Multi-Core Memory System Design : Developing and using Analytical Models for Performance Evaluation and Enhancements

Dwarakanath, Nagendra Gulur

January 2015

Memory system design is increasingly influencing modern multi-core architectures from both performance and power perspectives. Both main memory latency and bandwidth have im-proved at a rate that is slower than the increase in processor core count and speed. Off-chip memory, primarily built from DRAM, has received significant attention in terms of architecture and design for higher performance. These performance improvement techniques include sophisticated memory access scheduling, use of multiple memory controllers, mitigating the impact of DRAM refresh cycles, and so on. At the same time, new non-volatile memory technologies have become increasingly viable in terms of performance and energy. These alternative technologies offer different performance characteristics as compared to traditional DRAM. With the advent of 3D stacking, on-chip memory in the form of 3D stacked DRAM has opened up avenues for addressing the bandwidth and latency limitations of off-chip memory. Stacked DRAM is expected to offer abundant capacity — 100s of MBs to a few GBs — at higher bandwidth and lower latency. Researchers have proposed to use this capacity as an extension to main memory, or as a large last-level DRAM cache. When leveraged as a cache, stacked DRAM provides opportunities and challenges for improving cache hit rate, access latency, and off-chip bandwidth. Thus, designing off-chip and on-chip memory systems for multi-core architectures is complex, compounded by the myriad architectural, design and technological choices, combined with the characteristics of application workloads. Applications have inherent spatial local-ity and access parallelism that influence the memory system response in terms of latency and bandwidth. In this thesis, we construct an analytical model of the off-chip main memory system to comprehend this diverse space and to study the impact of memory system parameters and work-load characteristics from latency and bandwidth perspectives. Our model, called ANATOMY, uses a queuing network formulation of the memory system parameterized with workload characteristics to obtain a closed form solution for the average miss penalty experienced by the last-level cache. We validate the model across a wide variety of memory configurations on four-core, eight-core and sixteen-core architectures. ANATOMY is able to predict memory latency with average errors of 8.1%, 4.1%and 9.7%over quad-core, eight-core and sixteen-core configurations respectively. Further, ANATOMY identifie better performing design points accurately thereby allowing architects and designers to explore the more promising design points in greater detail. We demonstrate the extensibility and applicability of our model by exploring a variety of memory design choices such as the impact of clock speed, benefit of multiple memory controllers, the role of banks and channel width, and so on. We also demonstrate ANATOMY’s ability to capture architectural elements such as memory scheduling mechanisms and impact of DRAM refresh cycles. In all of these studies, ANATOMY provides insight into sources of memory performance bottlenecks and is able to quantitatively predict the benefit of redressing them. An insight from the model suggests that the provisioning of multiple small row-buffers in each DRAM bank achieves better performance than the traditional one (large) row-buffer per bank design. Multiple row-buffers also enable newer performance improvement opportunities such as intra-bank parallelism between data transfers and row activations, and smart row-buffer allocation schemes based on workload demand. Our evaluation (both using the analytical model and detailed cycle-accurate simulation) shows that the proposed DRAM re-organization achieves significant speed-up as well as energy reduction. Next we examine the role of on-chip stacked DRAM caches at improving performance by reducing the load on off-chip main memory. We extend ANATOMY to cover DRAM caches. ANATOMY-Cache takes into account all the key parameters/design issues governing DRAM cache organization namely, where the cache metadata is stored and accessed, the role of cache block size and set associativity and the impact of block size on row-buffer hit rate and off-chip bandwidth. Yet the model is kept simple and provides a closed form solution for the aver-age miss penalty experienced by the last-level SRAM cache. ANATOMY-Cache is validated against detailed architecture simulations and shown to have latency estimation errors of 10.7% and 8.8%on average in quad-core and eight-core configurations respectively. An interesting in-sight from the model suggests that under high load, it is better to bypass the congested DRAM cache and leverage the available idle main memory bandwidth. We use this insight to propose a refresh reduction mechanism that virtually eliminates refresh overhead in DRAM caches. We implement a low-overhead hardware mechanism to record accesses to recent DRAM cache pages and refresh only these pages. Older cache pages are considered invalid and serviced from the (idle) main memory. This technique achieves average refresh reduction of 90% with resulting memory energy savings of 9%and overall performance improvement of 3.7%. Finally, we propose a new DRAM cache organization that achieves higher cache hit rate, lower latency and lower off-chip bandwidth demand. Called the Bi-Modal Cache, our cache organization brings three independent improvements together: (i) it enables parallel tag and data accesses, (ii) it eliminates a large fraction of tag accesses entirely by use of a novel way locator and (iii) it improves cache space utilization by organizing the cache sets as a combination of some big blocks (512B) and some small blocks (64B). The Bi-Modal Cache reduces hit latency by use of the way locator and parallel tag and data accesses. It improves hit rate by leveraging the cache capacity efficiently – blocks with low spatial reuse are allocated in the cache at 64B granularity thereby reducing both wasted off-chip bandwidth as well as cache internal fragmentation. Increased cache hit rate leads to reduction in off-chip bandwidth demand. Through detailed simulations, we demonstrate that the Bi-Modal Cache achieves overall performance improvement of 10.8%, 13.8% and 14.0% in quad-core, eight-core and sixteen-core workloads respectively over an aggressive baseline.

