David Kotz's papers (by topic) and research summaries
Sat Jun 28 20:34:27 EDT 2008

My current research interests include wireless networks, wireless security, sensor-network security, and security and privacy issues in pervasive computing. Below is a list of my papers. For a more formal listing, see my vita.

View this paper list by topic , by publication type , alphabetically , chronologically .

You can also search the papers by keyword.

Here, the papers are divided into several categories. Within each topic, the papers are in reverse-chronological order.

  • Data Assurance in Medical Sensor Systems (SenseMed project) [2007-date]
  • Security and privacy in sensor systems (AnonySense system) [2006-date]
  • Context-sensitive authorization [2002-08]
  • Middleware for pervasive computing (Solar project) [2000-08]
  • Security - intrusion analysis tools (Kerf project) [2003-05]
  • Security - delegation (Snowflake project) [1997-2001]
  • Mobility modeling [2005-07]
  • Mobility prediction [2002-07]
  • Wireless-network security (MAP project) [2004-08]
  • Wireless-network usage characterization [2002-08]
  • Wireless-network trace archive (CRAWDAD project) [2005-date]
  • Wireless mesh networks [2007-08]
  • Wireless mobile ad hoc networks (MANET) [2003-07]
  • Mobile agents (D'Agents system) [1994-2002]
  • Market-based resource control [1997-2003]
  • Parallel I/O (Armada project) [2001-06]
  • Parallel I/O (Galley project) [1994-98]
  • Parallel I/O (CHARISMA project) [1994-96]
  • Parallel I/O (STARFISH project) [1994-97]
  • Parallel I/O (RAPID-Transit project) [1988-93]
  • Parallel I/O (other) [1991-2002]
  • Single-address-space operating systems (SASOS) [1993-96]
  • Education (DAPPLE project) [1990-96]
  • Other papers

    • Data Assurance in Medical Sensor Systems (SenseMed project) [2007-date]

    We expect that wearable, portable, and even embeddable medical sensors will enable long-term continuous medical monitoring for many purposes, such as patients with chronic medical conditions (such as the recently announced blood-sugar sensors for diabetics), people seeking to change behavior (e.g., losing weight, or quitting smoking), or athletes wishing to monitor their condition and performance. The resulting data may be used directly by the person, or shared with others: with a physician for treatment, with an insurance company for coverage, or by a trainer or coach. Such systems have huge potential benefit to the quality of healthcare and quality of life for many people.

    Since the sensor data may be gathered through a patient's mobile device (such as a mobile phone), a wireless network, and the Internet, there are many opportunities for the sensor data to be tampered or otherwise inaccurate. How can we assess confidence in sensor data? How can we present that level of confidence, in context, with the sensor data? This project will develop methods to assess confidence in medical sensor data.

    People: Janani Sriram, Minho Shin, and Intel collaborators (Anand Rajan, Manoj Sastry, and Mark Yarvis).
    Funded by the Intel University Research Council.

    Security and privacy in sensor systems (AnonySense system) [2006-date]

    Pervasive computing, often known as ubiquitous computing, is touted as the future in which computing devices become so embedded in our everyday lives that they are pervasive--- throughout our homes, workplaces, public spaces, and even woven into our clothing or embedded into our body. These systems raise significant challenges regarding security and privacy.

    We developed the AnonySense system, which includes novel mechanisms for the anonymous collection of sensor data from people who volunteer their cell phones as part of a distributed sensing platform, addressing a key challenge in the important area of participatory and opportunistic urban sensing, and developed a novel interface to allow people to specify how sensor data about them might be shared with others. To evaluate this work, we measured system performance in terms of bandwidth and power consumption, conducted a user study, and used large wireless-network traces from the Dartmouth campus. We also developed a method for access control called virtual walls, which is an intuitive method for controlling access to contextual sensor data.

    People: Denise Anthony, Cory Cornelius, Jeff Fielding, Tristan Henderson, Apu Kapadia, Dan Peebles, Minho Shin, Nikos Triandopoulos, and Patrick Tsang.
    Part of the MetroSense project and the PLACE project.
    Funded by the Department of Justice (BJA), the Department of Commerce (NIST), and the Department of Homeland Security (DHS-NCSD) through ISTS.

