P≠NP - A Definitive Proof by Contradiction

Following the great scholarly acceptance and outstanding academic success of "The Clairvoyant Load Balancing Algorithm for Highly Available Service Oriented Architectures, this year I present P Not Equal to NP - A Definitive Proof by Contradiction.

 

P Not Equal to NP - A Definitive Proof by Contradiction

 

Click here to read the entire paper in PDF. P Not Equal to NP - A Definitive Proof by Contradiction.

Share

LyX/LaTeX formatting for the C# code

If you are googling trying to find a good way to insert C# code in LyX, this is where you'd probably end up. MaPePer has provided a very good solution; I have modified it slightly (hiding tabs and removing comments) and following is illustration on how to use it in LyX.

First thing you'd need is a Lyx document (LyxC#CodeListing.lyx). Empty one works well.

Add the following to Preamble (Document-> Settings-> LaTeX Preamble)

\usepackage{color}
\usepackage{listings}

\lstloadlanguages{% Check Dokumentation for further languages ...
C,
C++,
csh,
Java
}

\definecolor{red}{rgb}{0.6,0,0} % for strings
\definecolor{blue}{rgb}{0,0,0.6}
\definecolor{green}{rgb}{0,0.8,0}
\definecolor{cyan}{rgb}{0.0,0.6,0.6}

\lstset{
language=csh,
basicstyle=\footnotesize\ttfamily,
numbers=left,
numberstyle=\tiny,
numbersep=5pt,
tabsize=2,
extendedchars=true,
breaklines=true,
frame=b,
stringstyle=\color{blue}\ttfamily,
showspaces=false,
showtabs=false,
xleftmargin=17pt,
framexleftmargin=17pt,
framexrightmargin=5pt,
framexbottommargin=4pt,
commentstyle=\color{green},
morecomment=[l]{//}, %use comment-line-style!
morecomment=[s]{/*}{*/}, %for multiline comments
showstringspaces=false,
morekeywords={ abstract, event, new, struct,
as, explicit, null, switch,
base, extern, object, this,
bool, false, operator, throw,
break, finally, out, true,
byte, fixed, override, try,
case, float, params, typeof,
catch, for, private, uint,
char, foreach, protected, ulong,
checked, goto, public, unchecked,
class, if, readonly, unsafe,
const, implicit, ref, ushort,
continue, in, return, using,
decimal, int, sbyte, virtual,
default, interface, sealed, volatile,
delegate, internal, short, void,
do, is, sizeof, while,
double, lock, stackalloc,
else, long, static,
enum, namespace, string},
keywordstyle=\color{cyan},
identifierstyle=\color{red},
}
\usepackage{caption}
\DeclareCaptionFont{white}{\color{white}}
\DeclareCaptionFormat{listing}{\colorbox{blue}{\parbox{\textwidth}{\hspace{15pt}#1#2#3}}}
\captionsetup[lstlisting]{format=listing,labelfont=white,textfont=white, singlelinecheck=false, margin=0pt, font={bf,footnotesize}}

 

In the preamble (Document-> Settings-> LaTeX Preamble)
preamble

 

Now add a program listing block. Hopefully you have the listing package installed otherwise you can always use the listing MikTeX update.

 

insert-program-listing-lyx


Now add the code to the listing block.


lyx-screen

and then Ctrl-R

 

CodeListing

 

Tada!

 

Happy Lyxing

 

References & download LyxC#CodeListing.lyx

 

 

Share

Machine Learning - On the Art and Science of Algorithms with Peter Flach

Over a decade ago, Peter Flach of Bristol University wrote a paper on the topic of "On the state of the art in machine learning: A personal review" in which he reviewed several, then recent books, related to developments in machine learning. This included Pat Langley’s Elements of Machine Learning (Morgan Kaufmann), Tom Mitchell’s Machine Learning (McGraw-Hill), and Data Mining: Practical Machine Learning Tools and Techniques with Java Implementations by Ian Witten and Eibe Frank (Morgan Kaufman) among many others. Dr. Flach mentioned Michael Berry and Gordon Linoff’s Data Mining Techniques for Marketing, Sales, and Customer Support (John Wiley) for it's excellent writing style citing the paragraph below and commending "I wish that all computer science textbooks were written like this."

“People often find it hard to understand why the training set and test set are “tainted” once they have been used to build a model. An analogy may help: Imagine yourself back in the 5th grade. The class is taking a spelling test. Suppose that, at the end of the test period, the teacher asks you to estimate your own grade on the quiz by marking the words you got wrong. You will give yourself a very good grade, but your spelling will not improve. If, at the beginning of the period, you thought there should be an ‘e’ at the end of “tomato”, nothing will have happened to change your mind when you grade your paper. No new data has entered the system. You need a test set!

