Hesham Altaleb and Alexander Brodsky
GMU-CS-TR-2015-9
Proposed in this paper is an extensible decision support system framework to facilitate commercial and industrial entities forming a consortium to collaborate on their electric power supply and demand in order to streamline their consumption and reduce their costs. The collaborative framework includes the structure of market setting, participants' bids, and a market resolution which produces a schedule of how power components are controlled as well as the resulting payment by market participants. We also define four properties that the market resolution must satisfy, namely, feasibility, Pareto-optimality, Nash equilibrium, and equal collaboration profitability. Furthermore, we develop a market resolution algorithm, based on a formal optimization model and prove that it satisfies the desirable market properties.
Mohan Krishnamoorthy, Alexander Brodsky and Daniel A. Menascé
GMU-CS-TR-2015-8
This paper deals with stochastic temporal manufacturing processes with work-in-process inventories in which multiple products are produced from raw materials and parts. The processes may be composed of subprocesses, which, in turn may be either composite or atomic, i.e., a machine on a manufacturing floor. We assume that machines' throughput is stochastic and so are work-in-process inventories and costs. We consider the problem of optimizing the process, that is, finding throughput expectation setting for each machine at each time point over the time horizon as to minimize the total cost of production subject to satisfying the production demand with a requested probability. To address this problem, we propose an efficient iterative heuristic algorithms that is based on (1) producing high quality candidate machine settings based on a deterministic approximation of the stochastic problem, and (2) running stochastic simulations to find the best machine setting out of the produced candidates using optimal simulation budget allocation methods. We conduct an experimental study that shows that our algorithm significantly outperforms four popular simulation-based optimization algorithms.
Hanan Mengash and Alexander Brodsky
GMU-CS-TR-2015-7
A group package recommender framework is proposed to provide recommendations on dynamically defined packages of products and services to large heterogeneous groups based on multi-criteria optimization. The frame- work is based on: (1) sampling the entire large group; (2) eliciting the utility function for each member; (3) clustering the sample heterogeneous group into a number of relatively small homogeneous subgroups; (4) extracting the repre- sentative utility function for each subgroup; (5) estimating the utility function of the entire group, and use it to find an optimal recommendation alternative; (6) diversify recommendations across those subgroups; (7) applying a group decision-making method, to refine the recommendations. A preliminary exper- imental study is conducted, which shows that the proposed framework is able to produce a small set of ranked recommendations that retains close to optimal precision and recall, as compared to the baseline method applied directly to original large groups.
Hanan Mengash and Alexander Brodsky
GMU-CS-TR-2015-6
This paper proposes a Group Package Recommender (GPR) framework, which provides recommendations on dynamically defined packages of products and services. It focuses on extending recommender systems in three ways: (1) to consider composite, rather than atomic, recommendations; (2) to deal with multiple, rather than single, criteria associated with recommendations; and, most importantly, (3) to support groups of users rather than individual users. This framework is based on: (1) defining the space of alternatives; (2) eliciting the utility function for each individual decision maker; (3) estimating the group utility function; (4) using the group utility function to find an optimal recommendation alternative; (5) constructing a set of diverse recommendations which contains the optimal recommendation alternative; and (6) applying alternative voting methods from social choice theories, to refine the recommendations. To evaluate the group recommender performance under each applied voting method, a preliminary experimental real-world user study is conducted, which shows that the proposed framework is able to produce a small set of recommendations that retains near optimal recommendations in term of precision and recall.
Hamid Bagheri, Alireza Sadeghi, Reyhaneh Jabbarvand and Sam Malek
GMU-CS-TR-2015-5
As the dominant mobile computing platform, Android has become a prime target for cyber-security attacks. Many of these attacks are manifested at the application level, and through the exploitation of vulnerabilities in apps downloaded from the popular app stores. Increasingly, sophisticated attacks exploit the vulnerabilities in multiple installed apps, making it extremely difficult to foresee such attacks, as neither the app developers nor the store operators know a priori which apps will be installed together. This paper presents an approach that allows the end-users to safeguard a given bundle of apps installed on their device from such attacks. The approach, realized in a tool, called DroidGuard, combines static code analysis with lightweight formal methods to automatically infer security-relevant properties from a bundle of apps. It then uses a constraint solver to synthesize possible security exploits, from which fine-grained security policies are derived and automatically enforced to protect a given device. In our experiments with over 4,000 Android apps, DroidGuard has proven to be highly effective at detecting previously unknown vulnerabilities as well as preventing their exploitation.