    Context-sensitive authorization [2002-08]

    Pervasive computing, often known as ubiquitous computing, is touted as the future in which computing devices become so embedded in our everyday lives that they are pervasive--- throughout our homes, workplaces, public spaces, and even woven into our clothing or embedded into our body. These systems raise significant challenges regarding security and privacy.

    We developed a theory and implementation of context-sensitive authorization, the first distributed approach that respects confidentiality and integrity goals. In context-sensitive authorization systems, the authorization policies (e.g., for access to physical resources like a room or virtual resources like a database) depend on the context (e.g., location or activity) of the person requesting access to the resource. Our work recognizes that the sources of context information are inherently distributed, and that the context used (such as a person's location) is sensitive information that must remain confidential. Our techniques allow an authorization query to be evaluated in a distributed fashion while respecting confidentiality and integrity policies imposed by the many parties involved.

    People: Kazuhiro Minami.
    Funded by DARPA, and DHS (through ISTS).

    Middleware for pervasive computing (Solar project) [2000-08]

    Successful pervasive-computing systems allow their applications to be aware of the context in which they execute, or the context of the applications' users. For example, an application may behave differently when its user is at home than at the office, or outdoors; alone, or with other people; driving or eating or walking. We developed the Solar system, a comprehensive middleware framework for the development of context-aware applications. Solar is based on a publish-subscribe model, allowing applications to subscribe to streams of events carrying context data. The applications may deploy a distributed network of operators that transform raw sensor data, as published by sources, into the desired context. Through a novel context naming system, applications can identify the desired sources, which themselves may be named output of a tree of operators that aggregate many other sources. A key novelty in this naming system is that names are context-sensitive; for example, an application may subcribe to "photographs from a camera in the same location as Mary Smith," and have the source of events transparently change as Mary Smith moves about.

    The Solar work also contributed novel methods for data-flow management, recognizing that some sensor-based context systems may produce far more data (events) than can be carried by an underlying wireless network or can be consumed by operators and applications. Two contributions of Solar, therefore, include a mechanism for filtering data at the context source in a way that recognizes the overlapping goals of the many subscribers to the source, and an inline filtering and summarization technique that manages the flow of events through the Solar system.

    The SOLAR web site has lots more information, including downloadable code.

    People: Guanling Chen, Adrian Hartline, Ming Li, Chris Masone, Arun Mathias, Kazuhiro Minami, Cal Newport, Jue Wang, Abe White, Lin Zhong.
    Funding: DARPA, DoD MURI, Microsoft Research, Cisco Systems, and USENIX; DHS and DOJ (BJA) through ISTS.

    Security - intrusion analysis tools (Kerf project) [2003-05]

    Kerf (formerly known as Sawmill) is a set of tools designed to help system administrators analyze intrusions in their network. Our tools collect host and network log data in secure databases, allow administrators sophisticated searches using our SQL-language variant (SawQL, pronounced saw-kwill), and present the results through a browsable graphical interface. The Kerf web site has lots more information, papers, and downloadable code.

    People: Jay Aslam, Sergey Bratus, Marco Cremonini, Kevin Mitcham, Ron Peterson, Daniela Rus, Brett Tofel, and students Kyle Smith, Virgil Pavlu, and Wei Zhang.
    Funding: DHS Science and Technology Directorate [details].

    Security - delegation (Snowflake project) [1997-2001]

    We tackled the problem of naming and sharing resources across administrative boundaries. In the Snowflake project, we developed a theory and implementation for restricted delegation, building on the classic "speaks-for" relation that forms the foundation of many authorization logics. In Snowflake, principals can delegate authority to other principles, but in a limited way; in earlier work, it was only possible for a principal to delegate all of its authority. The work is theoretically well-founded and yet practical to implement.

    People: Jon Howell.
    Funding: USENIX Association.

    Mobility modeling [2005-07]

    Much research in mobile computing, including many papers on ad hoc networks, wireless networks, and pervasive computing, evaluate their proposed systems or algorithms through simulation; since they deal with mobile devices, the simulation includes a mobility model. Most such research, unfortunately, use woefully inadequate models based on random-walk behavior ("random waypoint" and similar models). Building upon traces collected from Dartmouth's wireless network, we derived mobility models and parameters that more closely match the mobility behaviors of real users.

    People: Minkyong Kim, Jeff Fielding, Songkuk Kim.
    Funding: Cisco, NSF, and Dartmouth College.

