Columbia University

Displaying 1-40 of 296 results

  • White Papers // Jan 2015

    Lighting Sensitive Display

    Although display devices have been used for decades, they have functioned without taking into account the illumination of their environment. The authors present the concept of a Lighting Sensitive Display (LSD) a display that measures the incident illumination and modifies its content accordingly. Ideal LSD would be able to measure...

    Provided By Columbia University

  • White Papers // Dec 2014

    Movers and Shakers: Kinetic Energy Harvesting for the Internet of Things

    Numerous energy harvesting wireless devices that will serve as building blocks for the Internet of Things (IoT) are currently under development. However, there is still only limited understanding of the properties of various energy sources and their impact on energy harvesting adaptive algorithms. Hence, the authors focus on characterizing the...

    Provided By Columbia University

  • White Papers // Nov 2014

    Malicious-Client Security in Blind Seer: A Scalable Private DBMS

    "The Blind Seer system (Oakland 2014) is an efficient and scalable DBMS that affords both client query privacy and server data protection. It also provides the ability to enforce authorization policies on the system, restricting client's queries while maintaining the privacy of both query and policy. Blind Seer supports a...

    Provided By Columbia University

  • White Papers // Sep 2014

    Pebbles: Fine-Grained Data Management Abstractions for Modern Operating Systems

    Support for fine-grained data management has all but disappeared from modern operating systems such as Android and iOS. Instead, the people must rely on each individual application to manage their data properly - e.g., to delete their emails, documents, and photos in full upon request; to not collect more data...

    Provided By Columbia University

  • White Papers // Jun 2014

    ParaShares: Finding the Important Basic Blocks in Multithreaded Programs

    Understanding and optimizing multithreaded execution is a significant challenge. Numerous research and industrial tools debug parallel performance by combing through program source or thread traces for pathologies including communication overheads, data dependencies, and load imbalances. This paper takes a new approach: it ignores any underlying pathologies, and focuses instead on...

    Provided By Columbia University

  • White Papers // May 2014

    GASPP: A GPU-Accelerated Stateful Packet Processing Framework

    Graphics Processing Units (GPUs) are a powerful platform for building high-speed network traffic processing applications using low-cost hardware. Existing systems tap the massively parallel architecture of GPUs to speed up certain computationally intensive tasks, such as cryptographic operations and pattern matching. However, they still suffer from significant overheads due to...

    Provided By Columbia University

  • White Papers // Apr 2014

    Benchmarking Methodology for Embedded Scalable Platforms

    Embedded Scalable Platforms (ESP) are a novel generation of platform architectures that yield optimal energy-performance operations while supporting a diversity of embedded application workloads. A companion methodology combines full-system simulation, pre-designed HW/SW interface libraries, high-level synthesis and FPGA prototyping to enable an effective design-space exploration which is driven by the...

    Provided By Columbia University

  • White Papers // Apr 2014

    Real-Time Power Control for Dynamic Optical Networks - Algorithms and Experimentation

    Core and aggregation optical networks are remarkably static, despite the emerging dynamic capabilities of the individual optical devices. This stems from the inability to address optical impairments in real-time. As a result, tasks such as adding and removing wavelengths take a substantial amount of time, and therefore, optical networks are...

    Provided By Columbia University

  • White Papers // Mar 2014

    Trading Functionality for Power within Applications

    When operating systems and hardware manage power and energy, they must be conservative in order to deliver requested resources while maintaining an expected rate of system throughput. Application-level energy management is more flexible, because applications can choose to request fewer resources or expect less performance, effectively trading accuracy or runtime...

    Provided By Columbia University

  • White Papers // Mar 2014

    Unsupervised Anomaly-based Malware Detection using Hardware Features

    Recent works have shown promise in using micro-architectural execution patterns to detect malware programs. These detectors belong to a class of detectors known as signature based detectors as they catch malware by comparing a program's execution pattern (signature) to execution patterns of known malware programs. In this paper, the authors...

