Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: D. Richard Kuhn (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 26 - 50 of 195

Combinatorial Methods for Explainable AI

October 24, 2020
Author(s)
David R. Kuhn, Raghu N. Kacker, Yu Lei, Dimitris Simos
This paper introduces an approach to producing explanations or justifications of decisions made by artificial intelligence and machine learning (AI/ML) systems, using methods derived from fault location in combinatorial testing. We use a conceptually

Vulnerability Trends in Web Servers and Browsers

September 11, 2020
Author(s)
M S Raunak, D. Richard Kuhn, Raghu N. Kacker, Richard Kogut
In previous work we have looked at trends in vulnerabilities due to ordinary programming errors [2, 3]. This analysis focuses on two of the most widely used types of software in today's internet, web browsers and web servers. In addition to reports of

Effectiveness of dataset reduction in testing machine learning algorithms

August 25, 2020
Author(s)
Raghu N. Kacker, David R. Kuhn
Abstract— Many machine learning algorithms examine large amounts of data to discover insights from hidden patterns. Testing these algorithms can be expensive and time-consuming. There is a need to speed up the testing process, especially in an agile

Aggregating Atomic Clocks for Time-Stamping

August 3, 2020
Author(s)
Temur Saidkhodjaev, Jeff Voas, D. Richard Kuhn, Joanna DeFranco, Phil Laplante
A timestamp is a critical component in many applications, such as proof of transaction ordering or analyzing algorithm performance. This paper reports on a method called Verified Timestamping (VT) that improves the standard timestamp protocol. VT was

Narrow Spectrum Software Testing Addressing Complexity and Trust

April 9, 2020
Author(s)
David R. Kuhn, Mohammad Raunak
Combination coverage based testing supplements basic structural coverage based test selection. This provides a sound test engineering method with defensible, quantitative measures of test completeness.

Input Space Coverage Matters

January 15, 2020
Author(s)
David R. Kuhn, Raghu N. Kacker, Yu Lei, Dimitris Simos
Testing is the most commonly used approach for software assurance, yet it remains as much judgement and art as science. Structural coverage adds some rigor to the process by establishing formally defined criteria for some notion of test completeness, but

Low-Power Wide Area Networks (LPWAN) for Communications of Mobile Sensor Data

September 10, 2019
Author(s)
Sebastian Barillaro, Sokwoo Rhee, Raghu N. Kacker, Mark L. Badger, David R. Kuhn, Gustavo Escudero
There are multiple options for communication of data to and from mobile sensors. For tracking systems, Global Navigation Satellite System (GNSS) is often used for localization and mobile- phone technologies are used for transmission of data. Low-power wide

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

August 2, 2019
Author(s)
Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone
[Includes updates as of August 2, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by

Improving MC/DC and Fault Detection Strength Using Combinatorial Testing

July 25, 2019
Author(s)
D. Richard Kuhn, Raghu N. Kacker
Software, in many different fields and tasks, has played a critical role and even replaced humans to improve efficiency and safety. However, catastrophic consequences can be caused by implementation bugs and design defects. MC/DC (Modified Condition

Attribute Considerations for Access Control Systems

June 18, 2019
Author(s)
Chung Tong Hu, David F. Ferraiolo, David Kuhn
Attribute-based access control systems rely upon attributes to not only define access control policy rules but also enforce the access control. Attributes need to be established, issued, stored, and managed under an authority. Attributes shared across

An Approach to T-way Test Sequence Generation With Constraints

April 22, 2019
Author(s)
Raghu N. Kacker, David R. Kuhn
In this paper we address the problem of constraint handling in t-way test sequence generation. We develop a notation for specifying sequencing constraints and present a t-way test sequence generation that handles the constraints specified in this notation

Applying Combinatorial Testing to Large-scale Data Processing at Adobe

April 22, 2019
Author(s)
Raghu N. Kacker, David R. Kuhn, Riley Smith
Adobe offers an analytics product as part of the Marketing Cloud software with which customers can track many details about users across various digital platforms. For the most part, customers define the amount and type of data to track. This high

Measuring Combinatorial Coverage at Adobe

April 22, 2019
Author(s)
Raghu N. Kacker, David R. Kuhn, Riley Smith
Adobe offers an analytics product as part of the Marketing Cloud software with which customers can track many details about users across various digital platforms. For the most part, customers define the amount and type of data to track. In addition

Using Parameter Mapping to Avoid Forbidden Tuples in a Covering Array

April 22, 2019
Author(s)
Raghu N. Kacker, David R. Kuhn, Yu Lei
This paper addresses an optimization problem that occurs when we try to remove from a covering array (CA) the rows that do not satisfy a given set of constraints. That is, how to minimize the number of rows to be removed? The key observation is that the

Browser Fingerprinting using Combinatorial Sequence Testing

April 1, 2019
Author(s)
Bernhard Garn, Dimitris Simos, Stefan Zimmer, D. Richard Kuhn, Raghu N. Kacker
In this paper, we propose an approach for browser fingerprinting using their behavior during the TLS 1.2 handshake with a server. Using combinatorial methods, we created test sets consisting of TLS server-side messages as sequences that are sent to the

Rethinking Distributed Ledger Technology

March 20, 2019
Author(s)
David R. Kuhn, Dylan J. Yaga, Jeffrey M. Voas
Blockchains were designed to solve the problem of double-spending in cryptocurrencies, and the success of the Bitcoin design has generated vastly more interest than previous proposals for digital currencies. Blockchains are being used in other areas as

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

February 25, 2019
Author(s)
Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone
[Includes updates as of February 25, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by

A Method Level Test Generation Framework for Debugging Big Data Applications

January 24, 2019
Author(s)
Huadong Feng, Jagan Chandrasekaran, Yu Lei, Raghu N. Kacker, D. Richard Kuhn
When a failure occurs in a big data application, debugging with the original dataset can be difficult due to the large amount of data being processed. This paper introduces a framework for effectively generating method-level tests to facilitate debugging

A Method-Level Test Generation Framework for Debugging Big Data Applications

January 24, 2019
Author(s)
Raghu N. Kacker, David R. Kuhn, Huadong Feng, Yu J. Lei
Big data applications are now widely used to process massive amounts of data we create every day. When a failure occurs in a big data application, debugging at the system-level input can be expensive due to the large amount of data being processed. This

Access Control for Emerging Distributed Systems

November 1, 2018
Author(s)
Chung Tong Hu, David R. Kuhn, David F. Ferraiolo
As big data, cloud computing, grid computing, and the Internet of Things reshape current data systems and practices, IT experts are keen to harness the power of distributed systems to boost security and prevent fraud. How can these systems' capabilities be