Columbia University

Displaying 1-40 of 346 results

  • White Papers // May 2014

    GASPP: A GPU-Accelerated Stateful Packet Processing Framework

    Graphics Processing Units (GPUs) are a powerful platform for building high-speed network traffic processing applications using low-cost hardware. Existing systems tap the massively parallel architecture of GPUs to speed up certain computationally intensive tasks, such as cryptographic operations and pattern matching. However, they still suffer from significant overheads due to...

    Provided By Columbia University

  • White Papers // Mar 2014

    Unsupervised Anomaly-based Malware Detection using Hardware Features

    Recent works have shown promise in using micro-architectural execution patterns to detect malware programs. These detectors belong to a class of detectors known as signature based detectors as they catch malware by comparing a program's execution pattern (signature) to execution patterns of known malware programs. In this paper, the authors...

    Provided By Columbia University

  • White Papers // Jan 2014

    Adding a Flow-Oriented Paradigm to Commodity Operating Systems

    The speed of CPUs and memories has historically outstripped I/O, but emerging network and storage technologies promise to invert this relationship. As a result, fundamental assumptions about the role of the operating system in computing systems will have to change. The authors propose an operating and application architecture that removes...

    Provided By Columbia University

  • White Papers // Dec 2013

    On the Effectiveness of Traffic Analysis Against Anonymity Networks Using Flow Records

    The authors investigate the feasibility of mounting a de-anonymization attack against Tor and similar low-latency anonymous communication systems by using NetFlow records. Previous research has shown that adversaries with the ability to eavesdrop in real time at a few internet exchange points can effectively monitor a significant part of the...

    Provided By Columbia University

  • White Papers // Oct 2013

    A Profitable Sub-Prime Loan: Obtaining the Advantages of Composite Order in Prime-Order Bilinear Groups

    Composite-order bilinear groups provide many structural features that have proved useful for both constructing cryptographic primitives and as a technique in security reductions. Despite these convenient features, however, composite-order bilinear groups are less desirable than prime-order bilinear groups for reasons of efficiency. A recent line of paper has therefore focused...

    Provided By Columbia University

  • White Papers // Sep 2013

    Privacy Policy-Driven Mashups

    Mashups are novel content created by extracting and combining data and services from diverse data sources, in an automated manner, using Web services. The Web 2.0 technologies make it easier for individuals to create contents in third party service sites or clouds, and make easier for other third party mashup...

    Provided By Columbia University

  • White Papers // Aug 2013

    CellFlood: Attacking Tor Onion Routers on the Cheap

    In this paper, the authors introduce a new denial-of-service attack against tor onion routers and they study its feasibility and implications. In particular, they exploit a design flaw in the way Tor software builds virtual circuits and demonstrate that an attacker needs only a fraction of the resources required by...

    Provided By Columbia University

  • White Papers // Jul 2013

    Server-Side Code Injection Attacks: A Historical Perspective

    Server-side code injection attacks used to be one of the main culprits for the spread of malware. A vast amount of research has been devoted to the problem of effectively detecting and analyzing these attacks. Common belief seems to be that these attacks are now a marginal threat compared to...

    Provided By Columbia University

  • White Papers // Jun 2013

    Order-Preserving Encryption Secure Beyond One-Wayness

    Semantic-security of individual bits under a ciphertext is fundamental notion in modern cryptography. In this paper, the authors present the first results about this fundamental problem for Order-Preserving Encryption (OPE): \"What plaintext information can be semantically hidden by OPE encryptions?\" While OPE has gained much attention in recent years due...

    Provided By Columbia University

  • White Papers // Jun 2013

    On Finite Block-Length Quantization Distortion

    The authors investigate the upper and lower bounds on the quantization distortions for independent and identically distributed sources in the finite block-length regime. Based on the convex optimization framework of the rate-distortion theory, they derive a lower bound on the quantization distortion under finite block-length, which is shown to be...

