Property:Abstract
From Navigators
This is a property of type Text.
Pages using the property "Abstract"
Showing 25 pages using this property.
(previous 25) (next 25)A | |
|---|---|
| Alchieri2016bftcup + | Consensus is a fundamental building block used to solve many practical problems that appear on reliable distributed systems. In spite of the fact that consensus is being widely studied in the context of standard networks, few studies have been conducted in order to solve it in dynamic and self-organizing systems characterized by unknown networks. While in a standard network the set of participants is static and known, in an unknown network, such set and number of participants are previously unknown. This work studies the problem of Byzantine Fault-Tolerant Consensus with Unknown Participants, namely BFT-CUP. This new problem aims at solving consensus in unknown networks with the additional requirement that participants in the system may behave maliciously. It presents the necessary and sufficient knowledge connectivity conditions in order to solve BFT-CUP under minimal synchrony requirements. In this way, it proposes algorithms that are shown to be optimal in terms of synchrony and knowledge connectivity among participants in the system. |
| Alchieri2016reconf-smr + | State Machine Replication is an approach widely used to implement fault-tolerant systems. The idea behind this approach is to replicate the servers and to coordinate the interactions among clients and servers replicas, making all of these replicas present the same state evolution. Although some systems implement a reconfigurable RME, this approach has not yet been fully specified. In this sense, this paper specifies the properties and the assumptions that are necessary to a reconfigurable RME. Moreover, it presents a protocol that satisfies these properties and an experimental evaluation that shows the practical feasibility of this approach. |
| Alessandro-daidone2007analysis-of-214 + | Critical infrastructures like the power grid are emerging as collection of existing separated systems of different nature which are interconnected together. Their criticality becomes more and more evident as the damage and the risks deriving from wrong behaviors (both accidental and intentionally caused) are increasing. It is becoming evident that existing (legacy) subsystem must be interconnected together following some disciplined and controlled way. This is one of the challenges taken by the European Project CRUTIAL, where an infrastructure architecture seen as a WAN of LANs is being proposed, where LANs confine existing sub-systems, protected by special interconnection and filtering devices (CIS - CRUTIAL Information Switches). Previous work led to the definition of the CIS internal and interconnection architecture, so that a set of CIS can collectively ensure that the computers controlling the physical process correctly exchange information despite accidents and malicious attacks. CIS resilience is achieved thanks to replication for intrusion tolerance and replica recovery for self-healing. This chapter analyzes the redundant architecture of the CIS, with a set of objectives: identifying the relevant parameters of the architecture; evaluating how effective is the trade-of between proactive and reactive recoveries; and finding the best parameter setup. Two measures of interest were identified, a model of the recovery strategy was constructed and the quantitative behavior of the recovery strategy was analyzed. The impact of the detection coverage, of the intrusions and of the number of CIS replicas was analyzed and discussed. The directions for refining and improving the recovery strategy were proposed. |
| Alexandre-pinto2001light-weight-groups-1 + | This paper reports a practical experience of implementing a group communication service using a protocol composition framework. Specifically, the paper describes the implementation of a Light-Weight Groups (LWG) service on the Ensemble system. This is an interesting case-study because the LWG service is very demanding in terms of protocol composition since its implementation requires the use of forked shaped protocol stacks that are reconfigured at run-time. The insights that we have gained with the exercise are being used in the development of a new composition framework called Appia. |
| Almeida2013Inforum + | The next generation of space vehicles will integrate different mission functions on a shared computing platform using the advanced principle of Time and Space Partitioning (TSP). Improving the survivability of space vehicles requires reacting promptly on fault events, which implies timely fault detection. <br> This paper addresses the definition and design of fault-detection mechanisms for TSP hypervisors, covering both time and space domains. In spite of our focus in aerospace applications, the safety attributes and cost-effectiveness of TSP systems have a wider potential scope of applicability to other safety-critical environments, namely those involving autonomous vehicles in automotive, airborne and underwater applications. |
