Biblio

Text analytics directly on compression (TADOC) has proven to be a promising technology for big data analytics. GPUs are extremely popular accelerators for data analytics systems. Unfortunately, no work so far shows how to utilize GPUs to accelerate TADOC. We describe G-TADOC, the first framework that provides GPU-based text analytics directly on compression, effectively enabling efficient text analytics on GPUs without decompressing the input data. G-TADOC solves three major challenges. First, TADOC involves a large amount of dependencies, which makes it difficult to exploit massive parallelism on a GPU. We develop a novel fine-grained thread-level workload scheduling strategy for GPU threads, which partitions heavily-dependent loads adaptively in a fine-grained manner. Second, in developing G-TADOC, thousands of GPU threads writing to the same result buffer leads to inconsistency while directly using locks and atomic operations lead to large synchronization overheads. We develop a memory pool with thread-safe data structures on GPUs to handle such difficulties. Third, maintaining the sequence information among words is essential for lossless compression. We design a sequence-support strategy, which maintains high GPU parallelism while ensuring sequence information. Our experimental evaluations show that G-TADOC provides 31.1× average speedup compared to state-of-the-art TADOC.

High-performance implementation of non-linear support vector machine (SVM) function is important in many applications. This paper develops a hardware design of Gaussian kernel function with high-performance since it is one of the most modules in non-linear SVM. The designed Gaussian kernel function consists of Norm unit and exponentiation function unit. The Norm unit uses fewer subtractors and multiplexers. The exponentiation function unit performs modified coordinate rotation digital computer algorithm with wide range of convergence and high accuracy. The presented circuit is implemented on a Xilinx field-programmable gate array platform. The experimental results demonstrate that the designed circuit achieves low resource utilization and high efficiency with relative error 0.0001.

High throughput of crypto circuit is critical for many high performance security applications. The proposed SM3 circuit design breaks the inherent limitation of the conventional algorithm flow by removing the "blocking point" on the critical path, and reorganizes the algebraic structure by adding four parallel compensation operations. In addition, the round expansion architecture, CSA (Carry Save Adder) and pre-calculation are also used in this design. Due to the optimization at both the algorithm level and the circuit level, the synthesized circuit of this design can reach maximum 415MHz operating clock frequency and 6.4Gbps throughput with SMIC 40nm high performance technology. Compared with the conventional implementation method, the throughput performance of the proposed SM3 circuit increases by 97.5% and the chip area of SM3 algorithm area is only increased by 16.2%.

The data transmitted via the network may be vulnerable to cyber attacks in networked inverted pendulum system (NIPS), how to detect cyber attacks is a challenging issue. To solve this problem, this paper investigates a honeypot-based attack detection method for NIPS. Firstly, honeypot for NIPS attack detection (namely NipsPot) is constructed by deceptive environment module of a virtual closed-loop control system, and the stealthiness of typical covert attacks is analysed. Secondly, attack data is collected by NipsPot, which is used to train supported vector machine (SVM) model for attack detection. Finally, simulation results demonstrate that NipsPot-based attack detector can achieve the accuracy rate of 99.78%, the precision rate of 98.75%, and the recall rate of 100%.

With the maturity of Internet of things technology, massive data transmission has become the focus of research. In order to solve the problem of low speed of traditional hybrid data fast distribution algorithm for wireless sensor networks, a hybrid data fast distribution algorithm for wireless sensor networks based on visual Internet of things is designed. The logic structure of mixed data input gate in wireless sensor network is designed through the visual Internet of things. The objective function of fast distribution of mixed data in wireless sensor network is proposed. The number of copies of data to be distributed is dynamically calculated and the message deletion strategy is determined. Then the distribution parameters are calibrated, and the fitness ranking is performed according to the distribution quantity to complete the algorithm design. The experimental results show that the distribution rate of the designed algorithm is significantly higher than that of the control group, which can solve the problem of low speed of traditional data fast distribution algorithm.

Aiming at ensure the security and self-control of heterogeneous alliance network, this paper proposes a novel structure of identity authentication based on domestic commercial cryptography with blockchain in the heterogeneous alliance network. The domestic commercial cryptography, such as SM2, SM3, SM4, SM9 and ZUC, is adopted to solve the encryption, decryption, signature and verification of blockchain, whose key steps of data layer are solved by using domestic commercial cryptographic algorithms. In addition, it is the distributed way to produce the public key and private key for the security of the keys. Therefore, the cross domain identity authentication in the heterogeneous alliance network can be executed safely and effectively.

