Defense Notices

Billions of dollars are lost every year to successful cyber attacks that are fundamentally enabled by software vulnerabilities. Modern cyber attacks increasingly threaten individuals, organizations, and governments, causing service disruption, inconvenience, and costly incident response. Given that such attacks are primarily enabled by software vulnerabilities, this work examines the efficacy of using change metrics, along with architectural burst and maintainability metrics, to predict modules and files that should be analyzed or tested further to excise vulnerabilities prior to release. 

The problem addressed by this research is the residual vulnerability problem, or vulnerabilities that evade detection and persist in released software. Many modern software projects are over a million lines of code, and composed of reused components of varying maturity. The sheer size of modern software, along with the reuse of existing open source modules, complicates the questions of where to look, and in what order to look, for residual vulnerabilities. 

Traditional code complexity metrics, along with newer frequency based churn metrics (mined from software repository change history), are selected specifically for their relevance to the residual vulnerability problem. We compare the performance of these complexity and churn metrics to architectural level change burst metrics, automatically mined from the git repositories of the Mozilla Firefox Web Browser, Apache HTTP Web Server, and the MySQL Database Server, for the purpose of predicting attack prone files and modules. 

We offer new empirical data quantifying the relationship between our selected metrics and the severity of vulnerable files and modules, assessed using severity data compiled from the NIST National Vulnerability Database, and cross-referenced to our study subjects using unique identifers defined by the Common Vulnerabilities and Exposures (CVE) vulnerability catalog. Our results show that architectural level change burst metrics can perform well in situations where more traditional complexity metrics fail as reliable estimators of vulnerability severity. In particular, results from our experiments on Apache HTTP Web Server indicate that architectural level change burst metrics show high correlation with the severity of known vulnerable modules, and do so with information directly available from the version control repository change-set (i.e., commit) history. 

Incomplete and numerical data are common for many application domains. There have been many approaches to handle missing data in statistical analysis and data mining. To deal with numerical data, discretization is crucial for many machine learning algorithms. However, most of the discretization algorithms cannot be applied to incomplete data sets. 

Multiple Scanning is an entropy based discretization method. Previous research shown it outperforms commonly used discretization methods: Equal Width or Equal Frequency discretization. In this work, Multiple Scanning is tested on C4.5 and MLEM2 on incomplete datasets. Results show for some data sets, the setup utilizing Multiple Scanning as preprocessing performs better, for the other data sets, C4.5 or MLEM2 should be used by themselves. Our conclusion is that there are no universal optimal solutions for all data sets. Setup should be custom-made. 

Rough set theory is a useful approach for decision rule induction, which is applied, to large life data sets. Lower and upper approximations of concepts values are used to induce rules for incomplete data sets. In our research we will study validity of modifications suggested to characteristic relation. We discuss the implementation of modifications to characteristic relation, and the local definability of each modified set. We show that all suggested modifications sets are not locally definable except for maximal consistent blocks that are restricted to data set with “do not care” conditions. A comparative analysis was conducted for characteristic sets and modifications in terms of cardinality of lower and upper approximations of each concept and decision rules induced by each modification. In this thesis, experiments were conducted on four incomplete data sets with lost and “do not care “ conditions. LEM2 algorithm was implemented to induce certain and possible rules form the incomplete data set. To measure the classification average error rate for induced rules, ten-fold cross validation was implemented. Our results show that there is no significant difference between the qualities of rule induced from each modification.

Increasing the rate of crop yield is an important issue to meet projected future crop production demands. Breeding efforts are being made to rapidly improve crop yields and make them more stress-resistance. Accelerated molecular breeding techniques, in which desirable plant physical traits are selected based on genetic markers, rely on accurate and rapid methods to link plant genotypes and phenotypes. Advances in next-generation-DNA sequencing have made genotyping a fast and efficient process. In contrast, methods for characterizing physical traits remain inefficient. 
The height of wheat crop is an important trait as it may be related to yield and biomass. It is also an indicator of plant growth-stage. Recent high-throughput-phenotyping experiments have used sensing techniques to measure canopy height based on ultrasound sonar and cameras. The main drawback of these methods is that the ground topography is not directly measured. 
In contrast to current sensors, ultra-wideband radars have the potential to take distance measurements to the top of the canopy and the ground simultaneously. We propose the study of ultra-wideband radar for measuring wheat crop heights. Specifically, we propose to study the effects of canopy constituents on the ranging radar-return or impulse-response, as well as on the frequency-response. First, a numerical simulator will be developed to accurately calculate the radar response at different canopy conditions. Second, a parametric study will be performed with aforementioned simulator. Lastly, an estimation algorithm for crop canopy heights will be developed, based on the parametric study. 