    Provided By Columbia University

  • White Papers // Jan 2014

    Efficient Hash Probes on Modern Processors

    Bucketized versions of cuckoo hashing can achieve 95-99% occupancy, without any space overhead for pointers or other structures. However, such methods typically need to consult multiple hash buckets per probe, and have therefore been seen as having worse probe performance than conventional techniques for large tables. The authors consider workloads...

    Provided By Columbia University

  • White Papers // Jan 2014

    Tracking Quantiles of Network Data Streams with Dynamic Operations

    Quantiles are very useful in characterizing the data distribution of an evolving dataset in the process of data mining or network monitoring. The method of Stochastic Approximation (SA) tracks quantiles online by incrementally deriving and updating local approximations of the underly distribution function at the quantiles of interest. In this...

    Provided By Columbia University

  • White Papers // Jan 2014

    Throughput Optimization of Wireless Mesh Networks with MIMO Links

    Multiple Input Multiple Output (MIMO) antennas use sophisticated physical layer techniques to provide significant benefits over conventional antenna technology. Multiple independent data streams can be sent over the MIMO antenna elements. MIMO link can also suppress interference from neighboring links as long as the total useful streams and interfering streams...

    Provided By Columbia University

  • White Papers // Jan 2014

    Adding a Flow-Oriented Paradigm to Commodity Operating Systems

    The speed of CPUs and memories has historically outstripped I/O, but emerging network and storage technologies promise to invert this relationship. As a result, fundamental assumptions about the role of the operating system in computing systems will have to change. The authors propose an operating and application architecture that removes...

    Provided By Columbia University

  • White Papers // Dec 2013

    On the Effectiveness of Traffic Analysis Against Anonymity Networks Using Flow Records

    The authors investigate the feasibility of mounting a de-anonymization attack against Tor and similar low-latency anonymous communication systems by using NetFlow records. Previous research has shown that adversaries with the ability to eavesdrop in real time at a few internet exchange points can effectively monitor a significant part of the...

    Provided By Columbia University

  • White Papers // Oct 2013

    A Profitable Sub-Prime Loan: Obtaining the Advantages of Composite Order in Prime-Order Bilinear Groups

    Composite-order bilinear groups provide many structural features that have proved useful for both constructing cryptographic primitives and as a technique in security reductions. Despite these convenient features, however, composite-order bilinear groups are less desirable than prime-order bilinear groups for reasons of efficiency. A recent line of paper has therefore focused...

    Provided By Columbia University

  • White Papers // Sep 2013

    Privacy Policy-Driven Mashups

    Mashups are novel content created by extracting and combining data and services from diverse data sources, in an automated manner, using Web services. The Web 2.0 technologies make it easier for individuals to create contents in third party service sites or clouds, and make easier for other third party mashup...

    Provided By Columbia University

  • White Papers // Aug 2013

    CellFlood: Attacking Tor Onion Routers on the Cheap

    In this paper, the authors introduce a new denial-of-service attack against tor onion routers and they study its feasibility and implications. In particular, they exploit a design flaw in the way Tor software builds virtual circuits and demonstrate that an attacker needs only a fraction of the resources required by...

    Provided By Columbia University

  • White Papers // Jul 2013

    Server-Side Code Injection Attacks: A Historical Perspective

    Server-side code injection attacks used to be one of the main culprits for the spread of malware. A vast amount of research has been devoted to the problem of effectively detecting and analyzing these attacks. Common belief seems to be that these attacks are now a marginal threat compared to...

    Provided By Columbia University

  • White Papers // Jun 2013

    Order-Preserving Encryption Secure Beyond One-Wayness

    Semantic-security of individual bits under a ciphertext is fundamental notion in modern cryptography. In this paper, the authors present the first results about this fundamental problem for Order-Preserving Encryption (OPE): \"What plaintext information can be semantically hidden by OPE encryptions?\" While OPE has gained much attention in recent years due...

