A5102981606- Distributed and Parallel Computing Systems
- Advanced Data Storage Technologies
- Scientific Computing and Data Management
- Network Security and Intrusion Detection
- Particle Detector Development and Performance
- Nuclear physics research studies
- Particle physics theoretical and experimental studies
- Internet Traffic Analysis and Secure E-voting
- Cloud Computing and Resource Management
- Parallel Computing and Optimization Techniques
- Astronomical Observations and Instrumentation
- Software-Defined Networks and 5G
- Astronomy and Astrophysical Research
- CCD and CMOS Imaging Sensors
- Gamma-ray bursts and supernovae
- Software Testing and Debugging Techniques
- Software System Performance and Reliability
- Radiation Detection and Scintillator Technologies
- Peer-to-Peer Network Technologies
- Quantum Chromodynamics and Particle Interactions
- Radiation Therapy and Dosimetry
- IoT and Edge/Fog Computing
- Caching and Content Delivery
- Nuclear Physics and Applications
- Particle Accelerators and Free-Electron Lasers
SLAC National Accelerator Laboratory
2012-2025
Chinese Academy of Sciences
2006-2024
Nanjing University of Information Science and Technology
2024
Institute of Information Engineering
2019-2024
University of Chinese Academy of Sciences
2022-2023
Institute of Information Security
2023
Stanford University
2003-2022
National Security Technologies (United States)
2022
Changchun Normal University
2021
China Information Technology Security Evaluation Center
2021
In the past year ATLAS Collaboration accelerated its program to federate data storage resources using an architecture based on XRootD with attendant redirection and integration services. The main goal of federation is improvement in access experience for end user while allowing more efficient intelligent use computing resources. Along these advances come existing production services (PanDA pilot services) management (DQ2, next generation, Rucio). Functional testing has been integrated into...
Distributed Denial of Service (DDoS) attacks have occurred frequently in recent years, causing massive damage. It is critical to detect DDoS fast and accurately. Previous Deep Learning (DL) methods for detecting barely leverage the relationships between packets flows traffic, which are crucial information that can significantly improve detection performance. This paper proposes GraphDDoS, a GNN-based approach using endpoint traffic graphs. Concretely, we convert into graphs, containing...
Inherited from the flexible architecture of Xrootd, Xcache allows a wide range customization through configurations and plugin modules. This paper describes several completed ongoing R&D efforts using in LHC ATLAS distributed computing environment, particular, with data management system Rucio for easy-to-use to improve cache hit rate, replace Squid distribution large files CVMFS, adapt HPC environment lake model efficient access HPCs.
In a static network, attackers can easily launch network attacks on target hosts which have long-term constant IP addresses. order to defend against effectively, many defense approaches use hopping dynamically transform configuration. However, these usually focus one type of attacks, scanning or Denial Service (DoS) and cannot sense situations. This paper proposes AHIP, an adaptive method for moving (MTD) different attacks. We trained lightweight one-dimensional convolutional neural (1D-CNN)...
The Vera C. Rubin Observatory will produce an unprecedented astronomical data set for studies of the deep and dynamic universe. Its Legacy Survey Space Time (LSST) image entire southern sky every three to four days tens petabytes raw associated calibration over course experiment’s run. More than 20 terabytes must be stored night, annual campaigns reprocess dataset since beginning survey conducted ten years. Production Distributed Analysis (PanDA) system was evaluated by Data Management team...
The Vera C. Rubin Observatory is preparing to execute the most ambitious astronomical survey ever attempted, Legacy Survey of Space and Time (LSST). Currently final phase construction under way in Chilean Andes, with Observatory’s ten-year science mission scheduled begin 2025. Rubin’s 8.4-meter telescope will nightly scan southern hemisphere collecting imagery wavelength range 320–1050 nm covering entire observable sky every 4 nights using a 3.2 gigapixel camera, largest imaging device built...
The goal of this work is to characterize scientific data transfers and determine the suitability dynamic virtual circuit service for these instead currently used IP-routed service. Specifically, logs collected by servers executing a commonly transfer application, GridFTP, are obtained from three US super-computing/scientific research centers, NERSC, SLAC, NCAR, analyzed. Dynamic (VC) service, relatively new offering providers such as ESnet Internet2, allows selection path on which...
Internet Protocol Version 6 (IPv6) is expected for widespread deployment worldwide. Such rapid development of IPv6 may lead to safety problems. The main threats in networks are denial service (DoS) attacks and distributed DoS (DDoS) attacks. In addition the similar 4 (IPv4), has introduced new potential vulnerabilities, which DDoS based on Control Message version (ICMPv6). We divide such into two categories: pure flooding source address spoofing propose P4-NSAF, a scheme defend against above...
