Wednesday, November 21, 2018

MODELING, MONITORING AND SCHEDULING TECHNIQUES FOR NETWORK RECOVERY FROM MASSIVE FAILURES


MODELING, MONITORING AND SCHEDULING TECHNIQUES FOR NETWORK RECOVERY FROM MASSIVE FAILURES

Author:
Zad Tootaghaj, Diman
Graduate Program:
Computer Science and Engineering
Degree:
Doctor of Philosophy
Document Type:
Dissertation
Date of Defense:
May 23, 2018
Committee Members:
  • Thomas F Laporta, Dissertation Advisor
  • Thomas F Laporta, Committee Chair
  • Ting He, Committee Member
  • Nilanjan Ray Chaudhuri, Committee Member
  • Marek Flaska, Outside Member
Keywords:
  • Network Recovery
  • Massive Disruption
  • Stochastic Optimization
  • Uncertainty
  • Network Recovery Massive Disruption
  • Uncertainty.
  • Cascading Failures
  • Interdependent Networks
  • Power Grid
  • Software-Defined Networking
Abstract:
This dissertation explores modeling, monitoring and scheduling techniques for network recovery from massive failures, with a focus on optimization methods under uncertain knowledge of failures. Large-scale failures in communication networks due to natural disasters or malicious attacks can severely affect critical communications and threaten lives of people in the affected area. In 2005, Hurricane Katrina led to outage of over 2.5 million lines in the BellSouth (now AT&T) network. In the absence of a proper communication infrastructure, rescue operation becomes extremely difficult. Progressive and timely network recovery is, therefore, a key to minimizing losses and facilitating rescue missions. Many prior works on failure detection and recovery assume full knowledge of failures and use a deterministic approach for the recovery phase. In real-world scenarios, however, the failure pattern might be unknown or only partially known. Therefore, classic recovery approaches may not work. To this end, I focus on network recovery assuming partial and uncertain knowledge of the failure locations. I first studied large-scale failures in a communication network. In particular, I proposed a new recovery approach under uncertain knowledge of failures. I proposed a progressive multi-stage recovery approach that uses the incomplete knowledge of failure to find a feasible recovery schedule. From the elements of this solution, I selected a node with highest centrality at each iteration step to repair and exploit as a monitor to increase the knowledge of network state, until all critical services are restored. The recovery problem can be addressed by giving different priority to three performance aspects including: 1) Demand loss, 2) computation time and 3) number of repairs (or repair cost). These aspects are in conflict with each other and I studied the trade-off among them. Next, I focused on failure recovery of multiple interconnected networks. In particular, I focused on the interaction between a power grid and a communication network. I modeled the cascading failures in a power gird using a DC power flow model. I tackled the problem of mitigating an ongoing cascade by formulating the minimum cost flow assignment problem as a linear programming optimization. The optimization aimed at finding a minimum cost DC power flow setting that stops the cascading failure, where the total cost is defined as the total weighted amount of unsatisfied load due to the re-distribution of the power in the generators and loads without violating the overload constraint at each line. Then, I focused on network monitoring techniques that can be used for diagnosing the performance of individual links for localizing soft failures (e.g. highly congested links) in a communication network. I studied the optimal selection of the monitoring paths to balance identifiability and probing cost. I considered four closely related optimization problems: (1) Max-IL-Cost that maximizes the number of identifiable links under a probing budget, (2) Max-Rank-Cost that maximizes the rank of selected paths under a probing budget, (3) Min-Cost-IL that minimizes the probing cost while preserving identifiability, and (4) Min-Cost-Rank that minimizes the probing cost while preserving rank. I showed that while (1) and (3) are hard to solve, (2) and (4) possess desirable properties that allow efficient computation, while providing good approximation to (1) and (3). I proposed an optimal greedy-based approach for (4) and proposed a (1-1/e)-approximation algorithm for (2). My experimental analysis revealed that, compared to several greedy approaches that directly solve the identifiability-based optimization (i.e. (1) and (3)), the proposed rank-based optimization (i.e. (2) and (4)) achieved better trade-offs in terms of identifiability and probing cost. Finally, I addressed, a minimum disruptive routing framework in software defined networks. I showed that flow disruption, congestion and violation of policies can occur during updates of flow tables in software defined networks. I aimed to minimize the update disruption and minimize the number of affected flows during the update, while taking into account link capacity constraints and the importance of various flows to upper-layer applications. I formulated the problem as an integer linear programming and showed that it is NP-Hard. I proposed two randomized rounding algorithms with bounded congestion and demand loss to solve this problem. In addition to a small SDN testbed, I performed a large-scale simulation study to evaluate my proposed approaches on real network topologies. Extensive experimental and simulation results show that the two random rounding approaches have a disruption cost close to the optimal while incurring a low congestion factor and a low demand loss.

