教学课程资源库 更多>>

关键词： Computer engineering   Information technology   Computer science  

摘要： Graphic Processing Units (GPUs) have become of accelerator of choice to speed up the execution of a wide range of applications. Given the massive number of compute cores on these devices, GPUs have become an attractive platform to accelerate security and cryptography applications. While performance is a critical quality to prevent online attacks, current accelerators are ill-equipped to protect against side-channel attacks. When launching a side channel, the attacker exploits the physical implementation of a cryptographic algorithm, rather than the inherent theoretical weaknesses of the algorithm. Side channel leakage can come in the form of power dissipation, performance degradation or electromagnetic waves. This thesis considers the first of these sources. Power modeling of GPU devices has been well studied by the computer architecture community. The goal of power modeling is to be able to tradeoff power for performance in the design of the GPU. Prior work has shown that by recording the amount of energy consumed by a GPU during encryption or decryption, an attacker can capture secret information. If we can understand how the underlying microarchitecture leaks side-channel information to an attacker, we can build much more robust obfuscation approaches. In this thesis, our aim is not to build yet another GPU power model. Instead, we deliver GIPSim, a framework to enable security researchers to reason about side-channel leakage present in the context of a GPU execution-driven simulator. We show how researchers can capture detailed power estimates while running CUDA programs on a Kepler-family GPU and use the information to obfuscate power by obscuring data-dependent power leakage. We show how traditional hiding and masking techniques can be applied in the context of a GPU. These, in turn, reduce the vulnerability present in this context. We also detail how we leverage machine learning techniques using a Long Short-Term Memory neural networks to further improve the

关键词： Computer science  

摘要： Despite an abundance of defenses that work to protect Internet users from online threats, malicious actors continue deploying relentless large-scale phishing attacks that target these users. Effectively mitigating phishing attacks remains a challenge for the security community due to attackers' ability to evolve and adapt to defenses, the cross-organizational nature of the infrastructure abused for phishing, and discrepancies between theoretical and realistic anti-phishing systems. Although technical countermeasures cannot always compensate for the human weakness exploited by social engineers, maintaining a clear and up-to-date understanding of the motivation behind---and execution of---modern phishing attacks is essential to optimizing such countermeasures. In this dissertation, I analyze the state of the anti-phishing ecosystem and show that phishers use evasion techniques, including cloaking, to bypass anti-phishing mitigations in hopes of maximizing the return-on-investment of their attacks. I develop three novel, scalable data-collection and analysis frameworks to pinpoint the ecosystem vulnerabilities that sophisticated phishing websites exploit. The frameworks, which operate on real-world data and are designed for continuous deployment by anti-phishing organizations, empirically measure the robustness of industry-standard anti-phishing blacklists (PhishFarm and PhishTime) and proactively detect and map phishing attacks prior to launch (Golden Hour). Using these frameworks, I conduct a longitudinal study of blacklist performance and the first large-scale end-to-end analysis of phishing attacks (from spamming through monetization). As a result, I thoroughly characterize modern phishing websites and identify desirable characteristics for enhanced anti-phishing systems, such as more reliable methods for the ecosystem to collectively detect phishing websites and meaningfully share the corresponding intelligence. In addition, findings from these studies led to acti

关键词： Games   Crowdsourcing   Economics   Task analysis   Computer science   Optimization   Nash equilibrium   Crowdsourcing   malicious attack   game theory   zero-determinant strategies  

摘要： Crowdsourcing is a promising technology to accomplish a complex task via eliciting services from a large group of contributors. Recent observations indicate that the success of crowdsourcing has been threatened by the malicious behaviors of the contributors. In this paper, we analyze the attack problem using an iterated prisoner's dilemma (IPD) game and propose a reward-penalty expected payoff algorithm based on zero-determinant (ZD) strategies to reward a worker's cooperation or penalize its defection in order to entice the final cooperation. Both theoretical analysis and simulation studies are performed, and the results indicate that the proposed algorithm has the following two attractive characteristics: 1) the requestor can incentivize the worker to become cooperative without any long-term extra cost;and 2) the proposed algorithm is fair so that the requestor cannot arbitrarily penalize an innocent worker to increase its payoff even though it can dominate the game. To the best of our knowledge, we are the first to adopt the ZD strategies to stimulate both players to cooperate in an IPD game. Moreover, our proposed algorithm is not restricted to solve only the problem of crowdsourcing dilemma - it can be employed to tackle any problem that can be formulated into an IPD game.

