R.J. Enbody

R.J. Enbody
Michigan State University | MSU · Department of Computer Science and Engineering

Ph.D.

About

120
Publications
37,162
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,162
Citations
Introduction
Skills and Expertise
Education
August 1982 - June 1987
University of Minnesota
Field of study
  • Computer Science
September 1972 - June 1976
Carleton College
Field of study
  • Mathematics

Publications

Publications (120)
Article
Ransomware have observed a steady growth over the years with several concerning trends that indicate efficient, targeted attacks against organizations and individuals alike. These opportunistic attackers indiscriminately target both public and private sector entities to maximize gain. In this article, we highlight the criticality of key management...
Article
The threat of ransomware is ever growing. Not all ransomware types are created equal and the cryptosystems in some forms are more virulent than others. This article dissects eight real-world variants belonging to different families of .NET ransomware and provides insights into key generation, encryption and other aspects of the ransomware kill chai...
Article
Full-text available
Ransomware infections are rising exponentially. The attackers are motivated to extort money from individuals and organizations by infecting the systems with malicious code and altering the state of data for ransom. In this paper, ransomware is dissected in detail to expose design and behavioral characteristics. A number of ransomware families are i...
Article
Improperly secured Internet of Things (IoT) devices have been commandeered by bot herders and other malicious attackers. Organisations need a way to identify and track these IoT devices, which are often brought in unofficially by users. But network administrators face a number of challenges in tracking IoT devices across their organisation. Imprope...
Conference Paper
Full-text available
Previous research has found that programming assignments can produce strong emotional reactions in introductory programming students. These emotional reactions often have to do with the frustration of dealing with difficulties and how hard it can be to overcome problems. Not only are these emotional reactions powerful in and of themselves, they hav...
Conference Paper
Full-text available
We investigate if a mobile application running on a touch-enabled device can continuously and unobtrusively authenticate and identify its users based only on their interactions with the user interface of the application. A unique advantage that this modality provides over other implicit modalities on mobile devices is that every user who uses the m...
Conference Paper
Full-text available
Previous research in computer science education has demon- strated the importance of motivation for success in introduc- tory programming. Theoretical constructs from self-regulated learning theory (SRL), which integrates several different types of metacognitive processes, as well as motivational constructs, have proved to be important predictors o...
Conference Paper
Full-text available
Previous research has suggested that cognitive tests, including instruments seeking to measure problem solving, are significant predictors of students' programming performance. This paper seeks to expand upon this previous research by using a more theoretically grounded approach to measuring problem solving as a means of predicting performance in a...
Article
Cyber criminals are covertly attacking critical infrastructures, and botnets are a common component of those attacks. In recent years, botnets have been shifting their focus from broad-based attacks to more targeted ones such as attacking financial institutions, especially banks. The primary reason for this shift towards financial institutions is t...
Article
Cyber-crime increasingly impacts both the online and offline world, and targeted attacks play a significant role in disrupting services in both. Targeted attacks are those that are aimed at a particular individual, group, or type of site or service. Unlike worms and viruses that usually attack indiscriminately, targeted attacks involve intelligence...
Article
Cyber criminals are using advanced attacks to exploit online banking systems and services to covertly steal money. This paper describes the tactics currently used by cyber criminals to conduct cyber bank robbery.
Article
Crimeware-as-a-service (CaaS) has become a prominent component of the underground economy. CaaS provides a new dimension to cyber crime by making it more organized, automated, and accessible to criminals with limited technical skills. This paper dissects CaaS and explains the essence of the underground economy that has grown around it. The paper al...
Article
Botnet malware is improving with the latest (3rd) generation exemplified by the SpyEye and Zeus botnets. These botnets are important to understand because they target online financial transactions, primarily with banks. In this paper, we analyze the components from multiple generations of the SpyEye botnet in order to understand both how it works a...
Article
Full-text available
Fault localization (FL) is the process of debugging erroneous code and directing analysts to the root cause of the bug. With this in mind, we have developed a distributed, end-to-end fuzzing and analysis system that starts with a binary, identifies bugs, and subsequently localizes the bug's root cause. Our system does not require the test subject's...
Article
Cybercrime's tentacles reach deeply into the Internet. A complete, underground criminal economy has developed that lets malicious actors steal money through the Web. The authors detail this enterprise, showing how information, expertise, and money flow through it. Understanding the underground economy's structure is critical for fighting it.
Article
Targeted cyberattacks play an increasingly significant role in disrupting the online social and economic model, not to mention the threat they pose to nation-states. A variety of components and techniques come together to bring about such attacks.
Article
