Carnegie Mellon University

Displaying 1-40 of 476 results

  • White Papers // Dec 2014

    Approximate Lifted Inference with Probabilistic Databases

    In this paper, the authors propose a new approach for approximate evaluation of P-hard queries with probabilistic databases. In their approach, every query is evaluated entirely in the database engine by evaluating a fixed number of query plans, each providing an upper bound on the true probability, then taking their...

    Provided By Carnegie Mellon University

  • White Papers // Jul 2014

    Phinding Phish: Evaluating Phishing Tools

    "There are currently dozens of freely available tools to combat phishing and other web-based scams, many of which are web browser extensions that warn users when they are browsing a suspected phishing site. The authors developed an automated test bed for testing anti-phishing tools. They used 200 verified phishing URLs...

    Provided By Carnegie Mellon University

  • White Papers // Jul 2014

    LAPWiN: Location-Aided Probing for Protecting User Privacy in Wi-Fi Networks

    Efficient Wi-Fi probing has been demonstrated to leak sensitive user information. During the probing process, Wi-Fi clients transmit the names of previously known Wi-Fi Access Points (APs) in plaintext. An eavesdropper can easily collect the information leaked by this Wi-Fi probing process to mount numerous attacks, such as fake AP...

    Provided By Carnegie Mellon University

  • White Papers // May 2014

    Studying the Effectiveness of Security Images in Internet Banking

    Security images are often used as part of the login process on internet banking websites, under the theory that they can help foil phishing attacks. Previous studies, however, have yielded inconsistent results about users' ability to notice that a security image is missing and their willingness to log in even...

    Provided By Carnegie Mellon University

  • White Papers // May 2014

    Characterizing Application Memory Error Vulnerability to Optimize Datacenter Cost Via Heterogeneous-Reliability Memory

    Memory devices represent a key component of datacenter Total Cost of Ownership (TCO), and techniques used to reduce errors that occur on these devices increase this cost. Existing approaches to providing reliability for memory devices pessimistically treat all data as equally vulnerable to memory errors. The authors' key insight is...

    Provided By Carnegie Mellon University

  • White Papers // Mar 2014

    All Your Screens are Belong to Us: Attacks Exploiting the HTML5 Screen Sharing API

    HTML5 changes many aspects in the browser world by introducing numerous new concepts; in particular, the new HTML5 screen sharing API impacts the security implications of browsers tremendously. One of the core assumptions on which browser security is built is that there is no cross-origin feedback loop from the client...

    Provided By Carnegie Mellon University

  • White Papers // Mar 2014

    The Heterogeneous Block Architecture

    This paper makes two new observations that lead to a new heterogeneous core design. First, the authors observe that most serial code exhibits fine-grained heterogeneity: at the scale of tens or hundreds of instructions, regions of code fit different micro-architectures better (at the same point or at different points in...

    Provided By Carnegie Mellon University

  • White Papers // Feb 2014

    Predictable Coherent Caching with Incoherent Caches

    Caches are a well known hardware construct for improving energy consumption and average performance by keeping frequently-used data near processing resources. Yet, at the same time, they form a major hurdle for worst-case execution time analyses, in particular if they are shared between multiple cores. Exploiting that most shared data...

    Provided By Carnegie Mellon University

  • White Papers // Feb 2014

    SpringFS: Bridging Agility and Performance in Elastic Distributed Storage

    The elastic storage systems can be expanded or contracted to meet current demand, allowing servers to be turned off or used for other tasks. However, the usefulness of an elastic distributed storage system is limited by its agility: how quickly it can increase or decrease its number of servers. Due...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2014

    Toward Strong, Usable Access Control for Shared Distributed Data

    As non-expert users produce increasing amounts of personal digital data, usable access control becomes critical. Current approaches often fail, because they insufficiently protect data or confuse users about policy specification. This paper presents penumbra, a distributed file system with access control designed to match users' mental models while providing principled...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2014

    Improving Cache Performance by Exploiting Read-Write Disparity

    Cache read misses stall the processor if there are no independent instructions to execute. In contrast, most cache write misses are off the critical path of execution, since writes can be buffered in the cache or the store buffer. With few exceptions, cache lines that serve loads are more critical...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2014

