Publications in 2014

  • A. Gowing, S. Qian, A. Verzea, M. Cha, and M. Maheswaran, “Towards a Secure and Trusted Physical Object Model for Context Aware Computing”, Workshop on Privacy, Trust, and the IoT (PT-IoT’14) held in conjunction with 4th International Conference on Internet of Things, MIT Media Lab, Cambridge, MA, USA, Oct. 2014.

ABSTRACT - For smart gadgets to gain wider acceptance, we need to de- velop things that can program themselves as users manipulate them to perform their day-to-day chores (a good example is the Nest intelligent thermostat [1]). Users can interact with a ‘thing’ in the physical environment in many different ways including: (a) directly manipulating the thing by using the controls and menus offered by it, (b) moving it from one position to another position, and © bringing the thing near the proximity of other things that create a combination with specific capabilities (moving a smart chair near a smart desk). In this extended abstract, we describe a design for a secure and trusted physical object model (POM) that can be used to describe spaces and smart things for context aware computing purposes.

  • D. Ghosh, F. Jin, and M. Maheswaran, “JADE: A Unified Programming Framework for Things, Web, and Cloud”, 4th International Conference on Internet of Things, MIT Media Lab, Cambridge, MA, USA, Oct. 2014.

ABSTRACT - In this paper, we present JADE, a framework that allows a developer to mix C and JavaScript constructs with JADE supplied keywords to construct a complete program to solve a particular computing activity in a ‘thing’. We describe the language constructs introduced by JADE and explain how they can be used to realize different software interaction patterns involving the thing, web, and cloud. We implemented a proof-of- concept prototype of JADE over Intel Galileos, web, and cloud. The experience of using JADE to write applications on Intel Galileos is described in the paper.

  • D. Ghosh, L. Tomazeli, F. Jin, and M. Maheswaran, “SpaceOS: Operating System Services for Smart Computing Environments”, 3rd Workshop on Internet of Things: Smart Objects and Services (held in conjunction with IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks), Sydney, Australia, June 2014.

ABSTRACT - SpaceOS is a system software stack for smart computing environments. The major objective of SpaceOS is to make it easier to create applications and deploy them in smart computing environments. It provides several core services for managing smart devices in physical spaces and letting them interact with cloud backends and web-based users. SpaceOS also supports a programming language called Jade that leverages the facilities provided by the system software stack to provide a simpler programming model for the things.

  • A. Ranjbar and M. Maheswaran, “Using Community Structure to Control Information Sharing in Online Social Networks,” Computer Communications, to appear.

ABSTRACT - The dominant role of social networking in the web is turning human relations into conduits of information flow. This means that the way information spreads on the web is determined to a large extent by human decisions. Consequently, information security lies on the quality of the collective decisions made by the users. Recently, many access control schemes have been proposed to control unauthorized propagation of information in online social networks; however, there is still a need for mechanisms to evaluate the risk of information leakage within social networks. In this paper, we present a novel community-centric confidentiality control mechanism for information flow management on the web. We use a Monte Carlo based algorithm to determine the potential spread of a shared data object and to inform the user of the risk of information leakage associated with different sharing decisions she can make in a social network. By using the information provided by our algorithm, the user can curtail sharing decisions to reduce the risk of information leakage. Alternatively, our algorithm can provide input for a fully- or semi-automatic sharing decision maker that will determine the outcomes of sharing requests. Our scheme also provides a facility to reduce information flowing to a specific user (i.e., black listing a specific user). We used datasets from Facebook and Flickr to evaluate the performance of the proposed algorithms under different sharing conditions. The simulation results indicate that our algorithm can effectively control information sharing to reduce the risk of information leakage.

Publications in 2013

  • A. Nourian and M. Maheswaran, “Privacy Aware Image Template Matching and Filtering in Clouds Using Ambient Data,” Journal of Supercomputing, vol. 66, no. 2, November 2013, pp. 1049-1070.

ABSTRACT - Cloud computing is ideal for image storage and processing because it provides enormously scalable storage and processing resources at low cost. One of the major drawbacks of cloud computing, however, is the lack of robust mecha- nisms for the users to control the privacy of the data they farm out to the clouds. In this paper, we develop an image encoding scheme that enhances the privacy of image data that is outsourced to the clouds for processing. Unlike previously proposed image encryption schemes, our encoding scheme allows different forms of pixel-level image processing to take place in the clouds while the actual im- age is not revealed to the cloud provider. Our encoding scheme uses a chaotic map to transform the image after it is masked with an arbitrarily chosen ambi- ent image. We use numerous pixel-level image processing tasks such as template matching to demonstrate the ability of our scheme to perform computations on privacy enhanced images. A simplified prototype of the image processing system was implemented and the experimental results are presented in this paper.

  • A. Nourian and M. Maheswaran, “An Approach for Privacy Enhanced Pixel-Level Image Processing in Hybrid Clouds,” 22st International Conference on Computer Communications and Networks (ICCCN), July 2013, Nassau, Bahamas.

