Biblio

Caching strategies have been evaluated and compared in many studies, most often via simulation, but also in analytic methods. Knapsack solutions provide a general analytical approach for upper bounds on web caching performance. They assume objects of maximum (value/size) ratio being selected as cache content, with flexibility to define the caching value. Therefore the popularity, cost, size, time-to-live restrictions etc. per object can be included an overall caching goal, e.g., for reducing delay and/or transport path length in content delivery. The independent request model (IRM) leads to basic knapsack bounds for static optimum cache content. We show that a 2-dimensional (2D-)knapsack solution covers arbitrary request pattern, which selects dynamically changing content yielding maximum caching value for any predefined request sequence. Moreover, Belady's optimum strategy for clairvoyant caching is identified as a special case of our 2D-knapsack solution when all objects are unique. We also summarize a comprehensive picture of the demands and efficiency criteria for web caching, including updating speed and overheads. Our evaluations confirm significant performance gaps from LRU to advanced GreedyDual and score-based web caching methods and to the knapsack bounds.

The goal of a decision-based adversarial attack on a trained model is to generate adversarial examples based solely on observing output labels returned by the targeted model. We develop HopSkipJumpAttack, a family of algorithms based on a novel estimate of the gradient direction using binary information at the decision boundary. The proposed family includes both untargeted and targeted attacks optimized for $\mathscrl$ and $\mathscrlınfty$ similarity metrics respectively. Theoretical analysis is provided for the proposed algorithms and the gradient direction estimate. Experiments show HopSkipJumpAttack requires significantly fewer model queries than several state-of-the-art decision-based adversarial attacks. It also achieves competitive performance in attacking several widely-used defense mechanisms.

The existence of adversarial samples makes the security of machine learning models in practical application questioned, especially the black-box adversarial attack, which is very close to the actual application scenario. Efficient search for black-box attack samples is helpful to train more robust models. We discuss the situation that the attacker can get nothing except the final predict label. As for this problem, the current state-of-the-art method is Boundary Attack(BA) and its variants, such as Biased Boundary Attack(BBA), however it still requires large number of queries and kills a lot of time. In this paper, we propose a novel method to solve these shortcomings. First, we improved the algorithm for generating initial adversarial samples with smaller L2 distance. Second, we innovatively combine a swarm intelligence algorithm - Particle Swarm Optimization(PSO) with Biased Boundary Attack and propose PSO-BBA method. Finally, we experiment on ImageNet dataset, and compared our algorithm with the baseline algorithm. The results show that:(1)our improved initial point selection algorithm effectively reduces the number of queries;(2)compared with the most advanced methods, our PSO-BBA method improves the convergence speed while ensuring the attack accuracy;(3)our method has a good effect on both targeted attack and untargeted attack.

Style transfer produces a transferred image which is a rendering of a content image in the manner of a style image. We seek to understand how to improve style transfer.To do so requires quantitative evaluation procedures, but current evaluation is qualitative, mostly involving user studies. We describe a novel quantitative evaluation procedure. Our procedure relies on two statistics: the Effectiveness (E) statistic measures the extent that a given style has been transferred to the target, and the Coherence (C) statistic measures the extent to which the original image's content is preserved. Our statistics are calibrated to human preference: targets with larger values of E and C will reliably be preferred by human subjects in comparisons of style and content, respectively.We use these statistics to investigate relative performance of a number of Neural Style Transfer (NST) methods, revealing a number of intriguing properties. Admissible methods lie on a Pareto frontier (i.e. improving E reduces C, or vice versa). Three methods are admissible: Universal style transfer produces very good C but weak E; modifying the optimization used for Gatys' loss produces a method with strong E and strong C; and a modified cross-layer method has slightly better E at strong cost in C. While the histogram loss improves the E statistics of Gatys' method, it does not make the method admissible. Surprisingly, style weights have relatively little effect in improving EC scores, and most variability in transfer is explained by the style itself (meaning experimenters can be misguided by selecting styles). Our GitHub Link is available1.

