Columbia University

Displaying 1-40 of 308 results

  • White Papers // Dec 2014

    Movers and Shakers: Kinetic Energy Harvesting for the Internet of Things

    Numerous energy harvesting wireless devices that will serve as building blocks for the Internet of Things (IoT) are currently under development. However, there is still only limited understanding of the properties of various energy sources and their impact on energy harvesting adaptive algorithms. Hence, the authors focus on characterizing the...

    Provided By Columbia University

  • White Papers // Nov 2014

    Malicious-Client Security in Blind Seer: A Scalable Private DBMS

    "The Blind Seer system (Oakland 2014) is an efficient and scalable DBMS that affords both client query privacy and server data protection. It also provides the ability to enforce authorization policies on the system, restricting client's queries while maintaining the privacy of both query and policy. Blind Seer supports a...

    Provided By Columbia University

  • White Papers // Sep 2014

    Pebbles: Fine-Grained Data Management Abstractions for Modern Operating Systems

    Support for fine-grained data management has all but disappeared from modern operating systems such as Android and iOS. Instead, the people must rely on each individual application to manage their data properly - e.g., to delete their emails, documents, and photos in full upon request; to not collect more data...

    Provided By Columbia University

  • White Papers // Jun 2014

    ParaShares: Finding the Important Basic Blocks in Multithreaded Programs

    Understanding and optimizing multithreaded execution is a significant challenge. Numerous research and industrial tools debug parallel performance by combing through program source or thread traces for pathologies including communication overheads, data dependencies, and load imbalances. This paper takes a new approach: it ignores any underlying pathologies, and focuses instead on...

    Provided By Columbia University

  • White Papers // May 2014

    GASPP: A GPU-Accelerated Stateful Packet Processing Framework

    Graphics Processing Units (GPUs) are a powerful platform for building high-speed network traffic processing applications using low-cost hardware. Existing systems tap the massively parallel architecture of GPUs to speed up certain computationally intensive tasks, such as cryptographic operations and pattern matching. However, they still suffer from significant overheads due to...

    Provided By Columbia University

  • White Papers // Apr 2014

    Benchmarking Methodology for Embedded Scalable Platforms

    Embedded Scalable Platforms (ESP) are a novel generation of platform architectures that yield optimal energy-performance operations while supporting a diversity of embedded application workloads. A companion methodology combines full-system simulation, pre-designed HW/SW interface libraries, high-level synthesis and FPGA prototyping to enable an effective design-space exploration which is driven by the...

    Provided By Columbia University

  • White Papers // Apr 2014

    Real-Time Power Control for Dynamic Optical Networks - Algorithms and Experimentation

    Core and aggregation optical networks are remarkably static, despite the emerging dynamic capabilities of the individual optical devices. This stems from the inability to address optical impairments in real-time. As a result, tasks such as adding and removing wavelengths take a substantial amount of time, and therefore, optical networks are...

    Provided By Columbia University

  • White Papers // Mar 2014

    Trading Functionality for Power within Applications

    When operating systems and hardware manage power and energy, they must be conservative in order to deliver requested resources while maintaining an expected rate of system throughput. Application-level energy management is more flexible, because applications can choose to request fewer resources or expect less performance, effectively trading accuracy or runtime...

    Provided By Columbia University

  • White Papers // Mar 2014

    Unsupervised Anomaly-based Malware Detection using Hardware Features

    Recent works have shown promise in using micro-architectural execution patterns to detect malware programs. These detectors belong to a class of detectors known as signature based detectors as they catch malware by comparing a program's execution pattern (signature) to execution patterns of known malware programs. In this paper, the authors...

    Provided By Columbia University

  • White Papers // Jan 2014

    Tracking Quantiles of Network Data Streams with Dynamic Operations

    Quantiles are very useful in characterizing the data distribution of an evolving dataset in the process of data mining or network monitoring. The method of Stochastic Approximation (SA) tracks quantiles online by incrementally deriving and updating local approximations of the underly distribution function at the quantiles of interest. In this...