    Agentless Cloud-wide Streaming of Guest File System Updates

    The authors propose a non-intrusive approach for monitoring Virtual Machines (VMs) in the cloud. At the core of this approach is a mechanism for selective real-time monitoring of guest file updates within VM instances. This mechanism is agentless, requiring no guest VM support. It has low virtual I/O overhead, low...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2014

    Improving DRAM Performance by Parallelizing Refreshes with Accesses

    Modern main memory is predominantly built using Dynamic Random Access Memory (DRAM) cells. A DRAM cell consists of a capacitor to store one bit of data as electrical charge. The capacitor leaks charge over time, causing stored data to change. As a result, DRAM requires an operation called refresh that...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2014

    Bounding Memory Interference Delay in COTS-based Multi-Core Systems

    In Commercial-Off-The-Shelf (COTS) multi-core systems, a task running on one core can be delayed by other tasks running simultaneously on other cores due to interference in the shared DRAM main memory. Such memory interference delay can be large and highly variable, thereby posing a significant challenge for the design of...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2014

    Matching Database Access Patterns to Storage Characteristics

    Database storage managers employ sophisticated algorithms attempting to exploit the performance available inside today's storage systems. However, because the communication between the Storage Manager (SM) and a storage device is limited by a high-level protocol, both the SM and the device make decisions largely in isolation and do not realize...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2014

    ARP Attacks in Wireless Ad Hoc Networks

    Previous research to secure ad hoc network protocols concentrates on key distribution and on securing the routing protocol. Unfortunately, securing the routing layer is not sufficient to secure the ad hoc network, as lower layer and upper layer communication protocols remain vulnerable to attack. In this paper, the authors illustrate...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2013

    Exploiting Compressed Block Size as an Indicator of Future Reuse

    The authors introduce a set of new Compression-Aware Management Policies (CAMP) for on-chip caches that employ data compression. Their management policies are based on two key ideas. First, they show that it is possible to build a more efficient management policy for compressed caches if the compressed block size is...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2013

    Tetrisched: Space-Time Scheduling for Heterogeneous Datacenters

    Tetrisched is a new scheduler that explicitly considers both job-specific preferences and estimated job runtimes in its allocation of resources. Combined, this information allows tetrisched to provide higher overall value to complex application mixes consolidated on heterogeneous collections of machines. Job-specific preferences, provided by tenants in the form of composable...

    Provided By Carnegie Mellon University

  • White Papers // Nov 2013

    More Effective Distributed ML via a Stale Synchronous Parallel Parameter Server

    The authors propose a parameter server system for distributed ML, which follows a Stale Synchronous Parallel (SSP) model of computation that maximizes the time computational workers spend doing useful work on ML algorithms, while still providing correctness guarantees. The parameter server provides an easy-to-use shared interface for read/write access to...

    Provided By Carnegie Mellon University

  • Webcasts // Nov 2013

    Illicit Cyber Activity Involving Fraud

    In this webcast, the presenter going to explain about illicit cyber activity involving fraud from the virtual event managing the insider threat. the presenters aim is to assist organizations in improving their security posture and incident response capability by researching technical threat areas, developing and conducting information security assessments, and...

    Provided By Carnegie Mellon University

  • Webcasts // Nov 2013

    Engineering Realistic Synthetic Insider Threat (Cyber-Social) Test Data

    Access to data remains a significant impediment to advancing the science of insider threat research. In this webcast, the presenter going to explain about engineering realistic synthetic about the insider threat test data from the virtual event who manages the insider threat.

    Provided By Carnegie Mellon University

  • Webcasts // Nov 2013

    Emerging Trends

    An emerging trend to pay attention to is the malicious outsider taking advantage of an inadvertent insider. In this webcast, the presenter going to explain about emerging trends in insider threat research from the virtual event managing the insider threat.

    Provided By Carnegie Mellon University

  • Webcasts // Nov 2013

    Best Practices and Controls for Mitigating Insider Threats

    Threats can stem from simple activities like uploading, emailing, and posting sensitive data, etc. In this webcast, the presenter will explain about best practices and controls for mitigating insider threats from the virtual event of how to manage the insider threat.