Thursday, November 9, 2017

Sites.Google.Com

Thursday, November 2, 2017

SITES.PSU.EDU

Behavioral Analog Topology Synthesizer
Optical CDMA Network Simulator (OCNS)
Persian Boy Names
Persian Girl Names
Extended Authentication and Key Agreement Protocol
Secure Multipath Adaptive Routing Protocol
Authentication and Key Agreement Protocol in 4G
Risk of attack coefficient effect on availability of adhoc networks
Game-theoretic model to mitigate packet dropping
Multi-dimensional correlation steganalysis
SVD and Noise Estimation based Image Steganalysis
Eigenvalues-based LSB steganalysis
Security Weaknesses in PGP Protocol
Performance Modeling and Optimization of MapReduce
Image Steganalysis of Low Rate Embedding in Spatial Domain
Modeling and Optimization of Straggling Mappers
Blind detection of low-rate embedding
Big Data Computing: Modeling and Optimization
Towards Stochastically Optimizing Data Computing Flows
Optimal Placement in Network On-Chip
Optimal Scheduling in Parallel Programming Frameworks
Node Architecture and Cloud Workload Characteristics Analysis
Thumbnail Generation by Smart Cropping
Stochastic Modeling and Optimization of Stragglers
Chinese Academy of Sciences
Vanishing Point Detection in Photo Composition Analysis
Aesthetic Rating for Photos
Shape matching for automated bow echo detection
Detecting Dominant Vanishing Points in Natural Scenes
Skeleton Matching for Severe Weather Detection
Discovering Triangles in Portraits and Landscapes
Leveraging big visual data to predict severe weather
IAAP Scholarship Award
Deep-learned Models and Photography Idea Retrieval
Maryam Mirzakhani, the mother who won Fields Medal
Calculate AT&T Shares in a Shared Data Plan
Travel Grant from CSE Department
CAGE: A Contention-Aware Game-theoretic Model for Heterogeneous Resource Assignment

Friday, October 20, 2017

System and methods for UICC-based secure communication

System and methods for UICC-based secure communication US 9461993 B2
System and methods for uicc-based secure communication US 20150222631 A1

ABSTRACT
A system that incorporates the subject disclosure may include, for example, instructions which when executed cause a device processor to perform operations comprising sending a service request to a remote management server; receiving from the management server an authentication management function and an encryption key generator for execution by a secure element and an encryption engine for execution by a secure device processor, sending a request to establish a communication session with a remote device; and communicating with the remote device via a channel established using an application server. The secure element and the secure device processor authenticate each other using a mutual authentication keyset. The secure element, the secure device processor and the device processor each have a security level associated therewith; the security level associated with the secure device processor is intermediate between that of the secure element and that of the device processor. Other embodiments are disclosed.

