Biblio

In the last few years, the high acceptability of service computing delivered over the internet has exponentially created immense security challenges for the services providers. Cyber criminals are using advanced malware such as polymorphic botnets for participating in our everyday online activities and trying to access the desired information in terms of personal details, credit card numbers and banking credentials. Polymorphic botnet attack is one of the biggest attacks in the history of cybercrime and currently, millions of computers are infected by the botnet clients over the world. Botnet attack is an intelligent and highly coordinated distributed attack which consists of a large number of bots that generates big volumes of spamming e-mails and launching distributed denial of service (DDoS) attacks on the victim machines in a heterogeneous network environment. Therefore, it is necessary to detect the malicious bots and prevent their planned attacks in the cloud environment. A number of techniques have been developed for detecting the malicious bots in a network in the past literature. This paper recognize the ineffectiveness exhibited by the singnature based detection technique and networktraffic based detection such as NetFlow or traffic flow detection and Anomaly based detection. We proposed a real time malware detection methodology based on Domain Generation Algorithm. It increasesthe throughput in terms of early detection of malicious bots and high accuracy of identifying the suspicious behavior.

Data randomization or scrambling has been effectively used in various applications to improve the data security. In this paper, we use the idea of data randomization to proactively randomize the spectrum (re)allocation to improve connections' security. As it is well-known that random (re)allocation fragments the spectrum and thus increases blocking in elastic optical networks, we analyze the tradeoff between system performance and security. To this end, in addition to spectrum randomization, we utilize an on-demand defragmentation scheme every time a request is blocked due to the spectrum fragmentation. We model the occupancy pattern of an elastic optical link (EOL) using a multi-class continuous-time Markov chain (CTMC) under the random-fit spectrum allocation method. Numerical results show that although both the blocking and security can be improved for a particular so-called randomization process (RP) arrival rate, while with the increase in RP arrival rate the connections' security improves at the cost of the increase in overall blocking.

Protecting Critical Infrastructures (CIs) against contemporary cyber attacks has become a crucial as well as complex task. Modern attack campaigns, such as Advanced Persistent Threats (APTs), leverage weaknesses in the organization's business processes and exploit vulnerabilities of several systems to hit their target. Although their life-cycle can last for months, these campaigns typically go undetected until they achieve their goal. They usually aim at performing data exfiltration, cause service disruptions and can also undermine the safety of humans. Novel detection techniques and incident handling approaches are therefore required, to effectively protect CI's networks and timely react to this type of threats. Correlating large amounts of data, collected from a multitude of relevant sources, is necessary and sometimes required by national authorities to establish cyber situational awareness, and allow to promptly adopt suitable countermeasures in case of an attack. In this paper we propose three novel methods for security information correlation designed to discover relevant insights and support the establishment of cyber situational awareness.

Smart grid is an evolving new power system framework with ICT driven power equipment massively layered structure. The new generation sensors, smart meters and electronic devices are integral components of smart grid. However, the upcoming deployment of smart devices at different layers followed by their integration with communication networks may introduce cyber threats. The interdependencies of various subsystems functioning in the smart grid, if affected by cyber-attack, may be vulnerable and greatly reduce efficiency and reliability due to any one of the device not responding in real time frame. The cyber security vulnerabilities become even more evident due to the existing superannuated cyber infrastructure. This paper presents a critical review on expected cyber security threats in complex environment and addresses the grave concern of a secure cyber infrastructure and related developments. An extensive review on the cyber security objectives and requirements along with the risk evaluation process has been undertaken. The paper analyses confidentiality and privacy issues of entire components of smart power system. A critical evaluation on upcoming challenges with innovative research concerns is highlighted to achieve a roadmap of an immune smart grid infrastructure. This will further facilitate R&d; associated developments.

Elliptic Curve Cryptosystems are very much delicate to attacks or physical attacks. This paper aims to correctly implementing the fault injection attack against Elliptic Curve Digital Signature Algorithm. More specifically, the proposed algorithm concerns to fault attack which is implemented to sufficiently alter signature against vigilant periodic sequence algorithm that supports the efficient speed up and security perspectives with most prominent and well known scalar multiplication algorithm for ECDSA. The purpose is to properly injecting attack whether any probable countermeasure threatening the pseudo code is determined by the attack model according to the predefined methodologies. We show the results of our experiment with bits acquire from the targeted implementation to determine the reliability of our attack.