    Provided By Carnegie Mellon University

  • Webcasts // Nov 2013

    Panel Discussion: Managing the Insider Threat: What Every Organization Should Know

    In this webcast, the presenter going to discuss about managing the insider threat and how to ensure the protection of and appropriate access to intellectual property and other critical assets, systems, and data.

    Provided By Carnegie Mellon University

  • Podcasts // Nov 2013

    Overview of the Threat Posed by Insiders to Critical Assets

    Insiders pose a substantial threat by virtue of their knowledge of and access to the users systems and/or their databases. In this webcast, the presenter will give an overview of the threat posed by insiders to critical assets.

    Provided By Carnegie Mellon University

  • White Papers // Nov 2013

    Energy-Governed Resilient Networked Systems

    Connected embedded systems in the realm of smart infrastructures comprise ubiquitous end-point devices supported by a communication infrastructure. Device, energy supply and network failures are a reality and provisioned communications could fail. Self-organization is a process where network devices cooperate with each other to restore network connectivity on detecting network...

    Provided By Carnegie Mellon University

  • White Papers // Oct 2013

    GOTCHA Password Hackers!

    The authors introduce GOTCHAs (Generating panOptic Turing tests to tell Computers and Humans Apart) as a way of preventing automated offline dictionary attacks against user selected passwords. A GOTCHA is a randomized puzzle generation protocol, which involves interaction between a computer and a human. Informally, a GOTCHA should satisfy two...

    Provided By Carnegie Mellon University

  • White Papers // Oct 2013

    Challenges in Security and Privacy for Mobile Edge-Clouds

    Mobile devices such as Smartphone and tablets are ubiquitous today, and many of them possess significant computation power, powerful sensors such as high-resolution cameras and GPS sensors, and a wealth of sensor data such as photos, videos, and location information. Collections of mobile devices in close geographical proximity present both...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2013

    Designing for Self-Configuration and Self-Adaptation in the Internet of Things

    The Internet of Things (IoT) paradigm comprises a heterogenous mix of connected devices connected to the Internet. This promises a wealth of opportunity for a large collection of distributed applications and services. However, the IoT introduces significant changes to the Internet model, largely in the form of billions to trillions...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2013

    LightTx: A Lightweight Transactional Design in Flash-based SSDs to Support Flexible Transactions

    Flash memory has accelerated the architectural evolution of storage systems with its unique characteristics compared to magnetic disks. The no-overwrite property of flash memory has been leveraged to efficiently support transactions, a commonly used mechanism in systems to provide consistency. However, existing transaction designs embedded in flash-based Solid State Drives...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2013

    Program Interference in MLC NAND Flash Memory: Characterization, Modeling, and Mitigation

    As NAND flash memory continues to scale down to smaller process technology nodes, its reliability and endurance are degrading. One important source of reduced reliability is the phenomenon of program interference: when a flash cell is programmed to a value, the programming operation affects the threshold voltage of not only...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2013

    HAT: Heterogeneous Adaptive Throttling for On-Chip Networks

    The Network-on-Chip (NoC) is a primary shared resource in a Chip Multi-Processor (CMP) system. As core counts continue to increase and applications become increasingly data-intensive, the network load will also increase, leading to more congestion in the network. This network congestion can degrade system performance if the network load is...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2013

    Secure Two-Party Computation with Reusable Bit-Commitments, via A Cut-and-Choose with Forge-and-Lose Technique

    A Secure Two-Party Computation (S2PC) protocol allows two parties to compute over their combined private inputs, as if inter-mediated by a trusted third party. In the active model, security is maintained even if one party is malicious, deviating from the protocol specification. For example, an honest party retains privacy of...

    Provided By Carnegie Mellon University

  • White Papers // Aug 2013

    Design of a Write-Optimized Data Store

    The WriteBuffer (WB) tree is a new write-optimized data structure that can be used to implement per-node storage in unordered key-value stores. The WB tree provides faster writes than the Log-Structured Merge (LSM) tree that is used in many current high-performance key-value stores. It achieves this by replacing compactions in...