Image style transfer refers to the transformation of the style of image, so that the image details are retained to the maximum extent while the style is transferred. Aiming at the problem of low clarity of style transfer images generated by CycleGAN network, this paper improves the CycleGAN network. In this paper, the network model of auto-encoder and variational auto-encoder is added to the structure. The encoding part of the auto-encoder is used to extract image content features, and the variational auto-encoder is used to extract style features. At the same time, the generating network of the model in this paper uses first to adjust the image size and then perform the convolution operation to replace the traditional deconvolution operation. The discriminating network uses a multi-scale discriminator to force the samples generated by the generating network to be more realistic and approximate the target image, so as to improve the effect of image style transfer.

Using Generative Adversarial Networks (GAN) to translate images is a significant field in computer vision. There are partial distortion, artifacts and detail loss in the images generated by current image translation algorithms. In order to solve this problem, this paper adds attention-based residual neural network to the generator of GAN. Attention-based residual neural network can improve the representation ability of the generator by weighting the channels of the feature map. Experiment results on the Facades dataset show that Attention Residual GAN can translate images with excellent quality.

The digitalization of safety-critical railroad infrastructure enables new types of attacks. This increases the need to integrate Information Technology (IT) security measures into railroad systems. For that purpose, we rely on a security architecture for a railway object controller which controls field elements that we developed in previous work. Our architecture enables the integration of security mechanisms into a safety-certified railway system. In this paper, we demonstrate the practical feasibility of our architecture by using a Trusted Platform Module (TPM) 2.0 and a Multiple Independent Levels of Safety and Security (MILS) Separation Kernel (SK) for our implementation. Our evaluation includes a test bed and shows how certification and homologation can be achieved.

In recent years, hashing algorithm has been widely researched and has made considerable progress in large-scale image retrieval tasks due to its advantages of convenient storage and fast calculation efficiency. Nowadays most researchers use deep convolutional neural networks (CNNs) to perform feature learning and hash coding learning at the same time for image retrieval and the deep hashing methods based on deep CNNs perform much better than the traditional manual feature hashing methods. But most methods are designed to handle simple binary similarity and decrease quantization error, ignoring that the features of similar images and hashing codes generated are not compact enough. In order to enhance the performance of CNNs-based hashing algorithms for large scale image retrieval, this paper proposes a new deep-supervised hashing algorithm in which a novel channel attention mechanism is added and the loss function is elaborately redesigned to generate compact binary codes. It experimentally proves that, compared with the existing hashing methods, this method has better performance on two large scale image datasets CIFAR-10 and NUS-WIDE.

Various algorithms and models have been proposed to address text classification tasks; however, they rarely consider incorporating the additional knowledge hidden in class labels. We argue that hidden information in class labels leads to better classification accuracy. In this study, instead of encoding the labels into numerical values, we incorporated the knowledge in the labels into the original model without changing the model architecture. We combined the output of an original classification model with the relatedness calculated based on the embeddings of a sequence and a keyword set. A keyword set is a word set to represent knowledge in the labels. Usually, it is generated from the classes while it could also be customized by the users. The experimental results show that our proposed method achieved statistically significant improvements in text classification tasks. The source code and experimental details of this study can be found on Github11https://github.com/HeroadZ/KiL.

With China's overall national strength, the education of studying in China has entered a period of rapid development, and China has become one of the important destination countries for international student mobility. With political stability, rapid economic development, and continuous improvement in the quality of higher education, the educational value of studying in China is increasingly recognized by international students. International students study and live in the same way as domestic students. While the development of the Internet has brought convenience to people, it has also created many security risks. How to protect the information security of international students is the focus of this paper. This paper introduces the classification, characteristics and security risks of international students' personal information. In order to protect the private data of international students from being leaked, filtering rules are set in the campus network through WinRoute firewall to effectively prevent information from being leaked, tampered or deleted, which can be used for reference by other universities.

This paper provides an overview of the security service controls that are applied in a big data processing (BDP) system to defend against cyber security attacks. We validate this approach by modeling attacks and effectiveness of security service controls in a sequence of states and transitions. This Finite State Machine (FSM) approach uses the probable effectiveness of security service controls, as defined in the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). The attacks used in the model are defined in the ATT&CK™ framework. Five different BDP security architecture configurations are considered, spanning from a low-cost default BDP configuration to a more expensive, industry supported layered security architecture. The analysis demonstrates the importance of a multi-layer approach to implementing security in BDP systems. With increasing interest in using BDP systems to analyze sensitive data sets, it is important to understand and justify BDP security architecture configurations with their significant costs. The output of the model demonstrates that over the run time, larger investment in security service controls results in significantly more uptime. There is a significant increase in uptime with a linear increase in security service control investment. We believe that these results support our recommended BDP security architecture. That is, a layered architecture with security service controls integrated into the user interface, boundary, central management of security policies, and applications that incorporate privacy preserving programs. These results enable making BDP systems operational for sensitive data accessed in a multi-tenant environment.

