Tech Reports in Computer Science and Engineering

Permanent URI for this communityhttp://hdl.handle.net/1903/5

The technical reports collections in this community are deposited by the Library of the Computer Science department. If you have questions about these collections, please contact library staff at library@cs.umd.edu

Browse

Start date: 2010End date: 2019

Search Results

Now showing 1 - 10 of 92
  • Thumbnail Image
    Item
    Design and Evaluation of Monolithic Computers Implemented Using Crossbar ReRAM
    (2019-07-16) Jagasivamani, Meenatchi; Walden, Candace; Singh, Devesh; Li, Shang; Kang, Luyi; Asnaashari, Mehdi; Dubois, Sylvain; Jacob, Bruce; Yeung, Donald
    A monolithic computer is an emerging architecture in which a multicore CPU and a high-capacity main memory system are all integrated in a single die. We believe such architectures will be possible in the near future due to nonvolatile memory technology, such as the resistive random access memory, or ReRAM, from Crossbar Incorporated. Crossbar's ReRAM can be fabricated in a standard CMOS logic process, allowing it to be integrated into a CPU's die. The ReRAM cells are manufactured in between metal wires and do not employ per-cell access transistors, leaving the bulk of the base silicon area vacant. This means that a CPU can be monolithically integrated directly underneath the ReRAM memory, allowing the cores to have massively parallel access to the main memory. This paper presents the characteristics of Crossbar's ReRAM technology, informing architects on how ReRAM can enable monolithic computers. Then, it develops a CPU and memory system architecture around those characteristics, especially to exploit the unprecedented memory-level parallelism. The architecture employs a tiled CPU, and incorporates memory controllers into every compute tile that support a variable access granularity to enable high scalability. Lastly, the paper conducts an experimental evaluation of monolithic computers on graph kernels and streaming computations. Our results show that compared to a DRAM-based tiled CPU, a monolithic computer achieves 4.7x higher performance on the graph kernels, and achieves roughly parity on the streaming computations. Given a future 7nm technology node, a monolithic computer could outperform the conventional system by 66% for the streaming computations.
  • Thumbnail Image
    Item
    Cell Maps on the Human Genome
    (2018-06-01) Cherniak, Christopher; Rodriguez-Esteban, Raul
    Sub-cellular organization is significantly mapped onto the human genome: Evidence is reported for a "cellunculus" -- on the model of a homunculus, on the H. sapiens genome. We have previously described a statistically significant, global, supra-chromosomal representation of the human body that appears to extend over the entire genome. Here, we extend the genome mapping model, zooming down to the typical individual animal cell. Basic cell structure turns out to map onto the total genome, mirrored via genes that express in particular cell organelles (e.g., “nuclear membrane”); evidence also suggests similar cell maps appear on individual chromosomes that map the dorsoventral body axis.
  • Thumbnail Image
    Item
    Digital Words: Moving Forward with Measuring the Readability of Online Texts
    (2018-10-26) Redmiles, Elissa M.; Maszkiewicz, Lisa; Hwang, Emily; Kuchhal, Dhruv; Liu, Everest; Morales, Miraida; Peskov, Denis; Rao, Sudha; Stevens, Rock; Gligoric, Kristina; Kross, Sean; Mazurek, Michelle L.; Daumé, Hal III
    The readability of a digital text can influence people’s information acquisition (Wikipedia articles), online security (how-to articles), and even health (WebMD). Readability metrics can also alter search rankings and are used to evaluate AI system performance. However, prior work on measuring readability has significant gaps, especially for HCI applications. Prior work has (a) focused on grade-school texts, (b) ignored domain-specific, jargon-heavy texts (e.g., health advice), and (c) failed to compare metrics, especially in the context of scaling to use with online corpora. This paper addresses these shortcomings by comparing well-known readability measures and a novel domain-specific approach across four different corpora: crowd-worker generated stories, Wikipedia articles, security and privacy advice, and health information. We evaluate the convergent, discriminant, and content validity of each measure and detail tradeoffs in domain-specificity and participant burden. These results provide a foundation for more accurate readability measurements in HCI.
  • Thumbnail Image
    Item
    A Comparison of Header and Deep Packet Features when Detecting Network Intrusions
    (2018-07-07) Watson, Gavin
    A classical multilayer perceptron algorithm and novel convolutional neural network payload classifying algorithm are presented for use on a realistic network intrusion detection dataset. The payload classifying algorithm is judged to be inferior to the multilayer perceptron but shows significance in being able to distinguish between network intrusions and benign traffic. The multilayer perceptron that is trained on less than 1% of the available classification data is judged to be a good modern estimate of usage in the real-world when compared to prior research. It boasts an average true positive rate of 94.5% and an average false positive rate of 4.68%.
  • Thumbnail Image
    Item
    Ethics Emerging: The Story of Privacy and Security Perceptions in Virtual Reality
    (2018-02-20) Adams, Devon; Bah, Alseny; Barwulor, Catherine; Musabay, Nureli; Pitkin, Kadeem; Redmiles, Elissa M.
    Virtual reality (VR) technology aims to transport the user to a virtual world, fully immersing them in an experience entirely separate from the real world. VR devices can use sensor data to draw deeply personal inferences (e.g., medical conditions, emotions) and can enable virtual crimes (e.g., theft, assault on virtual representations of the user) from which users have been shown to experience real, significant emotional pain. As such, VR may involve especially sensitive user data and interactions. To effectively mitigate such risks and design for safer experiences, we aim to understand end-user perceptions of VR risks and how, if at all, developers are considering and addressing those risks. In this paper, we present the first work on VR security and privacy perceptions: a mixed-methods study involving semi-structured interviews with 20 VR users and developers, a survey of VR privacy policies, and an ethics co-design study with VR developers. We establish a foundational understanding of perceived risks in VR; raise concerns about the state of VR privacy policies; and contribute a concrete VR developer "code of ethics", created by developers, for developers.