Proxies play a critical privacy role because these are widely used for anonymous surfing and identity cloaking on the Internet. In addition, proxies also assist in traffic filtering, traffic management, log auditing, access policies and surfing restricted sites. There are several types of proxies available, but the Glype HTTP proxy is used extensiv...
Article
The sphere of malware attacks is expanding to engulf the compact world of smartphones. This paper sheds light on exploitation tactics used by malware writers in designing iPhone applications that exploit the integrity of the victim's phone. Our interest is in the harder problem of malware on iPhones that are not jailbroken.
Article
Framebusting code can prevent one type of clickjacking, but new features of HTML 5 allow a malicious developer to nullify this protection. New iframe attributes – currently supported only by Google Chrome but likely to be introduced on other browsers – can bypass the protection mechanisms provided by framebusting code. Although the new iframe attri...
Article
The banking industry is grappling with the problem of malware infections in clients. The exploitation of web vulnerabilities in a bank's website can expose online monetary transactions to fraud. Vulnerabilities such as Cross-Site Scripting (XSS), clickjacking, MIME sniffing and Cross-Site Request Forgery (CSRF) allow information in one session to b...
Article
Browsers are a vital component of every computer system as they serve as the interface to the Internet. However, the extensible nature of browsers has facilitated the proliferation of malware infections. In this article, we examine the design of malicious extensions used to steal information from browsers in order to conduct illegal transactions. T...
Article
A browser is considered to be a functional window to the Internet. It is interface software that serves as a communication medium between the users and the Internet. Sophisticated attack patterns and design flaws in browsers pose serious threats to user security, privacy, and integrity. Recent advancements have shown that browser User Interface (UI...
Article
Online advertisements provide a convenient platform for spreading malware. Since ads provide a significant portion of revenue on the web, significant effort is put into attracting users to them. Malicious agents take advantage of this skillful attraction and then redirect users to malicious sites that serve malware. Advertisers use Web 2.0 function...
Article
Full-text available
Buffer-overflow attacks began two decades ago and persist today. Over that time, a number of researchers have proposed many solutions. Their targets were either to prevent or to protect against buffer-overflow attacks. As defenses improved, attacks adapted and became more complicated. Given the maturity of field and the fact that some solutions now...
Article
Full-text available
A continuous and fully automated software exploit discovery and development pipeline for real-world problems has not yet been achieved, but is desired by defenders and attackers alike. We have made significant steps toward that goal by combining and enhancing known bug hunting and analysis techniques. The first step is the implementation of an easy...
Conference Paper
Full-text available
The stringency of attacks has grown simultaneously with the development of the web. To combat some of the new attacks, declarative security has been proposed in the form of HTTP response headers from the server side. The declarative model provides an extensible set of security parameters in form of HTTP responses. In this, browsers can respond with...
Conference Paper
Full-text available
If you change the CS1 language to Python, what is the impact on the rest of the curriculum? In earlier work we examined the impact of changing CS1 from C++ to Python while leaving CS2 in C++. We found that Python-prepared CS1 students fared no differently in CS2 than students whose CS1 course was in C++, even though CS2 was taught in C++ and covere...
Article
We recently converted a CS1 (Introduction to Computing) class to use the Python language in place of C++. Among other reasons, we hoped that the new language would help students who typically struggled with the course. Our typical drop+fail rate was around 25%-30% for C++, and we hoped the conversion would reduce this number. Though it did reduce s...
Conference Paper
Full-text available
How suitable is a Python-based CS1 course as preparation for a C++-based CS2 course? After fifteen years of using C++ for both CS1 and CS2, the Computer Science Depart- ment at Michigan State University changed the CS1 course to Python. This paper examines the impact of that change on the second course in the sequence, CS2, which kept C++ as its pr...
Article
Full-text available
A framework to motivate safe online behavior that interprets prior research and uses it to evaluate some of the nonprofit online safety education efforts is presented. Self-efficacy and response efficacy have the most consistent impact on safety behavior, and also interacts with risk perceptions. Fear is most likely to work if the threat informatio...
Article
Piromsopa and Enbody [1] proposed Secure Bit, a mechanism to protect against buffer overflow attacks on control data (return-addresses and function-pointers). This paper explores the architecture of Secure Bit: its implementation and its performance impact. We consider memory organization, cache organization, and processor modifications. Secure Bit...
Article
Full-text available
We propose a minimalist, architectural approach, Secure Bit (patent pending), to protect against buffer overflow attacks on control data (return-address and function-pointer attacks in particular). Secure Bit provides a hardware bit to protect the integrity of addresses for the purpose of preventing such buffer-overflow attacks. Secure Bit is trans...
Conference Paper
Full-text available
We propose a framework for protecting against buffer overflow attacks $the oldest and most pervasive attack technique. The malicious nature of buffer-overflow attacks is the use of external data (input) as addresses (or control data). With this observation, we establish a sufficient condition for preventing buffer-overflow attacks and prove that it...
Conference Paper
