O'Brien, Heather L., Freund, Luanne, Kopak, Richard.
2016.
Investigating the Role of User Engagement in Digital Reading Environments. Proceedings of the 2016 ACM on Conference on Human Information Interaction and Retrieval. :71–80.
User engagement is recognized as an important component of the user experience, but relatively little is known about the effect of engagement on the learning outcomes of such interactions. This experimental user study examines the relationship between user engagement (UE) and comprehension in varied academic reading environments. Forty-one university students interacted with one of two sets of texts presented in 4 conditions in the context of preparing for a class assignment. Employing the User Engagement Scale (UES), we found evidence of a relationship between students' comprehension of the texts and their degree of engagement with them. However, this association was confined to one of the UES subscales and was not consistent across levels of engagement. An examination of additional variables found little evidence that system and content characteristics influenced engagement; however, we noted that all students' reported increased knowledge, but topical interest for non-engaged students declined. Results contribute to existing literature by adding further evidence that the relationship between engagement and comprehension is complex and mediated.
O'Donoghue, Jeremy.
2019.
Towards lightweight and interoperable trust models: The entity attestation token. Living in the Internet of Things (IoT 2019). :1–11.
It is generally difficult for a relying party to obtain trustworthy evidence about the characteristics of the remote systems with which they interact, and such systems as exist today tend to be proprietary and/or expensive to deploy. Large-scale IoT deployments will require mechanisms enabling the state of system components to be reliably determined to enable management systems to efficiently identify certain classes of overall system vulnerability. Such attestation mechanisms will need to support heterogeneous systems comprising equipment from many vendors, often with differing cost and security profiles. The Entity Attestation Token (EAT) [1] is an extensible and crypto-agile container for transporting claims about a device state in a verifiable manner. In its simplest form, the Entity Attestation Token can be implemented at very low cost in pure hardware, but it can scale to meet the requirements of complex systems. The Entity Attestation Token is built on the IETF COSE (CBOR Object Signing and Encryption) standard. COSE provides a lightweight, flexible and crypto-agile container for a collection of standardized claims definitions — these are being defined in number of bodies including the IETF and GlobalPlatform. Of particular practical note is the strong support for Entity Attestation Token from a number of very significant vendors in the semiconductor industry. This paper outlines the technical foundations of the Entity Attestation Token as a mechanism for reliably transporting claims within an attestation framework, discusses some of the interoperability challenges and considers areas where further work may be required.
O'Neill, Maire, O'Sullivan, Elizabeth, McWilliams, Gavin, Saarinen, Markku-Juhani, Moore, Ciara, Khalid, Ayesha, Howe, James, del Pino, Rafael, Abdalla, Michel, Regazzoni, Francesco et al..
2016.
Secure Architectures of Future Emerging Cryptography SAFEcrypto. Proceedings of the ACM International Conference on Computing Frontiers. :315–322.
Funded under the European Union's Horizon 2020 research and innovation programme, SAFEcrypto will provide a new generation of practical, robust and physically secure post-quantum cryptographic solutions that ensure long-term security for future ICT systems, services and applications. The project will focus on the remarkably versatile field of Lattice-based cryptography as the source of computational hardness, and will deliver optimised public key security primitives for digital signatures and authentication, as well identity based encryption (IBE) and attribute based encryption (ABE). This will involve algorithmic and design optimisations, and implementations of lattice-based cryptographic schemes addressing cost, energy consumption, performance and physical robustness. As the National Institute of Standards and Technology (NIST) prepares for the transition to a post-quantum cryptographic suite B, urging organisations that build systems and infrastructures that require long-term security to consider this transition in architectural designs; the SAFEcrypto project will provide Proof-of-concept demonstrators of schemes for three practical real-world case studies with long-term security requirements, in the application areas of satellite communications, network security and cloud. The goal is to affirm Lattice-based cryptography as an effective replacement for traditional number-theoretic public-key cryptography, by demonstrating that it can address the needs of resource-constrained embedded applications, such as mobile and battery-operated devices, and of real-time high performance applications for cloud and network management infrastructures.
O'Neill, Mark, Ruoti, Scott, Seamons, Kent, Zappala, Daniel.
2016.
TLS Proxies: Friend or Foe? Proceedings of the 2016 Internet Measurement Conference. :551–557.