Dynamic Information Flow Tracking (DIFT), also called Dynamic Taint Analysis (DTA), is a technique for tracking the information as it flows through a program's execution. Specifically, some inputs or data get tainted and then these taint marks (tags) propagate usually at the instruction-level. While DIFT has been a fundamental concept in computer and network security for the past decade, it still faces open challenges that impede its widespread application in practice; one of them being the indirect flow propagation dilemma: should the tags involved in an indirect flow, e.g., in a control or address dependency, be propagated? Propagating all these tags, as is done for direct flows, leads to overtainting (all taintable objects become tainted), while not propagating them leads to undertainting (information flow becomes incomplete). In this paper, we analytically model that decisioning problem for indirect flows, by considering various tradeoffs including undertainting versus overtainting, importance of heterogeneous code semantics and context. Towards tackling this problem, we design MITOS, a distributed-optimization algorithm, that: decides about the propagation of indirect flows by properly weighting all these tradeoffs, is of low-complexity, is scalable, is able to flexibly adapt to different application scenarios and security needs of large distributed systems. Additionally, MITOS is applicable to most DIFT systems that consider an arbitrary number of tag types, and introduces the key properties of fairness and tag-balancing to the DIFT field. To demonstrate MITOS's applicability in practice, we implement and evaluate MITOS on top of an open-source DIFT, and we shed light on the open problem. We also perform a case-study scenario with a real in-memory only attack and show that MITOS improves simultaneously (i) system's spatiotemporal overhead (up to 40%), and (ii) system's fingerprint on suspected bytes (up to 167%) compared to traditional DIFT, even though these metrics usually conflict.

Optimization plays an important role in many problems that expect the accurate output. Security of the data stored in remote servers purely based on secret key which is used for encryption and decryption purpose. Many secret key generation algorithms such as RSA, AES are available to generate the key. The key generated by such algorithms are need to be optimized to provide more security to your data from unauthorized users as well as from the third party auditors(TPA) who is going to verify our data for integrity purpose. In this paper a method to optimize the secret key by using cuckoo search algorithm (CSA) is proposed.

This paper studies physical-layer security over slow fading channels, considering the impact of finite-blocklength secrecy coding. A comprehensive analysis and optimization framework is established to investigate the secrecy throughput (ST) of a legitimate user pair coexisting with an eavesdropper. Specifically, we devise both adaptive and non-adaptive optimization schemes to maximize the ST, where we derive optimal parameters including the transmission policy, blocklength, and code rates based on the instantaneous and statistical channel state information of the legitimate pair, respectively. Various important insights are provided. In particular, 1) increasing blocklength improves both reliability and secrecy with our transmission policy; 2) ST monotonically increases with blocklength; 3) ST initially increases and then decreases with secrecy rate, and there exists a critical secrecy rate that maximizes the ST. Numerical results are presented to verify theoretical findings.

The paper presents a reinforcement learning solution to dynamic resource allocation for 5G radio access network slicing. Available communication resources (frequency-time blocks and transmit powers) and computational resources (processor usage) are allocated to stochastic arrivals of network slice requests. Each request arrives with priority (weight), throughput, computational resource, and latency (deadline) requirements, and if feasible, it is served with available communication and computational resources allocated over its requested duration. As each decision of resource allocation makes some of the resources temporarily unavailable for future, the myopic solution that can optimize only the current resource allocation becomes ineffective for network slicing. Therefore, a Q-learning solution is presented to maximize the network utility in terms of the total weight of granted network slicing requests over a time horizon subject to communication and computational constraints. Results show that reinforcement learning provides major improvements in the 5G network utility relative to myopic, random, and first come first served solutions. While reinforcement learning sustains scalable performance as the number of served users increases, it can also be effectively used to assign resources to network slices when 5G needs to share the spectrum with incumbent users that may dynamically occupy some of the frequency-time blocks.

Compressive Sensing (CS) is a promising technology for the acquisition of signals. The number of measurements is reduced by using CS which is needed to obtain the signals in some basis that are compressible or sparse. The compressible or sparse nature of the signals can be obtained by transforming the signals in some domain. Depending on the signals sparsity signals are sampled below the Nyquist sampling criteria by using CS. An optimization problem needs to be solved for the recovery of the original signal. Very few studies have been reported about the reconstruction of the signals. Therefore, in this paper, the reconstruction algorithms are elaborated systematically for sparse signal recovery in CS. The discussion of various reconstruction algorithms in made in this paper will help the readers in order to understand these algorithms efficiently.

The Global Demand for agriculture and dairy products is rising. Demand is expected to double by 2050. This will challenge agriculture markets in a way we have not seen before. For instance, unprecedented demand to increase in dairy farm productivity of already shrinking farms, untethered perpetual access to veterinarians by small dairy farms, economic engines of the developing countries, for animal husbandry and, finally, unprecedented need to increase productivity of veterinarians who're already understaffed, over-stressed, resource constrained to meet the current global dairy demands. The lack of innovative solutions to address the challenge would result in a major obstacle to achieve sustainable food future and a colossal roadblock ending economic disparities. The paper proposes a novel innovative data driven framework cropped by data generated using dairy Sensors and by mathematical formulations using Solvers to generate an exclusive veterinarian daily farms prioritized visit list so as to have a greater coverage of the most needed farms performed in-time and improve small farmers access to veterinarians, a precious and highly shortage & stressed resource.