With the development of communication technology, the disadvantages of traditional notification methods such as low efficiency gradually appear. With the introduction of WAP with WTLS security and its development and maintenance, more and more notification systems are using this technology. Through the analysis, design and implementation of notification system for large user groups, this paper studies how to collect and notify data without affecting the business system, and proposes a scheme of real-time data acquisition and filtering based on trigger. The middleware and application server implementation transaction management and database operation to separate CICS middleware technology based on research using UNIXC, Socket programming, SQL statements, SYBASE database technology, from the system requirements, business process, function structure, database and data structure, the input and output of the system, system testing the aspects such as design of practical significance to intelligent notification system for large user groups. Finally, the paper describes the test effect of the system in detail. 10 users send 1, 5, 10 and 20 strokes at the same time, and the completion time is 0.28, 1.09, 1.58 and 2.20 seconds, which proves that the system has practical significance.

To improve efficiency of stegosystem on blockchain and balance the time consumption of Encode and Decode operations, we propose a new blockchain-based steganography scheme, called Keys as Secret Messages (KASM), where a codebook of mappings between bitstrings and public keys can be pre-calculated by both sides with some secret parameters pre-negotiated before covert communication. By applying properties of elliptic curves and pseudorandom number generators, we realize key derivation of codebook item, and we construct the stegosystem with provable security under chosen hiddentext attack. By comparing KASM with Blockchain Covert Channel (BLOCCE) and testing on Bitcoin protocol, we conclude that our proposed stegosystem encodes hiddentexts faster than BLOCCE does and can decode stegotexts in highly acceptable time. The balanced time consumption of Encode and Decode operations of KASM make it applicable in the scene of duplex communication. At the same time, KASM does not leak sender’s private keys, so sender’s digital currencies can be protected.

With the development of cloud computing, a growing number of users use the cloud to store their sensitive data. To protect privacy, users often encrypt their data before outsourcing. Searchable Symmetric Encryption (SSE) enables users to retrieve their encrypted data. Most prior SSE schemes did not focus on malicious servers, and users could not confirm the correctness of the search results. Blockchain-based SSE schemes show the potential to solve this problem. However, the expensive nature of storage overhead on the blockchain presents an obstacle to the implementation of these schemes. In this paper, we propose a lightweight blockchain-based searchable symmetric encryption scheme that reduces the space cost in the scheme by improving the data structure of the encrypted index and ensuring efficient data retrieval. Experiment results demonstrate the practicability of our scheme.

Acoustic tomography experiments for ocean observation require low-frequency, broadband, high power, small size underwater acoustic transducer, but there are contradictions between the performance of the transducer, therefore a longitudinal-bending fluid-cavity coupled broadband underwater acoustic transducer is presented. The difference between the transducer and the traditional JH transducer is that the opening position of the Helmholtz resonant cavity is arranged between the radiation cover plate and the cylindrical cavity. Based on the optimization results of the finite element software ANSYS produced a transducer test prototype. The test results show that the simulation results and experimental results are basically consistent, and the transmitting voltage response can reach 136dB, the transmitting voltage response fluctuation shall no more than 6dB through the range of 700-1200Hz in the horizontal direction, verified the longitudinal-bending mode and the fluid-cavity mode of the transducer are well coupled, and the transducer is an ideal low-frequency, broadband, high power, small size underwater acoustic transducer.

Security is of importance for communication networks, and many network nodes, like sensors and IoT devices, are resource-constrained. Physical Unclonable Functions (PUFs) leverage physical variations of the integrated circuits to produce responses unique to individual circuits and have the potential for delivering security for low-cost networks. But before a PUF can be adopted for security applications, all security vulnerabilities must be discovered. Recently, a new PUF known as Interpose PUF (IPUF) was proposed, which was tested to be secure against reliability-based modeling attacks and machine learning attacks when the attacked IPUF is of small size. A recent study showed IPUFs succumbed to a divide-and-conquer attack, and the attack method requires the position of the interpose bit known to the attacker, a condition that can be easily obfuscated by using a random interpose position. Thus, large IPUFs may still remain secure against all known modeling attacks if the interpose position is unknown to attackers. In this paper, we present a new modeling attack method of IPUFs using multilayer neural networks, and the attack method requires no knowledge of the interpose position. Our attack was tested on simulated IPUFs and silicon IPUFs implemented on FPGAs, and the results showed that many IPUFs which were resilient against existing attacks cannot withstand our new attack method, revealing a new vulnerability of IPUFs by re-defining the boundary between secure and insecure regions in the IPUF parameter space.

