COVERAGE: detecting and reacting to worm epidemics using cooperation and validation

Cooperative defensive systems communicate and cooperate in their response to worm attacks, but determine the presence of a worm attack solely on local information. Distributed worm detection and immunization systems track suspicious behavior at multiple cooperating nodes to determine whether a worm attack is in progress. Earlier work has shown that cooperative systems can respond quickly to day-zero worms, while distributed detection systems allow detectors to be more conservative (i.e., paranoid) about potential attacks because they manage false alarms efficiently. In this paper we present our investigation into the complex tradeoffs in such systems between communication costs, computation overhead, accuracy of the local tests, estimation of viral virulence, and the fraction of the network infected before the attack crests. We evaluate the effectiveness of different system configurations in various simulations. Our experiments show that distributed algorithms are better able to balance effectiveness against worms and viruses with reduced cost in computation and communication when faced with false alarms. Furthermore, cooperative, distributed systems seem more robust against malicious participants in the immunization system than earlier cooperative but non-distributed approaches.     

The Effects of P-Poisoning of CexZr1−xO2 on the Transient Oxygen Storage and Release Kinetics

The present work reports on the investigation of the effects of chemical poisoning of Ce_xZr_1?xO₂ solids by phosphorous (P) on the kinetics of oxygen storage and release (OSR) of the thus derived P-contaminated solids, as a function of Ce_xZr_1?xO₂ solid composition (x = 0.3, 0.5 and 0.7) for the first time. Phosphorous deposition on the surface of Ce_xZr_1?xO₂ particles followed by calcination in air at 850 °C forms nano-crystals of CePO₄, which lead to a drastic decrease in the population of surface and subsurface reactive and mobile oxygen species due to the formation of P–O–Ce bonding. The concentration (μmol/g) of exchangeable ¹⁶O in the solid with ¹⁸O from the gas phase was found to increase, and the degree of reduction in the Oxygen Storage Capacity (OSC) to decrease with increasing Ce content in the Ce_xZr_1?xO₂ solid after P-poisoning. The increase in the Ce content of Ce_xZr_1?xO₂ makes its OSR properties more resistant against P-poisoning due to the increasing number of poison-free Ce atoms, which are able to participate in the Ce³⁺ ? Ce⁴⁺ redox cycle.     

Efficient In-Situ Regeneration Method of the Catalytic Activity of Aged TWC

The expansion of durability of deactivated “three-way” catalysts (TWCs) used in gasoline-driven cars by applying efficient, economically viable and environmentally friendly methods for the in␣situ regeneration of their performance to acceptable levels was investigated. New experimental results on the use of a weak oxalic acid washing solution as a means of an efficient regeneration method of a severely aged (83,000 km mileage) commercial TWC are presented. Oxalic acid is shown to be the most efficient extracting agent of phosphorus, a severe poison of TWCs, among acetic acid, citric acid, NTA and EDTA investigated. X-ray diffraction studies provided strong evidence that washing of the aged TWC results in the removal of CePO₄, AlPO₄ and (Mg,Ca,Zn)₃(PO₄)₂ type phosphates leading to a significant increase of BET area and pore volume, as well as of CO and NO conversions (catalytic activity tests). The latter is strongly related with the increase in the number of active catalytic sites, as illustrated by in␣situ DRIFTS studies, after opening closed pores and uncovering additional catalyst surface.     

Randomized Instruction Sets and Runtime Environments Past Research and Future Directions

The author describes past research and future directions on instruction set randomization (ISR), a general technique for protecting against code-injection attacks. Such attacks are commonly encountered in a variety of application domains, remotely targeting program binaries, Web application and database backends, and Web browsers. Collectively, they represent the vast majority of reported attacks in bug- and incident-tracking repositories for the past decade, with no sign of abatement. ISR provides for a separation of code from data by randomizing the execution environment of legitimate code, which has to be suitably transformed using a key shared with the execution environment. This article describes the motivation behind ISR, the high-level concept, its use in two different application domains (binary code injection and SQL injection attacks), the author's findings and experiences (including several limitations, both of the technique and of prototypes), and future directions for improvements and application of ISR. Although he tries to provide broad coverage of the topic, the primary focus is on the research conducted at the Network Security Laboratory at Columbia.     

