Biblio

Graphics Processing Units (GPUs) are getting popularly utilized for multi-purpose applications in order to enhance highly performed parallelism of computation. As memory virtualization methods in GPU nodes are not efficiently provided to deal with diverse memory usage patterns for these applications, the success of their execution depends on exclusive and limited use of physical memory in GPU environments. Therefore, it is important to predict a pattern change of GPU memory usage during runtime execution of an application. Data provenance extracted from application characteristics, GPU runtime environments, input, and execution patterns from runtime monitoring, is defined for supporting application management to set runtime configuration and predict an experimental result, and utilize resource with co-located applications. In this paper, we define data provenance of an application on GPUs and manage data by profiling the execution of CUDA scientific applications. Data provenance management helps to predict execution patterns of other similar experiments and plan efficient resource configuration.

This paper considers one of the methods of efficient allocation of limited resources in special-purpose devices (sensors) to monitor complex network unit cybersecurity.

Workflow engines used to script scientific experiments involving numerical simulation, data analysis, instruments, edge sensors, and artificial intelligence have to deal with the complexities of hardware, software, resource availability, and the collaborative nature of science. In this paper, we survey workflow engines used in data-intensive and compute-intensive discovery pipelines from scientific disciplines such as astronomy, high energy physics, earth system science, bio-medicine, and material science and present a qualitative analysis of their respective capabilities. We compare 5 popular workflow engines and their differentiated approach to job orchestration, job launching, data management and provenance, security authentication, ease-ofuse, workflow description, and scripting semantics. The comparisons presented in this paper allow practitioners to choose the appropriate engine for their scientific experiment and lead to recommendations for future work.

In Infrastructure-as-a-Service clouds, there exist many virtual machines (VMs) that are not used for a long time. For such VMs, many vulnerabilities are often found in installed software while VMs are suspended. If security updates are applied to such VMs after the VMs are resumed, the VMs easily suffer from attacks via the Internet. To solve this problem, offline update of VMs has been proposed, but some approaches have to permit cloud administrators to resume users' VMs. The others are applicable only to completely stopped VMs and often corrupt virtual disks if they are applied to suspended VMs. In addition, it is sometimes difficult to accurately emulate security updates offline. In this paper, we propose OUassister, which enables consistent offline update of suspended VMs. OUassister emulates security updates of VMs offline in a non-intrusive manner and applies the emulation results to the VMs online. This separation prevents virtual disks of even suspended VMs from being corrupted. For more accurate emulation of security updates, OUassister provides an emulation environment using a technique called VM introspection. Using this environment, it automatically extracts updated files and executed scripts. We have implemented OUassister in Xen and confirmed that the time for critical online update was largely reduced.

Cross-Site Request Forgery (CSRF) is one of the oldest and simplest attacks on the Web, yet it is still effective on many websites and it can lead to severe consequences, such as economic losses and account takeovers. Unfortunately, tools and techniques proposed so far to identify CSRF vulnerabilities either need manual reviewing by human experts or assume the availability of the source code of the web application. In this paper we present Mitch, the first machine learning solution for the black-box detection of CSRF vulnerabilities. At the core of Mitch there is an automated detector of sensitive HTTP requests, i.e., requests which require protection against CSRF for security reasons. We trained the detector using supervised learning techniques on a dataset of 5,828 HTTP requests collected on popular websites, which we make available to other security researchers. Our solution outperforms existing detection heuristics proposed in the literature, allowing us to identify 35 new CSRF vulnerabilities on 20 major websites and 3 previously undetected CSRF vulnerabilities on production software already analyzed using a state-of-the-art tool.

Multi-Agent Task Allocation is a pre-requisite for many autonomous, real-world systems because of the need for intelligent task assignment amongst a team for maximum efficiency. Similarly, agent failure, task, failure, and a lack of state information are inherent challenges when operating in complex environments. Many existing solutions make simplifying assumptions regarding the modeling of these factors, e.g., Markovian state information. However, it is not clear that this is always the appropriate approach or that results from these approaches are necessarily representative of performance in the natural world. In this work, we demonstrate that there exists a class of problems for which non-Markovian state modeling is beneficial. Furthermore, we present and characterize a novel heuristic for task allocation that incorporates realistic state and uncertainty modeling in order to improve performance. Our quantitative analysis, when tested in a simulated search and rescue (SAR) mission, shows a decrease in performance of more than 57% when a representative method with Markovian assumptions is tested in a non-Markovian setting. Our novel heuristic has shown an improvement in performance of 3-15%, in the same non-Markovian setting, by modeling probabilistic failure and making fewer assumptions.

