Biblio

The main usage pattern of internet is shifting from traditional host-to-host central model to content dissemination model. It leads to the pretty prompt growth in Internet content. CDN and P2P are two mainstream techmologies to provide streaming content services in the current Internet. In recent years, some researchers have begun to focus on CDN-P2P-hybrid architecture and ISP-friendly P2P content delivery technology. Web applications have become one of the fundamental internet services. How to effectively support the popular browser-based web application is one of keys to success for future internet projects. This paper proposes ID based browser with caching in IDNet. IDNet consists of id/locator separation scheme and domain-insulated autonomous network architecture (DIANA) which redesign the future internet in the clean slate basis. Experiment shows that ID web browser with caching function can support how to disseminate content and how to find the closet network in IDNet having identical contents.

Joint transmission coordinated multi-point (CoMP) is a combination of constructive and destructive superposition of several to potentially many signal components, with the goal to maximize the desired receive-signal and at the same time to minimize mutual interference. Especially the destructive superposition requires accurate alignment of phases and amplitudes. Therefore, a 5G clean slate approach needs to incorporate the following enablers to overcome the challenging limitation for JT CoMP: accurate channel estimation of all relevant channel components, channel prediction for time-aligned precoder design, proper setup of cooperation areas corresponding to user grouping and to limit feedback overhead especially in FDD as well as treatment of out-of-cluster interference (interference floor shaping).

In this paper, we study the security and system congestion in a risk-based checkpoint screening system with two kinds of inspection queues, named as Selectee Lanes and Normal Lanes. Based on the assessed threat value, the arrival crossing the security checkpoints is classified as either a selectee or a non-selectee. The Selectee Lanes with enhanced scrutiny are used to check selectees, while Normal Lanes are used to check non-selectees. The goal of the proposed modelling framework is to minimize the system congestion under the constraints of total security and limited budget. The system congestion of the checkpoint screening system is determined through a steady-state analysis of multi-server queueing models. By solving an optimization model, we can determine the optimal threshold for differentiating the arrivals, and determine the optimal number of security devices for each type of inspection queues. The analysis conducted in this study contributes managerial insights for understanding the operation and system performance of such risk-based checkpoint screening systems.

As a clean energy, wind power is massively utilized in net recent years, which significantly reduced the pollution emission created from unit. This article referred to the concept of energy-saving and emission reducing; built a multiple objective function with represent of the emission of CO2& SO2, the coal-fired from units and the lowest unit fees of commitment; Proposed a algorithm to improving NSGA-D (Non-dominated Sorting Genetic Algorithm-II) for the dynamic characteristics, consider of some constraint conditions such as the shortest operation and fault time and climbing etc.; Optimized and commitment discrete magnitude and Load distribution continuous quantity with the double-optimization strategy; Introduced the fuzzy satisfaction-maximizing method to reaching a decision for Pareto solution and also nested into each dynamic solution; Through simulation for 10 units of wind power, the result show that this method is an effective way to optimize the Multi-objective unit commitment modeling in wind power integrated system with Mixed-integer variable.

This paper presents a six-layer Aluminum Industry 4.0 architecture for the aluminum production and full lifecycle supply chain management. It integrates a series of innovative technologies, including the IoT sensing physical system, industrial cloud platform for data management, model-driven and big data driven analysis & decision making, standardization & securitization intelligent control and management, as well as visual monitoring and backtracking process etc. The main relevant control models are studied. The applications of real-time accurate perception & intelligent decision technology in the aluminum electrolytic industry are introduced.

Communication architecture is a crucial component in smart grid. Most of the previous researches have been focused on the traditional Internet and proposed numerous evolutionary designs. However, the traditional network architecture has been reported with multiple inherent shortcomings, which bring unprecedented challenges for the Smart Grid. Moreover, the smart network architecture for the future Smart Grid is still unexplored. In this context, this paper proposes a clean-slate communication approach to boost the development of smart grid in the respective of Smart Identifier Network (SINET), named SI4SG. It also designs the service resolution mechanism and the ns-3 based simulating tool for the proposed communication architecture.

The smart grid aims to improve the efficiency, reliability and safety of the electric system via modern communication system, it's necessary to utilize cloud computing to process and store the data. In fact, it's a promising paradigm to integrate smart grid into cloud computing. However, access to cloud computing system also brings data security issues. This paper focuses on the protection of user privacy in smart meter system based on data combination privacy and trusted third party. The paper demonstrates the security issues for smart grid communication system and cloud computing respectively, and illustrates the security issues for the integration. And we introduce data chunk storage and chunk relationship confusion to protect user privacy. We also propose a chunk information list system for inserting and searching data.

(No abstract.)

In a system manufacturing process that use screens, for exemple, TVs, computer monitors, or notebook, the inspection images is one of the most important quality tests. Due to increasing complexity of these systems, manual inspection became complex and slow. Thus, automatic inspection is an attractive alternative. In this paper, we present an automatic inspection system images using edge and line detection algorithms, rectangles recognition and image comparison metrics. The experiments, performed to 504 images (TVs, computer monitors, and notebook) demonstrate that the system has good performance.