This paper presents a novel method, combining new formulations and sampling, to improve the scalability of sum-of-squares (SOS) programming-based system verification. Region-of-attraction approximation problems are considered for polynomial, polynomial with generalized Lur'e uncertainty, and rational trigonometric multi-rigid-body systems. Our method starts by identifying that Lagrange multipliers, traditionally heavily used for S-procedures, are a major culprit of creating bloated SOS programs. In light of this, we exploit inherent system properties-continuity, convexity, and implicit algebraic structure-and reformulate the problems as quotient-ring SOS programs, thereby eliminating all the multipliers. These new programs are smaller, sparser, less constrained, yet less conservative. Their computation is further improved by leveraging a recent result on sampling algebraic varieties. Remarkably, solution correctness is guaranteed with just a finite (in practice, very small) number of samples. Altogether, the proposed method can verify systems well beyond the reach of existing SOS-based approaches (32 states); on smaller problems where a baseline is available, it computes tighter solution 2-3 orders of magnitude faster.

Automated techniques for rigorous floating-point round-off error analysis are a prerequisite to placing important activities in HPC such as precision allocation, verification, and code optimization on a formal footing. Yet existing techniques cannot provide tight bounds for expressions beyond a few dozen operators-barely enough for HPC. In this work, we offer an approach embedded in a new tool called SATIHE that scales error analysis by four orders of magnitude compared to today's best-of-class tools. We explain how three key ideas underlying SATIHE helps it attain such scale: path strength reduction, bound optimization, and abstraction. SATIHE provides tight bounds and rigorous guarantees on significantly larger expressions with well over a hundred thousand operators, covering important examples including FFT, matrix multiplication, and PDE stencils.

Data storage in Distributed Storage Systems (DSS) is a multidimensional optimization problem. Using network coding, one wants to provide reliability, scalability, security, reduced storage overhead, reduced bandwidth for repair and minimal disk I/O in such systems. Advances in the construction of optimal Fractional Repetition (FR) codes, a smart replication of encoded packets on n nodes which also provides optimized disk I/O and where a node failure can be repaired by contacting some specific set of nodes in the system, is in high demand. An attempt towards the construction of universally good FR codes using three different approaches is addressed in this work. In this paper, we present that the code constructed using the partial regular graph for heterogeneous DSS, where the number of packets on each node is different, is universally good. Further, we also encounter the list of parameters for which the ring construction and the T-construction results in universally good codes. In addition, we evaluate the FR code constructions meeting the minimum distance bound.

Users leave when page loads take too long. This simple fact has complex implications for virtually all modern businesses, because accelerating content delivery through caching is not as simple as it used to be. As a fundamental technical challenge, the high degree of personalization in today's Web has seemingly outgrown the capabilities of traditional content delivery networks (CDNs) which have been designed for distributing static assets under fixed caching times. As an additional legal challenge for services with personalized content, an increasing number of regional data protection laws constrain the ways in which CDNs can be used in the first place. In this paper, we present Speed Kit as a radically different approach for content distribution that combines (1) a polyglot architecture for efficiently caching personalized content with (2) a natively GDPR-compliant client proxy that handles all sensitive information within the user device. We describe the system design and implementation, explain the custom cache coherence protocol to avoid data staleness and achieve Δ-atomicity, and we share field experiences from over a year of productive use in the e-commerce industry.

Demand response (DR) is one of the most economical methods for peak demand reduction, renewable energy integration and ancillary service support. Residential electrical energy consumption takes approximately 33% of the total electricity usage and hence has great potentials in DR applications. However, residential DR encounters various challenges such as small individual magnitude, stochastic consuming patterns and privacy issues. In this study, we propose a stochastic optimal mechanism to tackle these issues and try to reveal the benefits from residential DR implementation. Stochastic residential load (SRL) models, a generation cost prediction (GCP) model and a stochastic optimal load aggregation (SOLA) model are developed. A set of uniformly distributed scalers is introduced into the SOLA model to efficiently avoid the peak demand rebound problem in DR applications. The SOLA model is further transformed into a deterministic LP model. Time-of-Use (TOU) tariff is adopted as the price structure because of its similarity and popularity. Case studies show that the proposed mechanism can significantly reduce the peak-to-average power ratio (PAPR) of the load profile as well as the electrical energy cost. Furthermore, the impacts of consumers' participation levels in the DR program are investigated. Simulation results show that the 50% participation level appears as the best case in terms system stability. With the participation level of 80%, consumers' electrical energy cost is minimized. The proposed mechanism can be used by a residential load aggregator (LA) or a utility to plan a DR program, predict its impacts, and aggregate residential loads to minimize the electrical energy cost.

