Month: January 2018

Point and Vectors

Points
-represent location
-written as (x,y,z…)
e.g. (2,-1)

Vectors
-represent change in location
-magnitude and direction
-written as [x,y,z…]

Common practice to interchange points and vectors
Technically different but often a useful shortcut
V=[-2, -3] P=(-2,-3)
P=(-4,-4), Q=(4,-2)
v=[-1,4],w=[-2,0]

class Vector(object):
	def __init__(self, coordinates):
		try:
			if not coordinates:
				raise ValueError
			self.coordinate = tuple(cordinates)
			self.dimension = len(coordinates)

		except ValueError:
			raise ValueError('The coordinates must be nonempty')

		except TypeError:
			raise TypeError('The coordinate must be an iterable')

	def __str__(self):
		return 'Vector: {}'.format(self.coordinates)

Branches

1.Conditional branches
2.Unconditional branches
3.Function Calls
4.Indirect Jumps

Branch Architecture
Speculation: predicting branches, executing in anticipation
Predication: removing branches, converting code into one that depends on outcome of a condition for a commit.

VLIW Data Path

The way things are organized inside processors to allow storage of data!

CISC and DSP
-Memory-to-memory and complex addressing modes
-Accumulator:a target register of ALU
-Some storage specialities force complier to make binding choice and optimizations too early

RISC and VLIW
-Registers-to-registers: large register files
-Decoupling scheduling and register allocation

Processor: 16×16 bit, 32x32bit
ARM7, ARM9E, ARMv5TE

VLIW Machine:A VLIW machine with 8 32-bit independent datapaths

In the embedded world, characteristics of application domain are also very important
Simple Integer and Compare Operations
Carry, Overflow, and other flags

Fixed Point Multiplication

Partial interconnect clusters promise better scalability
The bypass network of a clustered VLIW is also partitioned.

Index Register Files
illegal, outputs locals, static
-compiler can explicitly allocate a variable-sized section of the register file
-used in proc call and return for stack management

VLIW instructions are separated into primitive instructions by the compiler.
During each instruction cycle, one VLIW word is fetched from the cache and decoded.
Instructions are then issued to functional units to be executed in parallel.
Since the primitive instructions are from the same VLIW word, they are guaranteed to be independent.

VLIW is load/store architecture
– mostly reuse RISC memory-addressing concepts
– special addressing modes
– registers – data and address
– memory could be banked, power efficient
– X-Y memory
– GPUs constant memory, shader memory, shared memory, local memory

ISA Design

Overview: What to hide
Basic: VLIW Design Principle
Designing a VLIW ISA for Embedded Systems
Instruction-set Encoding

Terminology: Fundamental RISC-like minimal unit of work
Instruction:
-Fundamental unit of encoding
-Refers to a parallel set of operations
Bundle: a memory-aligned encoding unit
-VEX calls syllable (the min-sized encoding unit)

The ISA allows the designer to treat the processor as a black box.
Understanding the ISA can help determine processor to use for a given system.

Delay slots of early RISC machines
Illusion of instant registers update in superscalar

VLIW Architecture
-Exposes a scheduler in the compiler
-Conversely, superscalar architecture hides this

Memory: off-chip, and not specialized
Registers: fast, on-chip, connected to logics
Baseline model: sequential execution
Pipelining: Parallelism in time
-whether implementation is hidden or exposed is a design choice
-hidden: out-of-order

Pipelines in modern processors

modern high performance processors:
15 to 20 stages: pentium 4 had a 20 stage pipeline

sequential program semantic
-tries to issue an instruction every clock cycle
-but, there are dependencies, control hazards and long latency instructions
-delays result in execution of < 1 instruction per cycle on an average VEX example: clock cycle and instruction Modern CPU Techniques: Pipelinig Execution stages are divided into several steps A later operation can share the resource used by the first operation in previous cycles Shared hardware can be pipeline e.g. Integer multiplier is pipelined. Instructions can be overlapped In embedded system, the choice of ISA is crucial! data or memory access: set a register to a fixed constant value control flow: branch, call functions arithmetic or logic: add, multiply, subtract, divide

Cloud security

On demand self service
Broad or wide network access
Resource pooling or sharing
Measured service
Rapid elasticity

SaaS, PaaS, IaaS
Software as a servicd: use the provider’s applications running on a cloud infrastructure
Platform as a service: consumer-created applications using programming languages and tools supported by the provider
Infrastructure as a service: Capability provided to the consumer to provision processing, storage, networks, and other fundamental computing resources

Key Issues:
Trust, multi-tenancy, encryption, compliance
Clouds are massively complex systems
Simple primitives and common functional units

Cloud security challenges
– trusting vendor’s security model
– Customer inability to respond to audit findings
– Obtaining support for investigations
– Indirect administrator accountability
– Proprietary implementations can’t be examined
– Loss of physical control

Primary Technology
-Virtualization
-Grid technology
-Service Oriented Architectures
-Distributed Computing
-Broadband Networks

Hypervisor has higher privilege than guest kernel
Security VM is separated from User VM

User = application + data (encrypt)

Frequency Analysis Attack
connect data with public information
Optimization Attack

Big Data security

Machine Learning Review
y = f(x)
output, prediction function, training/testing example

test image -> image features -> learned model -> prediction
raw pixels, histograms, gist descriptors

Decision Tree: Determining which attribute is best
Entropy(E) is the minimum number of bits needed represent the examples according to their class labels

There is no perfect way of labelling data, therefore there is really no perfect IDS dataset.

(flag = S0, service = http),(flag = S0, service = http) -> (flag = S0, service = http)[0.6, 2s]

Bitcoin Operation

Info from the public blockchain + Owner’s secret signing key
So it’s all about key management!

Simplest approach: store key in a file, on your computer or pphone
device compromised -> key leaked -> coins stolen

Hot storage: online convenient but risky
Cold storage: offline archival but safer

Generate a big batch of addresses/keys, transfer to hot beforehand

generateKeyHier -> address gen info -> genAddr -> ith address
-> private key gen info -> genKey -> ith key

block chain

linked list with hash pointers = “block chain”

Cryptocurrencies
CreateCoin[ uniqueCoinID ]
signed by pk (scret signing key)
-> Goofy coin

A coin’s owner can spend it – using cryptographic operations

signed by pk
Pay to pkalice:()

signed by pk
CreateCoin[ uniqueCoinID ]

Scrooge coin
A designated entity publishes an append-only ledger containing the history of all the transactions that have happened.
All transactions be written to the ledger before they are accepted.

DNS Thread

White: complete trust in this IP address
Black: No trust in this IP address
Grey: This IP address is not directly involved in spamming but is associated with spam-like behaviors
Yellow: This IP address is known to produce spam and non-spam email
NoBL: This IP address does not send spam, and should not be blacklisted. But it is not fully trustworthy.

SPAM ip address is black listed.
New IP addresses are trusted with the static blacklist model.
Static Blacklist Model: Innocent until proven guilty

Need a dynamic, comprehensive reputation system outputs reputation scores for domains
Extra temporal and statistical features from DNS traffic, compute/learn models

Kopis: Passive monitoring in the upper levels of the DNS hierarchy; internet-visibility

h(w) = (length of word w) mod 5
Given H(m), no easy way to find m
one-way function

Hash pointer contains:
-pointer to where some info is stored
-(cryptographic) hash of the info

Hash pointe
Hash of the data, Pointer to data