We measure the prevalence and uses of TLS proxies using a Flash tool deployed with a Google AdWords campaign. We generate 2.9 million certificate tests and find that 1 in 250 TLS connections are TLS-proxied. The majority of these proxies appear to be benevolent, however we identify over 1,000 cases where three malware products are using this technology nefariously. We also find numerous instances of negligent, duplicitous, and suspicious behavior, some of which degrade security for users without their knowledge. Distinguishing these types of practices is challenging in practice, indicating a need for transparency and user awareness.
O'Neill, S., Appelbe, B., Chittenden, J..
2022.
Modeling Burn Physics in a Magnetized ICF Plasma. 2022 IEEE International Conference on Plasma Science (ICOPS). :1–1.
The pre-magnetization of inertial confinement fusion capsules is a promising avenue for reaching hotspot ignition, as the magnetic field reduces electron thermal conduction losses during hotspot formation. However, in order to reach high yields, efficient burn-up of the cold fuel is vital. Suppression of heat flows out of the hotspot due to magnetization can restrict the propagation of burn and has been observed to reduce yields in previous studies [1] . This work investigates the potential suppression of burn in a magnetized plasma utilizing the radiation-MHD code ‘Chimera’ in a planar geometry.. This code includes extended-MHD effects, such as the Nernst term, and a Monte-Carlo model for magnetized alpha particle transport and heating. We observe 3 distinct regimes of magnetized burn in 1D as initial magnetization is increased: thermal conduction driven; alpha driven; and suppressed burn. Field transport due to extended-MHD is also observed to be important, enhancing magnetization near the burn front. In higher dimensions, burn front instabilities have the potential to degrade burn even more severely. Magneto-thermal type instabilities (previously observed in laser-heated plasmas [2] ) are of particular interest in this problem.
ISSN: 2576-7208
O’Raw, John, Laverty, David, Morrow, D. John.
2019.
Securing the Industrial Internet of Things for Critical Infrastructure (IIoT-CI). 2019 IEEE 5th World Forum on Internet of Things (WF-IoT). :70–75.
The Industrial Internet of Things (IIoT) is a term applied to the industrial application of M2M devices. The security of IIoT devices is a difficult problem and where the automation of critical infrastructure is intended, risks may be unacceptable. Remote attacks are a significant threat and solutions are sought which are secure by default. The problem space may be analyzed using threat modelling methods. Software Defined Networks (SDN) provide mitigation for remote attacks which exploit local area networks. Similar concepts applied to the WAN may improve availability and performance and provide granular data on link characteristics. Schemes such as the Software Defined Perimeter allow IIoT devices to communicate on the Internet, mitigating avenues of remote attack. Finally, separation of duties at the IIoT device may prevent attacks on the integrity of the device or the confidentiality and integrity of its communications. Work remains to be done on the mitigation of DDoS.
O’Toole, Sean, Sewell, Cameron, Mehrpouyan, Hoda.
2021.
IoT Security and Safety Testing Toolkits for Water Distribution Systems. 2021 8th International Conference on Internet of Things: Systems, Management and Security (IOTSMS). :1—8.
Due to the critical importance of Industrial Control Systems (ICS) to the operations of cities and countries, research into the security of critical infrastructure has become increasingly relevant and necessary. As a component of both the research and application sides of smart city development, accurate and precise modeling, simulation, and verification are key parts of a robust design and development tools that provide critical assistance in the prevention, detection, and recovery from abnormal behavior in the sensors, controllers, and actuators which make up a modern ICS system. However, while these tools have potential, there is currently a need for helper-tools to assist with their setup and configuration, if they are to be utilized widely. Existing state-of-the-art tools are often technically complex and difficult to customize for any given IoT/ICS processes. This is a serious barrier to entry for most technicians, engineers, researchers, and smart city planners, while slowing down the critical aspects of safety and security verification. To remedy this issue, we take a case study of existing simulation toolkits within the field of water management and expand on existing tools and algorithms with simplistic automated retrieval functionality using a much more in-depth and usable customization interface to accelerate simulation scenario design and implementation, allowing for customization of the cyber-physical network infrastructure and cyber attack scenarios. We additionally provide a novel in-tool-assessment of network’s resilience according to graph theory path diversity. Further, we lay out a roadmap for future development and application of the proposed tool, including expansions on resiliency and potential vulnerability model checking, and discuss applications of our work to other fields relevant to the design and operation of smart cities.