    Provided By Columbia University

  • White Papers // Jun 2013

    CloudFence: Data Flow Tracking as a Cloud Service

    The risk of unauthorized private data access is among the primary concerns for users of cloud-based services. For the common setting in which the infrastructure provider and the service provider are different, users have to trust their data to both parties, although they interact solely with the latter. In this...

    Provided By Columbia University

  • White Papers // May 2013

    Computational Decoys for Cloud Security

    Cloud-based applications benefit from the scalability and efficiency offered by server consolidation and shared facilities. However, the shared nature of cloud infrastructures may introduce threats stemming from the co-location and combination of untrusted components, in addition to typical risks due to the inevitable presence of weaknesses in the infrastructure itself....

    Provided By Columbia University

  • White Papers // Apr 2013

    You Can Type, But You Can't Hide: A Stealthy GPU-Based Keylogger

    Keyloggers are a prominent class of malware that harvests sensitive data by recording any typed in information. Keylogger implementations strive to hide their presence using rootkit-like techniques to evade detection by antivirus and other system protections. In this paper, the authors present a new approach for implementing a stealthy keylogger:...

    Provided By Columbia University

  • White Papers // Mar 2013

    Cloudopsy: an Autopsy of Data Flows in the Cloud

    Despite the apparent advantages of cloud computing, the fear of unauthorized exposure of sensitive user data and non-compliance to privacy restrictions impedes its adoption for security-sensitive tasks. For the common setting in which the cloud infrastructure provider and the online service provider are different, end users have to trust the...

    Provided By Columbia University

  • White Papers // Jan 2013

    VBoom: Creating A Virtual Machine Real Estate Boom

    Cloud providers sell identically configured Virtual Machines (VMs) for the same price. Customers purchasing these VMs expect that they perform similarly and are allocated the same amount of virtual resources. In practice, however, the real performance of identically provisioned VMs depends on the underlying hardware, i.e., how the hardware is...

    Provided By Columbia University

  • White Papers // Dec 2012

    Sequential Aggregate Signatures with Short Public Keys: Design, Analysis and Implementation Studies

    The notion of aggregate signature has been motivated by applications and it enables any user to compress different signatures signed by different signers on different messages into a short signature. Sequential aggregate signature, in turn, is a special kind of aggregate signature that only allows a signer to add his...

    Provided By Columbia University

  • White Papers // Dec 2012

    Bait and Snitch: Defending Computer Systems with Decoys

    Threats against computer networks continue to multiply, but existing security solutions are persistently unable to keep pace with these challenges. In this paper the authors present a new paradigm for securing computational resources which they call decoy technology. This technique involves seeding a system with data that appears authentic but...

    Provided By Columbia University

  • White Papers // Nov 2012

    Cross-Layer Enabled Translucent Optical Network With Real-Time Impairment Awareness

    The existing dimensioning strategy for translucent, sub-wavelength switching architectures relies on over-provisioning, and consequently, overuse of costly, power-consuming Optical-Electrical-Optical (O/E/O) regenerators. In addition, due to a variety of external phenomena, many physical layer impairments are time-varying, and hence, can strongly degrade network performance. In this paper, the authors introduce a...

    Provided By Columbia University

  • White Papers // Nov 2012

    Privacy Preserving Revocable Predicate Encryption Revisited

    Predicate Encryption (PE) that provides both the access control of ciphertexts and the privacy of ciphertexts is a new paradigm of public-key encryption. An important application of predicate encryption is a searchable encryption system in a cloud storage, where it enables a client to securely outsource its data to an...

    Provided By Columbia University

  • White Papers // Nov 2012

    Extensible Monitoring with Nagios and Messaging Middleware

    Monitoring is a core function of systems administration, and is primarily a problem of communication - a good monitoring tool communicates with users about problems, and communicates with hosts and software to take remedial action. The better it communicates, the greater the confidence administrators will have in its view of...

