Level Security (MLS)) adopted a node-centric model wherein each user (social subjects) and each object (information object) is treated in isolation (e.g., using clearance levels for subjects and sensitivity levels for objects in MLS). Over the last two decades information sharing models have been enriched to partially account for relationships between subjects (e.g., Role-based Access Control (RBAC)), relationships between objects (e.g., Chinese-wall model), and relationships between subjects and objects (e.g., Separation of Duty (SoD) constraints).
Traditional approaches to information sharing use a highly conservative approach to deduce the me... more Traditional approaches to information sharing use a highly conservative approach to deduce the meta-data for an output object x derived from input ob-jects y 1 , y 2 , · · · , y n (e.g.: maximum over the se-curity labels of all input objects). Such approaches does not account for functions that explicitly down-grade the value of an object. Consequently, the se-curity labels in traditional approaches tend to mono-tonically increase as newer objects are derived from existing ones. In this paper we present a novel meta-data calculus for securing information flows. The metadata calculus defines a metadata vector space that supports a time varying value function that is computed as a function of the object's metadata and operators + and · to compute the metadata of an output object that is derived by downgrad-ing, transforming or fusing other objects. We also describe a concrete realization of our metadata cal-culus wherein the tightness of our value estimates competes in an optimiza...
Social influences, the phenomena that one individual's actions can induce similar behaviors a... more Social influences, the phenomena that one individual's actions can induce similar behaviors among his/her friends via their social ties, have been observed prevail-ingly in socially networked systems. While most exist-ing work focuses on studying general, macro-level influ-ence (e.g., diffusion); equally important is to understand social influence at microscopic scales (i.e., at the gran-ularity of single individuals, actions, and time-stamps), which may benefit a range of applications. We propose µSI, a microscopic social-influence model wherein: indi-viduals' actions are modeled as temporary interactions between social network (formed by individuals) and ob-ject network (formed by targets of actions); one indi-vidual's actions influence his/her friends in a dynamic, network-wise manner (i.e., dependent on both social and object networks). We develop for µSI a suite of novel inference tools that enable to answer questions of the form: How may an occurred interaction tri...
Lecture Notes in Computer Science, 2006
Recently, we have seen increasing numbers of denial of service (DoS) attacks against online servi... more Recently, we have seen increasing numbers of denial of service (DoS) attacks against online services and web applications either for extortion reasons, or for impairing and even disabling the competition. These DoS attacks have increasingly targeted the application level. Application level DoS attacks emulate the same request syntax and network level traffic characteristics as those of legitimate clients, thereby making the attacks much harder to be detected and countered. Moreover, such attacks usually target bottleneck resources such as disk bandwidth, database bandwidth, and CPU resources. In this paper we propose server-side middleware to counter application level DoS attacks. The key idea behind our technique is to adaptively vary a client's priority level, and the relative amount of resources devoted to this client, in response to the client's past requests in a way that incorporates application level semantics. Application specific knowledge is used to evaluate the cost and the utility of each request and the likelihood that a sequence of requests are sent by a malicious client. Based on the evaluations, a client's priority level is increased or decreased accordingly. A client's priority level is used by the server side firewall to throttle the client's request rate, thereby ensuring that more server side resources are allocated to the legitimate clients. We present a detailed implementation of our approach on the Linux kernel and evaluate it using two sample applications: Apache HTTPD micro-benchmarks and TPCW. Our experiments show that our approach incurs low performance overhead and is resilient to application level DoS attacks.
2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06), 2006
Denial of Service (DoS) attacks attempt to consume a server's resources (network bandwidth, compu... more Denial of Service (DoS) attacks attempt to consume a server's resources (network bandwidth, computing power, main memory, disk bandwidth etc) to near exhaustion so that there are no resources left to handle requests from legitimate clients. An effective solution to defend against DoS attacks is to filter DoS attack requests at the earliest point (say, the web site's firewall), before they consume much of the server's resources. Most defenses against DoS attacks attempt to filter requests from inauthentic clients before they consume much of the server's resources. Client authentication using techniques like IPSec or SSL may often require changes to the client-side software and may additionally require superuser privileges at the client for deployment. Further, using digital signatures (as in SSL) makes verification very expensive, thereby making the verification process itself a viable DoS target for the adversary. In this paper, we propose a light-weight client transparent technique to defend against DoS attacks with two unique features: (i) Our technique can be implemented entirely using JavaScript support provided by a standard client-side browser like Mozilla FireFox or Microsoft Internet Explorer. Client transparency follows from the fact that: (i) no changes to client-side software are required, (ii) no client-side superuser privileges are required, and (iii) clients (human beings or automated clients) can browse a DoS protected website in the same manner that they browse other websites. (ii) Although we operate using the client-side browser (HTTP layer), our technique enables fast IP level packet filtering at the server's firewall and requires no changes to the application(s) hosted by the web server. In this paper we present a detailed design of our technique along with a detailed security analysis. We also describe a concrete implementation of our proposal on the Linux kernel and present an evaluation using two applications: bandwidth intensive Apache HTTPD and database intensive TPCW. Our experiments show that our approach incurs a low performance overhead and is resilient to DoS attacks.