Oakes, Edward, Kline, Jeffery, Cahn, Aaron, Funkhouser, Keith, Barford, Paul.
2019.
A Residential Client-Side Perspective on SSL Certificates. 2019 Network Traffic Measurement and Analysis Conference (TMA). :185–192.
SSL certificates are a core component of the public key infrastructure that underpins encrypted communication in the Internet. In this paper, we report the results of a longitudinal study of the characteristics of SSL certificate chains presented to clients during secure web (HTTPS) connection setup. Our data set consists of 23B SSL certificate chains collected from a global panel consisting of over 2M residential client machines over a period of 6 months. The data informing our analyses provide perspective on the entire chain of trust, including root certificates, across a wide distribution of client machines. We identify over 35M unique certificate chains with diverse relationships at all levels of the PKI hierarchy. We report on the characteristics of valid certificates, which make up 99.7% of the total corpus. We also examine invalid certificate chains, finding that 93% of them contain an untrusted root certificate and we find they have shorter average chain length than their valid counterparts. Finally, we examine two unintended but prevalent behaviors in our data: the deprecation of root certificates and secure traffic interception. Our results support aspects of prior, scan-based studies on certificate characteristics but contradict other findings, highlighting the importance of the residential client-side perspective.
Oakley, I..
2020.
Solutions to Black Hole Attacks in MANETs. 2020 12th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP). :1–6.
Self-organising networks, such as mobile ad-hoc networks (MANETs), are growing more and more in importance each day. However, due to their nature and constraints MANETs are vulnerable to a wide array of attacks, such as black hole attacks. Furthermore, there are numerous routing protocols in use in MANETs, and what works for one might not for another. In this paper, we present a review of previous surveys of black hole attack solutions, followed by a collation of recently published papers categorised by original routing protocol and evaluated on a set of common metrics. Finally, we suggest areas for further research.
Oakley, Lisa, Oprea, Alina, Tripakis, Stavros.
2022.
Adversarial Robustness Verification and Attack Synthesis in Stochastic Systems. 2022 IEEE 35th Computer Security Foundations Symposium (CSF). :380–395.
Probabilistic model checking is a useful technique for specifying and verifying properties of stochastic systems including randomized protocols and reinforcement learning models. However, these methods rely on the assumed structure and probabilities of certain system transitions. These assumptions may be incorrect, and may even be violated by an adversary who gains control of some system components. In this paper, we develop a formal framework for adversarial robustness in systems modeled as discrete time Markov chains (DTMCs). We base our framework on existing methods for verifying probabilistic temporal logic properties and extend it to include deterministic, memoryless policies acting in Markov decision processes (MDPs). Our framework includes a flexible approach for specifying structure-preserving and non structure-preserving adversarial models. We outline a class of threat models under which adversaries can perturb system transitions, constrained by an ε ball around the original transition probabilities. We define three main DTMC adversarial robustness problems: adversarial robustness verification, maximal δ synthesis, and worst case attack synthesis. We present two optimization-based solutions to these three problems, leveraging traditional and parametric probabilistic model checking techniques. We then evaluate our solutions on two stochastic protocols and a collection of Grid World case studies, which model an agent acting in an environment described as an MDP. We find that the parametric solution results in fast computation for small parameter spaces. In the case of less restrictive (stronger) adversaries, the number of parameters increases, and directly computing property satisfaction probabilities is more scalable. We demonstrate the usefulness of our definitions and solutions by comparing system outcomes over various properties, threat models, and case studies.
Obaidat, M., Brown, J., Hayajneh, A. A..
2020.
Web Browser Extension User-Script XSS Vulnerabilities. 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :316—321.
Browser extensions have by and large become a normal and accepted omnipresent feature within modern browsers. However, since their inception, browser extensions have remained under scrutiny for opening vulnerabilities for users. While a large amount of effort has been dedicated to patching such issues as they arise, including the implementation of extension sandboxes and explicit permissions, issues remain within the browser extension ecosystem through user-scripts. User-scripts, or micro-script extensions hosted by a top-level extension, are largely unregulated but inherit the permissions of the top-level application manager, which popularly includes extensions such as Greasemonkey, Tampermonkey, or xStyle. While most user-scripts are docile and serve a specific beneficial functionality, due to their inherently open nature and the unregulated ecosystem, they are easy for malicious parties to exploit. Common attacks through this method involve hijacking of DOM elements to execute malicious javascript and/or XSS attacks, although other more advanced attacks can be deployed as well. User-scripts have not received much attention, and this vulnerability has persisted despite attempts to make browser extensions more secure. This ongoing vulnerability remains an unknown threat to many users who employ user-scripts, and circumvents security mechanisms otherwise put in place by browsers. This paper discusses this extension derivative vulnerability as it pertains to current browser security paradigms.
