VTechWorks
VTechWorks provides global access to Virginia Tech scholarship, including journal articles, books, theses, dissertations, conference papers, slide presentations, technical reports, working papers, administrative documents, videos, images, and more by faculty, students, and staff. Faculty can deposit items to VTechWorks from Elements, including journal articles covered by the University open access policy. Email vtechworks@vt.edu for help.
Open Access Policy
Virginia Tech's open access policy enables researchers to deposit the accepted version of scholarly articles with no embargo.
Theses and Dissertations
Virginia Tech was first in the world to require ETDs in 1997, and continues to add scans of older theses and dissertations.
Open Textbooks
More than 40 freely available and openly licensed textbooks are among our most downloaded items.
Communities in VTechWorks
Select a community to browse its collections.
Recent Submissions
Convertible Parks: New Architectural Strategies for Public Parks in a Changing Climate
Easton IV, John (Virginia Tech, 2024-07-26)
Human beings have relied on outdoor public spaces for thousands of years to recreate, socialize, exercise, and conduct business. As climate change leads to more severe weather including flooding, prolonged heatwaves, and wildfires, our ability to safely spend time outdoors is increasingly under threat. While a lot of attention has focused on bolstering the resilience of physical infrastructure, social infrastructure such as public parks are often left behind. To address this issue, this project uses East Potomac Park in Washington, DC as a case study to explore architectural interventions to physically and socially adapt parks for climate change. The existing park, which sits on a sinking island constructed in the early 20th century, is frequently forced to close due to tidal flooding. Utilizing a managed retreat along the southwestern edge of the park, the northeastern edge can be reconstructed as a resilient park for the next century. A series of interconnected pavilions each contain a unique architectural program coupled with passive and active environmental strategies to create comfortable recreational opportunities throughout the year. Specifically, sawtooth roofs, brise soleil, and vegetation are explored to manage temperatures, light, and airflow.
Enhancing Software Security through Code Diversification Verification, Control-flow Restriction, and Automatic Compartmentalization
Jang, Jae-Won (Virginia Tech, 2024-07-26)
In today's digital age, computer systems are prime targets for adversaries due to the vast amounts of sensitive information stored digitally. This ongoing cat-and-mouse game between programmers and adversaries forces security researchers to continually develop novel security measures. Widely adopted schemes like NX bits have safeguarded systems against traditional memory exploits such as buffer overflows, but new threats like code-reuse attacks quickly bypass these defenses. Code-reuse attacks exploit existing code sequences, known as gadgets, without injecting new malicious code, making them challenging to counter. Additionally, input-based vulnerabilities pose significant risks by exploiting external inputs to trigger malicious paths. Languages like C and C++ are often considered unsafe due to their tendency to cause issues like buffer overflows and use-after-free errors. Addressing these complex vulnerabilities requires extensive research and a holistic approach.
This dissertation initially introduces a methodology for verifying the functional equivalence between an original binary and its diversified version. The Verification of Diversified Binary (VDB) algorithm is employed to determine whether the two binaries—the original and the diversified—maintain functional equivalence. Code diversification techniques modify the binary compilation process to produce functionally equivalent yet different binaries from the same source code. Most code diversification techniques focus on analyzing non-functional properties, such as whether the technique improves security. The objective of this contribution is to enable the use of untrusted diversification techniques in essential applications. Our evaluation demonstrates that the VDB algorithm can verify the functional equivalence of 85,315 functions within binaries from the GNU Coreutils 8.31 benchmark suite.
Next, this dissertation proposes a binary-level tool that modifies binaries to protect against control-flow hijacking attacks. Traditional approaches to guard against ROP attacks either introduce significant overhead, require hardware support, or need intimate knowledge of the binary, such as source code. In contrast, this contribution does not rely on source code nor the latest hardware technology (e.g., Intel Control-flow Enforcement Technology). Instead, we show that we can precisely restrict control flow transfers from transferring to non-intended paths even without these features. To that end, this contribution proposes a novel control-flow integrity policy based on a deny list called Control-flow Restriction (CFR). CFR determines which control flow transfers are allowed in the binary without requiring source code. Our implementation and evaluation of CFR show that it achieves this goal with an average runtime performance overhead for commercial off-the-shelf (COTS) binaries in the range of 5.5% to 14.3%. In contrast, a state-of-the-art binary-level solution such as BinCFI has an average overhead of 61.5%.
Additionally, this dissertation explores leveraging the latest hardware security primitives to compartmentalize sensitive data. Specifically, we use a tagged memory architecture introduced by ARM called the Memory Tagging Extension (MTE), which assigns a metadata tag to a memory location that is associated with pointers referencing that memory location. Although promising, ARM MTE suffers from predictable tag allocation on stack data, vulnerable plain-text metadata tags, and lack of fine-grained memory access control. Therefore, this contribution introduces Shroud to enhance data security through compartmentalization using MTE and protect MTE's tagged pointers' vulnerability through encryption. Evaluation of Shroud demonstrates its security effectiveness against non-control-data attacks like Heartbleed and Data-Oriented Programming, with performance evaluations showing an average overhead of 4.2% on lighttpd and 2% on UnixBench. Finally, the NPB benchmark measured Shroud's overhead, showing an average runtime overhead of 2.57%.
