You searched for +publisher:"University of Texas – Austin" +contributor:("Gouda, Mohamed G.").
Showing records 1 – 20 of
20 total matches.
No search limiters apply to these results.
1.
Jung, Eunjin.
Dispersability and vulnerability analysis certificate systems.
Degree: PhD, Computer Sciences, 2006, University of Texas – Austin
URL: http://hdl.handle.net/2152/2730 
► A certificate is a way to distribute public keys of users in a distributed system. For example, in the current Internet, certificates are heavily used…
(more)
▼ A certificate is a way to distribute public
keys of users in a distributed system. For example, in the current Internet, certificates are heavily used in SSL/TLS for securing e-commerce. In this thesis, we describe the three phases of a certificate, how a certificate is issued, used, and revoked/expired. In particular, we propose a new way of distributing
certificates, called certificate dispersal. Certificate dispersal assigns certificates to users such that when a user u wants to securely communicate
with another user v in a system, users u and v may find out the public key of user v based on the
certificates stored in u or v. In other words, users u and v have no need to contact any other user in the system. We define dispersal in two
environments, a certificate graph and a
certificate chain set and the costs of dispersal.
In the environment of certificate
chain set, computing an optimal dispersal is NP-
complete. However, we identify several
classes of chain sets and certificate graphs
for which optimal dispersal
an be computed in polynomial-time. For each
class we present an algorithm that
computes an optimal dispersal. We also analyze the vulnerability of certificate systems. Any
certificate system suffer from impersonation
attacks when a private key of a user is revealed to an adversary. We define the metric
called vulnerability that measures the s
ope of damage when some private keys are
revealed, and show how different
certificate systems have different vulnerabilities.
These results
can be used to design a good
certificate system that satisfies system
requirements of dispersal
cost and vulnerability.
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor).
Subjects/Keywords: Internet – Security measures
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Jung, E. (2006). Dispersability and vulnerability analysis certificate systems. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/2730
Chicago Manual of Style (16th Edition):
Jung, Eunjin. “Dispersability and vulnerability analysis certificate systems.” 2006. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/2730.
MLA Handbook (7th Edition):
Jung, Eunjin. “Dispersability and vulnerability analysis certificate systems.” 2006. Web. 04 Mar 2021.
Vancouver:
Jung E. Dispersability and vulnerability analysis certificate systems. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2006. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/2730.
Council of Science Editors:
Jung E. Dispersability and vulnerability analysis certificate systems. [Doctoral Dissertation]. University of Texas – Austin; 2006. Available from: http://hdl.handle.net/2152/2730
University of Texas – Austin
2.
-6848-2988.
Exploiting leakage in privacy-protecting systems.
Degree: PhD, Computer science, 2016, University of Texas – Austin
URL: http://hdl.handle.net/2152/45559
► Conventional systems store data unencrypted. This allows them to easily access and manipulate their data. However, by not protecting their data, these systems are at…
(more)
▼ Conventional systems store data unencrypted. This allows them to easily access and manipulate their data. However, by not protecting their data, these systems are at a greater risk if they are compromised by a malicious hacker. More advanced systems add encryption to their data, but this causes other issues. Normal encryption often ruins the ability to run computations on data, negating many of the reasons to store the data in the first place. More recently, some systems have attempted to strike a compromise between security and functionality by using encryption that partially protects their data while still allowing certain operations to be performed. Examples of these systems include general purpose frameworks like Mylar for Web applications, as well as domain- and application-specific systems like P3 for photo storage. This dissertation examines the privacy concerns that arise when using these systems with realistic datasets and real-world usage scenarios. The first system we explore is Mylar, an extension to the popular Meteor framework. Meteor is a JavaScript-based framework for concurrently developing the client and server parts of Web apps. Mylar allows users to share and search over data while protecting against a compromised or malicious server. We expand Mylar's vague definitions of passive and active adversaries into three threat models and show that Mylar is insecure against all three models. Mylar's metadata leaks sensitive information to an adversary with one-time access to Mylar's encrypted database. Mylar provides no protection against adversaries which can monitor user access patterns, allowing them to watch for data dependent behavior corresponding to sensitive information. Finally, Mylar fails to protect against active attackers who, by nature of the system, have been given the ability to modify the database and run search over the encrypted data. We next look at set of systems designed to protect sensitive images by selectively obfuscating them. We examine a system called P3 which splits an image into two images: a secret image that contains most of the identifying information and a public image that can be distributed with less risk of leaking information. We also investigate mosaicing (often called pixelation) and blurring, two commonly used image obfuscation techniques. Examining the obfuscated images, it's obvious that all three of these systems leak information. However, it's not clear how to exploit this leakage or if doing so is even possible. The authors of P3 specifically examined P3 using a number of techniques that mimic human image recognition. We bypass the need for human recognition by making use of modern machine learning techniques. Using neural networks, we are able to classify the obfuscated image content automatically without needing human assistance or having to define image features. Finally, we conclude by proposing a number of guidelines for creating modern privacy-preserving systems. We look at problems that arise when creating a scheme on paper as well as issues that…
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor), Shmatikov, Vitaly (advisor), Alvisi, Lorenzo (committee member), Witchel, Emmett (committee member).
Subjects/Keywords: Security; Privacy
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
-6848-2988. (2016). Exploiting leakage in privacy-protecting systems. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/45559
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Chicago Manual of Style (16th Edition):
-6848-2988. “Exploiting leakage in privacy-protecting systems.” 2016. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/45559.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
MLA Handbook (7th Edition):
-6848-2988. “Exploiting leakage in privacy-protecting systems.” 2016. Web. 04 Mar 2021.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Vancouver:
-6848-2988. Exploiting leakage in privacy-protecting systems. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2016. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/45559.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Council of Science Editors:
-6848-2988. Exploiting leakage in privacy-protecting systems. [Doctoral Dissertation]. University of Texas – Austin; 2016. Available from: http://hdl.handle.net/2152/45559
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
University of Texas – Austin
3.
He, Jian (Ph. D. in computer science).
Empowering video applications for mobile devices.
Degree: PhD, Computer Science, 2020, University of Texas – Austin
URL: http://dx.doi.org/10.26153/tsw/10178
► The popularity of video applications has grown rapidly. There are two main trends in the development of video applications: (i) video streaming supporting higher-resolution videos…
(more)
▼ The popularity of video applications has grown rapidly. There are two main trends in the development of video applications: (i) video streaming supporting higher-resolution videos and 360° videos, (ii) providing video analytics (e.
g., running object detection on video frames). In this dissertation, we focus on how to improve performance of streaming 360° and 4K videos and running real-time video analytics on mobile devices. We identify a few major challenges to guarantee high user experience for running video applications on mobile devices. First, existing video applications call for high-resolution videos(e.