    Provided By Columbia University

  • White Papers // Jan 2014

    Throughput Optimization of Wireless Mesh Networks with MIMO Links

    Multiple Input Multiple Output (MIMO) antennas use sophisticated physical layer techniques to provide significant benefits over conventional antenna technology. Multiple independent data streams can be sent over the MIMO antenna elements. MIMO link can also suppress interference from neighboring links as long as the total useful streams and interfering streams...

    Provided By Columbia University

  • White Papers // Jan 2014

    Efficient Hash Probes on Modern Processors

    Bucketized versions of cuckoo hashing can achieve 95-99% occupancy, without any space overhead for pointers or other structures. However, such methods typically need to consult multiple hash buckets per probe, and have therefore been seen as having worse probe performance than conventional techniques for large tables. The authors consider workloads...

    Provided By Columbia University

  • White Papers // Jan 2014

    Adding a Flow-Oriented Paradigm to Commodity Operating Systems

    The speed of CPUs and memories has historically outstripped I/O, but emerging network and storage technologies promise to invert this relationship. As a result, fundamental assumptions about the role of the operating system in computing systems will have to change. The authors propose an operating and application architecture that removes...

    Provided By Columbia University

  • White Papers // Dec 2013

    On the Effectiveness of Traffic Analysis Against Anonymity Networks Using Flow Records

    The authors investigate the feasibility of mounting a de-anonymization attack against Tor and similar low-latency anonymous communication systems by using NetFlow records. Previous research has shown that adversaries with the ability to eavesdrop in real time at a few internet exchange points can effectively monitor a significant part of the...

    Provided By Columbia University

  • White Papers // Oct 2013

    A Profitable Sub-Prime Loan: Obtaining the Advantages of Composite Order in Prime-Order Bilinear Groups

    Composite-order bilinear groups provide many structural features that have proved useful for both constructing cryptographic primitives and as a technique in security reductions. Despite these convenient features, however, composite-order bilinear groups are less desirable than prime-order bilinear groups for reasons of efficiency. A recent line of paper has therefore focused...

    Provided By Columbia University

  • White Papers // Sep 2013

    Privacy Policy-Driven Mashups

    Mashups are novel content created by extracting and combining data and services from diverse data sources, in an automated manner, using Web services. The Web 2.0 technologies make it easier for individuals to create contents in third party service sites or clouds, and make easier for other third party mashup...

    Provided By Columbia University

  • White Papers // Aug 2013

    CellFlood: Attacking Tor Onion Routers on the Cheap

    In this paper, the authors introduce a new denial-of-service attack against tor onion routers and they study its feasibility and implications. In particular, they exploit a design flaw in the way Tor software builds virtual circuits and demonstrate that an attacker needs only a fraction of the resources required by...

    Provided By Columbia University

  • White Papers // Jul 2013

    Server-Side Code Injection Attacks: A Historical Perspective

    Server-side code injection attacks used to be one of the main culprits for the spread of malware. A vast amount of research has been devoted to the problem of effectively detecting and analyzing these attacks. Common belief seems to be that these attacks are now a marginal threat compared to...

    Provided By Columbia University

  • White Papers // Jun 2013

    Order-Preserving Encryption Secure Beyond One-Wayness

    Semantic-security of individual bits under a ciphertext is fundamental notion in modern cryptography. In this paper, the authors present the first results about this fundamental problem for Order-Preserving Encryption (OPE): \"What plaintext information can be semantically hidden by OPE encryptions?\" While OPE has gained much attention in recent years due...

    Provided By Columbia University

  • White Papers // Jun 2013

    On Finite Block-Length Quantization Distortion

    The authors investigate the upper and lower bounds on the quantization distortions for independent and identically distributed sources in the finite block-length regime. Based on the convex optimization framework of the rate-distortion theory, they derive a lower bound on the quantization distortion under finite block-length, which is shown to be...

