Certain classes of log analytical models, such as those for log anomaly detection, require as inputs sequences of parsed log messages in which the message tokens that belong to the template of the message are indicated. For this reason, it is common for such a model to employ a log parser, a program that detects the template of each message in a log file. It has been shown that even the most accurate log parsers in the literature fail to achieve high accuracy at detecting the templates of messages from certain systems' log files. This paper presents DIP, a tree-based log parser. The primary methodological innovation of DIP lies in the mechanism it uses to determine whether pairs of very similar messages have the same template. While many existing parsers only consider the percentage of matching tokens between two similar messages in determining whether they have the same template, DIP considers in addition the actual tokens at which the two messages disagree, deeming a pair of similar messages to have the same template if and only if each of those tokens satisfies one in a certain set of three conditions. Our experimental results show that DIP can achieve an average accuracy that is superior to that obtained by each of the 13 parsers tested in a 2019 survey study on log parsers. Furthermore, we give evidence that it achieves this high accuracy without compromising in terms of runtime.
{"title":"DIP","authors":"Daniel Plaisted, Mengjun Xie","doi":"10.1145/3476883.3520226","DOIUrl":"https://doi.org/10.1145/3476883.3520226","url":null,"abstract":"Certain classes of log analytical models, such as those for log anomaly detection, require as inputs sequences of parsed log messages in which the message tokens that belong to the template of the message are indicated. For this reason, it is common for such a model to employ a log parser, a program that detects the template of each message in a log file. It has been shown that even the most accurate log parsers in the literature fail to achieve high accuracy at detecting the templates of messages from certain systems' log files. This paper presents DIP, a tree-based log parser. The primary methodological innovation of DIP lies in the mechanism it uses to determine whether pairs of very similar messages have the same template. While many existing parsers only consider the percentage of matching tokens between two similar messages in determining whether they have the same template, DIP considers in addition the actual tokens at which the two messages disagree, deeming a pair of similar messages to have the same template if and only if each of those tokens satisfies one in a certain set of three conditions. Our experimental results show that DIP can achieve an average accuracy that is superior to that obtained by each of the 13 parsers tested in a 2019 survey study on log parsers. Furthermore, we give evidence that it achieves this high accuracy without compromising in terms of runtime.","PeriodicalId":91384,"journal":{"name":"Proceedings of the 2014 ACM Southeast Regional Conference","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76616972","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Process-level concurrency failures occur when multiple processes read and write a shared data item without proper synchronization. Process-level failures are difficult to detect because they are sensitive to the execution order of system calls. These failures can not be detected unless a specific system-call interleaving is exercised during testing. A common practice when testing or debugging concurrency failures is to execute many runs of a program with the hope of exercising interleaving that causes races known as stress testing. However, existing research prove that stress testing is neither efficient nor reproducible. In this paper, we presented an automated technique, RedPro that can detect process-level races and also regenerate the failures. We used a binary instrumentation tool named PIN for run-time monitoring and controlling the order of execution for potential race pairs. We evaluated the performance of RedPro by detecting and regenerating nine real-world bugs. The result demonstrates that our proposed technique is both effective and efficient.
{"title":"ReDPro","authors":"T. S. Zaman, Tariqul Islam","doi":"10.1145/3476883.3520207","DOIUrl":"https://doi.org/10.1145/3476883.3520207","url":null,"abstract":"Process-level concurrency failures occur when multiple processes read and write a shared data item without proper synchronization. Process-level failures are difficult to detect because they are sensitive to the execution order of system calls. These failures can not be detected unless a specific system-call interleaving is exercised during testing. A common practice when testing or debugging concurrency failures is to execute many runs of a program with the hope of exercising interleaving that causes races known as stress testing. However, existing research prove that stress testing is neither efficient nor reproducible. In this paper, we presented an automated technique, RedPro that can detect process-level races and also regenerate the failures. We used a binary instrumentation tool named PIN for run-time monitoring and controlling the order of execution for potential race pairs. We evaluated the performance of RedPro by detecting and regenerating nine real-world bugs. The result demonstrates that our proposed technique is both effective and efficient.","PeriodicalId":91384,"journal":{"name":"Proceedings of the 2014 ACM Southeast Regional Conference","volume":"16 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81653089","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The use of e-cigarettes and vape devices by teenagers and young adults is a concern to many people. Juul is the most notable manufacturer of these kinds of devices. They market their product as a solution to the smoking pandemic. Juul has implemented a proprietary Bluetooth-capable device, the Juul C1, outside of the United States but it utilizes that technology to merely lock the device or locate it. At one point, the Juul C1 had a functionality to monitor the nicotine consumption of users to go along with their initial advertisements of their e-cigarettes being a means to quit smoking. However, they removed this functionality without providing any reasons. In this project, we plan to revitalize this function to help consumers reach their objective of using these devices. Consumers will be able to use a Juul device for the purpose of rehabilitating from their smoking habits. In this paper we present a modified Juul device, called Bluu, that connects with an app on one's phone to track nicotine consumption. This could lead to more responsible vaping by the youth, or improves utility towards research regarding e-cigarette usage.