    Provided By Columbia University

  • White Papers // Jun 2013

    On Finite Block-Length Quantization Distortion

    The authors investigate the upper and lower bounds on the quantization distortions for independent and identically distributed sources in the finite block-length regime. Based on the convex optimization framework of the rate-distortion theory, they derive a lower bound on the quantization distortion under finite block-length, which is shown to be...

    Provided By Columbia University

  • White Papers // Jun 2013

    CloudFence: Data Flow Tracking as a Cloud Service

    The risk of unauthorized private data access is among the primary concerns for users of cloud-based services. For the common setting in which the infrastructure provider and the service provider are different, users have to trust their data to both parties, although they interact solely with the latter. In this...

    Provided By Columbia University

  • White Papers // May 2013

    Computational Decoys for Cloud Security

    Cloud-based applications benefit from the scalability and efficiency offered by server consolidation and shared facilities. However, the shared nature of cloud infrastructures may introduce threats stemming from the co-location and combination of untrusted components, in addition to typical risks due to the inevitable presence of weaknesses in the infrastructure itself....

    Provided By Columbia University

  • White Papers // Apr 2013

    You Can Type, But You Can't Hide: A Stealthy GPU-Based Keylogger

    Keyloggers are a prominent class of malware that harvests sensitive data by recording any typed in information. Keylogger implementations strive to hide their presence using rootkit-like techniques to evade detection by antivirus and other system protections. In this paper, the authors present a new approach for implementing a stealthy keylogger:...

    Provided By Columbia University

  • White Papers // Mar 2013

    Cloudopsy: an Autopsy of Data Flows in the Cloud

    Despite the apparent advantages of cloud computing, the fear of unauthorized exposure of sensitive user data and non-compliance to privacy restrictions impedes its adoption for security-sensitive tasks. For the common setting in which the cloud infrastructure provider and the online service provider are different, end users have to trust the...

    Provided By Columbia University

  • White Papers // Mar 2013

    WiMAX in the Classroom: Designing a Cellular Networking Hands-on Lab

    Wireless networking has recently gained tremendous attention in research and education. Since the concepts taught in wireless courses are difficult to acquire only through lectures, hands-on lab experience is indispensable. While Wi-Fi based networking labs have been introduced before, to the best of the authors' knowledge, labs that use a...

    Provided By Columbia University

  • White Papers // Jan 2013

    VBoom: Creating A Virtual Machine Real Estate Boom

    Cloud providers sell identically configured Virtual Machines (VMs) for the same price. Customers purchasing these VMs expect that they perform similarly and are allocated the same amount of virtual resources. In practice, however, the real performance of identically provisioned VMs depends on the underlying hardware, i.e., how the hardware is...

    Provided By Columbia University

  • White Papers // Dec 2012

    Sequential Aggregate Signatures with Short Public Keys: Design, Analysis and Implementation Studies

    The notion of aggregate signature has been motivated by applications and it enables any user to compress different signatures signed by different signers on different messages into a short signature. Sequential aggregate signature, in turn, is a special kind of aggregate signature that only allows a signer to add his...

    Provided By Columbia University

  • White Papers // Dec 2012

    Bait and Snitch: Defending Computer Systems with Decoys

    Threats against computer networks continue to multiply, but existing security solutions are persistently unable to keep pace with these challenges. In this paper the authors present a new paradigm for securing computational resources which they call decoy technology. This technique involves seeding a system with data that appears authentic but...

    Provided By Columbia University

  • White Papers // Nov 2012

    Cross-Layer Enabled Translucent Optical Network With Real-Time Impairment Awareness

    The existing dimensioning strategy for translucent, sub-wavelength switching architectures relies on over-provisioning, and consequently, overuse of costly, power-consuming Optical-Electrical-Optical (O/E/O) regenerators. In addition, due to a variety of external phenomena, many physical layer impairments are time-varying, and hence, can strongly degrade network performance. In this paper, the authors introduce a...