Multi Core Architecture

ANATOMY-Cache

DRAM

Off-chip Memory

Off-chip Bandwidth

On-chip Memory Systems

ANATOMY

Multi-Core Memory System

DRAM Cache

Computer System-performance Evaluation

Memory System Design

Computer Science

Uma linguagem de padrões semanticamente relacionados para o design de sistemas educacionais que permitam coautoria

Silva, Marcos Alexandre Rose

03 May 2014

Made available in DSpace on 2016-06-02T19:03:58Z (GMT). No. of bitstreams: 1 5900.pdf: 5031941 bytes, checksum: c33a127070b11fb3923bc17ba9d98189 (MD5) Previous issue date: 2014-05-03 / Financiadora de Estudos e Projetos / The adequacy of educational content considering student´s culture, knowledge and values allow them to identify the relationship between what they are learning and their reality and, consequently they feel more interested and engaged at education. In contrast, in informatics at education, designing educational systems to allow adequacy is a challenge because of a lack of techniques to support the design and the difficulty to identify what and how allow this adequacy by users, because many users of these systems, as educators and students, do not have knowledge of designing. In this context, it is presented here a formalization of the design pattern with successful solutions for recurrent problems on designing co-authorship systems analyzed and/or experienced by the researcher of this dissertation during design and evaluations of these systems at Advanced Interaction Laboratory (LIA). These patterns intend to support designing of educational systems that allow users, as co-authors, adequate these systems, inserting the content to be displayed at them. Each pattern describes specific problem and solution. In order to support indentifying how these patterns are organized to each other, semantic relations defined by Minsky are adopted to organize them based on humans´ intellectual structure. Validations with different participants´ profiles, e.g., with or without knowledge about concepts related to design, software engineering, human-computer interaction, co-authorship, etc., were done to formalize, refine and observe the comprehension and/or application of these patterns to design co-authorship system prototypes, as well as, different participants from mathematic or pedagogy areas and teachers to validate the use these of these prototypes. The results shown that the pattern language is comprehensible and it supports designing to define what and how to display on interface to allow and help users insert content. / A adequação no conteúdo educacional de acordo com a cultura, o conhecimento e valores dos alunos permite aos mesmos identificarem relação entre o que estão aprendendo e suas realidades e, consequentemente se sentirem mais interessados e engajados no aprendizado. Contudo, no contexto da informática na educação, fazer o design de sistemas educacionais para permitir a adequação é um desafio, tanto pela falta de técnicas para apoiar o design, quanto pela dificuldade em identificar o que adequar, como permitir e facilitar essa adequação, pois muitos dos usuários desses sistemas, como educadores e alunos, não têm conhecimento e experiência com design de soluções computacionais. Nesse contexto, neste trabalho é apresentada a formalização de uma linguagem de padrões de design com soluções de sucesso para problemas recorrentes no design de sistemas de coautoria observadas e/ou experiência das pelo proponente deste trabalho, ao analisar esses sistemas e participar do processo de desenvolvimento e avaliação desses sistemas no Laboratório de Interação Avançada (LIA). Esses padrões têm como objetivo apoiar o design de sistemas educacionais que permitam aos usuários, como coautores, terem apoio para adequar os sistemas, inserindo o conteúdo que será exibido nos mesmos. Cada padrão de design se refere a um par problema-solução específico e, para apoiar a identificação e compreensão de como os padrões estão relacionados entre si, formando uma linguagem de padrões, são adotadas as relações semânticas definidas por Minsky para organizá-los e expressar o relacionamento entre eles de uma forma próxima a estrutura cognitiva humana. Validações com diferentes perfis de participantes, por exemplo, com e sem conhecimento sobre conceitos relacionados à Engenharia de Software, Interação Humano-Computador, Coautoria, etc., foram feitas para formalizar, refinar e observar a compreensão e/ou o uso dos padrões no design de protótipos de sistemas educacionais, bem como participantes das áreas de matemática ou pedagogia e educadores para validar o uso desses protótipos. Os resultados mostram que a linguagem de padrões de design semanticamente relacionados é compreendida e apoia o design para definir o que e como exibir nas interfaces dos sistemas para permitir e auxiliar os usuários na inserção do conteúdo.

