David Kotz's papers (by topic) and research summaries
Fri Jul 3 09:54:52 EDT 2009

My current research interests include wireless networks, wireless security, sensor-network security, and security and privacy issues in pervasive computing. Below is a list of my papers. For a more formal listing, see my vita.

View this paper list by topic , by publication type , alphabetically , chronologically .

You can also search the papers by keyword.

Here, the papers are divided into several categories. Within each topic, the papers are in reverse-chronological order.

  • Mobile healthcare (mHealth) security and privacy [2009-date] [Active project]
  • Security and privacy in sensor systems (AnonySense system) [2006-2009]
  • Context-sensitive authorization [2002-08]
  • Middleware for pervasive computing (Solar project) [2000-08]
  • Security - intrusion analysis tools (Kerf project) [2003-05]
  • Security - delegation (Snowflake project) [1997-2001]
  • Mobility modeling [2005-07]
  • Mobility prediction [2002-07]
  • Wireless-network testbed (DIST project) [2007-date]
  • Wireless-network security (MAP project) [2004-08]
  • Wireless-network usage characterization [2002-08]
  • Wireless-network trace anonymization (NetSANI project) [2009-date] [Active project]
  • Wireless-network trace archive (CRAWDAD project) [2005-date] [Active project]
  • Wireless mesh networks [2007-08]
  • Wireless mobile ad hoc networks (MANET) [2003-07]
  • Mobile agents (D'Agents system) [1994-2002]
  • Market-based resource control [1997-2003]
  • Parallel I/O (Armada project) [2001-06]
  • Parallel I/O (Galley project) [1994-98]
  • Parallel I/O (CHARISMA project) [1994-96]
  • Parallel I/O (STARFISH project) [1994-97]
  • Parallel I/O (RAPID-Transit project) [1988-93]
  • Parallel I/O (other) [1991-2002]
  • Single-address-space operating systems (SASOS) [1993-96]
  • Education (DAPPLE project) [1990-96]
  • Other papers

    • Mobile healthcare (mHealth) security and privacy [2009-date] [Active project]

    We expect that wearable, portable, and even embeddable medical sensors will enable long-term continuous medical monitoring for many purposes: for patients with chronic medical conditions (such as blood-sugar sensors for diabetics), for people seeking to change behavior (such as losing weight or quitting smoking), or for athletes wishing to monitor their condition and performance. The resulting data may be used directly by the person, or shared with others: with a physician for treatment, with an insurance company for coverage, or by a trainer or coach. Such systems have huge potential benefit to the quality of healthcare and quality of life for many people. Since the sensor data may be gathered through a patient's mobile device (such as a mobile phone), a wireless network, and the Internet, there are many opportunities for the sensor data to be tampered or otherwise inaccurate.

    In the SenseMed project, we seek methods to assess confidence in sensor data, and methods to verify whether the sensor data is indeed coming from the correct patient.

    In an outgrowth of the AnonySense project, we are developing secure, efficient protocols for using a mobile-phone (or similar personal device) to collect sensor data from wearable sensors.


    Faculty (Dartmouth): Ethan Berke, Tanzeem Choudhury.
    Staff (Dartmouth): Apu Kapadia (soon to be at Indiana University), Minho Shin.
    Students (Dartmouth): Cory Cornelius, Dan Peebles, Janani Sriram, and Patrick Tsang.
    Collaborators (UMass Lowell): Guanling Chen, Bo Yan.
    Collaborators (Intel Labs): Anand Rajan, Manoj Sastry, and Mark Yarvis.

    Funded by the Department of Homeland Security (DHS-NCSD) through ISTS, and the Intel University Research Council.

    Security and privacy in sensor systems (AnonySense system) [2006-2009]

    Pervasive computing, often known as ubiquitous computing, is touted as the future in which computing devices become so embedded in our everyday lives that they are pervasive--- throughout our homes, workplaces, public spaces, and even woven into our clothing or embedded into our body. These systems raise significant challenges regarding security and privacy.

    We developed the AnonySense system, which includes novel mechanisms for the anonymous collection of sensor data from people who volunteer their cell phones as part of a distributed sensing platform, addressing a key challenge in the important area of participatory and opportunistic urban sensing, and developed a novel interface to allow people to specify how sensor data about them might be shared with others. To evaluate this work, we measured system performance in terms of bandwidth and power consumption, conducted a user study, and used large wireless-network traces from the Dartmouth campus. We also developed a method for access control called virtual walls, which is an intuitive method for controlling access to contextual sensor data.

