Visible to the public Biblio

Found 767 results

Filters: First Letter Of Title is M  [Clear All Filters]
A B C D E F G H I J K L [M] N O P Q R S T U V W X Y Z   [Show ALL]
M
Chen, Quan, Kapravelos, Alexandros.  2018.  Mystique: Uncovering Information Leakage from Browser Extensions. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :1687–1700.
Browser extensions are small JavaScript, CSS and HTML programs that run inside the browser with special privileges. These programs, often written by third parties, operate on the pages that the browser is visiting, giving the user a programmatic way to configure the browser. The privacy implications that arise by allowing privileged third-party code to execute inside the users' browser are not well understood. In this paper, we develop a taint analysis framework for browser extensions and use it to perform a large scale study of extensions in regard to their privacy practices. We first present a hybrid approach to traditional taint analysis: by leveraging the fact that extension source code is available to the runtime JavaScript engine, we implement as well as enhance traditional taint analysis using information gathered from static data flow and control-flow analysis of the JavaScript source code. Based on this, we further modify the Chromium browser to support taint tracking for extensions. We analyzed 178,893 extensions crawled from the Chrome Web Store between September 2016 and March 2018, as well as a separate set of all available extensions (2,790 in total) for the Opera browser at the time of analysis. From these, our analysis flagged 3,868 (2.13%) extensions as potentially leaking privacy-sensitive information. The top 10 most popular Chrome extensions that we confirmed to be leaking privacy-sensitive information have more than 60 million users combined. We ran the analysis on a local Kubernetes cluster and were able to finish within a month, demonstrating the feasibility of our approach for large-scale analysis of browser extensions. At the same time, our results emphasize the threat browser extensions pose to user privacy, and the need for countermeasures to safeguard against misbehaving extensions that abuse their privileges.
Patooghy, A., Aerabi, E., Rezaei, H., Mark, M., Fazeli, M., Kinsy, M. A..  2018.  Mystic: Mystifying IP Cores Using an Always-ON FSM Obfuscation Method. 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI). :626–631.
The separation of manufacturing and design processes in the integrated circuit industry to tackle the ever increasing circuit complexity and time to market issues has brought with it some major security challenges. Chief among them is IP piracy by untrusted parties. Hardware obfuscation which locks the functionality and modifies the structure of an IP core to protect it from malicious modifications or piracy has been proposed as a solution. In this paper, we develop an efficient hardware obfuscation method, called Mystic (Mystifying IP Cores), to protect IP cores from reverse engineering, IP overproduction, and IP piracy. The key idea behind Mystic is to add additional state transitions to the original/functional FSM (Finite State Machine) that are taken only when incorrect keys are applied to the circuit. Using the proposed Mystic obfuscation approach, the underlying functionality of the IP core is locked and normal FSM transitions are only available to authorized chip users. The synthesis results of ITC99 circuit benchmarks for ASIC 45nm technology reveal that the Mystic protection method imposes on average 5.14% area overhead, 5.21% delay overhead, and 8.06% power consumption overheads while it exponentially lowers the probability that an unauthorized user will gain access to or derive the chip functionality.
Xu, Haifeng.  2016.  The Mysteries of Security Games: Equilibrium Computation Becomes Combinatorial Algorithm Design. Proceedings of the 2016 ACM Conference on Economics and Computation. :497–514.