Full-text available
Recent advances in buffer-overflow protection are able to eliminate several common types of buffer-overflow attacks (e.g. stack smashing, jump table). In this paper, we introduce arbitrary copy, a type of buffer-overflow attack that is capable of bypassing most buffer-overflow solutions. By overflowing both source and destination pointers of any st...
Chapter
An analysis of the performance of an Lanczos Eigenvalue Solver routine on a Cray T3E-900 MPP is described. The analysis based on the Amdahl law is presented for essentially non-sparse matrices. Efforts were done to reduce the sequential fraction of the code below 1%. It is proven that the collective communication of MPI can be very efficiently used...
Article
Outsourcing, as a popular business model, helps enterprises cut operating costs, but at the same time it also puts the enterprise's sensitive data in danger. How to ensure that private data is safe when it is distributed across the enterprises in a outsourcing chain is a critical security issue. Based on the reality of wide usage of workflow in ent...
Article
Full-text available
Abstract—When examining a new cache structure or replacement policy, the optimal policy is a useful baseline. In this paper, we prove that finding the optimal schedule is NP-hard for any but the simplest of caches, and that no polynomial-time approximation scheme exists for this problem unless P=NP.
Article
Full-text available
We study the on-line caching problem in a restricted cache where each memory item can be placed in only a restricted subset of cache locations. Examples of restricted caches in practice include victim caches, assist caches, and skew caches. To the best of our knowledge, all previous on-line caching studies have considered on-line caching in identic...
Conference Paper
Throughout the history of computer science education there has been debate on what should be the appropriate mathematics background for computer science majors. The first computer science instructors were mathematicians and the first curriculums were just modifications of mathematics curriculums. However, as the discipline has grown and matured the...
Article
Full-text available
Summary Using Amdahl's law as a metric, the authors illustrate a technique for developing efficient code on massively par- allel processor (MPP) performance class networks to solve nontrivial, high performance scientific problems. They also show the importance of collective communica- tion within the message-passing interface (MPI) paradigm for som...
Article
Full-text available
Using Amdahl's law as an instrumentation guide we illustrate a technique for developing efficient code on Massively Parallel Processor (MPP) performance-class networks to solve nontrivial, high performance scientific problems. We also show the importance of collective communication within the Message Passing Interface (MPI) paradigm for some applic...
Article
We recently ported and optimized a Carbon Molecular Dynamics code developed at Michigan State University on a cluster of workstations connected via a gigabit SCI network. Using an extension of Amdahl's Law as an instrumentation tool we analyzed the primary factors influencing the performance of the parallel code: the sequential component, load bala...
Article
Full-text available
This paper describes the implementation of thread balancing software intended to allow the sharing of a large parallel processing system under a variety of load conditions. The system under consideration for this study is the Convex Exemplar scalable, parallel-processing system. While this paper is focused on the performance of this technique on th...
Conference Paper
Full-text available
It seems likely that density concerns will force the DRAM community to consider using radically different schemes for the implementation of memory devices. We propose using nano-scale carbon structures as the basis for a memory device. A single-wall carbon nanotube would contain a charged buckyball. That buckyball will stick tightly to one end of t...
Conference Paper
Changes in ABET accreditation criteria and processes have changed the emphasis of the site visit from “auditing” to “information exchange. ” As part of an ongoing process of program evaluation and improvement, the site visit is most successful if the evaluator and the program representatives function as colleagues rather than adversaries. This pape...
Article
Imagine that you could directly monitor the performance of a processor while it is running. How would that affect a computer architecture course? The current generation of microprocessors has performance monitoring registers on chip which can be read by users. The result is real-time monitoring of processor performance, and a new opportunity for co...
Article
Full-text available
This paper outlines the computer organization and architecture courses in the Department of Computer Science and Engineering at Michigan State University.
Article
We recently ported and optimized a Carbon Molecular Dynamics code developed at Michigan State University on a Massively Parallel Cray T3E-900. In experiments guided by Amdahl's Law we analyzed the primary factors influencing the performance of the parallel code: the sequential component, load balance, and communication overhead. Significant improve...
Conference Paper
Full-text available
The College of Engineering at Michigan State University is applying for accreditation in 1998 under the Engineering Criteria 2000 of ABET (Accreditation Board for Engineering and Technology, Inc.) The ABET2k criteria represent a significant shift in accreditation philosophy in how it emphasizes continuous quality improvement (CQI). This paper outli...
Article
Contention has been shown to degrade communication in the recently introduced wormhole-routed computers. In this paper, we develop a theoretical framework to model and predict the effect of contention on the communication performance for a given application with non-uniform communication. A two-parameter metric is introduced as a measure of quality...
Conference Paper