    Provided By Columbia University

  • White Papers // Nov 2012

    Privacy Preserving Revocable Predicate Encryption Revisited

    Predicate Encryption (PE) that provides both the access control of ciphertexts and the privacy of ciphertexts is a new paradigm of public-key encryption. An important application of predicate encryption is a searchable encryption system in a cloud storage, where it enables a client to securely outsource its data to an...

    Provided By Columbia University

  • White Papers // Nov 2012

    Accelerator Memory Reuse in the Dark Silicon Era

    Accelerators integrated on-die with General-Purpose CPUs (GP-CPUs) can yield significant performance and power improvements. Their extensive use, however, is ultimately limited by their area overhead; due to their high degree of specialization, the opportunity cost of investing die real estate on accelerators can become prohibitive, especially for general-purpose architectures. In...

    Provided By Columbia University

  • White Papers // Nov 2012

    Extensible Monitoring with Nagios and Messaging Middleware

    Monitoring is a core function of systems administration, and is primarily a problem of communication - a good monitoring tool communicates with users about problems, and communicates with hosts and software to take remedial action. The better it communicates, the greater the confidence administrators will have in its view of...

    Provided By Columbia University

  • White Papers // Oct 2012

    Aggregating CL-Signatures Revisited: Extended Functionality and Better Efficiency

    Aggregate signature is public-key signature that allows anyone to aggregate different signatures generated by different signers on different messages into a short (called aggregate) signature. The notion has many applications where compressing the signature space is important: in infrastructure: secure routing protocols, in security: compressed certificate chain signature, in signing...

    Provided By Columbia University

  • White Papers // Sep 2012

    CleanOS: Limiting Mobile Data Exposure with Idle Eviction

    Mobile-device theft and loss have reached gigantic proportions. Despite these threats, today's mobile devices are saturated with sensitive information due to operating systems that never securely erase data and applications that hoard it on the vulnerable device for performance or convenience. This paper presents CleanOS, a new Android-based operating system...

    Provided By Columbia University

  • White Papers // Aug 2012

    kGuard: Lightweight Kernel Protection Against Return-to-user Attacks

    Return-to-user (ret2usr) attacks exploit the operating system kernel, enabling local users to hijack privileged execution paths and execute arbitrary code with elevated privileges. Current defenses have proven to be inadequate, as they have been repeatedly circumvented, incur considerable overhead, or rely on extended hypervisors and special hardware features. The authors...

    Provided By Columbia University

  • White Papers // Aug 2012

    TimeWarp: Rethinking Timekeeping and Performance Monitoring Mechanisms to Mitigate Side-Channel Attacks

    Over the past two decades, several microarchitectural side channels have been exploited to create sophisticated security attacks. Solutions to this problem have mainly focused on fixing the source of leaks either by limiting the flow of information through the side channel by modifying hardware, or by refactoring vulnerable software to...

    Provided By Columbia University

  • White Papers // Aug 2012

    Scalable Group Signatures with Revocation

    Group signatures are a central cryptographic primitive, simultaneously supporting accountability and anonymity. They allow users to anonymously sign messages on behalf of a group they are members of. The recent years saw the appearance of several constructions with security proofs in the standard model (i.e., without appealing to the random...

    Provided By Columbia University

  • White Papers // Jul 2012

    Facebook and Privacy: It's Complicated

    The authors measure users' attitudes toward interpersonal privacy concerns on Facebook and measure users' strategies for reconciling their concerns with their desire to share content online. To do this, they recruited 260 Facebook users to install a Facebook application that surveyed their privacy concerns, their friend network compositions, the sensitivity...

    Provided By Columbia University

  • White Papers // Jun 2012

    Privacy-Preserving Social Plugins

    The widespread adoption of social plugins, such as Facebook's Like and Google's +1 buttons, has raised concerns about their implications to user privacy, as they enable social networking services to track a growing part of their members' browsing activity. Existing mitigations in the form of browser extensions can prevent social...