Early stage experimental data in structural biology is generally unmaintained and inaccessible to the public. It increasingly believed that this data, which forms basis for each macromolecular structure discovered by field, must be archived and, due course, published. Furthermore, widespread use of shared scientific facilities such as synchrotron beamlines complicates issue storage, access movement, does increase remote users. This work describes a prototype system adapts existing federated...
The HPC environment presents several challenges to the ATLAS experiment in running their automated computational workflows smoothly and efficiently, particular regarding issues such as software distribution I/O load. A vital component of LHC Computing Grid, CVMFS, is not always available environments. computing has experimented with all-inclusive containers, later developed an produce containers for both Shifter Singularity. include most recent releases, database other tools extracted from...
XrootdFS is a FUSE based mountable Posix filesystem. It glues all the data servers in Xrootd storage cluster together and presents it as single, compliant, multi-user networked The ways handles IO operations metadata are specifically designed for Xrootd's unique redirection mechanism. With we can use system Grid Storage Element. has been adopted by many sites management, well access applications that do not native interface.
User data analysis in high energy physics presents a challenge to spinning-disk based storage systems. The is intense, yet reads are small, sparse and cover large volume of files. It also unpredictable due users' response performance. We describe here system with an array Solid State Disk as non-conventional, standalone file level cache front the spinning disk help improve performance LHC ATLAS user at SLAC. uses several days access records make caching decisions. can use information from...
With the development of radioactive ion beam devices along with associated nuclear experimental detection technologies, research areas in atomic nuclei have been further expanded, illustrating many new aspects excitation as well physics exotic far from <i>β</i>-stability line. For weakly bound nuclei, Fermi surface may lie near continuum, which facilitates easy scattering valence nucleons into continuum to occupy resonance state. These effects are crucial importance explaining...
The S3 Gateway is a server based application that provides bridge between protocols and security used in the HEP community to its associated model. This allows use of common copy tools on models store or download data from storage. storage can reside public private cloud. paper details motivation for implementing such service how it address certain problem when dealing with only accessible via protocol.
As many LHC Tier-3 and some Tier-2 centers look toward streamlining operations, they are considering autonomously managed storage elements as part of the solution. These essentially file caching servers. They can operate whole or data block level caches. Several implementations exist. In this paper we explore using XRootD servers that in either mode. also (i.e. demand driven), be centrally a Rucio cache), both modes. We pros cons various configurations well practical requirements for to...
The exponentially increasing need for high speed data transfer is driven by big data, and cloud computing together with the needs of intensive science, High Performance Computing (HPC), defense, oil gas industry etc. We report on Zettar ZX software. This has been developed since 2013 to meet these growing providing performance encryption in a scalable, balanced, easy deploy use way while minimizing power space utilization. In collaboration several commercial vendors, Proofs Concept (PoC)...
ATLAS has developed and previously presented a new computing architecture, the Event Service, that allows real time delivery of fine grained workloads which process dispatched events (or event ranges) immediately streams outputs. The principal aim was to profit from opportunistic resources such as commercial cloud, supercomputing, volunteer computing, otherwise unused cycles on clusters grids. During development deployment phase, its utility also grid conventional for exploitation became...
Network Anomaly Detection (NAD) has become the foundation for network management and security due to rapid development adoption of edge computing technologies. There are two main characteristics NAD tasks: tabular input data imbalanced classes. Tabular format means tasks take both sparse categorical features dense numerical as input. In order achieve good performance, detection model needs handle types efficiently. Among all widely used models, Gradient Boosting Decision Tree (GBDT) Neural...
Network intrusion detection system (NIDS) takes necessary measures when detecting threats. Since most of the malicious contents like phishing sites and advanced persistent threats are transmitted on transmission control protocol (TCP), existing usually injection-based, such as injecting a reset (RST) packet to terminate connection or HTTP 302 response redirect users' requests. Injection is feasible measure but unable scrub traffic removing contents. Therefore, taking over TCP connections...
We report the negative result of a search for decay products long-lived particles having lifetimes in range 50 milliseconds to 10 hours. The upper limit "cross section production and capture" such 33-cm aluminum target irradiated with 400-GeV protons is set at less than ${10}^{\ensuremath{-}36}$ ${\mathrm{cm}}^{2}$.
We have used a directional gas Cherenkov counter, which employed six phototubes to sample light from single particles having $\ensuremath{\gamma} [\ensuremath{\equiv}{(1\ensuremath{-}\frac{{v}^{2}}{{c}^{2}})}^{\ensuremath{-}\frac{1}{2}}]$ greater than \ensuremath{\sim} 10, achieve accidental rates of less one per day if operated near targets with surface radiation levels as high ${10}^{+3}$ R/h. The cosmic-ray background measured by our apparatus was reduced mounting counter above the...