    Provided By Columbia University

  • White Papers // Jun 2013

    CloudFence: Data Flow Tracking as a Cloud Service

    The risk of unauthorized private data access is among the primary concerns for users of cloud-based services. For the common setting in which the infrastructure provider and the service provider are different, users have to trust their data to both parties, although they interact solely with the latter. In this...

    Provided By Columbia University

  • White Papers // May 2013

    Computational Decoys for Cloud Security

    Cloud-based applications benefit from the scalability and efficiency offered by server consolidation and shared facilities. However, the shared nature of cloud infrastructures may introduce threats stemming from the co-location and combination of untrusted components, in addition to typical risks due to the inevitable presence of weaknesses in the infrastructure itself....

    Provided By Columbia University

  • White Papers // Apr 2013

    You Can Type, But You Can't Hide: A Stealthy GPU-Based Keylogger

    Keyloggers are a prominent class of malware that harvests sensitive data by recording any typed in information. Keylogger implementations strive to hide their presence using rootkit-like techniques to evade detection by antivirus and other system protections. In this paper, the authors present a new approach for implementing a stealthy keylogger:...

    Provided By Columbia University

  • White Papers // Mar 2013

    Cloudopsy: an Autopsy of Data Flows in the Cloud

    Despite the apparent advantages of cloud computing, the fear of unauthorized exposure of sensitive user data and non-compliance to privacy restrictions impedes its adoption for security-sensitive tasks. For the common setting in which the cloud infrastructure provider and the online service provider are different, end users have to trust the...

    Provided By Columbia University

  • White Papers // Mar 2013

    WiMAX in the Classroom: Designing a Cellular Networking Hands-on Lab

    Wireless networking has recently gained tremendous attention in research and education. Since the concepts taught in wireless courses are difficult to acquire only through lectures, hands-on lab experience is indispensable. While Wi-Fi based networking labs have been introduced before, to the best of the authors' knowledge, labs that use a...

    Provided By Columbia University

  • White Papers // Jan 2013

    VBoom: Creating A Virtual Machine Real Estate Boom

    Cloud providers sell identically configured Virtual Machines (VMs) for the same price. Customers purchasing these VMs expect that they perform similarly and are allocated the same amount of virtual resources. In practice, however, the real performance of identically provisioned VMs depends on the underlying hardware, i.e., how the hardware is...

    Provided By Columbia University

  • White Papers // Dec 2012

    Sequential Aggregate Signatures with Short Public Keys: Design, Analysis and Implementation Studies

    The notion of aggregate signature has been motivated by applications and it enables any user to compress different signatures signed by different signers on different messages into a short signature. Sequential aggregate signature, in turn, is a special kind of aggregate signature that only allows a signer to add his...

    Provided By Columbia University

  • White Papers // Dec 2012

    Bait and Snitch: Defending Computer Systems with Decoys

    Threats against computer networks continue to multiply, but existing security solutions are persistently unable to keep pace with these challenges. In this paper the authors present a new paradigm for securing computational resources which they call decoy technology. This technique involves seeding a system with data that appears authentic but...

    Provided By Columbia University

  • White Papers // Nov 2012

    Cross-Layer Enabled Translucent Optical Network With Real-Time Impairment Awareness

    The existing dimensioning strategy for translucent, sub-wavelength switching architectures relies on over-provisioning, and consequently, overuse of costly, power-consuming Optical-Electrical-Optical (O/E/O) regenerators. In addition, due to a variety of external phenomena, many physical layer impairments are time-varying, and hence, can strongly degrade network performance. In this paper, the authors introduce a...

    Provided By Columbia University

  • White Papers // Nov 2012

    Privacy Preserving Revocable Predicate Encryption Revisited

    Predicate Encryption (PE) that provides both the access control of ciphertexts and the privacy of ciphertexts is a new paradigm of public-key encryption. An important application of predicate encryption is a searchable encryption system in a cloud storage, where it enables a client to securely outsource its data to an...

