Parallel Computing of Particle Filtering Algorithms for Target Tracking Applications

Wu, Jiande

18 December 2014

Particle filtering has been a very popular method to solve nonlinear/non-Gaussian state estimation problems for more than twenty years. Particle filters (PFs) have found lots of applications in areas that include nonlinear filtering of noisy signals and data, especially in target tracking. However, implementation of high dimensional PFs in real-time for large-scale problems is a very challenging computational task. Parallel & distributed (P&D) computing is a promising way to deal with the computational challenges of PF methods. The main goal of this dissertation is to develop, implement and evaluate computationally efficient PF algorithms for target tracking, and thereby bring them closer to practical applications. To reach this goal, a number of parallel PF algorithms is designed and implemented using different parallel hardware architectures such as Computer Cluster, Graphics Processing Unit (GPU), and Field-Programmable Gate Array (FPGA). Proposed is an improved PF implementation for computer cluster - the Particle Transfer Algorithm (PTA), which takes advantage of the cluster architecture and outperforms significantly existing algorithms. Also, a novel GPU PF algorithm implementation is designed which is highly efficient for GPU architectures. The proposed algorithm implementations on different parallel computing environments are applied and tested for target tracking problems, such as space object tracking, ground multitarget tracking using image sensor, UAV-multisensor tracking. Comprehensive performance evaluation and comparison of the algorithms for both tracking and computational capabilities is performed. It is demonstrated by the obtained simulation results that the proposed implementations help greatly overcome the computational issues of particle filtering for realistic practical problems.

Electrical and Computer Engineering

Preventing information leakage in NDN with name and flow filters / Prévenir la fuite d'information dans les NDN grâce aux filtres de noms et de flux

Kondo, Daishi

17 December 2018

Au cours des dernières années, les réseaux de type (NDN) sont devenus une des architectures réseau les plus prometteuses. Pour être adopté à l'échelle d'Internet, NDN doit résoudre les problèmes inhérents à l'Internet actuel. La fuite d’informations fait partie de ces problèmes, et il est très important d’évaluer ce risque pour les réseaux de type NDN. La thèse se propose d'évaluer ce risque. En supposant (i) qu'un ordinateur appartient au réseau d'une entreprise basée sur une architecture NDN, (ii) que l'ordinateur a déjà été compromis par un support malveillant, et (iii) que la société installe un pare-feu, la thèse évalue la situation dans laquelle l’ordinateur infecté tente de divulguer des données à un attaquant externe à l'entreprise. Les contributions de cette thèse sont au nombre de cinq. Tout d'abord, cette thèse propose une attaque par fuite d'informations via un paquet donné et un paquet intérêt propres à NDN. Deuxièmement, afin de remédier à l'attaque fuite d'informations, cette thèse propose un pare-feu basé sur l'utilisation d'une liste blanche et d'une liste noire afin de surveiller et traiter le trafic NDN provenant des consommateurs. Troisièmement, cette thèse propose un filtre de noms NDN pour classifier un nom dans un paquet d'intérêt comme étant légitime ou non. Le filtre de noms peut ainsi réduire le débit par paquet d'intérêt. Cependant, pour adapter la vitesse de l'attaque, les logiciels malveillants peuvent envoyer de nombreux intérêts en très peu de temps. De même, le logiciel malveillant peut exploiter un intérêt avec une information explicite dans le nom (comme peut le faire un message véhiculé par un POST sur HTTP). Cela dépasse alors la portée du filtre de nom proposé et rend le filtre inefficace. Pour prendre en compte le flux de trafic analysé par le pare-feu NDN, cette thèse propose comme quatrième contribution la surveillance du flux NDN à travers le pare-feu. Enfin, afin de traiter les inconvénients du filtre de noms NDN, cette thèse propose un filtre de flux NDN permettant de classer un flux comme légitime ou non. L'évaluation des performances montre que le filtre de flux complète de manière tout à fait performante le filtre de nom et réduit considérablement le débit de fuite d'informations / In recent years, Named Data Networking (NDN) has emerged as one of the most promising future networking architectures. To be adopted at Internet scale, NDN needs to resolve the inherent issues of the current Internet. Since information leakage from an enterprise is one of the big issues even in the Internet and it is very crucial to assess the risk before replacing the Internet with NDN completely, this thesis investigates whether a new security threat causing the information leakage can happen in NDN. Assuming that (i) a computer is located in the enterprise network that is based on an NDN architecture, (ii) the computer has already been compromised by suspicious media such as a malicious email, and (iii) the company installs a firewall connected to the NDN-based future Internet, this thesis focuses on a situation that the compromised computer (i.e., malware) attempts to send leaked data to the outside attacker. The contributions of this thesis are fivefold. Firstly, this thesis proposes an information leakage attack through a Data and through an Interest in NDN. Secondly, in order to address the information leakage attack, this thesis proposes an NDN firewall which monitors and processes the NDN traffic coming from the consumers with the whitelist and blacklist. Thirdly, this thesis proposes an NDN name filter to classify a name in the Interest as legitimate or not. The name filter can, indeed, reduce the throughput per Interest, but to ameliorate the speed of this attack, malware can send numerous Interests within a short period of time. Moreover, the malware can even exploit an Interest with an explicit payload in the name (like an HTTP POST message in the Internet), which is out of scope in the proposed name filter and can increase the information leakage throughput by adopting a longer payload. To take traffic flow to the NDN firewall from the consumer into account, fourthly, this thesis proposes an NDN flow monitored at an NDN firewall. Fifthly, in order to deal with the drawbacks of the NDN name filter, this thesis proposes an NDN flow filter to classify a flow as legitimate or not. The performance evaluation shows that the flow filter complements the name filter and greatly chokes the information leakage throughput

Named Data Networking

Fuite d’informations

Pare-feu

Filtre de nom

Filtre de flux

Named Data Networking

Information leakage

Firewall

Name filter

Flow filter

005.82