ABSTRACT - This paper presents a chaotic map based image encoding scheme that allows pixel-level operations to be applied on an image while it remains encoded. Using this image encoding scheme, sensitive images can be manipulated by untrusted public cloud servers. Before the images are uploaded onto the public cloud servers they are encoded using user supplied keys by trusted-cloud servers. We fully describe the chaotic map based image encoding algorithm and perform a detailed security anal- ysis of it. Our security analysis demonstrates that the encoding scheme is robust against a wide variety of threats. Additionally, we implemented many pixel-level filtering operations on images over the proposed encoding and found that the overhead is less than 20%.

  • A. Ranjbar and M. Maheswaran, “Confidentiality and Integrity in Crowdsourcing Systems,” Springer Briefs in Applied Science and Engineering, Springer, November 2013.
  • M. Maheswaran and D. Bhattacharya, “Reality over Web: Pervasive Computing Meets the Web,” Tsinghua Science and Technology, vol. 18, no. 6, December 2013, pp. 568–576 (invited paper).

ABSTRACT - This paper presents a chaotic map based image encoding scheme that allows pixel-level operations to be applied on an image while it remains encoded. Using this image encoding scheme, sensitive images can be manipulated by untrusted public cloud servers. Before the images are uploaded onto the public cloud servers they are encoded using user supplied keys by trusted-cloud servers. We fully describe the chaotic map based image encoding algorithm and perform a detailed security anal- ysis of it. Our security analysis demonstrates that the encoding scheme is robust against a wide variety of threats. Additionally, we implemented many pixel-level filtering operations on images over the proposed encoding and found that the overhead is less than 20%.

Publications in 2012

  • A. Nourian and M. Maheswaran, “Towards Privacy Enhanced Limited Image Processing in the Clouds,” 9th Middleware Doctoral Symposium of the 13th ACM/IFIP/USENIX International Middleware Conference, December 2012, Montreal, Canada.

ABSTRACT - Image processing and storage are enormously resource intensive tasks that can benefit from cloud computing. Lack of robust mechanisms for controlling the privacy of the data outsourced to clouds is one of the concerns in using clouds for image processing. This paper presents a new image encoding scheme that enhances the privacy of the images outsourced to the clouds while allowing the clouds to perform certain forms of computations on the images. Our encoding scheme uses a chaotic map to transform the image after it is masked with an arbitrarily chosen ambient image. A simplified prototype of the image processing system was implemented and the experimental results are presented in this paper. Our prototype shows the feasibility of performing a class of image processing tasks on images encoded for privacy.

  • A. Nourian and M. Maheswaran, “Using Segmentation for Confidentiality Aware Image Storage and Retrieval on Clouds,” IEEE Globecom, December 2012, California, USA.

ABSTRACT - Cloud computing is ideally suited for hosting ap- plications with large images because clouds can perform high performance computations and communications at very low upfront cost. While the benefits of clouds are compelling for image processing applications, security and privacy issues in using clouds are creating major problems. Because clouds are not passive storage devices, it is important to avoid encryption schemes that secure the data while preventing efficient processing of the data by the clouds. Therefore, this paper, is investigating approaches where segmentation is used to split the image data across multiple clouds. We show that segmentation, although a simple idea, can bring several benefits when deployed in cloud computing. A prototype of the system has been developed and initial performance results are reported here.

  • A. Nourian and M. Maheswaran, “Measuring the Availability of Images Posted on Social Media Sites,” 4th International Workshop on Multimedia Computing and Communications held in conjunction with the 21st International Conference on Computer Communications and Networks (ICCCN) July 2012, Munich, Germany.

ABSTRACT - The amount of data stored in social media sites is humongous. It has very large in numbers and very diverse in variety. Researchers have already started using this information in various information security applications such as censorship resistance. When image data from social media sites are used in computational applications for hiding data or obfuscating data, it is important to retrieve the particular data used in the encoding process to retrieve the original data. Therefore, the availability of the image data is an important concern. In this paper, we investigated the availabilities of the images on Flickr. We examined nearly one million images hosted on Flickr and measured their availability in a two year period. We used the EXIF parameters normally generated by the cameras to further categorize the availabilities.

  • A. Nourian and M. Maheswaran, “Privacy Enhanced Pixel-Level Image Processing in the Clouds,” 5th IEEE/ACM International Conference on Utility and Cloud Computing, November 2012, Chicago, USA

ABSTRACT - Image processing and storage are enormously resource intensive tasks that can benefit from cloud computing. Lack of robust mechanisms for controlling the privacy of the data outsourced to clouds is one of the concerns in using clouds for image processing. This paper presents a new image encoding scheme that enhances the privacy of the images outsourced to the clouds while allowing the clouds to perform certain forms of computations on the images. Our prototype shows the feasibility of performing a class of image processing tasks on images encoded for privacy.

  • A. Nourian and M. Maheswaran, “Towards Privacy-Preserving Image Template Matching in the Clouds,” International Workshop on Data Analytics and Mining in the Cloud held in conjunction with 4th IEEE International Conference on Cloud Computing (CloudCom), December 2012, Taipei, Taiwan.