Interação homem-máquina

Educação

Sistema computacional

Coautoria

Padrões de design

Relações semânticas

Education

Computer system

Educational system

Co-authorship

Patterns

Design

Design pattern language

Desenvolvimento de um modelo para previsão de ocorrência de Ecdytolopha aurantiana (Lima, 1927) (Lepidoptera: Tortricidae) e um Sistema WEB Integrado de Apoio ao Citricultor. / Development of a model to predict the occurrence of Ecdytolopha aurantiana (Lima, 1927) (Lepidoptera: Tortricidae) and an integrated web system to support citrus producers.

Ronaldo Reis Junior

19 April 2004

Os frutos cítricos são uma das principais fontes de exportação do Brasil, sendo que São Paulo responde por cerca de 80% da produção total. Dentre os fatores que limitam a produção citrícola brasileira, especialmente no estado de São Paulo, vem se sobressaindo nos últimos anos, a clorose variegada dos citros (CVC), a podridão floral, o minador-dos-citros e o bicho-furão-dos-citros, Ecdytolopha aurantiana (Lima, 1927) (Lepidoptera: Tortricidae), além dos ácaros, moscas-das-frutas, pinta preta e mais recentemente a morte súbita. O presente trabalho teve como objetivo desenvolver um modelo para previsão de ocorrência de E. aurantiana, baseado em dados de monitoramento através de armadilhas de feromônio sexual e desenvolver um sistema computacional que possa utilizar este modelo para gerar as previsões de ocorrência, além de fornecer um local de troca de informações entre o citricultor e a comunidade científica. O tipo de solo, temperatura do local, variedade de citros, idade das plantas e uso de agroquímicos para controle de E. aurantiana, influenciaram na dinâmica populacional deste inseto. A maior influência sobre a flutuação do bicho-furão foi exercida pelo tipo de solo, seguido pela temperatura local, variedade de citros, idade das plantas e uso de agroquímicos para controle de E. aurantiana. A ocorrência de E. aurantiana em função da temperatura é diferente para cada combinação de tipo de solo, variedade de citros, idade das plantas e uso de agroquímicos. O modelo desenvolvido pode prever o potencial de ocorrência de E. aurantiana em função da temperatura ou dos meses do ano, levando-se em consideração o tipo de solo, variedade de citros, idade das plantas e aplicação de agroquímicos. O programa (BF) elaborado na linguagem R conta com equações para simular as diversas situações de ocorrência de E. aurantiana. O SIAC (Sistema Integrado de Apoio ao Citricultor) é um sistema que facilita o uso do modelo, sem a necessidade de conhecimento de R e fornece uma gama de recursos que visa facilitar o acesso do citricultor às informações e ao pesquisador aos problemas do citricultor, criando com isto uma maior interação de ambos. O modelo de previsão de ocorrência de bicho-furão pode ser aperfeiçoado com coleta de dados mais regulares e de forma contínua. / Citrus fruits are Brazil’s major exporting sources, and São Paulo is accountable for approximately 80% of the total production. Among the factors that limit the Brazilian citriculture, especially in the state of São Paulo, one points in the past few years the citrus variegated chlorosis (CVC), flower rot, citrus leaf miner and citrus fruit borer, Ecdytolopha aurantiana (Lima, 1927) (Lepidoptera: Tortricidae), in addition to mites, fruit flies, black spot, and more recently, sudden death. The goal of this work was to develop a model to predict the occurrence of E. aurantiana, based on monitoring data collected through sexual pheromone traps, and to develop a computer system capable of using such model to generate occurrence predictions and to provide a place for information exchange between citriculturists and the scientific community. Soil type, site temperature, citrus variety, age of plants and use of chemicals to control E. aurantiana influenced the population dynamics of the insect. The highest influence on the citrus fruit borer dynamics was exerted by the soil type, followed by site temperature, citrus variety, age of plants and use of chemicals for E. aurantiana control. The occurrence of E. aurantiana according to temperature is different for each combination of soil type, citrus variety, age of plants and use of chemicals. The model developed can predict the occurrence potential of E. aurantiana according to temperature or months of the year, taking into account soil type, citrus variety, age of plants and chemicals spraying. The elaborated software (BF), designed in R language, includes equations that simulate the various situations of E. aurantiana occurrence. SIAC (“Sistema Integrado de Apoio ao Citricultor”) is a system that simplifies the use of the model, does not require previous knowledge on R, and provides a wide range of resources to facilitates the access of citriculturists to information and that of researchers to citriculturists’ problems, thus creating a better interaction between them. The predicting model of citrus fruit borer occurrence can be improved with more frequent and continuous data collecting.

