Search

Your search keyword '"Prasad Calyam"' showing total 404 results
Start Over Author "Prasad Calyam"
404 results on '"Prasad Calyam"'

202. Cyber Range for Research-Inspired Learning of 'Attack Defense by Pretense' Principle and Practice

Author

Matthew Rockey, Nafis Ahmed, Ramya Payyavula, Songjie Wang, Prasad Calyam, and Komal Bhupendra Vekaria

Subjects
Flexibility (engineering), Computer science, business.industry, Rank (computer programming), General Engineering, Cloud computing, Computer security, computer.software_genre, Computer Science Applications, Education, Software portability, Resource (project management), Scalability, Workforce, Task analysis, business, computer
Abstract

There is an increasing trend in cloud adoption of enterprise applications in, for example, manufacturing, healthcare, and finance. Such applications are routinely subject to targeted cyberattacks, which result in significant loss of sensitive data (e.g., due to data exfiltration in advanced persistent threats) or valuable utilities (e.g., due to resource the exfiltration of power in cryptojacking). There is a critical need to train highly skilled cybersecurity professionals, who are capable of defending against such targeted attacks. In this article, we present the design, development, and evaluation of the Mizzou Cyber Range, an online platform to learn basic/advanced cyber defense concepts and perform training exercises to engender the next-generation cybersecurity workforce. Mizzou Cyber Range features flexibility, scalability, portability, and extendability in delivering cyberattack/defense learning modules to students. We detail our “research-inspired learning” and “learn–apply–create” three-phase pedagogy methodologies in the development of four learning modules that include laboratory exercises and self-study activities using realistic cloud-based application testbeds. The learning modules allow students to gain skills in using latest technologies (e.g., elastic capacity provisioning, software-defined everything infrastructure) to implement sophisticated “attack defense by pretense” techniques. Students can also use the learning modules to understand the attacker–defender game in order to create disincentives (i.e., pretense initiation) that make the attacker's tasks more difficult, costly, time consuming, and uncertain. Lastly, we show the benefits of our Mizzou Cyber Range through the evaluation of student learning using auto-grading, rank assessments with peer standing, and monitoring of students’ performance via feedback from prelab evaluation surveys and postlab technical assessments.

Published
2021
Full Text
View/download PDF

203. HonestChain: Consortium blockchain for protected data sharing in health information systems

Author

Abu Saleh Mohammad Mosa, Naga Ramya Bhamidipati, Soumya Purohit, Prasad Calyam, Mauro Lemus Alarcon, and Khaled Salah

Subjects
Computer Networks and Communications, Computer science, media_common.quotation_subject, Cloud computing, 02 engineering and technology, Trust, Computer security, computer.software_genre, Article, Blockchain, 0202 electrical engineering, electronic engineering, information engineering, Hyperledger, Health information sharing, Reputation, media_common, business.industry, Testbed, 020206 networking & telecommunications, Predictive analytics, Service provider, Data sharing, Data access, Scalability, 020201 artificial intelligence & image processing, business, computer, Software
Abstract

Healthcare innovations are increasingly becoming reliant on high variety and standards-compliant (e.g., HIPAA, common data model) distributed data sets that enable predictive analytics. Consequently, health information systems need to be developed using cooperation and distributed trust principles to allow protected data sharing between multiple domains or entities (e.g., health data service providers, hospitals and research labs). In this paper, we present a novel health information sharing system viz., HonestChain that uses Blockchain technology to allow organizations to have incentive-based and trustworthy cooperation to either access or provide protected healthcare records. More specifically, we use a consortium Blockchain approach coupled with chatbot guided interfaces that allow data requesters to: (a) comply with data access standards, and (b) allow them to gain reputation in a consortium. We also propose a reputation scheme for creation and sustenance of the consortium with peers using Requester Reputation and Provider Reputation metrics. We evaluate HonestChain using Hyperledger Composer in a realistic simulation testbed on a public cloud infrastructure. Our results show that our HonestChain performs better than the state-of-the-art requester reputation schemes for data request handling, while choosing the most appropriate provider peers. We particularly show that HonestChain achieves a better tradeoff in metrics such as service time and request resubmission rate. Additionally, we also demonstrate the scalability of our consortium platform in terms of the Blockchain transaction times.

Published
2021
Full Text
View/download PDF

207. Evidence-Based Recommender System for a COVID-19 Publication Analytics Service

Author

Prasad Calyam, Aditya P. Biswal, Mauro Lemus Alarcon, Vidya Gundlapalli, Roland Oruche, Abhiram Malladi, Naga Ramya Bhamidipati, Hariharan Regunath, and Yuanxun Zhang

Subjects
Topic model, Service (systems architecture), General Computer Science, Computer science, 02 engineering and technology, Recommender system, computer.software_genre, literature review automation, Chatbot, Data modeling, 03 medical and health sciences, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Edge computing, 030304 developmental biology, recommender system, 0303 health sciences, Information retrieval, business.industry, social networking, General Engineering, 020206 networking & telecommunications, COVID-19 publication analytics, TK1-9971, Workflow, machine learning, Analytics, Electrical engineering. Electronics. Nuclear engineering, business, computer
Abstract

The rapid growth of COVID-19 publications has driven clinical researchers and healthcare professionals in pursuit to reduce the knowledge gap on reliable information for effective pandemic solutions. The manual task of retrieving high-quality publications based on the evidence pyramid levels, however, presents a major bottleneck in researchers’ workflows. In this paper, we propose an “evidence-based” recommender system namely, KnowCOVID-19 that utilizes an edge computing service to integrate recommender modules for data analytics using end-user thin-clients. The edge computing service features chatbot-based web interface that handles a given COVID-19 publication dataset using two recommender system modules: (i) evidence-based filtering that observes domain specific topics across the literature and classifies the filtered information according to a clinical category, and (ii) social filtering that allows diverse experts with similar objectives to collaborate via a “social plane” to jointly find answers to critical clinical questions to fight the pandemic. We compare the Domain-specific Topic Model (DSTM) used in our evidence-based filtering with state-of-the-art models considering the CORD-19 dataset (a COVID-19 publication archive) and show improved generalization effectiveness as well as knowledge pattern query effectiveness. In addition, we conduct a comparison study between a manual literature review process and the KnowCOVID-19 augmented process, and evaluate the benefits of our information retrieval techniques over important queries provided by COVID-19 clinical experts.