g., 4K). Due to limited hardware resource on mobile devices, it is slow to code high-resolution videos. It is critical to design a light-weight video codec to provide fast video coding as well as high compression e ciency for mobile devices. Second, wireless channels have unpredictable throughput fluctuation. It is necessary to design a robust rate adaptation algorithm to adjust video quality according to the varying network condition. Third, streaming entire panoramic video views wastes lots of bandwidth, while only transmitting the portion visible to the users FoV significantly degrades video quality. It is hard to save bandwidth while maintaining high video quality with inevitable head movement prediction error. Last, motion based object tracking can speed up video analytics, but existing motion estimation is noisy due to the presence of complex background and object size or shape changes. In this dissertation, we will show how to address the above mentioned challenges. We propose a new layered coding design to code high-resolution video data. It can effectively adapt to varying data rates on demand by first sending the base layer and then opportunistically sending more layers whenever the link allows. We further design an optimization algorithm to decide which video layers to send according to available throughput. Compared with existing rate adaptation algorithm, our algorithm includes the new dimension of deciding the number of layers to transmit. We design a novel layered tile-based encoding framework for 360° videos. It can achieve efficient video coding, bandwidth saving, and robustness against head movement prediction error. Moreover, we design a robust technique to extract reliable motion from video frames. We use a combination of feature maps and motion to generate a representative mask which can reliably capture the motion of object pixels and the changes of the overall object shape or size. First, we implement our tile-based layered encoding framework Rubiks on mobile devices for 360° video streaming. We exploit spatial and temporal characteristics of 360° videos for encoding. Specifically, Rubiks splits the 360° video spatially into tiles and temporally into layers. The client runs an optimization routine to determine the video data that needs to be fetched to optimize user QoE. Using this encoding approach, we can send the video portions that have a high probability of viewing at a higher quality…
Advisors/Committee Members: Qiu, Lili, Ph. D. (advisor), Zhu, Xiaoqing (committee member), Gouda, Mohamed G. (committee member), Mok, Aloysius (committee member).
Subjects/Keywords: Video streaming; 360-degree video; 4K video; Video analytics; Mobile
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
He, J. (. D. i. c. s. (2020). Empowering video applications for mobile devices. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://dx.doi.org/10.26153/tsw/10178
Chicago Manual of Style (16th Edition):
He, Jian (Ph D in computer science). “Empowering video applications for mobile devices.” 2020. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://dx.doi.org/10.26153/tsw/10178.
MLA Handbook (7th Edition):
He, Jian (Ph D in computer science). “Empowering video applications for mobile devices.” 2020. Web. 04 Mar 2021.
Vancouver:
He J(Dics. Empowering video applications for mobile devices. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2020. [cited 2021 Mar 04].
Available from: http://dx.doi.org/10.26153/tsw/10178.
Council of Science Editors:
He J(Dics. Empowering video applications for mobile devices. [Doctoral Dissertation]. University of Texas – Austin; 2020. Available from: http://dx.doi.org/10.26153/tsw/10178
4.
Ali, Muqeet.
A second generation of nonrepudiation protocols.
Degree: PhD, Computer Science, 2017, University of Texas – Austin
URL: http://hdl.handle.net/2152/61906
► A non-repudiation protocol from party S to party R performs two tasks. First, the protocol enables party S to send to party R some text…
(more)
▼ A non-repudiation protocol from party S to party R performs two tasks. First, the protocol enables party S to send to party R some text x along with sufficient evidence (that can convince a judge) that x was indeed sent by S. Second, the protocol enables party R to receive text x from S and to send to S sufficient evidence (that can convince a judge) that x was indeed received by R. The first generation of non-repudiation protocols were published in the period 1996-2000. In this dissertation, we design a second generation of non-repudiation protocols that enjoy several interesting properties.
First, we identify in this dissertation a special class of non-repudiation
protocols, called two-phase protocols. The two parties, S and R, in each two-phase protocol execute the protocol as specified until one of the two parties
receives its needed proof. Then and only then does this party refrain from
sending any more message specified by the protocol because these messages only help the other party complete its proof. We show that the execution of each two-phase protocol is deterministic and does not require synchronized real-time clocks. We also show that each two-phase protocol needs to involve a trusted third party T beside the two original parties, S and R.
Second, we show that if party R in a two-phase protocol has a real-time
clock and knows an upper bound on the round trip delay from R to S and
back to R, then the two-phase protocol does not need to involve a trusted
third party T.
Third, we design a non-repudiation protocol for transferring file F from
a sender S to a receiver R over a cloud C. This protocol is designed such
that there is no direct communication between parties S and R. Rather all
communications between S and R are carried out through cloud C. In this
protocol parties S and R do not need to store a local copy of file F and the
proofs that are needed by the two parties S and R (the only copy of file F and the proofs is stored in cloud C).
Fourth, we design a new non-repudiation protocol from S to R over C
where some of the proofs stored in cloud C get lost. This new protocol has an interesting stabilization property which ensures that when some of the proofs get lost, and one party can get the needed proofs but the other party cannot get its needed proofs from cloud C, then eventually, neither party is able to receive its needed proofs from cloud C.
Fifth, we design a non-repudiation protocol for transferring files from a
sender S to a subset of potential receivers {R.1, R.2, ..., R.n} over a cloud C. The protocol guarantees that after each file F is transferred from sender S to a subset of the potential receivers, then (1) each receiver R.i in the subset ends up with a proof that file F was indeed sent by sender S to R.i, and (2) sender S ends up with a proof that file F was indeed received from S by each receiver R.i in the subset.
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor), Qiu, Lili (committee member), Mok, Aloysius (committee member), Elmallah, Ehab (committee member).
Subjects/Keywords: Non-repudiation; Trusted party
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Ali, M. (2017). A second generation of nonrepudiation protocols. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/61906
Chicago Manual of Style (16th Edition):
Ali, Muqeet. “A second generation of nonrepudiation protocols.” 2017. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/61906.
MLA Handbook (7th Edition):
Ali, Muqeet. “A second generation of nonrepudiation protocols.” 2017. Web. 04 Mar 2021.
Vancouver:
Ali M. A second generation of nonrepudiation protocols. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2017. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/61906.
Council of Science Editors:
Ali M. A second generation of nonrepudiation protocols. [Doctoral Dissertation]. University of Texas – Austin; 2017. Available from: http://hdl.handle.net/2152/61906
University of Texas – Austin
5.
Yun, Sangki.
Towards accurate object tracking using acoustic signal.
Degree: PhD, Computer Science, 2016, University of Texas – Austin
URL: http://hdl.handle.net/2152/68598
► We are living in the era of mobile computing where people are surrounded by many smart devices such as smartphone, smart watch, smart TV, and…
(more)
▼ We are living in the era of mobile computing where people are surrounded by many smart devices such as smartphone, smart watch, smart TV, and Virtual Reality (VR) headsets. For them, providing intuitive user interface is crucial to satisfy the needs of the users, but their limited form-factor makes them difficult to support natural user interface. Object tracking can provide new opportunity to design intuitive gesture based user interface. First, it can provide more convenient User interface (UI) than traditional controllers and can be used to control a wide variety of Internet of Things devices. For example, it is difficult to use button based controller in VR headsets because users may not see the controller. By tracking the position of the controller or hand, it can control VR applications more intuitively. Second, it can be used to support motion based gaming, which is getting increasingly popular.
In this dissertation, we provide accurate object tracking methods that are useful to design intuitive user interface for mobile systems. In particular, we focus on exploiting the acoustic signal to track the movement of the object. While the vision based and the RF signal based object tracking have been extensively investigated, acoustic signal based tracking has not been under explored. The advantage of the acoustic signal based tracking is that it can be enabled by widely available speakers and microphones and can be processed in software without any extra hardware. Using the acoustic signal, we provide two different ways of tracking: 1) tracking mobile devices such as smartphone and smart watch, and 2) device-free tracking that tracks a hand without wearing a device that exploits the reflected signal from the moving hand. In both scenarios, we provide sufficient tracking accuracy so that the mobile or the hand is used as a mouse in the air.