    Provided By Columbia University

  • White Papers // Oct 2012

    Aggregating CL-Signatures Revisited: Extended Functionality and Better Efficiency

    Aggregate signature is public-key signature that allows anyone to aggregate different signatures generated by different signers on different messages into a short (called aggregate) signature. The notion has many applications where compressing the signature space is important: in infrastructure: secure routing protocols, in security: compressed certificate chain signature, in signing...

    Provided By Columbia University

  • White Papers // Sep 2012

    CleanOS: Limiting Mobile Data Exposure with Idle Eviction

    Mobile-device theft and loss have reached gigantic proportions. Despite these threats, today's mobile devices are saturated with sensitive information due to operating systems that never securely erase data and applications that hoard it on the vulnerable device for performance or convenience. This paper presents CleanOS, a new Android-based operating system...

    Provided By Columbia University

  • White Papers // Aug 2012

    TimeWarp: Rethinking Timekeeping and Performance Monitoring Mechanisms to Mitigate Side-Channel Attacks

    Over the past two decades, several microarchitectural side channels have been exploited to create sophisticated security attacks. Solutions to this problem have mainly focused on fixing the source of leaks either by limiting the flow of information through the side channel by modifying hardware, or by refactoring vulnerable software to...

    Provided By Columbia University

  • White Papers // Aug 2012

    kGuard: Lightweight Kernel Protection Against Return-to-user Attacks

    Return-to-user (ret2usr) attacks exploit the operating system kernel, enabling local users to hijack privileged execution paths and execute arbitrary code with elevated privileges. Current defenses have proven to be inadequate, as they have been repeatedly circumvented, incur considerable overhead, or rely on extended hypervisors and special hardware features. The authors...

    Provided By Columbia University

  • White Papers // Aug 2012

    Scalable Group Signatures with Revocation

    Group signatures are a central cryptographic primitive, simultaneously supporting accountability and anonymity. They allow users to anonymously sign messages on behalf of a group they are members of. The recent years saw the appearance of several constructions with security proofs in the standard model (i.e., without appealing to the random...

    Provided By Columbia University

  • White Papers // Jul 2012

    Facebook and Privacy: It's Complicated

    The authors measure users' attitudes toward interpersonal privacy concerns on Facebook and measure users' strategies for reconciling their concerns with their desire to share content online. To do this, they recruited 260 Facebook users to install a Facebook application that surveyed their privacy concerns, their friend network compositions, the sensitivity...

    Provided By Columbia University

  • White Papers // Jun 2012

    Privacy-Preserving Social Plugins

    The widespread adoption of social plugins, such as Facebook's Like and Google's +1 buttons, has raised concerns about their implications to user privacy, as they enable social networking services to track a growing part of their members' browsing activity. Existing mitigations in the form of browser extensions can prevent social...

    Provided By Columbia University

  • White Papers // May 2012

    A Robust MDP Approach to Secure Power Control in Cognitive Radio Networks

    Power control plays a key role in realizing reliable and spectrum-efficient communications in a cognitive radio network. In this paper, the authors study secure power control schemes for cognitive radios via a robust Markov Decision Process (MDP) approach. They first use the Discrete Time Markov Chain (DTMC) model to characterize...

    Provided By Columbia University

  • White Papers // May 2012

    CCNxServ: Dynamic Service Scalability in Information-Centric Networks

    Content-centric networks promise to address content networking issues in a better way than today's host-based networking architecture. But content-centric networking does not inherently address the issue of services, particularly service scalability and mobility. The authors present their work on CCNxServ, a system that allows for dynamic service deployment and scalability...

    Provided By Columbia University

  • White Papers // May 2012

    Harmony: Collection and Analysis of Parallel Block Vectors

    Efficient execution of well-parallelized applications is central to performance in the multicore era. Program analysis tools support the hardware and software sides of this effort by exposing relevant features of multithreaded applications. This paper describes parallel block vectors, which uncover previously unseen characteristics of parallel programs. Parallel block vectors provide...