Journal of Network and Computer Applications
Technology is improving day-by-day and so is the usage of mobile devices. Every activity that wou... more Technology is improving day-by-day and so is the usage of mobile devices. Every activity that would involve manual and paper transactions can now be completed in seconds using your fingertips. On one hand, life has become fairly convenient with the help of mobile devices, whereas on the other hand security of the data and the transactions occurring in the process have been under continuous threat. This paper, re-evaluates the different policies and procedures used for preserving the privacy of sensitive data and device location. Policy languages have been very vital in the mobile environments as they can be extended/used significantly for sending/receiving any data. In the mobile environment users always go to service providers to access various services. Hence, communications between the service providers and mobile handsets needs to be secured. Also, the data access control needs to be in place. A section of this paper will review the communication paths and channels and their rel...
Proceedings of the 16th ACM symposium on Access control models and technologies - SACMAT '11, 2011
Information leakage via the networks formed by subjects (e.g., Facebook, Twitter) and objects (e.... more Information leakage via the networks formed by subjects (e.g., Facebook, Twitter) and objects (e.g., blogosphere) − some of whom may be controlled by malicious insiders − often leads to unpredicted access control risks. While it may be impossible to precisely quantify information flows between two entities (e.g., two friends in a social network), this paper presents a first attempt towards leveraging recent advances in modeling socio-information networks to develop a statistical risk estimation paradigm for quantifying such insider threats. In the context of socio-information networks, our models estimate the following likelihoods: prior flow − has a subject s acquired covert access to object o via the networks? posterior flow − if s is granted access to o, what is its impact on information flows between subject s ′ and object o ′ ? network evolution − how will a newly created social relationship between s and s ′ influence current risk estimates? Our goal is not to prescribe a one-size-fits-all solution; instead we develop a set of composable network-centric risk estimation operators, with implementations configurable to concrete socio-information networks. The efficacy of our solutions is empirically evaluated using real-life datasets collected from the IBM SmallBlue project and Twitter.
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining - KDD '09, 2009
Modern communication networks generate massive volume of operational event data, e.g., alarm, ale... more Modern communication networks generate massive volume of operational event data, e.g., alarm, alert, and metrics, which can be used by a network management system (NMS) to diagnose potential faults. In this work, we introduce a new class of indexable fault signatures that encode temporal evolution of events generated by a network fault as well as topological relationships among the nodes where these events occur. We present an efficient learning algorithm to extract such fault signatures from noisy historical event data, and with the help of novel space-time indexing structures, we show how to perform efficient, online signature matching. We provide results from extensive experimental studies to explore the efficacy of our approach and point out potential applications of such signatures for many different types of networks including social and information networks.
2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton), 2009
ABSTRACT
2014 IEEE International Conference on Pervasive Computing and Communication Workshops (PERCOM WORKSHOPS), 2014
ABSTRACT The pervasive availability of personal devices such as smartphones, smartwatches, and in... more ABSTRACT The pervasive availability of personal devices such as smartphones, smartwatches, and in-car navigation systems combined with the widespread acceptance of social networks has resulted in an explosion of data about individuals and their interactions in the society. The presence of multiple social networks such as FaceBook, Twitter, and Google Plus results in fragmentation of an individual's online presence. As such, the notion of interacting multiple networks or composite networks is gaining popularity. In this paper, we present a first-of-a-kind framework to analyze such composite networks in an efficient and scalable manner. We propose to use the BSP programming model to analyze composite networks and show the inportance of analyzing such composite networks as opposed to individual networks separately through preliminary experiments on realworld data.
Proceedings of the 2012 SIAM International Conference on Data Mining, 2012
Social influences, the phenomena that one individual's actions can induce similar behaviors among... more Social influences, the phenomena that one individual's actions can induce similar behaviors among his/her friends via their social ties, have been observed prevailingly in socially networked systems. While most existing work focuses on studying general, macro-level influence (e.g., diffusion); equally important is to understand social influence at microscopic scales (i.e., at the granularity of single individuals, actions, and time-stamps), which may benefit a range of applications. We propose µSI, a microscopic social-influence model wherein: individuals' actions are modeled as temporary interactions between social network (formed by individuals) and object network (formed by targets of actions); one individual's actions influence his/her friends in a dynamic, network-wise manner (i.e., dependent on both social and object networks).
2007 IEEE 23rd International Conference on Data Engineering, 2007
We describe DSPHERE 1 − a decentralized system for crawling, indexing, searching and ranking of d... more We describe DSPHERE 1 − a decentralized system for crawling, indexing, searching and ranking of documents in the World Wide Web. Unlike most of the existing search technologies that depend heavily on a page-centric view of the Web, we advocate a source-centric view of the Web and propose a decentralized architecture for crawling, indexing and searching the Web in a distributed source-specific fashion. A fully decentralized crawler is developed to crawl the World Wide Web where each peer is assigned the responsibility of crawling a specific set of documents referred to as a source collection. Link analysis techniques are used for ranking documents. Traditional link analysis techniques suffer from problems like slow refresh rate and vulnerabilities to Web Spam, to counter which, we propose a source-based link analysis algorithm which computes fast and accurate ranking scores for all crawled documents.