| Alves2013 + | This position paper describes initial efforts and ideas for the development of a middleware framework to support the operation of adaptive Wireless Sensor Networks applications with real-time and dependability requirements. We identify a set of underlying services that need to be implemented as part of this framework, explaining why they are needed and what they provide. In order to illustrate how this middleware can be used and its potential benefits, we consider the well-known LQER routing protocol to show how it must be changed to incorporate probabilistic real-time requirements and meet them in a dependable way. |
| Alves2015DnaCompression + | The decreasing costs of genome sequencing is creating a demand for scalable storage and processing tools and techniques to deal with the large amounts of generated data. Referential compression is one of these techniques, in which the similarity between the DNA of organisms of the same or an evolutionary close species is exploited to reduce the storage demands of genome sequences up to 700 times. The general idea is to store in the compressed file only the differences between the to-be-compressed and a well known reference sequence. In this paper, we propose a method for improving the performance of referential compression by removing the most costly phase of the process, the complete reference indexing. Our approach, called On-Demand Indexing (ODI) compresses human chromosomes five to ten times faster than other state-of-the-art tools (on average), while achieving similar compression ratios. |
| Alves2015MEng + | Powerline communication (PLC) is a form of data transfer, where the electric infrastructure is used for both power supply and network connection. PLC can be employed in industrial or home environments. In home environments, powerline is used to extend the internet connectivity through the house’s electric infrastructure. Powerline adapters are connected to a house’s power sockets, and these adapters provide connectivity throughout the house. A router is linked to one of the adapters to establish the connection, and other adapters are used to decode the powerline signal. These adapters provide an easy manner to extend a home network without the use of various routers, Wi-Fi, repeaters or new cables. In industrial environments, PLC is used (for example) to provide real time data about the electric consumption in the electric grid, allowing fine control of the required/used electricity. With this control, electric suppliers produce electricity more efficiently, reducing production costs and prices for the final consumers. Device manufacturers created alliances to standardize their products, developing protocols and guidelines to this effect. We present a summary of some of these standards. These protocols include security measures in their specifications (like cryptography), but some protocols have already been proven unsafe. In this work, we study the HomePlug protocol which is commonly used to extend connectivity inside homes. We describe a design vulnerability present in the HomePlug, in one of the cryptographic key exchange mechanisms. An attacker who listens to the medium can steal the critical network keys. To prove this vulnerability, we created a malicious adaptor by updating it with malicious firmware. Although we ran a large battery of tests in the adaptor, we were unable to prove the vulnerability. Nevertheless, we provide an insight on a series of attacks that can be done using a malicious adaptor as an attack point, which can be used in the future to extend this work. |
| Alves21synapse + | Receiving timely and relevant security information is crucial for maintaining a high-security level on an IT infrastructure. This information can be extracted from Open Source Intelligence published daily by users, security organisations, and researchers. In particular, Twitter has become an information hub for obtaining cutting-edge information about many subjects, including cybersecurity. This work proposes SYNAPSE, a Twitter-based streaming threat monitor that generates a continuously updated summary of the threat landscape related to a monitored infrastructure. SYNAPSE is designed to accurately select any kind of cybersecurity events and summarise them for the convenience of security analysts. Its tweet-processing pipeline is composed of filtering, feature extraction, binary classification, an innovative clustering strategy, and generation of Indicators of Compromise (IoCs). A quantitative evaluation considering over 195.000 tweets from 80 accounts over more than 8 months, shows that our approach successfully finds the majority of security-related tweets concerning an example IT infrastructure (true positive rate above 90%), incorrectly selects a small number of tweets as relevant (false positive rate under 10%), and summarises the results in few IoCs per day. A qualitative evaluation of the IoCs generated by SYNAPSE demonstrates their relevance, and timeliness. Finally, we provide some highlights of a real-world integration of SYNAPSE with the Security Operation Center of a nation-wide electric utility. |
| Alves:2017-CANFD-ESI-INForum17 + | The Controller Area Network (CAN) protocol has been extensively used in many application domains, including industrial control, appliances, medical, and transportation. The last sector includes manned and unmanned vehicles in land, maritime and aerospace. The definition of the CAN with Flexible Data rate (CAN FD) specification, currently under normalisation, enhances the original CAN protocol in two ways: it extends from 8 to 64 bytes the maximum payload size of a data frame; it enhances the bus signalling rate, while maintaining the determinism of node network access arbitration. The CAN FD data frame includes in its header an Error State Indicator (ESI) flag. Thus, one fundamental question is whether or not the ESI flag will be useful for building highly reliable distributed real-time embedded systems based on the CAN FD protocol? This communication formulates the problem in terms of provisioning node failure detection and membership services for CAN FD systems. |