First, we develop a system that can accurately track the movement of a mobile device using the acoustic signal. The device to be controlled (e.
g., smart TVs) sends the acoustic signal using its speaker, and the mobile device tracks the movement. More specifically, the tracker sends inaudible sound pulses at a few selected frequencies, and uses the frequency shifts to estimate the speed and distance traveled. We then develop techniques to quickly calibrate the distance between speakers and narrow down the device’s initial position using its movement trajectory. Based on the information, we continuously track the device’s new position in real time. This is feasible because many devices, such as smart TVs, PCs, and laptops, already have multiple speakers. Our evaluation and user study demonstrate that our system achieves high tracking accuracy (e.
g., median error of around 1.4 cm) and ease of use.
Next, we provide a device-free motion tracking system. It tracks the movement of the hand relying the reflected acoustic signal, which is more challenging. To realize it, we propose a novel approach that can estimate the distance and velocity using a single chirp signal and…
Advisors/Committee Members: Qiu, Lili, Ph. D. (advisor), Mok, Aloysius K (committee member), Gouda, Mohamed G (committee member), Veciana, Gustavo de (committee member).
Subjects/Keywords: Mobile systems; Ubiquitous computing; Virtual reality; Acoustic sensing; Human-computer interaction
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Yun, S. (2016). Towards accurate object tracking using acoustic signal. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/68598
Chicago Manual of Style (16th Edition):
Yun, Sangki. “Towards accurate object tracking using acoustic signal.” 2016. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/68598.
MLA Handbook (7th Edition):
Yun, Sangki. “Towards accurate object tracking using acoustic signal.” 2016. Web. 04 Mar 2021.
Vancouver:
Yun S. Towards accurate object tracking using acoustic signal. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2016. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/68598.
Council of Science Editors:
Yun S. Towards accurate object tracking using acoustic signal. [Doctoral Dissertation]. University of Texas – Austin; 2016. Available from: http://hdl.handle.net/2152/68598
University of Texas – Austin
6.
-2779-6876.
Secure protocols for contactless credit cards and electronic wallets.
Degree: PhD, Computer Science, 2018, University of Texas – Austin
URL: http://hdl.handle.net/2152/63350
► The contactless credit card protocol in use today is insecure. The credit card industry has chosen to use the NFC channel for contactless transactions. However,…
(more)
▼ The contactless credit card protocol in use today is insecure. The credit card industry has chosen to use the NFC channel for contactless transactions. However, reliance on NFC's short range has led to poor assumptions in the contactless credit card protocol. For example, the card assumes (sometimes incorrectly) that its ability to receive a solicitation implies the cardholder's intent to purchase. In this dissertation, we examine the protocol currently in use, and present a family of three replacement protocols to defend against its deficiencies.
First, we consider "outsider" attacks (e.
g. eavesdropping, skimming attacks, relay attacks, and attacks facilitated by compromised points of sale) and design our first protocol to defend against these attacks. We call this protocol the Externally Secure CC Protocol, and design it using stepwise refinement. This protocol makes use of single-use "charge tokens" verifiable by the bank, while minimizing computation that needs to occur on the card.
Second, we identify two attacks which may be carried out by malicious retailers: Over-charge attacks and Transparent Bridge attacks. Both attacks are predicated on the customer's lack of participation in the protocol, and involve modifying or replacing a charge after it has been confirmed by the customer. We look to Electronic Wallet applications (such as Android Pay and Apple Wallet), which provide a channel between customer and card. We augment the Externally Secure CC Protocol using this channel to construct the Secure CC Protocol, binding charge tokens to a given price, and thus stymieing both outsider and malicious retailer attacks.
The Secure CC Protocol supports a property known as linkability: while only the bank can verify charge tokens, tokens from the same card can be recognized as such by the retailer. This property is also supported by the (insecure) protocol in use today, and is commonly used by retailers to construct marketing profiles on their customers. However, linkability has serious consumer privacy consequences, so we consider the converse property of unlinkability, where a retailer cannot identify different purchases as having been made by the same card. We require that our unlinkable protocol make use of existing infrastructure, so as not to require retailer cooperation. In response, we design the Unlinkable Wallet Protocol, leveraging techniques from the Secure CC Protocol to guard against malicious outsiders and retailers, while tunneling secure and unlinkable charge tokens through the protocol in use today.
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor), Alvisi, Lorenzo (committee member), Qiu, Lili (committee member), Garg, Vijay K (committee member).
Subjects/Keywords: Security; Privacy; Credit cards; Payments; Transactions; Nfc; Rfid; Proximity; Electronic wallet; Unlinkability; Authentication
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
-2779-6876. (2018). Secure protocols for contactless credit cards and electronic wallets. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/63350
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Chicago Manual of Style (16th Edition):
-2779-6876. “Secure protocols for contactless credit cards and electronic wallets.” 2018. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/63350.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
MLA Handbook (7th Edition):
-2779-6876. “Secure protocols for contactless credit cards and electronic wallets.” 2018. Web. 04 Mar 2021.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Vancouver:
-2779-6876. Secure protocols for contactless credit cards and electronic wallets. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2018. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/63350.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Council of Science Editors:
-2779-6876. Secure protocols for contactless credit cards and electronic wallets. [Doctoral Dissertation]. University of Texas – Austin; 2018. Available from: http://hdl.handle.net/2152/63350
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
University of Texas – Austin
7.
Reaz, Rezwana.
Theory and practice of firewall outsourcing.
Degree: PhD, Computer Science, 2020, University of Texas – Austin
URL: http://dx.doi.org/10.26153/tsw/8361
► A firewall system is a packet filter that is placed at the entry point of an enterprise network in the Internet. Packets that attempt to…
(more)
▼ A firewall system is a packet filter that is placed at the entry point of an enterprise network in the Internet. Packets that attempt to enter the enterprise network through this entry point are examined, one by one, against the rules of some underlying firewall F of the firewall system. Each rule in F has a decision which is either “accept” or “reject”. For any incoming packet p, the firewall system identifies the first rule (in the sequence of rules in F) that matches p. If the decision of this rule is “accept”, then the firewall system forwards p to the enterprise network. Otherwise the decision of this rule is “reject” and packet p is discarded and prevented from entering the network. Each firewall system consists of two units: a rule matching unit and a decision unit. Both units are usually executed in the firewall system. To simplify the task of managing the firewall system, we identify a special class of firewall systems, called the outsourced system, where the rule matching unit is executed in a public cloud. Unfortunately, public clouds are usually unreliable and execution of the rule matching unit in a public cloud can be vulnerable to two types of attacks: verifiability attacks and privacy attacks. The main objective of this dissertation is to discuss how to execute the rule matching unit of an outsourced system in a public cloud such that verifiability and privacy attacks are prevented from occurring. The main contribution of this dissertation is three-fold. First, we discuss how to design outsourced firewall system such that execution of the designed system in the public clouds prevents the occurrence of verifiability and privacy attacks. The resulting system, called the private system, make use of two public clouds. We show that this private system prevents verifiability and privacy attacks under the assumption that the two public clouds used in this system are both “sensible” and “non-colluding”. Second, we identify a special class of firewalls, called the partially specified firewall, where a firewall is called partially specified when the decisions of some of the rules in the firewall are not specified as “accept” or “reject”. We show that for every partially specified firewall PF, there is a (fully specified) firewall F such that PF and F are equivalent. We discuss how to design an outsourced system whose underlying firewall is a partially specified firewall PF such that the designed system prevents both verifiability and privacy attacks. We achieve this outsourced system by obtaining an equivalent firewall F from PF and designing a private system for F. Third, we present a generalization of firewalls called firewall expressions. A firewall expression is specified using one or more component firewalls and three firewall operators: “not”, “and”, and “or”. For example, the firewall expression (
G and H) consists of two component firewalls
G and H and one firewall operator “and”. This firewall expression accepts a packet p iff both firewalls
G and H accept p. For any underlying firewall expression FE,…
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor), Mok, Aloysius K (committee member), Qiu, Lili (committee member), Acharya, Hrishikesh B (committee member).