    Provided By Carnegie Mellon University

  • Webcasts // Aug 2013

    Observations of Successful Cyber Security Operations

    In this Webcast, the presenter going explain about the cyber security The presenter will also discuss the observations of successful cyber security operations from the virtual event showing the users a big picture about the organization how they successfully react to new specific accessories build on the cyber security.

    Provided By Carnegie Mellon University

  • Webcasts // Aug 2013

    Responding to a Large Scale Cybersecurity Incident

    In this Webcast, the presenter explain about how to respond to a large scale cyber security incidents, with an introduction about the role of technology. Technology which is an important one, but the limitations of that need to be understood.

    Provided By Carnegie Mellon University

  • Webcasts // Aug 2013

    20+ Years of Cyber (in)Security

    The use of information and communications technology is pervasive. The information systems are increasingly interconnected and interdependent. Attack technology is outpacing defensive technology. In this webcast, the presenter will give an introduction to the cyber security.

    Provided By Carnegie Mellon University

  • Webcasts // Aug 2013

    Achieving Mission Assurance Through Resilience Management

    In this webcast, the presenter going to explain about the resilience management. Resilience management is to protect a sustain organizations mission and business operations. The presenter will also explain about how the organizations are constant operational stress on these days.

    Provided By Carnegie Mellon University

  • Webcasts // Aug 2013

    Developing Your Cyber Workforce

    In this webcast, the presenter going to explain about the how to develop the cyber workforce against the security attacks. The presenter going to discuss about the new solutions and research that he had done to improve the security.

    Provided By Carnegie Mellon University

  • Webcasts // Aug 2013

    The Cyber Security R&D Pipeline - Building Capability Through Science

    In this webcast, the presenter going to explain about the cyber security R&D pipeline how to build the capability through science. The presenter explains about the SEI advances software engineering and related disciplines to ensure systems with predictable and improved quality, cost and schedule.

    Provided By Carnegie Mellon University

  • White Papers // Oct 2008

    Analysis and Verification Challenges for Cyber-Physical Transportation Systems

    Substantial technological and engineering advances in various disciplines make it possible more than ever before to provide autonomous control choices for cars, trains, and aircraft. Correct automatic control can improve overall safety tremendously. Yet, ensuring a safe operation of those control assistants under all circumstances requires analysis techniques that are...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2010

    Bringing the Cloud Down to Earth: Transient PCs Everywhere

    The convergence of cloud computing with mobile computing opens the door to the creation of new applications and services that can be delivered to users at any time and any place. At the heart of this convergence lies a delicate balance between centralization and decentralization. This paper explores the forces...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    SCI-FI: Domain-Based Scalability, Control and Isolation for the Future Internet

    This paper presents the first Internet architecture designed for control and isolation. The authors of this paper propose to separate ASes into groups of independent routing sub-planes which then in-terconnect to form complete routes. The architecture, SCI-FI, provides superior resilience and security proper-ties as an intrinsic consequence of good design...

    Provided By Carnegie Mellon University

  • White Papers // Mar 2010

    A Research Agenda for Service-Oriented Architecture (SOA): Maintenance and Evolution of Service-Oriented Systems

    Despite recent reports that it has failed, the reality is that Service-Oriented Architecture (SOA) remains the best option available for systems integration and leverage of legacy systems. The technologies to implement SOA will certainly evolve to address emerging needs, but its concepts will remain. To address those needs and concerns...

    Provided By Carnegie Mellon University

  • White Papers // Nov 2010

    CMMI for Development, Version 1.3

    CMMI (Capability Maturity Model Integration) models are collections of best practices that help organizations to improve their processes. These models are developed by product teams with members from industry, government, and the Software Engineering Institute (SEI). This model, called CMMI for Development (CMMI-DEV), provides a comprehensive integrated set of guidelines...