Published
2021

208. Multi-Cloud Performance and Security Driven Federated Workflow Management

Author

Ronny Bazan Antequera, Matthew Dickinson, Yuanxun Zhang, Dong Xu, Prasad Calyam, Tommi A. White, Saptarshi Debroy, Samaikya Valluripally, and Trupti Joshi

Subjects
021103 operations research, Computer Networks and Communications, business.industry, Computer science, Distributed computing, Quality of service, 0211 other engineering and technologies, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Security policy, Computer Science Applications, Domain (software engineering), Workflow, Resource (project management), Hardware and Architecture, 0202 electrical engineering, electronic engineering, information engineering, Resource allocation, Resource management, business, Software, Information Systems
Abstract

Federated multi-cloud resource allocation for data-intensive application workflows is generally performed based on performance or quality of service (i.e., QSpecs ) considerations. At the same time, end-to-end security requirements of these workflows across multiple domains are considered as an afterthought due to lack of standardized formalization methods. Consequently, diverse/heterogenous domain resource and security policies cause inter-conflicts between application's security and performance requirements that lead to sub-optimal resource allocations. In this paper, we present a joint performance and security-driven federated resource allocation scheme for data-intensive scientific applications. In order to aid joint resource brokering among multi-cloud domains with diverse/heterogenous security postures, we first define and characterize a data-intensive application's security specifications (i.e., SSpecs ). Then we describe an alignment technique inspired by Portunes Algebra to homogenize the various domain resource policies (i.e., RSpecs ) along an application's workflow lifecycle stages. Using such formalization and alignment, we propose a near optimal cost-aware joint QSpecs - SSpecs -driven, RSpecs -compliant resource allocation algorithm for multi-cloud computing resource domain/location selection as well as network path selection. We implement our security formalization, alignment, and allocation scheme as a framework, viz., “OnTimeURB” and validate it in a multi-cloud environment with exemplar data-intensive application workflows involving distributed computing and remote instrumentation use cases with different performance and security requirements.

Published
2021
Full Text
View/download PDF

214. REBATE: A REpulsive-BAsed Traffic Engineering protocol for dynamic scale-free networks

Author

Andrei M. Sukhov, Flavio Esposito, Prasad Calyam, and Dmitrii Chemodanov

Subjects
Routing protocol, Computer Networks and Communications, business.industry, Network packet, Computer science, Routing table, 020206 networking & telecommunications, 02 engineering and technology, Hardware and Architecture, Traffic engineering, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), 020201 artificial intelligence & image processing, The Internet, Routing (electronic design automation), business, Protocol (object-oriented programming), Software, Computer network
Abstract

Nowadays the abundance of IoT devices has the potential of changing our lives dramatically, but brings new routing and traffic orchestration challenges for the next-generation Internet providers: core routers are already overwhelmed, see e.g, the routing table size growth problem. Although some researchers still argue whether or not the next-generation networks should feature scale-free properties, recent results have shown benefits of embedding such scale-free networks in a hyperbolic space of negative curvature. Specifically, this allows geometrically route packets by using only a local topology knowledge ( i . e . , with average O ∗ ( 1 ) space–time complexity) at no extra communication overhead ( i . e . , without routing protocols). To our knowledge, however, there is no Traffic Engineering (TE) protocol with the aforementioned properties that can be used in dynamic scale-free networks. In this paper, we propose the first to our knowledge REpulsive-BAsed Traffic Engineering (REBATE) protocol for dynamic scale-free networks. REBATE is built upon dual principles of the demand-aware TE and fundamentals properties of hyperbolic spaces. Using trace-driven numerical simulations, we then show how REBATE can reduce the maximum link utilization up to 25% when compared to a common geometric routing-based traffic steering. Although REBATE can perform worse than common demands-aware and oblivious TE approaches, we think that our work should pave the way for more efficient TE in the next-generation dynamic scale-free networks.

Published
2020
Full Text
View/download PDF

215. vSocial: a cloud-based system for social virtual reality learning environment applications in special education

Author

Zhihai He, Prasad Calyam, Sai Shreya Nuguri, Samaikya Valluripally, Janine P. Stichter, Aniket Gulhane, and Roland Oruche

Subjects
Multimedia, Computer Networks and Communications, business.industry, Computer science, Wearable computer, 020207 software engineering, Cloud computing, Usability, Cognition, 02 engineering and technology, Special education, computer.software_genre, User experience design, Hardware and Architecture, Group learning, 0202 electrical engineering, electronic engineering, information engineering, Media Technology, Immersion (virtual reality), Web application, Virtual learning environment, Social competence, business, Curriculum, computer, Software
Abstract

Virtual Learning Environments (VLEs) are spaces designed to educate student groups remotely via online platforms. Although traditional VLEs have shown promise in educating students, they offer limited immersion that overall diminishes learning effectiveness. In this paper, we describe vSocial, a cloud-based virtual reality learning environment (VRLE) system that can be deployed over high-speed networks using the High Fidelity “social VR” platform. vSocial provides flexible control of group learning content and compliance with established VLE standards with improved immersive user experience for both instructor(s) and students. For our vSocial development, we build upon the use case of an existing special education VLE viz., iSocial that trains youth with Autism Spectrum Disorder by implementing the Social Competence Intervention (SCI) curriculum. The vSocial can be used to: (a) implement multiple learning modules using wearable VR technologies, (b) integrate cognitive state sensing devices, and (c) organize learning session data securely using web applications hosted on cloud resources. Our experiment results show that the VR mode of content delivery in vSocial better stimulates the generalization of lessons to the real world than non-VR lessons, and provides improved immersion when compared to an equivalent desktop version. Further, usability study results show that users can successfully use the web application features in vSocial for group learning activities with ease-of-use and consistency.

Published
2020
Full Text
View/download PDF

216. Frequency-Minimal Utility-Maximal Moving Target Defense Against DDoS in SDN-Based Systems

Author

Bidyut Mukherjee, Minh Nguyen, Roshan Lal Neupane, Prasad Calyam, Saptarshi Debroy, Ajay Kumar Eeralla, and Khaled Salah

Subjects
Computer Networks and Communications, Computer science, business.industry, Distributed computing, Testbed, Novelty, 020206 networking & telecommunications, Denial-of-service attack, Cloud computing, 02 engineering and technology, Reduction (complexity), Server, 0202 electrical engineering, electronic engineering, information engineering, Minification, Quality of experience, Electrical and Electronic Engineering, business
Abstract

With the increase of DDoS attacks, resource adaptation schemes need to be effective to protect critical cloud-hosted applications. Specifically, they need to be adaptable to attack behavior, and be dynamic in terms of resource utilization. In this paper, we propose an intelligent strategy for proactive and reactive application migration by leveraging the concept of ‘moving target defense’ (MTD). The novelty of our approach lies in: (a) stochastic proactive migration frequency minimization across heterogeneous cloud resources to optimize migration management overheads, (b) market-driven migration location selection during proactive migration to optimize resource utilization, cloud service providers (CSPs) cost and user quality of experience, and (c) fast converging cost-minimizing reactive migration coupled with a ‘false reality’ pretense to reduce the future attack success probability. We evaluate the effectiveness of our proposed MTD-based defense strategy using a Software-defined Networking (SDN) enabled GENI Cloud testbed for a “Just-in-time news articles and video feeds” application. Our frequency minimization results show more than 40% reduction in DDoS attack success rate in the best cases when compared to the traditional periodic migration schemes on homogeneous cloud resources. The results also show that our market-driven migration location selection strategy decreases CSP cost and increases resource utilization by 30%.