    People: Denise Anthony, Cory Cornelius, Jeff Fielding, Tristan Henderson, Apu Kapadia, Dan Peebles, Minho Shin, Nikos Triandopoulos, and Patrick Tsang.
    Part of the MetroSense project and the PLACE project.
    Funded by the Department of Justice (BJA), the Department of Commerce (NIST), and the Department of Homeland Security (DHS-NCSD) through ISTS.

    Context-sensitive authorization [2002-08]

    Pervasive computing, often known as ubiquitous computing, is touted as the future in which computing devices become so embedded in our everyday lives that they are pervasive--- throughout our homes, workplaces, public spaces, and even woven into our clothing or embedded into our body. These systems raise significant challenges regarding security and privacy.

    We developed a theory and implementation of context-sensitive authorization, the first distributed approach that respects confidentiality and integrity goals. In context-sensitive authorization systems, the authorization policies (e.g., for access to physical resources like a room or virtual resources like a database) depend on the context (e.g., location or activity) of the person requesting access to the resource. Our work recognizes that the sources of context information are inherently distributed, and that the context used (such as a person's location) is sensitive information that must remain confidential. Our techniques allow an authorization query to be evaluated in a distributed fashion while respecting confidentiality and integrity policies imposed by the many parties involved.

    People: Kazuhiro Minami.
    Funded by DARPA, and DHS (through ISTS).

    Middleware for pervasive computing (Solar project) [2000-08]

    Successful pervasive-computing systems allow their applications to be aware of the context in which they execute, or the context of the applications' users. For example, an application may behave differently when its user is at home than at the office, or outdoors; alone, or with other people; driving or eating or walking. We developed the Solar system, a comprehensive middleware framework for the development of context-aware applications. Solar is based on a publish-subscribe model, allowing applications to subscribe to streams of events carrying context data. The applications may deploy a distributed network of operators that transform raw sensor data, as published by sources, into the desired context. Through a novel context naming system, applications can identify the desired sources, which themselves may be named output of a tree of operators that aggregate many other sources. A key novelty in this naming system is that names are context-sensitive; for example, an application may subcribe to "photographs from a camera in the same location as Mary Smith," and have the source of events transparently change as Mary Smith moves about.

    The Solar work also contributed novel methods for data-flow management, recognizing that some sensor-based context systems may produce far more data (events) than can be carried by an underlying wireless network or can be consumed by operators and applications. Two contributions of Solar, therefore, include a mechanism for filtering data at the context source in a way that recognizes the overlapping goals of the many subscribers to the source, and an inline filtering and summarization technique that manages the flow of events through the Solar system.

    The SOLAR web site has lots more information, including downloadable code.

    People: Guanling Chen, Adrian Hartline, Ming Li, Chris Masone, Arun Mathias, Kazuhiro Minami, Cal Newport, Jue Wang, Abe White, Lin Zhong.
    Funding: DARPA, DoD MURI, Microsoft Research, Cisco Systems, and USENIX; DHS and DOJ (BJA) through ISTS.

    Security - intrusion analysis tools (Kerf project) [2003-05]

    Kerf (formerly known as Sawmill) is a set of tools designed to help system administrators analyze intrusions in their network. Our tools collect host and network log data in secure databases, allow administrators sophisticated searches using our SQL-language variant (SawQL, pronounced saw-kwill), and present the results through a browsable graphical interface. The Kerf web site has lots more information, papers, and downloadable code.

    People: Jay Aslam, Sergey Bratus, Marco Cremonini, Kevin Mitcham, Ron Peterson, Daniela Rus, Brett Tofel, and students Kyle Smith, Virgil Pavlu, and Wei Zhang.
    Funding: DHS Science and Technology Directorate [details].

    Security - delegation (Snowflake project) [1997-2001]

    We tackled the problem of naming and sharing resources across administrative boundaries. In the Snowflake project, we developed a theory and implementation for restricted delegation, building on the classic "speaks-for" relation that forms the foundation of many authorization logics. In Snowflake, principals can delegate authority to other principles, but in a limited way; in earlier work, it was only possible for a principal to delegate all of its authority. The work is theoretically well-founded and yet practical to implement.

