International Journal of Critical Computer-Based Systems (6 papers in press)
Iterative integration of TTEthernet network flows
by Sofiene Beji, Sardaouna Hamadou, John Mullins, Abdelouahed Gherbi
Abstract: TTEthernet has been proposed as an improvement of the Ethernet network protocol to ensure communication of critical systems.
Some of these systems, such as avionics systems, are complex and evolving ones. Therefore, they are designed iteratively
by integrating in each iteration some components of the system.
Adding new functionalities may induce substantial additional costs of reconfiguration of the system in order to meet the real-time requirements.
Based on the constraint programming techniques,
we develop in this paper a cost optimization approach that meets the
TTEthernet specification and validates the latencies requirements in an accurate way.
We illustrate our approach on a case study
with the MiniZinc tool (Nethercote et al. , 2007).
Keywords: TTEthernet; Iterative Integration; Scheduling; Real-Time Systems.
A Challenge based Countermeasure against the Spoofed PS-Poll based DoS Attack in IEEE 802.11 Networks
by Souilah Hocine, Baadache Abderrahmane, Bouallouche-Medjkoune Louiza
Abstract: 802.11 network is an emerging wireless broadband technology used to connect client stations to the network via an access point (AP). This network is particularly vulnerable to DoS (Denial of Service) attacks targeting the network availability. In this paper, we focus on the spoofed PS-Poll based DoS attack in 802.11 PSM (Power Save Mode), where the attacker spoofs the polling frame on behalf of the client in order to destruct data buffered at the AP, that are expected to be delivered to asleep client. To cope with this attack, we rely on the prime factorization to authenticate PS-Poll frame needed to retrieve buffered data. The countermeasure we propose, called APSP (Authenticated Power Save Poll), is both detective and preventive one with low communication, computing and storage overheads. It can be integrated in 802.11 standard through firmware upgrade without any required additional hardware. In order to prove the efficiency of the proposed countermeasure and evaluate its performance, extensive experiments are carried out. Simulation results show that the spoofed PS-Poll based DoS attack is successfully prevented and detected by APSP compared to the basic 802.11 PSM.
Keywords: IEEE 802.11; Power Save Mode; PS-Poll; DoS attack; Prime factorization.
Design, Implementation, and Assessment of a Usable Multi-Biometric Continuous Authentication System
by Enrico Schiavone, Andrea Ceccarelli, Ariadne Carvalho, Andrea Bondavalli
Abstract: Authentication mechanisms typically verify the user identity only at login, or with tedious explicit authentication requests that improve security at the expense of usability. However, especially for critical systems, workstations have to be tightly and continuously secured in order to prevent unauthorized interventions. Recent researches envisage multi-biometric systems for continuous authentication, where biometric traits are acquired transparently to the user and authentication is provided without requiring explicit actions. In this work we propose a multi-biometric authentication system that continuously and transparently verifies the user identity through face, fingerprint and keystroke recognition. This paper presents the design, prototype implementation and assessment of our system. We evaluate the system usability and its trade-off with security in an experiment involving 60 users. Our findings show that security enhancements are provided and users i) perform the actions without additional effort, ii) largely accept the authentication system, which only requires minimal training.
Keywords: continuous authentication; biometrics; security; usability; identity verification; multi-biometric; transparent; face; fingerprint; keystroke; prototype; assessment; design; implementation;.
Performability Modeling and Analysis of Server Virtualized Systems subject to Workload-dependent Software Aging
by Escheikh Mohamed, Tayachi Zayneb, Barkaoui Kamel
Abstract: This paper tackles performability modeling and analysis of versatile server virtualized systems subject to workload-dependent software aging, failures, and rejuvenation. We develop a modular modeling approach based on stochastic reward nets to investigate dependencies between several server virtualized system modules including virtual machine monitor, virtual machine, data-intensive applications, and workload-aware power management mechanism. Two case studies are considered, each of them accounts for a specific virtual machine monitor rejuvenation technique (Cold-VM or Migrate-VM).
We show through numerical analysis how steady-state availability and power-performance metric are impacted by workload-dependent software aging and workload burstiness.
Keywords: Virtualisation; SVS; Performability; SRN,rnWorkload-aware Power Management; Power/performance tradeoff.
Soft error sensitivity and vulnerability of languages and their implementations
by Frederico Cerveira, Alcides Fonseca, Raul Barbosa, Henrique Madeira
Abstract: Hardware manufacturing advances along with the popularization of energy saving techniques are predicted to cause an increase in the soft error rate, which in turn will transfer part of the responsibility for tolerating these errors to the software layer. Since the programming language and its supporting implementation have a determinant impact in the produced application, fault injection was used in this paper to evaluate the effect that different programming languages and different implementations (compilers or interpreters) have on the sensitivity and vulnerability to soft errors. The results show that programming language and workload strongly impact these metrics, that programming languages of the same type share similar failure mode distributions, and that the implementation can impact sensitivity and vulnerability in certain scenarios. For these reasons, we suggest that a change in the implementation of the language at a late stage in the project development cycle can be enough to improve the vulnerability and sensitivity without changing the programming language.
Keywords: Programming languages; Soft errors; Dependability; Fault Injection; Vulnerability; Sensitivity; Compilers; Interpreters; Backends.
Special Issue on: EDCC 2018 System Dependability
Extending a re-identification risk-based anonymization framework and evaluating its impact on data mining classifiers
by Tania Basso, Hebert Silva, Regina Moraes
Abstract: Preserving sensitive information in data mining processes is one of the major issues in the context of Big Data. Handling huge volumes of data demands techniques to assure that private data is not accessible to non-authorized users. One of these techniques is data anonymization, which aims to avoid individual identification. However, even when anonymized, data may be subject to re-identification through privacy attacks. This paper presents a two-stage policy-based anonymization framework, which applies anonymization techniques in ETL process and before exporting data analytic results. We extended part of this framework - the k-anonymity-based component - to help minimizing the risk of data re-identification. Experiments evaluated the impact of applying this two-stage anonymization on data mining regarding accuracy, performance, re-identification risk and information loss. Results showed that, when applied carefully, the anonymization barely affect classifier results, improving it in some cases.
Keywords: Privacy; Data Mining; Data Anonymization; Re-identification Risk; k-anonymity.