Published
2020
Full Text
View/download PDF

217. Fog Computing to Enable Geospatial Video Analytics for Disaster‐incident Situational Awareness

Author

Kannappan Palaniappan, Prasad Calyam, and Dmitrii Chemodanov

Subjects
Geospatial analysis, Multimedia, Situation awareness, Computer science, business.industry, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, Network virtualization, Cloud computing, computer.software_genre, Analytics, Video tracking, Quality of experience, business, computer, Edge computing
Abstract

Geospatial video analytics involves “data collection” of massive image/video data from the Internet of Things (IoT), and “data processing” through seamless computing at the infrastructure edge and core/public cloud platforms. Particularly in cases of (man‐made or natural) disaster incident response coordination scenarios, geospatial video analytics is valuable to provide situational awareness. The edge computing or fog computing needs to be designed with resilient performance while interfacing with the core cloud in order to cater to user's (i.e. incident commander's, first responder's) quality of experience (QoE) expectations. An additional barrier for geospatial video analytics is the fact that the distributed locations generating imagery or video content are rarely equipped with high‐performance computation capabilities to run computer vision algorithms. In this chapter, we explain the main architectural concepts of fog computing that can help in overcoming the resource scale/diversity limitations for real‐time geospatial video analytics, while also ensuring that reliability and management challenges are met.More specifically, we describe a novel cloud‐fog computing paradigm that integrates computer vision, edge routing, and computer/network virtualization areas in geospatial video analytics. We detail the state‐of‐the‐art techniques and illustrate our new/improved solution approaches based on “function‐centric” computing for the two problems of (1) high‐throughput data collection from IoT devices at the wireless edge, and (2) seamless data processing at the infrastructure edge and core cloud platforms. To assist the high‐throughput IoT data collection at the wireless edge, we present a novel deep learning‐augmented geographic edge routing that relies on physical area knowledge obtained from satellite imagery. To assist the seamless data processing, we describe a novel cloud‐fog computing framework that utilizes microservice decomposition and service chaining supported by a constrained‐shortest‐path algorithm. We conclude with a list of open challenges for adopting fog computing in geospatial video analytics for a variety of applications (e.g. face recognition in crowds, object tracking in aerial wide‐area motion imagery, reconnaissance, and video surveillance) relevant to delivering disaster‐incident situational awareness.

Published
2020
Full Text
View/download PDF

218. Fully Decentralized Multi-Party Consent Management for Secure Sharing of Patient Health Records

Author

Prasad Calyam, Samer Ellahham, Mohammad Madine, Raja Jayaraman, Khaled Salah, Ibrar Yaqoob, and Yousof Al-Hammadi

Subjects
Blockchain, 020205 medical informatics, General Computer Science, Smart contract, Computer science, Cloud computing, Cryptography, IPFS, 02 engineering and technology, Permission, Computer security, computer.software_genre, smart contracts, Ethereum, personal health records, Server, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, business.industry, General Engineering, Authorization, healthcare, Data sharing, Key (cryptography), 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, computer, lcsh:TK1-9971
Abstract

Patients are becoming aware of the importance of taking secure control and managing access over their medical data, thereby leading to the rise in the adoption of personal health record (PHR) systems. However, today’s PHR systems fall short in providing secure and trustable data sharing and access facilities to patients when they are in emergency situations or temporarily incapacitated. Also, the existing PHR systems are centralized and vulnerable to the single point of failure problem. Integrating PHR systems with blockchain technology can help to overcome such limitations. In this paper, we propose a blockchain-based PHR architecture that employs smart contracts to implement multi-party authorization (MPA) and threshold cryptographic schemes to automate secure and trustable medical data sharing and access in PHR systems. Moreover, we mitigate the limited storage and computation capabilities of blockchain by using InterPlanetary File System (IPFS) storage and reputation-governed trusted oracles into the proposed architecture. MPA and threshold cryptographic schemes allow the patient to split and share a secret key with a set of trusted parties, such as the healthcare regulatory agency, guardians, and hospitals, in such a way that they can collectively decide on sharing medical data on behalf of patients. We present algorithms along with their full smart contract function implementation details. We evaluate the robustness and performance of our solution by performing correctness verification and cost analysis. Furthermore, we evaluate the proposed approach in terms of security, generalization, and limitation aspects to find out its feasibility and practicality. We make our smart contract code publicly available on GitHub.

Published
2020

221. Contributors

Author

Mohamed Aleem Ali, T. Ananth Kumar, S. Arunmozhiselvi, Alka Bali, Nishu Bali, Rachid Benlamri, Prasad Calyam, Victor Chang, Chinmay Kumar Das, Rahul Kumar Dubey, Ashish Garg, Amin Gasmi, Ragib Hasan, Raiful Hasan, Alamgir Hossain, Mauro Lemus Alarcon, Prasant Kumar Nanda, Chandra Bhanu Nayak, Roland Oruche, Ashish Pandey, N. Raghavendra Rao, G. Rajakumar, Rojalin Sahu, R. Sharon Jebaleela, R. Shree Charran, Sukanta Chandra Swain, and Snigdha Tripathy

Published
2022
Full Text
View/download PDF

227. In-Situ Scanning Electron Microscope Chemical Vapor Deposition as a Platform for Nanomanufacturing Insights

Author

Gordon Koerner, Ramakrishna Surya, Kannappan Palaniappan, Prasad Calyam, Filiz Bunyak, and Matthew R. Maschmann

Abstract

While the physical properties of carbon nanotubes (CNTs) are often superior to conventional engineering materials, their widespread adoption into many applications is limited by scaling the properties of individual CNTs to macroscale CNT assemblies known as CNT forests. The self-assembly mechanics of CNT forests that determine their morphology and ensemble properties remain poorly understood. Few experimental techniques exist to characterize and observe the growth and self-assembly processes in situ. Here we introduce the use of in-situ scanning electron microscope (SEM) synthesis based on chemical vapor deposition (CVD) processing. In this preliminary report, we share best practices for in-situ SEM CVD processing and initial CNT forest synthesis results. Image analysis techniques are developed to identify and track the movement of catalyst nanoparticles during synthesis conditions. Finally, a perspective is provided in which in-situ SEM observations represent one component of a larger system in which numerical simulation, machine learning, and digital control of experiments reduces the role of humans and human error in the exploration of CNT forest process-structure-property relationships.