The security game is a basic model for resource allocation in adversarial environments. Here there are two players, a defender and an attacker. The defender wants to allocate her limited resources to defend critical targets and the attacker seeks his most favorable target to attack. In the past decade, there has been a surge of research interest in analyzing and solving security games that are motivated by applications from various domains. Remarkably, these models and their game-theoretic solutions have led to real-world deployments in use by major security agencies like the LAX airport, the US Coast Guard and Federal Air Marshal Service, as well as non-governmental organizations. Among all these research and applications, equilibrium computation serves as a foundation. This paper examines security games from a theoretical perspective and provides a unified view of various security game models. In particular, each security game can be characterized by a set system E which consists of the defender's pure strategies; The defender's best response problem can be viewed as a combinatorial optimization problem over E. Our framework captures most of the basic security game models in the literature, including all the deployed systems; The set system E arising from various domains encodes standard combinatorial problems like bipartite matching, maximum coverage, min-cost flow, packing problems, etc. Our main result shows that equilibrium computation in security games is essentially a combinatorial problem. In particular, we prove that, for any set system \$E\$, the following problems can be reduced to each other in polynomial time: (0) combinatorial optimization over E; (1) computing the minimax equilibrium for zero-sum security games over E; (2) computing the strong Stackelberg equilibrium for security games over E; (3) computing the best or worst (for the defender) Nash equilibrium for security games over E. Therefore, the hardness [polynomial solvability] of any of these problems implies the hardness [polynomial solvability] of all the others. Here, by "games over E" we mean the class of security games with arbitrary payoff structures, but a fixed set E of defender pure strategies. This shows that the complexity of a security game is essentially determined by the set system E. We view drawing these connections as an important conceptual contribution of this paper.

Song, Chen, Lin, Feng, Ba, Zhongjie, Ren, Kui, Zhou, Chi, Xu, Wenyao.  2016.  My Smartphone Knows What You Print: Exploring Smartphone-based Side-channel Attacks Against 3D Printers. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :895–907.

Additive manufacturing, also known as 3D printing, has been increasingly applied to fabricate highly intellectual property (IP) sensitive products. However, the related IP protection issues in 3D printers are still largely underexplored. On the other hand, smartphones are equipped with rich onboard sensors and have been applied to pervasive mobile surveillance in many applications. These facts raise one critical question: is it possible that smartphones access the side-channel signals of 3D printer and then hack the IP information? To answer this, we perform an end-to-end study on exploring smartphone-based side-channel attacks against 3D printers. Specifically, we formulate the problem of the IP side-channel attack in 3D printing. Then, we investigate the possible acoustic and magnetic side-channel attacks using the smartphone built-in sensors. Moreover, we explore a magnetic-enhanced side-channel attack model to accurately deduce the vital directional operations of 3D printer. Experimental results show that by exploiting the side-channel signals collected by smartphones, we can successfully reconstruct the physical prints and their G-code with Mean Tendency Error of 5.87% on regular designs and 9.67% on complex designs, respectively. Our study demonstrates this new and practical smartphone-based side channel attack on compromising IP information during 3D printing.