Privacy and security have been discussed in many occasions and in most cases, the importance that these two aspects play on the information system domain are mentioned often. Many times, research is carried out on the individual information security or privacy measures where it is commonly regarded with the focus on the particular measure or both privacy and security are regarded as a whole subject. However, there have been no attempts at establishing a proper method in categorizing any form of objects of protection. Through the review done on this paper, we would like to investigate the relationship between privacy and security and form a break down the aspects of privacy and security in order to provide better understanding through determining if a measure or methodology is security, privacy oriented or both. We would recommend that in further research, a further refined formulation should be formed in order to carry out this determination process. As a result, we propose a Privacy-Security Tree (PST) in this paper that distinguishes the privacy from security measures.

With increasing popularity of cloud computing, the data owners are motivated to outsource their sensitive data to cloud servers for flexibility and reduced cost in data management. However, privacy is a big concern for outsourcing data to the cloud. The data owners typically encrypt documents before outsourcing for privacy-preserving. As the volume of data is increasing at a dramatic rate, it is essential to develop an efficient and reliable ciphertext search techniques, so that data owners can easily access and update cloud data. In this paper, we propose a privacy preserving multi-keyword ranked search scheme over encrypted data in cloud along with data integrity using a new authenticated data structure MIR-tree. The MIR-tree based index with including the combination of widely used vector space model and TF×IDF model in the index construction and query generation. We use inverted file index for storing word-digest, which provides efficient and fast relevance between the query and cloud data. Design an authentication set(AS) for authenticating the queries, for verifying top-k search results. Because of tree based index, our scheme achieves optimal search efficiency and reduces communication overhead for verifying the search results. The analysis shows security and efficiency of our scheme.

In the original algorithm for grey correlation analysis, the detected edge is comparatively rough and the thresholds need determining in advance. Thus, an adaptive edge detection method based on grey correlation analysis is proposed, in which the basic principle of the original algorithm for grey correlation analysis is used to get adaptively automatic threshold according to the mean value of the 3×3 area pixels around the detecting pixel and the property of people's vision. Because the false edge that the proposed algorithm detected is relatively large, the proposed algorithm is enhanced by dealing with the eight neighboring pixels around the edge pixel, which is merged to get the final edge map. The experimental results show that the algorithm can get more complete edge map with better continuity by comparing with the traditional edge detection algorithms.

In this paper, we propose a new color image encryption and compression algorithm based on the DNA complementary rule and the Chinese remainder theorem, which combines the DNA complementary rule with quantum chaotic map. We use quantum chaotic map and DNA complementary rule to shuffle the color image and obtain the shuffled image, then Chinese remainder theorem from number theory is utilized to diffuse and compress the shuffled image simultaneously. The security analysis and experiment results show that the proposed encryption algorithm has large key space and good encryption result, it also can resist against common attacks.

In recent years, more and more multimedia data are generated and transmitted in various fields. So, many encryption methods for multimedia content have been put forward to satisfy various applications. However, there are still some open issues. Each encryption method has its advantages and drawbacks. Our main goal is expected to provide a solution for multimedia encryption which satisfies the target application constraints and performs metrics of the encryption algorithm. The Advanced Encryption Standard (AES) is the most popular algorithm used in symmetric key cryptography. Furthermore, chaotic encryption is a new research direction of cryptography which is characterized by high initial-value sensitivity and good randomness. In this paper we propose a hybrid video cryptosystem which combines two encryption techniques. The proposed cryptosystem realizes the video encryption through the chaos and AES in CTR mode. Experimental results and security analysis demonstrate that this cryptosystem is highly efficient and a robust system for video encryption.

