Under the national SensorNet initiative, Oak Ridge National Lab, in conjunction with its University collaborators, has carried out the initial deployment of a detection, identification, and tracking sensor-cyber network (DITSCN) in the Washington D.C. and Memphis Port areas, against radiational, biological, and chemical attacks.

DITCS combines various modalities of sensors and cyber networks. -Sensors network provides the information about the physical space -Cyber network provides storage and computational resources to predict plume propagation based on realistic dispersion models -Decisions regarding future sensing and communications are made in cyber network and carried out in physical space.

Role engineering is the process of designing an RBAC system.  A promising approach to role engineering is role mining, which uses data mining techniques to find an RBAC system from existing permission assignment data.  Role mining techniques are also useful for optimizing and refactoring an existing RBAC system, which can become increasingly chaotic over time. In this paper we study the problem of mining an RBAC system that optimizes some objective measure of ``goodness’’ for RBAC systems. We introduce the weighted structural complexity measure, which sums up the sizes of different RBAC system components (e.g., the number of roles, the number of user-role assignments, etc.), possibly with different weights for each component. Different optimization objectives can be achieved by choosing different weight combinations.  We show that the optimization problem is NP-complete.  We then develop heuristic techniques for mining RBAC systems with low weighted structural complexity. We show that the problem of mining a hierarchical RBAC system is closely related to formal concept analysis, and develop an algorithm using the notion of a concept lattice. We also introduce new approaches to generating synthetic data for evaluating role mining techniques. Our experiments show that our algorithms outperform existing approaches.

In this paper, we characterize the fundamental performance limit, namely the lower bound expected communication distance, achievable by any postponement algorithm within given deadline constraints. We consider a realistic map based stochastic movement model, of which the well known random waypoint model is a special case. For the random waypoint model, we develop a tight analytical lower bound that has a low computational complexity.

We study the problem of a mobile target (the mouse) trying to evade detection by one or more mobile sensors (we call such a sensor a cat) in a closed network area. We view our problem as a game between two players; the mouse, and the collection of cats forming a single (meta-)player. The game ends when the mouse falls within the sensing range of one or more cats. A cat tries to determine its optimal strategy to minimize the worse case expected detection time of the mouse. The mouse tries to determine an optimal counter movement strategy to maximize the expected detection time. We divide the problem into two cases based on the relative sensing capabilities of the cats and the mouse. When the mouse has a sensing range smaller than or equal to the cats, we develop a dynamic programming solution for the mouse’s optimal strategy, assuming high level information about the cats’ movement model. We discuss how the cats’ chosen movement model will affect its presence matrix in the network, and hence its payoff in the game. Extensive experimental results verify and illustrate the analytical results, and evaluate the games’ payoffs as a function of several important system parameters.

Defending against denial-of-service attacks (DoS) in a mobile ad hoc network (MANET) is challenging because the network topology is dynamic and nodes are selfish. In this paper, we propose a DoS mitigation technique that uses digital signatures to verify legitimate packets, and drop packets that do not pass the verification. Since nodes are selfish, they may not perform the verification in order to avoid paying the overhead. A bad packet that escapes verification along the whole network path will bring a penalty to all its forwarders. A network game can be formulated in which notes along a network path, in optimizing their own benefits, are encouraged to act collectively to filter out bad packets. Analytical results show that Nash equilibrium can be attained for players in the proposed game, and significant benefits can be provided to forwarders such that many of the bad packets will be eliminated by verification.

Computer intrusions can occur in various ways. Many of them occur by exploiting program flaws and system configuration errors. Existing solutions that detects specific kinds of flaws are substantially different from each other, so aggregate use of them may be incompatible and require substantial changes in the current system and computing practice. Intrusion detection systems may not be the answer either, because they are inherently inaccurate and susceptible to false positives/negatives.  This dissertation presents a taxonomy of security flaws that classifies program vulnerabilities into finite number of error categories, and presents a security mechanism that can produce accurate solutions for many of these error categories in a modular fashion. To be accurate, a solution should closely match the characteristic of the target error category. To ensure this, we focus only on error categories whose characteristics can be defined in terms of a violation of process integrity.  The thesis of this work is that the proposed approach produces accurate solutions for many error categories. To prove the accuracy of produced solutions, we define the process integrity checking approach and analyze its properties. To prove that this approach can cover many error categories,  we develop a classification of program security flaws and find error characteristics (in terms of a process integrity) from many of these categories.  We implement proof-of-concept solutions for two most prevalent error categories, the buffer overflow and the race condition, and analyze their accuracy and performance.

Braun Corporation’s home-grown documentation processes served the organization well for its first 50 years as it grew from a local to a nationally-competitive producer of mobility and accessibility products. Now poised to become a global leader in its field, this corporation found its efforts hampered by ineffective and outdated documentation practices, which were hurting the company’s competitive advantage. This article describes Braun Corporation’s curious mixture of global reach and local isolation. By bringing in a technical communicator with expertise in user-centered design, Braun has begun reforming its formerly exhaustive documentation and communication practices.

While technical communicators have incorporated a variety of strategies to develop user-centered and task-based documentation, less attention has been placed on changing the cultures of these organizations. The case presented here represents a shift from establishing documentation procedures to critically assessing and reforming existing procedures for the global workplace, describing the shift from ineffective and exhaustive processes to effective processes with defined goals and measurable outcomes. The article concludes with an inventory for determining whether other organizations are over-documenting processes and products, and offers suggestions for creating better documentation procedures.

This article focuses on information architecture as a site for developing critical practice for technical communication. Such a focus suggests methods for rhetorical intervention aimed at democratizing the process of technocultural development. As a site of intervention, information architecture invites practitioners and academics to develop plans for action based on the analysis generated in descriptive research, completing the circuit from analysis to informed action.

The paper gives the first detailed complexity analysis of SQUFOF, an integer factoring algorithm invented by Daniel Shanks in the 1970s.

Let $r_s(n)$ denote the number of ways to write $n$ as the sum of $s$ squares of integers. The paper determines $r_s(n)$ modulo $2s$ when $s$ is prime or a power of 2.  For general $s$ it gives a congruence for $r_s(n)$ modulo the highest power of 2 dividing $2s$.

Algorithms for choosing random large primes generally choose primes with certain properties, such as having few bits in their binary representation. The paper uses theorems about the distribution of prime numbers to study whether there are enough primes with these properties so that they cannot be guessed by an attacker.

The paper gives a new verifiable partial key escrow scheme based on McCurley’s encryption scheme.

Virtual coordinate systems provide an accurate and efficient service that allows hosts on the Internet to determine the latency to arbitrary hosts without actively monitoring all nodes in the network. Many of the proposed virtual coordinate systems were designed with the assumption that all of the nodes in the system are altruistic. However, this assumption may be violated by compromised nodes acting maliciously to degrade the accuracy of the coordinate system. As numerous peer-to-peer applications rely on virtual coordinate systems to achieve good performance, it is critical to address the security of such systems.

In this work, we demonstrate the vulnerability of decentralized virtual coordinate systems to insider (or Byzantine) attacks. We propose techniques to make the coordinate assignment robust to malicious attackers without increasing the communication cost. We demonstrate the attacks and mitigation techniques in the context of a well-known distributed virtual coordinate system using simulations based on three representative, real-life Internet topologies of hosts and corresponding round trip times (RTT).