armadilha para inseto

bicho-furão

feromônio sexual de inseto

frutas cítricas

modelo linear generalizado

SIAC

sistema de computador

citric fruit

citrus fruit borer

computer system

generalized linear models

insect pheromone

insect trap

SIAC

Grid Fault management techniques: the case of a Grid environment with malicious entities

Akimana, Rachel

01 October 2008

<p>La tolérance et la gestion des fautes dans les grilles de données/calcul est d’une importance capitale. En effet, comme dans tout autre système distribué, les composants d’une grille sont susceptibles de tomber en panne à tout moment. Mais le risque de panne croît avec la taille du système, et est donc plus exacerbé dans un système de grille. En plus, tout en essayant de mettre à profit les ressources offertes par la grille, les applications tournant sur celle-ci sont de plus en plus complexes (ex. impliquent des interactions complexes, prennent des jours d’exécution), ce qui les rend plus vulnérables aux fautes. Le plus difficile dans la gestion des fautes dans une grille, c’est qu’il est difficile de savoir si une faute qui survient sur une entité de la grille est induite malicieusement ou accidentellement.<p><p>Dans notre travail de thèse, nous utilisons le terme faute, au sens large, pour faire référence à tout étant inattendu qui survient sur tout composant de la grille. Certains de ces états provoquent des comportements aussi inattendus et perceptibles au niveau de la grille tandis que d’autres passent inaperçues. De plus, certaines de ces fautes sont le résultat d’une action malveillante alors que d’autres surviennent accidentellement ou instantanément. Dans ce travail de thèse, nous avons traité le cas de ces fautes induites malicieusement, et qui généralement passent inaperçues. Nous avons considéré en particulier le problème de la confidentialité et de l’intégrité des données stockées à long-terme sur la grille.<p><p>L’étude de la confidentialité des données a été faite en deux temps dont la première partie concerne la confidentialité des données actives. Dans cette partie, nous avons considéré une application liée à la recherche des similitudes d’une séquence d’ADN dans une base de données contenant des séquences d’ADN et stockée sur la grille. Pour cela, nous avons proposé une méthode qui permet d’effectuer la comparaison sur un composant distant, mais tout en gardant confidentielle la séquence qui fait l’objet de la comparaison. <p>Concernant les données passives, nous avons proposé une méthode de partage des données confidentielles et chiffrés sur la grille.<p> <p>En rapport avec l’intégrité des données, nous avons considéré le cas des données anonymes dans le cadre de l’intégrité des données passives. Pour les données actives, nous avons considéré le problème de la corruption des jobs exécutés sur la grille. Pour chacune des cas, nous avons proposé des mécanismes permettant de vérifier l’authenticité des données utilisées ou produites par ces applications.<p> / Doctorat en Sciences / info:eu-repo/semantics/nonPublished

Sciences exactes et naturelles

Informatique générale

Computer system failures

Fault-tolerant computing

Data protection

Computational grids (Computer systems)

Pannes système (Informatique)

Tolérance aux fautes (Informatique)