关键词： Computer engineering   Artificial intelligence   Computer science  

摘要： Although automatically finding software vulnerabilities is an important problem, existing code analysis tools are not effective enough at finding vulnerabilities. Lightweight static analysis tools are imprecise, while expensive symbolic execution strategies do not scale. Dynamic analysis techniques such as fuzzing can only verify the executed path in programs, and it is impractical to explore all paths in the program using dynamic analysis. As a result, we propose machine learning to detect software vulnerabilities: this approach is more precise than lightweight static analysis, but less expensive than symbolic execution. We evaluate two machine learning strategies: coarse-grained statistical model and fine-grained raw feature representation. The statistical model requires less data but does not capture all relationships in code. The raw feature representation learns subtle relationships in programs and does not require manual feature engineering, but needs more training samples to work well.

关键词： Artificial intelligence   Computer science  

摘要： In this study, we develop and design methods to estimate the gaze vector of a subject using video eye-tracking from regular camera inputs with respect to an area of interest within an environment. Gaze estimation within an environment while performing a task has great potential for facilitating human computer interactive systems to assist with, monitor and increase task performance. Our underlying assumption is that visual cognitive processes of the subject give insights into more important measures such as attention and mind wandering. For example, a final version of the system we develop could be used to estimate attention and engagement of students broken down by time periods and cross referencing the activities that were happening in the classroom at each of these moments. In this research we develop the components of a pipeline for a system that would take regular camera input of an environment with potentially multiple subjects to be tracked. We implement some of these pieces to demonstrate the feasibility of current technology to capture and track eye fixations from regular camera inputs. We also explore and discuss the feasibility of implementing and putting together all of the pieces of such a system to create the envisioned end-to-end gaze vector estimation of multiple subjects. Results are presented of training classifiers for estimating head pose from video images. We also develop and present techniques for estimating position information of people identified in camera images. Together with other classifiers, this information can theoretically be used to estimate the eye gaze vectors of subjects in the images, and project this to the area within the environment currently being gazed at.

关键词： Augmented reality   Query optimization   Video analytics   Video data management   Video storage   Virtual reality   Computer science   Computer science and engineering  

摘要： The proliferation of cameras deployed throughout our world is enabling and accelerating exciting new applications such as virtual and augmented reality (VR and AR), autonomous driving, drone analytics, and smart infrastructure. However, these cameras collectively produce staggering quantities of video data. VR spherical (360°) video is up to 20x larger in size than its 2D counterparts. Closed-circuit television camera networks, consisting of tens of thousands of cameras, generate petabytes of video data per day. A single autonomous vehicle can generate tens of terabytes of video data per hour. Due to these massive data sizes and the complexity involved with reasoning about large numbers of cameras, developing applications that use real world video data remains challenging. Developers must be cognizant of the low-level storage intricacies of video formats and compression. They need expertise in device-specific programming (e.g., GPUs), and, to maximize performance, they must be able to balance execution across heterogeneous, possibly distributed hardware. In this thesis, we describe several video data management systems designed to simplify application development, optimize execution, evaluate performance, and move forward the state of the art in video data management. The first system, LightDB, presents a simple, declarative interface for VR and AR video application development. It implements powerful query optimization techniques, an efficient storage manager, and a suite of novel physical optimizations. To further improve the performance of video applications, we next introduce a new video file system (VFS), which can serve as a storage manager for video data management systems (such as LightDB and others) or can be used as a standalone system. It is designed to decouple video application design from a video's underlying physical layout and compressed format. Finally, analogous to standardized benchmarks for other areas of data management research, we develop a ne