    Provided By Columbia University

  • White Papers // Jul 2009

    Serving Niche Video-on-Demand Content in a Managed P2P Environment

    A limitation of existing P2P VoD services is their inability to support efficient streamed access to niche content that has relatively small demand. This limitation stems from the poor performance of P2P when the number of peers sharing the content is small. In this paper, the authors propose a new...

    Provided By Columbia University

  • White Papers // Jan 2011

    Quantifying Application Behavior Space for Detection and Self-Healing

    The increasing sophistication of software attacks has created the need for increasingly finer-grained intrusion and anomaly detection systems, both at the network and the host level. The authors believe that the next generation of defense mechanisms will require a much more detailed dynamic analysis of application behavior than is currently...

    Provided By Columbia University

  • White Papers // Jan 2011

    Bloodhound: Searching Out Malicious Input in Network Flows for Automatic Repair Validation

    Many current systems security research efforts focus on mechanisms for Intrusion Prevention and Self-Healing Software. Unfortunately, such systems find it difficult to gain traction in many deployment scenarios. For self-healing techniques to be realistically employed, system owners and administrators must have enough confidence in the quality of a generated fix...

    Provided By Columbia University

  • White Papers // Jan 2011

    On the Infeasibility of Modeling Polymorphic Shellcode for Signature Detection

    Polymorphic malcode remains one of the most troubling threats for information security and intrusion defense systems. The ability for malcode to be automatically transformed into to a semantically equivalent variant frustrates attempts to construct a single, simple, easily verifiable representation. The authors present a quantitative analysis of the strengths and...

    Provided By Columbia University

  • White Papers // Jul 2009

    Mouth-to-Ear Latency in Popular VoIP Clients

    Most popular instant messaging clients are now offering Voice-over-IP (VoIP) technology. The many options running on similar platforms, implementing common audio codecs and encryption algorithms offers the opportunity to identify what factors affect call quality. The authors measure call quality objectively based on mouth-to-ear latency. Based on the analysis they...

    Provided By Columbia University

  • White Papers // Feb 2011

    Detecting Traffic Snooping in Anonymity Networks Using Decoys

    Anonymous communication networks like Tor partially protect the confidentiality of their users' traffic by encrypting all intra-overlay communication. However, when the relayed traffic reaches the boundaries of the overlay network towards its actual destination, the original user traffic is inevitably exposed. At this point, unless end-to-end encryption is used, sensitive...

    Provided By Columbia University

  • White Papers // Jan 2011

    Decoy Document Deployment for Effective Masquerade Attack Detection

    Masquerade attacks pose a grave security problem that is a consequence of identity theft. Detecting masqueraders is very hard. Prior work has focused on pro ling legitimate user behavior and detecting deviations from that normal behavior that could potentially signal an ongoing masquerade attack. Such approaches suffer from high false...

    Provided By Columbia University

  • White Papers // Jan 2011

    Data Collection and Analysis for Masquerade Attack Detection: Challenges and Lessons Learned

    Real-world large-scale data collection poses an important challenge in the security field. Insider and masquerader attack data collection poses even a greater challenge. Very few organizations acknowledge such breaches because of liability concerns and potential implications on their market value. This caused the scarcity of real-world data sets that could...

    Provided By Columbia University

  • White Papers // Jan 2011

    A Network-Worm Vaccine Architecture

    The ability of worms to spread at rates that effectively preclude human-directed reaction has elevated them to a first-class security threat to distributed systems. The authors present the first reaction mechanism that seeks to automatically patch vulnerable software. The system employs a collection of sensors that detect and capture potential...

    Provided By Columbia University

  • White Papers // Jul 2010

    Traffic Analysis Against Low-Latency Anonymity Networks Using Available Bandwidth Estimation

    The authors introduce a novel remotely-mounted attack that can expose the network identity of an anonymous client, hidden service, and anonymizing proxies. To achieve this, they employ single-end controlled available bandwidth estimation tools and a colluding network entity that can modulate the traffic destined for the victim. To expose the...