Block, Kenneth, Noubir, Guevara.  2018.  My Magnetometer Is Telling You Where I'Ve Been?: A Mobile Device Permissionless Location Attack Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks. :260–270.
Although privacy compromises remain an issue among users and advocacy groups, identification of user location has emerged as another point of concern. Techniques using GPS, Wi-Fi, NFC, Bluetooth tracking and cell tower triangulation are well known. These can typically identify location accurately with meter resolution. Another technique, inferring routes via sensor exploitation, may place a user within a few hundred meters of a general location. Acoustic beacons such as those placed in malls may have more finely grained resolution yet are limited by the sensitivity of the device's microphone to ultrasonic signals and directionality. In this paper we are able to discern user location within commercial GPS resolution by leveraging the ability of mobile device magnetometers to detect externally generated signals in a permissionless attack. We are able to achieve an aggregate location identification success rate of 86% with a bit error rate of 1.5% which is only ten times the stationary error rate. We accomplish this with a signal that is a fraction of the Earth's magnetic field strength. We designed, prototyped, and experimentally evaluated a system where a location ID is transmitted via low power magnetic coil(s) and received by permissionless apps. The system can be located at ingresses and kiosks situated in malls, stores, transportation hubs and other public locations including crosswalks using a location ID that is mapped to the GPS coordinates of the facility hosting the system. We demonstrate that using Android phone magnetometers, we can correctly detect and identify the when and the where of a device when the victim walks at a comfortable pace while their device has all the aforementioned services disabled. In order to address the substantial signal fading effects due to mobility in a very-low power magnetic near field, we developed signal processing and coding techniques and evaluated the prototype on six android devices in an IRB-approved study with six participants. This article is summarized in: Computer Science Teachers Association CSTA's mission is to empower, engage and advocate for K-12 CS teachers worldwide.
Kaiya, Haruhiko, Muto, Ryoya, Nagano, Kaito, Yoshida, Mizuki.  2019.  Mutual Requirements Evolution by Combining Different Information Systems. Proceedings of the 23rd Pan-Hellenic Conference on Informatics. :159–162.
We propose a method of eliciting requirements for several different systems together. We focus on systems used by one user at the same time become such systems inherently give influences on with other. We expect such influences help a requirements analyst to be aware of unknown requirements of the user. Any modeling notations are used to explore the combination among systems causing such influences because the differences among the notations give diverse viewpoints to the analyst. To specify such mutual influences, we introduce semantic tags represented by stereo types. We also introduce other semantic tags so that the analyst can judge whether the combination brings advantages to the user. We apply our method to an example and we confirm the method works.
Cheng, Lung-Pan, Marwecki, Sebastian, Baudisch, Patrick.  2017.  Mutual Human Actuation. Proceedings of the 30th Annual ACM Symposium on User Interface Software and Technology. :797–805.
Human actuation is the idea of using people to provide large-scale force feedback to users. The Haptic Turk system, for example, used four human actuators to lift and push a virtual reality user; TurkDeck used ten human actuators to place and animate props for a single user. While the experience of human actuators was decent, it was still inferior to the experience these people could have had, had they participated as a user. In this paper, we address this issue by making everyone a user. We introduce mutual human actuation, a version of human actuation that works without dedicated human actuators. The key idea is to run pairs of users at the same time and have them provide human actuation to each other. Our system, Mutual Turk, achieves this by (1) offering shared props through which users can exchange forces while obscuring the fact that there is a human on the other side, and (2) synchronizing the two users' timelines such that their way of manipulating the shared props is consistent across both virtual worlds. We demonstrate mutual human actuation with an example experience in which users pilot kites though storms, tug fish out of ponds, are pummeled by hail, battle monsters, hop across chasms, push loaded carts, and ride in moving vehicles.
C. Zhang, W. Zhang, H. Mu.  2015.  "A Mutual Authentication Security RFID Protocol Based on Time Stamp". 2015 First International Conference on Computational Intelligence Theory, Systems and Applications (CCITSA). :166-170.

In the RFID technology, the privacy of low-cost tag is a hot issue in recent years. A new mutual authentication protocol is achieved with the time stamps, hash function and PRNG. This paper analyzes some common attack against RFID and the relevant solutions. We also make the security performance comparison with original security authentication protocol. This protocol can not only speed up the proof procedure but also save cost and it can prevent the RFID system from being attacked by replay, clone and DOS, etc..

Lu, Yung-Feng, Kuo, Chin-Fu, Chen, Hung-Ming, Wang, Guan-Bo, Chou, Shih-Chun.  2018.  A Mutual Authentication Scheme with User Anonymity for Cyber-Physical and Internet of Things. Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems. :88-93.

Cyber-Physical Systems (CPS) and Internet of Things (IoT) are emerging technologies, which makes the remote sensing and control across heterogeneous network a reality, and has good prospects in industrial applications. Due to the resource constrained feature of CPS devices, the design of security and efficiency balanced authentication scheme for CPS/IoT devices becomes a big challenge in CPS/IoT applications. This paper presents a two-factor authentication with key agreement scheme for CPS/IoT applications. The proposed mechanism integrates IMSI identifier and identity-based remote mutual authentication scheme on BAN logic designs. It supports flawless two-factor and mutual authentication of participants and agreement of session keys for user, device and gateway server. The proposed mechanism also provide user anonymity, it can be adopt in critical applications. Besides, it does not require modifying the software of clients; thus, it is highly flexibly. We believe the proposed mechanism is usable for CPS/IoT applications.