ABSTRACT - Template matching is a fundamental building block for image search operations. In this paper, we present a scheme that allows privacy-preserving template matching operations on images that are stored on clouds. Our scheme uses “ambient image data” (images that are found in social media sites such as Flickr) as well as a privacy-preserving encoding technique to encode a given image before it is stored in a cloud. We show a particular encoding strategy that allows template matching to take place in the cloud while not revealing any information about the image or queried template to the cloud. A simplified prototype of the image processing system was implemented and the experimental results are presented in this paper. Our prototype shows the feasibility of performing privacy-aware template matching on encoded images.

  • V. Maheshwari, A. Nourian, and M. Maheswaran, “Character-based Search with Data Confidentiality in the Clouds,” International Workshop on Cloud Computing for Research Collaborations held in conjunction with 4th IEEE International Conference on Cloud Computing (CloudCom), December 2012, Taipei, Taiwan.

ABSTRACT - Recently, searching over encrypted data has become a hot research topic. Basic idea of privacy enhanced search is to generate an intermediate representation of the original text data and use it to perform the search. Prior research has used hash maps, tries, and other data structures to create the intermediate representation. We use a texture scheme for representing the characters. To enhance the privacy the textures are split and noise is added to each of the portions such that all portions of a texture needs to be collected to recover the original data in an unambiguous manner. One of the key advantages of our scheme is the ability to implement most of the search schemes (e.g., wildcard searches) that are performed with plain text searches. This paper fully describes our data representation scheme and presents the experimental data we gathered by implementing the scheme in a server cluster.

Publications in 2011

  • A. Ranjbar and M. Maheswaran, “ Towards Community-Centric Integrity Management in Crowd-Sourced Systems,” Joint Workshop on Complex Networks and Pervasive Group Communication (in conjunction with IEEE Globecom), December 2011, Texas, USA.

ABSTRACT - Integrity is an important concern in any knowledge management system. This paper discusses an ongoing research work that aims to develop a community-centric integrity management system for a large-scale knowledge management system that works on the Internet.

  • A. Ranjbar and M. Maheswaran, “Blocking in Community-Centric Information Management Approaches for the Social Web,” IEEE Globecom, December 2011, Texas, USA.

ABSTRACT - Social networks are emerging as the arteries for information flow on the web. In a previous paper, we introduced a new community-centric approach for information flow control for the social web. This paper introduces two key improvements to the previously introduced mechanisms. The first improvement is the ability to model user heterogeneity with regard to information relaying on the social web. The second improvement is the ability to reduce information flow to a specific user (i.e., block information flowing to a specific user). We evaluate the algorithmic ideas using traces of interactions obtained from Facebook and Flickr. Our evaluations indicate that the algorithmic ideas developed by us are useful in controlling the information flow in the social web.

  • S. Asaduzzaman and M. Maheswaran, “ Decentralized Management of Bi-modal Network Resources in a Distributed Stream Processing Platform,” Journal of Parallel and Distributed Computing, vol. 71, no. 6, June 2011, pp. 774-787.

ABSTRACT - This paper investigates how a hybrid hosting platform made from dedicated and opportunistic resources can be used to host data stream processing applications. We pro- pose a system model for the hybrid hosting platform and develop resource management algorithms that are neces- sary to coordinate the allocation of the two classes of resources to the stream processing tasks. We used extensive simulations driven by traces styled from realistic system observations for evaluating the proposed resource alloca- tion heuristics. The results show that with proper man- agement, the synergy of dedicated and opportunistic re- sources yields considerably higher service throughput and thus, higher return on investment over expensive dedicated resources.

  • A. Nourian and M. Maheswaran, “ Privacy and Security Requirements of Data Intensive Computing in Clouds,” Handbook of Data Intensive Computing, (edited by Borko Furht and Armando Escalante), Springer, 2011.

ABSTRACT - The scale and cost efficiencies provided by clouds make them ideal platforms for handling data intensive applications in variety of different sectors including e-health, e-commerce, and surveillance applications. This chapter investigates the privacy and security issues of large data sets that are stored and processed in cloud computing systems. If the experience gained from web-based transaction management systems is any indication, the safety of data held by cloud computing systems is not impregnable. There are various factors contributing to the data insecurity including the data handling policies adopted by the cloud operators, best practices adopted by the cloud provider in recycling used storage elements, and characteristics of the data handled by the clouds.

  • A. Ranjbar and M. Maheswaran, “ Community-Centric Approaches for Confidentiality Management in Online Systems,” 20th IEEE International Conference Computer Communication Networks (ICCCN 2011), July-August 2011, Hawaii, USA.

ABSTRACT - The dominant role of social networking in the web is turning human relations into conduits for information flow. This means the way information spreads on the web is determined to a large extent by human decisions. Consequently, information security lies on the quality of decisions made by the users. Moreover, information spreading patterns rely on the collective decisions of interconnected sets of users. In this paper, we present a novel community-centric confidentiality control mechanism for information flow management on the web. We use a Monte Carlo based algorithm to determine the potential spread of a shared data object and inform the user of risk of information leakage associated with the different sharing decisions she can make in a social network. Using the information provided by our algorithm a user can curtail sharing decisions to reduce the risk of information leakage. Alternatively, our algorithm can provide input to a fully- or semi-automatic sharing decision maker that determines the outcomes of sharing requests. We used datasets from Facebook and Flickr to evaluate the performance of the proposed algorithms under different sharing conditions. The simulation results indicate that information sharing can be effectively controlled by our algorithm.

