Biblio

For the task of natural language processing (NLP), Word embedding technology has a certain impact on the accuracy of deep neural network algorithms. Considering that the current word embedding method cannot realize the coexistence of words and phrases in the same vector space. Therefore, we propose an enhanced word embedding (EWE) method. Before completing the word embedding, this method introduces a unique sentence reorganization technology to rewrite all the sentences in the original training corpus. Then, all the original corpus and the reorganized corpus are merged together as the training corpus of the distributed word embedding model, so as to realize the coexistence problem of words and phrases in the same vector space. We carried out experiment to demonstrate the effectiveness of the EWE algorithm on three classic benchmark datasets. The results show that the EWE method can significantly improve the classification performance of the CNN model.

Physical interaction of robots with their environment is a challenging problem because of the exchanged forces. Hybrid position/force control schemes often exhibit problems during the contact phase, whereas impedance control appears to be more simple and reliable, especially when impedance is shaped to be energetically passive. Even if recent technologies enable shaping the impedance of a robot, how best to plan impedance parameters for task execution remains an open question. In this paper we present an optimization-based approach to plan not only the robot motion but also its desired end-effector mechanical impedance. We show how our methodology is able to take into account the transition from free motion to a contact condition, typical of physical interaction tasks. Results are presented for planar and three-dimensional open-chain manipulator arms. The compositionality of mechanical impedance is exploited to deal with kinematic redundancy and multi-arm manipulation.

To better protect users' privacy, various authentication mechanisms have been applied on smartphones. Android pattern lock has been widely used because it is easy to memorize, however, simple ones are more vulnerable to attack such as shoulder surfing attack. In this paper, we propose a security rating evaluation scheme based on pattern lock. In particular, an entropy function of a pattern lock can be calculated, which is decided by five kinds of attributes: size, length, angle, overlap and intersection for quantitative evaluation of pattern lock. And thus, the security rating thresholds will be determined by the distribution of entropy values. Finally, we design and develop an APP based on Android Studio, which is used to verify the effectiveness of our proposed security rating evaluation scheme.

Earth science metadata keyword assignment is a challenging problem. Dataset curators select appropriate keywords from the Global Change Master Directory (GCMD) set of keywords. The keywords are integral part of search and discovery of these datasets. Hence, selection of keywords are crucial in increasing the discoverability of datasets. Utilizing machine learning techniques, we provide users with automated keyword suggestions as an improved approach to complement manual selection. We trained a machine learning model that leverages the semantic embedding ability of Word2Vec models to process abstracts and suggest relevant keywords. A user interface tool we built to assist data curators in assignment of such keywords is also described.

The increased use of cloud services and its various security and privacy challenges such as identity theft, data breach, data integrity and data confidentiality has made trust management, which is one of the most multifaceted aspect in cloud computing, inevitable. The growing reputation of cloud computing technology makes it immensely important to be acquainted with the meaning of trust in the cloud, as well as identify how the customer and the cloud service providers establish that trust. The traditional trust management mechanisms represent a static trust relationship which falls deficit while meeting up the dynamic requirement of cloud services. In this paper, a conceptual zero trust strategy for the cloud environment has been proposed. The model offers a conceptual typology of perceptions and philosophies for establishing trust in cloud services. Further, importance of trust establishment and challenges of trust in cloud computing have also been explored and discussed.

Augmented reality (AR) has been identified as a key technology to enhance worker utility in the context of increasing automation of repeatable procedures. AR can achieve this by assisting the user in performing complex and frequently changing procedures. Crucial to the success of procedure assistance AR applications is user acceptability, which can be measured by user quality of experience (QoE). An active research topic in QoE is the identification of implicit metrics that can be used to continuously infer user QoE during a multimedia experience. A user's QoE is linked to their affective state. Affective state is reflected in facial expressions. Emotions shown in micro facial expressions resemble those expressed in normal expressions but are distinguished from them by their brief duration. The novelty of this work lies in the evaluation of micro facial expressions as a continuous QoE metric by means of correlation analysis to the more traditional and accepted post-experience self-reporting. In this work, an optimal Rubik's Cube solver AR application was used as a proof of concept for complex procedure assistance. This was compared with a paper-based procedure assistance control. QoE expressed by affect in normal and micro facial expressions was evaluated through correlation analysis with post-experience reports. The results show that the AR application yielded higher task success rates and shorter task durations. Micro facial expressions reflecting disgust correlated moderately to the questionnaire responses for instruction disinterest in the AR application.