{"title":"Bluu","authors":"Nicanor Vergara, H. ElAarag","doi":"10.1145/3476883.3520215","DOIUrl":"https://doi.org/10.1145/3476883.3520215","url":null,"abstract":"The use of e-cigarettes and vape devices by teenagers and young adults is a concern to many people. Juul is the most notable manufacturer of these kinds of devices. They market their product as a solution to the smoking pandemic. Juul has implemented a proprietary Bluetooth-capable device, the Juul C1, outside of the United States but it utilizes that technology to merely lock the device or locate it. At one point, the Juul C1 had a functionality to monitor the nicotine consumption of users to go along with their initial advertisements of their e-cigarettes being a means to quit smoking. However, they removed this functionality without providing any reasons. In this project, we plan to revitalize this function to help consumers reach their objective of using these devices. Consumers will be able to use a Juul device for the purpose of rehabilitating from their smoking habits. In this paper we present a modified Juul device, called Bluu, that connects with an app on one's phone to track nicotine consumption. This could lead to more responsible vaping by the youth, or improves utility towards research regarding e-cigarette usage.","PeriodicalId":91384,"journal":{"name":"Proceedings of the 2014 ACM Southeast Regional Conference","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77205455","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Informing users of Android apps' privacy behavior is crucial to maintain transparency. In the past, approaches have been developed to communicate app privacy behavior based on frameworks that require extensive APIs, new permission models, entirely new Operating Systems (OS), and/or third-party plugins/tools to assist developers. In this work, we present ClearCommPrivacy, a User Interface (UI) template for Android apps to convey privacy/permission information in an app by a developer familiar with an app's privacy behavior using a standardized code template and two XML files. We present the design of ClearCommPrivacy and some basic evaluation results.
{"title":"ClearCommPrivacy","authors":"Elijah B. Neundorfer, Alfredo J. Perez","doi":"10.1145/3476883.3520231","DOIUrl":"https://doi.org/10.1145/3476883.3520231","url":null,"abstract":"Informing users of Android apps' privacy behavior is crucial to maintain transparency. In the past, approaches have been developed to communicate app privacy behavior based on frameworks that require extensive APIs, new permission models, entirely new Operating Systems (OS), and/or third-party plugins/tools to assist developers. In this work, we present ClearCommPrivacy, a User Interface (UI) template for Android apps to convey privacy/permission information in an app by a developer familiar with an app's privacy behavior using a standardized code template and two XML files. We present the design of ClearCommPrivacy and some basic evaluation results.","PeriodicalId":91384,"journal":{"name":"Proceedings of the 2014 ACM Southeast Regional Conference","volume":"19 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74365763","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"ACM SE '21: 2021 ACM Southeast Conference, Virtual Event, USA, April 15-17, 2021","authors":"","doi":"10.1145/3409334","DOIUrl":"https://doi.org/10.1145/3409334","url":null,"abstract":"","PeriodicalId":91384,"journal":{"name":"Proceedings of the 2014 ACM Southeast Regional Conference","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84610041","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The study of cluster computing and its applications are vital to the future of computer science. By linking a group of computers to provide more processing power than one computer can alone, this is the principle upon which modern supercomputers are built. This short paper describes a student's learning experience in cluster computing. As part of the Texas Woman's University's Quality Enhancement project, the student received funding to purchase computing components to create a low-cost cluster computer using 5 Raspberry Pis. The data collected from experiments running on the cluster computer is compared to those from a single Raspberry Pi. The results from those experiments are presented in the paper.
{"title":"Learning Cluster Computing by Creating a Raspberry Pi Cluster","authors":"K. Doucet, Jian Zhang","doi":"10.1145/3077286.3077324","DOIUrl":"https://doi.org/10.1145/3077286.3077324","url":null,"abstract":"The study of cluster computing and its applications are vital to the future of computer science. By linking a group of computers to provide more processing power than one computer can alone, this is the principle upon which modern supercomputers are built. This short paper describes a student's learning experience in cluster computing. As part of the Texas Woman's University's Quality Enhancement project, the student received funding to purchase computing components to create a low-cost cluster computer using 5 Raspberry Pis. The data collected from experiments running on the cluster computer is compared to those from a single Raspberry Pi. The results from those experiments are presented in the paper.","PeriodicalId":91384,"journal":{"name":"Proceedings of the 2014 ACM Southeast Regional Conference","volume":"35 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75759644","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Wi-Fi is a ubiquitous medium; more devices are increasingly using this ubiquitous medium nowadays. For that reason, the importance of Wi-Fi security is increasing as well. Attackers find it an interesting target to execute many types of attacks on it. One of those attacks is the de-authentication attack. There are multiple tools that conduct such an attack and each tool has its pros and cons. In this paper, we present a tool that we have designed to execute the de-authentication attack and compare it with other similar tools. The results show our tool is more usable, but with slightly more time than the other tools.