Reference
1"3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Characteristics of the Universal Subscriber Identity Module (USIM) application", Release 11, 2012.
2"3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Remote APDU Structure for (U)SIM Toolkit applications", Release 10, 2012.
3"3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Secured packet structure for (Universal) Subscriber Identity Module (U)SIM Toolkit applications", Release 10, 2012.
4"3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; UICC-terminal interface; Physical and logical characteristics", Release 10, 2011.
5"3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Universal Subscriber Identity Module (USIM) Application Toolkit (USAT)", Release 11, 2012.
6"GlobalPlatform Card Confidential Card Content Management Card Specification v2.2-Amendment A", 2011.
7"GlobalPlatform Card Contactless Services Card Specification v2.2-Amendment C", 2012.
8"GlobalPlatform Card Remote Application Management over HTTP Card Specification v2.2-Amendment B", 2012.
9"GlobalPlatform Card Security Upgrade for Card Content Management Card Specification v 2.2-Amendment E", 2011.
10"GlobalPlatform Card Specification", Version 2.2.1, 2011.
11"GlobalPlatform Card Technology Secure Channel Protocol 03 Card Specification v 2.2-Amendment D", 2009.
12"GlobalPlatform Device Secure Element Remote Application Management", May 2011.
13"GlobalPlatform Device Technology Secure Element Access Control", Version 1.0, May 2012.
14"GlobalPlatform Device Technology TEE System Architecture", Dec. 2011.
15"GlobalPlatform Key Management System", Functional Requirements, Nov. 2003.
16"GlobalPlatform System Messaging Specification for Management of Mobile-NFC Services", Feb. 2011.
17"Over-The-Air Platform Security Review", Mandiant Intelligent Information Security, 6 pgs., Aug. 17, 2010.
18
Farhat, Farshid, Somayeh Salimi, and Ahmad Salahi. "Private Identification, Authentication and Key Agreement Protocol with Security Mode Setup" IACR Cryptology ePrint Archive 2011 (2011): 45.
19"Reprogrammable SIMs: Technology, Evolution and Implications", csmg, Sep. 25, 2012.
20
"Secure Authentication for Mobile Internet Services"-Sim Alliance, Dec. 2011 http://simalliance.org/wp-content/uploads/2015/03/12-01-01-WP-SIMallianceSecureAuthentication-EN-V1.1.pdf.
21"Smart Cards; Card Application Tookit (CAT)", Release 11, 2012.
22"Smart Cards; ETSI numbering system for telecommunication application providers", Release 11, 2011.
23"Smart Cards; Machine to Machine UICC; Physical and logical characteristics", Release 9, 2011.
24"Smart Cards; Remote APDU structure for UICC based applications", Release 11, 2012.
25"Smart Cards; Secured packet structure for UICC based applications", Release 11, 2012.
26"Smart Cards; Security mechanisms for UICC based Applications-Functional requirements", Release 8, 2008.
27"Smart Cards; UICC Application Programming Interface (UICC API) for Java Card(TM)", Release 9, 2012.
28"Smart Cards; UICC Application Programming Interface (UICC API) for Java Card™", Release 9, 2012.
29"Smart Cards; UICC-Terminal Interface; Physical and logical characteristics", Release 10, 2011, 179 pages.
30"The OTA Platform in the World of LTE", 14 pgs., Jan. 2011.
31"Universal Mobile Telecommunications System (UMTS); UICC-terminal interface; Physical and logical characteristics", Release 10, 2011.
32Chen, "An efficient end-to-end security mechanism for IP multimedia subsystem", Computer Communications, 2008, vol. 31.18, pp. 4259-4268.
33Dodson, Ben et al., "Snap2Pass: Consumer-Friendly Challenge-Response Authentication with a Phone", http://prpl.stanford.edu/papers/soups10j.pdf, Apr. 30, 2010.
34Global Platform, "Secure Element Remote Application Management", Version 1.0, May 2011.
35Imhontu, et al., "A survey on near field communication in mobile phones & PDAs", Dissertation Halmstad University, 2010. http://hh.diva-portal.org/smash/get/diva2:385433/FULLTEXT01.
36Kim, Jong-Min et al., "A Study of Coupons issuance System Considering of User Convenience Based on NFC", 3rd International Conference on Computer Science and Information Technology (ICCSIT'2013) Jan. 4-5, 2013 Bali (Indonesia). http://psrcentre.org/images/extraimages/113118.pdf.
37Kounelis, Ioannis et al., "Secure Middleware for Mobile Phones and UICC Applications", Mobile Wireless Middleware, Operating Systems, and Applications, Springer Berlin Heidelberg, 2012, 143-152.
38Kounelis, Ioannis et al., "Security of service requests for cloud based m-commerce", MIPRO, 2012 Proceedings of the 35th International Convention, IEEE, 2012.
39Meyerstein, et al., "Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications", InterDigital Communications Corporation LLC, First International ICST Conference: MobiSec 2009, Security and Privacy in Mobile Information and Communication Systems, p. 214-225, Jun. 3-5, 2009.
40Nagalakshmi, et al., "Modified Protocols for Internet Key Exchange (IKE) Using Public Encryption and Signature Keys", Information Technology: New Generations (ITNG), 2011 Eighth International Conference on, 2011, pp. 376, 381.
41Zhang, et al., "Cryptographic Key Agreement Protocol Simulation", Semantics Knowledge and Grid (SKG), 2010 Sixth International Conference on, 2010, pp. 418, 419.