Subjects/Keywords: Firewalls; Firewall systems; Outsourcing; Outsourced systems; Public cloud; Cloud computing; Verifiability; Privacy; Network management
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Reaz, R. (2020). Theory and practice of firewall outsourcing. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://dx.doi.org/10.26153/tsw/8361
Chicago Manual of Style (16th Edition):
Reaz, Rezwana. “Theory and practice of firewall outsourcing.” 2020. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://dx.doi.org/10.26153/tsw/8361.
MLA Handbook (7th Edition):
Reaz, Rezwana. “Theory and practice of firewall outsourcing.” 2020. Web. 04 Mar 2021.
Vancouver:
Reaz R. Theory and practice of firewall outsourcing. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2020. [cited 2021 Mar 04].
Available from: http://dx.doi.org/10.26153/tsw/8361.
Council of Science Editors:
Reaz R. Theory and practice of firewall outsourcing. [Doctoral Dissertation]. University of Texas – Austin; 2020. Available from: http://dx.doi.org/10.26153/tsw/8361
University of Texas – Austin
8.
Wei, Yi-Hung.
Real-time communication platfrom for wireless cyber-physical applications.
Degree: PhD, Computer science, 2016, University of Texas – Austin
URL: http://hdl.handle.net/2152/43585
► A Cyber-Physical System (CPS) is a physical system whose operations are monitored, coordinated, and controlled by computation and communication processes. Applying wireless technologies to cyber-physical…
(more)
▼ A Cyber-Physical System (CPS) is a physical system whose operations are monitored, coordinated, and controlled by computation and communication processes. Applying wireless technologies to cyber-physical systems can significantly enhance the system mobility and reduce the deployment and maintenance cost. Existing wireless technologies, however either cannot provide real-time or probabilistic guarantee on packet delivery or are not fast enough to support desired application requirements. Nondeterministic packet transmission and insufficiently high sampling rate will severely hurt application performance. To address this problem, we propose a real-time wireless communication platform called RT-WiFi. In this dissertation, we present our design and implementation of the data link layer and network management framework of RT-WiFi platform that provides predictable packet delivery and high sampling rate. The RT-WiFi communication platform is designed to support configurable components for adjusting design trade-offs including sampling rate, latency variance, reliability and thus can serve as a suitable communication platform for supporting a wide range of wireless CPS applications. Based on the RT-WiFi management platform, we further propose advanced network management techniques to provide jitter-free scheduling algorithm for improving system performance and to support reliable data transmission in noisy environments. To evaluate the effectiveness of our proposed algorithms and to verify the efficiency of our network management platform, we conduct a series of experiments and a case study that integrate the RT-WiFi communication platform with a health care CPS application to investigate the application performance in the real world.
Advisors/Committee Members: Mok, Aloysius Ka-Lau (advisor), Gouda, Mohamed G. (committee member), Han, Song (committee member), Lam, Simon S. (committee member), Qiu, Lili (committee member).
Subjects/Keywords: Cyber-physical systems; Real-time systems; Real-time wireless communication
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Wei, Y. (2016). Real-time communication platfrom for wireless cyber-physical applications. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/43585
Chicago Manual of Style (16th Edition):
Wei, Yi-Hung. “Real-time communication platfrom for wireless cyber-physical applications.” 2016. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/43585.
MLA Handbook (7th Edition):
Wei, Yi-Hung. “Real-time communication platfrom for wireless cyber-physical applications.” 2016. Web. 04 Mar 2021.
Vancouver:
Wei Y. Real-time communication platfrom for wireless cyber-physical applications. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2016. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/43585.
Council of Science Editors:
Wei Y. Real-time communication platfrom for wireless cyber-physical applications. [Doctoral Dissertation]. University of Texas – Austin; 2016. Available from: http://hdl.handle.net/2152/43585
9.
-1959-502X.
RT-WiFi networks for wireless cyber-physical applications.
Degree: PhD, Computer Science, 2017, University of Texas – Austin
URL: http://hdl.handle.net/2152/61530
► Applying wireless technologies to cyber-physical systems (CPSs) has received significant attention owing to their great advantages in enhanced system mobility and reduced deployment and maintenance…
(more)
▼ Applying wireless technologies to cyber-physical systems (CPSs) has received significant attention owing to their great advantages in enhanced system mobility and reduced deployment and maintenance cost. However, existing wireless technologies either cannot provide the real-time guarantee on packet delivery or do not have enough bandwidth to satisfy the requirements of cyber-physical applications. To satisfy the communication requirements in the wireless infrastructure for cyber-physical applications, we design a flexible real-time high-speed wireless communication platform called RT-WiFi to support a wide range of wireless cyber-physical applications. RT-WiFi is designed to provide deterministic timing guarantee on packet delivery with adjustable sampling rate. It features a set of configurable components for adjusting design trade-offs including sampling rate, latency variance, reliability and compatibility to Wi-Fi networks. In this dissertation, we first present the design and implementation of the RT-WiFi MAC layer. Based on the RT-WiFi MAC layer, we present network management techniques that schedule resources in RT-WiFi networks. For network management techniques, we first describe the jitter-free scheduling algorithm that minimizes the communication jitter under both static and dynamic topologies. Then we present the scheduling algorithms to coordinate channel assignments and packet transmissions in RT-WiFi networks containing multiple access points. We conduct a series of experiments and simulations to validate the design and demonstrate the advantages of RT-WiFi and the proposed network management algorithms. A case study that integrates RT-WiFi with a real cyber-physical application is included to show its performance in real world applications.
Advisors/Committee Members: Mok, Aloysius Ka-Lau (advisor), Gouda, Mohamed G. (committee member), Han, Song (committee member), Qiu, Lili (committee member).
Subjects/Keywords: Real-time wireless network; Wireless local area network; Cyber-physical systems; TDMA; Scheduling; Jitter-free scheduling; Network management; Co-channel interference; Channel assignment; Networked control system
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
-1959-502X. (2017). RT-WiFi networks for wireless cyber-physical applications. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/61530
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Chicago Manual of Style (16th Edition):
-1959-502X. “RT-WiFi networks for wireless cyber-physical applications.” 2017. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/61530.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
MLA Handbook (7th Edition):
-1959-502X. “RT-WiFi networks for wireless cyber-physical applications.” 2017. Web. 04 Mar 2021.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Vancouver:
-1959-502X. RT-WiFi networks for wireless cyber-physical applications. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2017. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/61530.
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
Council of Science Editors:
-1959-502X. RT-WiFi networks for wireless cyber-physical applications. [Doctoral Dissertation]. University of Texas – Austin; 2017. Available from: http://hdl.handle.net/2152/61530
Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete
University of Texas – Austin
10.
Yang, Hongkun.
Efficient verification of packet networks.
Degree: PhD, Computer science, 2015, University of Texas – Austin
URL: http://hdl.handle.net/2152/33271
► Network management will benefit from automated tools based upon formal methods. In these tools, the algorithm for computing reachability is the core algorithm for verifying…
(more)
▼ Network management will benefit from automated tools based upon formal methods. In these tools, the algorithm for computing reachability is the core algorithm for verifying network properties in the data plane. This dissertation presents efficient algorithms for computing reachability and verifying network properties for a single network with both packet filters and transformers, and for interconnected networks.
