Learn More
How will a virus propagate in a real network? Does an epidemic threshold exist for a finite powerlaw graph, or any finite graph? How long does it take to disinfect a network given particular values of infection rate and virus death rate? We answer the first question by providing equations that accurately model virus propagation in any network including real(More)
How will a virus propagate in a real network? How long does it take to disinfect a network given particular values of infection rate and virus death rate? What is the single best node to immunize? Answering these questions is essential for devising network-wide strategies to counter viruses. In addition, viral propagation is very similar(More)
This work aims to devise a framework for measuring system security. We can all agree that the ability to compare, to contrast, and to make quantifiable statements about system security is extremely valuable. It means that we will have a basis to determine where to put our limited resources, where to pay attention, and how to best secure our systems. We also(More)
Many existing survivability mechanisms rely on software-based system monitoring and control. Some of the software resides on application hosts that are not necessarily trustworthy. The integrity of these software components is therefore essential to the reliability and trustworthiness of the survivability scheme. In this paper we address the problem of(More)
Publish-subscribe is a communication paradigm that supports dynamic, many-to-many communications in a distributed environment. Content-based pub-sub systems are often implemented on a peer-to-peer infrastructure that enables information dissemination from information producers (publishers) to consumers (subscribers) through a subscription mechanism. In a(More)
In survivability management systems, some management entities reside on application hosts that are not necessarily trustworthy. The integrity of these software entities is essential to the security of the network management scheme. In this talk, I present a novel framework to facilitate software security against malicious execution environments. The(More)
This work aims to develop a framework for measuring system security. We can all agree that the ability to compare, to contrast, and to make quantifiable statements about system security would be extremely valuable. It would mean that we could have a basis to determine where to put our limited resources, where to pay attention, and how to secure our systems(More)
One class of worm defense techniques that received attention of late is to “rate limit” outbound traffic to contain fast spreading worms. Several proposals of rate limiting techniques have appeared in the literature, each with a different take on the impetus behind rate limiting. This paper presents an empirical analysis on different rate limiting schemes(More)
The design of survivable storage systems involves inherent trade-offs among properties such as performance, security, and availability. A toolbox of simple and accurate models of these properties allows a designer to make informed decisions. This report focuses on availability modeling. We describe two ways of extending the classic model of availability(More)