Recommender systems (RSs) are intelligent systems to help e-commerce users to find their preferred items among millions of available items by considering the profiles of both users and items. These systems need to predict the unknown ratings and then recommend a set of high rated items. Among the others, Collaborative Filtering (CF) is a successful recommendation approach and has been utilized in many real-world systems. CF methods seek to predict missing ratings by considering the preferences of those users who are similar to the target user. A major task in Collaborative Filtering is to identify an accurate set of users and employing them in the rating prediction process. Most of the CF-based methods suffer from the cold-start issue which arising from an insufficient number of ratings in the prediction process. This is due to the fact that users only comment on a few items and thus CF methods faced with a sparse user-item matrix. To tackle this issue, a new collaborative filtering method is proposed that has a trust-aware strategy. The proposed method employs the trust relationships of users as additional information to help the CF tackle the cold-start issue. To this end, the proposed integrated trust relationships in the prediction process by using the Ant Colony Optimization (ACO). The proposed method has four main steps. The aim of the first step is ranking users based on their similarities to the target user. This step uses trust relationships and the available rating values in its process. Then in the second step, graph clustering methods are used to cluster the trust graph to group similar users. In the third step, the users are weighted based on their similarities to the target users. To this end, an ACO process is employed on the users' graph. Finally, those of top users with high similarity to the target user are used in the rating prediction process. The superiority of our method has been shown in the experimental results in comparison with well-known and state-of-the-art methods.

Artificial Intelligence (AI) is influencing almost all areas of human life. Even though these AI-based systems frequently provide state-of-the-art performance, humans still hesitate to develop, deploy, and use AI systems. The main reason for this is the lack of trust in AI systems caused by the deficiency of transparency of existing AI systems. As a solution, “Trustworthy AI” research area merged with the goal of defining guidelines and frameworks for improving user trust in AI systems, allowing humans to use them without fear. While trust in AI is an active area of research, very little work exists where the focus is to build human trust to improve the interactions between human and AI systems. In this paper, we provide a concise survey on concepts of trustworthy AI. Further, we present trustworthy AI development guidelines for improving the user trust to enhance the interactions between AI systems and humans, that happen during the AI system life cycle.

Aiming at the problem that the traditional intrusion detection method can not effectively deal with the massive and high-dimensional network traffic data of industrial control system (ICS), an ICS intrusion detection strategy based on bidirectional generative adversarial network (BiGAN) is proposed in this paper. In order to improve the applicability of BiGAN model in ICS intrusion detection, the optimal model was obtained through the single variable principle and cross-validation. On this basis, the supervised control and data acquisition (SCADA) standard data set is used for comparative experiments to verify the performance of the optimized model on ICS intrusion detection. The results show that the ICS intrusion detection method based on optimized BiGAN has higher accuracy and shorter detection time than other methods.

In this paper, we present the concept of boosting the resiliency of optimization-based observers for cyber-physical systems (CPS) using auxiliary sources of information. Due to the tight coupling of physics, communication and computation, a malicious agent can exploit multiple inherent vulnerabilities in order to inject stealthy signals into the measurement process. The problem setting considers the scenario in which an attacker strategically corrupts portions of the data in order to force wrong state estimates which could have catastrophic consequences. The goal of the proposed observer is to compute the true states in-spite of the adversarial corruption. In the formulation, we use a measurement prior distribution generated by the auxiliary model to refine the feasible region of a traditional compressive sensing-based regression problem. A constrained optimization-based observer is developed using l1-minimization scheme. Numerical experiments show that the solution of the resulting problem recovers the true states of the system. The developed algorithm is evaluated through a numerical simulation example of the IEEE 14-bus system.

In view of the problem that the overall security of the network is difficult to evaluate quantitatively, we propose the edge authority attack graph model, which aims to make up for the traditional dependence attack graph to describe the relationship between vulnerability behaviors. This paper proposed a network security metrics based on probability, and proposes a network vulnerability algorithm based on vulnerability exploit probability and attack target asset value. Finally, a network security reinforcement algorithm with network vulnerability index as the optimization target is proposed based on this metric algorithm.