Zheng, L., Xue, Y., Zhang, L., Zhang, R..  2017.  Mutual Authentication Protocol for RFID Based on ECC. 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). 2:320–323.

In this paper, a mutual authentication protocol based on ECC is designed for RFID systems. This protocol is described in detail and the performance of this protocol is analyzed. The results show that the protocol has many advantages, such as mutual authentication, confidentiality, anonymity, availability, forward security, scalability and so on, which can resist camouflage attacks, tracking attacks, denial of service attacks, system internal attack.

Jin, Y., Tian, Z., Zhou, M., Wang, H..  2020.  MuTrack: Multiparameter Based Indoor Passive Tracking System Using Commodity WiFi. ICC 2020 - 2020 IEEE International Conference on Communications (ICC). :1—6.
Device-Free Localization and Tracking (DFLT) acts as a key component for the contactless awareness applications such as elderly care and home security. However, the random phase errors in WiFi signal and weak target echoes submerged in background clutter signals are mainly obstacles for current DFLT systems. In this paper, we propose the design and implementation of MuTrack, a multiparameter based DFLT system using commodity WiFi devices with a single link. Firstly, we select an antenna with maximum reliability index as the reference antenna for signal sanitization in which the conjugate operation removes the random phase errors. Secondly, we design a multi-dimensional parameters estimator and then refine path parameters by optimizing the complete data of path components. Finally, the Hungarian Kalman Filter based tracking method is proposed to derive accurate locations from low-resolution parameter estimates. We extensively validate the proposed system in typical indoor environment and these experimental results show that MuTrack can achieve high tracking accuracy with the mean error of 0.82 m using only a single link.
Shen, Sheng, Roy, Nirupam, Guan, Junfeng, Hassanieh, Haitham, Choudhury, Romit Roy.  2018.  MUTE: Bringing IoT to Noise Cancellation. Proceedings of the 2018 Conference of the ACM Special Interest Group on Data Communication. :282–296.

Active Noise Cancellation (ANC) is a classical area where noise in the environment is canceled by producing anti-noise signals near the human ears (e.g., in Bose's noise cancellation headphones). This paper brings IoT to active noise cancellation by combining wireless communication with acoustics. The core idea is to place an IoT device in the environment that listens to ambient sounds and forwards the sound over its wireless radio. Since wireless signals travel much faster than sound, our ear-device receives the sound in advance of its actual arrival. This serves as a glimpse into the future, that we call lookahead, and proves crucial for real-time noise cancellation, especially for unpredictable, wide-band sounds like music and speech. Using custom IoT hardware, as well as lookahead-aware cancellation algorithms, we demonstrate MUTE, a fully functional noise cancellation prototype that outperforms Bose's latest ANC headphone. Importantly, our design does not need to block the ear - the ear canal remains open, making it comfortable (and healthier) for continuous use.