    Provided By Columbia University

  • White Papers // May 2012

    Combining Baiting and User Search Profiling Techniques for Masquerade Detection

    Masquerade attacks are characterized by an adversary stealing a legitimate user's credentials and using them to impersonate the victim and perform malicious activities, such as stealing information. Prior work on masquerade attack detection has focused on profiling legitimate user behavior and detecting abnormal behavior indicative of a masquerade attack. Like...

    Provided By Columbia University

  • White Papers // Apr 2012

    Tolerating Overload Attacks Against Packet Capturing Systems

    Passive network monitoring applications such as intrusion detection systems are susceptible to overloads, which can be induced by traffic spikes or algorithmic singularities triggered by carefully crafted malicious packets. Under overload conditions, the system may consume all the available resources, dropping most of the monitored traffic until the overload condition...

    Provided By Columbia University

  • White Papers // Apr 2012

    ARC: Protecting Against HTTP Parameter Pollution Attacks Using Application Request Caches

    HTTP Parameter Pollution (HPP) vulnerabilities allow attackers to exploit web applications by manipulating the query parameters of the requested URLs. In this paper, the authors present Application Request Cache (ARC), a framework for protecting web applications against HPP exploitation. ARC hosts all benign URL schemas, which act as generators of...

    Provided By Columbia University

  • White Papers // Apr 2012

    Concurrency Attacks

    Just as errors in sequential programs can lead to security exploits, errors in concurrent programs can lead to concurrency attacks. Questions such as whether these attacks are real and what characteristics they have remain largely unknown. In this paper, the authors present a preliminary study of concurrency attacks and the...

    Provided By Columbia University

  • White Papers // Apr 2012

    On the Performance of Flexgrid-Based Optical Networks

    The ever increasing IP traffic volume has finally brought to light the high inefficiency of current wavelength-routed rigid-grid networks in matching the client layer requirements. Such an issue results in the deployment of large-size, expensive and power-consuming IP/MPLS layers to perform the required grooming/aggregation functionality. To deal with this problem,...

    Provided By Columbia University

  • White Papers // Apr 2012

    Lost in Translation: Improving Decoy Documents Via Automated Translation

    Detecting insider attacks continues to prove to be one of the most difficult challenges in securing sensitive data. Decoy information and documents represent a promising approach to detecting malicious masqueraders; however, false positives can interfere with legitimate work and take up user time. The authors propose generating foreign language decoy...

    Provided By Columbia University

  • White Papers // Mar 2012

    Toward Practical Private Access to Data Centers Via Parallel ORAM

    Today, accessing maps, pictures, status updates, and other data from online services is de rigueur, but these accesses may leak private information. Previous work proposed using a secure coprocessor at the server to hide all information about user requests via an Oblivious RAM (ORAM) protocol. For this to ever be...

    Provided By Columbia University

  • White Papers // Mar 2012

    Fog Computing: Mitigating Insider Data Theft Attacks in the Cloud

    Cloud computing promises to significantly change the way the people use computers and access and store their personal and business information. With these new computing and communications paradigms arise new data security challenges. Existing data protection mechanisms such as encryption have failed in preventing data theft attacks, especially those perpetrated...

    Provided By Columbia University

  • White Papers // Mar 2012

    Smashing the Gadgets: Hindering Return-Oriented Programming Using In-Place Code Randomization

    The wide adoption of non-executable page protections in recent versions of popular operating systems has given rise to attacks that employ Return-Oriented Programming (ROP) to achieve arbitrary code execution without the injection of any code. Existing defenses against ROP exploits either require source code or symbolic debugging information, or impose...

    Provided By Columbia University

  • White Papers // Mar 2012

    Predicting the Number of Mobile Subscribers: An Accurate Forecasting System and Its Application

    Forecasting economic quantities can bring high benefits to business planning and operation. To provide accurate forecasts and to investigate the factors behind the trends, the authors present a new prediction system in this paper. Applying it to the Number of Mobile Subscribers (NMS) in the United States, China, and Germany,...

