29 resultados para bigdata, data stream processing, dsp, apache storm, cyber security
Resumo:
Modern Field Programmable Gate Arrays (FPGAs) are power packed with features to facilitate designers. Availability of features like huge block memory (BRAM), Digital Signal Processing (DSP) cores, embedded CPU makes the design strategy of FPGAs quite different from ASICs. FPGA are also widely used in security-critical application where protection against known attacks is of prime importance. We focus ourselves on physical attacks which target physical implementations. To design countermeasures against such attacks, the strategy for FPGA designers should also be different from that in ASIC. The available features should be exploited to design compact and strong countermeasures. In this paper, we propose methods to exploit the BRAMs in FPGAs for designing compact countermeasures. BRAM can be used to optimize intrinsic countermeasures like masking and dual-rail logic, which otherwise have significant overhead (at least 2X). The optimizations are applied on a real AES-128 co-processor and tested for area overhead and resistance on Xilinx Virtex-5 chips. The presented masking countermeasure has an overhead of only 16% when applied on AES. Moreover Dual-rail Precharge Logic (DPL) countermeasure has been optimized to pack the whole sequential part in the BRAM, hence enhancing the security. Proper robustness evaluations are conducted to analyze the optimization for area and security.
Resumo:
Recent advances in coherent optical receivers is reviewed. Digital-Signal-Processing (DSP) based phase and polarization management techniques make coherent detection robust and feasible. With coherent detection, the complex field of the received optical signal is fully recovered, allowing compensation of linear and nonlinear optical impairments including chromatic dispersion (CD) and polarization-mode dispersion (PMD) using digital filters. Coherent detection and advanced optical modulation formats have become a key ingredient to the design of modern dense wavelength-division multiplexed (DWDM) optical broadband networks. In this paper, firstly we present the different subsystems of a digital coherent optical receiver, and secondly, we will compare the performance of some multi-level and multi-dimensional modulation formats in some physical impairments and in high spectral-efficiency (SE) and high-capacity DWDM transmissions, simulating the DSP with Matlab and the optical network performance with OptiSystem software.
Resumo:
Análisis del riesgo volcánico. We show the preliminary results of the study of 561 volcanic bombs ejected from a pyroclastic cone during the 1730-1736 Timanfaya eruption (Lanzarote, Canary Islands). This cone displays the highest concentration of big bombs (major axis higher than 1 m) of Timanfaya. More than 560 bombs have been studied to calculate their reach. The results suggest that bombs of 1t have a reach of 409 m, while bombs up to 28 t have a reach of 248 m. These data may be used to define a security area once a vent has been opened, but also to calculate other data such the initial velocity of ejection. The geomorphological analysis and the study of the deposits also contribute to better understand an undocumented episode of the Timanfaya eruption and also provide important data for volcanic bombs modeling for volcanic hazard analysis.
Resumo:
En esta tesis se aborda el problema de la externalización segura de servicios de datos y computación. El escenario de interés es aquel en el que el usuario posee datos y quiere subcontratar un servidor en la nube (“Cloud”). Además, el usuario puede querer también delegar el cálculo de un subconjunto de sus datos al servidor. Se presentan dos aspectos de seguridad relacionados con este escenario, en concreto, la integridad y la privacidad y se analizan las posibles soluciones a dichas cuestiones, aprovechando herramientas criptográficas avanzadas, como el Autentificador de Mensajes Homomórfico (“Homomorphic Message Authenticators”) y el Cifrado Totalmente Homomórfico (“Fully Homomorphic Encryption”). La contribución de este trabajo es tanto teórica como práctica. Desde el punto de vista de la contribución teórica, se define un nuevo esquema de externalización (en lo siguiente, denominado con su término inglés Outsourcing), usando como punto de partida los artículos de [3] y [12], con el objetivo de realizar un modelo muy genérico y flexible que podría emplearse para representar varios esquemas de ”outsourcing” seguro. Dicho modelo puede utilizarse para representar esquemas de “outsourcing” seguro proporcionando únicamente integridad, únicamente privacidad o, curiosamente, integridad con privacidad. Utilizando este nuevo modelo también se redefine un esquema altamente eficiente, construido en [12] y que se ha denominado Outsourcinglin. Este esquema permite calcular polinomios multivariados de grado 1 sobre el anillo Z2k . Desde el punto de vista de la contribución práctica, se ha construido una infraestructura marco (“Framework”) para aplicar el esquema de “outsourcing”. Seguidamente, se ha testado dicho “Framework” con varias implementaciones, en concreto la implementación del criptosistema Joye-Libert ([18]) y la implementación del esquema propio