Biblio

Recent insights on language and vision with neural networks have been successfully applied to simple single-image visual question answering. However, to tackle real-life question answering problems on multimedia collections such as personal photos, we have to look at whole collections with sequences of photos or videos. When answering questions from a large collection, a natural problem is to identify snippets to support the answer. In this paper, we describe a novel neural network called Focal Visual-Text Attention network (FVTA) for collective reasoning in visual question answering, where both visual and text sequence information such as images and text metadata are presented. FVTA introduces an end-to-end approach that makes use of a hierarchical process to dynamically determine what media and what time to focus on in the sequential data to answer the question. FVTA can not only answer the questions well but also provides the justifications which the system results are based upon to get the answers. FVTA achieves state-of-the-art performance on the MemexQA dataset and competitive results on the MovieQA dataset.

The term "Cyber Physical System" (CPS) has been used in the recent years to describe a system type, which makes use of powerful communication networks to functionally combine systems that were previously thought of as independent. The common theme of CPSs is that through communication, CPSs can make decisions together and achieve common goals. Yet, in contrast to traditional system types such as embedded systems, the functional dependence between CPSs can change dynamically at runtime. Hence, their functional dependence may cause unforeseen runtime behavior, e.g., when a CPS becomes unavailable, but others depend on its correct operation. During development of any individual CPS, this runtime behavior must hence be predicted, and the system must be developed with the appropriate level of robustness. Since at present, research is mainly concerned with the impact of functional dependence in CPS on development, the impact on runtime behavior is mere conjecture. In this paper, we present AirborneCPS, a simulation tool for functionally dependent CPSs which simulates runtime behavior and aids in the identification of undesired functional interaction.

This paper explores the possibility of detecting the hidden presence of wireless eavesdroppers. Such eavesdroppers employ passive receivers that only listen and never transmit any signals making them very hard to detect. In this paper, we show that even passive receivers leak RF signals on the wireless medium. This RF leakage, however, is extremely weak and buried under noise and other transmitted signals that can be 3-5 orders of magnitude larger. Hence, it is missed by today's radios. We design and build Ghostbuster, the first device that can reliably extract this leakage, even when it is buried under ongoing transmissions, in order to detect the hidden presence of eavesdroppers. Ghostbuster does not require any modifications to current transmitters and receivers and can accurately detect the eavesdropper in the presence of ongoing transmissions. Empirical results show that Ghostbuster can detect eavesdroppers with more than 95% accuracy up to 5 meters away.

Blockchain normalizes applications that run on the internet through the standardization of decentralized data structure, computational requirements and trust in transactions. This new standard has now spawned hundreds of legitimate internet applications in addition to the cryptocurrency revolution. This next frontier that standardizes internet applications will dramatically increase productivity to levels never seen before, especially when applied to Internet of Things (IoT) applications. The blockchain framework relies on cryptographic private keys to sign digital data as its foundational principle. Without the security of private keys to sign data blocks, there can be no trust in blockchain. Central storage of these keys for managing IoT machines and users, while convenient to implement, will be highly detrimental to the assumed safety and security of this next frontier. In this paper, we will introduce decentralized and device agnostic cryptographic signing solutions suitable for securing users and machines in blockchain and IoT applications.

The Tagged Visual Cryptography Scheme (TVCS)1 adds tag images to the noise-like shares generated by the traditional VCS to improve the shares management of the traditional VCS. However, the existing TVCSs suffers visual quality of the recovered secret image may be degraded and there may be pixel expansion. This study proposes a Threshold Adaptive Tagged Visual Cryptography Scheme ((k, n)-ATVCS) to solve the above-mentioned problems. The ATVCS encryption problem is formulated in a mathematical optimization model, and an evolutionary algorithm is developed to find the optimal solution to the problem. The proposed (k, n)-ATVCS enables the encryptor to adjust the visual quality between the tag image and the secret image by tuning parameters. Experimental results show the correctness and effectiveness of this study.