Vehicular networks are susceptible to variety of attacks such as denial of service (DoS) attack, sybil attack and false alert generation attack. Different cryptographic methods have been proposed to protect vehicular networks from these kind of attacks. However, cryptographic methods have been found to be less effective to protect from insider attacks which are generated within the vehicular network system. Misbehavior detection system is found to be more effective to detect and prevent insider attacks. In this paper, we propose a machine learning based misbehavior detection system which is trained using datasets generated through extensive simulation based on realistic vehicular network environment. The simulation results demonstrate that our proposed scheme outperforms previous methods in terms of accurately identifying various misbehavior.

Future networks require fast information response time, scalable content distribution, security and mobility. In order to enable future Internet many key enabling technologies have been proposed such as Edge computing (EC) and Named Data Networking (NDN). In EC substantial compute and storage resources are placed at the edge of the network, in close proximity to end users. Similarly, NDN provides an alternative to traditional host centric IP architecture which seems a perfect candidate for distributed computation. Although NDN with EC seems a promising approach for enabling future Internet, it can cause various challenges such as expiry time of the Pending Interest Table (PIT) and non-trivial computation of the edge node. In this paper we discuss the expiry time and non-trivial computation in NDN based EC. We argue that if NDN is integrated in EC, then the PIT expiry time will be affected in relation with the processing time on the edge node. Our analysis shows that integrating NDN in EC without considering PIT expiry time may result in the degradation of network performance in terms of Interest Satisfaction Rate.

Big data platforms have grown popular for real-time stream processing on distributed clusters and clouds. However, execution of sensitive streaming applications on shared computing resources increases their vulnerabilities, and may lead to data leaks and injection of spurious logic that can compromise these applications. Here, we adopt Moving Target Defense (MTD) techniques into Fast Data platforms, and propose MTD strategies by which we can mitigate these attacks. Our strategies target the platform, application and data layers, which make these reusable, rather than the OS, virtual machine, or hardware layers, which are environment specific. We use Apache Storm as the canonical distributed stream processing platform for designing our MTD strategies, and offer a preliminary evaluation that indicates the feasibility and evaluates the performance overheads.

A systematic study of technologies and concepts used for the design and construction of distributed fail-safe web systems has been conducted. The general principles of the design of distributed web-systems and information technologies that are used in the design of web-systems are considered. As a result of scientific research, it became clear that data backup is a determining attribute of most web systems serving. Thus, the main role in building modern web systems is to scaling them. Scaling in distributed systems is used when performing a particular operation requires a large amount of computing resources. There are two scaling options, namely vertical and horizontal. Vertical scaling is to increase the performance of existing components in order to increase overall productivity. However, for the construction of distributed systems, use horizontal scaling. Horizontal scaling is that the system is split into small components and placed on various physical computers. This approach allows the addition of new nodes to increase the productivity of the web system as a whole.

The recent success of brain-inspired deep neural networks (DNNs) in solving complex, high-level visual tasks has led to rising expectations for their potential to match the human visual system. However, DNNs exhibit idiosyncrasies that suggest their visual representation and processing might be substantially different from human vision. One limitation of DNNs is that they are vulnerable to adversarial examples, input images on which subtle, carefully designed noises are added to fool a machine classifier. The robustness of the human visual system against adversarial examples is potentially of great importance as it could uncover a key mechanistic feature that machine vision is yet to incorporate. In this study, we compare the visual representations of white- and black-box adversarial examples in DNNs and humans by leveraging functional magnetic resonance imaging (fMRI). We find a small but significant difference in representation patterns for different (i.e. white- versus black-box) types of adversarial examples for both humans and DNNs. However, human performance on categorical judgment is not degraded by noise regardless of the type unlike DNN. These results suggest that adversarial examples may be differentially represented in the human visual system, but unable to affect the perceptual experience.

The timely exchange of information on new threats and vulnerabilities has become a cornerstone of effective cyber defence in recent years. Especially national authorities increasingly assume their role as information brokers through national cyber security centres and distribute warnings on new attack vectors and vital recommendations on how to mitigate them. Although many of these initiatives are effective to some degree, they also suffer from severe limitations. Many steps in the exchange process require extensive human involvement to manually review, vet, enrich, analyse and distribute security information. Some countries have therefore started to adopt distributed cyber security sensor networks to enable the automatic collection, analysis and preparation of security data and thus effectively overcome limiting scalability factors. The basic idea of IoC-centric cyber security sensor networks is that the national authorities distribute Indicators of Compromise (IoCs) to organizations and receive sightings in return. This effectively helps them to estimate the spreading of malware, anticipate further trends of spreading and derive vital findings for decision makers. While this application case seems quite simple, there are some tough questions to be answered in advance, which steer the further design decisions: How much can the monitored organization be trusted to be a partner in the search for malware? How much control of the scanning process should be delegated to the organization? What is the right level of search depth? How to deal with confidential indicators? What can be derived from encrypted traffic? How are new indicators distributed, prioritized, and scan targets selected in a scalable manner? What is a good strategy to re-schedule scans to derive meaningful data on trends, such as rate of spreading? This paper suggests a blueprint for a sensor network and raises related questions, outlines design principles, and discusses lessons learned from small-scale pilots.