| Alves:2017-CANFD-INForum + | The Controller Area Network (CAN) protocol, originally designed more than two decades ago, has been widely used in multiple domains, including industrial control, automotive and aerospace. To overcome two important limitations of the original CAN protocol, low data transmission rates and small data frame payload sizes, a new specification, the CAN with Flexible Data rate (CAN FD), was issued. This paper addresses timing and safety issues of the new specification, demonstrating that CAN FD, although showing an improvement of timeliness in the absence of errors, continues to exhibit (almost) the same shortcomings of the original protocol with respect to its use in the design of highly reliable real-time embedded systems. |
| Alysson-bessani2007decoupled-quorum-based-188 + | Open distributed systems are typically composed by an unknown number of processes running in heterogeneous hosts. Their communication often requires tolerance to temporary disconnections and security against malicious actions. Tuple spaces are a well-known coordination model for this sort of systems. They can support communication that is decoupled both in time and space. There are currently several implementations of distributed fault-tolerant tuple spaces but they are not Byzantine-resilient, i.e., they do not provide a correct service if some replicas are attacked and start to misbehave. This paper presents an ef- ficient implementation of LBTS, a linearizable Byzantine fault-tolerant tuple space. LBTS uses a novel Byzantine quorum systems replication technique in which most operations are implemented by quorum protocols while stronger operations are implemented by more expensive protocols based on consensus. LBTS is linearizable and wait-free, showing interesting performance gains when compared to a similar construction based on state machine replication. |
| Alysson-bessani2008depspace-a-203 + | The tuple space coordination model is one of the most interesting coordination models for open distributed systems due to its space and time decoupling and its synchronization power. Several works have tried to improve the dependability of tuple spaces through the use of replication for fault tolerance and access control for security. However, many practical applications in the Internet require both fault tolerance and security. This paper describes the design and implementation of DepSpace, a Byzantine fault-tolerant coordination service that provides a tuple space abstraction. The service offered by DepSpace is secure, reliable and available as long as less than a third of service replicas are faulty. Moreover, the content-addressable confidentiality scheme developed for DepSpace bridges the gap between Byzantine fault-tolerant replication and confidentiality of replicated data and can be used in other systems that store critical data. |
| Alysson-bessani2008forever-faultintrusion-221 + | The goal of the FOREVER project is to develop a service for Fault/intrusiOn REmoVal through Evolution & Recovery. In order to achieve this goal, our work addresses three main tasks: the defifinition of the FOREVER service architecture; the analysis of how diversity techniques can improve resilience; and the evaluation of the FOREVER service. The FOREVER service is an important contribution to intrusion-tolerant replication middleware and signifificantly enhances the resilience. |
| Alysson-bessani2008the-crutial-213 + | Today, critical infrastructures like the power grid are essentially physical processes controlled by computers connected by networks. They are usually as vulnerable as any other interconnected computer system, but their failure has a high socio-economic impact. We describe a hierarchy of variations of a novel device for the protection of these infrastructures, the CIS. These devices are used to ensure that incoming/outgoing traffic satisfies the security policy of an infrastructure in face of cyber-attacks. However, a CIS is not a common firewall but a distributed protection device based on a sophisticated access control model. Furthermore, a CIS is intrusion-tolerant and self-healing, seeking perpetual unattended correct operation. A key feature of the proposed architecture is that it does not require any modification of the SCADA/PCS software already in use today. |
| Alysson-bessani2009enhancing-fault-224 + | Fault/intrusion tolerance is usually the only viable way of improving the system dependability and security in the presence of continuously evolving threats. Many of the solutions in the literature concern a specific snapshot in the production or deployment of a fault-tolerant system and no immediate considerations are made about how the system should evolve to deal with novel threats. In this paper we outline and evaluate a set of operating systems’ and applications’ reconfiguration rules which can be used to modify the state of a system replica prior to deployment or in between recoveries, and hence increase the replicas chance of a longer intrusion-free operation. |