    Provided By Columbia University

  • White Papers // Apr 2011

    Noise Resistant Graph Ranking for Improved Web Image Search

    In this paper, the authors exploit a novel ranking mechanism that processes query samples with noisy labels, motivated by the practical application of web image search re-ranking where the originally highest ranked images are usually posed as pseudo queries for subsequent re-ranking. Availing ourselves of the low-frequency spectrum of a...

    Provided By Columbia University

  • White Papers // Nov 2009

    How Can American AEC Firms Get The Lead In Sustainable Building Design? What A Potential Design Leader Should Know About "Green-Convertible Buildings."

    Energy-efficient building design and operations reduce the negative impacts of buildings on human health, natural environment, and non-renewable energy resources by reducing waste, pollution, environmental degradation, and energy consumption. However, the number of green residences and commercial buildings is small compared to the number of traditional buildings since the initial...

    Provided By Columbia University

  • White Papers // Oct 2009

    Cultural Boundary Spanning In Global Project Networks

    Projects are increasingly global in scope and outsourcing on projects increasingly common. Along with globalizing trends in projects, the workforce is also globalizing. It is common for engineers to move to other countries as expatriate workers or as emigrants to pursue job opportunities in other firms. Where much is known...

    Provided By Columbia University

  • White Papers // Sep 2010

    Stable Deterministic Multithreading Through Schedule Memoization

    A Deterministic MultiThreading (DMT) system eliminates non-determinism in thread scheduling, simplifying the development of multithreaded programs. However, existing DMT systems are unstable; they may force a program to (ad)venture into vastly different schedules even for slightly different inputs or execution environments, defeating many benefits of determinism. Moreover, few existing DMT...

    Provided By Columbia University

  • White Papers // Sep 2009

    Concurrency and Communication: Lessons From the SHIM Project

    Describing parallel hardware and software is difficult, especially in an embedded setting. Five years ago, the authors started the shim project to address this challenge by developing a programming language for hardware/software systems. The resulting language describes asynchronously running processes that has the useful property of scheduling-independence: The I/O of...

    Provided By Columbia University

  • White Papers // Sep 2009

    Reconciling Repeatable Timing With Pipelining and Memory Hierarchy

    A conventional microprocessor executes a sequence of instructions from an instruction set. Each instruction in the instruction set changes the state of the processor in a well-defined way. The microprocessor provides a strong guarantee about its behavior: If one inserts in the sequence an instruction that observes the state of...

    Provided By Columbia University

  • White Papers // Jan 2011

    A Processor Extension for Cycle-Accurate Real-Time Software

    Certain hard real-time tasks demand precise timing of events, but the usual software solution of periodic interrupts driving a scheduler only provides precision in the millisecond range. NOP-insertion can provide higher precision, but is tedious to do manually, requires predictable instruction timing, and works best with simple algorithms. To achieve...

    Provided By Columbia University

  • White Papers // Jan 2011

    Remotely Keyed Cryptographics Secure Remote Display Access Using (Mostly) Untrusted Hardware - Extended Version

    Software that covertly monitors user actions, also known as spyware, has become a first-level security threat due to its ubiquity and the difficulty of detecting and removing it. Such software may be inadvertently installed by a user that is casually browsing the web, or may be purposely installed by an...

    Provided By Columbia University

  • White Papers // Feb 2011

    DYSWIS: Collaborative Network Fault Diagnosis - Of End-Users, by End-Users, for End-User

    With increase in application complexity, the need for network faults diagnosis for end-users has increased. However, existing failure diagnosis techniques fail to assist the end-users in accessing the applications and services. The authors present DYSWIS, an automatic network fault detection and diagnosis system for end-users. The key idea is collaboration...