Publications in 2010

  • A. Ranjbar and M. Maheswaran, “A Case for Community-Centric Controls for Information Sharing on Online Social Networks,” IEEE Globecom 2010 Workshop on Complex and Communication Networks, December 2010, Miami, Florida, USA.

ABSTRACT - In this paper, for controlling information sharing in online social networks (OSNs) we present a community-centric access control mechanism called myCommunity. We develop heuristic ideas for efficiently computing myCommunities in OSNs and evaluate it using traces from actual OSNs. The experimental results indicate that myCommunity is a feasible idea and simple estimation strategies can be effective to obtain an initial value. In ongoing work, we are extending myCommunity to incorporate the dynamic nature of the trust within OSNs.

  • K. Wang, A. Malozemoff, N. Jia, C. Han, and M. Maheswaran, “A Social Accountability Framework for Computer Networks,” IEEE Globecom 2010 - Next Generation Networking Symposium, December 2010, Miami, Florida, USA.

ABSTRACT - We present an accountability framework for the Internet which ties a user's action to her identity on an online social network. The framework is optional in that users do not need to be accountable at all times, but various web services can force accountability on the part of their users by only allowing accountable users access. Our design is general enough that higher level applications can place additional policies/restrictions on the basic accountability provided. In this paper, we introduce the design, discuss how various applications can be mapped onto our framework, and provide performance numbers from an experimental prototype.

  • M. Maheswaran, B. Ali, H. Ozguven, and J. Lord, “Online Identities and Social Networking,” in Handbook of Social Network Technologies and Applications, (edited by B. Furht), Springer, 2010.
  • B. Ali and M. Maheswaran, “Aligning the Incentives for Social Media Distribution,” Technical Report, School of Computer Science, January 2010.

ABSTRACT - One of the key challenges in digital media distribution is digital rights management (DRM). DRM is a classic example of a problem that arises due to incentive misalignments that exists among transacting parties in a network. Because of misaligned incentives users have the inclination to break DRM if it becomes technically possible. This paper draws upon work in group lending and social psychology to develop a novel social media distribution scheme. The key objective is to x the incentive misalignment that exists between the users and media distributors. Using game theoretic modelling, certain conditions that should hold for social media distribution to work are educed. Tech Report (PDF)

Publications in 2009

  • A. Nourian, S. Ishtiaq, and M. Maheswaran, “CASTLE: A Social Framework for Collaborative Anti-Phishing Databases,” 5th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2009), December 2009, Washington D.C., USA.

ABSTRACT - Phishing is a major problem on the Internet. The cornerstone of anti-phishing is detecting whether a given site is good or bad. Most of the approaches for anti-phishing rely on looking up centrally maintained repositories. In this paper, we present a decentralized framework called CASTLE that allows a collaborative approach for anti-phishing services. We implemented a prototype and then tested it on Planet-lab. The experiments indicate the viability of our framework.

  • B. Ali and M. Maheswaran, “A Game Theoretic Analysis of Blacklisting in Online Data Storage Systems,” 2009 IEEE Globecom, November 2009, Honolulu, Hawaii, USA.

ABSTRACT - In this paper, we investigate the problem of online data sharing on social networks from a game theoretic framework. We introduce blacklisting as trigger strategy to elicit cooperation among the players of a noncooperative sharing game. Using game theoretic analysis, we show the existence of an equilibrium in which the sharing conditions are honored when the involved players employ blacklisting strategies. Full Paper (PDF)

  • A. Malozemoff and M. Maheswaran, “Socially Enhanced Network Address Translation,” Workshop on Leveraging Social Patterns for Privacy, Security, and Network Architectures (SP4SPNA09) (held in conjunction with SocialCom 2009), August 2009, Vancouver, Canada.

ABSTRACT - The rapid evolution of the Internet has forced the use of Network Address Translation (NAT) to help slow the decline of publicly available IPv4 addresses. While providing additional address space as well as privacy and security to its users, NAT eliminates the ability to establish incoming connections to devices within a private network. To address this issue, we propose combining social network topologies with the traditional NAT architecture to better integrate peer-to-peer communication through NATed networks. Called SocialNAT, this socially enhanced NAT allows incoming connections from trusted parties, resolving one of the central criticisms of the NAT approach. Full Paper (PDF)

  • B. Soleymani and M. Maheswaran, “Social Authentication Protocol for Mobile Phones,” International Symposium on Social Intelligence and Networking (SIN-09), August 2009, Vancouver, Canada.