| Amado2018 + | The implementation of an intrusion detection system deals with two problems. First, the need to obtain up-to-date statistics encompassing various metrics of interest that can range from network traffic information (e.g., network load or latency) to security alerts. Second, the ability to extract relevant knowledge from the aforementioned data. The first problem is usually tackled through real-time network monitoring using low accuracy techniques such as packet sampling, requiring the placement of expensive hardware components in crucial network points in order to improve accuracy. In this thesis we plan to approach this challenge with programmable networking, a new approach to computer networks that separates the data plane from the control plane, enabling the centralization of network control and the execution of applications that direct the configuration of forwarding devices. This new paradigm includes the programmability of forwarding devices, such as switches, and enables the use of sketching algorithms directly in the data plane, that provide summary statistics about packet flows, allowing a more effective network monitoring. We tackle the second problem through unsupervised machine learning techniques that possess the ability to identify a specific behavior without any prior knowledge or training phase, serving as a powerful instrument to detect suspicious patterns. This work will, therefore, propose the design, implementation, and evaluation of a monitoring system using programmable switches that leverages machine learning algorithms to perform network attack detection. |
| AnaFidalgo Tese + | The number of vulnerabilities has grown exponentially over the last years, with SQL Injection being especially troublesome for web applications. In parallel, novel research has shown the potential of Machine Learning to find vulnerabilities, which can aid experts to reduce the search space or even classify programs on its own. Previous work, however, rarely includes SQL Injection or considers popular serverside languages for web application development like PHP. In our work, we construct a Deep Learning model capable of classifying PHP excerpts as vulnerable (or not) to SQL Injection. We use an intermediate language to represent the excerpts and interpret them as text, resorting to well-studied Natural Language Processing techniques. This work can help back-end programmers discover SQL Injection in an early stage of the project, avoiding attacks that would eventually cost a lot to repair their damage. We also investigate which information should be fed to the model. Hence, we built four datasets (the Opcode Dataset, the Opcode+Operand Dataset, the Slice Dataset, and the Simplified Slice Dataset) from the bytecode dataset that represent each PHP excerpt differently. This approach is a simpler alternative to complex data structures previously used to represent code’s control flow. For each of those datasets, we performed several experiments to evaluate alternative configurations for the model. For all datasets, we managed to find a setting that leads to a score, on average, above 60% for the accuracy, precision, and recall. |
| Antonio-casimiro2000how-to-16 + | In a recent paper we introduced a new model to deal with the problem of handling application timeliness requirements in environments with loose real-time guarantees. This model, called the Timely Computing Base (TCB), is one of partial synchrony. From an engineering point of view, it requires systems to be constructed with a small control part, a TCB module, to protect vital resources with respect to timeliness and to provide basic time related services to applications. Although many different instantiations of systems with a TCB can be envisaged, we have chosen to implement a TCB using PC hardware running the Real-Time Linux operating system over a Fast-Ethernet network. This paper describes the experience gained during the implementation process and shows that it is possible to construct a TCB without the need for special software or hardware components. The problem of achieving real-time communication under RT-Linux is also discussed: we describe the port we have done of a Linux network driver to RT-Linux, explaining the required modifications to allow predictability. |
| Antonio-casimiro2006on-the-210 + | The development of embedded technologies to support the construction of dependable applications in environments of uncertain synchrony, reliability or security, raises many challenges. In previous work we introduced a framework based on the concept of wormholes, and some techniques for adaptation and fail-safety to construct dependable applications un- der this framework. But in order to set up a wormhole, it is necessary to enforce a hybrid system structure through the use of appropriate hardware and engineering approaches. This paper gives some initial steps towards the definition of new wormholes specifically suited for embedded systems. We first describe the framework that we intend to follow and then we discusses some existing processing and communication technologies that could serve our purposes. |