Zhonghua Xi and Jyh-Ming Lien
GMU-CS-TR-2015-4
Self-folding robot is usually modeled as rigid origami, a class of origami whose entire surface remains rigid during folding except at crease lines. In this work, we focus on finding valid folding motion that brings the origami from the unfolded state continuously to the folded state. Although recent computational methods allow rapid simulation of folding process of certain rigid origamis, these methods can fail even when the input crease pattern is extremely simple but with implicit folding orders. Moreover, due to the rigidity requirement, the probability of generating a valid configuration via uniform sampling is zero, which greatly hinders that applicability of traditional sampling-based motion planners. We propose a novel sampling strategy that samples in the discrete domain. Our experimental results show that the proposed method could efficiently generate valid configurations. Using those configurations, the planners successfully fold several types of rigid origamis that the existing methods fail to fold and could discover multiple folding paths for Multi-DOF origamis.
Guilin Liu, Zhonghua Xi and Jyh-Ming Lien
GMU-CS-TR-2015-3
Decomposing a 3D model into approximately convex components has gained more attention recently due to its ability to efficiently generate small decomposition with controllable concavity bound. However, current methods are computationally expensive and require many user parameters. These parameters are usually unintuitive and add unnecessary obstacles in processing a large number of meshes and meshes that are generated online in applications such as video games. In this paper, we investigate an approach that decomposes a mesh P based on the identification of convex ridges. Intuitively, convex ridges are the protruding parts of the mesh P. Our method, called CORISE, extracts nearly convex components of P by separating each convex ridge from all the other convex ridges. Through the new concept of residual concavity CORISE requires only a single user parameter: concavity tolerance. We show that our method can generate noticeably better segmentation in significant shorter time than the current state-of-art methods. Finally, we demonstrate applications of CORISE, including physically-based simulation, cage generation and model repairing.
Zhonghua Xi and Jyh-Ming Lien
GMU-CS-TR-2015-2
Recent advances in robotics engineering have enabled the realization of self-folding machines. Rigid origami is usually used as the underlying model for the self-folding machines whose surface remains rigid during folding except at joints. A key issue in designing rigid origami is foldability that concerns about finding folding steps from a flat sheet of crease pattern to a desired folded state. Although recent computational methods allow rapid simulation of folding process of certain rigid origamis, these methods can fail even when the input crease pattern is extremely simple. In this paper, we take on the challenge of planning folding and unfolding motion of origami tessellations, which are composed of repetitive crease patterns. The number of crease lines of a tessellation is usually large, thus searching in such high dimensional configuration space with the requirement of maintaining origami rigidity is nontrivial. We propose a motion planner that takes symmetry into consideration and reuses folding path found on the essential crease pattern. Both of these strategies enable us to fold large origami tessellation much more efficiently than the existing methods. Our experimental results show that the proposed method successfully folds several types of rigid origami tessellations that the existing methods fail to fold. their exploitation.
Roberto Levy, Alexander Brodsky and Juan Luo
GMU-CS-TR-2015-14
This paper focuses on developing an approach and technology for actionable recommendations on the operation of components of an electric power network. The overall direction of this research is to model the major components of a Hybrid Renewable Energy System (HRES), including power generation, transmission/distribution, power storage, energy markets, and end customer demand (residential and commercial). First, we propose a conceptual diagram notation for power network topology, to allow the representation of an arbitrary complex power system. Second, we develop a formal mathematical model that describes the HRES optimization framework, consisting of the different network components, their respective costs, and associated constraints. Third, we implement the HRES optimization problem solution through a mixed-integer linear programming (MILP) model by leveraging IBM Optimization Programming Language (OPL) CPLEX Studio. Lastly, we demonstrate the model through an example of a simulated network, showing also the ability to support sensitivity / what-if analysis, to determine the behavior of the network under different configurations.
Raquel Lopes and Daniel A. Menascé
GMU-CS-TR-2015-13
Hundreds of papers on job scheduling for distributed systems are published every year and it becomes increasingly difficult to classify them. Our analysis revealed that half of these papers are barely cited. This technical report presents a general taxonomy for scheduling problems and solutions in distributed systems. This taxonomy was used to classify and make publicly available the classification of 100 scheduling problems and their solutions. These 100 problems were further clustered into eight groups based on the features of the taxonomy. The proposed taxonomy will facilitate researchers to build on prior art, increase new research visibility, and minimize redundant effort.
