OS and Networks Commons^™

Mitigating Stealthy Link Flooding Ddos Attacks Using Sdn-Based Moving Target Defense, Abdullah Aydeger

FIU Electronic Theses and Dissertations

With the increasing diversity and complication of Distributed Denial-of-Service (DDoS) attacks, it has become extremely challenging to design a fully protected network. For instance, recently, a new type of attack called Stealthy Link Flooding Attack (SLFA) has been shown to cause critical network disconnection problems, where the attacker targets the communication links in the surrounding area of a server. The existing defense mechanisms for this type of attack are based on the detection of some unusual traffic patterns; however, this might be too late as some severe damage might already be done. These mechanisms also do not consider countermeasures during …

Cloud Workload Allocation Approaches For Quality Of Service Guarantee And Cybersecurity Risk Management, Soamar Homsi

FIU Electronic Theses and Dissertations

It has become a dominant trend in industry to adopt cloud computing --thanks to its unique advantages in flexibility, scalability, elasticity and cost efficiency -- for providing online cloud services over the Internet using large-scale data centers. In the meantime, the relentless increase in demand for affordable and high-quality cloud-based services, for individuals and businesses, has led to tremendously high power consumption and operating expense and thus has posed pressing challenges on cloud service providers in finding efficient resource allocation policies.

Allowing several services or Virtual Machines (VMs) to commonly share the cloud's infrastructure enables cloud providers to optimize resource …

A Simplified Secure Programming Platform For Internet Of Things Devices, Halim Burak Yesilyurt

FIU Electronic Theses and Dissertations

The emerging Internet of Things (IoT) revolution has introduced many useful applications that are utilized in our daily lives. Users can program these devices in order to develop their own IoT applications; however, the platforms and languages that are used during development are abounding, complicated, and time-consuming. The software solution provided in this thesis, PROVIZ+, is a secure sensor application development software suite that helps users create sophisticated and secure IoT applications with little software and hardware experience. Moreover, a simple and efficient domain-specific programming language, namely Panther language, was designed for IoT application development to unify existing programming languages. …

Rethinking The I/O Stack For Persistent Memory, Mohammad Ataur Rahman Chowdhury

FIU Electronic Theses and Dissertations

Modern operating systems have been designed around the hypotheses that (a) memory is both byte-addressable and volatile and (b) storage is block addressable and persistent. The arrival of new Persistent Memory (PM) technologies, has made these assumptions obsolete. Despite much of the recent work in this space, the need for consistently sharing PM data across multiple applications remains an urgent, unsolved problem. Furthermore, the availability of simple yet powerful operating system support remains elusive.

In this dissertation, we propose and build The Region System – a high-performance operating system stack for PM that implements usable consistency and persistence for application …

Traffic-Aware Deployment Of Interdependent Nfv Middleboxes In Software-Defined Networks, Wenrui Ma

FIU Electronic Theses and Dissertations

Middleboxes, such as firewalls, Network Address Translators (NATs), Wide Area Network (WAN) optimizers, or Deep Packet Inspector (DPIs), are widely deployed in modern networks to improve network security and performance. Traditional middleboxes are typically hardware based, which are expensive and closed systems with little extensibility. Furthermore, they are developed by different vendors and deployed as standalone devices with little scalability. As the development of networks in scale, the limitations of traditional middleboxes bring great challenges in middlebox deployments.

Network Function Virtualization (NFV) technology provides a promising alternative, which enables flexible deployment of middleboxes, as virtual machines (VMs) running on standard …

Optimizing Main Memory Usage In Modern Computing Systems To Improve Overall System Performance, Daniel Jose Campello

FIU Electronic Theses and Dissertations

Operating Systems use fast, CPU-addressable main memory to maintain an application’s temporary data as anonymous data and to cache copies of persistent data stored in slower block-based storage devices. However, the use of this faster memory comes at a high cost. Therefore, several techniques have been implemented to use main memory more efficiently in the literature. In this dissertation we introduce three distinct approaches to improve overall system performance by optimizing main memory usage.

First, DRAM and host-side caching of file system data are used for speeding up virtual machine performance in today’s virtualized data centers. The clustering of VM …

Data Verifications For Online Social Networks, Mahmudur Rahman

FIU Electronic Theses and Dissertations

Social networks are popular platforms that simplify user interaction and encourage collaboration. They collect large amounts of media from their users, often reported from mobile devices. The value and impact of social media makes it however an attractive attack target. In this thesis, we focus on the following social media vulnerabilities. First, review centered social networks such as Yelp and Google Play have been shown to be the targets of significant search rank and malware proliferation attacks. Detecting fraudulent behaviors is thus paramount to prevent not only public opinion bias, but also to curb the distribution of malware. Second, the …

Improving Resource Management In Virtualized Data Centers Using Application Performance Models, Sajib Kundu

FIU Electronic Theses and Dissertations

The rapid growth of virtualized data centers and cloud hosting services is making the management of physical resources such as CPU, memory, and I/O bandwidth in data center servers increasingly important. Server management now involves dealing with multiple dissimilar applications with varying Service-Level-Agreements (SLAs) and multiple resource dimensions. The multiplicity and diversity of resources and applications are rendering administrative tasks more complex and challenging. This thesis aimed to develop a framework and techniques that would help substantially reduce data center management complexity.

We specifically addressed two crucial data center operations. First, we precisely estimated capacity requirements of client virtual machines …

On Optimizing Compatible Security Policies In Wireless Networks, Scott C-H Huang, Kia Makki, Nikki Pissinou

Telecommunications and Information Technology Institute

This paper deals with finding the maximum number of security policies without conflicts. By doing so we can remove security loophole that causes security violation. We present the problem of maximum compatible security policy and its relationship to the problem of maximum acyclic subgraph, which is proved to be NP-hard. Then we present a polynomial-time approximation algorithm and show that our result has approximation ratio for any integer with complexity .