Rubio-Medrano, Carlos E., Lamp, Josephine, Doupé, Adam, Zhao, Ziming, Ahn, Gail-Joon.  2017.  Mutated Policies: Towards Proactive Attribute-based Defenses for Access Control. Proceedings of the 2017 Workshop on Moving Target Defense. :39–49.
Recently, both academia and industry have recognized the need for leveraging real-time information for the purposes of specifying, enforcing and maintaining rich and flexible authorization policies. In such a context, security-related properties, a.k.a., attributes, have been recognized as a convenient abstraction for providing a well-defined representation of such information, allowing for them to be created and exchanged by different independently-run organizational domains for authorization purposes. However, attackers may attempt to compromise the way attributes are generated and communicated by recurring to hacking techniques, e.g., forgery, in an effort to bypass authorization policies and their corresponding enforcement mechanisms and gain unintended access to sensitive resources as a result. In this paper, we propose a novel technique that allows for enterprises to pro-actively collect attributes from the different entities involved in the access request process, e.g., users, subjects, protected resources, and running environments. After the collection, we aim to carefully select the attributes that uniquely identify the aforementioned entities, and randomly mutate the original access policies over time by adding additional policy rules constructed from the newly-identified attributes. This way, even when attackers are able to compromise the original attributes, our mutated policies may offer an additional layer of protection to deter ongoing and future attacks. We present the rationale and experimental results supporting our proposal, which provide evidence of its suitability for being deployed in practice.
Karam, R., Hoque, T., Ray, S., Tehranipoor, M., Bhunia, S..  2017.  MUTARCH: Architectural diversity for FPGA device and IP security. 2017 22nd Asia and South Pacific Design Automation Conference (ASP-DAC). :611–616.
Field Programmable Gate Arrays (FPGAs) are being increasingly deployed in diverse applications including the emerging Internet of Things (IoT), biomedical, and automotive systems. However, security of the FPGA configuration file (i.e. bitstream), especially during in-field reconfiguration, as well as effective safeguards against unauthorized tampering and piracy during operation, are notably lacking. The current practice of bitstreram encryption is only available in high-end FPGAs, incurs unacceptably high overhead for area/energy-constrained devices, and is susceptible to side channel attacks. In this paper, we present a fundamentally different and novel approach to FPGA security that can protect against all major attacks on FPGA, namely, unauthorized in-field reprogramming, piracy of FPGA intellectual property (IP) blocks, and targeted malicious modification of the bitstream. Our approach employs the security through diversity principle to FPGA, which is often used in the software domain. We make each device architecturally different from the others using both physical (static) and logical (time-varying) configuration keys, ensuring that attackers cannot use a priori knowledge about one device to mount an attack on another. It therefore mitigates the economic motivation for attackers to reverse engineering the bitstream and IP. The approach is compatible with modern remote upgrade techniques, and requires only small modifications to existing FPGA tool flows, making it an attractive addition to the FPGA security suite. Our experimental results show that the proposed approach achieves provably high security against tampering and piracy with worst-case 14% latency overhead and 13% area overhead.
Gustafson, Stephen, Arumugam, Hemagiri, Kanyuk, Paul, Lorenzen, Michael.  2016.  MURE: Fast Agent Based Crowd Simulation for VFX and Animation. ACM SIGGRAPH 2016 Talks. :56:1–56:2.

Crowd simulation in visual effects and animation is a field where creativity is often bound by the scalability of its tools. High end animation systems like Autodesk Maya [Autodesk ] are tailored for scenes with at most tens of characters, whereas more scaleable VFX packages like SideFX's Houdini [SideFX] can lack the directability required by character animation. We present a suite of technologies built around Houdini that vastly improves both its scalability and directability for agent based crowd simulation. Dubbed MURE (Japanese for "crowd"), this system employs a new VEX context with lock-free, multithreaded KD-Tree construction/look-up, a procedural finite state machine for massive animation libraries, a suite of VEX nodes for fuzzy logic, and a fast GPU drawing plugin built upon the open source USD (Universal Scene Description) library [Pixar Animation Studios ]. MURE has proven its success on two feature films, The Good Dinosaur, and Finding Dory, with crowd spectacles including flocks of birds, swarms of fireflies, automobile traffic, and schools of fish. Pixar has a history with agent based crowd simulation using a custom Massive [Massive Software] based pipeline, first developed on Ratatouille [Ryu and Kanyuk 2007], and subsequently used on Wall-E, Up, and Cars 2. A re-write of the studio's proprietary animation software, Presto, deprecated this crowd pipeline. The crowds team on Brave and Monster's University replaced it with a new system for "non-simulated" crowds that sequenced geometry caches [Kanyuk et al. 2012] via finite state machines and sketch based tools [Arumugam et al. 2013]. However, the story reels for The Good Dinosaur called for large crowds with such complex inter-agent and environment interaction that simulated crowds were necessary. This creative need afforded Pixar's crowd team the opportunity of evaluate the pros and cons of our former agent based simulation pipeline and weigh which features would be part of its successor. Fuzzy logic brains and customizable navigation were indispensable, but our practice of approximating hero quality rigs with simulatable equivalents was fraught with problems. Creating the mappings was labor intensive, lossy, and even when mostly correct, animators found the synthesized animation splines so foreign that many would start from scratch rather than build upon a crowd simulation. The avoid this pitfall, we instead opted to start building our new pipeline around pre-cached clips of animation and thus always be able to deliver crowd animators clean splines. This reliance on caches also affords tremendous opportunities for interactivity at massive scales. Thus, rather than focusing on rigging/posing, the goals of our new system, MURE, became interactivity and directability.