    Provided By Columbia University

  • White Papers // Jan 2011

    Multi-Scale Temporal Segmentation and Outlier Detection in Sensor Networks

    Monitoring multimodal data generated by sensor networks for extracting information is a challenging task for the human observer. To manage the barrage of data, one needs to create mechanisms for identifying only those time intervals which are informative and worthy of further high-level analysis either by machine or the human...

    Provided By Columbia University

  • White Papers // Oct 2009

    The Financial Crisis And The Federal Reserve

    The tightening of credit standards and the failure of the cost of credit to households and businesses to fall during the current crisis, despite the sharp easing of monetary policy, has led to a common view that monetary policy has not been effective during the recent financial crisis. Not only...

    Provided By Columbia University

  • White Papers // Aug 2010

    Fostering Development And Socially Responsible Investment

    Global imbalances in international capital markets are commonly identified as a cause of the 2008 financial crisis. The imbalances are characterized by the investment of capital surpluses of large developing countries into equity and fixed-income markets in developed countries. The uneven distribution of global capital accumulation leads one to consider...

    Provided By Columbia University

  • White Papers // Aug 2008

    Skills, Schools And Credit Constraints: Evidence From Massachusetts

    In the U.S. and other developed countries, rapidly increasing college costs have raised concerns about access to postsecondary education, particularly for low income students. These concerns are heightened by the perceived need to improve the low-skilled segment of the labor force in order to combat downward wage pressures attributed to...

    Provided By Columbia University

  • White Papers // Sep 2008

    On the Multi-Hop Performance of Synchronization Mechanisms in High Propagation Delay Networks

    The authors analyze the single and multi-hop performance of time synchronization mechanisms for challenging environments characterized by high propagation delays, low duty-cycle operation, and imprecise clocks, such as underwater acoustic sensor networks. They find that receiver-receiver based schemes are unsuitable for such environments, and therefore focus primarily on sender-receiver schemes....

    Provided By Columbia University

  • White Papers // Feb 2010

    Distributed Robust Optimization (DRO) Part II: Wireless Power Control

    Optimization formulations and distributed algorithms have long been used for resource allocation problems in wireless networks including power control. However, the often assumed constant parameters in these formulations are in fact time-varying, unknown, or based on inaccurate estimates in real systems. Taking into account these factors, is it still possible...

    Provided By Columbia University

  • White Papers // Dec 2008

    Inflation Ambiguity And The Term Structure Of Arbitrage-Free U.S. Government Bonds

    Inflation plays a very important role in the pricing of nominal bonds. Investors care not only about inflation shocks, but also how the volatility of inflation shocks may change over time. While inflation volatility was low for most of the 1970s and 1990 - 2003, it spiked in the early...

    Provided By Columbia University

  • White Papers // Apr 2010

    Virtualization Mechanisms for Mobility, Security and System Administration

    This dissertation demonstrates that operating system virtualization is an effective method for solving many different types of computing problems. The authors have designed novel systems that make use of commodity software while solving problems that were not conceived when the software was originally written. They show that by leveraging and...

    Provided By Columbia University

  • White Papers // Dec 2010

    Interference Management in Wireless Communication Systems: Theory and Applications

    Interference is a fundamental nature of wireless communication systems, in which multiple transmissions often take place simultaneously over a common communication medium. In recent years, there has been a rapidly growing interest in developing reliable and spectrally efficient wireless communication systems. One primary challenge in such a development is how...

    Provided By Columbia University

  • White Papers // Jan 2011

    Using Channel Hopping to Increase 802.11 Resilience to Jamming Attacks

    802.11a, b, and g standards were designed for deployment in cooperative environments, and hence do not include mechanisms to protect from jamming attacks. In this paper, the authors explore how to protect 802.11 networks from jamming attacks by having the legitimate transmission hop among channels to hide the transmission from...