    Provided By Columbia University

  • White Papers // Nov 2012

    Accelerator Memory Reuse in the Dark Silicon Era

    Accelerators integrated on-die with General-Purpose CPUs (GP-CPUs) can yield significant performance and power improvements. Their extensive use, however, is ultimately limited by their area overhead; due to their high degree of specialization, the opportunity cost of investing die real estate on accelerators can become prohibitive, especially for general-purpose architectures. In...

    Provided By Columbia University

  • White Papers // Nov 2012

    Extensible Monitoring with Nagios and Messaging Middleware

    Monitoring is a core function of systems administration, and is primarily a problem of communication - a good monitoring tool communicates with users about problems, and communicates with hosts and software to take remedial action. The better it communicates, the greater the confidence administrators will have in its view of...

    Provided By Columbia University

  • White Papers // Oct 2012

    Aggregating CL-Signatures Revisited: Extended Functionality and Better Efficiency

    Aggregate signature is public-key signature that allows anyone to aggregate different signatures generated by different signers on different messages into a short (called aggregate) signature. The notion has many applications where compressing the signature space is important: in infrastructure: secure routing protocols, in security: compressed certificate chain signature, in signing...

    Provided By Columbia University

  • White Papers // Sep 2012

    CleanOS: Limiting Mobile Data Exposure with Idle Eviction

    Mobile-device theft and loss have reached gigantic proportions. Despite these threats, today's mobile devices are saturated with sensitive information due to operating systems that never securely erase data and applications that hoard it on the vulnerable device for performance or convenience. This paper presents CleanOS, a new Android-based operating system...

    Provided By Columbia University

  • White Papers // Aug 2012

    TimeWarp: Rethinking Timekeeping and Performance Monitoring Mechanisms to Mitigate Side-Channel Attacks

    Over the past two decades, several microarchitectural side channels have been exploited to create sophisticated security attacks. Solutions to this problem have mainly focused on fixing the source of leaks either by limiting the flow of information through the side channel by modifying hardware, or by refactoring vulnerable software to...

    Provided By Columbia University

  • White Papers // Aug 2012

    kGuard: Lightweight Kernel Protection Against Return-to-user Attacks

    Return-to-user (ret2usr) attacks exploit the operating system kernel, enabling local users to hijack privileged execution paths and execute arbitrary code with elevated privileges. Current defenses have proven to be inadequate, as they have been repeatedly circumvented, incur considerable overhead, or rely on extended hypervisors and special hardware features. The authors...

    Provided By Columbia University

  • White Papers // Aug 2012

    Scalable Group Signatures with Revocation

    Group signatures are a central cryptographic primitive, simultaneously supporting accountability and anonymity. They allow users to anonymously sign messages on behalf of a group they are members of. The recent years saw the appearance of several constructions with security proofs in the standard model (i.e., without appealing to the random...

    Provided By Columbia University

  • White Papers // Jul 2012

    Facebook and Privacy: It's Complicated

    The authors measure users' attitudes toward interpersonal privacy concerns on Facebook and measure users' strategies for reconciling their concerns with their desire to share content online. To do this, they recruited 260 Facebook users to install a Facebook application that surveyed their privacy concerns, their friend network compositions, the sensitivity...

    Provided By Columbia University

  • White Papers // Jun 2012

    Privacy-Preserving Social Plugins

    The widespread adoption of social plugins, such as Facebook's Like and Google's +1 buttons, has raised concerns about their implications to user privacy, as they enable social networking services to track a growing part of their members' browsing activity. Existing mitigations in the form of browser extensions can prevent social...