    Provided By Carnegie Mellon University

  • White Papers // Oct 2009

    Secure Design Patterns

    The cost of fixing system vulnerabilities and the risk associated with vulnerabilities after system deployment are high for both developers and end users. While there are a number of best practices available to address the issue of software security vulnerabilities, these practices are often difficult to reuse due to the...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Trust and Trusted Computing Platforms

    This paper examines the capabilities and limitations of hardware-based trusted platforms in general, and the Trusted Platform Module (TPM) from the perspective of trusted applications in particular. Through this examination, the authors obtain an understanding of the methods recommended and used to extend trust to higher levels of infrastructure and...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Deriving Candidate Technical Controls and Indicators of Insider Attack From Socio-Technical Models and Data

    The insider threat continues to be one of the prime issues facing government entities and organizations across critical infrastructure sectors. This paper seeks to demonstrate how a useful method for extracting technical information from previous insider crimes and mapping it to previous modeling work can create informed candidate technical controls...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    Adaptive Flow Control for Enabling Quality of Service in Tactical Ad Hoc Wireless Networks

    Many visions for the future involve pervasive computing technology that links people and devices together to solve complex problems. The Global Information Grid (GIG), for example, as well as the TeraGrid and the Smart Grid, are large-scale endeavors in which computing resources are increasingly interconnected by wired, high bandwidth networks....

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    Source Code Analysis Laboratory (SCALe) for Energy Delivery Systems

    The Source Code Analysis Laboratory (SCALe) is an operational capability that tests software applications for conformance to one of the CERT secure coding standards. CERT secure coding standards provide a detailed enumeration of coding errors that have resulted in vulnerabilities for commonly used software development languages. The SCALe team at...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    The CERT Approach to Cybersecurity Workforce Development

    For a cybersecurity workforce to be effective, its members must possess the knowledge, skills, and experience required to perform their job duties. Proficiency and relevance are key factors in determining the effectiveness of each of these components. Proficiency refers to how well someone understands a subject matter or can apply...

    Provided By Carnegie Mellon University

  • White Papers // Aug 2010

    A Framework for Modeling the Software Assurance Ecosystem: Insights From the Software Assurance Landscape Project

    Today's operational environments are complex and dynamic. User needs and environmental factors are constantly changing, which leads to unanticipated usage, reconfiguration, and continuous evolution of practices and technologies. Operational requirements for software-reliant systems are often ambiguous, incomplete, or incorrect. New defects and vulnerabilities are continually discovered. In environments characterized by...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2010

    Getting Started With Service-Oriented Architecture (SOA) Terminology

    This white paper presents basic terminology related to Service-Oriented Architecture (SOA). The goal of the paper is to establish a baseline of terms for service-oriented systems. Service-Oriented Architecture (SOA) is a way of designing, developing, deploying, and managing systems, in which: Services provide reusable business functionality via well-defined interfaces. There...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    Combining Architecture-Centric Engineering With the Team Software Process

    This paper contains a description of an architecture-centric life-cycle model that uses the Carnegie Mellon Software Engineering Institute's Architecture-Centric Engineering (ACE) methods embedded in a Team Software Process (TSP) framework and of the experience in piloting the approach in an actual development effort. Combining ACE and TSP provides an iterative...

    Provided By Carnegie Mellon University

  • White Papers // Nov 2010

    Performance Analysis of WS-Security Mechanisms in SOAP-Based Web Services

    Identity Management (IdM) solutions in web services environments are often compared on the levels of performance and security they provide. Selecting the appropriate IdM solution for a given system or application often requires making tradeoffs between security and performance, while also considering the system's contextual and environmental requirements and constraints....

    Provided By Carnegie Mellon University

  • White Papers // Nov 2010

    A Workshop on Analysis and Evaluation of Enterprise Architectures

    This paper summarizes a workshop on analysis and evaluation of enterprise architectures that was held at the Carnegie Mellon Software Engineering Institute (SEI). The SEI invited accomplished practitioners from government and industry to discuss key issues in analyzing and evaluating enterprise architectures. After several opening talks by individuals who presented...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2010

    Integrated Measurement and Analysis Framework for Software Security

    In today's business and operational environments, multiple organizations routinely work collaboratively to acquire, develop, deploy, and maintain technical capabilities via a set of interdependent, networked systems. Measurement in these distributed management environments can be an extremely challenging problem. The CERT Program, part of Carnegie Mellon University's Software Engineering Institute (SEI),...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2010