 

 

 

 

Now, imagine that at the end of the test the teacher allows you to look at the papersof several neighbors before grading your own. If they all agree that “tomato” has no final ‘e’, you may decide to mark your own answer wrong. If the teacher gives the same quiz tomorrow, you will do better. But how much better? If you use the papers of the very same neighbors to evaluate your performance tomorrow, you may still be fooling yourself. If they all agree that “potatoes” has no more need of an ‘e’ then “tomato”, and you have changed your own guess to agree with theirs, then you will overestimate your actual grade on the second quiz as well. That is why the evaluation set should be different from the test set.” [3, pp. 76–77] 4

 

Machine-Learning-9781107096394

 

That is why when I recently came across  "Machine Learning The Art and Science of Algorithms that Make Sense of Data", I decided to check it out and wasn't disappointed. Dr. Flach is the Professor of Artificial Intelligence at the University of Bristol and in this "future classic", he left no stone unturned when it comes to clarity and explainability.  The book starts with a machine learning sampler, introduces the ingredients of machine learning fast progressing to Binary classification and Beyond. Written as a textbook, riddled with examples, foot-notes and figures, this text elaborates concept learning, tree models, rule models, linear models, distance-based models, probabilistic models to features and ensembles concluding with Machine learning experiments. I really enjoyed the "Important points to remember" section of the book as a quick refresher on machine-learning-commandments.

The concept learning section seems to have been influenced by author's own research interest and is not discussed in as much details in contemporary machine learning texts. I also found frequent summarization of concepts to be quite helpful. Contrary to it's subtitle and compared to it's counterparts, the book however is light on algorithms and code, possibly on purpose. While it explains the concepts with examples, number of formal algorithms are kept to a minimum. This may aid in clarity and help avoiding recipe-book-syndrome while making it potentially inaccessible to practitioners. Great at basics, the text also falls short on elaboration of intermediate to advance topics such as LDA, kernel methods, PCA, RKHS, and convex optimization. For instance, in chapter 10 "Matrix transformations and decompositions" could have been made an appendix while expanding upon meaningful topics like LSA and use cases of sparse matrix (pg 327). It is definitely not the book's fault; but rather of this reader expecting too much from an introductory text just because author explains everything so well!

As a text book on On the Art and Science of Algorithms, Peter Flach definitely delivers on the promise of clarity, with well chosen illustrations and example based approach. A highly recommended reading for all who would like to understand the principles behind machine learning techniques.

Materials can be downloaded from here which generously include excerpts with background material and literature references, full set of 540 lecture slides in PDF including all figures in the book with LaTeX beamer source of the above.

Share

Public Bookmarks - NoSQL/NewSQL, Spanner, Agile et al

Makes for a "light" sunday morning reading list :)

 

P&P -Data Access for Highly-Scalable Solutions: Using SQL, NoSQL, and Polyglot Persistence


NoSQL Performance & Failover benchmarking

Ultra-High Performance NoSQL Benchmarking: Analyzing Durability and Performance Tradeoffs

 "Quick" NoSQL Comparison: Measuring performance and failover of Aerospike, Cassandra, Couchbase, and MongoDB

NoSQL Failover Characteristics: Aerospike, Cassandra, Couchbase, MongoDB


Thumbtack Technology's YCSB Benchmark GitHub Repository

Thumbtack Technology's NoSQL Test Results Repository

 

Aero Spike

AeroSpike: Flash-Optimized NoSQL DB  (200k TPS, sub-millisecond latency)

Aerospike 3: Documentation

 

Google Spanner

Paper: http://research.google.com/archive/spanner-osdi2012.pdf

Slides: http://research.google.com/archive/spanner-osdi2012.pptx

 

Google Spanner's Most Surprising Revelation: NoSQL Is Out And NewSQL Is In

Wired: Google Spans Entire Planet With GPS-Powered Database

Spanner: Google's globally distributed database

Cloudant Labs on Google Spanner

 

NewSQL

NewSQL - Scalable Relational Databases

The NewSQL Movement

SQL Makes a Comeback through NewSQL

Choosing a Next-Gen Database: The New World Order of NoSQL, NewSQL, and MySQL

Integrating SQL & NoSQL & NewSQL Realtime Data Intelligence for the Financial Industry

Choose the "Right" Database and NewSQL: NoSQL Under Attack

MySQL vs NoSQL and NewSQL - Survey Results (451 Research)

 

Big data Reference Glossary

 

Foundation  DB

The Transaction Manifesto

ACID claims: Which modern databases support ACID transactions?