Xu, Lei, Yuan, Xingliang, Steinfeld, Ron, Wang, Cong, Xu, Chungen.  2019.  Multi-Writer Searchable Encryption: An LWE-Based Realization and Implementation. Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. :122–133.
Multi-Writer Searchable Encryption, also known as public-key encryption with keyword search(PEKS), serves a wide spectrum of data sharing applications. It allows users to search over encrypted data encrypted via different keys. However, most of the existing PEKS schemes are built on classic security assumptions, which are proven to be untenable to overcome the threats of quantum computers. To address the above problem, in this paper, we propose a lattice-based searchable encryption scheme from the learning with errors (LWE) hardness assumption. Specifically, we observe that the keys of each user in a basic scheme are composed of large-sized matrices and basis of the lattice. To reduce the complexity of key management, our scheme is designed to enable users to directly use their identity for data encryption. We present several optimization techniques for implementation to make our design nearly practical. For completeness, we conduct rigorous security, complexity, and parameter analysis on our scheme, and perform comprehensive evaluations at a commodity machine. With a scenario of 100 users, the cost of key generation for each user is 125s, and the cost of searching a document with 1000 keywords is 13.4ms.
Luo, Xuesong, Wang, Shaoping.  2018.  Multi-work Condition Modeling and Performance Analysis of Linear Oscillating Actuators. 2018 IEEE International Conference on Prognostics and Health Management (ICPHM). :1—7.

Linear oscillating actuators are emerging electrical motors applied to direct-drive electromechanical systems. They merit high efficiency and quick dynamical property due to the unique structure of spring oscillator. Resonant principle is the base of their high performance, which however, is easily influenced by various load, complex environment and mechanical failure. This paper studies the modeling of linear oscillating actuators in multi-work condition. Three kinds of load are considered in performance evaluation model. Simulations are conducted at different frequencies to obtain the actuator behavior, especially at non-resonance frequencies. A method of constant impedance angle is proposed to search the best working points in sorts of conditions. Eventually, analytical results reflect that the resonant parameter would drift with load, while linear oscillating actuators exhibits robustness in efficiency performance. Several evaluating parameters are concluded to assess the actuator health status.

Zhao, Bo, Wu, Xiao, Cheng, Zhi-Qi, Liu, Hao, Jie, Zequn, Feng, Jiashi.  2018.  Multi-View Image Generation from a Single-View. Proceedings of the 26th ACM International Conference on Multimedia. :383-391.

How to generate multi-view images with realistic-looking appearance from only a single view input is a challenging problem. In this paper, we attack this problem by proposing a novel image generation model termed VariGANs, which combines the merits of the variational inference and the Generative Adversarial Networks (GANs). It generates the target image in a coarse-to-fine manner instead of a single pass which suffers from severe artifacts. It first performs variational inference to model global appearance of the object (e.g., shape and color) and produces coarse images of different views. Conditioned on the generated coarse images, it then performs adversarial learning to fill details consistent with the input and generate the fine images. Extensive experiments conducted on two clothing datasets, MVC and DeepFashion, have demonstrated that the generated images with the proposed VariGANs are more plausible than those generated by existing approaches, which provide more consistent global appearance as well as richer and sharper details.