For computing port to port reachability in a network, we present a new formal method for a new tool, Atomic Predicates (AP) Verifier, which is much more time and space efficient than existing tools. Given a set of predicates representing packet filters, AP Verifier computes a set of atomic predicates, which is minimum and unique. The use of atomic predicates dramatically speeds up computation of network reachability. AP Verifier also includes algorithms to process network update events and check compliance with network policies and properties in real time.
Packet transformers are widely used in Internet service provider networks, datacenter infrastructures, and layer-2 networks. Existing network verification tools do not scale to such networks with large numbers of different transformers. We present a new tool, AP+ Verifier, based upon a new algorithm for computing atomic predicates for networks with both packet filters and transformers. For performance evaluation, we use network datasets with different types of transformers (i.e., MPLS tunnels, IP-in-IP tunnels, and NATs). We found that AP+ Verifier is more time and space efficient than prior tools by orders of magnitude.
The Internet consists a large collection of networks. To debug reachability problems, a network operator often asks operators of other networks for help by telephone or email. We present a new protocol, COVE, and an efficient data structure for automating the exchange of data plane reachability information between networks in a business relationship. COVE is designed to improve a network's views of forward and reverse reachability with partial deployment in mind. COVE is scalable to very large networks in the Internet. We illustrate applications of COVE to perform useful network management tasks, which cannot be done effectively using existing methods and tools.
Advisors/Committee Members: Lam, Simon S., 1947- (advisor), Emerson, Ernest A. (committee member), Garg, Vijay K. (committee member), Gouda, Mohamed G. (committee member), Mok, Aloysius K. (committee member).
Subjects/Keywords: Network verification; Formal methods; Automated tools
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Yang, H. (2015). Efficient verification of packet networks. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/33271
Chicago Manual of Style (16th Edition):
Yang, Hongkun. “Efficient verification of packet networks.” 2015. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/33271.
MLA Handbook (7th Edition):
Yang, Hongkun. “Efficient verification of packet networks.” 2015. Web. 04 Mar 2021.
Vancouver:
Yang H. Efficient verification of packet networks. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2015. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/33271.
Council of Science Editors:
Yang H. Efficient verification of packet networks. [Doctoral Dissertation]. University of Texas – Austin; 2015. Available from: http://hdl.handle.net/2152/33271
University of Texas – Austin
11.
Steves, Douglas Howard.
Contract in electronic commerce.
Degree: PhD, Computer Sciences, 2005, University of Texas – Austin
URL: http://hdl.handle.net/2152/2320
Subjects/Keywords: Forum (Computer system); Electronic commerce; Contracts
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Steves, D. H. (2005). Contract in electronic commerce. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/2320
Chicago Manual of Style (16th Edition):
Steves, Douglas Howard. “Contract in electronic commerce.” 2005. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/2320.
MLA Handbook (7th Edition):
Steves, Douglas Howard. “Contract in electronic commerce.” 2005. Web. 04 Mar 2021.
Vancouver:
Steves DH. Contract in electronic commerce. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2005. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/2320.
Council of Science Editors:
Steves DH. Contract in electronic commerce. [Doctoral Dissertation]. University of Texas – Austin; 2005. Available from: http://hdl.handle.net/2152/2320
University of Texas – Austin
12.
Huang, Chin-Tser.
Hop integrity: a defense against denial-of-service attacks.
Degree: PhD, Computer Sciences, 2003, University of Texas – Austin
URL: http://hdl.handle.net/2152/652
► A computer network is said to provide hop integrity iff the following three conditions hold for every pair of adjacent routers p and q in…
(more)
▼ A computer network is said to provide hop integrity iff the following three
conditions hold for every pair of adjacent routers p and q in the network. First, p
does not forward any message to q if q has not been up and reachable. Second,
when q receives a message m supposedly from p, then q can check that m was not
modified after it was sent. Third, when q receives a message m supposedly from
p, then q can check that m was not a replay of an old message sent by p. In this
dissertation, we propose three protocols that can be added to the routers in a
computer network so that the network can provide hop integrity, and thus
overcome most denial-of-service attacks. These three protocols are the secure
address resolution protocol, the weak hop integrity protocol, and the strong hop
integrity protocol. The secure address resolution protocol includes an inviteaccept
protocol and a request-reply protocol, and requires a secure server
connected to the Ethernet. The weak hop integrity protocol includes a secret
exchange protocol and an integrity check protocol. The strong hop integrity
protocol combines a soft sequence number protocol with the weak hop integrity
protocol. We also present an alternative way to achieve strong hop integrity with
hard sequence numbers. All the protocols are stateless, require small overhead,
and do not constrain the network protocol in the routers in any way.
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor).
Subjects/Keywords: Computer network protocols – Design; Computer security
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Huang, C. (2003). Hop integrity: a defense against denial-of-service attacks. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/652
Chicago Manual of Style (16th Edition):
Huang, Chin-Tser. “Hop integrity: a defense against denial-of-service attacks.” 2003. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/652.
MLA Handbook (7th Edition):
Huang, Chin-Tser. “Hop integrity: a defense against denial-of-service attacks.” 2003. Web. 04 Mar 2021.
Vancouver:
Huang C. Hop integrity: a defense against denial-of-service attacks. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2003. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/652.
Council of Science Editors:
Huang C. Hop integrity: a defense against denial-of-service attacks. [Doctoral Dissertation]. University of Texas – Austin; 2003. Available from: http://hdl.handle.net/2152/652
University of Texas – Austin
13.
Liu, Xiang-Yang Alexander.
A theory for the design and analysis of firewalls.
Degree: PhD, Computer Sciences, 2006, University of Texas – Austin
URL: http://hdl.handle.net/2152/2765
Subjects/Keywords: Firewalls (Computer security)
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Liu, X. A. (2006). A theory for the design and analysis of firewalls. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/2765
Chicago Manual of Style (16th Edition):
Liu, Xiang-Yang Alexander. “A theory for the design and analysis of firewalls.” 2006. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/2765.
MLA Handbook (7th Edition):
Liu, Xiang-Yang Alexander. “A theory for the design and analysis of firewalls.” 2006. Web. 04 Mar 2021.
Vancouver:
Liu XA. A theory for the design and analysis of firewalls. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2006. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/2765.
Council of Science Editors:
Liu XA. A theory for the design and analysis of firewalls. [Doctoral Dissertation]. University of Texas – Austin; 2006. Available from: http://hdl.handle.net/2152/2765
University of Texas – Austin
14.
Choi, Young-ri.
Design and analysis of self-stabilizing sensor network protocols.