The detection of obstacles is a fundamental issue in autonomous navigation, as it is the main key for collision prevention. This paper presents a method for the segmentation of general obstacles by stereo vision with no need of dense disparity maps or assumptions about the scenario. A sparse set of points is selected according to a local spatial condition and then clustered in function of its neighborhood, disparity values and a cost associated with the possibility of each point being part of an obstacle. The method was evaluated in hand-labeled images from KITTI object detection benchmark and the precision and recall metrics were calculated. The quantitative and qualitative results showed satisfactory in scenarios with different types of objects.

With the pretty prompt growth in Internet content, the main usage pattern of internet is shifting from traditional host-to-host model to content dissemination model. To support content distribution, content delivery networks (CDNs) gives an ad-hoc solution and some of future internet projects suggest a clean-slate design. Web applications have become one of the fundamental internet services. How to effectively support the popular browser-based web application is one of keys to success for future internet projects. This paper proposes the IDNet-based web applications. IDNet consists of id/locator separation scheme and domain-insulated autonomous network architecture (DIANA) which redesign the future internet in the clean slate basis. We design and develop an IDNet Browser based on the open source Qt. IDNet browser enables ID fetching and rendering by both `idp:/' schemes URID (Universal Resource Identifier) and `http:/' schemes URI in HTML The experiment shows that it can well be applicable to the IDNet test topology.

RFID (Radio-Frequency IDentification) is attractive for the strong visibility it provides into logistics operations. In this paper, we explore fair-exchange techniques to encourage honest reporting of item receipt in RFID-tagged supply chains and present a fair ownership transfer system for RFID-tagged supply chains. In our system, a receiver can only access the data and/or functions of the RFID tag by providing the sender with a cryptographic attestation of successful receipt; cheating results in a defunct tag. Conversely, the sender can only obtain the receiver's attestation by providing the secret keys required to access the tag.

Most existing approaches focus on examining the values are dangerous for information flow within inter-suspicious modules of cloud applications (apps) in a host by using malware threat analysis, rather than the risk posed by suspicious apps were connected to the cloud computing server. Accordingly, this paper proposes a taint propagation analysis model incorporating a weighted spanning tree analysis scheme to track data with taint marking using several taint checking tools. In the proposed model, Android programs perform dynamic taint propagation to analyse the spread of and risks posed by suspicious apps were connected to the cloud computing server. In determining the risk of taint propagation, risk and defence capability are used for each taint path for assisting a defender in recognising the attack results against network threats caused by malware infection and estimate the losses of associated taint sources. Finally, a case of threat analysis of a typical cyber security attack is presented to demonstrate the proposed approach. Our approach verified the details of an attack sequence for malware infection by incorporating a finite state machine (FSM) to appropriately reflect the real situations at various configuration settings and safeguard deployment. The experimental results proved that the threat analysis model allows a defender to convert the spread of taint propagation to loss and practically estimate the risk of a specific threat by using behavioural analysis with real malware infection.

In this paper we investigate the proposals made by various industries for the Cellular Internet of Things (C-IoT). We start by introducing the context of C-IoT and demonstrate how this technology is closely linked to the Low Power-Wide Area (LPWA) technologies and networks. An in-depth look and system level evaluation is given for each clean slate technology and a comparison is made based on its specifications.

In this paper we investigate the proposals made by various industries for the Cellular Internet of Things (C-IoT). We start by introducing the context of C-IoT and demonstrate how this technology is closely linked to the Low Power-Wide Area (LPWA) technologies and networks. An in-depth look and system level evaluation is given for each clean slate technology and a comparison is made based on its specifications.

In order to be resilient to attacks, a cyber-physical system (CPS) must be able to detect attacks before they can cause significant damage. To achieve this, intrusion detection systems (IDS) may be deployed, which can detect attacks and alert human operators, who can then intervene. However, the resource-constrained nature of many CPS poses a challenge, since reliable IDS can be computationally expensive. Consequently, computational nodes may not be able to perform intrusion detection continuously, which means that we have to devise a schedule for performing intrusion detection. While a uniformly random schedule may be optimal in a purely cyber system, an optimal schedule for protecting CPS must also take into account the physical properties of the system, since the set of adversarial actions and their consequences depend on the physical systems. Here, in the context of water distribution networks, we study IDS scheduling problems in two settings and under the constraints on the available battery supplies. In the first problem, the objective is to design, for a given duration of time, scheduling schemes for IDS so that the probability of detecting an attack is maximized within that duration. We propose efficient heuristic algorithms for this general problem and evaluate them on various networks. In the second problem, our objective is to design scheduling schemes for IDS so that the overall lifetime of the network is maximized while ensuring that an intruder attack is always detected. Various strategies to deal with this problem are presented and evaluated for various networks.

