Pub Date : 2016-12-01DOI: 10.1109/SSCI.2016.7849929
A. Pope, D. Tauritz, A. Kent
Random graph generation techniques provide an invaluable tool for studying graph related concepts. Unfortunately, traditional random graph models tend to produce artificial representations of real-world phenomenon. Manually developing customized random graph models for every application would require an unreasonable amount of time and effort. In this work, a platform is developed to automate the production of random graph generators that are tailored to specific applications. Elements of existing random graph generation techniques are used to create a set of graph-based primitive operations. A hyper-heuristic approach is employed that uses genetic programming to automatically construct random graph generators from this set of operations. This work improves upon similar research by increasing the level of algorithmic sophistication possible with evolved solutions, allowing more accurate modeling of subtle graph characteristics. The versatility of this approach is tested against existing methods and experimental results demonstrate the potential to outperform conventional and state of the art techniques for specific applications.
{"title":"Evolving random graph generators: A case for increased algorithmic primitive granularity","authors":"A. Pope, D. Tauritz, A. Kent","doi":"10.1109/SSCI.2016.7849929","DOIUrl":"https://doi.org/10.1109/SSCI.2016.7849929","url":null,"abstract":"Random graph generation techniques provide an invaluable tool for studying graph related concepts. Unfortunately, traditional random graph models tend to produce artificial representations of real-world phenomenon. Manually developing customized random graph models for every application would require an unreasonable amount of time and effort. In this work, a platform is developed to automate the production of random graph generators that are tailored to specific applications. Elements of existing random graph generation techniques are used to create a set of graph-based primitive operations. A hyper-heuristic approach is employed that uses genetic programming to automatically construct random graph generators from this set of operations. This work improves upon similar research by increasing the level of algorithmic sophistication possible with evolved solutions, allowing more accurate modeling of subtle graph characteristics. The versatility of this approach is tested against existing methods and experimental results demonstrate the potential to outperform conventional and state of the art techniques for specific applications.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127594482","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-01DOI: 10.1109/SSCI.2016.7849902
Julio Navarro-Lara, A. Deruyver, P. Parrend
Threat detection is one of the basic mechanisms for protecting a network, as prevention does not suffice. Finding an attack is difficult because the most harmful ones are specially prepared against a specific victim and crafted for the first time. The contribution of a human expert is still needed for their detection, no matter how effective automatic methods used nowadays can appear. Moreover, in many occasions intrusions can only be efficiently detected by analyzing its effects on more than one element in the network. Event and alert recollection offers a way to centralize information from a heterogeneous set of sources. Then, it can be normalized to a common language and analyzed as a whole by a security system. In this paper we propose Morwilog, an ant-inspired method for standing out the relationship between actions belonging to the same complex attack. Morwilog is conceived as a framework for alert correlation to be integrated in a multi-modular security system. Reinforcement learning is incorporated to it thanks to feedback from a human security expert.
{"title":"Morwilog: an ACO-based system for outlining multi-step attacks","authors":"Julio Navarro-Lara, A. Deruyver, P. Parrend","doi":"10.1109/SSCI.2016.7849902","DOIUrl":"https://doi.org/10.1109/SSCI.2016.7849902","url":null,"abstract":"Threat detection is one of the basic mechanisms for protecting a network, as prevention does not suffice. Finding an attack is difficult because the most harmful ones are specially prepared against a specific victim and crafted for the first time. The contribution of a human expert is still needed for their detection, no matter how effective automatic methods used nowadays can appear. Moreover, in many occasions intrusions can only be efficiently detected by analyzing its effects on more than one element in the network. Event and alert recollection offers a way to centralize information from a heterogeneous set of sources. Then, it can be normalized to a common language and analyzed as a whole by a security system. In this paper we propose Morwilog, an ant-inspired method for standing out the relationship between actions belonging to the same complex attack. Morwilog is conceived as a framework for alert correlation to be integrated in a multi-modular security system. Reinforcement learning is incorporated to it thanks to feedback from a human security expert.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126273801","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-01DOI: 10.1109/SSCI.2016.7849931
Lin Zhang, Steffen Walter, Xueyao Ma, P. Werner, A. Al-Hamadi, H. Traue, Sascha Gruss
The precondition of productive data mining is having an efficient database to work on. The BioVid Emo DB is a multimodal database recorded for the purpose of analyzing human affective states and data mining related to emotion. Psychophysiological signals such as Skin Conductance Level, Electrocardiogram, Trapezius Electromyogram and also 4 video signals were recorded. 5 discrete emotions (amusement, sadness, anger, disgust and fear) were elicited by 15 standardized film clips. 94 participants watched them, rated them in terms of the experienced emotional level and selected the film clips that evoked the strongest emotion. A preliminary analysis of the subjective ratings made during the experiment is presented. The dataset is available for other researchers.
{"title":"“BioVid Emo DB”: A multimodal database for emotion analyses validated by subjective ratings","authors":"Lin Zhang, Steffen Walter, Xueyao Ma, P. Werner, A. Al-Hamadi, H. Traue, Sascha Gruss","doi":"10.1109/SSCI.2016.7849931","DOIUrl":"https://doi.org/10.1109/SSCI.2016.7849931","url":null,"abstract":"The precondition of productive data mining is having an efficient database to work on. The BioVid Emo DB is a multimodal database recorded for the purpose of analyzing human affective states and data mining related to emotion. Psychophysiological signals such as Skin Conductance Level, Electrocardiogram, Trapezius Electromyogram and also 4 video signals were recorded. 5 discrete emotions (amusement, sadness, anger, disgust and fear) were elicited by 15 standardized film clips. 94 participants watched them, rated them in terms of the experienced emotional level and selected the film clips that evoked the strongest emotion. A preliminary analysis of the subjective ratings made during the experiment is presented. The dataset is available for other researchers.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128021168","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-01DOI: 10.1109/SSCI.2016.7850076
M. Ussath, Feng Cheng, C. Meinel
An increasing number of attacks use advanced tactics, techniques and methods to compromise target systems and environments. Such multi-step attacks are often able to bypass existing prevention and detection systems, such as Intrusion Detection Systems (IDSs), firewalls and anti-virus solutions. These security systems either use an anomaly-based or a signature-based detection approach. For systems that utilize a signature-based approach, it is relevant to use precise detection signatures to identify attacks. The creation of signatures is often complex and time consuming, especially for multi-step attacks. In this paper, we propose a signature derivation approach that automatically creates multi-step detection signatures from taint graphs. The approach uses the recorded log events of an attack and the event attribute tainting approach to correlate the events and to create a taint graph. This graph, which provides comprehensive details about the attack, is then used to derive a precise multi-step detection signature. Therewith, this approach can reduce the needed time to create a multi-step signature as well as the complexity of this process. For the evaluation of the proposed approach, we simulated a multi-step attack with real world attack tools and methods. Based on the recorded log events and the implemented signature derivation system we automatically derived a multi-step detection signature that describes all relevant events and their relations.
{"title":"Automatic multi-step signature derivation from taint graphs","authors":"M. Ussath, Feng Cheng, C. Meinel","doi":"10.1109/SSCI.2016.7850076","DOIUrl":"https://doi.org/10.1109/SSCI.2016.7850076","url":null,"abstract":"An increasing number of attacks use advanced tactics, techniques and methods to compromise target systems and environments. Such multi-step attacks are often able to bypass existing prevention and detection systems, such as Intrusion Detection Systems (IDSs), firewalls and anti-virus solutions. These security systems either use an anomaly-based or a signature-based detection approach. For systems that utilize a signature-based approach, it is relevant to use precise detection signatures to identify attacks. The creation of signatures is often complex and time consuming, especially for multi-step attacks. In this paper, we propose a signature derivation approach that automatically creates multi-step detection signatures from taint graphs. The approach uses the recorded log events of an attack and the event attribute tainting approach to correlate the events and to create a taint graph. This graph, which provides comprehensive details about the attack, is then used to derive a precise multi-step detection signature. Therewith, this approach can reduce the needed time to create a multi-step signature as well as the complexity of this process. For the evaluation of the proposed approach, we simulated a multi-step attack with real world attack tools and methods. Based on the recorded log events and the implemented signature derivation system we automatically derived a multi-step detection signature that describes all relevant events and their relations.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125987234","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-01DOI: 10.1109/SSCI.2016.7849960
Loukia Karanikola, Isambo Karali
Description Logics, defined as a family of knowledge representation languages, have gained a lot of popularity, due to their connection with the Semantic Web, and more precisely, with the Web Ontology Language - OWL (OWL-DL). Vague information cannot be considered negligible when dealing with Semantic Web tasks. In this context, the definition of fuzzy DLs has been emerged. The Semantics of any DL is defined by an interpretation, which can be considered as a state of a world, where a DL formula (crisp or fuzzy) holds. In our method, we consider an uncertainty extension in a fuzzy DL, in the sense that an axiom holds with a belief degree. In order to represent these axioms, we assume Dempster-Shafer basic probability assignments on states of world (interpretations). We define the concept of Dempster-Shafer Fuzzy interpretation, in order to define semantics for our DL.