Outsourcinglin. En el contexto de este trabajo práctico, la tesis también ha dado lugar a algunas contribuciones innovadoras: el diseño y la implementación de un nuevo algoritmo de descifrado para el esquema de cifrado Joye-Libert, en colaboración con Darío Fiore. Presenta un mejor comportamiento frente a los algoritmos propuestos por los autores de [18];la implementación de la función eficiente pseudo-aleatoria de forma amortizada cerrada (“amortized-closed-form efficient pseudorandom function”) de [12]. Esta función no se había implementado con anterioridad y no supone un problema trivial, por lo que este trabajo puede llegar a ser útil en otros contextos. Finalmente se han usado las implementaciones durante varias pruebas para medir tiempos de ejecución de los principales algoritmos.---ABSTRACT---In this thesis we tackle the problem of secure outsourcing of data and computation. The scenario we are interested in is that in which a user owns some data and wants to “outsource” it to a Cloud server. Furthermore, the user may want also to delegate the computation over a subset of its data to the server. We present the security issues related to this scenario, namely integrity and privacy and we analyse some possible solutions to these two issues, exploiting advanced cryptographic tools, such as Homomorphic Message Authenticators and Fully Homomorphic Encryption. Our contribution is both theoretical and practical. Considering our theoretical contribution, using as starting points the articles of [3] and [12], we introduce a new cryptographic primitive, called Outsourcing with the aim of realizing a very generic and flexible model that might be employed to represent several secure outsourcing schemes. Such model can be used to represent secure outsourcing schemes that provide only integrity, only privacy or, interestingly, integrity with privacy. Using our new model we also re-define an highly efficient scheme constructed in [12], that we called Outsourcinglin and that is a scheme for computing multi-variate polynomials of degree 1 over the ring Z2k. Considering our practical contribution, we build a Framework to implement the Outsourcing scheme. Then, we test such Framework to realize several implementations, specifically the implementation of the Joye-Libert cryptosystem ([18]) and the implementation of our Outsourcinglin scheme. In the context of this practical work, the thesis also led to some novel contributions: the design and the implementation, in collaboration with Dario Fiore, of a new decryption algorithm for the Joye-Libert encryption scheme, that performs better than the algorithms proposed by the authors in [18]; the implementation of the amortized-closed-form efficient pseudorandom function of [12]. There was no prior implementation of this function and it represented a non trivial work, which can become useful in other contexts. Finally we test the implementations to execute several experiments for measuring the timing performances of the main algorithms.
Resumo:
En los últimos años, la seguridad en redes y servicios ha evolucionado de manera exponencial debido al crecimiento de dispositivos conectados a Internet. Con el avance de las nuevas tecnologías es imprescindible dotar a cualquier servicio o dispositivo de la seguridad adecuada dado que éstos se pueden ver afectados por diversas amenazas tales como la accesibilidad, la integridad, la identidad del usuario, la disponibilidad y la confidencialidad de los datos. Cuando se trata de comunicaciones, la seguridad cobra especial importancia dado que los datos enviados a través de la red pueden ser interceptados por un agente no autorizado y utilizarlos para su propio beneficio o alterar su contenido. Para contrarrestar estos ataques, se han definido unos servicios de seguridad como son, por ejemplo, la confidencialidad y la integridad de los datos. Existen diversos mecanismos de seguridad que implementan estos servicios los cuales se apoyan en técnicas criptográficas. Desde el comienzo de las primeras comunicaciones se han desarrollado diferentes técnicas criptográficas que han ido evolucionando a la vez que éstas. La primera de estas técnicas conocida fue escítala lacedemonia en el siglo V a.C. Los éforos espartanos, que eran los que utilizaban dicha técnica, escribían el mensaje en una cinta de cuero o papiro enrollada en una vara de grosor variable. A continuación desenrollaban la cinta y la enviaban al receptor. Sí el mensaje era interceptado solo podrían leer una pila de letras sin sentido. Sí el mensaje llegaba al receptor, éste enrollaría de nuevo la cinta en una vara del mismo grosor que lo hizo el emisor y leería el mensaje. En este proyecto de fin de grado se va a realizar un estudio del estado de arte sobre mecanismos de seguridad para posteriormente diseñar e implementar un componente de seguridad que ofrecerá los servicios citados. Dicho componente se integrará en el sistema del proyecto Europeo I3RES como un servicio más de los definidos dentro del propio proyecto. Los servicios de seguridad que requiere el proyecto I3RES, y por tanto los que ofrecerá el componente, son los de autenticación, integridad, no repudio y confidencialidad. El proyecto I3RES basa su sistema en una arquitectura distribuida por lo