The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we discuss KRGuard (Kernel Rootkits Guard), which is a new method...
Environmental sensors monitor supercomputing facility health, generating massive data in the largest facilities. Current state-of-the-art is for human operators to evaluate environmental data by hand. This approach will not be viable on Exascale machines, nor is it ideal on current systems. We evaluate effectiveness of the DBSCAN algorithm for identifying anomalies in supercomputing sensor data. We...
Currently, container technology has increasingly grown up in cloud environment. However, the research related with resource management for container has not been considered actively. To manage resources on cloud with container efficiently, we present the GPSF, General-Purpose Scheduling Framework. This framework provides useful resource management functions, and more importantly it is possible to...
Heterogeneous computing is a growing trend in recent computer architecture design and is often used to improve the performance and power efficiency for computing applications by utilizing the special-purpose processors or accelerators, such as the Graphic Computing Unit (GPU), Field Programmable Gate Array (FPGA) and Digital Signal Processor (DSP). With the increase of complexity, the interaction...
Monitoring high performance computing systems has become increasingly difficult as researchers and system analysts face the challenge of synthesizing a wide range of monitoring information in order to detect system problems on ever larger machines. We present a method for anomaly detection on syslog data, one of the most important data streams for determining system health. Syslog messages pose a...
Application-level firewalls filter traffic based on a white list of processes that are allowed to access the network. Although they have a complete overview of the system in which they are executed, they can be easily bypassed by knowledgable attackers. In this paper we present AL-SAFE, a cloud-tailored application-level self-adaptable firewall which combines the high degree of visibility of an application-level...
With the rapid development of network technology and the increasingly complexity of system function, the embedded system is facing more and more serious threats. Previous researches on kernel monitoring and protection widely relies on higher privileged system components, such as hardware virtualization extensions, to isolate security tools from potential kernel attacks. These approaches increase both...
Recent years witness the prevalence of IaaS (Infrastructure as a Service) cloud services. Virtual machines (VMs) are provided to users as a kind of product by IaaS providers. New computing architecture makes it difficult for traditional forensics tools to collect evidences from the target VM. In this paper, we propose a novel proactive forensic approach named VMForensics, which provides both dynamic...
This paper presents ESCAPE, an informed moving target defense mechanism for cloud containers. ESCAPE models the interaction between attackers and their target containers as a "predator searching for a prey" search game. Live migration of Linux-containers (prey) is used to avoid attacks (predator) and failures. The entire process is guided by a novel host-based behavior-monitoring system...
Heap overflow attack is one of the major memory corruption attacks that have become prevalent for decades. To defeat this attack, many protection methods are proposed in recent years. However, most of these existing methods focus on user-level heap overflow detection. Only a few methods are proposed for kernel heap protection. Moreover, all these kernel protection methods need modifying the existing...
In response to the demand on data-analytic tools that monitor time-varying connectivity patterns within brain networks, the present paper extends the framework of [Slavakis et al., SSP'16] to include kernel-based partial correlations as a tool for clustering dynamically evolving connectivity states of networks. Such an extension becomes feasible due to the argument which runs beneath also this work:...
To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address...
Android operating system has become one of the most popular smartphone platforms. A large number of applications are developed for the operating system. Monitoring application behaviors with practical execution requires severely long time. Thus, reducing monitoring time is an important issue. In this paper, we propose a method for decreasing this time by accelerating the speed of time flow in Linux...
In this paper, we introduce memos, which integrates suitable memory management policies and schedules resources over the entire memory hierarchy in hybrid memory system. Powered by an OS kernel level monitoring tool, memos captures memory patterns online, and then leverages them to guide the memory page placement and data mapping. Experimental results show, on average, memos can benefit memory utilization,...
Network Functions Virtualization (NFV) has been expected to flexibly compose Virtual Network Functions (VNFs) by virtualizing existing network appliances and logically chaining them. Currently used VNFs are realized as VM-based appliances and shared by multiple users (VMs). However, the notion of NFV can be extended to reinforce network functionality of user VMs by introducing VM-dedicated VNFs. In...
This paper is about possibility of using the support vector regression method for telecommunication networks monitoring. The paper defines a role of regression analysis in the formation of the correlations between telecommunication networks quality parameters. An example of using the regression analysis by support vector machine with scikit-learn implementation is given.
For the low-speed diesel engine monitoring with multi-sensor information on ship, the on-line anomaly detection as the fault symptom pre-warning is mainly considered in this paper. The stable operating condition is firstly identified by the ADF test. Then, the on-line anomaly detection with baseline deviation is modeled by the Auto associative Kernel Regression (AAKR) method, where the baseline is...
An efficient people occupancy detection, tracking, and behavior recognition method is introduced in this study. The problem of monitoring wide field can be achieved using the programmable camera network instated of the typical fixed cameras. In addition, based on the depth image feature, the shape feature of the occupant can be used to the activity recognition more accurately.
Today's datacenter is shared among various applications with different QoS requirements, which poses a great challenge to deliver low delay transport with high throughput. Most of works address this challenge by reducing the in-network delay, but assumes a negligible local delay. However, we show that this assumption does not hold for a multi-tenant datacenter that a physical machine is shared by...
In areas of ecological interest, the detection and control of seaweed such as Posidonia Oceanica is usually performed by divers. Due to the limited capacity of the scuba tanks and the human security protocols, this task involves several short immersions leading to poor temporal and spatial data resolution. Thus, it is desirable to automate this task by means of underwater robots. This paper describes...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.