{"title":"Dempster-Shafer logical model for fuzzy Description Logics","authors":"Loukia Karanikola, Isambo Karali","doi":"10.1109/SSCI.2016.7849960","DOIUrl":"https://doi.org/10.1109/SSCI.2016.7849960","url":null,"abstract":"Description Logics, defined as a family of knowledge representation languages, have gained a lot of popularity, due to their connection with the Semantic Web, and more precisely, with the Web Ontology Language - OWL (OWL-DL). Vague information cannot be considered negligible when dealing with Semantic Web tasks. In this context, the definition of fuzzy DLs has been emerged. The Semantics of any DL is defined by an interpretation, which can be considered as a state of a world, where a DL formula (crisp or fuzzy) holds. In our method, we consider an uncertainty extension in a fuzzy DL, in the sense that an axiom holds with a belief degree. In order to represent these axioms, we assume Dempster-Shafer basic probability assignments on states of world (interpretations). We define the concept of Dempster-Shafer Fuzzy interpretation, in order to define semantics for our DL.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122017314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-01DOI: 10.1109/SSCI.2016.7849910
D. Leon, Venkata A. Bhandari, Ananth A. Jillepalli, Frederick T. Sheldon
Today, web browsers are used to access and modify sensitive data and systems including intranets and critical control systems. Due to their computational capabilities and network connectivity, browsers are vulnerable to several types of attacks, even when fully patched. Browsers are also the main target of phishing attacks. Many browser attacks, including phishing, could be prevented or mitigated by using site-, user-, and device-specific security configurations in a diverse browsing ecosystem. However, in our research, we discovered that all major browsers expose disparate security configuration procedures, option names, values, and semantics. This results in an extremely hard to secure browsing ecosystem. We analyzed in detail more than a thousand browser security configuration options in three major browsers and found that only 17 had common names with common semantics. In this paper, we describe the results of this in-depth analysis. We also describe a knowledge-based solution, Open Browser GP, that would enable organizations to implement highly-granular secure configurations for their information and operational technology (IT/OT) browsing ecosystem.
{"title":"Using a knowledge-based security orchestration tool to reduce the risk of browser compromise","authors":"D. Leon, Venkata A. Bhandari, Ananth A. Jillepalli, Frederick T. Sheldon","doi":"10.1109/SSCI.2016.7849910","DOIUrl":"https://doi.org/10.1109/SSCI.2016.7849910","url":null,"abstract":"Today, web browsers are used to access and modify sensitive data and systems including intranets and critical control systems. Due to their computational capabilities and network connectivity, browsers are vulnerable to several types of attacks, even when fully patched. Browsers are also the main target of phishing attacks. Many browser attacks, including phishing, could be prevented or mitigated by using site-, user-, and device-specific security configurations in a diverse browsing ecosystem. However, in our research, we discovered that all major browsers expose disparate security configuration procedures, option names, values, and semantics. This results in an extremely hard to secure browsing ecosystem. We analyzed in detail more than a thousand browser security configuration options in three major browsers and found that only 17 had common names with common semantics. In this paper, we describe the results of this in-depth analysis. We also describe a knowledge-based solution, Open Browser GP, that would enable organizations to implement highly-granular secure configurations for their information and operational technology (IT/OT) browsing ecosystem.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115819212","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-01DOI: 10.1109/SSCI.2016.7850236
Mardé Helbig
Most real world problems have more than one objective, with at least two objectives in conflict with one another and at least one objective that is dynamic in nature. The dynamic vector evaluated particle swarm optimisation (DVEPSO) algorithm is a co-operative algorithm, where each sub-swarm solves only one objective function and therefore, each sub-swarm optimises only a sub-set of decision variables. Knowledge is shared amongst the sub-swarms when the particles' velocity is updated, by using the position of the global guide of the subswarm or of another sub-swarm. The global guide can only provide information about the decision variables that are applicable to the objective function that its sub-swarm is optimising. Therefore, padding is required for the other decision variables. This paper investigates various padding approaches, namely using the sub-swarm's global best, using the personal best (pbest) of another particle in the sub-swarm, using the global best (gbest) of another sub-swarm or performing parent-centric crossover on another particle's position, pbest and gbest. Results indicate that using a random gbest or pbest performed well in fast changing environments, and using the sub-swarm's gbest performed well in slowly changing environments.
