Search Results

Now showing 1 - 8 of 8
  • Item
    Classifying Network Protocol Implementation Versions: An OpenSSL Case Study
    Rubin, Aviel D.; Green, Matthew; Checkoway, Stephen; Rushanan, Michael; Martin, Paul D. (2013-12-11T20:33:59Z)
    A new technique is presented for identifying the implementation version number of software that is used for Internet communications. While many programs may exchange version numbers, oftentimes only a small subset of them send any information at all. Furthermore, they usually do not provide accurate details about which implementation is used. We use machine learning techniques to build a feature database and then apply this to network traffic to try to identify specific implementations on servers. We apply our technique to OpenSSL and report our results.
  • Item
Number Generators 
Atmel AVR 
    Pagano, Matthew W. (2010-01-27T13:41:26Z)
    The purpose of this report is to provide exhaustive details of my Computer Security Architecture project this spring 2008 semester. Ultimately, the goal has been to prepare a document that an undergraduate student can read to increase his/her comprehension of the Atmel AVR AT90USB1287 microcontroller and its hardware components, the Assembler programming language, random number generation, pseudorandom number generation, and testing methods to determine levels of randomness. This report outlines how to program a random number generator (RNG) on the AT90USB1287 using the on‐board thermometer, as well as two pseudorandom number generators (PRNGs) on the AT90USB1287. One of the PRNGs is a Linear Feedback Shift Register (LFSR) and is designated as the “weak” PRNG. The other PRNG is the Advanced Encryption Standard (AES) algorithm and is designated as the “strong” PRNG algorithm. After programming the RNG, weak PRNG, and strong PRNG on the AT90USB1287, this report details the results of randomness tests offered by the National Institute of Standards and Technology (NIST) on both PRNG algorithms. The purpose of this is to demonstrate specifically what it means to have a cryptographically secure PRNG algorithm.
  • Item
    Multi-Object Geodesic Active Contours (MOGAC): A Parallel Sparse-Field Algorithm for Image Segmentation
    Taylor, Russell; Kazhdan, Michael; Lucas, Blake (2012-02-28T01:02:21Z)
    An important task for computer vision systems is to segment adjacent structures in images without producing gaps or overlaps. Multi-object Level Set Methods (MLSM) perform this task with the benefit of sub-pixel accuracy. However, current implementations of MLSM are not as computationally or memory efficient as their region growing and graph cut counterparts which lack sub-pixel accuracy. To address this performance gap, we present a novel parallel implementation of MLSM that leverages the sparse properties of the segmentation algorithm to minimize its memory footprint for multiple objects. The new method, Multi-Object Geodesic Active Contours (MOGAC), can represent N objects with just two functions: a label image and unsigned distance field. The time complexity of the algorithm is shown to be O((M^d)/P) for M^d pixels and P processing units in dimension d={2,3}, independent of the number of objects. Results are presented for 2D and 3D image segmentation problems.
  • Item
    Design and Implementation of Views: Isolated Perspectives of a File System for Regulatory Compliance
    Pagano, Matthew W.; Peterson, Zachary N. J. (2009-08-24T13:15:00Z)
    We present Views, a file system architecture designed to meet the role-based access control (RBAC) requirement of federal regulations, such as those in HIPAA. Views allows for discrete IO entities, such as users, groups or processes, to have a logically complete but isolated perspective of the file system. Entities may perform IO using the standard system call interface without affecting the views of other entities. Views is designed to be file system independent, extremely easy to use and manage, and flexible in defining isolation and sharing polices. Our implementation of Views is built on ext3cow, which additionally provides versioning capabilities to all entities. Preliminary results show the performance of Views is comparable with other traditional disk file systems.