The vulnerabilities highlighted by exploits like Heartbleed capitalize on external inputs, underscoring the need for enhanced input-driven security measures. Therefore, this dissertation describes a method to improve upon the limitations of traditional compartmentalization techniques. This contribution introduces an Input-Based Compartmentalization System (IBCS), a comprehensive toolchain that utilizes user input to identify data for memory protection automatically. Based on user inputs, IBCS employs hybrid taint analysis to generate sensitive code paths and further analyze each tainted data using novel assembly analyses to identify and enforce selective targets. Evaluations of IBCS demonstrate its security effectiveness through adversarial analysis and report an average overhead of 3% on Nginx.
Finally, this dissertation concludes by revisiting the problem of implementing a classical technique known as Software Fault Isolation (SFI) on an x86-64 architecture. Prior works attempting to implement SFI on an x86-64 architecture have suffered from supporting a limited number of sandboxes, high context-switch overhead, and requiring extensive modifications to the toolchain, jeopardizing maintainability and introducing compatibility issues due to the need for specific hardware. This dissertation describes x86-based Fault Isolation (XFI), an efficient SFI scheme implemented on an x86-64 architecture with minimal modifications needed to the toolchain, while reducing complexity in enforcing SFI policies with low performance (22.48% average) and binary size overheads (2.65% average). XFI initializes the sandbox environment for the rewritten binary and, depending on the instructions, enforces data-access and control-flow policies to ensure safe execution. XFI provides the security benefits of a classical SFI scheme and offers additional protection against several classes of side-channel attacks, which can be further extended to enhance its protection capabilities.
An Integrative Review of K-12 Teachers' Strategies and Challenges in Adapting Problem-Based Learning
Senyah, Anthony Oduro (Virginia Tech, 2024-07-26)
Problem-based learning has long been recognized as an innovative and effective instructional strategy for enhancing problem-solving and critical skills, which are essential for 21st-century employability. Despite its recognized benefits, PBL adoption in K-12 education remains limited due to significant implementation challenges. This integrative literature review investigates PBL instructional strategies and teachers' experiences, focusing on their challenges and the types of problems used in K12 classrooms, while analyzing empirical studies from 2004 to 2024. The study findings reveal teachers' challenges in terms of problem design and development, scaffolding, technology integration, assessment, and promoting student collaboration, with time availability being a recurring concern. Again, teachers' implementation strategies are flexible but could, however, be summarized into (1) preparing learners for PBL, (2) an iterative cycle of activities, and (3) presentation and evaluation. The findings also revealed that design problems dominate the type of problems that are incorporated into K-12 PBL implementation studies. Beyond setting the foundation for future research in the area, this integrative review offers a deeper understanding related to PBL's application in K-12 settings, providing valuable insight for educational stakeholders.
Foreign expansion strategy and performance
Mas-Ruiz, Francisco J.; Nicolau, Juan Luis; Ruiz-Moreno, Felipe (Emerald, 2002-08-01)
The aim of this study is to examine the determining factors of a firm's performance, as a direct consequence of its diversification strategy in its expansion into foreign markets, considering certain factors like the market, the product and the company itself. As a novelty, the methodology employed uses the event-study to estimate the excess of returns generated by its shares on the Stock Market, based on a sample, of 35 expansion announcements into external markets corresponding to 11 diversifying companies. A regression analysis is also carried out to examine the impact of these factors, market, product and company, on the excesses in returns observed. The empirical application, carried-out in Spain, has allowed us to detect that, on average, the impact of the news about a company's expansion on the returns on its shares is positive; its determining factors being the speciality of the product offered and the level of development in the target country.
LLMs for Semantic Web Query
Chen, Yinlin (2023-11-09)
The emergence of Large Language Models like GPT-4 offers unprecedented capabilities in understanding human intent and generating text. This tutorial explores the intersection of LLMs and semantic web applications, focusing on how these models can automatically generate queries that adhere to metadata standards. Participants will engage in hands-on exercises that demonstrate the integration of LLMs into a sample semantic web application. This session will offer conceptual understanding and practical skills for metadata practitioners, developers, and researchers. The aim is to enable attendees to leverage the capabilities of LLMs in enhancing semantic web applications.
Target audience: Metadata practitioners, developers, researchers, and those interested in Large Language Models
Expected learning outcomes:
Understand LLMs and their capabilities.
Gain hands-on experience and learn to generate metadata-compliant queries using LLMs.
Discuss potential applications and limitations of LLMs in the semantic web.
Tutorial style: Presentation, demonstration, hands-on practice, discussion and Q&A
Prior knowledge required:
Basic familiarity with semantic web technologies, such as RDF or SPARQL
Some basic Python programming skills
Participants are recommended to have:
A dual-monitor setup or two computers to more easily follow along with hands-on exercises while also watching the presentation