    Using TSP Data to Evaluate Your Project Performance

    The Team Software Process (TSP) provides a framework to predictably and effectively build software-intensive products. It relies on data collected by team members to provide insight into how a software project is operating. For this paper, an exploratory data analysis was conducted to investigate other ways that TSP data could...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2010

    Suggestions for Documenting SOA-Based Systems

    This paper provides suggestions for documenting service-oriented architecture-based systems based on the Views & Beyond (V&B) software documentation approach. The V&B documentation approach is a lightweight and flexible approach to documenting software architecture developed by Carnegie Mellon University's Software Engineering Institute. This paper also includes an overview of several well-known...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2010

    Security Requirements Reusability and the SQUARE Methodology

    Security is an important and complex quality attribute in many software-intensive systems. Unfortunately security is often neglected in the requirements stage of the development life cycle. Security is introduced later, in design and implementation, which results in inadequate analysis, cost overruns, and vulnerabilities costing billions of dollars annually. Even when...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2010

    Emerging Technologies for Software-Reliant Systems of Systems

    This paper presents general computation trends and a particular set of emerging technologies to support the trends for software-reliant Systems of Systems (SoSs). Software-reliant SoSs now tend to be highly distributed software systems, formed from constituent software systems that are operated and managed by different organizations. These SoSs are moving...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2010

    T-Check in System-of-Systems Technologies: Cloud Computing

    This paper presents the results of applying the T-Check method in an initial investigation of cloud computing. In this report, three hypotheses are examined: an organization can use its existing infrastructure simultaneously with cloud resources with relative ease; cloud computing environments provide ways to continuously update the amount of resources...

    Provided By Carnegie Mellon University

  • White Papers // Aug 2010

    Software Assurance Curriculum Project Volume I: Master of Software Assurance Reference Curriculum

    Modern society is deeply and irreversibly dependent on software systems of remarkable scope and complexity in areas including defense, government, energy, communication, transportation, manufacturing, and finance. The security and correct functionality of these systems are absolutely vital; poor or absent security and incorrect functionality can have devastating consequences including loss...

    Provided By Carnegie Mellon University

  • White Papers // Aug 2010

    Measurement and Analysis Infrastructure Diagnostic, Version 1.0: Method Definition Document

    Given the importance of measurement and analysis in decision making, organizations need to ensure their data, analyses, and corresponding reports are of high quality and meet the information needs of practitioners and managers. Yet, organizations often have no method for evaluating the quality of their measurement and analysis infrastructure and...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    A Comparison of Overlay Routing and Multihoming Route Control

    The limitations of BGP routing in the Internet are often blamed for poor end-to-end performance and prolonged connectivity interruptions. Recent work advocates using overlays to effectively bypass BGP's path selection in order to improve performance and fault tolerance. In this paper, the authors explore the possibility that intelligent control of...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    A Protocol Family Approach to Survivable Storage Infrastructures

    A protocol family supports a variety of fault models with a single client-server protocol and a single server implementation. Protocol families shift the decision of which types of faults to tolerate from system design time to data creation time. With a protocol family based on a common survivable storage infrastructure,...

    Provided By Carnegie Mellon University

  • White Papers // Nov 2009

    Computer Generation of Efficient Software Viterbi Decoders

    This paper presents a program generator for fast software Viterbi decoders for arbitrary convolutional codes. The input to the generator is a specification of the code and a single-instruction multiple-data (SIMD) vector length. The output is an optimized C implementation of the decoder that uses explicit Intel SSE vector instructions....

    Provided By Carnegie Mellon University

  • White Papers // May 2010

    Intra-Car Wireless Sensor Networks

    Modern vehicles incorporate tens of sensors to provide vital sensor information such as temperature, air quality, tire pressure, distances to nearby objects, etc., for the Electronic Control Units (ECUs). The ECUs in vehicles then utilize the sensor information for various control functions and applications. In the current architecture, the sensors...