Contemporary enterprise systems focus primarily on performance and development/maintenance costs. Dealing with cyber-threats and system compromise is relegated to good coding (i.e., defensive programming) and secure environment (e.g., patched OS, firewalls, etc.). This approach, while a necessary start, is not sufficient. Such security relies on no missteps, and compromise only need a single flaw; consequently, we must design for compromise and mitigate its impact. One approach is to utilize fine-grained modularization and isolation. In such a system, decomposition ensures that compromise of a single module presents limited and known risk to data/resource theft and denial. We propose mechanisms for automating such modular composition and consider its system performance impact.

Complex software is built by composing components implementing largely independent blocks of functionality. However, once the sources are compiled into an executable, that modularity is lost. This is unfortunate for code recipients, for whom knowing the components has many potential benefits, such as improved program understanding for reverse-engineering, identifying shared code across different programs, binary code reuse, and authorship attribution. A novel approach for decomposing such source-free program executables into components is here proposed. Given an executable, the approach first statically builds a decomposition graph, where nodes are functions and edges capture three types of relationships: code locality, data references, and function calls. It then applies a graph-theoretic approach to partition the functions into disjoint components. A prototype implementation, BCD, demonstrates the approach's efficacy: Evaluation of BCD with 25 C++ binary programs to recover the methods belonging to each class achieves high precision and recall scores for these tested programs.

There is an inevitable trade-off between spatial and spectral resolutions in optical remote sensing images. A number of data fusion techniques of multimodal images with different spatial and spectral characteristics have been developed to generate optical images with both spatial and spectral high resolution. Although some of the techniques take the spectral and spatial blurring process into account, there is no method that attempts to retrieve an optical image with both spatial and spectral high resolution, a spectral blurring filter and a spectral response simultaneously. In this paper, we propose a new framework of spatial resolution enhancement by a fusion of multiple optical images with different characteristics based on tensor decomposition. An optical image with both spatial and spectral high resolution, together with a spatial blurring filter and a spectral response, is generated via canonical polyadic (CP) decomposition of a set of tensors. Experimental results featured that relatively reasonable results were obtained by regularization based on nonnegativity and coupling.

The development of Human Action Recognition (HAR) system is getting popular. This project developed a HAR system for the application in the surveillance system to minimize the man-power for providing security to the citizens such as public safety and crime prevention. In this research, deep learning network using Recurrent Neural Network (RNN) with Long Short-Term Memory (LSTM) are used to analyze dynamic video motion of sport actions and classify different types of actions and their performance. It could classify different types of human motion with a small number of video frame for efficiency and memory saving. The current accuracy achieved is up to 92.9% but with high potential of further improvement.

Automatic algorithms for tracking and associating passengers and their divested objects at an airport security screening checkpoint would have great potential for improving checkpoint efficiency, including flow analysis, theft detection, line-of-sight maintenance, and risk-based screening. In this paper, we present algorithms for these tracking and association problems and demonstrate their effectiveness in a full-scale physical simulation of an airport security screening checkpoint. Our algorithms leverage both hand-crafted and deep-learning-based approaches for passenger and bin tracking, and are able to accurately track and associate objects through a ceiling-mounted multicamera array. We validate our algorithm on ground-truthed datasets collected at the simulated checkpoint that reflect natural passenger behavior, achieving high rates of passenger/object/transfer event detection while maintaining low false alarm and mismatch rates.

Modern personal computers have embraced increasingly powerful Graphics Processing Units (GPUs). Recently, GPU-based graphics acceleration in web apps (i.e., applications running inside a web browser) has become popular. WebGL is the main effort to provide OpenGL-like graphics for web apps and it is currently used in 53% of the top-100 websites. Unfortunately, WebGL has posed serious security concerns as several attack vectors have been demonstrated through WebGL. Web browsers\guillemotright solutions to these attacks have been reactive: discovered vulnerabilities have been patched and new runtime security checks have been added. Unfortunately, this approach leaves the system vulnerable to zero-day vulnerability exploits, especially given the large size of the Trusted Computing Base of the graphics plane. We present Sugar, a novel operating system solution that enhances the security of GPU acceleration for web apps by design. The key idea behind Sugar is using a dedicated virtual graphics plane for a web app by leveraging modern GPU virtualization solutions. A virtual graphics plane consists of a dedicated virtual GPU (or vGPU) as well as all the software graphics stack (including the device driver). Sugar enhances the system security since a virtual graphics plane is fully isolated from the rest of the system. Despite GPU virtualization overhead, we show that Sugar achieves high performance. Moreover, unlike current systems, Sugar is able to use two underlying physical GPUs, when available, to co-render the User Interface (UI): one GPU is used to provide virtual graphics planes for web apps and the other to provide the primary graphics plane for the rest of the system. Such a design not only provides strong security guarantees, it also provides enhanced performance isolation.