Obaidat, Muath, Brown, Joseph, Alnusair, Awny.
2021.
Blind Attack Flaws in Adaptive Honeypot Strategies. 2021 IEEE World AI IoT Congress (AIIoT). :0491–0496.
Adaptive honeypots are being widely proposed as a more powerful alternative to the traditional honeypot model. Just as with typical honeypots, however, one of the most important concerns of an adaptive honeypot is environment deception in order to make sure an adversary cannot fingerprint the honeypot. The threat of fingerprinting hints at a greater underlying concern, however; this being that honeypots are only effective because an adversary does not know that the environment on which they are operating is a honeypot. What has not been widely discussed in the context of adaptive honeypots is that they actually have an inherently increased level of susceptibility to this threat. Honeypots not only bear increased risks when an adversary knows they are a honeypot rather than a native system, but they are only effective as adaptable entities if one does not know that the honeypot environment they are operating on is adaptive as wekk. Thus, if adaptive honeypots become commonplace - or, instead, if attackers even have an inkling that an adaptive honeypot may exist on any given network, a new attack which could develop is a “blind confusion attack”; a form of connection which simply makes an assumption all environments are adaptive honeypots, and instead of attempting to perform a malicious strike on a given entity, opts to perform non-malicious behavior in specified and/or random patterns to confuse an adaptive network's learning.
Obaidat, Muath, Brown, Joseph.
2020.
Two Factor Hash Verification (TFHV): A Novel Paradigm for Remote Authentication. 2020 International Symposium on Networks, Computers and Communications (ISNCC). :1—4.
Current paradigms for client-server authentication often rely on username/password schemes. Studies show such schemes are increasingly vulnerable to heuristic and brute-force attacks. This is either due to poor practices by users such as insecure weak passwords, or insecure systems by server operators. A recurring problem in any system which retains information is insecure management policies for sensitive information, such as logins and passwords, by both hosts and users. Increased processing power on the horizon also threatens the security of many popular hashing algorithms. Furthermore, increasing reliance on applications that exchange sensitive information has resulted in increased urgency. This is demonstrated by a large number of mobile applications being deemed insecure by Open Web Application Security Project (OWASP) standards. This paper proposes a secure alternative technique of authentication that retains the current ecosystem, while minimizes attack vectors without inflating responsibilities on users or server operators. Our proposed authentication scheme uses layered encryption techniques alongside a two-part verification process. In addition, it provides dynamic protection for preventing against common cyber-attacks such as replay and man-in-the-middle attacks. Results show that our proposed authentication mechanism outperform other schemes in terms of deployability and resilience to cyber-attacks, without inflating transaction's speed.
Obata, Sho, Kobayashi, Koichi, Yamashita, Yuh.
2021.
Sensor Scheduling-Based Detection of False Data Injection Attacks in Power System State Estimation. 2021 IEEE International Conference on Consumer Electronics (ICCE). :1—4.
In state estimation of steady-state power networks, a cyber attack that cannot be detected from the residual (i.e., the estimation error) is called a false data injection attack. In this paper, to enforce security of power networks, we propose a method of detecting a false data injection attack. In the proposed method, a false data injection attack is detected by randomly choosing sensors used in state estimation. The effectiveness of the proposed method is presented by two numerical examples including the IEEE 14-bus system.
Obeidat, Nawar, Purdy, Carla.
2021.
Improving Security in SCADA Systems through Model-checking with TLA+. 2021 IEEE International Midwest Symposium on Circuits and Systems (MWSCAS). :832—835.
In today’s world, Supervisory Control and Data Acquisition (SCADA) networks have many critical tasks, including managing infrastructure such as power, water, and sewage systems, and controlling automated manufacturing and transportation systems. Securing these systems is crucial. Here we describe a project to design security into an example system using formal specifications. Our example system is a component in a cybersecurity testbed at the University of Cincinnati, which was described in previous work. We also show how a design flaw can be discovered and corrected early in the system development process.
Obenshain, D., Tantillo, T., Babay, A., Schultz, J., Newell, A., Hoque, M. E., Amir, Y., Nita-Rotaru, C..