The development of cloud computing has brought a lot of advantages, such as reducing the hardware cost and a more convenient storage solution. Because of the convenient and cheap storage solution, a large number of users put their valuable data onto the cloud. There have been more and more outsourcing data security and privacy issues. Several schemes using attribute-based encryption (ABE) have been proposed in cloud computing outsourcing data access control; However, most of them have stubborn in complex access control policy. To implement scalable, flexible and fine-grained access control in cloud storage, this paper proposes an attribute-based solution with time restriction delegate by extending the Ciphertext-policy attribute-based encryption (CP-ABE). This scheme not only realizes the scalability and fine-grained access control, but also gives a solution for the data delegate. Our delegate mechanism can let the users entrusted the data which in their visit range to others, and the ability to set a time limit. Finally, we prove the security of our scheme based on the security of the Ciphertext-policy attribute-based encryption (CP-ABE) by Bethencourt et al. and analyze its performance and computational complexity. Experiments for our scheme are implemented and the result shows that it is both efficient and flexible in dealing with access control for outsourced data in cloud computing.

Embedded Systems (ES) are an integral part of Cyber-Physical Systems (CPS), the Internet of Things (IoT), and consumer devices like smartphones. ES often have limited resources, and - if used in CPS and IoT - have to satisfy real time requirements. Therefore, ES rarely employ the security measures established for computer systems and networks. Due to the growth of both CPS and IoT it is important to identify ongoing attacks on ES without interfering with realtime constraints. Furthermore, security solutions that can be retrofit to legacy systems are desirable, especially when ES are used in Industrial Control Systems (ICS) that often maintain the same hardware for decades. To tackle this problem, several researchers have proposed using side-channels (i.e., physical emanations accompanying cyber processes) to detect such attacks. While prior work focuses on the anomaly detection approach, this might not always be sufficient, especially in complex ES whose behavior depends on the input data. In this paper, we determine whether one of the most common attacks - a buffer overflow attack - generates distinct side-channel signatures if executed on a vulnerable ES. We only consider the power consumption side-channel. We collect and analyze power traces from normal program operation and four cases of buffer overflow attack categories: (i) crash program execution, (ii) injection of executable code, (iii) return to existing function, and (iv) Return Oriented Programming (ROP) with gadgets. Our analysis shows that for some of these cases a power signature-based detection of a buffer overflow attack is possible.

Unlike a random, run-of-the-mill website infection, in a strategic web attack, the adversary carefully chooses the target frequently visited by an organization or a group of individuals to compromise, for the purpose of gaining a step closer to the organization or collecting information from the group. This type of attacks, called "watering hole", have been increasingly utilized by APT actors to get into the internal networks of big companies and government agencies or monitor politically oriented groups. With its importance, little has been done so far to understand how the attack works, not to mention any concrete step to counter this threat. In this paper, we report our first step toward better understanding this emerging threat, through systematically discovering and analyzing new watering hole instances and attack campaigns. This was made possible by a carefully designed methodology, which repeatedly monitors a large number potential watering hole targets to detect unusual changes that could be indicative of strategic compromises. Running this system on the HTTP traffic generated from visits to 61K websites for over 5 years, we are able to discover and confirm 17 watering holes and 6 campaigns never reported before. Given so far there are merely 29 watering holes reported by blogs and technical reports, the findings we made contribute to the research on this attack vector, by adding 59% more attack instances and information about how they work to the public knowledge. Analyzing the new watering holes allows us to gain deeper understanding of these attacks, such as repeated compromises of political websites, their long lifetimes, unique evasion strategy (leveraging other compromised sites to serve attack payloads) and new exploit techniques (no malware delivery, web only information gathering). Also, our study brings to light interesting new observations, including the discovery of a recent JSONP attack on an NGO website that has been widely reported and apparently forced the attack to stop.

