skip to main content

Attention:

The NSF Public Access Repository (PAR) system and access will be unavailable from 11:00 PM ET on Friday, December 13 until 2:00 AM ET on Saturday, December 14 due to maintenance. We apologize for the inconvenience.


Search for: All records

Creators/Authors contains: "Sivagnanam, Amutheezan"

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. Recently, bug-bounty programs have gained popularity and become a significant part of the security culture of many organizations. Bug-bounty programs enable organizations to enhance their security posture by harnessing the diverse expertise of crowds of external security experts (i.e., bug hunters). Nonetheless, quantifying the benefits of bug-bounty programs remains elusive, which presents a significant challenge for managing them. Previous studies focused on measuring their benefits in terms of the number of vulnerabilities reported or based on the properties of the reported vulnerabilities, such as severity or exploitability. However, beyond these inherent properties, the value of a report also depends on the probability that the vulnerability would be discovered by a threat actor before an internal expert could discover and patch it. In this paper, we present a data-driven study of the Chromium and Firefox vulnerability-reward programs. First, we estimate the difficulty of discovering a vulnerability using the probability of rediscovery as a novel metric. Our findings show that vulnerability discovery and patching provide clear benefits by making it difficult for threat actors to find vulnerabilities; however, we also identify opportunities for improvement, such as incentivizing bug hunters to focus more on development releases. Second, we compare the types of vulnerabilities that are discovered internally vs. externally and those that are exploited by threat actors. We observe significant differences between vulnerabilities found by external bug hunters, internal security teams, and external threat actors, which indicates that bug-bounty programs provide an important benefit by complementing the expertise of internal teams, but also that external hunters should be incentivized more to focus on the types of vulnerabilities that are likely to be exploited by threat actors. 
    more » « less
  2. There are more than 7,000 public transit agencies in the U.S. (and many more private agencies), and together, they are responsible for serving 60 billion passenger miles each year. A well-functioning transit system fosters the growth and expansion of businesses, distributes social and economic benefits, and links the capabilities of community members, thereby enhancing what they can accomplish as a society. Since affordable public transit services are the backbones of many communities, this work investigates ways in which Artificial Intelligence (AI) can improve efficiency and increase utilization from the perspective of transit agencies. This book chapter discusses the primary requirements, objectives, and challenges related to the design of AI-driven smart transportation systems. We focus on three major topics. First, we discuss data sources and data. Second, we provide an overview of how AI can aid decision-making with a focus on transportation. Lastly, we discuss computational problems in the transportation domain and AI approaches to these problems. 
    more » « less
  3. COVID-19 has radically transformed urban travel behavior throughout the world. Agencies have had to provide adequate service while navigating a rapidly changing environment with reduced revenue. As COVID-19-related restrictions are lifted, transit agencies are concerned about their ability to adapt to changes in ridership behavior and public transit usage. To aid their becoming more adaptive to sudden or persistent shifts in ridership, we addressed three questions: To what degree has COVID-19 affected fixed-line public transit ridership and what is the relationship between reduced demand and -vehicle trips? How has COVID-19 changed ridership patterns and are they expected to persist after restrictions are lifted? Are there disparities in ridership changes across socioeconomic groups and mobility-impaired riders? Focusing on Nashville and Chattanooga, TN, ridership demand and vehicle trips were compared with anonymized mobile location data to study the relationship between mobility patterns and transit usage. Correlation analysis and multiple linear regression were used to investigate the relationship between socioeconomic indicators and changes in transit ridership, and an analysis of changes in paratransit demand before and during COVID-19. Ridership initially dropped by 66% and 65% over the first month of the pandemic for Nashville and Chattanooga, respectively. Cellular mobility patterns in Chattanooga indicated that foot traffic recovered to a greater degree than transit ridership between mid-April and the last week in June, 2020. Education-level had a statistically significant impact on changes in fixed-line bus transit, and the distribution of changes in demand for paratransit services were similar to those of fixed-line bus transit. 
    more » « less