An analysis of the primary factors influencing the performance of a parallel implementation on a Cray T3E of a Carbon Molecular Dynamics code developed at Department of Physics and Astronomy at Michigan State University is presented. We show that classical load-sharing techniques combined with careful analysis of Amdahl's law can be successfully us...
Conference Paper
Full-text available
The work considers the best way to handle a diverse mix of multi-threaded and single-threaded jobs running on a single symmetric parallel processing system. The traditional approaches to this problem are free scheduling, gang scheduling, or space sharing. The paper examines a less common technique called dynamic space sharing. One approach to dynam...
Conference Paper
Full-text available
Automatic self allocating threads (ASAT) is proposed as a way to balance the number of active threads across a shared-memory multiprocessing system. Our approach is significant in that it is designed for a system running multiple jobs, and it considers the load of all running jobs in its thread allocation. In addition, the overhead of ASAT is suffi...
Article
MANAGING THE OVERALL BALANCE OF OPERATING SYSTEM THREADS ON A MULTIPROCESSOR USING AUTOMATIC SELF-ALLOCATING THREADS (ASAT) While commodity processor based parallel processing systems have an advantage over traditional supercomputers in price/performance, traditional supercomputers retain a significant advantage over parallel processing systems in...
Article
Full-text available
Contention has been shown to degrade communication in the recently introduced wormhole-routed computers. In this paper, we develop a theoretical framework to model and predict the effect of contention on the communication performance for a given application with non-uniform communication. A two-parameter metric is introduced as a measure of quality...
Article
Full-text available
This paper explores some of the issues in the improvement of the performance of Real-Valued Indexed (RVI) arrays using dynamic load balancing. RVI arrays are a possible extension to FORTRAN which allow the programmer to express spatial problems in an intuitive manner allowing the compiler and run-time environment flexibility in the actual storage l...
Article
This paper presents a parallel algorithm to solve the eigenvalue problem for nonsymmetric matrices. The idea of homotopy is used to generate initial approximations, then the Aberth method and our modified Aberth method are used to find simultaneously all the eigenvalues. The advantage of this approach is that multiple eigenvalues can be handled. In...
Article
A number of commercial companies are now attempting to develop production quality parallel processing systems. These systems are often targeted to take over the role of Vector/Parallel supercomputers. While these systems have excellent raw compute power for their cost, they lag behind traditional supercomputers in a number of important areas. One i...
Article
This paper reviews an approach to the design of composite material structures based on Genetic Algorithms. We first discuss the concept of a Genetic Algorithm (GA) and the role it can play in design, namely as an evolutionary search optimizer based on simulation results. We then discuss the composite structure design problem and how GA's can be use...
Article
In message-passing parallel processors contention for physical channels can affect communication performance, and hence overall performance. In this paper, we show that path contention level, a metric of contention, accurately reflects the communication characteristics observed in applications run on the Intel DELTA, a wormhole-routed MIMD machine....
Article
Full-text available
A number of commercial companies are now attempting to develop production quality parallel processing systems. These systems are often targeted to take over the role of Vector/Parallel supercomputers. While these systems have excellent raw compute power for their cost, they lag behind traditional supercomputers in a number of important areas. One i...
Article
The paper proposes a simple extension to FORTRAN - arrays which allow indices to be real numbers. Additional FORTRAN constructs for the manipulation of these arrays are provided. Arrays with real-valued indices can be used in scientific applications which process spatial information. Initial efforts exploring the use and performance of these extens...
Conference Paper
Full-text available
. This paper summarizes work onan approach that combines feature selectionand data classification using Genetic Algorithms.First, it describes our use of GeneticAlgorithms combined with a K-nearestneighbor algorithm to optimize classificationby searching for an optimal feature weighting,essentially warping the feature spaceto coalesce individuals w...
Conference Paper
The authors present a scalable snoopy scheme based on a single-hop-connected multiple-bus topology. To reduce the hardware complexity, each processor will snoop on a dynamically changing subset of the buses. The physically-distributed-logically-shared memory model is chosen to let processors take advantage of local memory accesses for private data....
Conference Paper
Monitoring and debugging of parallel programs is complicated by race conditions, which can cause software monitoring to alter program behavior. To avoid these unwanted modifications of program execution, the authors present a flexible scheme for transparently monitoring parallel programs in a shared-memory environment. To achieve transparency, the...
Conference Paper
Full-text available
This paper presents a parallel implementation of a tree search strategy for recognition of 3D objects in range images. A coarse-grained and a medium-grained implementaton of the tree search algorithm is presented and analyzed. The performances of the two implementations are analyzed on a 96-node BBN GP-1000 and on a 48-node BBN TC-2000; and, for co...
Conference Paper
The authors analytically investigate and derive the speedup provided by 2-D meshes over hypercubes for several common communication patterns. They take into consideration the difference in channel widths, the communication rates, and the effect of worm-hole routing. The 2-D meshes are shown to provide significant speedups if effects of contentions...

Network

Cited By