que es necesario realizar un estudio del estado del arte sobre dichas arquitecturas para el correcto despliegue del componente en el sistema. Actualmente, la mayoría de los sistemas mantienen una arquitectura distribuida. Este tipo de arquitectura conecta distintos equipos y dispositivos que están separados físicamente mediante una red llamada middleware. Estos equipos trabajan conjuntamente para implementar un conjunto de servicios. En el documento presente se tratan todos los temas anteriormente citados y se detalla el componente a desarrollar así como las correspondientes pruebas de validación y las conclusiones obtenidas. ABSTRACT. Security in networks and services have been extensively developed in last decades due to the arising of multiple devices connected to Internet. Advances in new technologies enhanced the necessity of security requirements to in order to avoid several warnings such as accessibility, integrity, user identity, availability, and confidentiality of our data. In terms of communications, security is crucial due to data could be intercepted on Internet by non-authorised agents which could use them or even alter their content. In order to avoid this warnings, security services have been defined such as data confidentiality and integrity. There is several security mechanism which implement this services based on cryptographic techniques. In parallel to the evolution of communication, cryptographic technics have been also developed with. The most ancient of technics was described in s. V b.C called escitala lacedemonia. Spartan ephorts, which extensively used this method, were used to write messages on the surface of a leather tape or papyri which were rolled on a rod. Next, they unrolled the tape and they sent to the receptor. Whether the message was intercepted they just would be able to read a mess of letters without sense. On the other hand, if the message arrive to the proper receptor, he roll the tape again in a rod with similar anchor of the transmitter one which leads to the adequate read. This Degree Project is focused on an analysis of the state of art about security mechanism together with a design and implement of a security component which offered the services mentioned. This component will be integrated within the European project I3RES as one of the security elements defined inside the project. The security components required in project I3REs are authentication, integrity and non-repudiation will be offered by the designed component as well. Nowadays, the most of the systems maintain a distributed architecture. This type of architecture connect several devices which are physically separated by a network called middleware. This equipment work altogether to implement a set of services. This document is focused on all the topics mentioned as well as the details of the component developed together with the validation tests required and the conclusions obtained.
Resumo:
In a series of attempts to research and document relevant sloshing type phenomena, a series of experiments have been conducted. The aim of this paper is to describe the setup and data processing of such experiments. A sloshing tank is subjected to angular motion. As a result pressure registers are obtained at several locations, together with the motion data, torque and a collection of image and video information. The experimental rig and the data acquisition systems are described. Useful information for experimental sloshing research practitioners is provided. This information is related to the liquids used in the experiments, the dying techniques, tank building processes, synchronization of acquisition systems, etc. A new procedure for reconstructing experimental data, that takes into account experimental uncertainties, is presented. This procedure is based on a least squares spline approximation of the data. Based on a deterministic approach to the first sloshing wave impact event in a sloshing experiment, an uncertainty analysis procedure of the associated first pressure peak value is described.
Resumo:
To date, big data applications have focused on the store-and-process paradigm. In this paper we describe an initiative to deal with big data applications for continuous streams of events. In many emerging applications, the volume of data being streamed is so large that the traditional ‘store-then-process’ paradigm is either not suitable or too inefficient. Moreover, soft-real time requirements might severely limit the engineering solutions. Many scenarios fit this description. In network security for cloud data centres, for instance, very high volumes of IP packets and events from sensors at firewalls, network switches and routers and servers need to be analyzed and should detect attacks in minimal time, in order to limit the effect of the malicious activity over the IT infrastructure. Similarly, in the fraud department of a credit card company, payment requests should be processed online and need to be processed as quickly as possible in order to provide meaningful results in real-time. An ideal system would detect fraud during the authorization process that lasts hundreds of milliseconds and deny the payment authorization, minimizing the damage to the user and the credit card company.
