Defense Notices

This project offers a hands-on investigation of object identification utilizing the YOLO method, Python, and OpenCV. It begins by explaining the YOLO architecture, focusing on the single-stage detection process for bounding box prediction and class probability calculation. The setup phase includes library installation and model configuration, resulting in a smooth implementation procedure. Using OpenCV, the project includes preparatory processes required for object detection in images. The YOLO model is seamlessly integrated into the OpenCV framework, enabling object detection. Post-processing techniques, such as non-maximum suppression, are used to modify detection results and improve accuracy. Visualizations, such as bounding boxes and labels, are used to help interpret the discovered items. The project finishes by investigating potential expansions and optimizations, such as custom dataset training and deployment on edge devices, opening up new paths for further investigation and development. This project provides developers with the tools and knowledge they need to build effective object detection systems for a wide range of applications, from surveillance and security to autonomous vehicles and augmented reality.

In this dissertation our goal is to evaluate how the loss of information at binary-level affects the performance of existing compiler-level techniques in terms of both efficiency and effectiveness. Binary analysis is difficult, as most of semantic and syntactic information available at source-level gets lost during the compilation process. If the binary is stripped and/ or optimized, then it negatively affects the efficacy of binary analysis frameworks. Moreover, handwritten assembly, obfuscation, excessive indirect calls or jumps, etc. further degrade the accuracy of binary analysis. Challenges to precise binary analysis have implications on the effectiveness, accuracy, and performance, of security and program hardening techniques implemented at the binary level. While these challenges are well-known, their respective impacts on the effectiveness and performance of program hardening techniques are less well-studied.

In this dissertation, we employ classes of defense mechanisms to protect software from the most common software attacks, like buffer overflows and control flow attacks, to determine how this loss of program information at the binary-level affects the effectiveness and performance of defense mechanisms. Additionally, we aim to tackle an important problem of type recovery from binary executables that in turn help bolster the software protection mechanisms.

Accurate inference from collected agricultural (AG) data is crucial for optimizing crop production. However, existing methods for soil inorganic nitrogen (IN) level approximation fall short in providing accurate estimations when applied to different production sites. To overcome this challenge, we propose a novel Generative Adversarial Network (GAN) model leveraging a Gated Recurrent Unit (GRU)-based deep learning model, called Agricultural-Predictive GAN (A-PGAN), to predict soil IN from sparse time-series AG data. Our A-PGAN outperforms conventional GAN models, e.g., Wasserstein GAN (WGAN), by augmenting synthesized data sequences to the existing sequences, particularly enhancing generalization performance for out-of-domain data. Additionally, our model demonstrates the flexibility to adapt to varying time intervals and lengths of agronomic features. Simulation results highlight significant improvements in prediction accuracy on both offline simulation data and real AG data. Our proposed model creates new opportunities for the agricultural community to leverage generative deep learning models in synthesizing realistic and out-of-domain data, thereby addressing the challenge of limited AG data and reducing the cost associated with precision agriculture.

Advancements in web technologies have significantly expanded access to diverse cultural narratives, yet black literature remains underrepresented in digital domains. The BlackLitNetwork addresses this oversight by harnessing Elasticsearch, MongoDB, React, Python, CSS, HTML, and Node.js, to enhance the discoverability and engagement with black novels. A major component of the platform is a novel generator built with Elasticsearch, which employs powerful full-text search capabilities, essential for users to navigate an extensive literary database effectively.

MongoDB supports the archives platform with a flexible data schema for managing varied literary content efficiently, while Python facilitates robust data cleaning and preprocessing to ensure data integrity and usability. The user interface, created using React, transforms Figma designs from our design team into a dynamic web presence, integrating HTML and CSS to ensure both aesthetic appeal and accessibility.

To further enhance security and manageability, we've implemented a Node.js backend. This layer acts as a middleware, managing and processing requests between our frontend and Elasticsearch. This not only secures our data interactions but also allows for request handling before querying Elasticsearch. This architecture ensures that BlackLitNetwork remains scalable and maintainable.