FoundationDB

FoundationDB: Problem Statement

FoundationDB: Solution Statement

FoundationDB Architecture

FoundationDB: Core Features

FoundationDB: Core Anti-Features

FoundationDB: Consistency

FoundationDB: The Future of NoSQL

FoundationDB: Layers

FoundationDB: Layer Catalog

FoundationDB: Getting Started

FoundationDB: Developer Guide

FoundationDB: API Reference

FoundationDB: SQL Layer Documentation

FoundationDB: SQL Layer REST API Reference

FoundationDB: SQL Layer REST API Getting Started Guide

FoundationDB: Tutorials

FoundationDB: Data Modelling

 

The Year in NoSQL

Gartner 2013 Magic Quadrant for Operational Database Management Systems

Comments on the 2013 Gartner Magic Quadrant for Operational Database Management Systems

DB-Engines: A Knowledge Base of Relational and NoSQL Database Management Systems

DB-Engines Ranking Page

451's NoSQL LinkedIn Skills Index

Martin Fowler's NoSQL Page

NoSQL, No Problem: An Introduction to NoSQL Databases (Thoughtworks)

NoSQL Databases Comparison (Kristof Kovacs)

Visual Guide to NoSQL Databases

NoSQL Options Compared: A Developer's Look at the Primary NoSQL Options   (Dr. Dobbs, March 2013)

NoSQL Comparison Table

How To Compare NoSQL Databases for Performance and Reliability

Benchmarking Top NoSQL Databases: A Performance Comparison for Architects and IT Managers (DataStax, Feb 2013)


Docker

an open-source project to easily create lightweight, portable, self-sufficient containers from any application.  The same container that a developer builds and tests on a laptop can run at scale in production, on VMs, bare metal, OpenStack clusters, public clouds, and more.

Vagrant

Create and configure lightweight, reproducible, and portable development environments.
Orient DB


OrientDB 

OrientDB on GitHub

Presentation: OrientDB: The database for the Web

OrientDB vs MongoDB

Presentation: OrientDB 

A Look at OrientDB: The Graph-Document NoSQL

Book: Getting Started with OrientDB

 

Presentation: Switching from relational to the graph model (Luca Garulli)

Presentation: Select the right model - Document vs. Graph, what is the answer?

Presentation: OrientDB Distributed Architecture

 

Xen breakout

VUPEN Method Breaks Out of Virtual Machine to Attack Hosts

NSA Keeps Its Hands Clean, Buys Zero-Day Vulnerabilities From French Firm Vupen

Subverting the Xen hypervisor (part 1)

Preventing and Detecting Xen Hypervisor Subversions

Bluepilling the Xen Hypervisor

 

Mirage OS

Overview

Technical Background

BaaS

APaaS

Mendix

OutSystems

PaaS Decision Matrix Simplified

 

The Seven Wastes of Software Development  (Matt Stine)

#1: Partially Done Work

 #2: Extra Features

#3: Relearning

 #4: Handoffs

#5: Delays

#6: Task Switching

#7: Defects

 

How to Manage the 7 Wastes of Agile Software Development (Vijaya Kumar Bandaru)

Agile Teamwork: 3 Ways to Minimize Handoffs (Mike Cohn)

 

Courtesy - David Lazar

Share

Hacktivity - Software Threat Modeling by Shakeel Tufail

Threat modeling and diversion tactics; a good high level overview on software security.

There are only a handful of threat modeling approaches in the industry which are difficult to implement due to the subjective guidelines. Our training session will focus on best practices and a hands-on approach that will provide attendees a better understanding of how to conduct threat modeling in their organization. Most threat models focus on attackers, we will look at the threat model using trust zones, identifying assets, indirect threats, and ambiguity analysis. We will also speak about secure design concepts and best practices for securing software architecture.

Learning Objectives: At the end of this workshop, participants will be able to:

  • Understand the basics of threat modeling software applications
  • Understand the meaning of threats, attack vectors, and trust zones
  • Learn about ambiguity analysis
  • Learn about secure design concepts
  • Learn best practices for securing software architect
Share

Architectural Frameworks– Is Kruchten's 4+1 Still Relevant in an Agile World

 “The first matrix I designed was quite naturally perfect…. a triumph equaled only by its monumental failure. I have since come to understand that the answer eluded me because it required a lesser mind, or perhaps a mind less bound by the parameters of perfection.”

-The Architect. The Matrix Reloaded (Wachowski & Wachowski, 2003)

A lot has been changed in the world of architectural frameworks since the 1995 IEEE software (Volume:12, Issue: 6 ) paper by Philippe Kruchten on  Architectural Blueprints — The “4+1” View Model of Software Architecture was published.  Various other viewpoint and perspectives have been emerged including but not limited to RM-ODP, Siemens, SEI's Views and Beyond, Garland and Anthony (UML), Integrated architecture framework (IAF), Zachman, E2AF, Geram and TOGAF.