Resumo:
Due to the advancement of both, information technology in general, and databases in particular; data storage devices are becoming cheaper and data processing speed is increasing. As result of this, organizations tend to store large volumes of data holding great potential information. Decision Support Systems, DSS try to use the stored data to obtain valuable information for organizations. In this paper, we use both data models and use cases to represent the functionality of data processing in DSS following Software Engineering processes. We propose a methodology to develop DSS in the Analysis phase, respective of data processing modeling. We have used, as a starting point, a data model adapted to the semantics involved in multidimensional databases or data warehouses, DW. Also, we have taken an algorithm that provides us with all the possible ways to automatically cross check multidimensional model data. Using the aforementioned, we propose diagrams and descriptions of use cases, which can be considered as patterns representing the DSS functionality, in regard to DW data processing, DW on which DSS are based. We highlight the reusability and automation benefits that this can be achieved, and we think this study can serve as a guide in the development of DSS.
Resumo:
Due to the relative transparency of its embryos and larvae, the zebrafish is an ideal model organism for bioimaging approaches in vertebrates. Novel microscope technologies allow the imaging of developmental processes in unprecedented detail, and they enable the use of complex image-based read-outs for high-throughput/high-content screening. Such applications can easily generate Terabytes of image data, the handling and analysis of which becomes a major bottleneck in extracting the targeted information. Here, we describe the current state of the art in computational image analysis in the zebrafish system. We discuss the challenges encountered when handling high-content image data, especially with regard to data quality, annotation, and storage. We survey methods for preprocessing image data for further analysis, and describe selected examples of automated image analysis, including the tracking of cells during embryogenesis, heartbeat detection, identification of dead embryos, recognition of tissues and anatomical landmarks, and quantification of behavioral patterns of adult fish. We review recent examples for applications using such methods, such as the comprehensive analysis of cell lineages during early development, the generation of a three-dimensional brain atlas of zebrafish larvae, and high-throughput drug screens based on movement patterns. Finally, we identify future challenges for the zebrafish image analysis community, notably those concerning the compatibility of algorithms and data formats for the assembly of modular analysis pipelines.
Resumo:
High-Performance Computing, Cloud computing and next-generation applications such e-Health or Smart Cities have dramatically increased the computational demand of Data Centers. The huge energy consumption, increasing levels of CO2 and the economic costs of these facilities represent a challenge for industry and researchers alike. Recent research trends propose the usage of holistic optimization techniques to jointly minimize Data Center computational and cooling costs from a multilevel perspective. This paper presents an analysis on the parameters needed to integrate the Data Center in a holistic optimization framework and leverages the usage of Cyber-Physical systems to gather workload, server and environmental data via software techniques and by deploying a non-intrusive Wireless Sensor Net- work (WSN). This solution tackles data sampling, retrieval and storage from a reconfigurable perspective, reducing the amount of data generated for optimization by a 68% without information loss, doubling the lifetime of the WSN nodes and allowing runtime energy minimization techniques in a real scenario.
Resumo:
In the last years, there has been an increase in the amount of real-time data generated. Sensors attached to things are transforming how we interact with our environment. Extracting meaningful information from these streams of data is essential for some application areas and requires processing systems that scale to varying conditions in data sources, complex queries, and system failures. This paper describes ongoing research on the development of a scalable RDF streaming engine.