In order to improve the information security level of intelligent substation, this paper proposes an intelligent substation information security assessment tool through the research and analysis of intelligent substation information security risk and information security assessment method, and proves that the tool can effectively detect it. It is of great significance to carry out research on industrial control systems, especially intelligent substation information security.

Strategic management and security risk management are part of the general government of the country, and therefore it is not possible to examine it separately and even if it was, one separate examination would not have give us a complete idea of how to implement this process. A modern understanding of the strategic security management requires not only continuous efforts to improve security policy formation and implementation but also new approaches and particular solutions to modernize the security system by making it adequate to the requirements of the dynamic security environment.

Verbal and non-verbal behaviors that we use in order to effectively communicate with other people are vital for our success in our daily lives. Despite the importance of social skills, creating standardized methods for training them and supporting their training is challenging. Information and Communications Technology (ICT) may have a good potential to support social and emotional learning (SEL) through virtual social demonstration games. This paper presents initial work involving the design of a pedagogical scenario to facilitate teaching of socially appropriate and inappropriate behaviors when entering and standing in a small group of people, a common occurrence in collaborative social situations. This is achieved through the use of virtual characters and, initially, virtual reality (VR) environments for supporting situated learning in multiple contexts. We describe work done thus far on the demonstrator scenario and anticipated potentials, pitfalls and challenges involved in the approach.

Two systems pursuing their own goals in a shared world can interact in ways that are not so explicit - such that the presence of another system alone can interfere with how one is able to achieve its own goals. Drawing inspiration from human psychology and the theory of social action, we propose the notion of employing social action in socially situated agents as a means of alleviating interference in interacting systems. Here we demonstrate that these specific issues of behavioural and evolutionary instability caused by the unintended consequences of interactions can be addressed with agents capable of a fusion of goal-rationality and traditional action, resulting in a stable society capable of achieving goals during the course of evolution.

The operating system is extremely important for both "Made in China 2025" and ubiquitous electric power Internet of Things. By investigating of five key requirements for ubiquitous electric power Internet of Things at the OS level (performance, ecosystem, information security, functional security, developer framework), this paper introduces the intelligent NARI microkernel Operating System and its innovative schemes. It is implemented with microkernel architecture based on the trusted computing. Some technologies such as process based fine-grained real-time scheduling algorithm, sigma0 efficient message channel and service process binding in multicore are applied to improve system performance. For better ecological expansion, POSIX standard API is compatible, Linux container, embedded virtualization and intelligent interconnection technology are supported. Native process sandbox and mimicry defense are considered for security mechanism design. Multi-level exception handling and multidimensional partition isolation are adopted to provide High Reliability. Theorem-assisted proof tools based on Isabelle/HOL is used to verify the design and implementation of NARI microkernel OS. Developer framework including tools, kit and specification is discussed when developing both system software and user software on this IoT OS.

User Authentication is a difficult problem yet to be addressed accurately. Little or no work is reported in literature dealing with clustering-based anomaly detection techniques for user authentication for keystroke data. Therefore, in this paper, Modified Differential Evolution (MDE) based subspace anomaly detection technique is proposed for user authentication in the context of behavioral biometrics using keystroke dynamics features. Thus, user authentication is posed as an anomaly detection problem. Anomalies in CMU's keystroke dynamics dataset are identified using subspace-based and distance-based techniques. It is observed that, among the proposed techniques, MDE based subspace anomaly detection technique yielded the highest Area Under ROC Curve (AUC) for user authentication problem. We also performed a Wilcoxon Signed Rank statistical test to corroborate our results statistically.

Clustering analysis is an important computational task that has applications in many domains. One of the most popular algorithms to solve the clustering problem is fuzzy c-means, which exploits notions from fuzzy logic to provide a smooth partitioning of the data into classes, allowing the possibility of multiple membership for each data sample. The fuzzy c-means algorithm is based on the optimization of a partitioning function, which minimizes inter-cluster similarity. This optimization problem is known to be NP-hard and it is generally tackled using a hill climbing method, a local optimizer that provides acceptable but sub-optimal solutions, since it is sensitive to initialization and tends to get stuck in local optima. In this work we propose an alternative approach based on the swarm intelligence global optimization method Fuzzy Self-Tuning Particle Swarm Optimization (FST-PSO). We solve the fuzzy clustering task by optimizing fuzzy c-means' partitioning function using FST-PSO. We show that this population-based metaheuristics is more effective than hill climbing, providing high quality solutions with the cost of an additional computational complexity. It is noteworthy that, since this particle swarm optimization algorithm is self-tuning, the user does not have to specify additional hyperparameters for the optimization process.