Degree: PhD, Computer Sciences, 2007, University of Texas – Austin
URL: http://hdl.handle.net/2152/3168
► A sensor is a battery-operated small computer with an antenna and a sensing board that can sense magnetism, sound, heat, etc. Sensors in a network…
(more)
▼ A sensor is a battery-operated small computer with an antenna and a sensing board that can sense magnetism, sound, heat, etc. Sensors in a network communicate and cooperate with other sensors to perform given tasks. A sensor network is exposed to various dynamic factors and faults, such as topology changes, energy saving features, unreliable communication, and hardware/software failures. Thus, protocols in this sensor network should be able to adapt to dynamic factors and recover from faults. In this dissertation, we focus on designing and analyzing a class of sensor network protocols, called self-stabilizing protocols. A self-stabilizing protocol is guaranteed to return to a state where it performs its intended function correctly, when some dynamic factors or faults corrupt the state of the protocol arbitrarily. Therefore, in order to make a sensor network resilient to dynamic factors and faults, each protocol in the sensor network should be self-stabilizing. We first develop a state-based model that can be used to formally specify sensor network protocols. This model accommodates several unique characteristics of sensor networks, such as unavoidable local broadcast, probabilistic message transmission, asymmetric communication, message collision, and timeout actions and randomization steps. Second, we present analysis methods for verifying and analyzing the correctness and self-stabilization properties of sensor network protocols specified in this model. Third, using the state-based model and analysis methods, we design three self-stabilizing sensor network protocols, prove their self-stabilization properties, and estimate their performance. These three self-stabilizing protocols are a sentry-sleeper protocol that elects a sentry from a group of sensors at the beginning of each time period, a logical grid routing protocol that builds a routing tree whose root is the base station, and a family of flood sequencing protocols that distinguish between fresh and redundant flood messages using sequence numbers.
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor).
Subjects/Keywords: Sensor networks; Computer network protocols – Design; Self-stabilization (Computer science)
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Choi, Y. (2007). Design and analysis of self-stabilizing sensor network protocols. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/3168
Chicago Manual of Style (16th Edition):
Choi, Young-ri. “Design and analysis of self-stabilizing sensor network protocols.” 2007. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/3168.
MLA Handbook (7th Edition):
Choi, Young-ri. “Design and analysis of self-stabilizing sensor network protocols.” 2007. Web. 04 Mar 2021.
Vancouver:
Choi Y. Design and analysis of self-stabilizing sensor network protocols. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2007. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/3168.
Council of Science Editors:
Choi Y. Design and analysis of self-stabilizing sensor network protocols. [Doctoral Dissertation]. University of Texas – Austin; 2007. Available from: http://hdl.handle.net/2152/3168
University of Texas – Austin
15.
McGuire, Tommy Marcus.
Correct implementation of network protocols.
Degree: PhD, Computer Sciences, 2004, University of Texas – Austin
URL: http://hdl.handle.net/2152/1140
► A number of issues combine to make network protocol development signif- icantly more difficult than other areas of computer programming: problems with time, concurrency, and…
(more)
▼ A number of issues combine to make network protocol development signif- icantly more difficult than other areas of computer programming: problems with time, concurrency, and failures; interactions between the network proto- col and its environment; and obstacles in developing the protocol over time.
In order to address these issues, we introduce the Timed Abstract Pro- tocol notation and the
Austin Protocol Compiler. The Timed Abstract Pro- tocol, or TAP, notation is a domain-specific formal language for describing asynchronous message-passing network protocols, with two execution models: an abstract execution model and a concrete execution model. The abstract execution model is suited for protocol design, comprehension, and correctness verification. The concrete execution model is suited for protocol implementa- tion. We show that the two models are equivalent: that a protocol interpreted under the concrete model preserves the intended behavior of the protocol in- terpreted under the abstract model. The
Austin Protocol Compiler, or APC, is a system that transforms a protocol given in the Timed Abstract Protocol
notation into executable C code and provides a runtime environment for the protocol. In order to demonstrate the effectiveness of the TAP notation and APC, we present implementations of a secure encryption key exchange proto- col, a failure discovery protocol, and a Domain Name System server. While discussing the latter, we examine the performance of the APC implementation and show that it is comparable to two other DNS servers.
The combination of the Timed Abstract Protocol notation and the
Austin Protocol Compiler addresses the issues of network protocol develop- ment by allowing precise and verifiable descriptions of protocols which can be made executable easily, in order both to gain experimental experience and to provide reference implementations.
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor).
Subjects/Keywords: Computer network protocols; Compilers (Computer programs)
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
McGuire, T. M. (2004). Correct implementation of network protocols. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/1140
Chicago Manual of Style (16th Edition):
McGuire, Tommy Marcus. “Correct implementation of network protocols.” 2004. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/1140.
MLA Handbook (7th Edition):
McGuire, Tommy Marcus. “Correct implementation of network protocols.” 2004. Web. 04 Mar 2021.
Vancouver:
McGuire TM. Correct implementation of network protocols. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2004. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/1140.
Council of Science Editors:
McGuire TM. Correct implementation of network protocols. [Doctoral Dissertation]. University of Texas – Austin; 2004. Available from: http://hdl.handle.net/2152/1140
16.
Choi, Taehwan.
Weak and strong authentication in computer networks.
Degree: PhD, Computer Science, 2012, University of Texas – Austin
URL: http://hdl.handle.net/2152/19532
► In this dissertation, we design and analyze five authentication protocols that answer to the a firmative the following fi ve questions associated with the authentication…
(more)
▼ In this dissertation, we design and analyze five authentication protocols that answer
to the a firmative the following fi ve questions associated with the authentication
functions in computer networks.
1. The transport protocol HTTP is intended to be lightweight. In particular,
the execution of applications on top of HTTP is intended to be relatively
inexpensive and to take full advantage of the middle boxes in the Internet. To
achieve this goal, HTTP does not provide any security guarantees, including
any authentication of a server by its clients. This situation raises the following
question. Is it possible to design a version of HTTP that is still lightweight and
yet provides some security guarantees including the authentication of servers
by their clients?
2. The authentication protocol in HTTPS, called TLS, allows a client to authenti-
cate the server with which it is communicating. Unfortunately, this protocol is
known to be vulnerable to human mistakes and Phishing attacks and Pharm-
ing attacks. Is it possible to design a version of TLS that can successfully
defend against human mistakes and Phishing attacks and Pharming attacks?
3. In both HTTP and HTTPS, a server can authenticate a client, with which
it is communicating, using a standard password protocol. However, standard
password protocols are vulnerable to the mistake of a client that uses the same
password with multiple servers and to Phishing and Pharming attacks. Is it
possible to design a password protocol that is resilient to client mistakes (of
using the same password with multiple servers) and to Phishing and Pharming
attacks?
4. Each sensor in a sensor network needs to store n - 1 symmetric keys for
secure communication if the sensor network has n sensor nodes. The storage
is constrained in the sensor network and the earlier approaches succeeded to
reduce the number of keys, but failed to achieve secure communications in the
face of eavesdropping, impersonation, and collusion. Is it possible to design
a secure keying protocol for sensor networks, which is e fficient in terms of
computation and storage?
5. Most authentication protocols, where one user authenticates a second user,
are based on the assumption that the second user has an "identity", i.e. has
a name that is (1) fi xed for a relatively long time, (2) unique, and (3) ap-
proved by a central authority. Unfortunately, the adoption of user identities
in a network does create some security holes in that network, most notably
anonymity loss, identity theft, and misplaced trust. This situation raises the
following question. Is it possible to design an authentication protocol where
the protocol users have no identities?
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor), Lam, Simon S (committee member), Mok, Aloysius K (committee member), Zhang, Yin (committee member), Young, William D (committee member), Kulkarni, Sandeep (committee member).
Subjects/Keywords: Authentication; Authentication protocols; Server authentication; Client authentication; Integrity; HTTP; HTTPS; Password protocol; TLS; Anonymous authentication; Sensor networks; Keying protocol
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Choi, T. (2012). Weak and strong authentication in computer networks. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/19532
Chicago Manual of Style (16th Edition):
Choi, Taehwan. “Weak and strong authentication in computer networks.” 2012. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/19532.