Energy harvesting from solar sources in an attempt to increase efficiency has sparked interest in many communities to develop more energy harvesting applications for renewable energy topics. Advanced technical methods are required to ensure the maximum available power is harnessed from the photovoltaic (PV) system. This work proposes a new discrete-in-time extremum-seeking based technique for tracking the maximum power point of a photovoltaic array. The proposed method is a true maximum power point tracker that can be implemented with reasonable processing effort on an expensive digital controller. The approach is to study the stability analysis of the proposed method to guarantee the convergence of the algorithm. The proposed method should exhibit better performance in comparison to conventional Maximum Power Point Tracking (MPPT) methods and require less computational effort than the complex mathematical methods. 

Online social networks (OSNs) like Twitter provide an open platform for users to easily convey their thoughts and ideas from personal experiences to breaking news. With the increasing popularity of Twitter and the explosion of tweets, we have observed large amounts of potentially sensitive/private messages being published to OSNs inadvertently or voluntarily. The owners of these messages may become vulnerable to online stalkers or adversaries, and they often regret posting such messages. Therefore, identifying tweets that reveal private/sensitive information is critical for both the users and the service providers. However, the definition of sensitive information is subjective and different from person to person. To develop a privacy protection mechanism that is customizable to fit the needs of diverse audiences, it is essential to accurately and automatically identify and classify potentially sensitive tweets. 
In this project, we adopted a two-step approach - private tweet identification, and private tweet classification. We make the first attempt to classify private tweets into two main categories, sensitive and nonsensitive - private tweet identification, followed by private tweet classification where we categorize the sensitive tweets into 13 pre-defined topics. We consider private tweet identification and private tweet classification as dual-problems. Progress towards one of them will eventually benefit the other. We used a 2-layer classification approach, where we explore different combinations of classifiers, and analyze the performance of each combination. 

Bistatic Radar systems utilize physically separate transmit and receive systems to collect information that monostatic systems cannot. One issue with developing bisatic systems is guaranteeing synchronization between the transmitters and receivers. This project presents a purely digital method for improving synchronization of a bistatic system based on the GPS PPS signal, and using step-time for both transmitter and receiver timing. The issue of bistatic synchronization is simulated in Matlab and then modified to utilize the proposed step-time adjustment to show that the method works in theory. This method is then implemented in hardware on the digital system of CReSIS’s ‘HF Sounder’ radar system, and then tested to verify that the proposed method can be implemented in hardware and that it improves performance.

Just-in-time (JIT) compilation during program execution and 
ahead-of-time (AOT) compilation during software installation are 
alternate techniques used by managed language virtual machines 
(VM) to generate optimized native code while simultaneously 
achieving binary code portability and high execution performance. 
JIT compilers typically collect profile information at run-time to 
enable profile-guided optimizations (PGO) to customize the gener- 
ated native code to different program inputs/behaviors. AOT com- 
pilation removes the speed and energy overhead of online profile 
collection and dynamic compilation, but may not be able to achieve 
the quality and performance of customized native code. The goal 
of this work is to investigate and quantify the implications of the 
AOT compilation model on the quality of the generated native code 
for current VMs. 
First, we quantify the quality of native code generated by the 
two compilation models for a state-of-the-art (HotSpot) Java VM. 
Second, we determine how the amount of profile data collected af- 
fects the quality of generated code. Third, we develop a mechanism 
to determine the accuracy or similarity of different profile data for a 
given program run, and investigate how the accuracy of profile data 
affects its ability to effectively guide PGOs. Finally, we categorize 
the profile data types in our VM and explore the contribution of 
each such category to performance. 

Data mining is the process of finding meaningful information from data. Data mining can be used in several areas like business, medicine, education etc. It allows us to find patterns in the data and make predictions for the future. One form of data mining is to extract rules from data sets. In this project we discuss an implementation of one of the data mining algorithms called MLEM2 (Modified Learning from Examples Module, version 2). This algorithm uses the concept of blocks of attribute-value pairs. It is also robust and generates rules for both complete and incomplete data sets with numeric and symbolic attributes. A rule checker has been developed which is used to evaluate the rule sets produced by MLEM2. The accuracy of the rules is measured by computing the error rate which is the ratio of the number of incorrectly classified cases to the total number of all cases. Experiments are conducted on different kinds of data sets (complete, incomplete, numeric and symbolic) using 10-fold cross validation method.

Mobility models generate the mobility patterns of the nodes in a given system. Mobility models help us to analyze and study the characteristic of new and existing systems. Various mobility models implemented in network simulation tools like ns-3 does not model the patterns of human mobility. The main idea of this project is to implement the truncated Lévy walk mobility model in ns-3. The model has two variations, in the first variation, the flight length and pause time of the nodes are determined from the truncated Pareto distribution and in the second variation, Lévy distribution models the flight length and pause time distributions and the values are obtained by Lévy α-stable random number generator. The mobility patterns of the nodes are generated and analyzed for the model by changing various model attributes. Further studies can be done to understand the behavior of these models for different ad hoc networking protocols.