The randomness, ambiguity and some other uncertainties of trust relationships in Wireless Sensor Networks (WSNs) make existing trust management methods often unsatisfactory in terms of accuracy. This paper proposes a trust evaluation method based on cloud model for malicious node detection. The conversion between qualitative and quantitative sensor node trust degree is achieved. Firstly, nodes cooperate with each other to establish a standard cloud template for malicious nodes and a standard cloud template for normal nodes, so that malicious nodes have a qualitative description to be either malicious or normal. Secondly, the trust cloud template obtained during the interactions is matched against the previous standard templates to achieve the detection of malicious nodes. Simulation results demonstrate that the proposed method greatly improves the accuracy of malicious nodes detection.

Due to the shortage of resources and services, agents are often in competition with each other. Excessive competition will lead to a social dilemma. Under the viewpoint of breaking social dilemma, we present a novel trust-based logic framework called Trust Computation Logic (TCL) for measure method to find the best partners to collaborate and automatically verifying trust in Multi-Agent Systems (MASs). TCL starts from defining trust state in Multi-Agent Systems, which is based on contradistinction between behavior in trust behavior library and in observation. In particular, a set of reasoning postulates along with formal proofs were put forward to support our measure process. Moreover, we introduce symbolic model checking algorithms to formally and automatically verify the system. Finally, the trust measure method and reported experimental results were evaluated by using DeepMind’s Sequential Social Dilemma (SSD) multi-agent game-theoretic environments.

This paper analyzes the current situation and shortcomings of traditional security chip production program management, then proposes a management approach of a chip issue program management method and develope a management system based on Webservice technology. The program management method and system of chip production proposed in this paper simplifies the program management process of chip production and improves the working efficiency of chip production management.

In recent years, the development of deep learning has brought new ideas to internal threat detection. In this paper, three common deep learning algorithms for threat detection are optimized and innovated, and feature embedding, drift detection and sample weighting are introduced into FCNN. Adaptive multi-iteration method is introduced into Support Vector Data Description (SVDD). A dynamic threshold adjustment mechanism is introduced in VAE. In threat detection, three methods are used to detect the abnormal behavior of users, and the intersection of output results is taken as the final threat judgment basis. Experiments on cert r6.2 data set show that this method can significantly reduce the false positive rate.

Privacy protection is a vital part of information security. However, the excessive collections and uses of personal information have intensified in the area of mobile apps (applications). To comprehend the current situation of APP personal information security problem of APP, this paper uses a combined approach of static analysis technology, dynamic analysis technology, and manual review to detect and analyze the installed file of mobile apps. 40 mobile apps are detected as experimental samples. The results demonstrate that this combined approach can effectively detect various issues of personal information security problem in mobile apps. Statistics analysis of the experimental results demonstrate that mobile apps have outstanding problems in some aspects of personal information security such as privacy policy, permission application, information collection, data storage, etc.

In this paper, we investigate joint sensor-actuator cyber attacks in discrete event systems. We assume that attackers can attack some sensors and actuators at the same time by altering observations and control commands. Because of the nondeterminism in observation and control caused by cyber attacks, the behavior of the supervised systems becomes nondeterministic and deviates from the target. We define two bounds on languages, an upper-bound and a lower-bound, to describe the nondeterministic behavior. We then use the upper-bound language to investigate the safety supervisory control problem under cyber attacks. After introducing CA-controllability and CA-observability, we successfully solve the supervisory control problem under cyber attacks.

Due to the insufficient awareness of decision makers on the security risks of industrial cyber-physical systems(ICPS) under cyber-attacks, it is difficult to take effective defensive measures according to the characteristics of different cyber-attacks in advance. To solve the above problem, this paper gives a qualitative analysis method of ICPS security risk from the perspective of defenders. The ICPS being attacked is modeled as a dynamic closed-loop fusion model where the mathematical models of the physical plant and the feedback controller are established. Based on the fusion model, the disruption resources generated by attacks are mathematically described. Based on the designed Kalman filter, the detection of attacks is judged according to the residual value of the system. According to the disruption resources and detectability, a general security risk level model is further established to evaluate the security risk level of the system under attacks. The simulation experiments are conducted by using Matlab to analyze the destructiveness and detectability of attacks, where the results show that the proposed qualitative analysis method can effectively describe the security risk under the cyber-attacks.