ABSTRACT - Usernames and passwords that rely on the “something you know” factor is still the mainstay of authenticating on the web. In a mobile web, where users interact using mobile devices (mainly cellular phones), the username and password approach to authentication is not ideal.We need implicit approaches that require very little or no input from the users. This paper presents a new approach to use the “someone you know” factor for authentication using mobile phones. We have implemented the authentication protocol on Nokia N95 phones. We present some initial performance results from the implementation to demonstrate the viability of the approach in terms of time required to run the protocol and battery life. Full Paper (PDF)

  • B. Ali and M. Maheswaran, “Using Social Factors in Digital Rights Management,” 4th USENIX Workshop on Hot Topics on Security, August 2009, Montreal, Canada.

ABSTRACT - This paper describes how social factors can be incorporated into digital rights management. Specifically, we outline a design for a social distribution network that is built by agents that have incentive to discourage piracy. We pose the social distribution network formation as a game theoretic problem and identify the games played by the two types of agents. Full Paper (PDF)

  • M. Maheswaran, A. Malozemoff, D. Ng, S. Liao, S. Gu, B. Maniymaran, J. Raymond, R. Shaikh, and Y. Gao, “GINI: A User-level Toolkit for Creating Micro Internets for Teaching & Learning Computer Networking,” 12th ACM SIGCSE Conference on Innovation and Technology in Computer Science Education, March 2009, Chattanooga, Tennessee, USA.

ABSTRACT - GINI (GINI Is Not Internet) is an open-source toolkit for creating virtual micro Internets for teaching and learning computer networking. It provides lightweight virtual elements for machines, routers, switches, and wireless devices that can be interconnected to create virtual networks. The virtual elements run as unprivileged user-level processes. All processes implementing a virtual network can run within a single machine or can be distributed across a set of machines. The GINI provides a user-friendly GUI-based tool for designing, starting, inspecting, and stopping virtual network topologies. This paper describes the di erent components of GINI, briefly discusses ways of using the toolkit in a computer networking course, and reports on user feedback on an early (incomplete) version of the toolkit. Full Paper (PDF)

  • A. Frankel and M. Maheswaran, “Feasibility of a Socially Aware Authentication Scheme,”, 6th IEEE Consumer Communication and Networking Conference, January 2009, Las Vegas, Nevada, USA.

ABSTRACT - Social interaction is already a proven component of informal identification: humans are naturally skilled at recognizing other people and are unlikely to be duped by impersonation. Based on this premise, a fourth-factor, someone-you-know, has already been proposed as an emergency authentication method. This paper explores leveraging a user’s preexisting social actions as a primary authentication tool, one that operates transparently and automatically without explicit user guidance. Specifically, we describe the feasibility of capturing a user’s local social context using short range wireless devices and evaluate the uniqueness of that context in comparison to that of possible aggressors. Full Paper (PDF)

Publications in 2008

  • G. Arboit, C. Crepeau, C. Davis, and M. Maheswaran, “A localized certificate revocation scheme for mobile ad hoc networks,” Ad Hoc Networks Journal, Vol. 6, No. 1, 2008, pp. 17-31.

ABSTRACT - The issue of certificate revocation in mobile ad hoc networks (MANETs) where there are no on-line access to trusted authorities, is a challenging problem. In wired network environments, when certificates are to be revoked, certificate authorities (CAs) add the information regarding the certificates in question to certificate revocation lists (CRLs) and post the CRLs on accessible repositories or distribute them to relevant entities. In purely ad hoc networks, there are typically no access to centralized repositories or trusted authorities; therefore the conventional method of certificate revocation is not applicable. In this paper, we present a decentralized certificate revocation scheme that allows the nodes within aMANET to revoke the certificates of malicious entities. The scheme is fully contained and it does not rely on inputs from centralized or external entities. Full Paper (PDF)

  • S. Asaduzzaman and M. Maheswaran, “Using Dedicated and Opportunistic Networks in Synergy for a Cost-Effective Distributed Stream Processing Platform,” 14th IEEE International Conference on Parallel and Distributed Systems (ICPADS'08), December 2008, pp. 56-63, Melbourne, Australia.

ABSTRACT - This paper presents a case for exploiting the synergy of dedicated and opportunistic network resources in a distributed hosting platform for data stream processing applications. Our previous studies have demonstrated the benefits of combining dedicated reliable resources with opportunistic resources in case of high-throughput computing applications, where timely allocation of the processing units is the primary concern. Since distributed stream processing applications demand large volume of data transmission between the processing sites at a consistent rate, adequate control over the network resources is important here to assure a steady flow of processing. In this paper, we propose a system model for the hybrid hosting platform where stream processing servers installed at distributed sites are interconnected with a combination of dedicated links and public Internet. Decentralized algorithms have been developed for allocation of the two classes of network resources among the competing tasks with an objective towards higher task throughput and better utilization of expensive dedicated resources. Results from extensive simulation study show that with proper management, systems exploiting the synergy of dedicated and opportunistic resources yield considerably higher task throughput and thus, higher return on investment over the systems solely using expensive dedicated resources. Full Paper (PDF)

  • W. Villegas, B. Ali, and M. Maheswaran, “An Access Control Scheme for Protecting Personal Data,” Sixth Annual Conference on Privacy, Security and Trust (PST 2008), October 2008, pp. 24-35, New Brunswick, Canada.