    Provided By Columbia University

  • White Papers // Jan 2011

    Effects of Power Conservation, Wireless Coverage and Cooperation on Data Dissemination Among Mobile Devices

    This paper presents 7DS, a novel peer-to-peer data sharing system. 7DS is architecture, a set of protocols and an implementation enabling the exchange of data among peers that are not necessarily connected to the Internet. Peers can be either mobile or stationary. It anticipates the information needs of users and...

    Provided By Columbia University

  • White Papers // Jan 2011

    Design and Implementation of a Peer-to-Peer Data Dissemination and Prefetching Tool for Mobile Users

    This paper presents 7DS, a novel peer-to-peer data sharing system. Peers can be either mobile or stationary (such as infostations). 7DS is architecture, a set of protocols and an implementation enabling the exchange of data among peers that are not necessarily connected to the Internet. Communication is typically, but not...

    Provided By Columbia University

  • White Papers // Jan 2011

    A Performance Analysis of 7 DS : A Peer-to-Peer Data Dissemination and Prefetching Tool for Mobile Users

    This paper presents 7DS, a novel peer-to-peer data sharing system. Peers can be either mobile or stationary 7DS is architecture, a set of protocols and an implementation enabling the exchange of data among peers that are not necessarily connected to the Internet. It runs as an application complementary to other...

    Provided By Columbia University

  • White Papers // Jan 2011

    Connectivity Maintenance in Mobile Wireless Networks Via Constrained Mobility

    The authors explore distributed mechanisms for maintaining the physical layer connectivity of a mobile wireless network while still permitting significant area coverage. Moreover, they require that these mechanisms maintain connectivity despite the unpredictable wireless propagation behavior found in complex real-world environments. To this end, they propose the Spreadable Connected Autonomic...

    Provided By Columbia University

  • White Papers // Jan 2011

    Networking Low-Power Energy Harvesting Devices: Measurements and Algorithms

    Recent advances in energy harvesting materials and ultra-low-power communications will soon enable the realization of networks composed of energy harvesting devices. These devices will operate using very low ambient energy, such as indoor light energy. The authors focus on characterizing the energy availability in indoor environments and on developing energy...

    Provided By Columbia University

  • White Papers // Apr 2010

    Improved Bounds for Sparse Recovery From Adaptive Measurements

    It is shown here that adaptivity in sampling results in dramatic improvements in the recovery of sparse signals in white Gaussian noise. An adaptive sampling-and-refinement procedure called distilled sensing is discussed and analyzed, resulting in fundamental new asymptotic scaling relationships in terms of the minimum feature strength required for reliable...

    Provided By Columbia University

  • White Papers // Mar 2009

    Distilled Sensing: Selective Sampling for Sparse Signal Recovery

    A selective sampling procedure called Distilled Sensing (DS) is proposed, and shown to be an effective method for recovering sparse signals in noise. Based on the notion that it is often easier to rule out locations that do not contain signal than it is to directly identify non-zero signal components,...

    Provided By Columbia University

  • White Papers // Feb 2010

    A Secure and Privacy-Preserving Targeted Ad-System

    Thanks to its low product-promotion cost and its efficiency, targeted online advertising has become very popular. Unfortunately, being profile-based, online advertising methods violate consumers' privacy, which has engendered resistance to the ads. However, protecting privacy through anonymity seems to encourage click-fraud. In this paper, the authors define consumer's privacy and...

    Provided By Columbia University

  • White Papers // Mar 2011

    GRAND: Git Revisions As Named Data

    GRAND is an experimental extension of Git, a distributed revision control system, which enables the synchronization of Git repositories over Content-Centric Networks (CCN). GRAND brings some of the benefits of CCN to Git, such as transparent caching, load balancing, and the ability to fetch objects by name rather than location....

    Provided By Columbia University

  • White Papers // Feb 2011

    Detecting Traffic Snooping in Anonymity Networks Using Decoys

    Anonymous communication networks like Tor partially protect the confidentiality of their users' traffic by encrypting all intra-overlay communication. However, when the relayed traffic reaches the boundaries of the overlay network towards its actual destination, the original user traffic is inevitably exposed. At this point, unless end-to-end encryption is used, sensitive...

