Recent research at the University of Central Florida involving crashes on I-4 in Orlando, Florida, has led to the creation of new statistical models capable of determining the crash risk on the freeway in real time. The potential benefits of variable speed limit (VSL) implementation for reducing the crash risk along the freeway at different loading scenarios was studied. VSL strategies were used in a networkwide attempt to reduce rear-end and lane-change crash risks where speed differences between upstream and downstream vehicles were high. The idea of homogeneous speed zones also was introduced in this study to determine the distance over which variable speed limits should be implemented from a station of interest. This idea is unique because it is the first time a dynamic distance has been considered for VSL implementation. This study shows that VSL is an effective crash prevention strategy when the freeway is operating in uncongested conditions. Specifically, in free-flow conditions and conditions approaching congestion, VSL can be used to reduce crash risk and prevent crash occurrence. It was also confirmed that the effects of crash migration increase as the level of congestion increases, and specific implementation techniques were found to better resist those effects. VSL was not found to effectively reduce crash risk in congested situations. This finding is sustained with logic and is supported by previous research.
Botnets have become one of the major attacks in current Internet due to their illicit profitable financial gain. Meanwhile, honeypots have been successfully deployed in many computer security defense systems. Since honeypots set up by security defenders can attract botnet compromises and become spies in exposing botnet membership and botnet attacker behaviors, they are widely used by security defenders in botnet defense. Therefore, attackers constructing and maintaining botnets will be forced to find ways to avoid honeypot traps. In this paper, we present a hardware and software independent honeypot detection methodology based on the following assumption: security professionals deploying honeypots have liability constraint such that they cannot allow their honeypots to participate in real attacks that could cause damage to others, while attackers do not need to follow this constraint. Attackers could detect honeypots in their botnets by checking whether compromised machines in a botnet can successfully send out unmodified malicious traffic. Based on this basic detection principle, we present honeypot detection techniques to be used in both centralized botnets and peer-to-peer structured botnets. Experiments show that current standard honeypot and honeynet programs are vulnerable to the proposed honeypot detection techniques. In the end, we discuss some guidelines for defending against general honeypot-aware attacks.
We present an extension of traditional "black box" fuzz testing using a genetic algorithm based upon a Dynamic Markov Model fitness heuristic. This heuristic allows us to "intelligently" guide input selection based upon feedback concerning the "success" of past inputs that have been tried. Unlike many software testing tools, our implementation is strictly based upon binary code and does not require that source code be available. Our evaluation on a Windows server program shows that this approach is superior to random black box fuzzing for increasing code coverage and depth of penetration into program control flow logic. As a result, the technique may be beneficial to the development of future automated vulnerability analysis tools.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.