ABSTRACT - We present a personal data access control (PDAC) scheme inspired by protection schemes used in communities for sharing valuable commodities. We assume PDAC users are members of an online social network such as facebook.com. PDAC computes a “trusted distance” measure between users that is composed of the hop distance on the social network and an affine distance derived from experiential data. The trusted distance classifies users into three zones: acceptance, attestation, and rejection. User requests falling in the acceptance zone are accepted immediately while the requests in the rejection zone are rejected outright. Requests in the attestation zone need additional authorization to gain access. PDAC also tracks reposts to minimize the spread of data beyond the limits set by the data originator. PDAC was implemented on a social network emulator to demonstrate its viability. The performance of certain PDAC functions were examined using simulations driven by portions of social graphs obtained from myspace.com. Full Paper (PDF)

Publications in 2007

  • S. Asaduzzaman and M. Maheswaran, “Strategies to Create Platforms for Differentiated Services from Dedicated and Opportunistic Resources,” Journal of Parallel and Distributed Computing, Vol. 67, No. 10, Oct. 2007, pp. 1119-1134.

ABSTRACT - This paper is proposing a new platform for implementing services in future service oriented architectures. The basic premise of our proposal is that by combining the large volume of uncontracted resources with small clusters of dedicated resources, we can dramatically reduce the amount of dedicated resources while the goodput provided by the overall system remains at a high level. This paper presents particular strategies for implementing this idea for a particular class of applications. We performed very detailed simulations on synthetic and real traces to evaluate the performance of the proposed strategies. Our findings on compute-intensive applications show that preemptive reallocation of resources is necessary for assured services. The proposed preemption-based scheduling heuristic can significantly improve utilization of the dedicated resources by opportunistically offloading the peak loads on uncontracted resources, while keeping the service quality virtually unaffected. Full Paper (PDF)

  • B. Maniymaran and M. Maheswaran, “Bandwidth Landmarking: A Scalable Bandwidth Prediction Mechanism for Distributed Systems,” IEEE Globecom 2007, Nov. 2007, pp. 248-252, Washington, DC, USA.

ABSTRACT - This paper presents a new bandwidth inference mechanism that can be used to predict bandwidth across two nodes on the Internet. We used simulation and actual implementation on PlanetLab to compare the performance of the proposed mechanism against an existing approach. The results indicate that our approach is lightweight and yields better performance. Full Paper (PDF)

  • B. Ali, W. Villegas, and M. Maheswaran, “A Trust based Approach for Protecting User Data in Social Networks,” 18th Annual International Conference on Computer Science and Software Engineering (CASCON '07), Oct. 2007, pp. 288-293, Richmond-Hill, Ontario, Canada.

ABSTRACT - Social networks are graphs that represent relations among people, institutions, and their activities. We introduce a novel social access control (SAC) strategy inspired by multi-level security (MLS) [1] for protecting data on social networks. In MLS, the data objects and subjects are classified in hierarchical levels based on security clearance and access controlled accordingly. Instead of clearance levels, we use trust levels to annotate objects and subjects. The trust level of an object is specified by the creator. The trust level of a subject is obtained from a trust modeling process [2, 3]. Reading a data object is controlled using the relative trust values of subjects and objects. We describe one aspect of the SAC model that supports the confidentiality of read-only data objects. We performed simulation studies using traces from the flickr.com social network to evaluate the performance of some key primitives used in the SAC design. Full Paper (PDF)

  • C. Crepeau, C. R. Davis and M. Maheswaran, “A Secure MANET Routing Protocol with Resilience Against Byzantine Behaviours of Malicious or Selfish Nodes,” 2nd IEEE Symposium on Pervasive Computing and Ad Hoc Communications (PCAC 07), Vol. 02, May 2007, pp. 19-26.

ABSTRACT - Secure routing in mobile ad hoc networks (MANETs) has emerged as a important MANET research area. MANETs, by virtue of the fact that they are wireless networks, are more vulnerable to intrusion by malicious agents than wired networks. In wired networks, appropriate physical security measures, such as restriction of physical access to network infrastructures, can be used to attenuate the risk of intrusions. Physical security measures are less effective however in limiting access to wireless network media. Consequently, MANETs are much more susceptible to infiltration by malicious agents. Authentication mechanisms can help to prevent unauthorized access to MANETs. However, considering the high likelihood that nodes with proper authentication credentials can be taken over by malicious entities, there are needs for security protocols which allow MANET nodes to operate in potential adversarial environments. In this paper, we present a secure on-demand MANET routing protocol, we named Robust Source Routing (RSR). In addition to providing data origin authentication services and integrity checks, RSR is able to mitigate against intelligent malicious agents which selectively drop or modify packets they agreed to forward. Simulation studies confirm that RSR is capable of maintaining high delivery ratio even when a majority of the MANET nodes are malicious. Full Paper (PDF)

  • A. Mitra and M. Maheswaran, “Trusted Gossip: A Rumor Resistance Dissemination Mechanism for Peer-to-Peer Information Sharing,” 21st IEEE International Conference on Advanced Information Networking and Applications (AINA), May 2007, pp. 702-707, Niagara Falls, Canada.