The popularity of Android OS has dramatically increased malware apps targeting this mobile OS. The daily amount of malware has overwhelmed the detection process. This fact has motivated the need for developing malware detection and family attribution solutions with the least manual intervention. In response, we propose Cypider framework, a set of techniques and tools aiming to perform a systematic detection of mobile malware by building an efficient and scalable similarity network infrastructure of malicious apps. Our detection method is based on a novel concept, namely malicious community, in which we consider, for a given family, the instances that share common features. Under this concept, we assume that multiple similar Android apps with different authors are most likely to be malicious. Cypider leverages this assumption for the detection of variants of known malware families and zero-day malware. It is important to mention that Cypider does not rely on signature-based or learning-based patterns. Alternatively, it applies community detection algorithms on the similarity network, which extracts sub-graphs considered as suspicious and most likely malicious communities. Furthermore, we propose a novel fingerprinting technique, namely community fingerprint, based on a learning model for each malicious community. Cypider shows excellent results by detecting about 50% of the malware dataset in one detection iteration. Besides, the preliminary results of the community fingerprint are promising as we achieved 87% of the detection.

Several technologies, such as WiFi, Ethernet and power-line communications (PLC), can be used to build residential and enterprise networks. These technologies often co-exist; most networks use WiFi, and buildings are readily equipped with electrical wires that can offer a capacity up to 1 Gbps with PLC. Yet, current networks do not exploit this rich diversity and often operate far below the available capacity. We design, implement, and evaluate EMPoWER, a system that exploits simultaneously several potentially-interfering mediums. It operates at layer 2.5, between the MAC and IP layers, and combines routing (to find multiple concurrent routes) and congestion control (to efficiently balance traffic across the routes). To optimize resource utilization and robustness, both components exploit the heterogeneous nature of the network. They are fair and efficient, and they operate only within the local area network, without affecting remote Internet hosts. We demonstrate the performance gains of EMPoWER, by simulations and experiments on a 22-node testbed. We show that PLC/WiFi, benefiting from the diversity offered by wireless and electrical mediums, provides significant throughput gains (up to 10x) and improves coverage, compared to multi-channel WiFi.

Face recognition has attained a greater importance in bio-metric authentication due to its non-intrusive property of identifying individuals at varying stand-off distance. Face recognition based on multi-spectral imaging has recently gained prime importance due to its ability to capture spatial and spectral information across the spectrum. Our first contribution in this paper is to use extended multi-spectral face recognition in two different age groups. The second contribution is to show empirically the performance of face recognition for two age groups. Thus, in this paper, we developed a multi-spectral imaging sensor to capture facial database for two different age groups (≤ 15years and ≥ 20years) at nine different spectral bands covering 530nm to 1000nm range. We then collected a new facial images corresponding to two different age groups comprises of 168 individuals. Extensive experimental evaluation is performed independently on two different age group databases using four different state-of-the-art face recognition algorithms. We evaluate the verification and identification rate across individual spectral bands and fused spectral band for two age groups. The obtained evaluation results shows higher recognition rate for age groups ≥ 20years than ≤ 15years, which indicates the variation in face recognition across the different age groups.

Automatic face recognition techniques applied on particular group or mass database introduces error cases. Error prevention is crucial for the court. Reranking of recognition results based on anthropology analysis can significant improve the accuracy of automatic methods. Previous studies focused on manual facial comparison. This paper proposed a weighted facial similarity computing method based on morphological analysis of components characteristics. Search sequence of face recognition reranked according to similarity, while the interference terms can be removed. Within this research project, standardized photographs, surveillance videos, 3D face images, identity card photographs of 241 male subjects from China were acquired. Sequencing results were modified by modeling selected individual features from the DMV altas. The improved method raises the accuracy of face recognition through anthroposophic or morphologic theory.

Spoofing is a serious threat to the widespread use of Global Navigation Satellite Systems (GNSSs) such as GPS and can be expected to play an important role in the security of many future IoT systems that rely on time, location, or navigation information. In this paper, we focus on the technique of multi-receiver GPS spoofing detection, so far only proposed theoretically. This technique promises to detect malicious spoofing signals by making use of the reported positions of several GPS receivers deployed in a fixed constellation. We scrutinize the assumptions of prior work, in particular the error models, and investigate how these models and their results can be improved due to the correlation of errors at co-located receiver positions. We show that by leveraging spatial noise correlations, the false acceptance rate of the countermeasure can be improved while preserving the sensitivity to attacks. As a result, receivers can be placed significantly closer together than previously expected, which broadens the applicability of the countermeasure. Based on theoretical and practical investigations, we build the first realization of a multi-receiver countermeasure and experimentally evaluate its performance both in authentic and in spoofing scenarios.