Cui, Limeng, Chen, Zhensong, Zhang, Jiawei, He, Lifang, Shi, Yong, Yu, Philip S..  2018.  Multi-view Collective Tensor Decomposition for Cross-modal Hashing. Proceedings of the 2018 ACM on International Conference on Multimedia Retrieval. :73–81.

Multimedia data available in various disciplines are usually heterogeneous, containing representations in multi-views, where the cross-modal search techniques become necessary and useful. It is a challenging problem due to the heterogeneity of data with multiple modalities, multi-views in each modality and the diverse data categories. In this paper, we propose a novel multi-view cross-modal hashing method named Multi-view Collective Tensor Decomposition (MCTD) to fuse these data effectively, which can exploit the complementary feature extracted from multi-modality multi-view while simultaneously discovering multiple separated subspaces by leveraging the data categories as supervision information. Our contributions are summarized as follows: 1) we exploit tensor modeling to get better representation of the complementary features and redefine a latent representation space; 2) a block-diagonal loss is proposed to explicitly pursue a more discriminative latent tensor space by exploring supervision information; 3) we propose a new feature projection method to characterize the data and to generate the latent representation for incoming new queries. An optimization algorithm is proposed to solve the objective function designed for MCTD, which works under an iterative updating procedure. Experimental results prove the state-of-the-art precision of MCTD compared with competing methods.

Zhao, Xiaohang, Zhang, Ke, Chai, Yi.  2019.  A Multivariate Time Series Classification based Multiple Fault Diagnosis Method for Hydraulic Systems. 2019 Chinese Control Conference (CCC). :6819–6824.
Hydraulic systems is a class of nonlinear complex systems. There are many typical characteristics with the systems: multiple functional components, multiple operation modes, space-time coupling work, and monitoring signals for faults are multivariate time series data, etc. Because of the characteristics, fault diagnosis for Hydraulic systems is not easy. Traditional fault diagnosis methods mostly ignore the multivariable timing characteristics of monitoring signals, it has made many detection and diagnosis (especially for multiple fault) can not keep high accuracy, and some of the methods are not even be able to multiple fault diagnosis. Aim at the problem, a multivariate time series classification based diagnosis method is proposed. Firstly, extracting timing characteristics (transformed features) from the time series data collected via sensors by 1-NN method. Secondly, training the transformed features by multi-class OVO-SVM to classify multivariate time series. Simulation of the method contains single fault and multiple faults conditions, the results show that the method has high accuracy, it can complete multiple-faults classification.
Sun, X., Liu, H., Zhang, M..  2016.  Multivariate symmetric cryptography with 2-dimesion chaotic disturbation. 2016 8th International Conference on Wireless Communications Signal Processing (WCSP). :1–4.

Multivariate public key cryptosystem acts as a signature system rather than encryption system due to the minus mode used in system. A multivariate encryption system with determinate equations in central map and chaotic shell protection for central map and affine map is proposed in this paper. The outputs of two-dimension chaotic system are discretized on a finite field to disturb the central map and affine map in multivariate cryptosystem. The determined equations meet the shortage of indeterminate equations in minus mode and make the general attack methods are out of tenable condition. The analysis shows the proposed multivariate symmetric encryption system based on chaotic shell is able to resist general attacks.

Ya Zhang, Yi Wei, Jianbiao Ren.  2014.  Multi-touch Attribution in Online Advertising with Survival Theory. Data Mining (ICDM), 2014 IEEE International Conference on. :687-696.