We present a scalable architecture based on a trained filter bank for input pre-processing and a recurrent neural network (RNN) for the detection of atrial fibrillation in electrocardiogram (ECG) signals, with the focus on enabling a very efficient hardware implementation as application-specific integrated circuit (ASIC). Our already very efficient base architecture is further improved by replacing the RNN with a delta-encoded gated recurrent unit (GRU) and adding a confidence measure (CM) for terminating the computation as early as possible. With these optimizations, we demonstrate a reduction of the processing load of 58 % on an internal dataset while still achieving near state-of-the-art classification results on the Physionet ECG dataset with only 1202 parameters.

This paper investigates the event-triggered control (ETC) problem for stochastic networked control systems (NCSs) with exogenous disturbances and Denial-of-Service (DoS) attacks. The ETC strategy is proposed to reduce the utilization of network resource while defending the DoS attacks. Based on the introduced ETC strategy, sufficient conditions, which rely on the frequency and duration properties of DoS attacks, are obtained to achieve the stochastic input-to-state stability and Zeno-freeness of the ETC stochastic NCSs. An example of air vehicle system is given to explain the effectiveness of proposed ETC strategy.

Privacy preservation is one of the greatest concerns when data is shared between different organizations. On the one hand, releasing data for research purposes is inevitable. On the other hand, sharing this data can jeopardize users' privacy. An effective solution, for the sharing organizations, is to use anonymization techniques to hide the users' sensitive information. One of the most popular anonymization techniques is k-Anonymization in which any data record is indistinguishable from at least k-1 other records. However, one of the fundamental challenges in choosing the value of k is the trade-off between achieving a higher privacy and the information loss associated with the anonymization. In this paper, the problem of choosing the optimal anonymization level for k-anonymization, under possible attacks, is studied when multiple organizations share their data to a common platform. In particular, two common types of attacks are considered that can target the k-anonymization technique. To this end, a novel game-theoretic framework is proposed to model the interactions between the sharing organizations and the attacker. The problem is formulated as a static game and its different Nash equilibria solutions are analytically derived. Simulation results show that the proposed framework can significantly improve the utility of the sharing organizations through optimizing the choice of k value.

Context: Security is vital to software developed for commercial or personal use. Although more organizations are realizing the importance of applying secure coding practices, in many of them, security concerns are not known or addressed until a security failure occurs. The root cause of security failures is vulnerable code. While metrics have been used to predict software vulnerabilities, we explore the relationship between code and architectural smells with security weaknesses. As smells are surface indicators of a deeper problem in software, determining the relationship between smells and software vulnerabilities can play a significant role in vulnerability prediction models. Objective: This study explores the relationship between smells and software vulnerabilities to identify the smells. Method: We extracted the class, method, file, and package level smells for three systems: Apache Tomcat, Apache CXF, and Android. We then compared their occurrences in the vulnerable classes which were reported to contain vulnerable code and in the neutral classes (non-vulnerable classes where no vulnerability had yet been reported). Results: We found that a vulnerable class is more likely to have certain smells compared to a non-vulnerable class. God Class, Complex Class, Large Class, Data Class, Feature Envy, Brain Class have a statistically significant relationship with software vulnerabilities. We found no significant relationship between architectural smells and software vulnerabilities. Conclusion: We can conclude that for all the systems examined, there is a statistically significant correlation between software vulnerabilities and some smells.

In the existing scheduling algorithms of mimicry structure, the random algorithm cannot solve the problem of large vulnerability window in the process of random scheduling. Based on known vulnerabilities, the algorithm with diversity and complexity as scheduling indicators can not only fail to meet the characteristic requirements of mimic's endogenous security for defense, but also cannot analyze the unknown vulnerabilities and measure the continuous differences in time of mimic Executive Entity. In this paper, from the Angle of attack surface is put forward based on mimicry attack the mimic Executive Entity scheduling algorithm, its resources to measure analysis method and mimic security has intrinsic consistency, avoids the random algorithm to vulnerability and modeling using known vulnerabilities targeted, on time at the same time can ensure the diversity of the Executive body, to mimic the attack surface web server scheduling system in continuous time is less, and able to form a continuous differences. Experiments show that the minimum symbiotic resource scheduling algorithm based on time continuity is more secure than the random scheduling algorithm.