This paper presents a supervisory control and data acquisition (SCADA) testbed recently built at the University of New Orleans. The testbed consists of models of three industrial physical processes: a gas pipeline, a power transmission and distribution system, and a wastewater treatment plant–these systems are fully-functional and implemented at small-scale. It utilizes real-world industrial equipment such as transformers, programmable logic controllers (PLC), aerators, etc., bringing it closer to modeling real-world SCADA systems. Sensors, actuators, and PLCs are deployed at each physical process system for local control and monitoring, and the PLCs are also connected to a computer running human-machine interface (HMI) software for monitoring the status of the physical processes. The testbed is a useful resource for cybersecurity research, forensic research, and education on different aspects of SCADA systems such as PLC programming, protocol analysis, and demonstration of cyber attacks.

Embedded devices with constrained computational resources, such as wireless sensor network nodes, electronic tag readers, roadside units in vehicular networks, and smart watches and wristbands, are widely used in the Internet of Things. Many of such devices are deployed in untrustable environments, and others may be easy to lose, leading to possible capture by adversaries. Accordingly, in the context of security research, these devices are running in the white-box attack context, where the adversary may have total visibility of the implementation of the built-in cryptosystem with full control over its execution. It is undoubtedly a significant challenge to deal with attacks from a powerful adversary in white-box attack contexts. Existing encryption algorithms for white-box attack contexts typically require large memory use, varying from one to dozens of megabytes, and thus are not suitable for resource-constrained devices. As a countermeasure in such circumstances, we propose an ultra-lightweight encryption scheme for protecting the confidentiality of data in white-box attack contexts. The encryption is executed with secret components specialized for resource-constrained devices against white-box attacks, and the encryption algorithm requires a relatively small amount of static data, ranging from 48 to 92 KB. The security and efficiency of the proposed scheme have been theoretically analyzed with positive results, and experimental evaluations have indicated that the scheme satisfies the resource constraints in terms of limited memory use and low computational cost.

In this work we present a study that evaluates and compares two block ciphers, AES and PRESENT, in the context of lightweight cryptography for smartphones security applications. To the best of our knowledge, this is the first comparison between these ciphers using a smartphone as computing platform. AES is the standard for symmetric encryption and PRESENT is one of the first ultra-lightweight ciphers proposed in the literature and included in the ISO/IEC 29192-2. In our study, we consider execution time, voltage consumption and memory usage as metrics for comparison purposes. The two block ciphers were evaluated through several experiments in a low-cost smartphone using Android built in tools. From the results we conclude that, for general purpose encryption AES performs statistically better although block-to-block PRESENT delivers better results.