    Provided By Columbia University

  • White Papers // Jun 2010

    RRDtrace: Long-Term Raw Network Traffic Recording Using Fixed-Size Storage

    Recording raw network traffic for long-term periods can be extremely beneficial for a multitude of monitoring and security applications. However, storing all traffic of high volume networks is infeasible even for short-term periods due to the increased storage requirements. Traditional approaches for data reduction like aggregation and sampling either require...

    Provided By Columbia University

  • White Papers // Mar 2011

    Differentially Private Empirical Risk Minimization

    Privacy-preserving machine learning algorithms are crucial for the increasingly common setting in which personal data, such as medical or financial records, are analyzed. The authors provide general techniques to produce privacy-preserving approximations of classifiers learned via (regularized) Empirical Risk Minimization (ERM). These algorithms are private under the e-differential privacy definition...

    Provided By Columbia University

  • White Papers // Sep 2010

    GPU-Assisted Malware

    Malware writers constantly seek new methods to obfuscate their code so as to evade detection by virus scanners. Two code-armoring techniques that pose significant challenges to existing malicious-code detection and analysis systems are unpacking and run-time polymorphism. In this paper, the authors demonstrate how malware can increase its robustness against...

    Provided By Columbia University

  • White Papers // Oct 2009

    Cybersecurity Through an Identity Management System

    Cybersecurity is a concern of growing importance as internet usage continues to spread into new areas. Strong authentication combined with accountability is a powerful measure towards individuals' protection against any type of identity theft. On the other hand, such strong identification raises privacy concerns. In this paper, the authors argue...

    Provided By Columbia University

  • White Papers // Sep 2009

    An Anonymous Credit Card System

    Credit cards have many important benefits; however, these same benefits often carry with them many privacy concerns. In particular, the need for users to be able to monitor their own transactions, as well as bank's need to justify its payment requests from cardholders, entitle the latter to maintain a detailed...

    Provided By Columbia University

  • White Papers // Sep 2009

    PAR: Payment for Anonymous Routing

    Despite the growth of the Internet and the increasing concern for privacy of online communications, current deployments of anonymization networks depend on a very small set of nodes that volunteer their bandwidth. The authors believe that the main reason is not disbelief in their ability to protect anonymity, but rather...

    Provided By Columbia University

  • White Papers // Jan 2011

    Policy Refinement of Network Services for MANETs

    In this paper, the authors describe a framework for a refinement scheme located in a centralized policy server that consists of three components: A knowledge database, a refinement rule set, and a policy repository. The refinement process includes two successive steps: Policy transformation and policy composition. The refinement scheme takes...

    Provided By Columbia University

  • White Papers // Apr 2011

    Price Dynamics In A Markovian Limit Order Market

    The authors propose and study a simple stochastic model for the dynamics of a limit order book, in which arrivals of market order, limit orders and order cancellations are described in terms of a Markovian queueing system. Through its analytical tractability, the model allows to obtain analytical expressions for various...

    Provided By Columbia University

  • White Papers // Jun 2010

    Computation Vs. Memory Systems: Pinning Down Accelerator Bottlenecks

    The world needs special-purpose accelerators to meet future constraints on computation and power consumption. Choosing appropriate accelerator architectures is a key challenge. In this paper, the authors present a pintool designed to help evaluate the potential benefit of accelerating a particular function. The tool gathers cross-procedural data usage patterns, including...

    Provided By Columbia University

  • White Papers // Jan 2011

    An Esterel Virtual Machine for Embedded Systems

    Embedded systems often suffer from severe resource constraints such as limited memory for programs and data. In this paper, the authors address the problem of compiling the Esterel synchronous language for processors with such constraints. They introduce a virtual machine that executes a compact bytecode designed specifically for executing Esterel...

    Provided By Columbia University

  • White Papers // Jan 2011

    Optimizing Sequential Cycles Through Shannon Decomposition and Retiming

    Optimizing sequential cycles is essential for many types of high-performance circuits, such as pipelines for packet processing. Retiming is a powerful technique for speeding pipelines, but it is stymied by tight sequential cycles. Designers usually attack such cycles by manually combining Shannon decomposition with retiming-effectively a form of speculation-but such...