{"title":"Padding the dimensions for knowledge transfer in the dynamic vector evaluated particle swarm optimisation algorithm","authors":"Mardé Helbig","doi":"10.1109/SSCI.2016.7850236","DOIUrl":"https://doi.org/10.1109/SSCI.2016.7850236","url":null,"abstract":"Most real world problems have more than one objective, with at least two objectives in conflict with one another and at least one objective that is dynamic in nature. The dynamic vector evaluated particle swarm optimisation (DVEPSO) algorithm is a co-operative algorithm, where each sub-swarm solves only one objective function and therefore, each sub-swarm optimises only a sub-set of decision variables. Knowledge is shared amongst the sub-swarms when the particles' velocity is updated, by using the position of the global guide of the subswarm or of another sub-swarm. The global guide can only provide information about the decision variables that are applicable to the objective function that its sub-swarm is optimising. Therefore, padding is required for the other decision variables. This paper investigates various padding approaches, namely using the sub-swarm's global best, using the personal best (pbest) of another particle in the sub-swarm, using the global best (gbest) of another sub-swarm or performing parent-centric crossover on another particle's position, pbest and gbest. Results indicate that using a random gbest or pbest performed well in fast changing environments, and using the sub-swarm's gbest performed well in slowly changing environments.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115861708","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-01DOI: 10.1109/SSCI.2016.7850281
David C. Alvarez-Charris, A. Pérez-Uribe, H. Satizábal, Jesús A. López
We present the co-design of a gaming scenario between an Artificial Evolution algorithm and a human designer. Such co-design is twofold, consisting of an initial stage in which a genetic algorithm is used to evolve the control parameters that define the behavior of a group of virtual agents. This produces interesting and unexpected results not only creating differentiated behaviors but also increasing the flexibility of the character to adapt to a given objective. In the second stage of the game design a human interplay was introduced in adding other elements to the game, such as other characters and new game dynamics. In this paper we introduce a game that integrates virtual and physical characters while taking advantage of such co-design approach. The physical character consists of a robot which controlled through a Natural User Interface can be part of the game by interacting with other characters in the virtual environment.
{"title":"EvoBoids: Co-design of a physical and virtual game using Artificial Evolution","authors":"David C. Alvarez-Charris, A. Pérez-Uribe, H. Satizábal, Jesús A. López","doi":"10.1109/SSCI.2016.7850281","DOIUrl":"https://doi.org/10.1109/SSCI.2016.7850281","url":null,"abstract":"We present the co-design of a gaming scenario between an Artificial Evolution algorithm and a human designer. Such co-design is twofold, consisting of an initial stage in which a genetic algorithm is used to evolve the control parameters that define the behavior of a group of virtual agents. This produces interesting and unexpected results not only creating differentiated behaviors but also increasing the flexibility of the character to adapt to a given objective. In the second stage of the game design a human interplay was introduced in adding other elements to the game, such as other characters and new game dynamics. In this paper we introduce a game that integrates virtual and physical characters while taking advantage of such co-design approach. The physical character consists of a robot which controlled through a Natural User Interface can be part of the game by interacting with other characters in the virtual environment.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115864957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-01DOI: 10.1109/SSCI.2016.7850148
J. Merigó, N. Alrajeh, M. Peris-Ortiz
The ordered weighted average (OWA) aggregation is an extension of the classical weighted average by using a reordering process of the arguments in a decreasing or increasing way. This article presents new averaging aggregation operators by using sums and order inducing variables. This approach produces the induced ordered weighted average sum (IOWAS). The IOWAS operator aggregates a set of sums using a complex reordering process based on order-inducing variables. This approach includes a different types of aggregation structures including the well-known OWA families. The work presents additional generalizations by using generalized and quasi-arithmetic means. The paper ends with a simple numerical example that shows how to aggregate with this new approach.