MLA Handbook (7th Edition):
Choi, Taehwan. “Weak and strong authentication in computer networks.” 2012. Web. 04 Mar 2021.
Vancouver:
Choi T. Weak and strong authentication in computer networks. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2012. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/19532.
Council of Science Editors:
Choi T. Weak and strong authentication in computer networks. [Doctoral Dissertation]. University of Texas – Austin; 2012. Available from: http://hdl.handle.net/2152/19532
17.
Bhattacharya, Hrishikesh.
On the modular verification and design of firewalls.
Degree: PhD, Computer Science, 2012, University of Texas – Austin
URL: http://hdl.handle.net/2152/ETD-UT-2012-08-5931
► Firewalls, packet filters placed at the boundary of a network in order to screen incoming packets of traffic (and discard any undesirable packets), are a…
(more)
▼ Firewalls, packet filters placed at the boundary of a network in order to screen incoming packets of traffic (and discard any undesirable packets), are a prominent component of network security. In this dissertation, we make several contributions to the study of firewalls. 1. Current algorithms for verifying the correctness of firewall policies use O(n[superscrip d]) space, where n is the number of rules in the firewall (several thousand) and d the number of fields in a rule (about five). We develop a fast probabilistic firewall verification algorithm, which runs in time and space O(nd), and determines whether a firewall F satisfies a property P. The algorithm is provably correct in several interesting cases – notably, for every instance where it states that F does not satisfy P – and the overall probability of error is extremely small, of the order of .005%. 2. As firewalls are often security-critical systems, it may be necessary to verify the correctness of a firewall with no possibility of error, so there is still a need for a fast deterministic firewall verifier. In this dissertation, we present a deterministic firewall verification algorithm that uses only O(nd) space. 3. In addition to correctness, optimizing firewall performance is an important issue, as slow-running firewalls can be targeted by denial-of-service attacks. We demonstrate in this dissertation that in fact, there is a strong connection between firewall verification and detection of redundant rules; an algorithm for one can be readily adapted to the other task. We suggest that our algorithms for firewall verification can be used for firewall optimization also. 4. In order to help design correct and efficient firewalls, we suggest two metrics for firewall complexity, and demonstrate how to design firewalls as a battery of simple firewall modules rather than as a monolithic sequence of rules. We also demonstrate how to convert an existing monolithic firewall into a modular firewall. We propose that modular design can make firewalls easy to design and easy to understand. Thus, this dissertation covers all stages in the life cycle of a firewall – design, testing and verification, and analysis – and makes contributions to the current state of the art in each of these fields.
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor), Lam, Simon S. (committee member), Mok, Aloysius K. (committee member), Qiu, Lili (committee member), Garg, Vijay K. (committee member).
Subjects/Keywords: Firewalls; First match; Verification; Rule sequence
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Bhattacharya, H. (2012). On the modular verification and design of firewalls. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/ETD-UT-2012-08-5931
Chicago Manual of Style (16th Edition):
Bhattacharya, Hrishikesh. “On the modular verification and design of firewalls.” 2012. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/ETD-UT-2012-08-5931.
MLA Handbook (7th Edition):
Bhattacharya, Hrishikesh. “On the modular verification and design of firewalls.” 2012. Web. 04 Mar 2021.
Vancouver:
Bhattacharya H. On the modular verification and design of firewalls. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2012. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/ETD-UT-2012-08-5931.
Council of Science Editors:
Bhattacharya H. On the modular verification and design of firewalls. [Doctoral Dissertation]. University of Texas – Austin; 2012. Available from: http://hdl.handle.net/2152/ETD-UT-2012-08-5931
18.
Li, Yan, doctor of computer science.
Reliability and security of vector routing protocols.
Degree: PhD, Computer Sciences, 2011, University of Texas – Austin
URL: http://hdl.handle.net/2152/ETD-UT-2011-05-2658
► As the Internet becomes the ubiquitous infrastructure for various applications, demands on the reliability, availability and security of routing protocols in the Internet are becoming…
(more)
▼ As the Internet becomes the ubiquitous infrastructure for various applications, demands on the reliability, availability and security of routing protocols in the Internet are becoming more stringent. Unfortunately, failures are still common in the daily operation of a network. Service disruption for even a short time can seriously affect the quality of real-time applications, such as VoIP and video on demand applications. Moreover, critical business and government
applications require routing protocols to be robust against malicious attacks, such as denial of Service attacks. This dissertation proposes three techniques to address some reliability and security
concerns in intra-domain (distance vector) routing protocols and
inter-domain (path vector) routing protocols.
The first technique addresses the problem of service disruption that
arises from sudden link failures in distance vector routing protocols. We consider two types of link failures: single link failures and shared risk link group failures. For single link failures, we propose an IP fast reroute mechanism to reroute packets around the failed
links. This fast reroute mechanism is the first that does not require
complete knowledge of the network topology and does not require
changing of the original routing protocol. This mechanism proactively computes a set of relay nodes that can be used to tunnel the rerouted
packets immediately after the detection of a link or node failure. The mechanism includes an algorithm for a node to automatically identify
itself as a candidate relay node for a reroute link and notify the
source node of the reroute link of its candidacy. The source node can
then decide the validity of a candidate relay node. The mechanism also includes an algorithm to suppress redundant notification messages. We then extend our IP fast reroute mechanism for single link
failures to accommodate shared risk link group failures. We achieve this goal by introducing one more bit information. Through
simulations, I show that the proposed mechanisms succeed in rerouting around failed links about 100% of the time, with the length of the reroute path being comparable to the length of the re-converged shortest path.
The second technique addresses the problem that arises from allowing
any node to route data packets to any other node in the network (and
consequently allow any adversary node to launch DoS attacks against
other nodes in the network). To solve this problem, we propose a
blocking option to allow a node u to block a specified set of
nodes and prevent each of them from sending or forwarding packets to node u. The blocking option intends to discard violating
packets near the adversary nodes that generated them rather than near their ultimate destinations. We then discuss unintentionally blocked nodes, called blind nodes and extend the routing protocols to allow each node to communicate with its blind nodes via some special nodes called joint nodes. Finally, I show, through extensive simulation, that the average number…
Advisors/Committee Members: Gouda, Mohamed G., 1947- (advisor), Lam, Simon S. (committee member), Mok, Aloysius K. (committee member), Qiu, Lili (committee member), Elmallah, Ehab S. (committee member).
Subjects/Keywords: Routing protocols; Reliability; Denial of service; IP fast reroute; Failure recovery; Blocking option; Computer security; IP prefix hijacking; Collusion-resistant; Balanced peer lists
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Li, Yan, d. o. c. s. (2011). Reliability and security of vector routing protocols. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/ETD-UT-2011-05-2658
Chicago Manual of Style (16th Edition):
Li, Yan, doctor of computer science. “Reliability and security of vector routing protocols.” 2011. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/ETD-UT-2011-05-2658.
MLA Handbook (7th Edition):
Li, Yan, doctor of computer science. “Reliability and security of vector routing protocols.” 2011. Web. 04 Mar 2021.
Vancouver:
Li, Yan docs. Reliability and security of vector routing protocols. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2011. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/ETD-UT-2011-05-2658.
Council of Science Editors:
Li, Yan docs. Reliability and security of vector routing protocols. [Doctoral Dissertation]. University of Texas – Austin; 2011. Available from: http://hdl.handle.net/2152/ETD-UT-2011-05-2658
19.
Kim, Seong-Wan.
Design of parallel multipliers and dividers in quantum-dot cellular automata.