    Provided By Columbia University

  • White Papers // May 2012

    CCNxServ: Dynamic Service Scalability in Information-Centric Networks

    Content-centric networks promise to address content networking issues in a better way than today's host-based networking architecture. But content-centric networking does not inherently address the issue of services, particularly service scalability and mobility. The authors present their work on CCNxServ, a system that allows for dynamic service deployment and scalability...

    Provided By Columbia University

  • White Papers // May 2014

    GASPP: A GPU-Accelerated Stateful Packet Processing Framework

    Graphics Processing Units (GPUs) are a powerful platform for building high-speed network traffic processing applications using low-cost hardware. Existing systems tap the massively parallel architecture of GPUs to speed up certain computationally intensive tasks, such as cryptographic operations and pattern matching. However, they still suffer from significant overheads due to...

    Provided By Columbia University

  • White Papers // Sep 2011

    Parallelization and Characterization of Pattern Matching using GPUs

    Pattern matching is a highly computationally intensive operation used in a plethora of applications. Unfortunately, due to the ever increasing storage capacity and link speeds, the amount of data that needs to be matched against a given set of patterns is growing rapidly. In this paper, the authors explore how...

    Provided By Columbia University

  • White Papers // May 2007

    Transparent Checkpoint-Restart of Multiple Processes on Commodity Operating Systems

    The ability to checkpoint a running application and restart it later can provide many useful benefits including fault recovery, advanced resources sharing, dynamic load balancing and improved service availability. However, applications often involve multiple processes which have dependencies through the operating system. The authors present a transparent mechanism for commodity...

    Provided By Columbia University

  • White Papers // Apr 2010

    Virtualization Mechanisms for Mobility, Security and System Administration

    This dissertation demonstrates that operating system virtualization is an effective method for solving many different types of computing problems. The authors have designed novel systems that make use of commodity software while solving problems that were not conceived when the software was originally written. They show that by leveraging and...

    Provided By Columbia University

  • White Papers // Jul 2009

    Research Directions for Network Intrusion Recovery

    One of the most significant unsolved problems for network managers and system administrators is how to repair a network infrastructure after discovering evidence of an extensive compromise. The technical issues are compounded by a breathtaking variety of human factors. This paper highlight lessons learned from three real, significant, and recent...

    Provided By Columbia University

  • White Papers // Mar 2010

    Automated Data Cleaning Linking Data Manager to Study Coordinator: Error Finding by Variable and Error Fixing by Subject

    Many researchers using the SAS System software receive data sets with incomplete data or data errors. Data cleaning can become an extremely tedious task for the Coordinators who must return to medical records or Case Report Forms (CRFs) if the data managers list errors by variable. Instead it is easier...

    Provided By Columbia University

  • White Papers // Sep 2009

    Interaction With the Environment: Sensor Data Visualization in Outdoor Augmented Reality

    Proliferating sensor systems provide a rich source of data for understanding the dynamic characteristics of the environment. Visualization of, and interaction with, such data in outdoor augmented reality poses several challenges for infrastructure, representation, interactive data collection, and information discovery and filtering. The author discusses these challenges in the context...

    Provided By Columbia University

  • White Papers // Feb 2010

    Distributed Robust Optimization (DRO) Part II: Wireless Power Control

    Optimization formulations and distributed algorithms have long been used for resource allocation problems in wireless networks including power control. However, the often assumed constant parameters in these formulations are in fact time-varying, unknown, or based on inaccurate estimates in real systems. Taking into account these factors, is it still possible...

    Provided By Columbia University

  • White Papers // Dec 2009

    Guide To Career Planning

    Experienced professionals making a career change face particular challenges. Employers tend to be conservative, preferring to hire candidates with prior experience in their sector. Therefore, a career changer must convey in their resume that they understand the new sector they are entering, have relevant transferable skills, and have the enthusiasm...

    Provided By Columbia University

  • White Papers // Dec 2009

    Career Changers - Resume Writing For The Career Changer

    Experienced professionals making a career change face particular challenges. Employers tend to be conservative, preferring to hire candidates with prior experience in their sector. Therefore, a career changer must convey in their resume that they understand the new sector they are entering, have relevant transferable skills, and have the enthusiasm...