A Cross Layer Scheduling Framework for Supporting Bursty Data Applications in WCDMA Networks

In future wireless networks multimedia applications are expected to finally dominate the overall traffic volume. Shared channels are more suitable for the transmission of this type of traffic, as they are able to periodically adjust their transmission rate. In this paper, we introduce a cross-layer framework for WCDMA based networks which aims to make the packet scheduling procedure more efficient. In addition to that, we further propose a traffic scheduling scheme which serves the connections not only according to their delay sensitivity, but also according to the predicted state of their wireless channel. The efficiency of the proposed scheme, in terms of average packet delay and channel utilization is verified via simulations.     

Designing Connection Oriented Networks for Multi-Domain Path Resilience

A challenge in network management and control is the ability to account for multi-domain requirements in the network planning process. Especially in Connection Oriented Networks where multi-domain path finding is a critical issue, networks need to be designed in such a manner as to restrict the possibility of erroneous inter-domain path selection. In this paper we propose per-domain topology design considerations that would leverage accurate disjoint path computations in a multi-domain environment, covering requirements of end-to-end path resiliency. In multi-domain environments state information between domains is heavily aggregated, hiding internal topology details dictated by scalability concerns, but also by restrictive domain administration policies for privacy, and security. Disjoint path finding is strongly affected by the aggregation techniques, since they do not provide information on path overlap. To handle this issue we introduce a metric, the Overlap Factor (OF), that quantifies path overlap in domains. The OF can be passed as an additional parameter of the inter-domain information exchange model to evaluate disjoint end-to-end paths. Alternatively, if domains were appropriately designed, this additional parameter might not be needed in evaluating resilient pairs of inter-domain paths. We based our recommended topology design algorithm on exploiting locally known OF values within the context of Genetic Algorithms. Extensive simulations confirm that domains designed using our proposed algorithm, result into accurate multi-domain disjoint path identification, with a high success ratio compared to networks that are designed without inter-domain considerations.     

Smart Dust: Monte Carlo Simulation of Self-Organised Transport

Smart dust is envisaged as swarms of miniature communication/sensor devices useful for remote monitoring in space exploration. With diameters and densities comparable to sand particles the behaviour of passive dust will be identical to the movement of airborne sand. Here we examine algorithms for the adaptive shape change of smart dust modes that permits a change in drag coefficient depending on whether or not the random motion is in a favourable direction. Monte Carlo simulations are reported for swarms of smart dust devices transporting in the wind-dominated environment of the Martian landscape. It is concluded that relatively simple shape changing algorithms, activated through an electro-active polymer sheath, will permit self-organised transport over large distances.     

Proportional delay differentiation provision by bandwidth adaptation of class‐based queue scheduling

Supporting quality of service (QoS) over the Internet is a very important issue and many mechanisms have already been devised or are under way towards achieving this goal. One of the most important approaches is the so‐called Differentiated Services (DiffServ) architecture, which provides a scalable mechanism for QoS support in a TCP/IP network. The main concept underlying DiffServ is the aggregation of traffic flows at an ingress (or egress) point of a network and the marking of the IP packets of each traffic flow according to several classification criteria. Diffserv is classified under two taxonomies: the absolute and the relative. In absolute DiffServ architecture, an admission control scheme is utilized to provide QoS as absolute bounds of specific QoS parameters. The relative DiffServ model offers also QoS guarantees per class but in reference to the guarantees given to the other classes defined. In this paper, relative proportional delay differentiation is achieved based on class‐based queueing (CBQ) scheduler. Specifically, the service rates allocated to the classes of a CBQ scheduler are frequently adjusted in order to obtain relative delay spacing among them. The model presented can also be exploited in order to meet absolute delay constraints in conjunction with relative delay differentiation provision. Simulation experiments verify that our model can attain relative as well as absolute delay differentiation provided that the preconditions posed are satisfied. Copyright © 2004 John Wiley & Sons, Ltd.