Cloud computing is rapidly increasing in popularity. Companies such as RedHat, Microsoft, Amazon, Google, and IBM are increasingly funding cloud infrastructure research, making it important for students to gain the necessary skills work with cloud-based resources. This paper presents a free, educational research platform called Seattle that community-driven, common denominator diverse types, broadly deployed.

Twitter does not impose a Real-Name policy for usernames, giving users the freedom to choose how they want be identified. This results in some being Identifiable (disclosing their full name) and Anonymous neither first nor last name).

Today's software update systems have little or no defense against key compromise. As a result, compromises put millions of clients at risk. Here we identify three classes information whose authenticity and integrity are critical for secure updates. Analyzing existing with our framework, find their ability to communicate this securely in the event compromise be weak nonexistent. We also that security problems current compounded by inadequate trust revocation mechanisms. core principles allow...

Despite the security community's emphasis on importance of building secure software, number new vulnerabilities found in our systems is increasing. In addition, that have been studied for years are still commonly reported vulnerability databases. This paper investigates a hypothesis software blind spots developer's heuristic-based decision-making processes. Heuristics simple computational models to solve problems without considering all information available. They an adaptive response short...

Humans often mistake the meaning of source code, and so misjudge a program's true behavior. These mistakes can be caused by extremely small, isolated patterns in which lead to significant runtime errors. are used large, popular software projects even recommended style guides. To identify code that may confuse programmers we extracted preliminary set `atoms confusion' from known confusing code. We show empirically an experiment with 73 participants these significantly increased rate...

This work studies the security of ten popular package managers. These managers use different mechanisms that provide varying levels usability and resilience to attack. We find that, despite their existing mechanisms, all these have vulnerabilities can be exploited by a man-in-the-middle or malicious mirror. While current suffer from vulnerabilities, is also positively negatively impacted distribution's practices. Weaknesses in are more easily when distributions third-party mirrors as...

In this article we discuss Uptane, the first, to our knowledge, compromise-resilient software update security system designed specifically for vehicles. It is make obtaining all pieces required control a vehicle extremely difficult attackers.

Smartphones serve as a technical interface to the outside world. These devices have embedded, on-board sensors (such accelerometers, WiFi, and GPSes) that can provide valuable information for investigating users' needs behavioral patterns. Similarly, computers are embedded in vehicles capable of collecting sensor data be accessed by smartphones through use On-Board Diagnostics (OBD) sensors. This paper describes prototype mobile computing platform provides access vehicles' using tablets,...

Cloud computing is rapidly increasing in popularity. Companies such as RedHat, Microsoft, Amazon, Google, and IBM are increasingly funding cloud infrastructure research, making it important for students to gain the necessary skills work with cloud-based resources. This paper presents a free, educational research platform called Seattle that community-driven, common denominator diverse types, broadly deployed. community-driven -- universities donate available compute resources on multi-user...

Flaws in the standard libraries of secure sandboxes represent a major security threat to billions devices worldwide. The are hard because they frequently need perform low-level operations that forbidden untrusted application code. Existing designs have single, large trusted computing base contains checks at boundaries between and Unfortunately, flaws library often allow an attacker escape protections sandbox.

This paper introduces NetCheck, a tool designed to diagnose network problems in large and complex applications. NetCheck relies on blackbox tracing mechanisms, such as strace, automatically collect sequences of system call invocations generated by the application hosts. performs its diagnosis (1) totally ordering distributed set input traces, (2) utilizing model identify points ordered execution where traces deviated from expected semantics.Our evaluation demonstrates that is able failures...

Data collected by fitness trackers could play an important role in improving the health and well-being of individuals who wear them. Many insurance companies even offer monetary rewards to participants meet certain steps or calorie goals. However, order for it be useful, data must accurate also reflect real-world performance. While previous studies have compared step counts controlled laboratory environments limited periods time, few been done measure performance over longer while subject...

Prior work has shown that extremely small code patterns, such as the conditional operator and implicit type conversion, can cause considerable misunderstanding in programmers. Until now, real world impact of these patterns - known 'atoms confusion' was only speculative. This uses a corpus 14 most popular influential open source C C++ projects to measure prevalence significance confusing patterns. Our results show 15 types micro occur millions times programs like Linux kernel GCC, appearing...

A novel machine-based classifier system leverages Twitter user anonymity patterns and their correlation to content sensitivity automatically identify accounts that tweet sensitive content. Anonymity's role in society the nuances complexity of are confirmed.

EdgeNet is a public Kubernetes cluster dedicated to network and distributed systems research, supporting experiments that are deployed concurrently by independent groups. Its nodes hosted multiple institutions around the world. It represents departure from classic model, where available single tenant reside in small number of well-interconnected data centers. The free open-source code extends edge, making three key contributions: multi-tenancy, geographical deployments, single-command node...

Atoms of confusion are small patterns code that have been empirically validated to be difficult hand-evaluate by programmers. Previous research focused on defining and quantifying this phenomenon, but not explaining or critiquing it. In work, we address core omissions the body work atoms confusion, focusing 'how' 'why' programmer misunderstanding.