    Mobility prediction [2002-07]

    Leveraging Dartmouth's collection of wireless-network data, we developed and evaluated methods to predict the next access point where a Wi-Fi device is likely to associate, based on its past history. There was a lot of prior work that provides nice theoretical results; our papers were the first to evaluate all those algorithms with real mobility data. The results show that the more sophisticated algorithms do not provide any substantial advantage, and that simple predictors suffice.

    People: Libo Song, Udayan Deshpande, Ravi Jain, Ulas Kozat, and Xiaoning He.
    Funding: DoCoMo Labs USA, Department of Justice (BJA) through ISTS.

    Wireless-network security (MAP project) [2004-08]

    Wireless networks are pervasive, but concerns remain about their security. In the HSARPA-funded project MAP (Measure, Analyze, Protect) we developed methods for large-scale monitoring and real-time analysis of Wi-Fi network traffic to identify attacks on the network. Specifically, the MAP effort focused on attacks that disable the network, denying access to legitimate clients or reducing the quality of their network performance. The MAP papers provide effective mechanisms for sampling network traffic using sniffers placed throughout the enterprise, a new way to detect whether a given client MAC address is being "spoofed" by an attacker node, and new methods for active fingerprinting of wireless devices.

    People: Andrew Campbell, Guanling Chen, Udayan Deshpande, Tristan Henderson, Michael Locasto, Chris McDonald, Yong Sheng, Keren Tan, Bennet Vance, Joshua Wright, Bo Yan, Hongda Yin.
    Funded by the Department of Homeland Security (HSARPA).

    Wireless-network usage characterization [2002-08]

    Wireless 802.11 (Wi-Fi) networks have become universal. In 2001, however, there were few large deployments and Dartmouth was one of the first universities to deploy a campus-wide Wi-Fi network. In 2001-02 we conducted the largest-ever characterization effort on a wireless network. In the initial effort he captured statistics and network traces from over 476 access points spread over 161 buildings at Dartmouth College, capturing the activity of nearly two thousand users. We repeated the data-collection effort two years later and was able to measure trends and changes in network activity, as well as adding a new focus on VOIP and P2P traffic and on user mobility. We released the data, and ultimately founded CRAWDAD.org, a "Community Resource for Archiving Wireless Data at Dartmouth".

    People: Ilya Abyzov, Denise Anthony, David Blinn, Guanling Chen, Kobby Essien, Jeff Fielding, Tristan Henderson, Pablo Stern.
    Funded by Cisco Systems, Dartmouth College, DoCoMo USA Labs, and Intel Corporation, and somewhat by Department of Justice (BJA) through ISTS.

    Wireless-network trace archive (CRAWDAD project) [2005-date]

    We founded CRAWDAD.org, a "Community Resource for Archiving Wireless Data at Dartmouth", to collect and distribute traces of wireless-network activity or locations of mobile devices. This archive stores wireless trace data from many contributing locations, with the staff to develop better tools for collecting, anonymizing, and analyzing the data. We work with community leaders to ensure that the archive meets the needs of the research community, work with the other leading centers that develop network tracing tools and metadata, and work with research organizations and corporations to ensure continuing support for the archive.

    People: Tristan Henderson, Jihwang Yeo, and several undergraduate students.
    Funded by the National Science Foundation (CISE) through their CRI program, with gifts from Aruba Networks and Intel Corporation.

    Wireless mesh networks [2007-08]

    Wireless mesh networks provide Wi-Fi service to mobile clients, much like an infrastructure wireless network, but the backhaul connection between access points is itself an ad hoc wireless network. One large challenge in mesh networks is management. We developed the MeshMon system, which can inform a sysadmin about the health of the mesh network and help diagnose any problems with the network.

    People: Soumendra Nanda.
    Funded by the Department of Justice (BJA) through ISTS.

    Wireless mobile ad hoc networks (MANET) [2003-07]

    Mobile ad hoc networks (MANET) have been a subject of frequent study. Most researchers evaluate their systems and algorithms using simulation--- but most such simulations depend on models of the physical layer that are overly simplistic. We evaluated the relative performance of MANET simulations and MANET experiments. In the process, we identified the common assumptions made in MANET research and quantitatively showed how simulation results will not match reality unless good models are used. We conducted the largest-ever outdoor experiment with multiple routing algorithms, and developed new ways to drive a simulator with conditions that match those in the experiment.

