- Refereed Publications
- Technical Reports
- Demos
- Conference/Workshop Summaries
- Posters
- Papers and Presentations made as part of my coursework
 Pdf |
 Ppt |
 Software |
 Bibtex |
Arun Viswanathan, Alefiya Hussain, Jelena Mirkovic, Stephen Schwab and John Wroclawski. A Semantic Framework for Data Analysis in Networked Systems. In Proceedings of the 8th USENIX Symposium on Networked Systems Design and Implementation (NSDI), April 2011. [ Abstract ] |
|
Effective analysis of raw data from networked systems requires bridging the semantic gap between the data and the user’s high-level understanding of the system. The raw data represents facts about the system state and analysis involves identifying a set of semantically relevant behaviors, which represent “interesting” relationships between these facts. Current analysis tools, such as wireshark and splunk, restrict analysis to the low-level of individual facts and provide limited constructs to aid users in bridging the semantic gap. Our objective is to enable semantic analysis at a level closer to the user’s understanding of the system or process. The key to our approach is the introduction of a logic-based formulation of high-level behavior abstractions as a sequence or a group of related facts. This allows treating behavior representations as fundamental analysis primitives, elevating analysis to a higher semantic-level of abstraction. In this paper, we propose a behavior-based semantic analysis framework which provides: (a) a formal language for modeling high-level assertions over networked systems data as behavior models, (b) an analysis engine for extracting instances of user-specified behavior models from raw data. Our approach emphasizes reuse, composibility and extensibility of abstractions. We demonstrate the effectiveness of our approach by applying it to five analyses tasks; modeling a hypothesis on traffic traces, modeling experiment behavior, modeling a security threat, modeling dynamic change and composing higher-level models. Finally, we discuss the performance of our framework in terms of behavior complexity and number of input records.
|
||||
| Alefiya Hussain, Arun Viswanathan. Multiresolution Semantic Visualization of Network Traffic. Proceedings of IEEE Workshop on Semantic Computing for Security and Privacy (IEEE ICSC 2011), Sep 2011. | ||||
Arun Viswanathan, Clifford Neuman (January 2009). Secure System Views: A New Paradigm for Secure Usable Systems USC/ISI Technical Report ISI-TR-654. [ Abstract ]
The general purpose computer has become pervasive and we find it supporting an increasing number of functions including music, video, gaming, communications, banking and business. This multi-functional use reduces the isolation between functions which ultimately results in easy system breaches. A key reason for this insecurity, in spite of security, is perceived to be system complexity and the complexity in managing security by the average user. Security is unusable by most users and is typically turned off or completely ignored. Building on key themes of providing usable security and reducing complexity, this work proposes a new design paradigm called Secure System Views. A View is defined as an active instance of the system for performing a specific function. The paradigm provides a function-centric and security-centric approach for building general purpose systems using views. Views in SSV reduce the system complexity and also isolate the various functions of a user. The end-result is a usably secure system in which the user still performs his normal functions but in a secure way.
Arun Viswanathan, Jelena Mirkovic, Karen Sollins (Mar 2010). Demo Abstract: ThirdEye: Diagnostics and Analytics Framework for Testbed Experiments Infocomm 2010 Demo Abstract. [ Abstract ]
Testbed experiments are distributed by nature, which makes problem detection, diagnosis and remediation challenging and time consuming. Large-scale experiments are difficult to monitor manually and complex experiments fail due to the smallest misconfiguration or unforeseen problems which ultimately impact their correctness, repeatability and analysis. Traditional practices of monitoring, debugging and analyzing experiments are experiment-specific, consume valuable experimenter time and increase the barrier for complex experimentation. We propose ThirdEye, an extensible, experiment-independent, diagnostics and analytics framework providing a unified interface to monitor, diagnose, analyze and visualize testbed experiments.
Session Summaries for Workshop on Cyber Security Experimentation and Test (CSET'09) August 2009, Montreal, Canada. Published in the Usenix ;login issue of December 2009.
Arun Viswanathan, Jelena Mirkovic. ThirdEye: Diagnostics and Analytics Framework for Testbed Experiments. INFOCOMM 2010 Poster.
Arun Viswanathan (2009). Hacking the Web.
Given as part of Web Technologies course at USC in Spring 2009. Intention was to make it a sort of reference manual and thus it tries to cover a lot of vocabulary related to web security and provides relevant pointers.
Arun Viswanathan (2007). Virtualization with XEN .
Given as part of Trusted Computing course in Spring 2007.
Arun Viswanathan (2007). Design of softtpm .
Given as part of Trusted Computing course project in Spring 2007. This presentation details my TPM emulator implementation on the linux kernel.
Arun Viswanathan (2007). Leveraging the Trusted Platform Module for improving authentication systems. USC CSCI-555 Term Paper [Abstract]
Authentication has been the goal of authorization in security. Security researchers over the years have proposed several authentication systems like Kerberos, Andrew Secure RPC, Ottway-Rees,CCITT X.509 and others. These have proven to be extremely Robust and attacker safe for a lot of practical purposes inspite of the flaws found in them. Authentication protocols have traditionally based their threat models on the assumption that the end hosts are largely secure and have focused on handling attacks against the protocol on wire. Unfortunately, with the continuous rise in threats from rootkits, keyloggers and other exotic types of malware, the threat of the end host being easily compromised and modified is no more unreal. Such malware has the potential of hiding surreptitiously inside a system and stealing user credentials like keys and passwords, thus rendering the authentication services meaningless.Solutions don’t exist yet to address the above threats. Trusted Computing, an evolving computing paradigm, promises solutions to the above problems by providing a more secure and trusted environment for implementing such protocols. The paper evaluates the authentication systems in the light of new threats and proposes solutions for addressing the same using trusted computing concepts. A brief discussion on problems and possible solutions for threats e against authentication in ad-hoc networks is also presented at the end. The paper focuses merely on the functionality aspects and not on the performance implications of using trusted computing.
Arun Viswanathan (2006). Architectural requirements for a next generation Trusted Operating System (TrOS) . USC CSCI-530 Term Paper [Abstract]
This paper surveys the research done in both areas of Trusted Computing and Virtual Machines and presents a list of requirements for a next generation trusted operating system. Additionally, the paper tries to present a concept of “Plug and Play security” which implies security with minimal fuss and configuration. Broadly, the paper tries to nail down the specifications for a next generation Trusted Operating System with the following objectives: a) Provide high assurance b) Provide resilience to malicious code c) Provide isolation and containment for different applications d) Provide seamless and “plug and play security” to the common user.