BlackLitNetwork also features specialized pages for podcasts, briefs, and interactive data visualizations, each designed to highlight historical, and contextual elements of black literature. These components aid in fostering a deeper understanding, establishing BlackLitNetwork as a tool for scholars. This project not only enriches the field of humanities but also promotes a broader understanding of the black literary heritage, making it a resource for researchers, educators, and readers keen on exploring the richness of black literature.

Writing algorithms for a parallel or distributed environment has always been plagued with a variety of challenges, from supervising synchronous reads and writes, to managing job queues and avoiding deadlock. While many languages have libraries or language constructs to mitigate these obstacles, very few attempt to remove those challenges entirely, and even fewer do so while divorcing the means of handling those problems from the means of parallelization or distribution. This project introduces a language called Swarm, which attempts to do just that.

Swarm is a first-class parallel/distributed programming language with modular, swappable parallel drivers. It is intended for everything from multi-threaded local computation on a single machine to large scientific computations split across many nodes in a cluster.

Swarm contains next to no explicit syntax for typical parallel logic, only containing keywords for declaring which variables should reside in shared memory, and describing what code should be parallelized. The remainder of the logic (such as waiting for the results from distributed jobs or locking shared accesses) are added in when compiling to a custom bytecode called Swarm Virtual Instructions (SVI). SVI is then executed by a virtual machine whose parallelization logic is abstracted out, such that the same SVI bytecode can be executed in any parallel/distributed environment.

Full-system simulation of computer systems is critical for capturing the complex interplay between various hardware and software components in future systems. Modeling the network subsystem is indispensable for the fidelity of full-system simulations due to the increasing importance of scale-out systems. Over the last decade, the network software stack has undergone major changes, with userspace networking stacks and data-plane networks rapidly replacing the conventional kernel network stack. Nevertheless, the current state-of-the-art architectural simulator, gem5, still employs kernel networking, which precludes realistic network application scenarios.

First, we perform a comprehensive profiling study to identify and propose architectural optimizations to accelerate a state-of-the-art architectural simulator. We choose gem5 as the representative architectural simulator, run several simulations with various configurations, perform a detailed architectural analysis of the gem5 source code on different server platforms, tune both system and architectural settings for running simulations, and discuss the future opportunities in accelerating gem5 as an important application. Our detailed profiling of gem5 reveals that its performance is extremely sensitive to the size of the L1 cache. Our experimental results show that a RISC-V core with 32KB data and instruction cache improves gem5’s simulation speed by 31%∼61% compared with a baseline core with 8KB L1 caches. Second, this work extends gem5’s networking capabilities by integrating kernel-bypass/user-space networking based on the DPDK framework, significantly enhancing network throughput and reducing latency. By enabling user-space networking, the simulator achieves a substantial 6.3× improvement in network bandwidth compared to traditional Linux software stacks. Our hardware packet generator model (EtherLoadGen) provides up to a 2.1× speedup in simulation time. Additionally, we develop a suite of networking micro-benchmarks for stress testing the host network stack, allowing for efficient evaluation of gem5’s performance. Through detailed experimental analysis, we characterize the performance differences when running the DPDK network stack on both real systems and gem5, highlighting the sensitivity of DPDK performance to various system and microarchitecture parameters.

Coupled line couplers are used as directional couplers to enable measurement of forward and reverse power in RF transmitters. These measurements provide valuable feedback to the control loops regulating transmitter power output levels. This project seeks to synthesize, simulate, build, and test a broadband, five-stage coupled line coupler with a 20 dB coupling factor. The coupler synthesis is evaluated against ideal coupler components in Keysight ADS.  Fabrication of coupled line couplers is typically accomplished with a stripline topology, but a microstrip topology is additionally evaluated. Measurements from the fabricated coupled line couplers are then compared to the Keysight ADS EM simulations, and some explanations for the differences are provided. Additionally, measurements from a commercially available broadband directional coupler are provided to show what can be accomplished with the right budget.