Resumo:
Con el auge del Cloud Computing, las aplicaciones de proceso de datos han sufrido un incremento de demanda, y por ello ha cobrado importancia lograr m�ás eficiencia en los Centros de Proceso de datos. El objetivo de este trabajo es la obtenci�ón de herramientas que permitan analizar la viabilidad y rentabilidad de diseñar Centros de Datos especializados para procesamiento de datos, con una arquitectura, sistemas de refrigeraci�ón, etc. adaptados. Algunas aplicaciones de procesamiento de datos se benefician de las arquitecturas software, mientras que en otras puede ser m�ás eficiente un procesamiento con arquitectura hardware. Debido a que ya hay software con muy buenos resultados en el procesamiento de grafos, como el sistema XPregel, en este proyecto se realizará una arquitectura hardware en VHDL, implementando el algoritmo PageRank de Google de forma escalable. Se ha escogido este algoritmo ya que podr��á ser m�ás eficiente en arquitectura hardware, debido a sus características concretas que se indicaráan m�ás adelante. PageRank sirve para ordenar las p�áginas por su relevancia en la web, utilizando para ello la teorí��a de grafos, siendo cada página web un vértice de un grafo; y los enlaces entre páginas, las aristas del citado grafo. En este proyecto, primero se realizará un an�álisis del estado de la técnica. Se supone que la implementaci�ón en XPregel, un sistema de procesamiento de grafos, es una de las m�ás eficientes. Por ello se estudiará esta �ultima implementaci�ón. Sin embargo, debido a que Xpregel procesa, en general, algoritmos que trabajan con grafos; no tiene en cuenta ciertas caracterí��sticas del algoritmo PageRank, por lo que la implementaci�on no es �optima. Esto es debido a que en PageRank, almacenar todos los datos que manda un mismo v�értice es un gasto innecesario de memoria ya que todos los mensajes que manda un vértice son iguales entre sí e iguales a su PageRank. Se realizará el diseño en VHDL teniendo en cuenta esta caracter��ística del citado algoritmo,evitando almacenar varias veces los mensajes que son iguales. Se ha elegido implementar PageRank en VHDL porque actualmente las arquitecturas de los sistemas operativos no escalan adecuadamente. Se busca evaluar si con otra arquitectura se obtienen mejores resultados. Se realizará un diseño partiendo de cero, utilizando la memoria ROM de IPcore de Xillinx (Software de desarrollo en VHDL), generada autom�áticamente. Se considera hacer cuatro tipos de módulos para que as�� el procesamiento se pueda hacer en paralelo. Se simplificar�á la estructura de XPregel con el fin de intentar aprovechar la particularidad de PageRank mencionada, que hace que XPregel no le saque el m�aximo partido. Despu�és se escribirá el c�ódigo, realizando una estructura escalable, ya que en la computación intervienen millones de páginas web. A continuación, se sintetizar�á y se probará el código en una FPGA. El �ultimo paso será una evaluaci�ón de la implementaci�ón, y de posibles mejoras en cuanto al consumo.
Resumo:
PAMELA (Phased Array Monitoring for Enhanced Life Assessment) SHMTM System is an integrated embedded ultrasonic guided waves based system consisting of several electronic devices and one system manager controller. The data collected by all PAMELA devices in the system must be transmitted to the controller, who will be responsible for carrying out the advanced signal processing to obtain SHM maps. PAMELA devices consist of hardware based on a Virtex 5 FPGA with a PowerPC 440 running an embedded Linux distribution. Therefore, PAMELA devices, in addition to the capability of performing tests and transmitting the collected data to the controller, have the capability of perform local data processing or pre-processing (reduction, normalization, pattern recognition, feature extraction, etc.). Local data processing decreases the data traffic over the network and allows CPU load of the external computer to be reduced. Even it is possible that PAMELA devices are running autonomously performing scheduled tests, and only communicates with the controller in case of detection of structural damages or when programmed. Each PAMELA device integrates a software management application (SMA) that allows to the developer downloading his own algorithm code and adding the new data processing algorithm to the device. The development of the SMA is done in a virtual machine with an Ubuntu Linux distribution including all necessary software tools to perform the entire cycle of development. Eclipse IDE (Integrated Development Environment) is used to develop the SMA project and to write the code of each data processing algorithm. This paper presents the developed software architecture and describes the necessary steps to add new data processing algorithms to SMA in order to increase the processing capabilities of PAMELA devices.An example of basic damage index estimation using delay and sum algorithm is provided.
Resumo:
Nowadays, devices that monitor the health of structures consume a lot of power and need a lot of time to acquire, process, and send the information about the structure to the main processing unit. To decrease this time, fast electronic devices are starting to be used to accelerate this processing. In this paper some hardware algorithms implemented in an electronic logic programming device are described. The goal of this implementation is accelerate the process and diminish the information that has to be send. By reaching this goal, the time the processor needs for treating all the information is reduced and so the power consumption is reduced too.