Published
2021
Full Text
View/download PDF

228. Rule-based Adaptations to Control Cybersickness in Social Virtual Reality Learning Environments

Author

Michael Fisher, Samaikya Valluripally, Prasad Calyam, Khaza Anuarul Hoque, Vaibhav Akashe, and David Falana

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer science, Event (computing), Control (management), Distance education, Computer Science - Human-Computer Interaction, Remote learning, Rule-based system, Virtual reality, Session (web analytics), Human-Computer Interaction (cs.HC), Computer Science - Distributed, Parallel, and Cluster Computing, Human–computer interaction, Key (cryptography), Distributed, Parallel, and Cluster Computing (cs.DC), Cryptography and Security (cs.CR)
Abstract

Social virtual reality learning environments (VRLEs) provide immersive experience to users with increased accessibility to remote learning. Lack of maintaining high-performance and secured data delivery in critical VRLE application domains (e.g., military training, manufacturing) can disrupt application functionality and induce cybersickness. In this paper, we present a novel rule-based 3QS-adaptation framework that performs risk and cost aware trade-off analysis to control cybersickness due to performance/security anomaly events during a VRLE session. Our framework implementation in a social VRLE viz., vSocial monitors performance/security anomaly events in network/session data. In the event of an anomaly, the framework features rule-based adaptations that are triggered by using various decision metrics. Based on our experimental results, we demonstrate the effectiveness of our rule-based 3QS-adaptation framework in reducing cybersickness levels, while maintaining application functionality. Using our key findings, we enlist suitable practices for addressing performance and security issues towards a more high-performing and robust social VRLE., Comment: Accepted for publication in the 8th International Conference on Future Internet of Things and Cloud (FiCloud2021)

Published
2021
Full Text
View/download PDF

229. Network-based Active Defense for Securing Cloud-based Healthcare Data Processing Pipelines

Author

Roshan Lal Neupane, Mauro Lemus Alarcon, Songjie Wang, Vaibhav Akashe, and Prasad Calyam

Subjects
Spoofing attack, Computer science, business.industry, Denial-of-service attack, Cloud computing, Data breach, computer.software_genre, Computer security, SQL injection, Analytics, Server, Malware, business, computer
Abstract

Active defense schemes are becoming critical to secure cloud-based applications in the fields such as healthcare, entertainment, and manufacturing. Active defense mechanisms in cloud platforms need to be robust against targeted attacks (such as Distributed Denial-of-Service (DDoS), malware, and SQL injection) that make servers unresponsive and/or cause data breaches/loss, which in turn can cause high impact especially for healthcare applications. In this paper, we present a novel network-based active defense mechanism viz., “defense by pretense” that uses real-time attack detection and creates cyber deception e.g., by redirecting attacker’s traffic to quarantine machines and sending spoofed responses to attacker for cloud-based healthcare data processing applications. We implement our active defense mechanism by creating a realistic testbed on AWS cloud platform featuring the Observational Health Data Sciences and Informatics (OHDSI) framework for protected health data analytics with electronic health record data (SynPUF) and COVID-19 publications (CORD-19). Our evaluation experiments show the need and effectiveness of our active defense mechanism against targeted resource and data exfiltration attacks. We compare our active defense system against state-of-the-art active defense works, and our results show that our system is cost-effective, scalable and easy to deploy for active defense.

Published
2021
Full Text
View/download PDF

230. Recommending heterogeneous resources for science gateway applications based on custom templates composition

Author

Arjun Ankathatti Chandrashekara, Prasad Calyam, Reshmi Mitra, and Ronny Bazan Antequera

Subjects
Scheme (programming language), Computer Networks and Communications, business.industry, Computer science, 020206 networking & telecommunications, Cloud computing, Provisioning, 02 engineering and technology, computer.software_genre, Resource (project management), Hardware and Architecture, Middleware, Middleware (distributed applications), Component (UML), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Resource management, business, Software engineering, computer, Software, Software configuration management, computer.programming_language
Abstract

Emerging interdisciplinary data-intensive science gateway applications in engineering fields (e.g., bioinformatics, cybermanufacturing) demand the use of high-performance computing resources. However, to mitigate operational costs and management efforts for these science gateway applications, there is a need to effectively deploy them on federated heterogeneous resources managed by external Cloud Service Providers (CSPs). In this paper, we present a novel methodology to deliver fast, automatic and flexible resource provisioning services for such application-owners with limited expertise in composing and deploying suitable cloud architectures. Our methodology features a Component Abstraction Model to implement intelligent resource ‘abstractions’ coupled with ‘reusable’ hardware and software configuration in the form of “custom templates” to simplify heterogeneous resource management efforts. It also features a novel middleware that provides services via a set of recommendation schemes for a context-aware requirement-collection questionnaire. Recommendations match the requirements to available resources and thus assist novice and expert users to make relevant configuration selections with CSP collaboration. To evaluate our middleware, we study the impact of user preferences in requirement collection, jobs execution and resource adaptation for a real-world manufacturing application on Amazon Web Services and the GENI cloud platforms. Our experiment results show that our scheme improves the resource recommendation accuracy in the manufacturing science gateway application by up to 21% compared to the existing schemes. We also show the impact of custom templates knowledgebase maturity at the CSP side for handling novice and expert user preferences in terms of the resource recommendation accuracy.

Published
2019
Full Text
View/download PDF

231. Increasing protected data accessibility for age-related cataract research using a semi-automated honest broker

Author

Samaikya Valluripally, Murugesan Raju, Prasad Calyam, Mauro Lemus, Soumya Purohit, Abu Mosa, and Trupti Joshi

Subjects
Ophthalmology
Abstract

Ophthalmology researchers are becoming increasingly reliant on protected data sets to find new trends and enhance patient care. However, there is an inherent lack of trust in the current healthcare community ecosystem between the data custodians (i.e., health care organizations and hospitals) and data consumers (i.e., researchers and clinicians). This typically results in a manual governance approach that causes slow data accessibility for researchers due to concerns such as ensuring auditability for any authorization of data consumers, and assurance to ensure compliance with health data security standards. In this paper, we address this issue of long-drawn data accessibility by proposing a semi-automated “honest broker” framework that can be implemented in an online health application. The framework establishes trust between the data consumers and the custodians by: 1. improving the eiciency in compliance checking for data consumer requests using a risk assessment technique; 2. incorporating auditability for consumers to access protected data by including a custodian-in-the-loop only when essential; and 3. increasing the speed of large-volume data actions (such as view, copy, modify, and delete) using a popular common data model. Via an ophthalmology case study involving an age-related cataract research use case in a community cloud testbed, we demonstrate how our solution approach can be implemented in practice to improve timely data access and secure computation of protected data for ultimately achieving data-driven eye health insights.