As an extension of Network Function Virtualization, microservice architectures are a promising way to design future network services. At the same time, Information-Centric Networking architectures like NDN would benefit from this paradigm to offer more design choices for the network architect while facilitating the deployment and the operation of the network. We propose $μ$NDN, an orchestrated suite of microservices as an alternative way to implement NDN forwarding and support functions. We describe seven essential micro-services we developed, explain the design choices behind our solution and how it is orchestrated. We evaluate each service in isolation and the entire microservice architecture through two realistic scenarios to show its ability to react and mitigate some performance and security issues thanks to the orchestration. Our results show that $μ$NDN can replace a monolithic NDN forwarder while being more powerful and scalable.

Networked control systems improve the efficiency of cyber-physical plants both functionally, by the availability of data generated even in far-flung locations, and operationally, by the adoption of standard protocols. A side-effect, however, is that now the safety and stability of a local process and, in turn, of the entire plant are more vulnerable to malicious agents. Leveraging the communication infrastructure, the authors here present the design of networked control systems with built-in resilience. Specifically, the paper addresses attacks known as false data injections that originate within compromised sensors. In the proposed framework for closed-loop control, the feedback signal is constructed by weighted consensus of estimates of the process state gathered from other interconnected processes. Observers are introduced to generate the state estimates from the local data. Side-channel monitors are attached to each primary sensor in order to assess proper code execution. These monitors provide estimates of the trust assigned to each observer output and, more importantly, independent of it; these estimates serve as weights in the consensus algorithm. The authors tested the concept on a multi-sensor networked physical experiment with six primary sensors. The weighted consensus was demonstrated to yield a feedback signal within specified accuracy even if four of the six primary sensors were injecting false data.

Software deobfuscation is a key challenge in malware analysis to understand the internal logic of the code and establish adequate countermeasures. In order to defeat recent obfuscation techniques, state-of-the-art generic deobfuscation methodologies are based on dynamic symbolic execution (DSE). However, DSE suffers from limitations such as code coverage and scalability. In the race to counter and remove the most advanced obfuscation techniques, there is a need to reduce the amount of code to cover. To that extend, we propose a novel deobfuscation approach based on semantic equivalence, called DoSE. With DoSE, we aim to improve and complement DSE-based deobfuscation techniques by statically eliminating obfuscation transformations (built on code-reuse). This improves the code coverage. Our method's novelty comes from the transposition of existing binary diffing techniques, namely semantic equivalence checking, to the purpose of the deobfuscation of untreated techniques, such as two-way opaque constructs, that we encounter in surreptitious software. In order to challenge DoSE, we used both known malwares such as Cryptowall, WannaCry, Flame and BitCoinMiner and obfuscated code samples. Our experimental results show that DoSE is an efficient strategy of detecting obfuscation transformations based on code-reuse with low rates of false positive and/or false negative results in practice, and up to 63% of code reduction on certain types of malwares.

Due to expansion of Internet and huge dataset, many organizations started to use cloud. Cloud Computing moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. Due to this cloud faces many threats. In this work, we study the problem of ensuring the integrity of data storage in Cloud Computing. To reduce the computational cost at user side during the integrity verification of their data, the notion of public verifiability has been proposed. Our approach is to create a new entity names Cloud Service Controller (CSC) which will help us to reduce the trust on the Third Party Auditor (TPA). We have strengthened the security model by using AES Encryption with SHA-S12 & tag generation. In this paper we get a brief introduction about the file upload phase, integrity of the file & Proof of Retrievability of the file.