Multi-touch attribution, which allows distributing the credit to all related advertisements based on their corresponding contributions, has recently become an important research topic in digital advertising. Traditionally, rule-based attribution models have been used in practice. The drawback of such rule-based models lies in the fact that the rules are not derived form the data but only based on simple intuition. With the ever enhanced capability to tracking advertisement and users' interaction with the advertisement, data-driven multi-touch attribution models, which attempt to infer the contribution from user interaction data, become an important research direction. We here propose a new data-driven attribution model based on survival theory. By adopting a probabilistic framework, one key advantage of the proposed model is that it is able to remove the presentation biases inherit to most of the other attribution models. In addition to model the attribution, the proposed model is also able to predict user's 'conversion' probability. We validate the proposed method with a real-world data set obtained from a operational commercial advertising monitoring company. Experiment results have shown that the proposed method is quite promising in both conversion prediction and attribution.

Ahmad, A., Hassan, M.M., Aziz, A..  2014.  A Multi-token Authorization Strategy for Secure Mobile Cloud Computing. Mobile Cloud Computing, Services, and Engineering (MobileCloud), 2014 2nd IEEE International Conference on. :136-141.

Cloud computing is an emerging paradigm shifting the shape of computing models from being a technology to a utility. However, security, privacy and trust are amongst the issues that can subvert the benefits and hence wide deployment of cloud computing. With the introduction of omnipresent mobile-based clients, the ubiquity of the model increases, suggesting a still higher integration in life. Nonetheless, the security issues rise to a higher degree as well. The constrained input methods for credentials and the vulnerable wireless communication links are among factors giving rise to serious security issues. To strengthen the access control of cloud resources, organizations now commonly acquire Identity Management Systems (IdM). This paper presents that the most popular IdM, namely OAuth, working in scope of Mobile Cloud Computing has many weaknesses in authorization architecture. In particular, authors find two major issues in current IdM. First, if the IdM System is compromised through malicious code, it allows a hacker to get authorization of all the protected resources hosted on a cloud. Second, all the communication links among client, cloud and IdM carries complete authorization token, that can allow hacker, through traffic interception at any communication link, an illegitimate access of protected resources. We also suggest a solution to the reported problems, and justify our arguments with experimentation and mathematical modeling.

Tsiota, Anastasia, Xenakis, Dionysis, Passas, Nikos, Merakos, Lazaros.  2019.  Multi-Tier and Multi-Band Heterogeneous Wireless Networks with Black Hole Attacks. 2019 IEEE Global Communications Conference (GLOBECOM). :1—6.

Wireless networks are currently proliferated by multiple tiers and heterogeneous networking equipment that aims to support multifarious services ranging from distant monitoring and control of wireless sensors to immersive virtual reality services. The vast collection of heterogeneous network equipment with divergent radio capabilities (e.g. multi-GHz operation) is vulnerable to wireless network attacks, raising questions on the service availability and coverage performance of future multi-tier wireless networks. In this paper, we study the impact of black hole attacks on service coverage of multi-tier heterogeneous wireless networks and derive closed form expressions when network nodes are unable to identify and avoid black hole nodes. Assuming access to multiple bands, the derived expressions can be readily used to assess the performance gains following from the employment of different association policies and the impact of black hole attacks in multi-tier wireless networks.

Steinke, Michael, Adam, Iris, Hommel, Wolfgang.  2018.  Multi-Tenancy-Capable Correlation of Security Events in 5G Networks. 2018 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). :1–6.
The concept of network slicing in 5G mobile networks introduces new challenges for security management: Given the combination of Infrastructure-as-a-Service cloud providers, mobile network operators as Software-as-a-Service providers, and the various verticals as customers, multi-layer and multi-tenancy-capable management architectures are required. This paper addresses the challenges for correlation of security events in such 5G scenarios with a focus on event processing at telecommunication service providers. After an analysis of the specific demand for network-slice-centric security event correlation in 5G networks, ongoing standardization efforts, and related research, we propose a multi-tenancy-capable event correlation architecture along with a scalable information model. The event processing, alerting, and correlation workflow is discussed and has been implemented in a network and security management system prototype, leading to a demonstration of first results acquired in a lab setup.