Visible to the public Biblio

Found 12094 results

Conference Paper
Le, Van-Khoa, Beauseroy, Pierre, Grall-Maes, Edith.  2018.  Abnormal Trajectory Detection for Security Infrastructure. Proceedings of the 2Nd International Conference on Digital Signal Processing. :1–5.

In this work, an approach for the automatic analysis of people trajectories is presented, using a multi-camera and card reader system. Data is first extracted from surveillance cameras and card readers to create trajectories which are sequences of paths and activities. A distance model is proposed to compare sequences and calculate similarities. The popular unsupervised model One-Class Support Vector Machine (One-Class SVM) is used to train a detector. The proposed method classifies trajectories as normal or abnormal and can be used in two modes: off-line and real-time. Experiments are based on data simulation corresponding to an attack scenario proposed by a security expert. Results show that the proposed method successfully detects the abnormal sequences in the scenario with very low false alarm rate.

Liao, Q., Gu, Y., Liao, J., Li, W..  2020.  Abnormal transaction detection of Bitcoin network based on feature fusion. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC). 9:542—549.

Anomaly detection is one of the research hotspots in Bitcoin transaction data analysis. In view of the existing research that only considers the transaction as an isolated node when extracting features, but has not yet used the network structure to dig deep into the node information, a bitcoin abnormal transaction detection method that combines the node’s own features and the neighborhood features is proposed. Based on the formation mechanism of the interactive relationship in the transaction network, first of all, according to a certain path selection probability, the features of the neighbohood nodes are extracted by way of random walk, and then the node’s own features and the neighboring features are fused to use the network structure to mine potential node information. Finally, an unsupervised detection algorithm is used to rank the transaction points on the constructed feature set to find abnormal transactions. Experimental results show that, compared with the existing feature extraction methods, feature fusion improves the ability to detect abnormal transactions.

Sharma, Manoj Kumar, Sheet, Debdoot, Biswas, Prabir Kumar.  2016.  Abnormality Detecting Deep Belief Network. Proceedings of the International Conference on Advances in Information Communication Technology & Computing. :11:1–11:6.

Abnormality detection is useful in reducing the amount of data to be processed manually by directing attention to the specific portion of data. However, selections of suitable features are important for the success of an abnormality detection system. Designing and selecting appropriate features are time-consuming, requires expensive domain knowledge and human labor. Further, it is very challenging to represent high-level concepts of abnormality in terms of raw input. Most of the existing abnormality detection system use handcrafted feature detector and are based on shallow architecture. In this work, we explore Deep Belief Network for abnormality detection and simultaneously, compared the performance of classic neural network in terms of features learned and accuracy of detecting the abnormality. Further, we explore the set of features learn by each layer of the deep architecture. We also provide a simple and fast mechanism to visualize the feature at the higher layer. Further, the effect of different activation function on abnormality detection is also compared. We observed that deep learning based approach can be used for detecting an abnormality. It has better performance compare to classical neural network in separating distinct as well as almost similar data.

Donghoon Kim, Henry E. Schaffer, Mladen Vouk.  2015.  About PaaS Security. 3rd International IBM Cloud Academy Conference (ICACON 2015).
Bilanová, Z., Perháč, J..  2019.  About possibilities of applying logical analysis of natural language in computer science. 2019 IEEE 13th International Symposium on Applied Computational Intelligence and Informatics (SACI). :251–256.
This paper deals with the comparison of the most popular methods of a logical analysis of natural language Montague intensional logic and Transparent intensional logic. At first, these logical apparatuses are compared in terms of their founding theoretical principles. Later, the selected sentence is examined through the logical analysis. The aim of the paper is to identify a more expressive logical method, which will be a suitable basis for the future design of an algorithm for the automated translation of the natural language into a formal representation of its meaning through a semantic machine.
Sanandaji, B.M., Bitar, E., Poolla, K., Vincent, T.L..  2014.  An abrupt change detection heuristic with applications to cyber data attacks on power systems. American Control Conference (ACC), 2014. :5056-5061.