Published
2019
Full Text
View/download PDF

232. Security Middleground for Resource Protection in Measurement Infrastructure-as-a-Service

Author

Kunpeng Zhu, Alex Berryman, Mukundan Sridharan, Ravi Akella, Prasad Calyam, and Saptarshi Debroy

Subjects
Authentication, Information Systems and Management, Cloud computing security, Computer Networks and Communications, business.industry, Computer science, Network security, 020206 networking & telecommunications, Access control, Cloud computing, 02 engineering and technology, Computer security, computer.software_genre, Computer Science Applications, Hardware and Architecture, Middleware, Threat model, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Orchestration (computing), business, computer
Abstract

Securing multi-domain network performance monitoring (NPM) systems that are being widely deployed as ‘Measurement Infrastructure-as-a-Service’ (MIaaS) in high-performance computing is becoming increasingly critical. It presents an emerging set of research challenges in cloud security given that security mechanisms such as policy-driven access to federated NPM services across multiple domains need to be designed carefully to protect MIaaS resources and data. In this paper, we advocate the design of a security middleground between default open/closed access settings and present policy-driven access controls of measurement functions for a multi-domain federation using a MIaaS. Our approach involves an analytical investigation based on a set of custom metrics to compare and contrast the legacy, role-based and more fine-grained, attribute-based access control schemes to design a security middleground. We implement the chosen middleground with a secured middleware, viz., “OnTimeSecure”. Our middleware enables ‘user-to-service’ and ‘service-to-service’ authentication, and enforces federated authorization entitlement policies for timely orchestration of MIaaS services. Lastly, we evaluate OnTimeSecure in a real multi-domain MIaaS testbed by performing threat modeling and security risk assessments to validate the analysis outcomes and demonstrate its effectiveness for easy integration and sustainable adoption.

Published
2019
Full Text
View/download PDF

233. AGRA: AI-augmented geographic routing approach for IoT-based incident-supporting applications

Author

Prasad Calyam, Huy Trinh, Zakariya A. Oraibi, Andrei M. Sukhov, Flavio Esposito, and Dmitrii Chemodanov

Subjects
Computer Networks and Communications, Wireless network, business.industry, Computer science, Node (networking), Distributed computing, 020206 networking & telecommunications, Cloud computing, Throughput, Geographic routing, 02 engineering and technology, Hardware and Architecture, Scalability, Shortest path problem, 0202 electrical engineering, electronic engineering, information engineering, Wireless, 020201 artificial intelligence & image processing, Orchestration (computing), Routing (electronic design automation), business, Software, Computer network
Abstract

Applications that cater to the needs of disaster incident response generate large amount of data and demand large computational resource access. Such datasets are usually collected in real-time at the incident scenes using different Internet of Things (IoT) devices. Hierarchical clouds, i.e., core and edge clouds, can help these applications’ real-time data orchestration challenges as well as with their IoT operations scalability, reliability and stability by overcoming infrastructure limitations at the ad-hoc wireless network edge. Routing is a crucial infrastructure management orchestration mechanism for such systems. Current geographic routing or greedy forwarding approaches designed for early wireless ad-hoc networks lack efficient solutions for disaster incident-supporting applications, given the high-speed and low-latency data delivery that edge cloud gateways impose. In this paper, we present a novel Artificial Intelligent (AI)-augmented geographic routing approach, that relies on an area knowledge obtained from the satellite imagery (available at the edge cloud) by applying deep learning. In particular, we propose a stateless greedy forwarding that uses such an environment learning to proactively avoid the local minimum problem by diverting traffic with an algorithm that emulates electrostatic repulsive forces. In our theoretical analysis, we show that our Greedy Forwarding achieves in the worst case a 3 . 291 path stretch approximation bound with respect to the shortest path, without assuming presence of symmetrical links or unit disk graphs. We evaluate our approach with both numerical and event-driven simulations, and we establish the practicality of our approach in a real incident-supporting hierarchical cloud deployment to demonstrate improvement of application level throughput due to a reduced path stretch under severe node failures and high mobility challenges of disaster response scenarios.

Published
2019
Full Text
View/download PDF

236. Fuzzy-Engineered Multi-Cloud Resource Brokering for Data-intensive Applications

Author

Prasad Calyam, Trupti Joshi, Ashish Pandey, and Zhen Lyu

Subjects
Service (systems architecture), Resource (project management), Risk analysis (engineering), Computer science, business.industry, Scale (chemistry), Distributed data store, Cloud computing, Resource management, Resilience (network), business, Fuzzy logic
Abstract

Multi-cloud resource brokering is becoming a critical requirement for applications that require high scale, diversity, and resilience. Applications demand timely selection of distributed data storage and computation platforms that span local private cloud resources as well as resources from multiple cloud service providers (CSPs). The distinct capabilities and policies, as well as performance/cost of the cloud services, are amongst the prime factors for CSP selection. However, application owners who need suitable cyber resources in community/public clouds, often have preliminary knowledge and preferences of certain CSPs. They also lack expert guidance to handle the problem of overwhelming resource choice from CSPs, and optimization to compensate for service dynamics. In this paper, we address this challenge of optimal resource selection while also leveraging limited user’s expertise and preferences towards CSPs through multi-level fuzzy logic modeling based on convoluted factors of performance, agility, cost, and security. We evaluate the efficiency of our fuzzy-engineered resource brokering in improving allocation of resources as well as user satisfiability by using case studies and independent validations of CSPs evaluation.

Published
2021
Full Text
View/download PDF

237. Trust Model for Efficient Honest Broker based Healthcare Data Access and Processing

Author

Prasad Calyam, Minh Nguyen, Abu Saleh Mohammad Mosa, Saptarshi Debroy, Mauro Lemus Alarcon, and Naga Ramya Bhamidipati

Subjects
business.industry, Computer science, Big data, Data security, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Computer security, computer.software_genre, 03 medical and health sciences, 0302 clinical medicine, Data access, Knowledge extraction, 030220 oncology & carcinogenesis, 0202 electrical engineering, electronic engineering, information engineering, Community cloud, Honest Broker, business, computer, Risk management
Abstract

With the increased push to promote data-driven methods in modern healthcare, there is a tremendous need for fast access to clinical datasets in order to pursue medical breakthroughs in the areas of personalized medicine and big data knowledge discovery. However, the inherent lack of trust between the data custodians and data consumers/users has resulted in a fully manual honest broker approach to access and process protected healthcare data. Such a manual approach leads to slow data handling, and adds to overheads needed to address data auditability and assurance needed for compliance with healthcare data security standards. In this paper, we address these challenges by proposing a trust model to enable semi-automation of the honest broker process to increase its efficiency. The trust model is based on multi-dimensional risk management principles and considers risk associated with data identifiers, as well as requestor profile and reputation. We implement and evaluate a semi-automated honest broker that uses our trust model in a community cloud testbed using the SynPUF synthetic dataset. Our experiment results show that our multidimensional risk management approach consistently identifies the lower confidentiality risk configuration in the semi-automation in comparison with a one-dimensional strategy. Thus, our semiautomated honest brokering approach improves efficiency for data custodians and data consumers by facilitation of fast and secure data access, while also ensuring compliance in the processing of the protected datasets.