2016.
Practical Intrusion-Tolerant Networks. 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS). :45–56.
As the Internet becomes an important part of the infrastructure our society depends on, it is crucial to construct networks that are able to work even when part of the network is compromised. This paper presents the first practical intrusion-tolerant network service, targeting high-value applications such as monitoring and control of global clouds and management of critical infrastructure for the power grid. We use an overlay approach to leverage the existing IP infrastructure while providing the required resiliency and timeliness. Our solution overcomes malicious attacks and compromises in both the underlying network infrastructure and in the overlay itself. We deploy and evaluate the intrusion-tolerant overlay implementation on a global cloud spanning East Asia, North America, and Europe, and make it publicly available.
Oberle, A., Larbig, P., Kuntze, N., Rudolph, C..
2014.
Integrity based relationships and trustworthy communication between network participants. Communications (ICC), 2014 IEEE International Conference on. :610-615.
Establishing trust relationships between network participants by having them prove their operating system's integrity via a Trusted Platform Module (TPM) provides interesting approaches for securing local networks at a higher level. In the introduced approach on OSI layer 2, attacks carried out by already authenticated and participating nodes (insider threats) can be detected and prevented. Forbidden activities and manipulations in hard- and software, such as executing unknown binaries, loading additional kernel modules or even inserting unauthorized USB devices, are detected and result in an autonomous reaction of each network participant. The provided trust establishment and authentication protocol operates independently from upper protocol layers and is optimized for resource constrained machines. Well known concepts of backbone architectures can maintain the chain of trust between different kinds of network types. Each endpoint, forwarding and processing unit monitors the internal network independently and reports misbehaviours autonomously to a central instance in or outside of the trusted network.
Obermaier, Johannes, Hutle, Martin.
2016.
Analyzing the Security and Privacy of Cloud-based Video Surveillance Systems. Proceedings of the 2Nd ACM International Workshop on IoT Privacy, Trust, and Security. :22–28.
In the area of the Internet of Things, cloud-based camera surveillance systems are ubiquitously available for industrial and private environments. However, the sensitive nature of the surveillance use case imposes high requirements on privacy/confidentiality, authenticity, and availability of such systems. In this work, we investigate how currently available mass-market camera systems comply with these requirements. Considering two attacker models, we test the cameras for weaknesses and analyze for their implications. We reverse-engineered the security implementation and discovered several vulnerabilities in every tested system. These weaknesses impair the users' privacy and, as a consequence, may also damage the camera system manufacturer's reputation. We demonstrate how an attacker can exploit these vulnerabilities to blackmail users and companies by denial-of-service attacks, injecting forged video streams, and by eavesdropping private video data - even without physical access to the device. Our analysis shows that current systems lack in practice the necessary care when implementing security for IoT devices.
Obert, J., Chavez, A., Johnson, J..
2018.
Behavioral Based Trust Metrics and the Smart Grid. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :1490-1493.
To ensure reliable and predictable service in the electrical grid it is important to gauge the level of trust present within critical components and substations. Although trust throughout a smart grid is temporal and dynamically varies according to measured states, it is possible to accurately formulate communications and service level strategies based on such trust measurements. Utilizing an effective set of machine learning and statistical methods, it is shown that establishment of trust levels between substations using behavioral pattern analysis is possible. It is also shown that the establishment of such trust can facilitate simple secure communications routing between substations.
Obert, James, Loffredo, Tim.
2021.
Efficient Binary Static Code Data Flow Analysis Using Unsupervised Learning. 2021 4th International Conference on Artificial Intelligence for Industries (AI4I). :89—90.
The ever increasing need to ensure that code is reliably, efficiently and safely constructed has fueled the evolution of popular static binary code analysis tools. In identifying potential coding flaws in binaries, tools such as IDA Pro are used to disassemble the binaries into an opcode/assembly language format in support of manual static code analysis. Because of the highly manual and resource intensive nature involved with analyzing large binaries, the probability of overlooking potential coding irregularities and inefficiencies is quite high. In this paper, a light-weight, unsupervised data flow methodology is described which uses highly-correlated data flow graph (CDFGs) to identify coding irregularities such that analysis time and required computing resources are minimized. Such analysis accuracy and efficiency gains are achieved by using a combination of graph analysis and unsupervised machine learning techniques which allows an analyst to focus on the most statistically significant flow patterns while performing binary static code analysis.