Survival analysis plays a crucial role in many healthcare decisions, where the risk prediction for the events of interest can support an informative outlook for a patient's medical journey. Given the existence of data censoring, an effective way of survival analysis is to enforce the pairwise temporal concordance between censored and observed data, aiming to utilize the time interval before censoring as partially observed time-to-event labels for supervised learning. Although existing studies mostly employed ranking methods to pursue an ordering objective, contrastive methods which learn a discriminative embedding by having data contrast against each other, have not been explored thoroughly for survival analysis. Therefore, we propose a novel Ontology-aware Temporality-based Contrastive Survival (OTCSurv) analysis framework that utilizes survival durations from both censored and observed data to define temporal distinctiveness and construct negative sample pairs with adjustable hardness for contrastive learning. Specifically, we first use an ontological encoder and a sequential self-attention encoder to represent the longitudinal EHR data with rich contexts. Second, we design a temporal contrastive loss to capture varying survival durations in a supervised setting through a hardness-aware negative sampling mechanism. Last, we incorporate the contrastive task into the time-to-event predictive task with multiple loss components. We conduct extensive experiments using a large EHR dataset to forecast the risk of hospitalized patients who are in danger of developing acute kidney injury (AKI), a critical and urgent medical condition. The effectiveness and explainability of the proposed model are validated through comprehensive quantitative and qualitative studies.

Significant developments in communication methods to help support at-risk populations have increased over the last 10 years. We view at-risk populations as a group of people present in environments where the use of infrastructure or electricity, including telecommunications, is censored and/or dangerous. Security features that accompany these communication mechanisms are essential to protect the confidentiality of its user base and the integrity and availability of the communication network.

In this work, we look at the feasibility of using Bluetooth Mesh as a communication network and analyze the security features that are inherent to the protocol. Through this analysis we determine the strengths and weaknesses of Bluetooth Mesh security features when used as a messaging medium for at risk populations and provide improvements to current shortcomings. Our analysis includes looking at the Bluetooth Mesh Networking Security Fundamentals as described by the Bluetooth Sig: Encryption and Authentication, Separation of Concerns, Area isolation, Key Refresh, Message Obfuscation, Replay Attack Protection, Trashcan Attack Protection, and Secure Device Provisioning.  We look at how each security feature is implemented and determine if these implementations are sufficient in protecting the users from various attack vectors. For example, we examined the Blue Mirror attack, a reflection attack during the provisioning process which leads to the compromise of network keys, while also assessing the under-researched key refresh mechanism. We propose a mechanism to address Blue-Mirror-oriented attacks with the goal of creating a more secure provisioning process.  To analyze the key refresh mechanism, we implemented our own full-fledged Bluetooth Mesh network and implemented a key refresh mechanism. Through this we form an assessment of the throughput, range, and impacts of a key refresh in both lab and field environments that demonstrate the suitability of our solution as a secure communication method.

With the increasing scale of high-performance computing (HPC) systems, transient bit-flip errors are now more likely than ever, posing a threat to long-running scientific applications. A substantial portion of these applications involve the simulation of partial differential equations (PDEs) modeling physical processes over discretized spatial and temporal domains, with some requiring the solving of sparse linear systems. While these applications are often paired with system-level application-agnostic resilience techniques such as checkpointing and replication, the utilization of these techniques imposes significant overhead. In this work, we present a probability-aware framework that produces low-overhead selective protection schemes for the widely used Preconditioned Conjugate Gradient (PCG) method, whose performance can heavily degrade due to error propagation through the sparse matrix-vector multiplication (SpMV) operation. Through the use of a straightforward mathematical model and an optimized machine learning model, our selective protection schemes incorporate error probability to protect only certain crucial operations. An experimental evaluation using 15 matrices from the SuiteSparse Matrix Collection demonstrates that our protection schemes effectively reduce resilience overheads, often outperforming or matching both baseline and established protection schemes across all error probabilities.