Architecture frameworks are the design methodologies used in architecture modeling. These frameworks provide a structure, organization and system to help design complex systems in an effective manner. The relevance of software architecture in agile world is a highly contested topic and it is hard to cover in a blog post. Simon Brown’s Coding the architecture is a great place to start understanding the place of architecture in an agile world. An excellent paper on Agility and Architecture—Can they coexist?  Software, IEEE  (Volume:27 ,  Issue: 2 ) also provide a good comparative analysis of pros’ and cons related to architecture in an agile space.

Abstract: Software architecture is taking a bad rap with many agile proponents; big up-front design, massive documentation, smell of waterfall, it is pictured as a non-agile practice, something we do not want to even consider; though everybody want to be called an architect. However, certain classes of system, ignoring architectural issues too long “hit a wall” and collapse by lack of an architectural focus. Agile architecture: a paradox, an oxymoron, two totally incompatible approaches? In this paper we review the real issues at stake, past the rhetoric and posturing, and we suggest that the two cultures can coexist and support each other, where appropriate.

Since 4+1 View Model was published, it has been a widely accepted idea in the architectural community that there is no single view of software architecture. Regardless of where you find yourself on the software-architecture-spectrum-battler, there are always various concurrent views, each of which addresses a specific set of concerns. The purpose of an Architects (albeit a coding one) is to capture the design decisions in multiple views and use the stories to illustrate and validate them. Considering the 4+1 model,

...the logical view describes the design's object model when an object-oriented design method is used. To design an application that is very data driven, you can use an alternative approach to develop some other form of logical view, such as an entity-relationship diagram. The process view describes the design's concurrency and synchronization aspects. The physical view describes the mapping of the software onto the hardware and reflects its distributed aspect. The development view describes the software's static organization in its development environment.

Happy coding!


References

Architectural Blueprints—The “4+1” View Model of Software Architecture

A comparative analysis of architecture frameworks

Software Systems Architecture: Working With Stakeholders Using Viewpoints and Perspectives

Alignment in Enterprise Architecture: A Comparative Analysis of Four Architectural Approaches

Share

Cyber security for service oriented architectures in a Web 2.0 world: An overview of SOA vulnerabilities in financial services

My recently published IEEE Paper

Cyber security for service oriented architectures in a Web 2.0 world: An overview of SOA vulnerabilities

Service oriented architecture is fast becoming ubiquitous enterprise software architecture standard in public and private sector alike. Study of literature and current attacks suggests that with the proliferation of Web API and RESTFul services, the attack vectors prioritized by OWASP top 10, including but not limited to cross site scripting (XSS), cross site request forgery (CSRF), injection, direct object reference, broken authentication and session management now equally apply to web services. In addition service oriented architecture relies heavily on XML/RESTFul web services which are vulnerable to XML Signature Wrapping Attack, Oversize Payload, Coercive parsing, SOAP Action Spoofing, XML Injection, WSDL Scanning, Metadata Spoofing, Oversized Cryptography, BPEL State Deviation, Instantiation Flooding, Indirect Flooding, WS-Addressing spoofing and Middleware Hijacking to name a few. In this paper, we review various such security issues pertaining to service oriented architecture. These and similar techniques, have been employed by Anonymous and other hacktivists, resulting in denial of service attacks on financial applications. While discussing the national security perils of hacktivism, there is an excessive focus on network layer security, and the application layer perspective is not always part of the discussion. In this research, we provide background information and rationale for securing application layer vulnerabilities to facilitate true defense in depth approach for cyber security.

Published in:
Technologies for Homeland Security (HST), 2013 IEEE International Conference on

Date of Conference: 12-14 Nov. 2013

@INPROCEEDINGS{6698966,
author={Masood, Adnan},
booktitle={Technologies for Homeland Security (HST), 2013 IEEE International Conference on},
title={Cyber security for service oriented architectures in a Web 2.0 world: An overview of SOA vulnerabilities in financial services},
year={2013},
pages={1-6},
keywords={Availability;Data security;Information security;Information systems;SOA;Service oriented architecture;Web services;cyber security;secure design;secure software development;security assessment;security awareness},
doi={10.1109/THS.2013.6698966},}

Share

tracert 216.81.59.173

Pretty cool eh!

tracert

Share

Notes from my LA C# User Group Talk

I spoke to LA C# User group last night in Pasadena on the topic of Web Application Security with OWASP.

The slide deck of my talk can be downloaded from here. LA C# OWASP Presentation

Links from the talk follow.

Share

The Mother of All Demos, presented by Douglas Engelbart (1968)

Speaking of intelligence and foresight....

The Mother of All Demos is a name given retrospectively to Douglas Engelbart's December 9, 1968, demonstration of experimental computer technologies that are now commonplace. The live demonstration featured the introduction of the computer mouse, video conferencing, teleconferencing, hypertext, word processing, hypermedia, object addressing and dynamic file linking, bootstrapping, and a collaborative real-time editor.

Share
Go to Top