Showing reports for year: 2010

Title:Algorithm MinWtBasis for simplifying conjunctions of monomial inequalities
Authors:Brown, Christopher W.
Serial Number:2010-01
Publication Date:1-28-2010
Abstract:This paper defines a new algorithm "MinWtBasis" which simplifies conjunctions of monomial inequalities. The simplified equivalent formula produced by MinWtBasis minimizes the sum over all inequalities in the conjunction of the number of non-strict variables appearing, and it runs in polynomial time. For strictly non-strict conjunctions of inequalities, this shows that the problem of finding a simplest equivalent formula is in P. This contrasts with the general case and the strict inequality case, in which finding the simplest equivalent formula is NP-Hard.
View ReportView bibtex

Title:An Analysis of Root-Kit Technologies and Strategies
Authors:Monroe, Justin
Serial Number:2010-02
Publication Date:3- 9-2010
Abstract:The research study, An Analysis of Root-Kit Technologies and Strategies was conducted at the United States Naval Academy in an effort to help define a root-kit in terms understandable by someone with a background in computing knowledge, but not necessarily with the details of how an operating system is run. Specific topics cover basic back doors into a target system, covert channels, data exfiltration, and hiding software applications in the best way possible for the level of access attained. Because root-kits are becoming more commonplace on the Internet, the Department of Defense must be able to convey the importance of Information Assurance when applications such as root-kits can be installed by any number of ways. Once a root- kit is on the machine, it becomes increasingly hard to trust any information on the machine, and should the root-kit exfiltrate any information, it may be hard to figure out what information was stolen, and how to mitigate the risks involved. The goals of the research paper were to define root-kit strategies in easy to understand phases, ranging from commonly found network tools and source code to implementation strategies of today's modern root-kits and root-kit prevention and mitigation systems. The source code contained in the paper references quick implementations of keyloggers and DLL injectors, two common applications found in a root-kit toolset to hide in the system and then log the user's habits. At the conclusion, several root-kit papers were analyzed and cataloged as they pertained to the different phases that were set up initially. Each and every tool utilized in the research study is freely available and has other, less malicious purposes. However, the research topics discussed in Phase 6, Advanced Root-Kit Implementations are current research into how to prevent root-kit installation, and to minimize the effectiveness of a root-kit. The most interesting part is that several of the projects utilize hooking and patching, two common root-kit practices to subvert the operating system to prevent root- kits from executing.
View ReportView bibtex

Title:Virtualization Shares: Feasibility and Implementation in the USNA Computer Science Department
Authors:Christopher Wheeler
Serial Number:2010-03
Publication Date:3-10-2010
Abstract:The research study, Virtualization Shares: Feasibility and Implementation in the USNA Computer Science department was conducted at the United States Naval Academy in an effort to help define a how sharing virtual machines which had been transferred via external hard drive from host to host, and run on VMware workstation, could be run on a single powerful server and require users to interact with them using a thin client. Specific topics cover basic virtualization concepts, differences in architecture between Xen and VMware, and the performance seen on a test network utilizing one server running ESX. As corporations and other large enterprises, including the Department of Defense, move from the traditional physical server infrastructure towards virtual consolidation, study in this area becomes more and more pertinent. In the USNA Computer Science Department, this server resides on a sandboxed network, used only for testing purposes, but this technique has been implemented across many major organizations running servers as a result of low utilization of traditional physical infrastructure. Using a virtualized architecture allows more dynamic load sharing based on the current demands placed on a particular host, and overall results in less idle time on the infrastructure. The goal of this research paper was to define potential architectures that satisfy our existing needs, including labs for Information Assurance classes, exercises such as Cyber Defense Exercise, and development work. By analyzing their relative performance, a compromise between performance, ease-of-use, and the resources of the Department provided recommendations that will become an integral part of Computer Science and Information Technology education. At the conclusion, numerous studies on both VMware and Xen architecture were analyzed, which gave insight into architectures to be modeled by the Department. For the purposes of research, Xen was focused on more heavily by nature of being open source. However, our current VMware license weds us to their infrastructure, the main reason for solely analyzing ESX. This study may also lead to further research into topic areas such as dynamic image swapping across multiple servers, vulnerabilities of virtualization shares, and even more utile architectures for the Departmentís needs.
View ReportView bibtex

Title:Evaluating MLNs for Collective Classification
Authors:Crane, Robert J.
Serial Number:2010-04
Publication Date:12-13-2010
Abstract:Collective Classification is the process of labeling instances in a graph using both instance attribute information and information about relations between instances. While several Collective Classification Algorithms have been well studied, the use of Markov Logic Networks (MLNs) remains largely untested. MLNs pair first order logic statements with a numerical weight. With properly assigned weights, these rules may be used to infer class labels from evidence stated as logic statements. Our study evaluated MLNs against other Collective Classification algorithms on both synthetic data and real data from the CiteSeer dataset. As a whole, we encountered inconsistent and often poor performance with MLNs, especially on synthetic data where other Collective Classification algorithms performed well.
View ReportView bibtex