Published
2021
Full Text
View/download PDF

240. A Formative Usability Study to Improve Prescriptive Systems for Bioinformatics Big Data

Author

Shangman Li, Ashish Pandey, Zhen Lyu, Isa Jahnke, Prasad Calyam, Kanupriya Singh, and Trupti Joshi

Subjects
0303 health sciences, business.industry, Big data, Usability, Data science, Formative assessment, 03 medical and health sciences, 0302 clinical medicine, Data visualization, User experience design, Community cloud, Prescriptive analytics, User interface, business, 030217 neurology & neurosurgery, 030304 developmental biology
Abstract

Big data computation tools are vital for researchers and educators from various domains such as plant science, animal science, biomedical science and others. With the growing computational complexity of biology big data, advanced analytic systems, known as prescriptive systems, are being built using machine learning models to intelligently predict optimum computation solutions for users for better data analysis. However, lack of user-friendly prescriptive systems poses a critical roadblock to facilitating informed decision-making by users. In this paper, we detail a formative usability study to address the complexities faced by users while using prescriptive systems. Our usability research approach considers bioinformatics workflows and community cloud resources in the KBCommons framework’s science gateway. The results show that recommendations from usability studies performed in iterations during the development of prescriptive systems can improve user experience, user satisfaction and help novice as well as expert users to make decisions in a well-informed manner.

Published
2020
Full Text
View/download PDF

241. Recommender-as-a-Service with Chatbot Guided Domain-science Knowledge Discovery in a Science Gateway

Author

Satish S. Nair, Trupti Joshi, Komal Bhupendra Vekaria, Songjie Wang, Dong Xu, Cong Chen, Prasad Calyam, Yuanxun Zhang, Sai Swathi Sivarathri, and Ashish Pandey

Subjects
Service (systems architecture), Computer Networks and Communications, Computer science, Microservices, Science gateway, Recommender system, computer.software_genre, Chatbot, Article, Computer Science Applications, Theoretical Computer Science, Domain (software engineering), World Wide Web, Computational Theory and Mathematics, Knowledge extraction, computer, Software
Abstract

Scientists in disciplines such as neuroscience and bioinformatics are increasingly relying on science gateways for experimentation on voluminous data, as well as analysis and visualization in multiple perspectives. Though current science gateways provide easy access to computing resources, datasets and tools specific to the disciplines, scientists often use slow and tedious manual efforts to perform knowledge discovery to accomplish their research/education tasks. Recommender systems can provide expert guidance and can help them to navigate and discover relevant publications, tools, data sets, or even automate cloud resource configurations suitable for a given scientific task. To realize the potential of integration of recommenders in science gateways in order to spur research productivity, we present a novel "OnTimeRecommend" recommender system. The OnTimeRecommend comprises of several integrated recommender modules implemented as microservices that can be augmented to a science gateway in the form of a recommender-as-a-service. The guidance for use of the recommender modules in a science gateway is aided by a chatbot plug-in viz., Vidura Advisor. To validate our OnTimeRecommend, we integrate and show benefits for both novice and expert users in domain-specific knowledge discovery within two exemplar science gateways, one in neuroscience (CyNeuro) and the other in bioinformatics (KBCommons).

Published
2020

242. ScholarFinder: Knowledge Embedding Based Recommendations using a Deep Generative Model

Author

Prasad Calyam, Yuanxun Zhang, and Sai Swathi Sivarathri

Subjects
Matching (statistics), business.industry, Computer science, Deep learning, Supervised learning, 02 engineering and technology, 010501 environmental sciences, Recommender system, 01 natural sciences, Data science, Visualization, Generative model, 020204 information systems, Scientific method, 0202 electrical engineering, electronic engineering, information engineering, Unsupervised learning, Artificial intelligence, business, Feature learning, 0105 earth and related environmental sciences
Abstract

Bold scientific research tasks today need multi-disciplinary knowledge and interdisciplinary collaborations that require finding scholars from a particular domain with relevant knowledge. Given the variety of scholars and diversity of research tasks, finding the appropriate scholar is a critically important and challenging problem for scientific communities. Prior approaches to identify scholars use supervised learning with fixed or high-level research interest tags. Such approaches make it hard to recognize scholars with specific interests, or track their changes in research interests. Hence, there is a need to investigate suitable methods to quantify scholars' expertise knowledge for matching research tasks. In this paper, we propose a novel model viz., "ScholarFinder" that uses contextual information (abstracts or publications) for embedding a scholar's knowledge in an unsupervised learning manner. Subsequently, with pre-trained knowledge embeddings, we can perform machine learning tasks such as classification, visualization or checking whether a scholar is suitable for performing particular research tasks or not. Based on our pre-trained techniques, we also provide a novel negative sampling method to overcome the issues of missing negative samples. Using a "follow-the-money" strategy, we apply our model to a large collection of NSF (National Science Foundation) grant awards dataset collected over the last twenty years that contains more than 20,000 award records (with project abstracts and names), corresponding to 15,074 scholars who received grants. We evaluate different deep learning models to see how to use pre-trained knowledge embedding for achieving optimal performance, and how our negative sampling method improves model performance. We also compare our model with state-of-the-art baseline models (e.g., XGBoost, DNN), and our results show that the ScholarFinder model outperforms those models in terms of precision, recall, F1-score, and accuracy.