    People: Jon Howell.
    Funding: USENIX Association.

    Mobility modeling [2005-07]

    Much research in mobile computing, including many papers on ad hoc networks, wireless networks, and pervasive computing, evaluate their proposed systems or algorithms through simulation; since they deal with mobile devices, the simulation includes a mobility model. Most such research, unfortunately, use woefully inadequate models based on random-walk behavior ("random waypoint" and similar models). Building upon traces collected from Dartmouth's wireless network, we derived mobility models and parameters that more closely match the mobility behaviors of real users.

    People: Minkyong Kim, Jeff Fielding, Songkuk Kim.
    Funding: Cisco, NSF, and Dartmouth College.

    Mobility prediction [2002-07]

    Leveraging Dartmouth's collection of wireless-network data, we developed and evaluated methods to predict the next access point where a Wi-Fi device is likely to associate, based on its past history. There was a lot of prior work that provides nice theoretical results; our papers were the first to evaluate all those algorithms with real mobility data. The results show that the more sophisticated algorithms do not provide any substantial advantage, and that simple predictors suffice.

    People: Libo Song, Udayan Deshpande, Ravi Jain, Ulas Kozat, and Xiaoning He.
    Funding: DoCoMo Labs USA, Department of Justice (BJA) through ISTS.

    Wireless-network testbed (DIST project) [2007-date]

    We are developing the Dartmouth Internet Security Testbed (DIST), a large-scale deployment designed to support research on wireless-network security challenges. The Institute for Security Technology Studies (ISTS), in collaboration with Dartmouth's Peter Kiewit Computing Services, is deploying this integrated testbed comprising a wireless-network measurement infrastructure and a suite of Wi-Fi capable mobile devices. This project follows the MAP project below.

    People: Sergey Bratus, Apu Kapadia, Mike Locasto, Keren Tan, Punch Taylor, and Bennet Vance (Computer Science); Frank Archambeault, John Dadmun, and Paul Schmidt (Computing Services); Guanling Chen and Bo Yan (UMass Lowell); and Chris McDonald (Univ. Western Australia).
    Funded by the Department of Homeland Security (NCSD) through ISTS.

    Wireless-network security (MAP project) [2004-08]

    Wireless networks are pervasive, but concerns remain about their security. In the HSARPA-funded project MAP (Measure, Analyze, Protect) we developed methods for large-scale monitoring and real-time analysis of Wi-Fi network traffic to identify attacks on the network. Specifically, the MAP effort focused on attacks that disable the network, denying access to legitimate clients or reducing the quality of their network performance. The MAP papers provide effective mechanisms for sampling network traffic using sniffers placed throughout the enterprise, a new way to detect whether a given client MAC address is being "spoofed" by an attacker node, and new methods for active fingerprinting of wireless devices.

    People: Andrew Campbell, Guanling Chen, Udayan Deshpande, Tristan Henderson, Michael Locasto, Chris McDonald, Yong Sheng, Keren Tan, Bennet Vance, Joshua Wright, Bo Yan, Hongda Yin.
    Funded by the Department of Homeland Security (HSARPA).

    Wireless-network usage characterization [2002-08]

    Wireless 802.11 (Wi-Fi) networks have become universal. In 2001, however, there were few large deployments and Dartmouth was one of the first universities to deploy a campus-wide Wi-Fi network. In 2001-02 we conducted the largest-ever characterization effort on a wireless network. In the initial effort he captured statistics and network traces from over 476 access points spread over 161 buildings at Dartmouth College, capturing the activity of nearly two thousand users. We repeated the data-collection effort two years later and was able to measure trends and changes in network activity, as well as adding a new focus on VOIP and P2P traffic and on user mobility. We released the data, and ultimately founded CRAWDAD.org, a "Community Resource for Archiving Wireless Data at Dartmouth".

    People: Ilya Abyzov, Denise Anthony, David Blinn, Guanling Chen, Kobby Essien, Jeff Fielding, Tristan Henderson, Pablo Stern.
    Funded by Cisco Systems, Dartmouth College, DoCoMo USA Labs, and Intel Corporation, and somewhat by Department of Justice (BJA) through ISTS.