The second wave of change presented by the age of mobility, wearables, and IoT focuses on how organizations and enterprises, from a wide variety of commercial areas and industries, will use and leverage the new technologies available. Businesses and industries that don't change with the times will simply cease to exist. Applications need to be powered by cognitive and contextual technologies to support real-time proactive decisions. These decisions will be based on the mobile context of a specific user or group of users, incorporating location, time of day, current user task, and more. Driven by the huge amounts of data produced by mobile and wearables devices, and influenced by privacy concerns, the next wave in computing will need to exploit data and computing at the edge of the network. Future mobile apps will have to be cognitive to 'understand' user intentions based on all the available interactions and unstructured data. Mobile applications are becoming increasingly ubiquitous, going beyond what end users can easily comprehend. Essentially, for both business-to-client (B2C) and business-to-business (B2B) apps, only about 30% of the development efforts appear in the interface of the mobile app. For example, areas such as the collaborative nature of the software or the shortened development cycle and time-to-market are not apparent to end users. The other 70% of the effort invested is dedicated to integrating the applications with back-office systems and developing those aspects of the application that operate behind the scenes. An important, yet often complex, part of the solution and mobile app takes place far from the public eye-in the back-office environment. It is there that various aspects of customer relationship management must be addressed: tracking usage data, pushing out messaging as needed, distributing apps to employees within the enterprise, and handling the wide variety of operational and management tasks-often involving the collection and monitoring of data from sensors and wearable devices. All this must be carried out while addressing security concerns that range from verifying user identities, to data protection, to blocking attempted breaches of the organization, and activation of malicious code. Of course, these tasks must be augmented by a systematic approach and vigilant maintenance of user privacy. The first wave of the mobile revolution focused on development platforms, run-time platforms, deployment, activation, and management tools for multi-platform environments, including comprehensive mobile device management (MDM). To realize the full potential of this revolution, we must capitalize on information about the context within which mobile devices are used. With both employees and customers, this context could be a simple piece of information such as the user location or time of use, the hour of the day, or the day of the week. The context could also be represented by more complex data, such as the amount of time used, type of activity performed, or user preferences. Further insight could include the relationship history with the user and the user's behavior as part of that relationship, as well as a long list of variables to be considered in various scenarios. Today, with the new wave of wearables, the definition of context is being further extended to include environmental factors such as temperature, weather, or pollution, as well as personal factors such as heart rate, movement, or even clothing worn. In both B2E and B2C situations, a context-dependent approach, based on the appropriate context for each specific user, offers a superior tool for working with both employees and clients alike. This mode of operation does not start and end with the individual user. Rather, it takes into account the people surrounding the user, the events taking place nearby, appliances or equipment activated, the user's daily schedule, as well as other, more general information, such as the environment and weather. Developing enterprise-wide, context-dependent, mobile solutions is still a complex challenge. A system of real added-value services must be developed, as well as a comprehensive architecture. These four-tier architectures comprise end-user devices like wearables and smartphones, connected to systems of engagement (SoEs), and systems of record (SoRs). All this is needed to enable data analytics and collection in the context where it is created. The data collected will allow further interaction with employees or customers, analytics, and follow-up actions based on the results of that analysis. We also need to ensure end-to-end (E2E) security across these four tiers, and to keep the data and application contexts in sync. These are just some of the challenges being addressed by IBM Research. As an example, these technologies could be deployed in the retail space, especially in brick-and-mortar stores. Identifying a customer entering a store, detecting her location among the aisles, and cross-referencing that data with the customer's transaction history, could lead to special offers tailor-made for that specific customer or suggestions relevant to her purchasing process. This technology enables real-world implementation of metrics, analytics, and other tools familiar to us from the online realm. We can now measure visits to physical stores in the same way we measure web page hits: analyze time spent in the store, the areas visited by the customer, and the results of those visits. In this way, we can also identify shoppers wandering around the store and understand when they are having trouble finding the product they want to purchase. We can also gain insight into the standard traffic patterns of shoppers and how they navigate a store's floors and departments. We might even consider redesigning the store layout to take advantage of this insight to enhance sales. In healthcare, the context can refer to insight extracted from data received from sensors on the patient, from either his mobile device or wearable technology, and information about the patient's environment and location at that moment in time. This data can help determine if any assistance is required. For example, if a patient is discharged from the hospital for continued at-home care, doctors can continue to remotely monitor his condition via a system of sensors and analytic tools that interpret the sensor readings. This approach can also be applied to the area of safety. Scientists at IBM Research are developing a platform that collects and analyzes data from wearable technology to protect the safety of employees working in construction, heavy industry, manufacturing, or out in the field. This solution can serve as a real-time warning system by analyzing information gathered from wearable sensors embedded in personal protective equipment, such as smart safety helmets and protective vests, and in the workers' individual smartphones. These sensors can continuously monitor a worker's pulse rate, movements, body temperature, and hydration level, as well as environmental factors such as noise level, and other parameters. The system can provide immediate alerts to the worker about any dangers in the work environment to prevent possible injury. It can also be used to prevent accidents before they happen or detect accidents once they occur. For example, with sophisticated algorithms, we can detect if a worker falls based on a sudden difference in elevations detected by an accelerometer, and then send an alert to notify her peers and supervisor or call for help. Monitoring can also help ensure safety in areas where continuous exposure to heat or dangerous materials must be limited based on regulated time periods. Mobile technologies can also help manage events with massive numbers of participants, such as professional soccer games, music festivals, and even large-scale public demonstrations, by sending alerts concerning long and growing lines or specific high-traffic areas. These technologies can be used to detect accidents typical of large-scale gatherings, send warnings about overcrowding, and alert the event organizers. In the same way, they can alleviate parking problems or guide public transportation operators- all via analysis and predictive analytics. IBM Research - Haifa is currently involved in multiple activities as part of IBM's MobileFirst initiative. Haifa researchers have a special expertise in time- and location-based intelligent applications, including visual maps that display activity contexts and predictive analytics systems for mobile data and users. In another area, IBM researchers in Haifa are developing new cognitive services driven from the unique data available on mobile and wearable devices. Looking to the future, the IBM Research team is further advancing the integration of wearable technology, augmented reality systems, and biometric tools for mobile user identity validation. Managing contextual data and analyzing the interaction between the different kinds of data presents fascinating challenges for the development of next-generation programming. For example, we need to rethink when and where data processing and computations should occur: Is it best to leave them at the user-device level, or perhaps they should be moved to the back-office systems, servers, and/or the cloud infrastructures with which the user device is connected? New-age applications are becoming more and more distributed. They operate on a wide range of devices, such as wearable technologies, use a variety of sensors, and depend on cloud-based systems. As a result, a new distributed programming paradigm is emerging to meet the needs of these use-cases and real-time scenarios. This paradigm needs to deal with massive amounts of devices, sensors, and data in business systems, and must be able to shift computation from the cloud to the edge, based on context in close to real-time. By processing data at the edge of the network, close to where the interactions and processing are happening, we can help reduce latency and offer new opportunities for improved privacy and security. Despite all these interactions, data collection, and the analytic insights based upon them-we cannot forget the issues of privacy. Without a proper and reliable solution that offers more control over what personal data is shared and how it is used, people will refrain from sharing information. Such sharing is necessary for developing and understanding the context in which people are carrying out various actions, and to offer them tools and services to enhance their actions. In the not-so-distant future, we anticipate the appearance of ad-hoc networks for wearable technology systems that will interact with one another to further expand the scope and value of available context-dependent data.