    Provided By Columbia University

  • White Papers // Jan 2011

    Arrays in SHIM: A Proposal

    The use of multiprocessor configurations over uniprocessor is rapidly increasing to exploit parallelism instead of frequency scaling for better compute capacity. The multiprocessor architectures being developed will have a major impact on existing software. Current languages provide facilities for concurrent and distributed programming, but are prone to races and non-determinism....

    Provided By Columbia University

  • White Papers // Apr 2011

    Impact Of The Topology Of Global Macroeconomic Network On The Spreading Of Economic Crises

    Throughout economic history, the global economy has experienced recurring crises. The persistent recurrence of such economic crises calls for an understanding of their generic features rather than treating them as singular events. Global economic system is a highly complex system and can best be viewed in terms of a network...

    Provided By Columbia University

  • White Papers // Oct 2009

    The Financial Crisis And The Federal Reserve

    The tightening of credit standards and the failure of the cost of credit to households and businesses to fall during the current crisis, despite the sharp easing of monetary policy, has led to a common view that monetary policy has not been effective during the recent financial crisis. Not only...

    Provided By Columbia University

  • White Papers // Dec 2009

    Network Bandwidth Denial of Service (DoS)

    Network bandwidth Denial of Service (DoS) attacks seek to consume the available bandwidth or router resources at or near a target host or network, such that legitimate traffic cannot reach its destination. The primary means for achieving this goal by sending large traffic volumes (packet floods) that do not respect...

    Provided By Columbia University

  • White Papers // Nov 2010

    Evaluation of a Spyware Detection System Using Thin Client Computing

    In previous work, the authors introduced a bait injection system designed to delude and detect crimeware by forcing it to reveal itself during the exploitation of monitored information. Although effective as a technique, the original system was practically limited, as it was implemented in a personal VM environment. In this...

    Provided By Columbia University

  • White Papers // Aug 2009

    Deny-by-Default Distributed Security Policy Enforcement in Mobile Ad Hoc Networks

    Mobile Ad-hoc Networks (MANETs) are increasingly employed in tactical military and civil rapid-deployment networks, including emergency rescue operations and ad hoc disaster-relief networks. However, this flexibility of MANETs comes at a price, when compared to wired and base station-based wireless networks: MANETs are susceptible to both insider and outsider attacks....

    Provided By Columbia University

  • White Papers // Sep 2009

    A Consistent Pricing Model For Index Options And Volatility Derivatives

    The authors propose and study a flexible modeling framework for the joint dynamics of an index and a set of forward variance swap rates written on this index, allowing options on forward variance swaps and options on the underlying index to be priced consistently. This model reproduces various empirically observed...

    Provided By Columbia University

  • White Papers // Aug 2009

    Monitoring Technologies for Mitigating Insider Threats

    The annual Computer Crime and Security Survey for 2008 surveyed 522 security employees from US corporations and government agencies, finding that insider incidents were cited by 44 percent of respondents, nearly as high as the 49 percent that encountered a conventional virus in the previous year. In general, there is...

    Provided By Columbia University

  • White Papers // Aug 2010

    Securing MANET Multicast Using DIPLOMA

    Multicast traffic, such as live audio/video streaming, is an important application for Mobile Ad Hoc Networks (MANETs), including those used by militaries and disaster recovery teams. The open nature of multicast, where any receiver can join a multicast group, and any sender can send to a multicast group, makes it...

    Provided By Columbia University

  • White Papers // Jun 2010

    An Analysis of Rogue AV Campaigns

    Rogue antivirus software has recently received extensive attention, justified by the diffusion and efficacy of its propagation. The authors present a longitudinal analysis of the rogue antivirus threat ecosystem, focusing on the structure and dynamics of this threat and its economics. To that end, the authors compiled and mined a...

    Provided By Columbia University