We present an analysis of a heuristic for abrupt change detection of systems with bounded state variations. The proposed analysis is based on the Singular Value Decomposition (SVD) of a history matrix built from system observations. We show that monitoring the largest singular value of the history matrix can be used as a heuristic for detecting abrupt changes in the system outputs. We provide sufficient detectability conditions for the proposed heuristic. As an application, we consider detecting malicious cyber data attacks on power systems and test our proposed heuristic on the IEEE 39-bus testbed.
 

Hu, Zhengbing, Vasiliu, Yevhen, Smirnov, Oleksii, Sydorenko, Viktoriia, Polishchuk, Yuliia.  2019.  Abstract Model of Eavesdropper and Overview on Attacks in Quantum Cryptography Systems. 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS). 1:399–405.
In today's world, it's almost impossible to find a sphere of human life in which information technologies would not be used. On the one hand, it simplifies human life - virtually everyone carries a mini-computer in his pocket and it allows to perform many operations, that took a lot of time, in minutes. In addition, IT has simplified and promptly developed areas such as medicine, banking, document circulation, military, and many other infrastructures of the state. Nevertheless, even today, privacy remains a major problem in many information transactions. One of the most important directions for ensuring the information confidentiality in open communication networks has been and remains its protection by cryptographic methods. Although it is known that traditional cryptography methods give reasons to doubt in their reliability, quantum cryptography has proven itself as a more reliable information security technology. As far is it quite new direction there is no sufficiently complete classification of attacks on quantum cryptography methods, in view of this new extended classification of attacks on quantum protocols and quantum cryptosystems is proposed in this work. Classification takes into account the newest attacks (which use devices loopholes) on quantum key distribution equipment. These attacks have been named \textbackslashtextless; \textbackslashtextless; quantum hacking\textbackslashtextgreater\textbackslashtextgreater. Such classification may be useful for choosing commercially available quantum key distribution system. Also abstract model of eavesdropper in quantum systems was created and it allows to determine a set of various nature measures that need to be further implemented to provide reliable security with the help of specific quantum systems.
Abi-Antoun, Marwan, Khalaj, Ebrahim, Vanciu, Radu, Moghimi, Ahmad.  2016.  Abstract Runtime Structure for Reasoning About Security: Poster. Proceedings of the Symposium and Bootcamp on the Science of Security. :1–3.

We propose an interactive approach where analysts reason about the security of a system using an abstraction of its runtime structure, as opposed to looking at the code. They interactively refine a hierarchical object graph, set security properties on abstract objects or edges, query the graph, and investigate the results by studying highlighted objects or edges or tracing to the code. Behind the scenes, an inference analysis and an extraction analysis maintain the soundness of the graph with respect to the code.

Bolla, R., Carrega, A., Repetto, M..  2019.  An abstraction layer for cybersecurity context. 2019 International Conference on Computing, Networking and Communications (ICNC). :214—218.

The growing complexity and diversification of cyber-attacks are largely reflected in the increasing sophistication of security appliances, which are often too cumbersome to be run in virtual services and IoT devices. Hence, the design of cyber-security frameworks is today looking at more cooperative models, which collect security-related data from a large set of heterogeneous sources for centralized analysis and correlation.In this paper, we outline a flexible abstraction layer for access to security context. It is conceived to program and gather data from lightweight inspection and enforcement hooks deployed in cloud applications and IoT devices. We also provide a preliminary description of its implementation, by reviewing the main software components and their role.

Bronzino, Francesco, Raychaudhuri, Dipankar.  2016.  Abstractions and Solutions to Support Smart-objects in the Future Internet. Proceedings of the 2Nd Workshop on Experiences in the Design and Implementation of Smart Objects. :41–46.