    Provided By Columbia University

  • White Papers // Aug 2009

    Delegation And The Regulation Of Finance In The United States Since 1950

    What determines the extent and structure of financial regulation? This question matters for two reasons. First, it matters because, as North and Shirley says "A country's financial institutions significantly determine the extent of new investment and firm entry, and through them, the rate of economic growth, disparity of income distribution,...

    Provided By Columbia University

  • White Papers // Aug 2009

    Credit Spreads And Monetary Policy

    The authors consider the desirability of modifying a standard Taylor rule for a central bank's interest-rate policy to incorporate either an adjustment for changes in interest-rate spreads or a response to variations in the aggregate volume of credit. They consider the consequences of such adjustments for the way in which...

    Provided By Columbia University

  • White Papers // Aug 2009

    Resolving Conflicting Preferences In School Choice: The "Boston" Mechanism Reconsidered

    The Boston mechanism is among the most popular school choice procedures in use. Yet, the mechanism has been criticized for its poor incentive and welfare performances, which led the Boston Public Schools to recently replace it with Gale and Shapley's deferred acceptance algorithm (henceforth, DA). The DA elicits truthful revelation...

    Provided By Columbia University

  • White Papers // Aug 2009

    Preferences And Equilibrium In Monopoly And Duopoly

    This paper takes the new approach of using a copula to characterize consumer preferences in a discrete choice model of product differentiation, and applies it to the economics of monopoly and duopoly. The comparative statics of demand strength and preference diversity, both properties of the marginal distribution of values for...

    Provided By Columbia University

  • White Papers // Oct 2009

    Son Preference, Sex Selection And Economic Development: Theory And Evidence From South Korea

    Motivated by high and rising sex ratios in countries such as India and China, the authors formulate a theoretical framework for analyzing the impact of economic development on parental sex choice when sons are culturally prized and children provide old age support. Two key assumptions drive the model. First, the...

    Provided By Columbia University

  • White Papers // Nov 2009

    The Long-Term Impact Of Job Displacement In Germany During The 1982 Recession On Earnings, Income, And Employment

    The authors show that workers displaced from their stable jobs during mass-layoffs in 1982 recession in Germany suffered permanent earnings losses of 10-15% lasting at least 15 years. These estimates are obtained using data and methodology comparable to similar studies for the United States. Exploiting advantages of the German data,...

    Provided By Columbia University

  • White Papers // Nov 2009

    The Effects Of Unemployment Insurance On Labor Supply And Search Outcomes: Regression Discontinuity Estimates From Germany

    This paper evaluates the impact of large changes in the duration of Unemployment Insurance (UI) in different economic environments on labor supply, job matches, and search behavior. The authors show that differences in eligibility thresholds by exact age give rise to a valid regression discontinuity design, which they implement using...

    Provided By Columbia University

  • White Papers // Jan 2010

    Simple Analytics Of The Government Expenditure Multiplier

    This paper explains the key factors that determine the effectiveness of government purchases as a means of increasing output and employment in New Keynesian models, through a series of simple examples that can be solved analytically. Delays in the adjustment of prices or wages can allow for larger multipliers than...

    Provided By Columbia University

  • White Papers // Feb 2010

    Optimal Target Criteria For Stabilization Policy

    This paper considers a general class of nonlinear rational-expectations models in which policymakers seek to maximize an objective function that may be household expected utility. The authors show how to derive a target criterion that is: consistent with the model's structural equations, strong enough to imply a unique equilibrium, and...

    Provided By Columbia University

  • White Papers // Mar 2010

    Imperfect Information And Aggregate Supply

    This paper surveys the research in the past decade on imperfect information models of aggregate supply and the Phillips curve. This new work has emphasized that information is dispersed and disseminates slowly across a population of agents who strategically interact in their use of information. The authors discuss the foundations...