Named Data Networking (NDN) is the most mature proposal of the Information Centric Networking paradigm, a clean-slate approach for the Future Internet. Although NDN was designed to tackle security issues inherent to IP networks natively, newly introduced security attacks in its transitional phase threaten NDN's practical deployment. Therefore, a security monitoring plane for NDN is indispensable before any potential deployment of this novel architecture in an operating context by any provider. We propose an approach for the monitoring and anomaly detection in NDN nodes leveraging Bayesian Network techniques. A list of monitored metrics is introduced as a quantitative measure to feature the behavior of an NDN node. By leveraging the hypothesis testing theory, a micro detector is developed to detect whenever the metric significantly changes from its normal behavior. A Bayesian network structure that correlates alarms from micro detectors is designed based on the expert knowledge of the NDN specification and the NFD implementation. The relevance and performance of our security monitoring approach are demonstrated by considering the Content Poisoning Attack (CPA), one of the most critical attacks in NDN, through numerous experiment data collected from a real NDN deployment.

Cloud computing is a pervasive technology and platform in IT for several years. Cloud service providers have developed and offered different service platforms to accommodate different needs of enterprise subscribers. However, there still exists the situation of enterprise customers' hesitation and reluctance to deploy their core applications using cloud service platforms. The term data visibility has been widely used in the IT industry especially from ICT product and solution vendors. However, there is not any practice guideline, nor standard in industry to define this term. This paper defined the characteristic and dimensions of data visibility, from conceptual model to framework architecture of customer centric data visibility (CCDV) on cloud platform. It propose to apply CCDV as reference model or practice guideline on cloud computing service, with enhancement of data visibility which can earn the trust from enterprise customer in adopting public cloud service.

We demonstrate 5G network slicing as a unique deployment opportunity for information centric networking (ICN), by using a generic service orchestration framework that operates on commodity compute, storage, and bandwidth resource pools to realize ICN service slices. In this demo, we specifically propose a service slice for the IoT Edge network. ICN has often been considered pertinent for IoT use due to its benefits like simpler stacks on resource constrained devices, in-network caching, and in-built data provenance. We use a lightweight ICN stack on IoT devices connected with sensors and actuators to build a network, where clients can set realistic policies using their legacy hand-held devices. We employ name based authentication protocols between the service end-points and IoT devices to allow secure onboarding. The IoT slice co-exists with other service slices that cater to different classes of applications (e.g., bandwidth intensive applications, such as video conferencing) allowing resource management flexibility. Our design creates orchestrated service Edge functions to which the clients connect, and these can in turn utilize in-network stateless functions to perform tasks, such as decision making and analytics using the available compute resources efficiently.

As an extension of Network Function Virtualization, microservice architectures are a promising way to design future network services. At the same time, Information-Centric Networking architectures like NDN would benefit from this paradigm to offer more design choices for the network architect while facilitating the deployment and the operation of the network. We propose μNDN, an orchestrated suite of microservices as an alternative way to implement NDN forwarding and support functions. We describe seven essential micro-services we developed, explain the design choices behind our solution and how it is orchestrated. We evaluate each service in isolation and the entire microservice architecture through two realistic scenarios to show its ability to react and mitigate some performance and security issues thanks to the orchestration. Our results show that μNDN can replace a monolithic NDN forwarder while being more powerful and scalable.

Modern cyber-physical systems are complex networked computing systems that electronically control physical systems. Autonomous road vehicles are an important and increasingly ubiquitous instance. Unfortunately, their increasing complexity often leads to security vulnerabilities. Network connectivity exposes these vulnerable systems to remote software attacks that can result in real-world physical damage, including vehicle crashes and loss of control authority. We introduce an integrated architecture to provide provable security and safety assurance for cyber-physical systems by ensuring that safety-critical operations and control cannot be unintentionally affected by potentially malicious parts of the system. Fine-grained information flow control is used to design both hardware and software, determining how low-integrity information can affect high-integrity control decisions. This security assurance is used to improve end-to-end security across the entire cyber-physical system. We demonstrate this integrated approach by developing a mobile robotic testbed modeling a self-driving system and testing it with a malicious attack.

Software testing is very important for software quality assurance. However, the test activity is not a simple task and requires good planning to be successful. It is in this context that the automation of tests gains importance. This paper presents the experience of defining and implementing a test automation strategy for functional tests based on the Brazilian Test Process Improvement Model (MPT.Br) in an IT company. The results of this work include the improvement of the testing process used by the company, the increase in the test coverage and the reduction of time used to perform regression tests.