关键词： Artificial intelligence   Computer science  

摘要： With large amounts of data continuously generated by intelligence devices, efficient analysis of huge data collections to unearth valuable insights has become one of the most elusive challenges for both academia and industry. The key elements to establishing a scalable analyzing framework should involve (1) an intuitive interface to describe the desired outcome, (2) a well-crafted model that integrates all available information sources to derive the optimal outcome and (3) an efficient algorithm that performs the data integration and extraction within a reasonable amount of time. In this dissertation, we address these challenges by proposing (1) a cross-language interface for a succinct expression of recursive queries, (2) a domain specific neural network model that can incorporate information of multiple modalities, and (3) a sample efficient training method that can be used even for extremely-large output-class classifiers. Our contributions in this thesis are thus threefold: First, for the ubiquitous recursive queries in advanced data analytics, on top of BigDatalog and Apache Spark, we design a succinct and expressive analytics tool encapsulating the functionality and classical algorithms of Datalog, a quintessential logic programming language. We provide the Logical Library (LLib), a Spark MLlib-like high-level API supporting a wide range of recursive algorithms and the Logical DataFrame (LFrame), an extension to Spark DataFrame supporting both relational and logical operations. The LLib and LFrame enable smooth collaborations between logical applications and other Spark libraries and cross-language logical programming in Scala, Java, or Python. Second, we utilize variants of recurrent neural network (RNN) to incorporate some enlightening sequential information overlooked by the conventional works in two different domains including Spoken Language Understanding (SLU) and Internet Embedding (IE). In SLU, we address the problem caused by solely relying on the fir

关键词： Computer science  

摘要： Reference models such as Parnas' Four Variable model, Jackson's World-Machine model, and Gunther et al.'s WRSPM model abstractly define and relate key artifacts in requirements engineering. In the past decades, when systems were typically defined and developed in the traditional top-down way, these models were enormously useful for engineers to rigorously define and analyze their requirements. However, nowadays these models don't seem to be as helpful in discussing the requirements of systems. Modern systems are developed in a hierarchical, middle-out and distributed manner; i.e. starting from candidate architectures, they are iteratively composed using a set of existing or newly developed subsystems. This has necessitated the need for engineers to define requirements at progressively varying levels of scope within the system, hierarchically co-evolve those requirements with the architecture, and apportion them to parts of the system such that each part is independently governable, yet composable. Unfortunately, hierarchically scoping, defining and reasoning about requirements and architecture in an intertwined manner is both a conceptually and methodologically challenging task. While the use of reference models have been a time-honored approach to systematically address such challenges, none of the existing models discuss the notion of hierarchy or the co-evolution between requirements and architecture. Nevertheless, capturing this hierarchical, co-evolutionary relationship in a generic framework such as a reference model, we believe, will be practically helpful for engineers. In this dissertation, we define the hierarchical requirements reference model that abstractly, yet formally, explains the "Twin Peaks" of requirements and architecture. The goal of this model is to provide an unambiguous framework---a set of vocabulary and rules---that engineers can use as a frame of reference to rigorously discuss these artifacts in real system developments. Central to this

关键词： Statistics   Computer science  

摘要： With the advent of the data revolution, opportunities and challenges have been spawned from modeling and analyzing the data generated with modern technologies. For example, the data may be too large to fit into memory and distributed over many machines. Other examples include online high-speed data streams that are transient and financial data generated from irregularly spaced transactions. The existing statistical inference methods cannot be applied to these modern type data. This dissertation addresses the challenges in the online, distributed and transaction data with new methodology developments and theoretical guarantees. 1. The stochastic gradient descent (SGD) algorithm has been widely used in online statistical estimation for large-scale data due to its computational and memory efficiency. We investigate the problem of statistical inference of model parameters based on SGD. We propose two consistent estimators of the asymptotic covariance of the average iterate from SGD: (1) a plug-in estimator, and (2) a batch-means estimator, which is computationally efficient and only uses the iterates from SGD. Both proposed estimators allow us to construct asymptotically exact confidence intervals and hypothesis tests. For high-dimensional linear regression, using a variant of the SGD algorithm, we construct a debiased estimator of each regression coefficient that is asymptotically normal. This gives a one-pass algorithm for computing simultaneously the sparse regression coefficients and confidence intervals, which is computationally attractive and applicable to online data. 2. For a large-scale dataset that cannot fit into memory or is distributed over local machines, traditional pooled inference approaches for the entire dataset cannot be directly applied due to both storage and computation issues. To address this challenge, we study the distributed inference for quantile regression. The standard divide-and-conquer (DC) approach estimates a local estimator for each ma

关键词： Computer science  

摘要： This paper presents an empirical study on the security vulnerabilities in docker images that are public available at Docker Hub repository. To perform the study, I developed an automatic tool ImageCheck to collect installed libraries in a docker image and check the library versions against the CVE database to detect potential vulnerabilities in docker images. The study uses 1,487 most downloaded free docker images as subjects and considers all CVE vulnerabilities published from Jan. 2018 to Feb. 2020. ImageCheck detects 507 vulnerabilities from 250 docker images, and the study results show that these vulnerabilities cover a large number of docker image categories and vulnerability categories.