Grilles informatiques

Grids

Faults

data integrity

data confidentiality

malicious entities

Controle do cursor tridimensional via Wii Remote em ambiente de realidade virtual para o ensino de Física / Three-dimensional cursor controlled by Wii Remote for virtual reality environment to Physics teaching

Scalco, Roberto, 1979-

26 August 2018

Orientador: Wu Shin-Ting / Dissertação (mestrado) - Universidade Estadual de Campinas, Faculdade de Engenharia Elétrica e de Computação / Made available in DSpace on 2018-08-26T21:35:45Z (GMT). No. of bitstreams: 1 Scalco_Roberto_M.pdf: 7707814 bytes, checksum: a463ebd37fc0af878080cf31478cf54c (MD5) Previous issue date: 2015 / Resumo: Como complemento aos laboratórios de Física do curso de graduação de Engenharia, este trabalho propôs-se ao desenvolvimento de um ambiente contextualizado que simula um laboratório virtual de Mecânica Clássica com uma interface tridimensional interativa similar ao usado em videogames. O controle Wii Remote foi escolhido como manipulador dos objetos desse ambiente por ser relativamente barato, além de possuir recursos que permitem obter a movimentação da mão do seu usuário no espaço. O Wii Remote se mostrou válido como controlador de um cursor 3D perante os testes de usabilidade realizados por um grupo de 27 alunos. O ambiente virtual desenvolvido representa um objeto de aprendizagem para auxiliar aos alunos com dificuldade em Física, mas sem perder o caráter lúdico do uso do controle de videogame. O professor pode criar cenas que reproduzam os experimentos realizados presencialmente no laboratório, mas introduzir variações em alguns parâmetros para que os alunos possam interagir com mais situações. Para realizar as simulações físicas foi utilizada a engine ODE, enquanto a renderização das cenas foi executada pela OpenGL. Questionários que foram aplicados aos alunos antes e depois de utilizarem o ambiente virtual contextualizado para o ensino de Física e seus resultados mostraram que o ambiente pode ser utilizado de maneira complementar, à aula tradicional, principalmente nas situações em que a aprendizagem acontece por repetição de tarefas / Abstract: As a complement to Physics laboratories in Engineering course, this work aimed to developping a environment that simulates a Classical Mechanics virtual laboratory using an interactive three-dimensional interface, similar to video games. The virtual environment helps students with difficult in Physics by using video game control. For the techaer, the possibility to create scenes that reproduce the experiments conducted in the laboratory, varying some parameters so that students can interact with most situations, could bring good oportunities to improve the classes. For the physical simulation was used the ODE engine and the OpenGL to scenes rendering and for interface to motion tracking object was Wii Remote control chosen, due to be relatively cheap and it allow to get the user hand movement in space.Tests with 27 students proved that Wii Remote is a valid 3D cursor controller and the environment can be used in a complementary way, the traditional classroom, especially in situations where learning happens by repeating tasks / Mestrado / Engenharia de Computação / Mestre em Engenharia Elétrica

Realidade virtual

Laboratório de física

Virtual reality

Physics - Teaching computer aided

Physical laboratory

Video games Nitendo

Learning-based Attack and Defense on Recommender Systems

Agnideven Palanisamy Sundar (11190282)

06 August 2021

The internet is the home for massive volumes of valuable data constantly being created, making it difficult for users to find information relevant to them. In recent times, online users have been relying on the recommendations made by websites to narrow down the options. Online reviews have also become an increasingly important factor in the final choice of a customer. Unfortunately, attackers have found ways to manipulate both reviews and recommendations to mislead users. A Recommendation System is a special type of information filtering system adapted by online vendors to provide suggestions to their customers based on their requirements. Collaborative filtering is one of the most widely used recommendation systems; unfortunately, it is prone to shilling/profile injection attacks. Such attacks alter the recommendation process to promote or demote a particular product. On the other hand, many spammers write deceptive reviews to change the credibility of a product/service. This work aims to address these issues by treating the review manipulation and shilling attack scenarios independently. For the shilling attacks, we build an efficient Reinforcement Learning-based shilling attack method. This method reduces the uncertainty associated with the item selection process and finds the most optimal items to enhance attack reach while treating the recommender system as a black box. Such practical online attacks open new avenues for research in building more robust recommender systems. When it comes to review manipulations, we introduce a method to use a deep structure embedding approach that preserves highly nonlinear structural information and the dynamic aspects of user reviews to identify and cluster the spam users. It is worth mentioning that, in the experiment with real datasets, our method captures about 92\% of all spam reviewers using an unsupervised learning approach.<br>

Computer System Security

Computer Communications Networks

Recommender Systems

Machine Learning

Deep Learning

Reinforcement Learning

Fraud Detection

Fake Reviews

Shilling Attacks

Graph Embedding

Multi-Armed Bandits

New and Emerging Mobile Apps Among Teens - Are Forensic Tools Keeping Up?