Robust and stringent fault detection and correction techniques in executing Advanced Encryption Standard (AES) are still interesting issues for many critical applications. The purpose of fault detection and correction techniques is not only to ensure the reliability of a cryptosystem, but also protect the system against side channel attacks. Such errors could result due to a fault injection attack, production faults, noise or radiation effects in deep space. Devising a proper error control mechanisms for AES cipher during execution would improve both system reliability and security. In this work a novel fault detection and correction algorithm is proposed. The proposed mechanism is making use of the linear mappings of AES round structure to detect errors in the ShiftRow (SR) and MixColumn (MC) transformations. The error correction is achieved by creating temporary redundant check words through the combined SR and MC mapping to create in case of errors an error syndrome leading to error correction with relatively minor additional complexity. The proposed technique is making use of an error detecting and correcting capability in the combined mapping of SR and MC rather than detecting and/or correcting errors in each transformation separately. The proposed technique is making use especially of the MC mapping exhibiting efficient ECC properties, which can be deployed to simplify the design of a fault-tolerance technique. The performance of the algorithm proposed is evaluated by a simulated system model in FPGA technology. The simulation results demonstrate the ability to reach relatively high fault coverage with error correction up to four bytes of execution errors in the merged transformation SR-MC. The overall gate complexity overhead of the resulting system is estimated for proposed technique in FPGA technology.

The passive radar also known as Green Radar exploits the available commercial communication signals and is useful for target tracking and detection in general. Recent communications standards frequently employ Orthogonal Frequency Division Multiplexing (OFDM) waveforms and wideband for broadcasting. This paper focuses on the recent developments of the target detection algorithms in the OFDM passive radar framework where its channel estimates have been derived using the matched filter concept using the knowledge of the transmitted signals. The MUSIC algorithm, which has been modified to solve this two dimensional delay-Doppler detection problem, is first reviewed. As the target detection problem can be represented as sparse signals, this paper employs compressive sensing to compare with the detection capability of the 2-D MUSIC algorithm. It is found that the previously proposed single time sample compressive sensing cannot significantly reduce the leakage from the direct signal component. Furthermore, this paper proposes the compressive sensing method utilizing multiple time samples, namely l1-SVD, for the detection of multiple targets. In comparison between the MUSIC and compressive sensing, the results show that l1-SVD can decrease the direct signal leakage but its prerequisite of computational resources remains a major issue. This paper also presents the detection performance of these two algorithms for closely spaced targets.

Clustering algorithms have become a popular tool in computer security to analyze the behavior of malware variants, identify novel malware families, and generate signatures for antivirus systems. However, the suitability of clustering algorithms for security-sensitive settings has been recently questioned by showing that they can be significantly compromised if an attacker can exercise some control over the input data. In this paper, we revisit this problem by focusing on behavioral malware clustering approaches, and investigate whether and to what extent an attacker may be able to subvert these approaches through a careful injection of samples with poisoning behavior. To this end, we present a case study on Malheur, an open-source tool for behavioral malware clustering. Our experiments not only demonstrate that this tool is vulnerable to poisoning attacks, but also that it can be significantly compromised even if the attacker can only inject a very small percentage of attacks into the input data. As a remedy, we discuss possible countermeasures and highlight the need for more secure clustering algorithms.

Access Control Policies (ACPs) evolve. Understanding the trends and evolution patterns of ACPs could provide guidance about the reliability and maintenance of ACPs. Our research goal is to help policy authors improve the quality of ACP evolution based on the understanding of trends and evolution patterns in ACPs We performed an empirical study by analyzing the ACP changes over time for two systems: Security Enhanced Linux (SELinux), and an open-source virtual computing platform (VCL). We measured trends in terms of the number of policy lines and lines of code (LOC), respectively. We observed evolution patterns. For example, an evolution pattern st1 → st2 says that st1 (e.g., "read") evolves into st2 (e.g., "read" and "write"). This pattern indicates that policy authors add "write" permission in addition to existing "read" permission. We found that some of evolution patterns appear to occur more frequently.

This paper examines security faults/vulnerabilities reported for Fedora. Results indicate that, at least in some situations, fault roughly constant may be used to guide estimation of residual vulnerabilities in an already released product, as well as possibly guide testing of the next version of the product.

A key characteristic of simultaneous fault diagnosis is that the features extracted from the original patterns are strongly dependent. This paper proposes a new model of Bayesian classifier, which removes the fundamental assumption of naive Bayesian, i.e., the independence among features. In our model, the optimal bandwidth selection is applied to estimate the class-conditional probability density function (p.d.f.), which is the essential part of joint p.d.f. estimation. Three well-known indices, i.e., classification accuracy, area under ROC curve, and probability mean square error, are used to measure the performance of our model in simultaneous fault diagnosis. Simulations show that our model is significantly superior to the traditional ones when the dependence exists among features.