Obert, James, Chavez, Adrian.
2019.
Graph-Based Event Classification in Grid Security Gateways. 2019 Second International Conference on Artificial Intelligence for Industries (AI4I). :63—66.
In recent years the use of security gateways (SG) located within the electrical grid distribution network has become pervasive. SGs in substations and renewable distributed energy resource aggregators (DERAs) protect power distribution control devices from cyber and cyber-physical attacks. When encrypted communications within a DER network is used, TCP/IP packet inspection is restricted to packet header behavioral analysis which in most cases only allows the SG to perform anomaly detection of blocks of time-series data (event windows). Packet header anomaly detection calculates the probability of the presence of a threat within an event window, but fails in such cases where the unreadable encrypted payload contains the attack content. The SG system log (syslog) is a time-series record of behavioral patterns of network users and processes accessing and transferring data through the SG network interfaces. Threatening behavioral pattern in the syslog are measurable using both anomaly detection and graph theory. In this paper it will be shown that it is possible to efficiently detect the presence of and classify a potential threat within an SG syslog using light-weight anomaly detection and graph theory.
Obien, Joan Baez, Calinao, Victor, Bautista, Mary Grace, Dadios, Elmer, Jose, John Anthony, Concepcion, Ronnie.
2022.
AEaaS: Artificial Intelligence Edge-of-Things as a Service for Intelligent Remote Farm Security and Intrusion Detection Pre-alarm System. 2022 IEEE 14th International Conference on Humanoid, Nanotechnology, Information Technology, Communication and Control, Environment, and Management (HNICEM). :1—6.
With the continues growth of our technology, majority in our sectors are becoming smart and one of its great applications is in agriculture, which we call it as smart farming. The application of sensors, IoT, artificial intelligence, networking in the agricultural setting with the main purpose of increasing crop production and security level. With this advancement in farming, this provides a lot of privileges like remote monitoring, optimization of produce and too many to mention. In light of the thorough systematic analysis performed in this study, it was discovered that Edge-of-things is a potential computing scheme that could boost an artificial intelligence for intelligent remote farm security and intrusion detection pre-alarm system over other computing schemes. Again, the purpose of this study is not to replace existing cloud computing, but rather to highlight the potential of the Edge. The Edge architecture improves end-user experience by improving the time-related response of the system. response time of the system. One of the strengths of this system is to provide time-critical response service to make a decision with almost no delay, making it ideal for a farm security setting. Moreover, this study discussed the comparative analysis of Cloud, Fog and Edge in relation to farm security, the demand for a farm security system and the tools needed to materialize an Edge computing in a farm environment.
Obster, M., Kowalewski, S..
2017.
A live static code analysis architecture for PLC software. 2017 22nd IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). :1–4.
Static code analysis is a convenient technique to support the development of software. Without prior test setup, information about a later runtime behavior can be inferred and errors in the code can be found before using a regular compiler. Solutions to apply static code analysis to PLC software following the IEC 61131-3 already exist, but using these separate tools usually creates a gap in the development process. In this paper we introduce an architecture to use static analysis directly in a development environment and give instant feedback to the developer while he is still editing the PLC software.
Ocaña, Kary, Galheigo, Marcelo, Osthoff, Carla, Gadelha, Luiz, Gomes, Antônio Tadeu A., De Oliveira, Daniel, Porto, Fabio, Vasconcelos, Ana Tereza.
2019.
Towards a Science Gateway for Bioinformatics: Experiences in the Brazilian System of High Performance Computing. 2019 19th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID). :638–647.
Science gateways bring out the possibility of reproducible science as they are integrated into reusable techniques, data and workflow management systems, security mechanisms, and high performance computing (HPC). We introduce BioinfoPortal, a science gateway that integrates a suite of different bioinformatics applications using HPC and data management resources provided by the Brazilian National HPC System (SINAPAD). BioinfoPortal follows the Software as a Service (SaaS) model and the web server is freely available for academic use. The goal of this paper is to describe the science gateway and its usage, addressing challenges of designing a multiuser computational platform for parallel/distributed executions of large-scale bioinformatics applications using the Brazilian HPC resources. We also present a study of performance and scalability of some bioinformatics applications executed in the HPC environments and perform machine learning analyses for predicting features for the HPC allocation/usage that could better perform the bioinformatics applications via BioinfoPortal.