The Internet of Things (IoT) promises to tackle a range of environmental challenges and deliver large efficiency gains in industry by embedding computational intelligence, sensing and control in our physical environment. Multiple independent parties are increasingly seeking to leverage shared IoT infrastructure, using a similar model to the cloud, and thus require constrained IoT devices to become microservice-hosting platforms that can securely and concurrently execute their code and interoperate. This vision demands that heterogeneous services, peripherals and platforms are provided with an expanded set of security guarantees to prevent third-party services from hijacking the platform, resource-level access control and accounting, and strong isolation between running processes to prevent unauthorized access to third-party services and data. This paper introduces Polyglot CerberOS, a resource-secure operating system for multi-tenant IoT devices that is realised through a reconfigurable virtual machine which can simultaneously execute interoperable services, written in different languages. We evaluate Polyglot CerberOS on IETF Class-1 devices running both Java and C services. The results show that interoperability and strong security guarantees for multilingual services on multi-tenant commodity IoT devices are feasible, in terms of performance and memory overhead, and transparent for developers.

We present an intelligent system that focus on how to ensure the stability of ZigBee network automatically. First, we discussed on the character of ZigBee compared with WIFI. Pointed out advantage of ZigBee resides in security, stability, low power consumption and better expandability. Second, figuring out the shortcomings of ZigBee on application is that physical limitation of the frequency band and weak ability on diffraction, especially coming across a wall or a door in the actual environment of home. The third, to put forward a method which can be used to ensure the strength of ZigBee signal. The method is to detect the strength of ZigBee relay in advance. And then, to compare it with the threshold value which had been defined in previous. The threshold value of strength of ZigBee is the minimal and tolerable value which can ensure stable transmission of ZigBee. If the detected value is out of the range of threshold, system will prompt up warning message which can be used to hint user to add ZigBee reply between the original ZigBee node and ZigBee gateway.

Dynamic interaction appears in many real-world scenarios where players are able to observe (perhaps imperfectly) the actions of another player and react accordingly. We consider the baseline representation of dynamic games - the extensive form - and focus on computing Stackelberg equilibrium (SE), where the leader commits to a strategy to which the follower plays a best response. For one-shot games (e.g., security games), strategy-generation (SG) algorithms offer dramatic speed-up by incrementally expanding the strategy spaces. However, a direct application of SG to extensive-form games (EFGs) does not bring a similar speed-up since it typically results in a nearly-complete strategy space. Our contributions are twofold: (1) for the first time we introduce an algorithm that allows us to incrementally expand the strategy space to find a SE in EFGs; (2) we introduce a heuristic variant of the algorithm that is theoretically incomplete, but in practice allows us to find exact (or close-to optimal) Stackelberg equilibrium by constructing a significantly smaller strategy space. Our experimental evaluation confirms that we are able to compute SE by considering only a fraction of the strategy space that often leads to a significant speed-up in computation times.

Website defacement is the practice of altering the web pages of a website after its compromise. The altered pages, calleddeface pages, can negatively affect the reputation and business of the victim site. Previous research has focused primarily on detection, rather than exploring the defacement phenomenon in depth. While investigating several defacements, we observed that the artifacts left by the defacers allow an expert analyst to investigate the actors' modus operandi and social structure, and expand from the single deface page to a group of related defacements (i.e., acampaign ). However, manually performing such analysis on millions of incidents is tedious, and poses scalability challenges. From these observations, we propose an automated approach that efficiently builds intelligence information out of raw deface pages. Our approach streamlines the analysts job by automatically recognizing defacement campaigns, and assigning meaningful textual labels to them. Applied to a comprehensive dataset of 13 million defacement records, from Jan. 1998 to Sept. 2016, our approach allowed us to conduct the first large-scale measurement on web defacement campaigns. In addition, our approach is meant to be adopted operationally by analysts to identify live campaigns on the field. We go beyond confirming anecdotal evidence. We analyze the social structure of modern defacers, which includes lone individuals as well as actors that cooperate with each others, or with teams, which evolve over time and dominate the scene. We conclude by drawing a parallel between the time line of World-shaping events and defacement campaigns, representing the evolution of the interests and orientation of modern defacers.