The growth of IoT and voice assistant (VA) apps poses increasing concerns about sensitive data leaks. While privacy policies are required to describe how these apps use private user data (i.e., data practice), problems such as missing, inaccurate, and inconsistent policies have been repeatedly reported. Therefore, it is important to assess the actual data practice in apps and identify the potential gaps between the actual and declared data usage. We find that app stores lack in regulating the compliance between the app practices and their declaration, so we use AI to discover the compliance issues in these apps to assist the regulators and developers. For VA apps, we also develop a mechanism to enforce the compliance using AI. In this work, we conduct a measurement study using our framework called IoTPrivComp, which applies an automated analysis of IoT apps’ code and privacy policies to identify compliance gaps. We collect 1,489 IoT apps with English privacy policies from the Play Store. IoTPrivComp detects 532 apps with sensitive external data flows, among which 408 (76.7%) apps have undisclosed data leaks. Moreover, 63.4% of the data flows that involve health and wellness data are inconsistent with the practices disclosed in the apps’ privacy policies. Next, we focus on the compliance issues in skills. VAs, such as Amazon Alexa, are integrated with numerous devices in homes and cars to process user requests using apps called skills. With their growing popularity, VAs also pose serious privacy concerns. Sensitive user data captured by VAs may be transmitted to third-party skills without users’ consent or knowledge about how their data is processed. Privacy policies are a standard medium to inform the users of the data practices performed by the skills. However, privacy policy compliance verification of such skills is challenging, since the source code is controlled by the skill developers, who can make arbitrary changes to the behaviors of the skill without being audited; hence, conventional defense mechanisms using static/dynamic code analysis can be easily escaped. We present Eunomia, the first real-time privacy compliance firewall for Alexa Skills. As the skills interact with the users, Eunomia monitors their actions by hijacking and examining the communications from the skills to the users, and validates them against the published privacy policies that are parsed using a BERT-based policy analysis module. When non-compliant skill behaviors are detected, Eunomia stops the interaction and warns the user. We evaluate Eunomia with 55,898 skills on Amazon skills store to demonstrate its effectiveness and to provide a privacy compliance landscape of Alexa skills.

Deep learning leads the performance in many areas of computer vision. However, after a decade of research, it tends to require larger datasets and more complex models, leading to heightened resource consumption across all fronts. Regrettably, meeting these requirements proves challenging in many real-life scenarios. First, both data collection and labeling processes entail substantial labor and time investments. This challenge becomes especially pronounced in domains such as medicine, where identifying rare diseases demands meticulous data curation. Secondly, the large size of state-of-the-art models, such as ViT, Stable Diffusion, and ConvNext, hinders their deployment on resource-constrained platforms like mobile devices. Research indicates pervasive redundancies within current neural network structures, exacerbating the issue. Lastly, even with ample datasets and optimized models, the time required for training and inference remains prohibitive in certain contexts. Consequently, there is a burgeoning interest among researchers in exploring avenues for efficient artificial intelligence.

This study endeavors to delve into various facets of efficiency within computer vision, including data efficiency, model efficiency, as well as training and inference efficiency. The data efficiency is improved from the perspective of increasing information brought by given image inputs and reducing redundancies of RGB image formats. To achieve this, we propose to integrate both spatial and frequency representations to finetune the classifier. Additionally, we propose explicitly increasing the input information density in the frequency domain by deleting unimportant frequency channels. For model efficiency, we scrutinize the redundancies present in widely used vision transformers. Our investigation reveals that trivial attention in their attention modules covers useful non-trivial attention due to its large amount. We propose mitigating the impact of accumulated trivial attention weights. To increase training efficiency, we propose SuperLoRA, a generation of LoRA adapter, to fine-tune pretrained models with few iterations and extremely-low parameters. Finally, a model simplification pipeline is proposed to further reduce inference time on mobile devices. By addressing these challenges, we aim to advance the practicality and performance of computer vision systems in real-world applications.