Quantum cryptography doesn't depend on computational capabilities of intruders; it uses inviolability of quantum physics postulates (postulate of measurement, no-cloning theorem, uncertainty principle). Some quantum key distribution protocols have absolute (theoretical and informational) stability, but quantum secure direct communication (deterministic) protocols have only asymptotic stability. For a whole class of methods to ensure Q-trit deterministic quantum cryptography protocols stability, reliable trit generation method is required. In this paper, authors have developed a high-speed and secure pseudorandom number (PRN) generation method. This method includes the following steps: initialization of the internal state vector and direct PRN generation. Based on this method TriGen v.2.0 pseudo-random number generator (PRNG) was developed and studied in practice. Therefore, analysing the results of study it can be concluded following: 1) Proposed Q-trit PRNG is better then standard C ++ PRNG and can be used on practice for critical applications; 2) NIST STS technique cannot be used to evaluate the quality (statistical stability) of the Q-trit PRNG and formed trit sequences; 3) TritSTS 2020 technique is suitable for evaluating Q-trit PRNG and trit sequences quality. A future research study can be related to developing a fully-functional version of TritSTS technique and software tool.

OLAP is an authoritative analytical tool in the emerging big data analytics context, with particular regards to the target distributed environments (e.g., Clouds). Here, privacy-preserving OLAP-based big data analytics is a critical topic, with several amenities in the context of innovative big data application scenarios like smart cities, social networks, bio-informatics, and so forth. The goal is that of providing privacy preservation during OLAP analysis tasks, with particular emphasis on the privacy of OLAP aggregates. Following this line of research, in this paper we provide a deep contribution on experimenting and assessing a state-of-the-art distributed privacy-preserving OLAP framework, named as SPPOLAP, whose main benefit is that of introducing a completely-novel privacy notion for OLAP data cubes.

Equivalence checking is one of the most scalable and useful verification techniques in industry. NULL Convention Logic (NCL) circuits utilize dual-rail signals (i.e., two wires to represent one bit of DATA), where the wires are inverses of each other during a DATA wavefront. In this paper, a technique that exploits this invariant at NCL register boundaries is proposed to improve the efficiency of equivalence verification of NCL circuits.

Ransomware attacks cost businesses more than \$75 billion/year, and it is predicted to cost \$6 trillion/year by 2021. These numbers demonstrate the havoc produced by ransomware on a large number of sectors and urge security researches to tackle it. Several ransomware detection approaches have been proposed in the literature that interchange between static and dynamic analysis. Recently, ransomware attacks were shown to fingerprint the execution environment before they attack the system to counter dynamic analysis. In this paper, we exploit the behavior of contemporary ransomware to prevent its attack on real systems and thus avoid the loss of any data. We explore a set of ransomware-generated artifacts that are launched to sniff the surrounding. Furthermore, we design, develop, and evaluate an approach that monitors the behavior of a program by intercepting the called Windows APIs. Consequently, we determine in real-time if the program is trying to inspect its surrounding before the attack, and abort it immediately prior to the initiation of any malicious encryption or locking. Through empirical evaluations using real and recent ransomware samples, we study how ransomware and benign programs inspect the environment. Additionally, we demonstrate how to prevent ransomware with a low false positive rate. We make the developed approach available to the research community at large through GitHub to strongly promote cyber security defense operations and for wide-scale evaluations and enhancements.

Supervisor synthesis enables the design of supervisory controllers for large cyber-physical systems, with high guarantees for functionality and safety. The complexity of the synthesis problem, however, increases exponentially with the number of system components in the cyber-physical system and the number of models of this system, often resulting in lengthy or even unsolvable synthesis procedures. In this paper, a new method is proposed for reducing the model of the system before synthesis to decrease the required computational time and effort. The method consists of three steps for model reduction, that are mainly based on symmetry in dependency graphs of the system. Dependency graphs visualize the components in the system and the relations between these components. The proposed method is applied in a case study on the design of a supervisory controller for a road tunnel. In this case study, the model reduction steps are described, and results are shown on the effectiveness of model reduction in terms of model size and synthesis time.