ABSTRACT - Epidemic protocols such as gossip have proven to have many desirable properties for information sharing. However, trust is one of the issues that is yet to be examined with respect to these protocols. In this paper, we present a trusted gossip protocol that uses trust estimates to impede spreading of rumors with reasonable message and processing overheads. We use traces collected from known social networks to estimate the performance of trusted gossip. Full Paper (PDF)

  • B. Maniymaran, M. Maheswaran, and Y. Gao, “Benefits of Clustering in Landmark-aided Positioning Algorithms,” 21st International Symposium on High Performance Computing Systems and Applications (HPCS'07), May 2007, 12 pages, Saskatoon, Saskatchewan, Canada (CD-ROM proceedings).

ABSTRACT - In this paper, we propose simple and practical strategies to improve the trustworthiness of network positioning schemes. In particular, our strategies make network positioning immune to non-random perturbations such as denial-of-service attacks and localized network congestion. Additionally, we studied the overhead generated by existing network positioning algorithms and propose an algorithm that results in low overhead while retaining very high accuracies. We performed extensive simulations and implementations on PlanetLab to examine the performance trade-offs. Full Paper (PDF)

  • S. Asaduzzaman and M. Maheswaran, “Towards a Decentralized Algorithm for Mapping Network and Computational Resources for Distributed Data-flow Computations,” 21st International Symposium on High Performance Computing Systems and Applications (HPCS'07), May 2007, 12 pages, Saskatoon, Saskatchewan, Canada (CD-ROM proceedings).

ABSTRACT - Several high-throughput distributed data-processing applications require multi-hop processing of streams of data. These applications include continual processing on data streams originating from a network of sensors, composing a multimedia stream through embedding several component streams originating from different locations, etc. These data-flow computing applications require multiple processing nodes interconnected according to the data-flow topology of the application, for on-stream processing of the data. Since the applications usually sustain for a long period, it is important to optimally map the component computations and communications on the nodes and links in the network, fulfilling the capacity constraints and optimizing some quality metric such as end-to-end latency. The mapping problem is unfortunately NP-complete and heuristics have been previously proposed to compute the approximate solution in a centralized way. However, because of the dynamicity of the network, it is practically impossible to aggregate the correct state of the whole network in a single node. In this paper, we present a distributed algorithm for optimal mapping of the components of the data flow applications. We propose several heuristics to minimize the message complexity of the algorithm while maintaining the quality of the solution. Full Paper (PDF)

  • M. Maheswaran, H. C. Tang, and A. Ghunaim, “Towards a Gravity-based Trust Model for Social Networking Systems,” Workshop on Trust and Reputation Management in Massively Distributed Computing Systems (TRAM), (held in conjunction with IEEE ICDCS), June 2007, Toronto, Canada.

ABSTRACT - Web-based social networks are emerging as the top applications on the Internet. With this immense popularity, many of the shortcomings of the current social network deployments are also coming to light. One of the glaring problems with existing web-based social networks is trust management. In this paper, we focus on trust modeling in social networks. Another allied issue that is not considered here is using trust in managing the activities within the social network. We introduce a gravity-based model for estimating trust. We present the complete model along with the trust computation algorithms. We present initial results from a simulation study that investigates the feasibility of the proposed scheme. Full Paper (PDF)

  • A. Mitra and M. Maheswaran, “Impact of Peer Churning on Trusted Gossiping for Peer-to-Peer Information Sharing,” Workshop on Trust and Reputation Management in Massively Distributed Computing Systems (TRAM), (held in conjunction with IEEE ICDCS), June 2007, Toronto, Canada.

ABSTRACT - In a recent study we proposed a trusted gossip protocol for rumor resistant information sharing in peer-to- peer networks. Experiments using trace data collected from social networks like Flickr and other data sets showed that the trusted protocol can achieve significant reductions in rumor spreading with reasonable message and processing overheads. The study, however, did not consider node churn - a continuous process of node arrival and departure. In this paper, we show through experiments that the trusted gossip protocol can continue to perform equally well with churning nodes as in no-churn situations. We examine the trusted gossip protocol using synthetic and real traces for node churning collected from the Myspace social network. Our experiments show that the trusted protocol performance is considerably resilient even to extreme churning conditions. Full Paper (PDF)

Publications in 2006

  • S. Asaduzzaman and M. Maheswaran, “Utilizing Unreliable Public Resources for Higher Profit and Better SLA Compliance in Public Computing Utilities,” Journal of Parallel and Distributed Computing, Vol. 66, No. 6, June 2006, pp. 796-806.
  • F. Azzedin, M. Maheswaran, and A. Mitra, “Brokering and Its Use for Resource Matchmaking in Public-Resource Grids,” Journal of Grid Computing, Vol. 4, No. 3, Sep. 2006, pp. 247-263.