  • Item
    iSeeYou: Disabling the MacBook Webcam Indicator LED
    Brocker, Matthew; Checkoway, Stephen (2013-12-11T20:32:51Z)
    The ubiquitous webcam indicator LED is an important privacy feature which provides a visual cue that the camera is turned on. We describe how to disable the LED on a class of Apple internal iSight webcams used in some versions of MacBook laptops and iMac desktops. This enables video to be captured without any visual indication to the user and can be accomplished entirely in user space by an unprivileged (non- root) application. The same technique that allows us to disable the LED, namely reprogramming the firmware that runs on the iSight, enables a virtual machine escape whereby malware running inside a virtual machine reprograms the camera to act as a USB Human Interface Device (HID) keyboard which executes code in the host operating system. We build two proofs-of-concept: (1) an OS X application, iSeeYou, which demonstrates capturing video with the LED disabled; and (2) a virtual machine escape that launches and runs shell commands. To defend against these and related threats, we build an OS X kernel extension, iSightDefender, which prohibits the modification of the iSight’s firmware from user space.
  • Item
    Evaluation of Diagonal Confidence-Weighted Learning on the KDD Cup 1999 Dataset for Network Intrusion Detection Systems
    Pagano, Matthew W. (2011-02-03T15:09:35Z)
    In this study, I evaluate the performance of diagonal Confidence-Weighted (CW) online linear classification on the KDD Cup 1999 dataset for network intrusion detection systems (NIDS). This is a compatible relationship due to the large number of instances in NIDS datasets, as well as the constantly changing feature distributions. CW learning achieves approximately 92% accuracy on the KDD dataset when optimized, which is higher than both Perceptron and the Passive-Aggressive algorithm. CW learning also achieves faster convergence rates than both of these algorithms. Moreover, the accuracy of CW learning on the KDD dataset is comparable to several batch-learning algorithms. This challenges the assumption that batch learning should always be used when feasible. Due to shortcomings of the KDD dataset, a full generalization of CW learning to additional NIDS environments cannot yet be made. Nonetheless, this study shows that there is great promise to applying CW learning to future NIDS research.
  • Item
    Recognition of Visual Dynamical Processes: Theory, Kernels, and Experimental Evaluation
    Vidal, René; Chaudhry, Rizwan (2009)
    Over the past few years, several papers have used Linear Dynamical Systems (LDS)s for modeling, registration, segmentation, and recognition of visual dynamical processes, such as human gaits, dynamic textures and lip articulations. The recognition framework involves identifying the parameters of the LDSs from features extracted from a training set of videos, using metrics on the space of dynamical systems to compare them, and combining these metrics with different classification methods. Usually, each paper makes an ad-hoc choice for every step, and tests the recognition framework on small data sets often involving only one application. We present a detailed evaluation of the LDS-based recognition pipeline; comparing identification methods, metrics, and classification techniques. We propose new metrics that have certain invariance properties and explore a number of variations to the existing metrics. We perform experimental evaluations on well-known data sets of human gaits, dynamic textures, and lip articulations and provide benchmark recognition results. We also analyze the robustness of the recognition pipeline with respect to changes in observation and experimental conditions. Overall, this work represents the most extensive to-date evaluation of the LDS-based recognition framework.
  • Item
    Design and Implementation of Views: Isolated Perspectives of a File System
    Pagano, Matthew W.; Peterson, Zachary N.J. (2010-04-20T12:45:01Z)
    We present Views, a file system architecture that provides isolation between system components for the purposes of access control, regulatory compliance, and sandboxing. Views allows for discrete I/O entities, such as users, groups, or processes, to have a logically complete yet fully isolated perspective (view) of the file system. This ensures that each entity’s file system activities only modify that entity’s view of the file system, but in a transparent fashion that does not limit or restrict the entity’s functionality. Views can therefore be used to monitor system activity based on user accounts for access control (as required by federal regulations such as HIPAA), provide a reliable sandbox for arbitrary applications without inducing any noticeable loss in performance, and enable traditional snapshotting functionality by manipulating and transplanting views as snapshots in time. Views’ architecture is designed to be file system independent, extremely easy to use and manage, and flexible in defining isolation and sharing polices. Our implementation of Views is built on ext3cow, which additionally provides versioning capabilities to all entities. Benchmarking results show that the performance of Views is nearly identical to other traditional file systems such as ext3.