Kelsey Billups (8800973)

06 May 2020

Mobile applications are an important but fast changing piece of the digital forensics’ world. For mobile forensics researchers and field analysts, it is hard to keep up with the pace of the ever-changing world of the newest and most popular applications teens are using. Mobile forensic tools are quickly becoming more and more supportive of new applications, but with how quickly apps are changing and new ones being released, it is still difficult for the tools to keep up. The research question for this project examines to what extent digital forensic tools support new and emerging applications seen recently in investigations involving teenagers? For this research, a survey was conducted asking digital forensic analysts, and others who investigate digital crimes, what applications they are coming across most frequently during investigations involving teens and whether those applications are being supported by forensic tools. The top three applications from the survey that were not supported by mobile forensic tools, Monkey, Houseparty, and Likee were populated onto a test device and then evaluated and analyzed to see what forensic artifacts were found in those applications. The mobile application artifacts were then compared on two different forensic tools to see which tool obtains the most forensic artifacts from the applications. Through the examination and analysis of the applications and data contained within the apps, it was determined that 61% of the populated forensic artifacts were recovered manually and only 45% were recovered by a forensic tool for the Monkey application. 100% of the populated forensic artifacts were recovered manually and only 29% were recovered by a forensic tool for the Houseparty application. 42% of the populated forensic artifacts were recovered manually and only 3% were recovered by a forensic tool for the Likee application. It was found that the extent of support from digital forensic tools for these types of applications depends greatly on how the application stores the artifacts, but the artifact extraction support was limited for all applications. This research benefits in helping researchers and analysts by understanding the data and artifacts contained within the applications, what forensic artifacts are recoverable, and where to find those important artifacts. This research can help in finding important evidence for future investigations.<br>

Computer System Security

Mobile Technologies

cyber forensics

Digital Forensics

computer forensics

Mobile Forensics

mobile applications

mobile app

Social media use

Android

forensic toolkits

INTERNET OF THINGS SYSTEMS SECURITY: BENCHMARKING AND PROTECTION

Naif S Almakhdhub (8810120)

07 May 2020

<div><p>Internet of Things (IoT) systems running on Microcontrollers (MCUS) have become a prominent target of remote attacks. Although deployed in security and safety critical domains, such systems lack basic mitigations against control-flow hijacking attacks. Attacks against IoT systems already enabled malicious takeover of smartphones, vehicles, unmanned aerial vehicles, and industrial control systems.</p></div><div><p> </p><div><p>The thesis introduces a systemic analysis of previous defense mitigations to secure IoT systems. Building off this systematization, we identify two main issues in IoT systems security. First, efforts to protect IoT systems are hindered by the lack of realistic benchmarks and evaluation frameworks. Second, existing solutions to protect from control-flow hijacking on the return edge are either impractical or have limited security guarantees. This thesis addresses these issues using two approaches. </p></div><div><p> </p></div><div><p>First, we present BenchIoT, a benchmark suite of five realistic IoT applications and an evaluation framework that enables automated and extensible evaluation of 14 metrics covering security, performance, memory usage, and energy. BenchIoT enables evaluating and comparing security mechanisms. Using BenchIoT, we show that even if two security mechanisms have similarly modest runtime overhead, one can have undesired consequences on security such as a large portion of privileged user execution.</p></div><div><p> </p></div><div><p>Second, we introduce Return Address Integrity (RAI), a novel security mechanism to prevent all control-flow hijacking attacks targeting return edges, without requiring special hardware. We design and implement μRAI to enforce the RAI property. Our results show μRAI has a low runtime overhead of 0.1% on average, and therefore is a</p></div><div><p>practical solution for IoT systems. </p></div><div><p> </p></div><div><p>This thesis enables measuring the security IoT systems through standardized benchmarks and metrics. Using static analysis and runtime monitors, it prevents control-flow hijacking attacks on return edges with low runtime overhead. Combined, this thesis advances the state-of-the-art of protecting IoT systems and benchmarking its security.</p></div></div>