Published
2020
Full Text
View/download PDF

243. Design of trace-based NS-3 simulations for UAS video analytics with geospatial mobility

Author

Alicia Esquivel Morel, Chengyi Qu, Drew Dahlquist, and Prasad Calyam

Subjects
Routing protocol, Mobility model, Geospatial analysis, Computer science, business.industry, Distributed computing, Testbed, computer.software_genre, Drone, Visualization, Network simulation, Analytics, business, computer
Abstract

The continuous evolution of commercial Unmanned Aerial Systems (UAS) is fuelling a rapid advancement in the fields of network edge-communication applications for smart agriculture, smart traffic management, and border security. A common problem in UAS (a.k.a. drone systems) research and development is the cost related to deploying and running realistic testbeds. Due to the constraints in safe operation, handling limited energy resources, and government regulation restrictions, UAS testbed building is time-consuming and not easily configurable for high-scale experiments. In addition, experimenters have a hard time creating repeatable and reproducible experiments to test major hypotheses. In this paper, we present a design for performing tracebased NS-3 simulations that can be helpful for realistic UAS simulation experiments. We run experiments with real-world UAS traces including various mobility models, geospatial link information and video analytics measurements. Our experiments assume a hierarchical UAS platform with low-cost/high-cost drones co-operating using a geo-location service in order to provide a ‘common operating picture’ for decision makers. We implement a synergized drone and network simulator that features three main modules: (i) learning-based optimal scheme selection module, (ii) application environment monitoring module, and (iii) trace-based simulation and visualization module. Simulations generated from our implementation have the ability to integrate di↵erent drone configurations, wireless communication links (air-to-air; air-to-ground), as well as mobility routing protocols. Our approach is beneficial to evaluate network-edge orchestration algorithms pertaining to e.g., management of energy consumption, video analytics performance, and networking protocols configuration.

Published
2020
Full Text
View/download PDF

244. Impact of False Data Injection Attacks on Deep Learning Enabled Predictive Analytics

Author

Prasad Calyam, Khaza Anuarul Hoque, and Gautam Raj Mode

Subjects
0209 industrial biotechnology, Industry 4.0, Computer science, business.industry, Deep learning, Context (language use), 02 engineering and technology, Predictive analytics, Machine learning, computer.software_genre, Convolutional neural network, Automation, Predictive maintenance, 020901 industrial engineering & automation, Component (UML), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Artificial intelligence, business, computer
Abstract

Industry 4.0 is the latest industrial revolution primarily merging automation with advanced manufacturing to reduce direct human effort and resources. Predictive maintenance (PdM) is an industry 4.0 solution, which facilitates predicting faults in a component or a system powered by state-of-the- art machine learning (ML) algorithms (especially deep learning algorithms) and the Internet-of-Things (IoT) sensors. However, IoT sensors and deep learning (DL) algorithms, both are known for their vulnerabilities to cyber-attacks. In the context of PdM systems, such attacks can have catastrophic consequences as they are hard to detect due to the nature of the attack. To date, the majority of the published literature focuses on the accuracy of DL enabled PdM systems and often ignores the effect of such attacks. In this paper, we demonstrate the effect of IoT sensor attacks (in the form of false data injection attack) on a PdM system. At first, we use three state-of-the-art DL algorithms, specifically, Long Short-Term Memory (LSTM), Gated Recurrent Unit (GRU), and Convolutional Neural Network (CNN) for predicting the Remaining Useful Life (RUL) of a turbofan engine using NASA's C-MAPSS dataset. The obtained results show that the GRU-based PdM model outperforms some of the recent literature on RUL prediction using the C-MAPSS dataset. Afterward, we model and apply two different types of false data injection attacks (FDIA), specifically, continuous and interim FDIAs on turbofan engine sensor data and evaluate their impact on CNN, LSTM, and GRU-based PdM systems. The obtained results demonstrate that FDI attacks on even a few IoT sensors can strongly defect the RUL prediction in all cases. However, the GRU-based PdM model performs better in terms of accuracy and resiliency to FDIA. Lastly, we perform a study on the GRU-based PdM model using four different GRU networks with different sequence lengths. Our experiments reveal an interesting relationship between the accuracy, resiliency and sequence length for the GRU-based PdM models.

Published
2020
Full Text
View/download PDF

245. Exploration of Carbon Nanotube Forest Synthesis-Structure Relationships Using Physics-Based Simulation and Machine Learning

Author

Kannappan Palaniappan, Filiz Bunyak, Ramakrishna Surya, Prasad Calyam, Taher Hajilounezhad, Zakariya A. Oraibi, and Matthew R. Maschmann

Subjects
bepress|Engineering, Feature extraction, bepress|Engineering|Mechanical Engineering, engrXiv|Engineering|Mechanical Engineering, 02 engineering and technology, Parameter space, bepress|Engineering|Engineering Science and Materials, Machine learning, computer.software_genre, Image texture, Histogram, Classifier (linguistics), bepress|Engineering|Materials Science and Engineering|Other Materials Science and Engineering, 0202 electrical engineering, electronic engineering, information engineering, business.industry, Process (computing), engrXiv|Engineering|Materials Science and Engineering|Other Materials Science and Engineering, engrXiv|Engineering|Engineering Science and Materials, Finite element method, Random forest, engrXiv|Engineering, 020201 artificial intelligence & image processing, Artificial intelligence, bepress|Engineering|Materials Science and Engineering, engrXiv|Engineering|Materials Science and Engineering, business, computer
Abstract

The parameter space of CNT forest synthesis is vast and multidimensional, making experimental and/or numerical exploration of the synthesis prohibitive. We propose a more practical approach to explore the synthesis-process relationships of CNT forests using machine learning (ML) algorithms to infer the underlying complex physical processes. Currently, no such ML model linking CNT forest morphology to synthesis parameters has been demonstrated. In the current work, we use a physics-based numerical model to generate CNT forest morphology images with known synthesis parameters to train such a ML algorithm. The CNT forest synthesis variables of CNT diameter and CNT number densities are varied to generate a total of 12 distinct CNT forest classes. Images of the resultant CNT forests at different time steps during the growth and self-assembly process are then used as the training dataset. Based on the CNT forest structural morphology, multiple single and combined histogram-based texture descriptors are used as features to build a random forest (RF) classifier to predict class labels based on correlation of CNT forest physical attributes with the growth parameters. The machine learning model achieved an accuracy of up to 83.5% on predicting the synthesis conditions of CNT number density and diameter. These results are the first step towards rapidly characterizing CNT forest attributes using machine learning. Identifying the relevant process-structure interactions for the CNT forests using physics-based simulations and machine learning could rapidly advance the design, development, and adoption of CNT forest applications with varied morphologies and properties.

Published
2020

246. Dynamic Computation Off-loading and Control based on Occlusion Detection in Drone Video Analytics

Author

Rumana Aktar, Rajeswara Rao Ramisetty, Chengyi Qu, Prasad Calyam, Kannappan Palaniappan, and Songjie Wang

Subjects
computer.internet_protocol, business.industry, Computer science, Video capture, Real-time computing, Frame (networking), ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, QUIC, 020206 networking & telecommunications, 02 engineering and technology, Video quality, Analytics, 0202 electrical engineering, electronic engineering, information engineering, Computation offloading, 020201 artificial intelligence & image processing, Quality of experience, business, computer, Edge computing
Abstract

Unmanned Aerial Vehicles (UAVs) or drones equipped with cameras are extensively used in different scenarios such as surveillance of hazardous locations, disaster response and crime fighting. The related video streaming/analytics requires real-time drone-to-Ground Control Station (GCS) communication and computation co-ordination for desired user Quality of Experience (QoE). In situations where the quality of the video can be affected by occlusions (e.g., image distortion, frame stalling) due to network bottlenecks, there is a need to dynamically make decisions on the computation offloading and networking protocols in order to properly handle the video data for real world application purposes. In this paper, we propose a novel function-centric computing approach that helps a user to perform drone video analytics to assess a wide-area scene to chart a plan of action. Our approach involves handling network impairments affecting the switching between high resolution/low resolution video capture, or change of camera direction for assessment of the scene effectively. It also features a novel video quality enhancing algorithm based on occlusion-detection that adapts to video impairments related to image distortion and frame stalling. Our experiment results from a realistic testbed show that our approach can efficiently choose the suitable networking protocols (i.e., TCP/HTTP, UDP/RTP, QUIC) and orchestrate both the camera control on the drone, and the computation off-loading of the video analytics over limited edge computing resources. The performance improvements for computation off-loading involving our video quality enhancing algorithm are shown for different network conditions in terms of occlusion rate and processing times.

Published
2020
Full Text
View/download PDF

247. Attack Trees for Security and Privacy in Social Virtual Reality Learning Environments

Author

Prasad Calyam, Aniket Gulhane, Khaza Anuarul Hoque, Samaikya Valluripally, and Reshmi Mitra

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer science, Principle of least privilege, Vulnerability, 020207 software engineering, 02 engineering and technology, Virtual reality, Computer security, computer.software_genre, Special education, Computer Science - Computers and Society, Computer Science - Distributed, Parallel, and Cluster Computing, Computers and Society (cs.CY), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Distributed, Parallel, and Cluster Computing (cs.DC), Cryptography and Security (cs.CR), computer, Formal verification, Edge computing
Abstract

Social Virtual Reality Learning Environment (VRLE) is a novel edge computing platform for collaboration amongst distributed users. Given that VRLEs are used for critical applications (e.g., special education, public safety training), it is important to ensure security and privacy issues. In this paper, we present a novel framework to obtain quantitative assessments of threats and vulnerabilities for VRLEs. Based on the use cases from an actual social VRLE viz., vSocial, we first model the security and privacy using the attack trees. Subsequently, these attack trees are converted into stochastic timed automata representations that allow for rigorous statistical model checking. Such an analysis helps us adopt pertinent design principles such as hardening, diversity and principle of least privilege to enhance the resilience of social VRLEs. Through experiments in a vSocial case study, we demonstrate the effectiveness of our attack tree modeling with a reduction of 26% in probability of loss of integrity (security) and 80% in privacy leakage (privacy) in before and after scenarios pertaining to the adoption of the design principles., Accepted for publication in in the IEEE Consumer Communications & Networking Conference (CCNC 2020)

Published
2020
Full Text
View/download PDF

248. Predictive Cyber Foraging for Visual Cloud Computing in Large-Scale IoT Systems

Author

Kannappan Palaniappan, Prasad Calyam, Claudio Sterle, Maurizio Boccia, Jon Patman, Dmitrii Chemodanov, Patman, J., Chemodanov, D., Calyam, P., Palaniappan, K., Sterle, C., and Boccia, M.

Subjects
online job scheduling, Cyber foraging, Computer Networks and Communications, Computer science, business.industry, Distributed computing, Computation offloading, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, computer.software_genre, Scheduling (computing), Visual computing, Concurrent user, machine learning, Virtual machine, Server, 0202 electrical engineering, electronic engineering, information engineering, edge/cloud computing, Electrical and Electronic Engineering, business, computer, cyber foraging, Edge computing
Abstract

Cyber foraging has been shown to be especially effective for augmenting low-power Internet-of-Thing (IoT) devices by offloading video processing tasks to nearby edge/cloud computing servers. Factors such as dynamic network conditions, concurrent user access, and limited resource availability, cause offloading decisions that negatively impact overall processing throughput and end-user delays. Moreover, edge/cloud platforms currently offer both Virtual Machine (VM) and serverless computing pricing models, but many existing edge offloading approaches only investigate single VM-based offloading performance. In this paper, we propose a predictive (NP-complete) scheduling-based offloading framework and a heuristic-based counterpart that use machine learning to dynamically decide what combinations of functions or single VM needs to be deployed so that tasks can be efficiently scheduled. We collected over 10,000 network and device traces in a series of realistic experiments relating to a protest crowds incident management application. We then evaluated the practicality of our predictive cyber foraging approach using trace-driven simulations for up to 1000 devices. Our results indicate that predicting single VM offloading costs: (a) leads to near-optimal scheduling in 70% of the cases for service function chaining, and (b) offers a 40% gain in performance over traditional baseline estimation techniques that rely on simple statistics for estimations in the case of single VM-offloading. Considering a series of visual computing offloading scenarios, we also validate our approach benefits of using online versus offline machine learning models for predicting offloading delays.

Published
2020

250. Flexible IoT security middleware for end-to-end cloud–fog communication

Author

Daniel Dunn, Bidyut Mukherjee, Yijie Ren, Roshan Lal Neupane, Songjie Wang, Qi Su, Wenyi Lu, and Prasad Calyam

Subjects
Computer Networks and Communications, business.industry, Computer science, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Encryption, End-to-end principle, Hardware and Architecture, Middleware, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Session (computer science), Enhanced Data Rates for GSM Evolution, Communications protocol, business, Software, Computer network
Abstract

IoT (Internet of Things) based smart devices such as sensors have been actively used in edge clouds i.e., ‘fogs’ along with public clouds. They provide critical data during scenarios ranging from e.g., disaster response to in-home healthcare. However, for these devices to work effectively, end-to-end security schemes for the device communication protocols have to be flexible and should depend upon the application requirements as well as the resource constraints at the network-edge. In this paper, we present the design and implementation of a flexible IoT security middleware for end-to-end cloud–fog communications involving smart devices and cloud-hosted applications. The novel features of our middleware are in its ability to cope with intermittent network connectivity as well as device constraints in terms of computational power, memory, energy, and network bandwidth. To provide security during intermittent network conditions, we use a ‘Session Resumption’ algorithm in order for our middleware to reuse encrypted sessions from the recent past, if a recently disconnected device wants to resume a prior connection that was interrupted. In addition, we describe an ‘Optimal Scheme Decider’ algorithm that enables our middleware to select the best possible end-to-end security scheme option that matches with a given set of device constraints. Experiment results show how our middleware implementation also provides fast and resource-aware security by leveraging static properties i.e., static pre-shared keys (PSKs) for a variety of IoT-based application requirements that have trade-offs in higher security or faster data transfer rates.

Published
2018
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results