    People: Calvin Newport, Yougu Yuan, Robert S. Gray, Jason Liu, Chip Elliott, David M. Nicol, Nikita Dubrovsky, Aaron Fiske, Christopher Masone, Susan McGrath, and Luiz Felipe Perrone.
    Funding: DOD, AFOSR, DARPA, and DHS (through ISTS).

    Mobile agents (D'Agents system) [1994-2002]

    Mobile agents are software programs that can move from host to host at times and to places of their own choosing. They are a form of active mobile code that open up new possibilities in distributed computing. Our team created Agent Tcl, one of the first comprehensive mobile-agent software platforms in the research community. In a five-year DARPA-funded effort we transformed Agent Tcl into D'Agents, which supported Java and Scheme as well as the Tcl programming languages, and which enabled our research on performance aspects of mobile code, the security challenges in mobile code, and market-based control of mobile agents and distributed systems.

    The D'Agents web site has lots more information, and downloadable code.

    People: Professors George Cybenko, Bob Gray, and Daniela Rus, and many others.
    Funding: AFoSR, AFRL, ONR, DoD MURI, DARPA [details].

    Market-based resource control [1997-2003]

    The concept of market-based resource control is to use economic principles to drive resource management in distributed systems. We developed novel mechanisms for mobile agents to compete for resources in a distributed system of agent hosts; the relative budget provided to different agents provided them differing priority, and yet the agents' ability to bid for computing time at various hosts provided dynamic adaptation to load and load distribution.

    People: Daniela Rus, Jon Bredin, and collaborators at UIUC (Rajiv T. Maheswaran and Çagri Imer and Tamer Basar).
    Funding: DARPA.

    Parallel I/O (Armada project) [2001-06]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system.

    We developed the Armada parallel file system. The point of Armada is to allow a programmer more flexibility in specifying how data could flow from a set of I/O nodes to a set of computation nodes, in the context of large-scale computational grids. In these grids, network latency is significant, and it is important to pipeline the data flow. Armada allows the programmer to specify the data-transformation operators between the computation nodes and the I/O nodes, and internally optimizes the structure before automatically deploying the operators to intermediate nodes.

    For more information see the Armada web page.

    People: Ron Oldfield.
    Funding: DOE (Sandia National Labs).

    Parallel I/O (Galley project) [1994-98]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system.

    We developed the Galley parallel file system, which demonstrated the power of a split-level interface: a low-level interface that allowed efficient data transfers and in particular the ability of I/O nodes in a multiprocessor to execute some of the file-system code, and a set of high-level interfaces that may be specific to a programming language or application domain and thus most convenient for the programmer.

    For more information see the Galley web page.

    People: Nils Nieuwejaar.
    Funding: NSF, NASA.

    Parallel I/O (CHARISMA project) [1994-96]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system.

    One of the big challenges facing research on parallel file systems was to develop a solid understanding of the workload: what do parallel programmers actually do with parallel file systems. We launched a cooperative effort, called CHARISMA, to collect and analyze file-system traces from multiple applications on several different file systems. The resulting papers are some of the only work to characterize production parallel computer systems.

    For more information see the CHARISMA web page.

    People: Nils Nieuwejaar, Apratim Purakayastha, Mike Best, Carla Ellis.
    Funding: NSF, NASA.

    Parallel I/O (STARFISH project) [1994-97]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system.

    In the STARFISH project we developed the concept of disk-directed I/O, in which the application process requested a large parallel data transfer to or from a parallel file, and then the file system arranged the transfer of information between disks and memory in a way that suited the disks' own timing. The results show strong performance benefits--- but only if suitable interfaces allow the application to make such requests known to the file system at a high level.

    For more information see the STARFISH web page.

    People: just me.
    Funding: NSF.

    Parallel I/O (RAPID-Transit project) [1988-93]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system.

    We developed methods for caching in parallel file systems, and in particular several novel methods for prefetching data based on the patterns observed thus far. I implemented these methods on a Butterfly GP-1000 parallel computer and validated the results through experimentation.

    For more information see the RAPID-Transit web page.

    People: Carla Ellis.
    Funding: DARPA, NSF, NASA.