Monday, October 16, 2017

Image Aesthetics Rating


Aesthetic Rating for Photos


The developed engine gets the image and outputs a score showing the amount of the beauty inside the image! The code is also working on Android/iOS platform. The engine speed is good enough which makes it suitable for a real-time engine. The core computes aesthetic features from the image, and estimates the aesthetic score. Check out > ACQUINE
The contributors: Jia Li, James Wang, Farshid Farhat.

Tuesday, October 10, 2017

Contention-Aware Game-theoretic Model for Heterogeneous Resource Assignment

CAGE: A Contention-Aware Game-theoretic Model for Heterogeneous Resource Assignment


Traditional resource management systems rely on a centralized approach to manage users running on each resource. The centralized resource management system is not scalable for large-scale servers as the number of users running on shared resources is increasing dramatically and the centralized manager may not have enough information about applications' need. In this paper we propose a distributed game-theoretic resource management approach using market auction mechanism to find optimal strategy in a resource competition game. The applications learn through repeated interactions to choose their action on choosing the shared resources. Specifically, we look into two case studies of cache competition game and main processor and co-processor congestion game. We enforce costs for each resource and derive bidding strategy. Accurate evaluation of the proposed approach show that our distributed allocation is scalable and outperforms the static and traditional approaches.

Draft > CAGE

Saturday, September 30, 2017

Modeling and Optimization of MapReduce

ABSTRACT

MapReduce framework is widely used to parallelize batch jobs since it exploits a high degree of multi-tasking to process them. However, it has been observed that when the number of mappers increases, the map phase can take much longer than expected. This paper analytically shows that stochastic behavior of mapper nodes has a negative effect on the completion time of a MapReduce job, and continuously increasing the number of mappers without accurate scheduling can degrade the overall performance. We analytically capture the effects of stragglers (delayed mappers) on the performance. Based on an observed delayed exponential distribution (DED) of the response time of mappers, we then model the map phase by means of hardware, system, and application parameters. Mean sojourn time (MST), the time needed to sync the completed map tasks at one reducer, is mathematically formulated. Following that, we optimize MST by finding the task inter-arrival time to each mapper node. The optimal mapping problem leads to an equilibrium property investigated for different types of inter-arrival and service time distributions in a heterogeneous datacenter (i.e., a datacenter with different types of nodes). Our experimental results show the performance and important parameters of the different types of schedulers targeting MapReduce applications. We also show that, in the case of mixed deterministic and stochastic schedulers, there is an optimal scheduler that can always achieve the lowest MST.

[Tech Report] [Master Thesis] [IEEE Trans]

Last version > MapReduce_Performance_Optimization