  • Thumbnail Image
    Item
    An Application of Jeeves for Honeypot Sanitization
    (2018-02-15) Webster, Ashton
    Being able to quickly create realistic honeypots is very useful for obtaining accurate information about attacker behavior. However, creating realistic honeypots requires sanitization of the original system from which the honeypot is derived. To achieve this the use of the Jeeves, a language based on faceted values, is extended to rapidly replace secret values with believable and non-interfering sanitized values. By making several changes to the source code of Jelf, a web server implemented in Jeeves, we are able to quickly and easily create sanitized honeypots. Our experiments show that the sanitized and unsanitized versions of Jelf only differ in response times by less than 1%.
  • Thumbnail Image
    Item
    Fast and Service-preserving Recovery from Malware Infections using CRIU
    (2018-02-15) Webster, Ashton; Eckenrod, Ryan; Purtilo, James
    Once a computer system has been infected with malware, restoring it to an uninfected state often requires costly service-interrupting actions such as rolling back to a stable snapshot or reimaging the system entirely. We present CRIU-MR: a technique for restoring an infected server system running within a Linux container to an uninfected state in a service-preserving manner using Checkpoint/Restore in Userspace (CRIU). We modify the CRIU source code to flexibly integrate with existing malware detection technologies so that it can remove suspected malware processes within a Linux container during a checkpoint/restore event. This allows for infected containers with a potentially damaged filesystem to be checkpointed and subsequently restored on a fresh backup filesystem while both removing malware processes and preserving the state of trusted ones. This method can be quickly performed with minimal impact on service availability, restoring active TCP connections and completely removing several types of malware from infected Linux containers.
  • Thumbnail Image
    Item
    A Summary of Survey Methodology Best Practices for Security and Privacy Researchers
    (2017-05-03) Redmiles, Elissa M.; Acar, Yasemin; Fahl, Sascha; Mazurek, Michelle L.
    "Given a choice between dancing pigs and security, users will pick dancing pigs every time," warns an oft-cited quote from well-known security researcher Bruce Schneier. This issue of understanding how to make security tools and mechanisms work better for humans (often categorized as usability, broadly construed) has become increasingly important over the past 17 years, as illustrated by the growing body of research. Usable security and privacy research has improved our understanding of how to help users stay safe from phishing attacks, and control access to their accounts, as just three examples. One key technique for understanding and improving how human decision making affects security is the gathering of self-reported data from users. This data is typically gathered via survey and interview studies, and serves to inform the broader security and privacy community about user needs, behaviors, and beliefs. The quality of this data, and the validity of subsequent research results, depends on the choices researchers make when designing their experiments. Contained here is a set of essential guidelines for conducting self-report usability studies distilled from prior work in survey methodology and related fields. Other fields that rely on self-report data, such as the health and social sciences, have established guidelines and recommendations for collecting high quality self-report data.
  • Thumbnail Image
    Item
    How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk and Web Panels to the U.S.
    (2017-02-21) Redmiles, Elissa M.; Kross, Sean; Pradhan, Alisha; Mazurek, Michelle L.
    Security and privacy researchers often rely on data collected from Amazon Mechanical Turk (MTurk) to evaluate security tools, to understand users' privacy preferences, to measure online behavior, and for other studies. While the demographics of MTurk are broader than some other options, researchers have also recently begun to use census-representative web-panels to sample respondents with more representative demographics. Yet, we know little about whether security and privacy results from either of these data sources generalize to a broader population. In this paper, we compare the results of a survey about security and privacy knowledge, experiences, advice, and internet behavior distributed using MTurk (n=480), a nearly census-representative web-panel (n=428), and a probabilistic telephone sample (n=3,000) statistically weighted to be accurate within 2.7% of the true prevalence in the U.S. Surprisingly, we find that MTurk responses are slightly more representative of the U.S. population than are responses from the census-representative panel, except for users who hold no more than a high-school diploma or who are 50 years of age or older. Further, we find that statistical weighting of MTurk responses to balance demographics does not significantly improve generalizability. This leads us to hypothesize that differences between MTurkers and the general public are due not to demographics, but to differences in factors such as internet skill. Overall, our findings offer tempered encouragement for researchers using MTurk samples and enhance our ability to appropriately contextualize and interpret the results of crowdsourced security and privacy research.
  • Thumbnail Image
    Item
    A Comparison of Transfer Learning Algorithms for Defect and Vulnerability Detection
    (2017-02-08) Webster, Ashton
    Machine learning techniques for defect and vulnerability detection have the potential to quickly direct developers' attention to software components with faulty implementations. Effective application of such defect prediction methods in practical software development environments requires transfer learning algorithms so that models built using existing projects can recognize defects as they emerge in a new project. Up until this study, comparing the efficacy of transfer learning algorithms was challenging because previous studies used differing data sets, baselines, and performance metrics. By providing open source implementations and baseline performance metrics for several transfer learning algorithms on two different data sets, our project offers software engineers the tools to objectively compare methods and readily identify top performing transfer learning algorithms in the domain of both vulnerability and defect prediction.