    Provided By Columbia University

  • White Papers // Jan 2011

    Decoy Document Deployment for Effective Masquerade Attack Detection

    Masquerade attacks pose a grave security problem that is a consequence of identity theft. Detecting masqueraders is very hard. Prior work has focused on pro ling legitimate user behavior and detecting deviations from that normal behavior that could potentially signal an ongoing masquerade attack. Such approaches suffer from high false...

    Provided By Columbia University

  • White Papers // Jan 2011

    Data Collection and Analysis for Masquerade Attack Detection: Challenges and Lessons Learned

    Real-world large-scale data collection poses an important challenge in the security field. Insider and masquerader attack data collection poses even a greater challenge. Very few organizations acknowledge such breaches because of liability concerns and potential implications on their market value. This caused the scarcity of real-world data sets that could...

    Provided By Columbia University

  • White Papers // Oct 2009

    Configuration Fuzzing for Software Vulnerability Detection

    Many software security vulnerabilities only reveal themselves under certain conditions, i.e., particular configurations of the software together with its particular runtime environment. One approach to detecting these vulnerabilities is fuzz testing, which feeds a range of randomly modified inputs to a software application while monitoring it for failures. However, fuzz...

    Provided By Columbia University

  • White Papers // Jul 2009

    Mouth-to-Ear Latency in Popular VoIP Clients

    Most popular instant messaging clients are now offering Voice-over-IP (VoIP) technology. The many options running on similar platforms, implementing common audio codecs and encryption algorithms offers the opportunity to identify what factors affect call quality. The authors measure call quality objectively based on mouth-to-ear latency. Based on the analysis they...

    Provided By Columbia University

  • White Papers // Jul 2009

    Serving Niche Video-on-Demand Content in a Managed P2P Environment

    A limitation of existing P2P VoD services is their inability to support efficient streamed access to niche content that has relatively small demand. This limitation stems from the poor performance of P2P when the number of peers sharing the content is small. In this paper, the authors propose a new...

    Provided By Columbia University

  • White Papers // Jun 2009

    Flexible Filters: Load Balancing Through Backpressure for Stream Programs

    Stream processing is a promising paradigm for programming multi-core systems for high-performance embedded applications. The authors propose flexible filters as a technique that combines static mapping of the stream program tasks with dynamic load balancing of their execution. The goal is to improve the system-level processing throughput of the program...

    Provided By Columbia University

  • White Papers // Sep 2008

    Thwarting Attacks in Malcode-Bearing Documents by Altering Data Sector Values

    Embedding malcode within documents provides a convenient means of attacking systems. Such attacks can be very targeted and difficult to detect to stop due to the multitude of document-exchange vectors and the vulnerabilities in modern document processing applications. Detecting malcode embedded in a document is difficult owing to the complexity...

    Provided By Columbia University

  • White Papers // Jan 2011

    A Domain-Specific Language for Generating Data Flow Analyzers

    Data flow analysis is a well-understood and very powerful technique for analyzing programs as part of the compilation process. Virtually all compilers use some sort of data flow analysis as part of their optimization phase. However, despite being well-understood theoretically, such analyses are often difficult to code, making it difficult...

    Provided By Columbia University

  • White Papers // Apr 2009

    An Empirical BSSRDF Model

    The authors present a new model of the BSSRDF based on a large-scale simulation that captures the appearance of materials that cannot be accurately represented using existing single scattering models or multiple isotropic scattering models. The model consists of an analytic function of the 2D hemispherical distribution of exitant light...