Consensus protocols are currently the bottlenecks that prevent blockchain systems from scaling. However, we argue that transaction execution is also important to the performance and security of blockchains. In other words, there are ample opportunities to speed up and further secure blockchains by reducing the cost of transaction execution. Our goal is to understand how much we can speed up blockchains by exploiting transaction concurrency available in blockchain workloads. To this end, we first analyze historical data of seven major public blockchains, namely Bitcoin, Bitcoin Cash, Litecoin, Dogecoin, Ethereum, Ethereum Classic, and Zilliqa. We consider two metrics for concurrency, namely the single-transaction conflict rate per block, and the group conflict rate per block. We find that there is more concurrency in UTXO-based blockchains than in account-based ones, although the amount of concurrency in the former is lower than expected. Another interesting finding is that some blockchains with larger blocks have more concurrency than blockchains with smaller blocks. Next, we propose an analytical model for estimating the transaction execution speed-up given an amount of concurrency. Using results from our empirical analysis, the model estimates that 6× speed-ups in Ethereum can be achieved if all available concurrency is exploited.

In this paper, we present a flexible Variable Precision Computation Array (VPCA) component for different accelerators, which leverages a sparsification scheme for activations and a low bits serial-parallel combination computation unit for improving the efficiency and resiliency of accelerators. The VPCA can dynamically decompose the width of activation/weights (from 32bit to 3bit in different accelerators) into 2-bits serial computation units while the 2bits computing units can be combined in parallel computing for high throughput. We propose an on-the-fly compressing and calculating strategy SLE-CLC (single lane encoding, cross lane calculation), which could further improve performance of 2-bit parallel computing. The experiments results on image classification datasets show VPCA can outperforms DaDianNao, Stripes, Loom-2bit by 4.67×, 2.42×, 1.52× without other overhead on convolution layers.

An attack graph is a method used to enumerate the possible paths that an attacker can take in the organizational network. MulVAL is a known open-source framework used to automatically generate attack graphs. MulVAL's default modeling has two main shortcomings. First, it lacks the ability to represent network protocol vulnerabilities, and thus it cannot be used to model common network attacks, such as ARP poisoning. Second, it does not support advanced types of communication, such as wireless and bus communication, and thus it cannot be used to model cyber-attacks on networks that include IoT devices or industrial components. In this paper, we present an extended network security model for MulVAL that: (1) considers the physical network topology, (2) supports short-range communication protocols, (3) models vulnerabilities in the design of network protocols, and (4) models specific industrial communication architectures. Using the proposed extensions, we were able to model multiple attack techniques including: spoofing, man-in-the-middle, and denial of service attacks, as well as attacks on advanced types of communication. We demonstrate the proposed model in a testbed which implements a simplified network architecture comprised of both IT and industrial components

Radio frequency identification (RFID) is widespread and still necessary in many important applications. However, and in various significant cases, the use of this technology faces multiple security issues that must be addressed. This is mainly related to the use of RFID tags (transponders) which are electronic components communicating wirelessly, and hence they are vulnerable to multiple attacks through several means. In this work, an extensive fault analysis is performed on a tag architecture in order to evaluate its hardness. Tens of millions of single-bit upset (SBU) and multiple-bit upset (MBU) faults are emulated randomly on this tag architecture using an FPGA-based emulation platform. The emulated faults are classified under five groups according to faults effect on the tag behaviour. The obtained results show the faults effect variation in function of the number of MBU affected bits. The interpretation of this variation allows evaluating the tag robustness. The proposed approach represents an efficient mean that permits to study tag architectures at the design level and evaluating their robustness and vulnerability to fault attacks.