Publications in 2005

  • A. Mitra, R. Udupa, and M. Maheswaran, “A Secured Hierarchical Trust Management Framework for Public Computing Utilities,” 16th Annual International Conference on Computer Science and Software Engineering (CASCON ’05), Oct. 2005.
  • A. Mitra, R. Udupa, and M. Maheswaran, “A Secured Trust Management Framework for Public Computing Utilities,” 5th Global and Peer-to-Peer Computing Workshop (GP2PC?), (held in conjunction with CCGrid 2005), May, 2005.
  • A. Mitra, M. Maheswaran and S. Ali, “Measuring the Scalability of Resource Management Systems,” 14th IEEE Heterogeneous Computing Workshop (HCW) (held in conjunction with IPDPS 2005), Apr., 2005.
  • S. Asaduzzaman and M. Maheswaran, “Utilizing Unreliable Public Resources for Higher Profit and Better SLA Compliance in Public Computing Utilities,” Journal of Parallel and Distributed Computing, Vol. 66, No. 6, pp. 796-806, 2006.
  • M. Rashid, A. S. Alfa, E. Hossain, M. Maheswaran, “An Analytical Approach to Providing Controllable Differentiated Quality of Service in Web Servers,” IEEE Transactions on Parallel and Distributed Systems, Nov. 2005, Vol. 16, No. 11, pp. 1022-1033.

Publications in 2004

  • Y. Yang and M. Maheswaran, “Heuristics for Resource Provisioning in Computing Utilities Using Dedicated and Non-Dedicated Resources,” 1st Workshop on Dynamic Provisioning and Resource Management (held in conjunction with International Conference on High Performance Computing), Bangalore, India, December 2004 (CD-Rom Proceedings).
  • P. Card and M. Maheswaran, “Towards a Wide-Area Online Benchmarking Architecture for Service Hosting Platforms,” 1st Workshop on Dynamic Provisioning and Resource Management (held in conjunction with International Conference on High Performance Computing), Bangalore, India, December 2004 (CD-Rom Proceedings).
  • B. Maniymaran and M. Maheswaran, “On the Benefits of Profile-Based Naming for Large Network Computing Systems,” 16th International Conference on Parallel and Distributed Computing and Systems (PDCS 2004), November 2004, Cambridge, Massachusetts, USA.
  • M. Maheswaran and S. Ali, “A Taxonomy of Network Computing Systems”, IEEE Computer, Vol. 37, No. 10, pp. 115-117, Oct. 2004.
  • S. Asaduzzaman and M. Maheswaran, “Leveraging Public Resource Pools to Improve the Service Compliances of Computing Utilities,” 11th International Conference on High Performance Computing (HiPC 2004), December 2004, Bangalore, India.
  • M. Maheswaran, B. Maniymaran, S. Asaduzzaman, and A. Mitra, “Towards a Quality of Service Aware Public Computing Utility,” 1st IEEE NCA Workshop on Adaptive Grid Computing (in the proceedings of 3rd IEEE Symposium on Network Computing), August 2004, Cambridge, Massachusetts, USA.
  • B. Chen and M. Maheswaran, “A Fair Synchronization Protocol with Cheat Proofing for Decentralized Online Multiplayer Games,” 1st IEEE NCA Workshop on Adaptive Grid Computing (in the proceedings of 3rd IEEE Symposium on Network Computing), pp. 372-375, August 2004, Cambridge, Massachusetts, USA.
  • B. Chen and M. Maheswaran, “A Cheat Controlled Protocol for Centralized Online Multiplayer Games,” ACM SIGCOMM 2004 Workshop on Network and System Support for Games (NetGames? 2004), August 2004, Portland, Oregon, USA.
  • R. Bhinder, M. Maheswaran, and J. Diamond, “Evaluation of Request Distribution Schemes for Web-Server Clusters,” IEEE Canadian Conference on Electrical & Computer Engineering (CCECE '04), May 2004, Hamilton, Ontario, Canada.
  • F. Azzedin and M. Maheswaran, “Trust Brokering System and Its Application to Resource Management in Public-Resource Grids,” 18th IEEE International Parallel and Distributed Processing Symposium (IPDPS 2004), April 2004, Santa Fe, New Mexico, USA.
  • F. Azzedin, M. Maheswaran, and N. Arnason, “A Synchronous Co-allocation Mechanism for Grid Computing Systems,” Cluster Computing, The Journal of Networks, Software Tools and Applications, Vol. 7, No. 1, January 2004, pp. 39-49.

Publications in 2003

  • M. Maheswaran and A. Mitra, “Public Computing Utilities: Issues, Approaches, and Applications”, (Invited), Workshop on Knowledge Grid and Grid Intelligence (in conjunction with 2003 IEEE/WIC International Conference on Web Intelligence/Intelligent Agent Technology), October 2003, Halifax, Canada, pp. 147-157.
  • A. Mitra, M. Maheswaran, and J. A. Rueda, “A Wide-Area Content-based Routing Mechanism”, 3rd International Workshop on Internet Computing and E-Commerce (ICEC '03) (in conjunction with IPDPS 2003), April, 2003, Nice, France.
  • F. Azzedin and M. Maheswaran, “Trust Modeling for Peer-to-Peer based Computing Systems,” 12th IEEE Heterogeneous Computing Workshop (HCW 2003) (in conjunction with IPDPS 2003), Nice, France.
 
publications.txt · Last modified: 2014/09/12 09:55 by anrl · [Old revisions]