    Provided By Columbia University

  • White Papers // Oct 2010

    A Strong Law for the Rate of Growth of Long Latency Periods in Cloud Computing Service

    Cloud-computing shares a common pool of resources across customers at a scale that is orders of magnitude larger than traditional multi-user systems. Constituent physical compute servers are allocated multiple "Virtual Machines" (VM) to serve simultaneously. Each VM user should ideally be unaffected by others' demand. Naturally, this environment produces new...

    Provided By Columbia University

  • White Papers // Oct 2010

    Signatures Resilient to Continual Leakage on Memory and Computation

    Recent breakthrough results by Brakerski et al and Dodis et al have shown that signature schemes can be made secure even if the adversary continually obtains information leakage from the secret key of the scheme. However, the schemes currently do not allow leakage on the secret key and randomness during...

    Provided By Columbia University

  • White Papers // Feb 2009

    A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks

    The fair evaluation and comparison of side-channel attacks and countermeasures has been a long standing open question, limiting further developments in the field. Motivated by this challenge, this paper makes a step in this direction and proposes a framework for the analysis of cryptographic implementations that includes a theoretical model...

    Provided By Columbia University

  • White Papers // Mar 2011

    Differentially Private Empirical Risk Minimization

    Privacy-preserving machine learning algorithms are crucial for the increasingly common setting in which personal data, such as medical or financial records, are analyzed. The authors provide general techniques to produce privacy-preserving approximations of classifiers learned via (regularized) Empirical Risk Minimization (ERM). These algorithms are private under the e-differential privacy definition...

    Provided By Columbia University

  • White Papers // Jan 2011

    Policy Refinement of Network Services for MANETs

    In this paper, the authors describe a framework for a refinement scheme located in a centralized policy server that consists of three components: A knowledge database, a refinement rule set, and a policy repository. The refinement process includes two successive steps: Policy transformation and policy composition. The refinement scheme takes...

    Provided By Columbia University

  • White Papers // Sep 2009

    An Anonymous Credit Card System

    Credit cards have many important benefits; however, these same benefits often carry with them many privacy concerns. In particular, the need for users to be able to monitor their own transactions, as well as bank's need to justify its payment requests from cardholders, entitle the latter to maintain a detailed...

    Provided By Columbia University

  • White Papers // Sep 2009

    PAR: Payment for Anonymous Routing

    Despite the growth of the Internet and the increasing concern for privacy of online communications, current deployments of anonymization networks depend on a very small set of nodes that volunteer their bandwidth. The authors believe that the main reason is not disbelief in their ability to protect anonymity, but rather...

    Provided By Columbia University

  • White Papers // Apr 2011

    Price Dynamics In A Markovian Limit Order Market

    The authors propose and study a simple stochastic model for the dynamics of a limit order book, in which arrivals of market order, limit orders and order cancellations are described in terms of a Markovian queueing system. Through its analytical tractability, the model allows to obtain analytical expressions for various...

    Provided By Columbia University

  • White Papers // Sep 2010

    GPU-Assisted Malware

    Malware writers constantly seek new methods to obfuscate their code so as to evade detection by virus scanners. Two code-armoring techniques that pose significant challenges to existing malicious-code detection and analysis systems are unpacking and run-time polymorphism. In this paper, the authors demonstrate how malware can increase its robustness against...

    Provided By Columbia University

  • White Papers // Jun 2010

    RRDtrace: Long-Term Raw Network Traffic Recording Using Fixed-Size Storage

    Recording raw network traffic for long-term periods can be extremely beneficial for a multitude of monitoring and security applications. However, storing all traffic of high volume networks is infeasible even for short-term periods due to the increased storage requirements. Traditional approaches for data reduction like aggregation and sampling either require...

    Provided By Columbia University

  • White Papers // Apr 2011

    Noise Resistant Graph Ranking for Improved Web Image Search

    In this paper, the authors exploit a novel ranking mechanism that processes query samples with noisy labels, motivated by the practical application of web image search re-ranking where the originally highest ranked images are usually posed as pseudo queries for subsequent re-ranking. Availing ourselves of the low-frequency spectrum of a...

    Provided By Columbia University