{"title":"Induced aggregation operators in the ordered weighted average sum","authors":"J. Merigó, N. Alrajeh, M. Peris-Ortiz","doi":"10.1109/SSCI.2016.7850148","DOIUrl":"https://doi.org/10.1109/SSCI.2016.7850148","url":null,"abstract":"The ordered weighted average (OWA) aggregation is an extension of the classical weighted average by using a reordering process of the arguments in a decreasing or increasing way. This article presents new averaging aggregation operators by using sums and order inducing variables. This approach produces the induced ordered weighted average sum (IOWAS). The IOWAS operator aggregates a set of sums using a complex reordering process based on order-inducing variables. This approach includes a different types of aggregation structures including the well-known OWA families. The work presents additional generalizations by using generalized and quasi-arithmetic means. The paper ends with a simple numerical example that shows how to aggregate with this new approach.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131969518","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-01DOI: 10.1109/SSCI.2016.7849903
Kul Prasad Subedi, D. Dasgupta, Bo Chen
The growing popularity of high performance computing has led to a new focus on bypassing or eliminating traditional I/O operations that are usually the bottlenecks for fast processing of large data volumes. One such solution uses a new network communication protocol called InfiniBand (IB) which supports remote direct memory access without making two copies of data (one in user space and the other in kernel space) and thus provides very low latency and very high throughput. To this end, for many industries, IB has now become a promising inter-connect protocol over Ethernet technologies. Ensuring the security of this new protocol is critical since more and more companies are moving towards it. To ensure the security of IB, the first step is to have a thorough understand of the vulnerabilities of its current implementations, which is unfortunately still missing in the literature. In this paper, we aim to fill this gap. In particular, we perform a static code analysis as well as protocol testing in order to examine security features in IB architecture from the implementation perspective. While our extensive penetration testing could not find any significant security loopholes; there are certain aspects in both the design and the implementations that need to be addressed. Our focus is in the implementation perspective. Specifically, we found there is a significant use for a number of vulnerable functions (e.g., memcpy, sprintf, and char) as well as obsolete functions (e.g., memalign) that we believe should be replaced with alternative functions such as memmove, snprintf, getline, and posix memalign. We believe our work will benefit both the protocol developers as well as the users by taking the first step to ensure the security of IB protocol.
{"title":"Security analysis on InfiniBand protocol implementations","authors":"Kul Prasad Subedi, D. Dasgupta, Bo Chen","doi":"10.1109/SSCI.2016.7849903","DOIUrl":"https://doi.org/10.1109/SSCI.2016.7849903","url":null,"abstract":"The growing popularity of high performance computing has led to a new focus on bypassing or eliminating traditional I/O operations that are usually the bottlenecks for fast processing of large data volumes. One such solution uses a new network communication protocol called InfiniBand (IB) which supports remote direct memory access without making two copies of data (one in user space and the other in kernel space) and thus provides very low latency and very high throughput. To this end, for many industries, IB has now become a promising inter-connect protocol over Ethernet technologies. Ensuring the security of this new protocol is critical since more and more companies are moving towards it. To ensure the security of IB, the first step is to have a thorough understand of the vulnerabilities of its current implementations, which is unfortunately still missing in the literature. In this paper, we aim to fill this gap. In particular, we perform a static code analysis as well as protocol testing in order to examine security features in IB architecture from the implementation perspective. While our extensive penetration testing could not find any significant security loopholes; there are certain aspects in both the design and the implementations that need to be addressed. Our focus is in the implementation perspective. Specifically, we found there is a significant use for a number of vulnerable functions (e.g., memcpy, sprintf, and char) as well as obsolete functions (e.g., memalign) that we believe should be replaced with alternative functions such as memmove, snprintf, getline, and posix memalign. We believe our work will benefit both the protocol developers as well as the users by taking the first step to ensure the security of IB protocol.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132044744","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: