Biblio

Learned indices can significantly shorten the query response time of k-Nearest Neighbor search of points data. However, extending the learned index for k-Nearest Neighbor search of trajectory data may return incorrect results (low recall) and require longer pruning time. Thus, we introduce an enhancement for trajectory learned index which is a pruning step for a learned index to retrieve the k-Nearest Neighbors correctly by learning the query workload. The pruning utilizes a predicted range query that covers the correct neighbors. We show that that our approach has the potential to work effectively in a large real-world trajectory dataset.

The purpose of using the Internet has changed from "connecting to computers" to "acquiring content". So, the ICN (Information Centric Network) has been proposed to fit this purpose. In this research, we focus on the architecture of NDN (named data networking). The NFD (NDN forwarding daemon) is a network forwarder that implements the NDN protocol. The ndnSIM is a simulator of NDN. From ndnSIM version 2.8, a part of content store implementation has been removed from the simulator and it becomes to use content store implementation of NFD. In this poster, we select two caching functions, probabilistic caching and expired deletion, which are removed from ndnSIM 2.8 and not included in NFD. We port these functions to NFD for a more practical implementation. Under a certain network, we were able to confirm that previous and ported functions provided equivalent functions. It was also possible to simulate in version ndnSIM 2.8 using the ported functions.

Named Data Network (NDN) is considered to be the future of Internet architecture. The nature of NDN is to disseminate data based on the naming scheme rather than the location of the node. This feature caters to the need of vehicular applications, resulting in Vehicular Named Data Networks (VNDN). Although it is still in the initial stages of research, the collaboration has assured various advantages which attract the researchers to explore the architecture further. VNDN face challenges such as intermittent connectivity, mobility of nodes, design of efficient forwarding and naming schemes, among others. In order to develop effective forwarding strategies, behavior of data and interest packets under various circumstances needs to be studied. In this paper, propagation behavior of data and interest packets is analyzed by considering metrics such as Interest Satisfaction Ratio (ISR), Hop Count Difference (HCD) and Copies of Data Packets Processed (CDPP). These metrics are evaluated under network conditions such as varying network size, node mobility and amount of interest produced by each node. Simulation results show that data packets do not follow the reverse path of interest packets.

One of the most innovative directions in the Internet is Information Centric Networks, in particular the Named Data Network. This approach should make it easier to find and retrieve the desired information on the network through name-based addressing, intranet caching and other schemes. This article presents Named Data Network modeling, results and performance evaluation of proposed caching policies for Named Data Network research, taking into account the influence of external factors on base of Zipf's law and uniform distribution.

The 5G network systems are evolving and have complex network infrastructures. There is a great deal of work in this area focused on meeting the stringent service requirements for the 5G networks. Within this context, security requirements play a critical role as 5G networks can support a range of services such as healthcare services, financial and critical infrastructures. 3GPP and ETSI have been developing security frameworks for 5G networks. Our work in 5G security has been focusing on the design of security architecture and mechanisms enabling dynamic establishment of secure and trusted end to end services as well as development of mechanisms to proactively detect and mitigate security attacks in virtualised network infrastructures. The focus of this paper is on the latter, namely the facilities and mechanisms, and the design of a security architecture providing facilities and mechanisms to detect and mitigate specific security attacks. We have developed a simplified version of the security architecture using Software Defined Networks (SDN) and Network Function Virtualisation (NFV) technologies. The specific security functions developed in this architecture can be directly integrated into the 5G core network facilities enhancing its security.

How to prevent the computer system from being interfered by external factors and maintain a strong working state is a problem that needs to be solved at present. At present, encryption and network security defense systems are important technical means of security defense. Based on this research background, the paper proposes an AES data encryption scheme in the Hadoop big data environment. The AES algorithm performs several rounds of plaintext encryption through the steps of round key addition, byte replacement, row displacement, column confusion, etc. Under the MapReduce architecture, the plaintext data is divided into multiple data fragments. The Map function is responsible for the AES algorithm encryption operation, and the Reduce function Combine encrypted data information. Finally, the paper designs a computer network security defense system that can actively discover the security threats in the network and effectively prevent them, so as to ensure the normal and safe operation of the network. At the same time, we use the encryption algorithm on the computer network security defense system. Experimental research has proved that this method can safely transmit network data packets. With the increase of computing cluster nodes, its encryption transmission efficiency continues to improve. This solution not only solves the problem of computer network data security encryption, but also realizes the parallel transmission of encrypted data in the information age.

Vehicular Ad Hoc Network (VANET) is a pervasive network, where vehicles communicate with nearby vehicles and infrastructure nodes, such as Road-side unit (RSU). Information sharing among vehicles is an essential component of an intelligent transportation system (ITS), but security and privacy concerns must be taken into consideration. Security of the network can be improved by granting access only to authenticated vehicles and restricting or revoking access for vehicles involved in misbehavior. In this paper, we present a novel blockchain based approach to authenticate vehicles and notify other vehicles about any unauthorized messages in real time. This helps protect other vehicles in the network from making critical decisions based on false or inaccurate information. In the proposed architecture, vehicles communicate with each other using pseudonyms or pseudo IDs and the Blockchain is used to securely maintain the real identity of all vehicles, which can be linked to the pseudo IDs if needed. The goal is to protect privacy or individual vehicles, while still ensuring accountability in case of misbehavior. The performance of the proposed approach is evaluated for different vehicle and attacker densities, and results demonstrate it has lower authentication delay and communication overhead compared to existing approaches.

In the current cloud service development, during the widely used of cloud service, it can self organize and respond on demand when the cloud service in phenomenon of failure or violation, but it may still cause violation. The first step in forecasting or accountability for this situation, is to generate a dynamic structure of cloud services in a timely manner. In this research, it has presented a method to generate the time-varying structure of cloud service. Firstly, dependencies between tasks and even instances within a job of cloud service are visualized to explore the time-varying characteristics contained in the cloud service structure. And then, those dependencies are discovered quantitatively using CNN (Convolutional Neural Networks). Finally, it structured into an event network of cloud service for tracing violation and other usages. A validation to this approach has been examined by an experiment based on Alibaba’s dataset. A function integrity of this approach may up to 0.80, which is higher than Bai Y and others which is no more than 0.60.

Wireless relay network is a solution for transmitting information from a source node to a sink node far away by installing a relay in between. The broadcasting nature of wireless communication allows the sink node to receive part of the data sent by the source node. In this way, the relay does not need to receive the whole piece of data from the source node and it does not need to forward everything it received. In this paper, we consider the application of batched network coding, a practical form of random linear network coding, for a better utilization of such a network. The amount of innovative information at the relay which is not yet received by the sink node, called the innovative rank, plays a crucial role in various applications including the design of the transmission scheme and the analysis of the throughput. We present a visualization of the innovative rank which allows us to understand and derive formulae related to the innovative rank with ease.

Anomaly detection is the primary method of detecting intrusion. Unsupervised models, such as auto-encoders network, auto-encoder, and GMM, are currently the most widely used anomaly detection techniques. In reality, the samples used to train the unsupervised model may not be pure enough and may include some abnormal samples. However, the classification effect is poor since these approaches do not completely understand the association between reconstruction errors, reconstruction characteristics, and irregular sample density distribution. This paper proposes a novel intrusion detection system architecture that includes data collection, processing, and feature extraction by integrating data reconstruction features, reconstruction errors, auto-encoder parameters, and GMM. Our system outperforms other unsupervised learning-based detection approaches in terms of accuracy, recall, F1-score, and other assessment metrics after training and testing on multiple intrusion detection data sets.

This paper proposes a novel network intrusion detection algorithm based on the combination of Subspace Clustering (SSC) and BP neural network. Firstly, we perform a subspace clustering algorithm on the network data set to obtain different subspaces. Secondly, BP neural network intrusion detection is carried out on the data in different subspaces, and calculate the prediction error value. By comparing with the pre-set accuracy, the threshold is constantly updated to improve the ability to identify network attacks. By comparing with K-means, DBSCAN, SSC-EA and k-KNN intrusion detection model, the SSC-BP neural network model can detect the most attacked networks with the lowest false detection rate.

Data provenance (keeping track of who did what, where, when and how) boasts of various attractive use cases for distributed systems, such as intrusion detection, forensic analysis and secure information dependability. This potential, however, can only be realized if provenance is accessible by its primary stakeholders: the end-users. Existing provenance systems are designed in a `all-or-nothing' fashion, making provenance inaccessible, difficult to extract and crucially, not controlled by its key stakeholders. To mitigate this, we propose that provenance be separated into system, data-specific and file-metadata provenance. Furthermore, we expand data-specific provenance as changes at a fine-grain level, or provenance-per-change, that is recorded alongside its source. We show that with the use of delta-encoding, provenance-per-change is viable, asserting our proposed architecture to be effectively realizable.

Cloud storage technology enables users to outsource local data to cloud service provider (CSP). In spite of its copious advantages, how to ensure the integrity of data has always been a significant issue. A variety of provable data possession (PDP) scheme have been proposed for cloud storage scenarios. However, the participation of centralized trusted third-party auditor (TPA) in most of the previous work has brought new security risks, because the TPA is prone to the single point of failure. Furthermore, the existing schemes do not consider the fair arbitration and lack an effective method to punish the malicious behavior. To address the above challenges, we propose a novel blockchain-based decentralized data integrity auditing scheme without the need for a centralized TPA. By using smart contract technique, our scheme supports automatic compensation mechanism. DO and CSP must first pay a certain amount of ether for the smart contract as deposit. The CSP gets the corresponding storage fee if the integrity auditing is passed. Otherwise, the CSP not only gets no fee but has to compensate DO whose data integrity is destroyed. Security analysis shows that the proposed scheme can resist a variety of attacks. Also, we implement our scheme on the platform of Ethereum to demonstrate the efficiency and effectiveness of our scheme.

In this paper, we propose a new provably secure cryptosystem for two party communication that provides security in the face of new technological breakthroughs. Most of the practical cryptosystems in use today can be breached in the future with new sophisticated methods. This jeopardizes the security of older but highly confidential messages. Our protocol is based on the bounded storage model first introduced in [1]. The protocol is secure as long as there is bound on the storage, however large it may be. We also suggest methods to extend the protocol to unbounded storage models where access to adversary is limited. Our protocol is a substantial improvement over previously known protocols and uses short key and optimal number of public random bits size of which is independent of message length. The smaller and constant length of key and public random string makes the scheme more practical. The protocol generates key using elements of the additive group \$\textbackslashtextbackslashmathbbZ\_\textbackslashtextbackslashmathrmn\$. Our protocol is very generalized and the protocol in [1] is a special case of our protocol. Our protocol is a step forward in making provably secure cryptosystems practical. An important open problem raised in [2] was designing an algorithm with short key and size of public random string \$O(\textbackslashtextbackslashmathcalB)\$ where \$\textbackslashtextbackslashmathcalB\$ bounds the storage of adversary. Our protocol satisfies the conditions and is easy to implement.

The performance prediction of user equipment (UE) metrics has many applications in the 5G era and beyond. For instance, throughput prediction can improve carrier selection, adaptive video streaming's quality of experience (QoE), and traffic latency. Many studies suggest distributed learning algorithms (e.g., federated learning (FL)) for this purpose. However, in a multi-tier design, features are measured in different tiers, e.g., UE tier, and gNodeB (gNB) tier. On one hand, neglecting the measurements in one tier results in inaccurate predictions. On the other hand, transmitting the data from one tier to another improves the prediction performance at the expense of increasing network overhead and privacy risks. In this paper, we propose cascaded FL to enhance UE throughput prediction with minimum network footprint and privacy ramifications (if any). The idea is to introduce feedback to conventional FL, in multi-tier architectures. Although we use cascaded FL for UE prediction tasks, the idea is rather general and can be used for many prediction problems in multi-tier architectures, such as cellular networks. We evaluate the performance of cascaded FL by detailed and 3GPP compliant simulations of London's city center. Our simulations show that the proposed cascaded FL can achieve up to 54% improvement over conventional FL in the normalized gain, at the cost of 1.8 MB (without quantization) and no cost with quantization.

Security analysts conduct continuous evaluations of cyber-defense tools to keep pace with advanced and persistent threats. Cyber agility has become a critical proactive security resource that makes it possible to measure defense adjustments and reactions to rising threats. Subsequently, machine learning has been applied to support cyber agility prediction as an essential effort to anticipate future security performance. Nevertheless, apt and treacherous actors motivated by economic incentives continue to prevail in circumventing machine learning-based protection tools. Adversarial learning, widely applied to computer security, especially intrusion detection, has emerged as a new area of concern for the recently recognized critical cyber agility prediction. The rationale is, if a sophisticated malicious actor obtains the cyber agility parameters, correct prediction cannot be guaranteed. Unless with a demonstration of white-box attack failures. The challenge lies in recognizing that unconstrained adversaries hold vast potential capabilities. In practice, they could have perfect-knowledge, i.e., a full understanding of the defense tool in use. We address this challenge by proposing an adversarial machine learning approach that achieves accurate cyber agility forecast through mapped nefarious influence on static defense tools metrics. Considering an adversary would aim at influencing perilous confidence in a defense tool, we demonstrate resilient cyber agility prediction through verified attack signatures in dynamic learning windows. After that, we compare cyber agility prediction under negative influence with and without our proposed dynamic learning windows. Our numerical results show the model's execution degrades without adversarial machine learning. Such a feigned measure of performance could lead to incorrect software security patching.

We perform the first post EU General Data Protection Regulation (GDPR) usability study of privacy policies for mobile apps. For our analysis, we collect a dataset of historical (prior to GDPR implementation in May 2018) and contemporary privacy policies in different categories. In contrast to the common belief, that after the GDPR most of the privacy policies are easier to understand, our analysis shows that this is not so.

Deep learning (DL) models have been shown to be vulnerable to adversarial attacks. DL model security against adversarial attacks is critical to using DL-trained models in forward deployed systems, e.g. facial recognition, document characterization, or object detection. We provide results and lessons learned applying a moving target defense (MTD) strategy against iterative, gradient-based adversarial attacks. Our strategy involves (1) training a diverse ensemble of DL models, (2) applying randomized affine input transformations to inputs, and (3) randomizing output decisions. We report a primary lesson that this strategy is ineffective against a white-box adversary, which could completely circumvent output randomization using a deterministic surrogate. We reveal how our ensemble models lacked the diversity necessary for effective MTD. We also evaluate our MTD strategy against a black-box adversary employing an ensemble surrogate model. We conclude that an MTD strategy against black-box adversarial attacks crucially depends on lack of transferability between models.

Space systems provide many critical functions to the military, federal agencies, and infrastructure networks. Nation-state adversaries have shown the ability to disrupt critical infrastructure through cyber-attacks targeting systems of networked, embedded computers. Moving target defenses (MTDs) have been proposed as a means for defending various networks and systems against potential cyber-attacks. MTDs differ from many cyber resilience technologies in that they do not necessarily require detection of an attack to mitigate the threat. We devised a MTD algorithm and tested its application to a real-time network. We demonstrated MTD usage with a real-time protocol given constraints not typically found in best-effort networks. Second, we quantified the cyber resilience benefit of MTD given an exfiltration attack by an adversary. For our experiment, we employed MTD which resulted in a reduction of adversarial knowledge by 97%. Even when the adversary can detect when the address changes, there is still a reduction in adversarial knowledge when compared to static addressing schemes. Furthermore, we analyzed the core performance of the algorithm and characterized its unpredictability using nine different statistical metrics. The characterization highlighted the algorithm has good unpredictability characteristics with some opportunity for improvement to produce more randomness.

In order to suppress the spread of zero-day virus in the network effectively, a zero-day virus suppression strategy was proposed. Based on the mechanism of zero-day virus transmission and the idea of platform dynamic defense, the corresponding methods of virus transmission suppression are put forward. By changing the platform switching frequency, the scale of zero-day virus transmission and its inhibition effect are simulated in a small-world network model. Theory and computer simulation results show that the idea of platform switching can effectively restrain the spread of virus.

The evolution of deep learning has promoted the popularization of smart devices. However, due to the insufficient development of computing hardware, the ability to conduct local training on smart devices is greatly restricted, and it is usually necessary to deploy ready-made models. This opacity makes smart devices vulnerable to deep learning backdoor attacks. Some existing countermeasures against backdoor attacks are based on the attacker’s ignorance of defense. Once the attacker knows the defense mechanism, he can easily overturn it. In this paper, we propose a Trojaning attack defense framework based on moving target defense(MTD) strategy. According to the analysis of attack-defense game types and confrontation process, the moving target defense model based on signaling game was constructed. The simulation results show that in most cases, our technology can greatly increase the attack cost of the attacker, thereby ensuring the availability of Deep Neural Networks(DNN) and protecting it from Trojaning attacks.

The outsourcing of portions of the integrated circuit design chain, mainly fabrication, to untrusted parties has led to an increasing concern regarding the security of fabricated ICs. To mitigate these concerns a number of approaches have been developed, including logic locking. The development of different logic locking methods has influenced research looking at different security evaluations, typically aimed at uncovering a secret key. In this paper, we make the case that corruptibility for incorrect keys is an important metric of logic locking. To measure corruptibility for circuits too large to exhaustively simulate, we describe an ATPG-based method to measure the corruptibility of incorrect keys. Results from applying the method to various circuits demonstrate that this method is effective at measuring the corruptibility for different locks.

Fuzzing is a promising method for discovering vulnerabilities. Recently, various techniques are developed to improve the efficiency of fuzzing, and impressive gains are observed in evaluation results. However, evaluation is complex, as many factors affect the results, for example, test suites, baseline and metrics. Even more, most experiment setups are lab-oriented, lacking industrial settings such as large code-base and parallel runs. The correlation between the academic evaluation results and the bug-finding ability in real industrial settings has not been sufficiently studied. In this paper, we test representative fuzzing techniques to reveal their efficiency in industrial settings. First, we apply typical fuzzers on academic widely used small projects from LAVAM suite. We also apply the same fuzzers on large practical projects from Google's fuzzer-test-suite, which is rarely used in academic settings. Both experiments are performed in both single and parallel run. By analyzing the results, we found that most optimizations working well on LAVA-M suite fail to achieve satisfying results on Google's fuzzer-test-suite (e.g. compared to AFL, QSYM detects 82x more synthesized bugs in LAVA-M, but only detects 26% real bugs in Google's fuzzer-test-suite), and the original AFL even outperforms most academic optimization variants in industry widely used parallel runs (e.g. AFL covers 13% more paths than AFLFast). Then, we summarize common pitfalls of those optimizations, analyze the corresponding root causes, and propose potential directions such as orchestrations and synchronization to overcome the problems. For example, when running in parallel on those large practical projects, the proposed horizontal orchestration could cover 36%-82% more paths, and discover 46%-150% more unique crashes or bugs, compared to fuzzers such as AFL, FairFuzz and QSYM.

This paper defines a set difference metric for comparing machine learning (ML) datasets and proposes the difference between datasets be a function of combinatorial coverage. We illustrate its utility for evaluating and predicting performance of ML models. Identifying and measuring differences between datasets is of significant value for ML problems, where the accuracy of the model is heavily dependent on the degree to which training data are sufficiently representative of data encountered in application. The method is illustrated for transfer learning without retraining, the problem of predicting performance of a model trained on one dataset and applied to another.

Online social network (OSN) is an ideal venue to enhance one's visibility. This paper considers how a user (called requester) in an OSN selects a small number of available users and invites them as new friends/followers so as to maximize his "social visibility". More importantly, the requester has to do this under the anonymity setting, which means he is not allowed to know the neighborhood information of these available users in the OSN. In this paper, we first develop a mathematical model to quantify the social visibility and formulate the problem of visibility maximization with anonymity guarantee, abbreviated as "VisMAX-A". Then we design an algorithmic framework named as "AdaExp", which adaptively expands the requester's visibility in multiple rounds. In each round of the expansion, AdaExp uses a query oracle with anonymity guarantee to select only one available user. By using probabilistic data structures like the k-minimum values (KMV) sketch, we design an efficient query oracle with anonymity guarantees. We also conduct experiments on real-world social networks and validate the effectiveness of our algorithms.