    Wireless-network trace anonymization (NetSANI project) [2009-date] [Active project]

    The NetSANI project aims to increase network-trace sharing by making it safer and easier to sanitize network traces remove sensitive information. Sanitization always involves a challenging trade-off between sanitization effectiveness (providing anonymity for network users and secrecy for network operational information) and research usefulness (since only the information retained can be used by the researcher).

    To this end, the project will develop and release NetSANI (Network Trace Sanitization and ANonymization Infrastructure), a flexible and extensible suite of software tools for sanitizing network traces, based on user-specified sanitization goals and user-specified research goals. The tools will be verified on extensive traces collected at Dartmouth College (see DIST), and evaluated by providing early releases to external collaborators who will test the tools on their traces.

    The NetSANI project expects that (a) better tools will enable and encourage more network-trace sharing, which helps the research community do better research, (b) better access to network traces will help companies develop better network products, and (c) better anonymization methods will protect network users' privacy.

    People: Jihwang Yeo and Keren Tan.
    Funded by the National Science Foundation Cyber Trust Award CNS-0831409.

    Wireless-network trace archive (CRAWDAD project) [2005-date] [Active project]

    We founded CRAWDAD.org, a "Community Resource for Archiving Wireless Data at Dartmouth", to collect and distribute traces of wireless-network activity or locations of mobile devices. This archive stores wireless trace data from many contributing locations, with the staff to develop better tools for collecting, anonymizing, and analyzing the data. We work with community leaders to ensure that the archive meets the needs of the research community, work with the other leading centers that develop network tracing tools and metadata, and work with research organizations and corporations to ensure continuing support for the archive.

    People: Tristan Henderson, Jihwang Yeo, and several undergraduate students.
    Funded by the National Science Foundation (CISE) through CRI Award 0454062, with gifts from Aruba Networks and Intel Corporation.

    Wireless mesh networks [2007-08]

    Wireless mesh networks provide Wi-Fi service to mobile clients, much like an infrastructure wireless network, but the backhaul connection between access points is itself an ad hoc wireless network. One large challenge in mesh networks is management. We developed the MeshMon system, which can inform a sysadmin about the health of the mesh network and help diagnose any problems with the network.

    People: Soumendra Nanda.
    Funded by the Department of Justice (BJA) through ISTS.

    Wireless mobile ad hoc networks (MANET) [2003-07]

    Mobile ad hoc networks (MANET) have been a subject of frequent study. Most researchers evaluate their systems and algorithms using simulation--- but most such simulations depend on models of the physical layer that are overly simplistic. We evaluated the relative performance of MANET simulations and MANET experiments. In the process, we identified the common assumptions made in MANET research and quantitatively showed how simulation results will not match reality unless good models are used. We conducted the largest-ever outdoor experiment with multiple routing algorithms, and developed new ways to drive a simulator with conditions that match those in the experiment.

    People: Calvin Newport, Yougu Yuan, Robert S. Gray, Jason Liu, Chip Elliott, David M. Nicol, Nikita Dubrovsky, Aaron Fiske, Christopher Masone, Susan McGrath, and Luiz Felipe Perrone.
    Funding: DOD, AFOSR, DARPA, and DHS (through ISTS).

    Mobile agents (D'Agents system) [1994-2002]

    Mobile agents are software programs that can move from host to host at times and to places of their own choosing. They are a form of active mobile code that open up new possibilities in distributed computing. Our team created Agent Tcl, one of the first comprehensive mobile-agent software platforms in the research community. In a five-year DARPA-funded effort we transformed Agent Tcl into D'Agents, which supported Java and Scheme as well as the Tcl programming languages, and which enabled our research on performance aspects of mobile code, the security challenges in mobile code, and market-based control of mobile agents and distributed systems.

    The D'Agents web site has lots more information, and downloadable code.

    People: Professors George Cybenko, Bob Gray, and Daniela Rus, and many others.
    Funding: AFoSR, AFRL, ONR, DoD MURI, DARPA [details].

    Market-based resource control [1997-2003]

    The concept of market-based resource control is to use economic principles to drive resource management in distributed systems. We developed novel mechanisms for mobile agents to compete for resources in a distributed system of agent hosts; the relative budget provided to different agents provided them differing priority, and yet the agents' ability to bid for computing time at various hosts provided dynamic adaptation to load and load distribution.