LoRaWAN (Low-power Wide-Area Networks) is the main specification for application-level IoT (Internet of Things). The current version, published in October 2017, is LoRaWAN 1.1, with its 1.0 precursor still being the main specification supported by commercial devices such as PyCom LoRa transceivers. Prior (semi)-formal investigations into the security of the LoRaWAN protocols are scarce, especially for Lo-RaWAN 1.1. Moreover, amongst these few, the current encodings [4], [9] of LoRaWAN into verification tools unfortunately rely on much-simplified versions of the LoRaWAN protocols, undermining the relevance of the results in practice. In this paper, we fill in some of these gaps. Whilst we briefly discuss the most recent cryptographic-orientated works [5] that looked at LoRaWAN 1.1, our true focus is on producing formal analyses of the security and correctness of LoRaWAN, mechanised inside automated tools. To this end, we use the state-of-the-art prover, Tamarin. Importantly, our Tamarin models are a faithful and precise rendering of the LoRaWAN specifications. For example, we model the bespoke nonce-generation mechanisms newly introduced in LoRaWAN 1.1, as well as the “classical” but shortdomain nonces in LoRaWAN 1.0 and make recommendations regarding these. Whilst we include small parts on device-commissioning and application-level traffic, we primarily scrutinise the Join Procedure of LoRaWAN, and focus on version 1.1 of the specification, but also include an analysis of Lo-RaWAN 1.0. To this end, we consider three increasingly strong threat models, resting on a Dolev-Yao attacker acting modulo different requirements made on various channels (e.g., secure/insecure) and the level of trust placed on entities (e.g., honest/corruptible network servers). Importantly, one of these threat models is exactly in line with the LoRaWAN specification, yet it unfortunately still leads to attacks. In response to the exhibited attacks, we propose a minimal patch of the LoRaWAN 1.1 Join Procedure, which is as backwards-compatible as possible with the current version. We analyse and prove this patch secure in the strongest threat model mentioned above. This work has been responsibly disclosed to the LoRa Alliance, and we are liaising with the Security Working Group of the LoRa Alliance, in order to improve the clarity of the LoRaWAN 1.1 specifications in light of our findings, but also by using formal analysis as part of a feedback-loop of future and current specification writing.

Deepfake imagery that contains altered faces has become a threat to online content. Current anti-deepfake approaches usually do so by detecting image anomalies, such as visible artifacts or inconsistencies. However, with deepfake advances, these visual artifacts are becoming harder to detect. In this paper, we show that one can use biometric eyebrow matching as a tool to detect manipulated faces. Our method could provide an 0.88 AUC and 20.7% EER for deepfake detection when applied to the highest quality deepfake dataset, Celeb-DF.

New research fields and applications on human computer interaction will emerge based on the recognition of emotions on faces. With such aim, our study evaluates the features extracted from faces to recognize emotions. To increase the success rate of these features, we have run several tests to demonstrate how age and gender affect the results. The artificial neural networks were trained by the apparent regions on the face such as eyes, eyebrows, nose, mouth, and jawline and then the networks are tested with different age and gender groups. According to the results, faces of older people have a lower performance rate of emotion recognition. Then, age and gender based groups are created manually, and we show that performance rates of facial emotion recognition have increased for the networks that are trained using these particular groups.

Vehicular ad hoc networks (VANETs) ensure improvement in road safety and traffic management by allowing the vehicles and infrastructure that are connected to them to exchange safety messages. Due to the open wireless communication channels, security and privacy issues are a major concern in VANETs. A typical attack consists of a malicious third party intercepting, modifying and retransmitting messages. Heterogeneous vehicular communication in VANETs occurs when vehicles (only) or vehicles and other infrastructure communicate using different cryptographic techniques. To address the security and privacy issues in heterogeneous vehicular communication, some heterogeneous signcryption schemes have been proposed. These schemes simultaneously satisfy the confidentiality, authentication, integrity and non-repudiation security requirements. They however fail to properly address the efficiency with respect to the computational cost involved in unsigncrypting ciphertexts, which is often affected by the speeds at which vehicles travel in VANETs. In this paper, we propose an efficient conditional privacy-preserving hybrid signcryption (CPP-HSC) scheme that uses bilinear pairing to satisfy the security requirements of heterogeneous vehicular communication in a single logical step. Our scheme ensures the transmission of a message from a vehicle with a background of an identity-based cryptosystem (IBC) to a receiver with a background of a public-key infrastructure (PKI). Furthermore, it supports a batch unsigncryption method, which allows the receiver to speed up the process by processing multiple messages simultaneously. The security of our CPP-HSC scheme ensures the indistinguishability against adaptive chosen ciphertext attack (IND-CCA2) under the intractability assumption of q-bilinear Diffie-Hellman inversion (q-BDHI) problem and the existential unforgeability against adaptive chosen message attack (EUF-CMA) under the intractability assumption of q-strong Diffie-Hellman (q-SDH) problem in the random oracle model (ROM). The performance analysis indicates that our scheme has an improvement over the existing related schemes with respect to the computational cost without an increase in the communication cost.