In this work, we introduce a new Markov operator associated with a digraph, which we refer to as a nonlinear Laplacian. Unlike previous Laplacians for digraphs, the nonlinear Laplacian does not rely on the stationary distribution of the random walk process and is well defined on digraphs that are not strongly connected. We show that the nonlinear Laplacian has nontrivial eigenvalues and give a Cheeger-like inequality, which relates the conductance of a digraph and the smallest non-zero eigenvalue of its nonlinear Laplacian. Finally, we apply the nonlinear Laplacian to the analysis of real-world networks and obtain encouraging results.

In this special session, members of the ACM Joint Task Force on Cyber Education to Develop Undergraduate Curricular Guidance will provide an overview of the task force mission, objectives, and work plan. After the overview, task force members will engage session participants in the curricular development process.

We consider wireless networks in which the effects of interference are determined by the SINR model. We address the question of structuring distributed communication when stations have very limited individual capabilities. In particular, nodes do not know their geographic coordinates, neighborhoods or even the size n of the network, nor can they sense collisions. Each node is equipped only with its unique name from a range \1, ..., N\. We study the following three settings and distributed algorithms for communication problems in each of them. In the uncoordinated-start case, when one node starts an execution and other nodes are awoken by receiving messages from already awoken nodes, we present a randomized broadcast algorithm which wakes up all the nodes in O(n log2 N) rounds with high probability. In the synchronized-start case, when all the nodes simultaneously start an execution, we give a randomized algorithm that computes a backbone of the network in O(Δ log7 N) rounds with high probability. Finally, in the partly-coordinated-start case, when a number of nodes start an execution together and other nodes are awoken by receiving messages from the already awoken nodes, we develop an algorithm that creates a backbone network in time O(n log2 N + Δ log7 N) with high probability.