    People: Daniela Rus, Jon Bredin, and collaborators at UIUC (Rajiv T. Maheswaran and Çagri Imer and Tamer Basar).
    Funding: DARPA.

    Parallel I/O (Armada project) [2001-06]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system.

    We developed the Armada parallel file system. The point of Armada is to allow a programmer more flexibility in specifying how data could flow from a set of I/O nodes to a set of computation nodes, in the context of large-scale computational grids. In these grids, network latency is significant, and it is important to pipeline the data flow. Armada allows the programmer to specify the data-transformation operators between the computation nodes and the I/O nodes, and internally optimizes the structure before automatically deploying the operators to intermediate nodes.

    For more information see the Armada web page.

    People: Ron Oldfield.
    Funding: DOE (Sandia National Labs).

    Parallel I/O (Galley project) [1994-98]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system.

    We developed the Galley parallel file system, which demonstrated the power of a split-level interface: a low-level interface that allowed efficient data transfers and in particular the ability of I/O nodes in a multiprocessor to execute some of the file-system code, and a set of high-level interfaces that may be specific to a programming language or application domain and thus most convenient for the programmer.

    For more information see the Galley web page.

    People: Nils Nieuwejaar.
    Funding: NSF, NASA.

    Parallel I/O (CHARISMA project) [1994-96]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system.

    One of the big challenges facing research on parallel file systems was to develop a solid understanding of the workload: what do parallel programmers actually do with parallel file systems. We launched a cooperative effort, called CHARISMA, to collect and analyze file-system traces from multiple applications on several different file systems. The resulting papers are some of the only work to characterize production parallel computer systems.

    For more information see the CHARISMA web page.

    People: Nils Nieuwejaar, Apratim Purakayastha, Mike Best, Carla Ellis.
    Funding: NSF, NASA.

    Parallel I/O (STARFISH project) [1994-97]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system.

    In the STARFISH project we developed the concept of disk-directed I/O, in which the application process requested a large parallel data transfer to or from a parallel file, and then the file system arranged the transfer of information between disks and memory in a way that suited the disks' own timing. The results show strong performance benefits--- but only if suitable interfaces allow the application to make such requests known to the file system at a high level.

    For more information see the STARFISH web page.

    People: just me.
    Funding: NSF.

    Parallel I/O (RAPID-Transit project) [1988-93]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system.

    We developed methods for caching in parallel file systems, and in particular several novel methods for prefetching data based on the patterns observed thus far. I implemented these methods on a Butterfly GP-1000 parallel computer and validated the results through experimentation.

    For more information see the RAPID-Transit web page.

    People: Carla Ellis.
    Funding: DARPA, NSF, NASA.

    Parallel I/O (other) [1991-2002]

    Large parallel computing systems, especially those used for scientific computation, consume and produce huge amounts of data. To provide the necessary semantics for parallel processes accessing a file, and to provide the necessary throughput for an application working with terabytes of data, requires a multiprocessor file system. We created an on-line bibliography of parallel I/O papers. This annotated bibliography helped many new researchers learn about and begin research in the area of parallel I/O.

    Single-address-space operating systems (SASOS) [1993-96]

    In the mid 1990s there was a lot of interest in operating systems that used a single, large address space, made possible by the new 64-bit microprocessors, to hold all processes and persistent data. Although the concept was interesting, it required an address to be used once and then never reused. We actually measured the usage of live computer systems to get a good estimate on how quickly such an address space would be consumed.

    People: Preston Crow.
    Funding: NASA.

    Education (DAPPLE project) [1990-96]

    In the DAPPLE project I set out to develop a mechanism to teach parallel programming to undergraduates, indeed, to undergraduates in their second computer science course. DAPPLE is an easy-to-use extension of C++ that was used for several years in Dartmouth's computer science classes. DAPPLE was (and is) available for download and use by others.

    People: just me.
    Funding: NSF.

    I also collaborated with old teammates to develop a free, distributed Internet version of the ACM Programming Contests. We ran the contest for several years, involving hundreds of students around the world. Some materials are still online. This project was a lot of fun.

    People: Owen Astrachan, Vick Khera, Steve Tate.
    Funding: none.

    Other papers

    There are a few papers that do not fit into other categories.

    Maintained by David Kotz (lastname AT cs.dartmouth.edu).
    Generated automatically on Fri Jul 3 09:54:52 EDT 2009.