    Provided By Carnegie Mellon University

  • White Papers // Aug 2009

    A Flexible Approach to Embedded Network Multicast Authentication

    Distributed embedded systems are becoming increasingly vulnerable to attack as they are connected to external networks. Unfortunately, they often have no built-in authentication capability. Multicast authentication mechanisms required to secure embedded networks must function within the unique constraints of these systems, making it difficult to apply previously proposed schemes. The...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Optimal Pricing for Integrated-Services Networks With Guaranteed Quality of Service

    Integrating multiple services into a single network is becoming increasingly common in today's telecommunications industry. Driven by the emergence of new applications, many of these services will be offered with guaranteed quality of service. While there are extensive studies of the engineering problems of designing integrated services networks with guaranteed...

    Provided By Carnegie Mellon University

  • White Papers // Jun 2010

    Competitive Responses Of Pricing, Advertising And Product Premium To Consumer Reviews

    Consumer product reviews, one of the earliest forms of online user generated contents, play a very significant role in consumer buying decisions as they help consumers resolve or reduce uncertainties about product features and qualities before their purchases. The authors provide a game-theoretic model to study as to how consumer...

    Provided By Carnegie Mellon University

  • White Papers // Jul 2010

    Real-Time Software Implementation of an IEEE 802.11a Baseband Receiver on Intel Multicore

    This paper presents a software-only implementation of an IEEE 802.11a (WiFi) receiver optimized for Intel multicore platforms. The receiver is about 50 times faster than a straightforward C implementation, i.e., an implementation that has the same functionality, but leaves optimization completely to the compiler. The hand-optimized implementation achieves real-time for...

    Provided By Carnegie Mellon University

  • White Papers // May 2009

    New Product Diffusion Over A Social Network: The Case Of The iPhone

    In this paper the author study the diffusion of the iPhone over a period of several months after its launch. In particular, the author is interested in how adoption and diffusion processes are influenced by interactions between individuals. In other words, the author is interested in studying how the social...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    A Taxonomy of Operational Cyber Security Risks

    This paper presents a taxonomy of operational cyber security risks that attempts to identify and organize the sources of operational cyber security risk into four classes: actions of people, systems and technology failures, failed internal processes, and external events. Each class is broken down into subclasses, which are described by...

    Provided By Carnegie Mellon University

  • White Papers // Jun 2010

    Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability

    Managing cyber security through a national strategy is a necessity common to all national governments in the 21st century. Critical infrastructure in most nations, from transportation and power generation to food supply and hospitals, depends on Information and Communications Technology (ICT). The reliance on complex and constantly evolving technology is...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense

    Today's Internet hosts are threatened by large scale Distributed Denial-of-Service (DDoS) attacks. The Path Identification (Pi) DDoS defense scheme has been recently proposed as a deterministic packet marking scheme that allows a DDoS victim to filter out attack packets on a per packet basis with high accuracy after only a...

    Provided By Carnegie Mellon University

  • White Papers // Apr 2010

    Requirements for an Integrity-Protected Hypervisor on the X86 Hardware Virtualized Architecture

    Virtualization has been purported to be a panacea for many security problems. The authors analyze the feasibility of constructing an integrity-protected hypervisor on contemporary x86 hardware that includes virtualization support, observing that without the fundamental property of hypervisor integrity, no secrecy properties can be achieved. Unfortunately, they find that significant...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Mmdump: A Tool for Monitoring Internet Multimedia Traffic

    Internet multimedia traffic is increasing as applications like streaming media and packet telephony grow in popularity. It is important to monitor the volume and characteristics of this traffic, particularly because its behavior in the face of network congestion differs from that of the currently dominant TCP traffic. In order to...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    R-MAT: A Recursive Model for Graph Mining

    The goal of this paper was to create a simple, parsimonious graph model to describe real graphs. The R-MAT model is exactly a step in this direction: the authors illustrate experimentally that several, diverse real graphs can be well approximated by an R-MAT model with the appropriate choice of parameters....

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Efficient Security Mechanisms for Routing Protocols

    As the economy and critical infrastructure increasingly rely on the Internet, securing routing protocols becomes of critical importance. In this paper, the authors present four new mechanisms as tools for securing distance vector and path vector routing protocols. For securing distance vector protocols, the hash tree chain mechanism forces a...

    Provided By Carnegie Mellon University