Arwa Aldhalaan and Daniel A. Menascé
GMU-CS-TR-2015-12
Software as a Service (SaaS) allows companies and individuals to use software, hosted and managed by a SaaS provider, on a pay-per-use basis instead of paying for the entire upfront, maintenance, and upgrade cost. SaaS providers can lease their computing infrastructure to instantiate VMs that run their software services from Infrastructure as a Service (IaaS) providers on a pay per use basis. SaaS customers can subscribe to and unsubscribe from a software service at anytime. Thus, the SaaS cloud provider should dynamically determine the number of needed VMs to run software services as a function of the demand in a way that minimizes the SaaS cost of using VMs from an IaaS but at the same time guaranteeing an agreed upon Quality of Service (QoS) to the SaaS customers. This report presents two heuristic techniques that can be used by SaaS providers to determine the type and quantity of VMs to be leased in order to best satisfy customer demands for software services. Our experiments showed that the number of states visited by the proposed method is very low (on the order of 10^{-4} of the entire space) while the solution obtained is 2% more expensive in most cases, 13% more expensive in a few cases, and 31% more expensive in only one case, when compared with the optimal solution.
Charles Smutz and Angelos Stavrou
GMU-CS-TR-2015-11
Machine learning classifiers are a crucial component of modern malware and intrusion detection systems. However, past studies have shown that classifier-based detection systems are susceptible to evasion attacks in practice. Improving the evasion resistance of learning based systems is an open problem. In this paper, we analyze the effects of mimicry attacks on real-world classifiers. To counter such attacks, we introduce a novel approach that not only exposes attempts to evade the classifier, but also evaluates the ability of the system to operate reliably. We advance mutual agreement analysis for ensemble classifiers: during the detection operation, when a sufficient number of votes from individual classifiers disagree, the ensemble classifier prediction is shown to be unreliable. This method allows the detection of classifier evasion without additional external information. To evaluate our approach, we used thousands of both malicious and benign PDF documents. Applying our method to two recent evasion attack studies, we show that most evasion scenarios are detected. Furthermore, we show that our approach can be generalized to weaken the effectiveness of the Gradient Descent and Kernel Density Estimation attacks against Support Vector Machines (SVM) by creating an ensemble classifier using many base SVMs. We discovered that feature bagging is the most important property for enabling mutual agreement based evasion detection.
Joshua Garcia, Mahmoud Hammad, Bahman Pedrood, Ali Bagheri-Khaligh and Sam Malek
GMU-CS-TR-2015-10
The number of Android malware apps are increasing very quickly. Simply detecting and removing malware apps is insufficient, since they can damage or alter other files, data, or settings; install additional applications; etc. To determine such behavior, a security engineer can significantly benefit from identifying the specific family to which an Android malware belongs. Techniques for detecting Android malware, and determining their families, lack the ability to deal with obfuscations (i.e., transformations of application to thwart detection). Moreover, some of the prior techniques are highly inefficient, making them inapplicable for real-time detection of threats. To address these limitations, we present a novel machine learning-based Android malware detection and family identification approach, RevealDroid, that provides selectable features. We assess RevealDroid to determine a selection of features that enable obfuscation resiliency, efficiency, and accuracy for detection and family identification. We assess RevealDroid's accuracy and obfuscation resilience on an updated dataset of malware from a diverse set of families, including malware obfuscated using various transformations, and compare RevealDroid against an existing Android malware-family identification approach and another Android malware detection approach.
Hamid Bagheri, Alireza Sadeghi, Joshua Garcia and Sam Malek
GMU-CS-TR-2015-1
Android is the most popular platform for mobile devices. It facilitates sharing of data and services among applications using a rich inter-app communication system. While access to resources can be controlled by the Android permission system, enforcing permissions is not sufficient to prevent security violations, as permissions may be mismanaged, intentionally or unintentionally. Android's enforcement of the permissions is at the level of individual apps, allowing multiple malicious apps to collude and combine their permissions or to trick vulnerable apps to perform actions on their behalf that are beyond their individual privileges. In this paper, we present COVERT, a tool for compositional analysis of Android inter-app vulnerabilities. COVERT's analysis is modular to enable incremental analysis of applications as they are installed, updated, and removed. It statically analyzes the reverse engineered source code of each individual app, and extracts relevant security specifications in a format suitable for formal verification. Given a collection of specifications extracted in this way, a formal analysis engine (e.g., model checker) is then used to verify whether it is safe for a combination of applications -- holding certain permissions and potentially interacting with each other -- to be installed together. Our experience with using COVERT to examine over 200 real-world apps corroborates its ability to find inter-app vulnerabilities in bundles of some of the most popular apps on the market.