skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Advanced Data Structures for Improved Cyber Resilience and Awareness in Untrusted Environments: LDRD report.

Abstract

This report summarizes the work performed under the project "Advanced Data Structures for Im- proved Cyber Resilience and Awareness in Untrusted Environments." The goal of the project was to design, analyze, and test new data structures for cybersecurity applications. We had two major thrusts: 1) using new/improved write-optimized data structures and/or algorithms to better man- age and analyze high-speed massive-volume cyberstreams, and 2) adding security features to data structures at minimum cost. Write optimization allows data structures to better use secondary memory to store and search a larger amount of useful information. Secondary memory is large compared to main memory, but data movement to and from secondary memory must be carefully managed to run quickly enough to keep up with fast streams. The first thrust included managing cyberstreams in parallel, both multi-threaded and distributed, and improving the benchmarking infrastructure for testing new streaming data structures. We considered both (near) real-time discovery of particular patterns, and improved logging for improved forensics. We considered two kinds of security-feature problem. The first was high-performance history- independent external-memory data structures. These provide certain protections to data if a disk is stolen. We also prove some trade-offs between speed and security in this setting. Themore » second data-security problem is more secure data look-up in secret-shared data bases. This report summarizes the project's major accomplishments, with the background to under- stand these accomplishments. It gathers the abstracts and references for the six refereed publica- tions that have appeared as part of this work. We summarize several accomplishments that will be submitted for publication. We then archive one piece of partial work that is not likely to be published in the near future: validation of history-independent data structure implementations.« less

Authors:
; ; ; ; ; ; ; ; ; ; ; ; ; ;
Publication Date:
Research Org.:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Sandia National Laboratories, Livermore, CA
Sponsoring Org.:
USDOE National Nuclear Security Administration (NNSA)
OSTI Identifier:
1528756
Report Number(s):
SAND2018-5404
663261
DOE Contract Number:  
AC04-94AL85000
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English

Citation Formats

Bender, Michael A., Berry, Jonathan W., Farach-Colton, Martin, Jacobs, Justin, Johnson, Rob, Kroeger, Thomas M, Mayer, Tyler, McCauley, Samuel, Pandey, Prashant, Phillips, Cynthia A., Porter, Alexandra, Singh, Shikha, Raizes, Justin, Xu, Helen, and Zage, David. Advanced Data Structures for Improved Cyber Resilience and Awareness in Untrusted Environments: LDRD report.. United States: N. p., 2018. Web. doi:10.2172/1528756.
Bender, Michael A., Berry, Jonathan W., Farach-Colton, Martin, Jacobs, Justin, Johnson, Rob, Kroeger, Thomas M, Mayer, Tyler, McCauley, Samuel, Pandey, Prashant, Phillips, Cynthia A., Porter, Alexandra, Singh, Shikha, Raizes, Justin, Xu, Helen, & Zage, David. Advanced Data Structures for Improved Cyber Resilience and Awareness in Untrusted Environments: LDRD report.. United States. doi:10.2172/1528756.
Bender, Michael A., Berry, Jonathan W., Farach-Colton, Martin, Jacobs, Justin, Johnson, Rob, Kroeger, Thomas M, Mayer, Tyler, McCauley, Samuel, Pandey, Prashant, Phillips, Cynthia A., Porter, Alexandra, Singh, Shikha, Raizes, Justin, Xu, Helen, and Zage, David. Tue . "Advanced Data Structures for Improved Cyber Resilience and Awareness in Untrusted Environments: LDRD report.". United States. doi:10.2172/1528756. https://www.osti.gov/servlets/purl/1528756.
@article{osti_1528756,
title = {Advanced Data Structures for Improved Cyber Resilience and Awareness in Untrusted Environments: LDRD report.},
author = {Bender, Michael A. and Berry, Jonathan W. and Farach-Colton, Martin and Jacobs, Justin and Johnson, Rob and Kroeger, Thomas M and Mayer, Tyler and McCauley, Samuel and Pandey, Prashant and Phillips, Cynthia A. and Porter, Alexandra and Singh, Shikha and Raizes, Justin and Xu, Helen and Zage, David},
abstractNote = {This report summarizes the work performed under the project "Advanced Data Structures for Im- proved Cyber Resilience and Awareness in Untrusted Environments." The goal of the project was to design, analyze, and test new data structures for cybersecurity applications. We had two major thrusts: 1) using new/improved write-optimized data structures and/or algorithms to better man- age and analyze high-speed massive-volume cyberstreams, and 2) adding security features to data structures at minimum cost. Write optimization allows data structures to better use secondary memory to store and search a larger amount of useful information. Secondary memory is large compared to main memory, but data movement to and from secondary memory must be carefully managed to run quickly enough to keep up with fast streams. The first thrust included managing cyberstreams in parallel, both multi-threaded and distributed, and improving the benchmarking infrastructure for testing new streaming data structures. We considered both (near) real-time discovery of particular patterns, and improved logging for improved forensics. We considered two kinds of security-feature problem. The first was high-performance history- independent external-memory data structures. These provide certain protections to data if a disk is stolen. We also prove some trade-offs between speed and security in this setting. The second data-security problem is more secure data look-up in secret-shared data bases. This report summarizes the project's major accomplishments, with the background to under- stand these accomplishments. It gathers the abstracts and references for the six refereed publica- tions that have appeared as part of this work. We summarize several accomplishments that will be submitted for publication. We then archive one piece of partial work that is not likely to be published in the near future: validation of history-independent data structure implementations.},
doi = {10.2172/1528756},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2018},
month = {5}
}