2006 Computer Science Outstanding MS Thesis/Project Awards

Wednesday, March 28, 2007 - 17:30
TH 331
Preeti Malik, Jensen Galan

The state of the art in modern drug discovery involves investigating a large number of drug-like molecules using medium or high-throughput assays, often being conducted against multiple targets. Managing the information generated in such processes requires the ability to deal with complex, multifarious data as well as the development of new user-data interaction paradigms that help glean patterns hidden in the multitude of data by emphasizing exploration and information assimilation. This talk will describe our research in developing FreeFlowDB, a drug discovery information database system that is geared towards storing both structural as well as high-throughput assay information generated as part of a typical drug discovery process. FreeFlowDB supports powerful structural querying facilities that subsume within a common algorithmic framework exact structural matching, sub-structure querying, and in-exact matching. Furthermore, the system supports unified visualization-query facilities that allow interacting with assay as well as structure-activity information. This allows efficacious and intuitive query-analysis of large amounts of data for knowledge discovery. Case studies and experimental results demonstrate the capabilities of the system.

Syn_cookies are a defense mechanism built-in to the Linux Kernel designed to thwart a SYN Flood Denial of Service (DoS) attack. Syn_cookies circumvent the need to allocate state information by hashing a 32-bit cryptographic challenge that a client requesting a connection must echo in the final part of the 3-way handshake. This enables servers to accept new connections in the midst of a SYN Flood attack. While this 32-bit hash neutralizes the SYN Flood DoS attack, any TCP options negotiated in the 3-way handshake are lost. This leads to a degradation in the Quality of Service (QoS). In order to maintain the TCP options necessary for high performance in today's high bandwidth/high latency networks, this work proposes and implements a BSD-style SYN_Cache in the Linux Kernel. This mechanism is used in conjunction with syn_cookies to cache and retrieve the TCP options negotiated by legitimate clients. A small number of bytes per cache entry are allocated and a global hash table is used for speedy lookups. Standard HTTP Performance Benchmarks show trivial performance degradation during a heavy SYN Flood attack while preserving the TCP options of window scaling, timestamping, and selective acknowledgments (SACK).


Preeti Malik graduated from San Francisco State University with an MS degree in Computer Science with concentration in Computing for Life Sciences. Her technical interests are in Bioinformatics, computational drug discovery, database management and interactive UI development.

Jensen Galan is a Senior Software Engineer for BT Counterpane, the authority for Managed Security Services.