Computer Engineering

Applied Computer Science

Computer System Security

Cyber security

Computer Security

System Security

Software Security

Embedded Systems Security

IoT Security

Internet of things(IoT)

control-flow hijacking

embedded systems

Cybersecurity

CISTAR Cybersecurity Scorecard

Braiden M Frantz (8072417)

03 December 2019

<p>Highly intelligent and technically savvy people are employed to hack data systems throughout the world for prominence or monetary gain. Organizations must combat these criminals with people of equal or greater ability. There have been reports of heightened threats from cyber criminals focusing upon the energy sector, with recent attacks upon natural gas pipelines and payment centers. The Center for Innovative and Strategic Transformation of Alkane Resources (CISTAR) working collaboratively with the Purdue Process Safety and Assurance Center (P2SAC) reached out to the Computer and Information Technology Department to assist with analysis of the current cybersecurity posture of the companies involved with the CISTAR initiative. This cybersecurity research project identifies the overall defensive cyber posture of CISTAR companies and provides recommendations on how to bolster internal cyberspace defenses through the identification of gaps and shortfalls, which aided the compilation of suggestions for improvement. Key findings include the correlation of reduced cybersecurity readiness to companies founded less than 10 years ago, cybersecurity professionals employed by all CISTAR companies and all CISTAR companies implementing basic NIST cybersecurity procedures.</p>

Computer System Security

Web Technologies (excl. Web Search)

Cybersecurity

Cyber

CISTAR

P2SAC

NIST

petroleum

natural gas

petroleum IT

energy

energy cyber

cyber-attack

cyber attack

cyber defense

natural gas disruption

Anomaly Detection and Security Deep Learning Methods Under Adversarial Situation

Miguel Villarreal-Vasquez (9034049)

27 June 2020

<p>Advances in Artificial Intelligence (AI), or more precisely on Neural Networks (NNs), and fast processing technologies (e.g. Graphic Processing Units or GPUs) in recent years have positioned NNs as one of the main machine learning algorithms used to solved a diversity of problems in both academia and the industry. While they have been proved to be effective in solving many tasks, the lack of security guarantees and understanding of their internal processing disrupts their wide adoption in general and cybersecurity-related applications. In this dissertation, we present the findings of a comprehensive study aimed to enable the absorption of state-of-the-art NN algorithms in the development of enterprise solutions. Specifically, this dissertation focuses on (1) the development of defensive mechanisms to protect NNs against adversarial attacks and (2) application of NN models for anomaly detection in enterprise networks.</p><p>In this state of affairs, this work makes the following contributions. First, we performed a thorough study of the different adversarial attacks against NNs. We concentrate on the attacks referred to as trojan attacks and introduce a novel model hardening method that removes any trojan (i.e. misbehavior) inserted to the NN models at training time. We carefully evaluate our method and establish the correct metrics to test the efficiency of defensive methods against these types of attacks: (1) accuracy with benign data, (2) attack success rate, and (3) accuracy with adversarial data. Prior work evaluates their solutions using the first two metrics only, which do not suffice to guarantee robustness against untargeted attacks. Our method is compared with the state-of-the-art. The obtained results show our method outperforms it. Second, we proposed a novel approach to detect anomalies using LSTM-based models. Our method analyzes at runtime the event sequences generated by the Endpoint Detection and Response (EDR) system of a renowned security company running and efficiently detects uncommon patterns. The new detecting method is compared with the EDR system. The results show that our method achieves a higher detection rate. Finally, we present a Moving Target Defense technique that smartly reacts upon the detection of anomalies so as to also mitigate the detected attacks. The technique efficiently replaces the entire stack of virtual nodes, making ongoing attacks in the system ineffective.</p><p> </p>

Applied Computer Science

Computer Vision

Computer System Security

Deep Neural Network (DNN)

security

content-focus

data augmentation

trojan or backdoor attacks

insider threats

Long Short-Term Memory (LSTM)

anomaly detection

variable-length sequence analysis