Computer Science Technical Reports
Title Completeness of Propositional Logic as a Program (with code) Authors Ryan Stansifer Contact Email Address Faculty Sponsor Ryan Stansifer TR number assignment date October 4, 2001
The proof of completeness for propositional logic is a constructive one, so a computer program is suggested by the proof. We prove the completeness theorem for Lukasiewicz axioms directly, and translate the proof into the functional languages SML and Haskell. In this paper we consider this proof as a program. The program produces enormous proof trees, but it is, we contend, as good a proof of completeness as the standard mathematical proofs. The real value of the exercise is the further evidence it provides that typed, functional languages can clearly express the complex abstractions of mathematics.
Title Detecting Novel Attacks by Identifying Anomalous Network Packet Headers Authors Matthew V. Mahoney and Philip K. Chan Contact Email Address Faculty Sponsor Philip Chan TR number assignment date October 7, 2001
We describe a simple and efficient network intrusion detection algorithm that detects novel attacks by flagging anomalous field values in packet headers at the data link, network, and transport layers. In the 1999 DARPA off-line intrusion detection evaluation test set (Lippmann et. al. 2000), we detect 76% of probes and 48% of denial of service attacks (at 10 false alarms per day). When this system is merged with the 18 systems in the original evaluation, the average detection rate for attacks of all types increases from 61% to 65%. We investigate the effect on performance when attack free training data is not available.
Title A Generalized Framework for Reasoning with Angular Directions Authors Debasis Mitra Contact Email Address Faculty Sponsor Debasis Mitra TR number assignment date November 3, 2001
This extended abstract presents a new scheme for qualitative reasoning with directions between points in 2D-space, called Star-ontology(6). The current results of our study on the complexity issues for reasoning with incomplete/disjunctive information using this new ontology has been outlined here. We have also proposed a generalized framework Star-ontology(a) for an integer a, that could be specialized to many ontologies including some of the known ones like the 2D-Cradinal ontology for a=4, and the currently studied one for a=6. This generalization also points to an interesting direction for investigation in the field of spatio-temporal reasoning.
Title PHAD: Packet Header Anomaly Detection for Indentifying Hostile Network Traffic Authors Matthew V. Mahoney and Philip K. Chan Contact Email Address
Faculty Sponsor Philip K. Chan TR number assignment date November 10, 2001
We describe an experimental packet header anomaly detector (PHAD) that learns the normal range of values for 33 fields of the Ethernet, IP, TCP, UDP, and ICMP protocols. On the 1999 DARPA off-line intrusion detection evaluation data set (Lippmann et. al. 2000), PHAD detects 72 of 201 instances (29 of 59 types) of attacks, including all but 3 types that exploit the protocols examined, at a rate of 10 false alarms per day after training on 7 days of attack-free internal network traffic. In contrast to most other network intrusion detectors and firewalls, only 8 attacks (6 types) are detected based on anomalous IP addresses, and none by their port numbers. A number of variations of PHAD were studied, and the best results were obtained by examining packets and fields in isolation, and by using simple nonstationary models that estimate probabilities based on the time since the last event rather than the average rate of events.
Title Survivable Mobile Operating System Authors Mohammad Samarah and James Whittake Contact Email Address Faculty Sponsor James Whittaker TR number assignment date December 4, 2001
Although there is a large body of work on cryptographic techniques and algorithms that provide basic building blocks to solve specific security problems, relatively little work has been done in investigating security issues in mobile system contexts. Conventional security controls work well for static code, but break down with code mobility. In this paper, we investigate the need for end-to-end security in mobile and wireless operating systems. We study the implications of mobility - specifically, ways in which the operating system may facilitate communication security. We suggest a framework for designing security into mobile devices by building encryption into the mobile device thus providing end-to-end security and eliminating carrier-provided encryption overhead.
Report to the Florida House of Representatives Committee of Information Technology on the Uniform Computer Information Transaction Act
Author Cem Kaner Contact Email Address Faculty Sponsor Cem Kaner TR number assignment date December 4, 2001
Here is my analysis of the Uniform Computer Information Transactions Act (UCITA), submitted to the Florida Legislature, along with a letter from the National Association of Attorneys General that makes many of the same criticisms of the bill.
Title Testing Exception and Error Cases Using Runtime Fault Injection Authors James A. Whittaker, Florence E. Mottay, and Ibrahim K. El-Far Contact Email Address Faculty Sponsor James A. Whittaker TR number assignment date December 13, 2001
Fault injection deals with the insertion or simulation of faults in order to test the robustness and fault tolerance of a software application. Such measures are generally performed on software that is mission critical, to the extent that failure could have significant negative ramifications. Actual injection of faults can be performed either at compile time, when additional code is inserted to force error conditions to evaluate to true, or at runtime during which faults are injected into the software's execution environment. This paper focuses on the latter type of fault injection and presents a new mechanism for inserting environmental faults. In addition, insight is provided into fault selection based on an analysis of runtime behavior. This paper presents a methodology and tool for performing runtime fault injection, both of which are demonstrated on a commercial software product.