{"title":"Introducing IJam Wireless De-authentication Attack Tool","authors":"Haitham Al-Ani, Ahmed Al-Zubidy","doi":"10.1145/3077286.3077316","DOIUrl":"https://doi.org/10.1145/3077286.3077316","url":null,"abstract":"Wi-Fi is a ubiquitous medium; more devices are increasingly using this ubiquitous medium nowadays. For that reason, the importance of Wi-Fi security is increasing as well. Attackers find it an interesting target to execute many types of attacks on it. One of those attacks is the de-authentication attack. There are multiple tools that conduct such an attack and each tool has its pros and cons. In this paper, we present a tool that we have designed to execute the de-authentication attack and compare it with other similar tools. The results show our tool is more usable, but with slightly more time than the other tools.","PeriodicalId":91384,"journal":{"name":"Proceedings of the 2014 ACM Southeast Regional Conference","volume":"25 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72673566","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The technology of today is dramatically more advanced than it was 30 years ago. With fiber optic cables becoming ever more present and the rapid expansion of storage, the volume of data passing through these devices is also becoming more abundant. Over time, it has become easier to launch many kinds of attacks. These attacks are often launched from one computer sending huge amounts of spoofed data for several minutes. It is no surprise then that multiple computers launching an attack will create a dire situation regardless of which PC or server is being attacked. A Denial of Service (DoS) attack occurs when an attacker floods a computer or server with illegitimate data so that the system will deny service to a legitimate user [3]. This occurs because that system is now lacking the resources to handle any more data. A Distributed DoS (DDoS) attack is the same idea, but amplified. A DDoS attack involves multiple systems striking a single target and flooding that target with data, overloading the target's computers, servers, and firewalls [3]. This often causes the physical devices to exhaust and deny legitimate requests. As if that wasn't enough, the attacker can plant a virus or Trojan in the system once they gain access to further sabotage the target. These types of attacks are very damaging to companies all around the world. That is where the Cisco ASA 5500 series firewall comes in. In this paper, we will be examining how efficiently a firewall of this type can defend against a DoS attack and a DDoS attack, and what adverse effects are displayed after the attacks have occurred.
{"title":"Determining the Penetration Threshold for an ASA 5500 Firewall","authors":"J. Gill, Kazi Zunnurhain","doi":"10.1145/3077286.3077305","DOIUrl":"https://doi.org/10.1145/3077286.3077305","url":null,"abstract":"The technology of today is dramatically more advanced than it was 30 years ago. With fiber optic cables becoming ever more present and the rapid expansion of storage, the volume of data passing through these devices is also becoming more abundant. Over time, it has become easier to launch many kinds of attacks. These attacks are often launched from one computer sending huge amounts of spoofed data for several minutes. It is no surprise then that multiple computers launching an attack will create a dire situation regardless of which PC or server is being attacked. A Denial of Service (DoS) attack occurs when an attacker floods a computer or server with illegitimate data so that the system will deny service to a legitimate user [3]. This occurs because that system is now lacking the resources to handle any more data. A Distributed DoS (DDoS) attack is the same idea, but amplified. A DDoS attack involves multiple systems striking a single target and flooding that target with data, overloading the target's computers, servers, and firewalls [3]. This often causes the physical devices to exhaust and deny legitimate requests. As if that wasn't enough, the attacker can plant a virus or Trojan in the system once they gain access to further sabotage the target. These types of attacks are very damaging to companies all around the world. That is where the Cisco ASA 5500 series firewall comes in. In this paper, we will be examining how efficiently a firewall of this type can defend against a DoS attack and a DDoS attack, and what adverse effects are displayed after the attacks have occurred.","PeriodicalId":91384,"journal":{"name":"Proceedings of the 2014 ACM Southeast Regional Conference","volume":"47 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77863028","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The objective of this workshop is to share source code and tutorials that we developed for a multi robot testbed in order to enable participants to advance computer science education and research at their respective institutions. The testbed is built using commercially-available off the shelf components and using open source software packages. The workshop will provide participants an overview of multi robot systems and technical details underpinning the development of the testbed, including: technical specifications of the m3pi mobile robot and its capabilities, programming the LPC 1768 microcontroller, the grid navigation libraries, and the XBee-based communication libraries. We demonstrate how the testbed is being used to develop and test multi robot path planning in a grid world. We also present our initial development of a robot tracking algorithm using OpenCV.
{"title":"Workshop: A Multi Robot Testbed for Computer Science Education and Research","authors":"A. Saad","doi":"10.1145/3077286.3077292","DOIUrl":"https://doi.org/10.1145/3077286.3077292","url":null,"abstract":"The objective of this workshop is to share source code and tutorials that we developed for a multi robot testbed in order to enable participants to advance computer science education and research at their respective institutions. The testbed is built using commercially-available off the shelf components and using open source software packages. The workshop will provide participants an overview of multi robot systems and technical details underpinning the development of the testbed, including: technical specifications of the m3pi mobile robot and its capabilities, programming the LPC 1768 microcontroller, the grid navigation libraries, and the XBee-based communication libraries. We demonstrate how the testbed is being used to develop and test multi robot path planning in a grid world. We also present our initial development of a robot tracking algorithm using OpenCV.","PeriodicalId":91384,"journal":{"name":"Proceedings of the 2014 ACM Southeast Regional Conference","volume":"32 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84297043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: