It is shown that intelligent channel assignment is critical to Hyacinth's performance, and distributed algorithms that utilize only local traffic load information to dynamically assign channels and to route packets are presented, and their performance is compared against a centralized algorithm that performs the same functions.
A detailed performance evaluation shows that with intelligent channel and bandwidth assignment, equipping every wireless mesh network node with just 2 NICs operating on different channels can increase the total network goodput by a factor of up to 8 compared with the conventional single-channel ad hoc network architecture.
An efficient method to compute graph similarity that exploits structural and instruction-level information in the underlying malware programs, and a multi-resolution indexing scheme that uses a computationally economical feature vector for early pruning and resorts to a more accurate but computationally more expensive graph similarity function only when it needs to pinpoint the most similar neighbors.
This paper presents a compiler-based solution to the notorious buffer overflow attack problem, a taxonomy of defense methods, the implementation details of RAD, and the performance analysis of the RAD prototype.
This work proposes a multi-spanning-tree Ethernet architecture, called Viking, that improves both aggregate throughput and fault tolerance by exploiting standard virtual LAN technology in a novel way and provides much faster failure recovery, reducing the down-time to a sub-second range from that of multiple seconds in single- spanning- tree Ethernet architecture.
An algorithm to detect spoofing by leveraging the sequence number field in the link-layer header of IEEE 802.11 frames is proposed, and it is demonstrated how it can detect various spoofing without modifying the APs or wireless stations.
RICH (Run-time Integer CHecking), a tool for efficiently detecting integer-based attacks against C programs at run time, is presented and it is shown that safe and unsafe integer operations in C can be captured by well-known sub-typing theory.
A generic unpacking solution called Justin (Just-In-Time AV scanning), which is designed to detect the end of unpacking of a packed binary's run and invoke AV scanning against the process image at that time, and is much better than SymPack for binaries packed by those that SymPack does not support.
This paper uses a binary rewriting approach to augment existing Win32/Intel Portable Executable binary programs with a return address defense (RAD) mechanism, which protects the integrity of the return address on the stack with a redundant copy.
A unified solution to buffer overflow attacks as a GCC compiler extension called DIRA that transforms a program’s source code so that the resulting program can automatically detect any buffer overflow attack against it, repair the memory damage left by the attack, and identify the actual attack packet(s).