| Antonio-casimiro2007generic-events-architecture-211 + | In a future networked physical world, a myriad of smart sensors and actuators assess and control aspects of their environments and autonomously act in response to it. To a large extent, such systems operate proactively and independently of direct human control. They include computer hardware and software parts mixed with mechanical devices. Besides the regular computer communication channels, they also establish interaction channels among them directly through the environment. These characteristics pose a number of fundamentally new consistency and correctness challenges which, if not met, may hinder the dependability of such systems, and ultimately lead to unexpected failures. This paper describes an architectural framework and eventmodel capable of solving these pressing problems. Firstly, we offer an innovative composable object model representing software/hardware entities capable of interacting with the environment. Secondly, we provide event-based communication seamlessly integrating real-world events and events generated in the system. The crucial parts of our work are the generic-events architecture GEAR, hosting the COSMIC middleware supporting the events model, with attributes to express spatial and temporal properties. |
| Antonio-casimiro2007middleware-support-208 + | In this fast abstract we address some work done in the context of TACID, concerned with the development of middleware support for the execution of relaxed timed transactions. These transactions are particularly relevant in database applications of a so-called time-elastic class, which will dynamically select appropriate deadlines for the executed transactions, following indications provided by the middleware. The estimation of these deadlines is based on probabilistic approaches, using temporal information collected from the execution of previous transactions. |
| Antonio-casimiro2008a-framework-205 + | Distributed protocols executing in uncertain environments,like the Internet, had better adapt dynamically to environment changes in order to preserve QoS. In a previous work, it was shown that QoS adaptation should be dependable, if correctness of protocol properties is to be maintained. In this paper we provide concrete strategies and methodologies to improve the implementation of dependable QoS adaptation. During its lifetime, a system alternates periods where its temporal behavior is well characterized, with transition periods where a variation of the environment conditions occurs. Our method is based on the following: if the environment is generically characterized in analytical terms, and we can detect the alternation of these stable and transient phases, we can drastically improve the effectiveness of dependable QoS adaptation. To prove our point, we conduct an evaluation based on "synthetic" data flows generated from one or more probabilistic distributions, and we show that the proposed strategies can indeed be effective and still dependable in the considered cases. |
| Antunes09 + | The communication between computer systems is dictated by network protocols, which determine how the network components interact with each other. Knowing the specification of a network protocol can greatly improve the security and dependability of both the design of the protocol and the applications implementing it. The specification can be used, for example, to verify if the application's implementation is correct and in accordance, or even to aid in the creation of specific firewall rules or IDS filters to block messages that do not comply with the defined standard. However, the protocol specification is not always available, which makes assessing the correctness and security of such protocols difficult. Protocol reverse engineering has been used to overcome this problem, by deducing the specification of closed protocols from their utilization alone and without any assumption about their structure or operation. In this paper, we present two different approaches, based on sequence alignment techniques, to build an automaton of a network protocol from network traces. |
| Antunes10 + | The increasing reliance put on networked computer systems demands higher levels of dependability. This is even more relevant as new threats and forms of attack are constantly being revealed, compromising the security of systems. This paper addresses this problem by presenting an attack injection methodology for the automatic discovery of vulnerabilities in software components. The proposed methodology, implemented in AJECT, follows an approach similar to hackers and security analysts to discover vulnerabilities in network-connected servers. AJECT uses a specification of the server's communication protocol and predefined test case generation algorithms to automatically create a large number of attacks. Then, while it injects these attacks through the network, it monitors the execution of the server in the target system and the responses returned to the clients. The observation of an unexpected behavior suggests the presence of a vulnerability that was triggered by some particular attack (or group of attacks). This attack can then be used to reproduce the anomaly and to assist the removal of the error. To assess the usefulness of this approach, several attack injection campaigns were performed with 16 publicly available POP and IMAP servers. The results show that AJECT could effectively be used to locate vulnerabilities, even on well-known servers tested throughout the years. |