    Provided By Columbia University

  • White Papers // Mar 2010

    Interpreting The Unconventional U.S. Monetary Policy Of 2007-09

    This paper reviews the unconventional U.S. monetary policy responses to the financial and real crises of 2007-09, divided into three groups: interest rate policy, quantitative policy, and credit policy. To interpret interest rate policy, it compares the Federal Reserve's actions with the literature on optimal policy in a liquidity trap....

    Provided By Columbia University

  • White Papers // Mar 2010

    Matching With Trade-Offs: Revealed Preferences Over Competing Characteristics

    The authors investigate in this paper the theory and econometrics of optimal matching's with competing criteria. The surplus from a marriage match, for instance, may depend both on the incomes and on the educations of the partners, as well as on characteristics that the analyst does not observe. The social...

    Provided By Columbia University

  • White Papers // May 2010

    Higher Order Improvements For Approximate Estimators

    Many modern estimation methods in econometrics approximate an objective function, through simulation or discretization for instance. The resulting "Approximate" estimator is often biased; and it always incurs an efficiency loss. The authors here propose three methods to improve the properties of such approximate estimators at a low computational cost. The...

    Provided By Columbia University

  • White Papers // Jan 2011

    Balancing Uplink and Downlink Delay of VoIP Traffic in WLANs Using Adaptive Priority Control (APC)

    In IEEE 802.11 wireless networks, the downlink delay rises as the number of VoIP nodes increases while the uplink delay remains small due to the same chance of media access between nodes and the Access Point (AP). This degrades the capacity and QoS of VoIP significantly. Therefore, they introduce Adaptive...

    Provided By Columbia University

  • White Papers // Nov 2010

    Energy Efficiency of Voice-Over-IP Systems

    The authors identified the key components that are implemented on servers in a c/s VoIP system and by super nodes in a p2p VoIP system (Skype). They presented a model for understanding power consumption of c/s and p2p VoIP systems. They performed a number of experiments to determine the power...

    Provided By Columbia University

  • White Papers // Jan 2011

    Computational Cameras: Approaches, Benefits and Limits

    A computational camera uses a combination of optics and software to produce images that cannot be taken with traditional cameras. In the last decade, computational imaging has emerged as a vibrant field of research. A wide variety of computational cameras have been demonstrated - some designed to achieve new imaging...

    Provided By Columbia University

  • White Papers // Mar 2010

    CONFU: Configuration Fuzzing Testing Framework for Software Vulnerability Detection

    Many software security vulnerabilities only reveal themselves under certain conditions, i.e., particular configurations and inputs together with a certain runtime environment. One approach to detecting these vulnerabilities is fuzz testing. However, typical fuzz testing makes no guarantees regarding the syntactic and semantic validity of the input, or of how much...

    Provided By Columbia University

  • White Papers // Apr 2010

    Empirical Study of Concurrency Mutation Operators for Java

    Mutation testing is a white-box fault-based software testing technique that applies mutation operators to modify program source code or byte code in small ways and then runs these modified programs (i.e., Mutants) against a test suite in order to measure its effectiveness and locate the weaknesses either in the test...

    Provided By Columbia University

  • White Papers // Jul 2010

    Simple-VPN: Simple IPsec Configuration

    The IPsec protocol promised easy, ubiquitous encryption. That has never happened. For the most part, IPsec usage is confined to VPNs for road warriors, largely due to needless configuration complexity and incompatible implementations. The authors have designed a simple VPN configuration language that hides the unwanted complexities. Virtually no options...

    Provided By Columbia University

  • White Papers // Sep 2009

    TagLearner: A P2P Classifier Learning System From Collaboratively Tagged Text Documents

    The amount of text data on the Internet is growing at a very fast rate. Online text repositories for news agencies, digital libraries and other organizations currently store gigaand tera-bytes of data. Large amounts of unstructured text poses a serious challenge for data mining and knowledge extraction. End user participation...