Degree: PhD, Electrical and Computer Engineering, 2011, University of Texas – Austin
URL: http://hdl.handle.net/2152/ETD-UT-2011-05-2730
► Conventional CMOS (the current dominant technology for VLSI) implemented with ever smaller transistors is expected to encounter serious problems in the near future with the…
(more)
▼ Conventional CMOS (the current dominant technology for VLSI) implemented with ever smaller
transistors is expected to encounter serious problems in the near future with the need for difficult fabrication technologies. The most important problem is heat generation. The desire for device density, power dissipation and performance improvement necessitates new technologies that will provide innovative solutions to integration and computations. Nanotechnology, especially Quantum-dot Cellular Automata (QCA)
provides new possibilities for computing owing to its unique properties. Numerous nanoelectronic devices are being investigated and many experimental devices have been developed. Thus, high level circuit design is needed to keep pace with changing physical studies. The circuit design aspects of QCA have not been studied much because of its novelty. Arithmetic units, especially multipliers and dividers play an important role in the design of digital processors and application specific systems.
Therefore, designs for parallel multipliers and dividers are presented using this technology.
Optimal design of parallel multipliers for Quantum-Dot Cellular
Automata is explored in this dissertation. As a main basic element to build multipliers, adders are implemented and compared their performances with previous adders. And two different layout schemes that single layer and multi-layer wire crossings are compared and analyzed. This dissertation proposes three kinds of multipliers. Wallace and Dadda parallel multipliers, quasi-modular multipliers, and array multipliers are designed and simulated with several different operand sizes.
Also array multipliers that are well suited in QCA are constructed and formed by a regular lattice of identical functional units so that the structure is conformable to QCA technology without extra wire delay. All these designs are constructed using coplanar layouts and compared with other QCA multipliers. The delay, area and complexity are compared for several different operand sizes.
This research also studies divider designs for quantum-dot cellular automata. A digit recurrence restoring binary divider is a conventional design that serves as a baseline. By using controlled full subtractor cell units, a relatively simple and efficient implementation is realized. The Goldschmidt divider using the new architecture (data tag method) to control the various elements of the divider is compared for the performance.
Advisors/Committee Members: Swartzlander, Earl E. (advisor), Ambler, Anthony P. (committee member), Driga, Mircea D. (committee member), Gouda, Mohamed G. (committee member), Touba, Nur A. (committee member), Schulte, Michael J. (committee member), Bickerstaff, K'Andrea C. (committee member).
Subjects/Keywords: Parallel multipliers; Dividers; Nanotechnology; Quantum-dot cellular automata
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Kim, S. (2011). Design of parallel multipliers and dividers in quantum-dot cellular automata. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/ETD-UT-2011-05-2730
Chicago Manual of Style (16th Edition):
Kim, Seong-Wan. “Design of parallel multipliers and dividers in quantum-dot cellular automata.” 2011. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/ETD-UT-2011-05-2730.
MLA Handbook (7th Edition):
Kim, Seong-Wan. “Design of parallel multipliers and dividers in quantum-dot cellular automata.” 2011. Web. 04 Mar 2021.
Vancouver:
Kim S. Design of parallel multipliers and dividers in quantum-dot cellular automata. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2011. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/ETD-UT-2011-05-2730.
Council of Science Editors:
Kim S. Design of parallel multipliers and dividers in quantum-dot cellular automata. [Doctoral Dissertation]. University of Texas – Austin; 2011. Available from: http://hdl.handle.net/2152/ETD-UT-2011-05-2730
University of Texas – Austin
20.
Song, Jianping.
Constraint-based real-time scheduling for process control.
Degree: PhD, Computer Sciences, 2010, University of Texas – Austin
URL: http://hdl.handle.net/2152/ETD-UT-2010-05-1102
► This research addresses real-time task scheduling in industrial process control. It includes a constraint-based scheduler which is based on MSP.RTL, a tool for real-time multiprocessor…
(more)
▼ This research addresses real-time task scheduling in industrial process control. It includes a constraint-based scheduler which is based on MSP.RTL, a tool for real-time multiprocessor scheduling problems with a wide variety of timing constraints. This dissertation extends previous work in two broad directions: improving the tool itself and broadening the application domain of the tool to include wired and wireless industrial process control. For the tool itself,
we propose enhancements to MSP.RTL in three steps. In the first step, we modify the data structure for representing the temporal constraint graph and cutting the memory usage in half. In the second step, we model the search
problem as a constraint satisfaction problem (CSP) and utilize backmarking and conflict-directed backjumping to speed up the search process. In the third
step, we perform the search from the perspective of constraint satisfaction programming. As a result, we are able to use existing CSP techniques efficiently, such as look ahead, backjumping and consistency checking. Compared to the various ad hoc heuristics used in the original version, the new approach is more systematic and powerful.
To exercise the new MSP.RTL tool, we acquired an updated version of
the Boeing 777 Integrated Airplane Information Management System(AIMS). This new benchmark problem is more complicated than the old one used in the original tool in that data communications are described in messages and
a message can have multiple senders and receivers. The new MSP.RTL tool successfully solved the new benchmark problem, whereas the old tool would not be able to do so.
In order to apply real-time scheduling in industrial process control, we carry out our research in two directions. First, we apply the improved tool to traditional wired process control. The tool has been successfully applied to
solve the block assignment problem in Fieldbus networks, where each block comprising the control system is assigned to a specific device such that certain
metrics of the system can be optimized. Wireless industrial control has received a lot of attention recently. We experimented with the tool to schedule communications on a simulated wireless industrial network.
In order to integrate the scheduler in real wireless process control systems, we are building an experimental platform based on the WirelessHART standard. WirelessHART, as the first open wireless standard for process control, defines a time synchronized MAC layer, which is ideal for real time process
control. We have successfully implemented a prototype WirelessHART stack on Freescale JM128 toolkits and built some demo applications on top of it.
Even with the scheduler tool to regulate communications in a wireless process control, it may still be possible that communications cannot be established on an inferior wireless link within an expected period. In order to handle this type of failures, we propose to make the control modules aware of
the unreliability of wireless links, that is, to make the control…
Advisors/Committee Members: Mok, Aloysius Ka-Lau (advisor), Browne, James C. (committee member), Gouda, Mohamed G. (committee member), Zhang, Yin (committee member), Chen, Deji (committee member).
Subjects/Keywords: Multiprocessor scheduling; Industrial process control; MSP.RTL; Fieldbus; WirelessHART; Wireless sensor networks; PID; PIDPlus
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share
❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Song, J. (2010). Constraint-based real-time scheduling for process control. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://hdl.handle.net/2152/ETD-UT-2010-05-1102
Chicago Manual of Style (16th Edition):
Song, Jianping. “Constraint-based real-time scheduling for process control.” 2010. Doctoral Dissertation, University of Texas – Austin. Accessed March 04, 2021.
http://hdl.handle.net/2152/ETD-UT-2010-05-1102.
MLA Handbook (7th Edition):
Song, Jianping. “Constraint-based real-time scheduling for process control.” 2010. Web. 04 Mar 2021.
Vancouver:
Song J. Constraint-based real-time scheduling for process control. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2010. [cited 2021 Mar 04].
Available from: http://hdl.handle.net/2152/ETD-UT-2010-05-1102.
Council of Science Editors:
Song J. Constraint-based real-time scheduling for process control. [Doctoral Dissertation]. University of Texas – Austin; 2010. Available from: http://hdl.handle.net/2152/ETD-UT-2010-05-1102
. 
Open Access Theses and Dissertations