Implementation of Internet-of-Things (IoT) can take place in many applications, for instance, automobiles, and industrial automation. We generally view the role of an Electronic Control Unit (ECU) or industrial network node that is occupied and interconnected in many different configurations in a vehicle or a factory. This condition may raise the occurrence of problems related to security issues, such as unauthorized access to data or components in ECUs or industrial network nodes. In this paper, we propose a hardware (HW)/software (SW) framework having integrated security extensions complemented with various security-related features that later can be implemented directly from the framework to All Programmable Multiprocessor System-on-Chip (AP MPSoC)-based ECUs. The framework is a software-defined one that can be configured or reconfigured in a higher level of abstraction language, including High-Level Synthesis (HLS), and the output of the framework is hardware configuration in multiprocessor or reconfigurable components in the FPGA. The system comprises high-level requirements, covert and side-channel estimation, cryptography, optimization, artificial intelligence, and partial reconfiguration. With this framework, we may reduce the design & development time, and provide significant flexibility to configure/reconfigure our framework and its target platform equipped with security extensions.

Realistic state-based discrete-event simulation models are often quite complex. The complexity frequently manifests in models that (a) contain a large number of input variables whose values are difficult to determine precisely, and (b) take a relatively long time to solve. Traditionally, models that have a large number of input variables whose values are not well-known are understood through the use of sensitivity analysis (SA) and uncertainty quantification (UQ). However, it can be prohibitively time consuming to perform SA and UQ. In this work, we present a novel approach we developed for performing fast and thorough SA and UQ on a metamodel composed of a stacked ensemble of regressors that emulates the behavior of the base model. We demonstrate the approach using a previously published botnet model as a test case, showing that the metamodel approach is several orders of magnitude faster than the base model, more accurate than existing approaches, and amenable to SA and UQ.

Network behavior anomaly detection (NBAD) require fast mechanisms for learning from the large scale data. However, the training velocity of general machine learning approach is largely limited by the adopted training weights of all features in the NBAD. In this paper, we notice, however, that the related weights matching of NBAD features is sparse, which is not necessary for holding all weights. Hence, in this paper, we consider an efficient support vector machine (SVM) approach for NBAD by imposing 1 -norm. Essentially, we propose to use sparse SVM (S-SVM), where sparsity in model, i.e. in weights is used to interfere with special feature selection and that can achieve feature selection and classification efficiently.

Nowadays, the Internet of Things (IoT) is playing an important role in our life. This inevitably generates mass data and requires a more secure transmission. As blockchain technology can build trust in a distributed environment and ensure the data traceability and tamper resistance, it is a promising way to support IoT data transmission and sharing. In this paper, edge computing is considered to provide adequate resources for end users to offload computing tasks in the blockchain enabled IoT system, and the node pairing problem between end users and edge computing servers is researched with the consideration of wireless channel quality and the service quality. From the perspective of the end users, the objective optimization is designed to maximize the profits and minimize the payments for completing the tasks and ensuring the resource limits of the edge servers at the same time. The deep reinforcement learning (DRL) method is utilized to train an intelligent strategy, and the policy gradient based node pairing (PG-NP) algorithm is proposed. Through a deep neural network, the well-trained policy matched the system states to the optimal actions. The REINFORCE algorithm with baseline is applied to train the policy network. According to the training results, as the comparison strategies are max-credit, max-SINR, random and max-resource, the PG-NP algorithm performs about 57% better than the second-best method. And testing results show that PGNP also has a good generalization ability which is negatively correlated with the training performance to a certain extend.

Developing mission-centric impact assessment techniques to address cyber resiliency in the cyber-physical systems (CPSs) requires integrating system inter-dependencies to the risk and resilience analysis process. Generally, network administrators utilize attack graphs to estimate possible consequences in a networked environment. Attack graphs lack to incorporate the operations-specific dependencies. Localizing the dependencies among operational missions, tasks, and the hosting devices in a large-scale CPS is also challenging. In this work, we offer a graphical modeling technique to integrate the mission-centric impact assessment of cyberattacks by relating the effect to the operational resiliency by utilizing a combination of the logical attack graph and mission impact propagation graph. We propose formal techniques to compute cyberattacks’ impact on the operational mission and offer an optimization process to minimize the same, having budgetary restrictions. We also relate the effect to the system functional operability. We illustrate our modeling techniques using a SCADA (supervisory control and data acquisition) case study for the cyber-physical power systems. We believe our proposed method would help evaluate and minimize the impact of cyber attacks on CPS’s operational missions and, thus, enhance cyber resiliency.