    Provided By Columbia University

  • White Papers // Apr 2010

    Tamper Evident Microprocessors

    Most security mechanisms proposed to date unquestioningly place trust in microprocessor hardware. This trust, however, is misplaced and dangerous because microprocessors are vulnerable to insider attacks that can catastrophically compromise security, integrity and privacy of computer systems. In this paper, One describe several methods to strengthen the fundamental assumption about...

    Provided By Columbia University

  • White Papers // Jan 2011

    Change-Centric Management of Versions in an XML Warehouse

    The authors present a change-centric method to manage versions in a Web WareHouse of XML data. The starting point is a sequence of snapshots of XML documents they obtain from the web. By running a diff algorithm, they compute the changes between two consecutive versions. They then represent the sequence...

    Provided By Columbia University

  • White Papers // Apr 2009

    Managing Homeless Shelters

    This is a formal analysis of how homeless shelters should operate: in particular, what quality of accommodations they should provide and how they should help their residents in securing conventional housing. The author also examines timing. The results extend to cover optimal police response to street homelessness as well. The...

    Provided By Columbia University

  • White Papers // Sep 2009

    A Consistent Pricing Model For Index Options And Volatility Derivatives

    The authors propose and study a flexible modeling framework for the joint dynamics of an index and a set of forward variance swap rates written on this index, allowing options on forward variance swaps and options on the underlying index to be priced consistently. This model reproduces various empirically observed...

    Provided By Columbia University

  • White Papers // Dec 2009

    Network Bandwidth Denial of Service (DoS)

    Network bandwidth Denial of Service (DoS) attacks seek to consume the available bandwidth or router resources at or near a target host or network, such that legitimate traffic cannot reach its destination. The primary means for achieving this goal by sending large traffic volumes (packet floods) that do not respect...

    Provided By Columbia University

  • White Papers // Nov 2010

    Evaluation of a Spyware Detection System Using Thin Client Computing

    In previous work, the authors introduced a bait injection system designed to delude and detect crimeware by forcing it to reveal itself during the exploitation of monitored information. Although effective as a technique, the original system was practically limited, as it was implemented in a personal VM environment. In this...

    Provided By Columbia University

  • White Papers // Aug 2009

    Deny-by-Default Distributed Security Policy Enforcement in Mobile Ad Hoc Networks

    Mobile Ad-hoc Networks (MANETs) are increasingly employed in tactical military and civil rapid-deployment networks, including emergency rescue operations and ad hoc disaster-relief networks. However, this flexibility of MANETs comes at a price, when compared to wired and base station-based wireless networks: MANETs are susceptible to both insider and outsider attacks....

    Provided By Columbia University

  • White Papers // Sep 2009

    BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs

    Mobile Ad-hoc Networks (MANETs) are very dynamic networks with devices continuously entering and leaving the group. The highly dynamic nature of MANETs renders the manual creation and update of policies associated with the initial incorporation of devices to the MANET (admission control) as well as with anomaly detection during communications...

    Provided By Columbia University

  • White Papers // Jul 2009

    F3ildCrypt: End-to-End Protection of Sensitive Information in Web Services

    The frequency and severity of a number of recent intrusions involving data theft and leakages has shown that online users' trust, voluntary or not, in the ability of third parties to protect their sensitive data is often unfounded. Data may be exposed anywhere along a corporation's web pipeline, from the...

    Provided By Columbia University

  • White Papers // May 2009

    Voice Over IP: Risks, Threats and Vulnerabilities

    Voice over IP (VoIP) and Internet Multimedia Subsystem (IMS) technologies are rapidly being adopted by consumers, enterprises, governments and militaries. These technologies offer higher flexibility and more features than traditional telephony (PSTN) infrastructures, as well as the potential for lower cost through equipment consolidation and, for the consumer market, new...

    Provided By Columbia University