Most of the swarm optimization techniques are inspired by the characteristics as well as behaviour of flock of birds whereas Artificial Bee Colony is based on the foraging characteristics of the bees. However, certain problems which are solved by ABC do not yield desired results in-terms of performance. ABC is a new devised swarm intelligence algorithm and predominately employed for optimization of numerical problems. The main reason for the success of ABC algorithm is that it consists of feature such as fathomable and flexibility when compared to other swarm optimization algorithms and there are many possible applications of ABC. Cloud computing has their limitation in their application and functionality. The cloud computing environment experiences several security issues such as Dos attack, replay attack, flooding attack. In this paper, an effective classifier is proposed based on Artificial Bee Colony for cloud computing. It is evident in the evaluation results that the proposed classifier achieved a higher accuracy rate.

The task of the insider threat detection is one of the most sophisticated problems of the information security. The analysis of the logs of the access control system may reveal on how employees move and interact providing thus better understanding on how personnel observe security policies and established business processes. The paper presents an approach to the detection of the location-centric employees' interaction patterns. The authors propose the formal definition of the interaction patterns and present the visualization-driven technique to the extraction of the patterns from the data when any prior information about existing interaction routine and procedures is not available. The proposed approach is demonstrated on the data set provided within VAST MiniChallenge-2 2016 contest.

Research on keystroke dynamics has the good potential to offer continuous authentication that complements conventional authentication methods in combating insider threats and identity theft before more harm can be done to the genuine users. Unfortunately, the large amount of data required by free-text keystroke authentication often contain personally identifiable information, or PII, and personally sensitive information, such as a user's first name and last name, username and password for an account, bank card numbers, and social security numbers. As a result, there are privacy risks associated with keystroke data that must be mitigated before they are shared with other researchers. We conduct a systematic study to remove PII's from a recent large keystroke dataset. We find substantial amounts of PII's from the dataset, including names, usernames and passwords, social security numbers, and bank card numbers, which, if leaked, may lead to various harms to the user, including personal embarrassment, blackmails, financial loss, and identity theft. We thoroughly evaluate the effectiveness of our detection program for each kind of PII. We demonstrate that our PII detection program can achieve near perfect recall at the expense of losing some useful information (lower precision). Finally, we demonstrate that the removal of PII's from the original dataset has only negligible impact on the detection error tradeoff of the free-text authentication algorithm by Gunetti and Picardi. We hope that this experience report will be useful in informing the design of privacy removal in future keystroke dynamics based user authentication systems.

Methods for implementing integer arithmetic operations of addition, subtraction, and multiplication in the system of residual classes are considered. It is shown that their practical use in computer systems can significantly improve the performance of the implementation of arithmetic operations. A new method has been developed for raising numbers represented in the system of residual classes to an arbitrary power of a natural number, both in positive and in negative number ranges. An example of the implementation of the proposed method for the construction of numbers represented in the system of residual classes for the value of degree k = 2 is given.

In times of Industry 4.0 and cyber-physical systems (CPS) providing security is one of the biggest challenges. A cyber attack launched at a CPS poses a huge threat, since a security incident may affect both the cyber and the physical world. Since CPS are very flexible systems, which are capable of adapting to environmental changes, it is important to keep an overview of the resulting costs of providing security. However, research regarding CPS currently focuses more on engineering secure systems and does not satisfactorily provide approaches for evaluating the resulting costs. This paper presents an interaction-based model for evaluating security costs in a CPS. Furthermore, the paper demonstrates in a use case driven study, how this approach could be used to model the resulting costs for guaranteeing security.

Fog-Cloud framework is being regarded as a more promising technology to provide performance guarantee for IoT applications, which not only have higher requirements on computation resources, but also are delay and/or security sensitive. In this framework, a delay and security-sensitive computation task is usually divided into several sub-tasks, which could be offloaded to either fog or cloud computing servers, referred to as offloading destinations. Sub-tasks may exchange information during their processing and then have requirement on transmission bandwidth. Different destinations produce different completion delays of a sub-task, affecting the corresponding task delay. The existing offloading approaches either considered only a single type of offloading destinations or ignored delay and/or security constraint. This paper studies a computation offloading problem in the fog-cloud scenario where not only computation and security capabilities of offloading destinations may be different, but also bandwidth and delay of links may be different. We first propose a joint offloading approach by formulating the problem as a form of Mixed Integer Programming Multi-Commodity Flow to maximize the fog-cloud provider's revenue without sacrificing performance and security requirements of users. We also propose a greedy algorithm for the problem. Extensive simulation results under various network scales show that the proposed computation offloading mechanism achieves higher revenue than the conventional single-type computation offloading under delay and security constraints.