As the number of devices that gain connectivity and join the category of smart-objects increases every year reaching unprecedented numbers, new challenges are imposed on our networks. While specialized solutions for certain use cases have been proposed, more flexible and scalable new approaches to networking will be required to deal with billions or trillions of smart objects connected to the Internet. With this paper, we take a step back looking at the set of basic problems that are posed by this group of devices. In order to develop an analysis on how these issues could be approached, we define which fundamental abstractions might help solving or at least reducing their impact on the network by offering support for fundamental matters such as mobility, group based delivery and support for distributed computing resources. Based on the concept of named-objects, we propose a set of solutions that network and show how this approach can address both scalability and functional requirements. Finally, we describe a comprehensive clean-slate network architecture (MobiityFirst) which attempts to realize the proposed capabilities.

Buranasaksee, U., Porkaew, K., Supasitthimethee, U..  2014.  AccAuth: Accounting system for OAuth protocol. Applications of Digital Information and Web Technologies (ICADIWT), 2014 Fifth International Conference on the. :8-13.

When a user accesses a resource, the accounting process at the server side does the job of keeping track of the resource usage so as to charge the user. In cloud computing, a user may use more than one service provider and need two independent service providers to work together. In this user-centric context, the user is the owner of the information and has the right to authorize to a third party application to access the protected resource on the user's behalf. Therefore, the user also needs to monitor the authorized resource usage he granted to third party applications. However, the existing accounting protocols were proposed to monitor the resource usage in terms of how the user uses the resource from the service provider. This paper proposed the user-centric accounting model called AccAuth which designs an accounting layer to an OAuth protocol. Then the prototype was implemented, and the proposed model was evaluated against the standard requirements. The result showed that AccAuth passed all the requirements.
 

Abdelhadi, Ameer M.S., Bouganis, Christos-Savvas, Constantinides, George A..  2019.  Accelerated Approximate Nearest Neighbors Search Through Hierarchical Product Quantization. 2019 International Conference on Field-Programmable Technology (ICFPT). :90—98.
A fundamental recurring task in many machine learning applications is the search for the Nearest Neighbor in high dimensional metric spaces. Towards answering queries in large scale problems, state-of-the-art methods employ Approximate Nearest Neighbors (ANN) search, a search that returns the nearest neighbor with high probability, as well as techniques that compress the dataset. Product-Quantization (PQ) based ANN search methods have demonstrated state-of-the-art performance in several problems, including classification, regression and information retrieval. The dataset is encoded into a Cartesian product of multiple low-dimensional codebooks, enabling faster search and higher compression. Being intrinsically parallel, PQ-based ANN search approaches are amendable for hardware acceleration. This paper proposes a novel Hierarchical PQ (HPQ) based ANN search method as well as an FPGA-tailored architecture for its implementation that outperforms current state of the art systems. HPQ gradually refines the search space, reducing the number of data compares and enabling a pipelined search. The mapping of the architecture on a Stratix 10 FPGA device demonstrates over ×250 speedups over current state-of-the-art systems, opening the space for addressing larger datasets and/or improving the query times of current systems.
Kuka, Mário, Vojanec, Kamil, Kučera, Jan, Benáček, Pavel.  2019.  Accelerated DDoS Attacks Mitigation using Programmable Data Plane. 2019 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS). :1–3.

DDoS attacks are a significant threat to internet service or infrastructure providers. This poster presents an FPGA-accelerated device and DDoS mitigation technique to overcome such attacks. Our work addresses amplification attacks whose goal is to generate enough traffic to saturate the victims links. The main idea of the device is to efficiently filter malicious traffic at high-speeds directly in the backbone infrastructure before it even reaches the victim's network. We implemented our solution for two FPGA platforms using the high-level description in P4, and we report on its performance in terms of throughput and hardware resources.

Badii, A., Faulkner, R., Raval, R., Glackin, C., Chollet, G..  2017.  Accelerated Encryption Algorithms for Secure Storage and Processing in the Cloud. 2017 International Conference on Advanced Technologies for Signal and Image Processing (ATSIP). :1–6.

The objective of this paper is to outline the design specification, implementation and evaluation of a proposed accelerated encryption framework which deploys both homomorphic and symmetric-key encryptions to serve the privacy preserving processing; in particular, as a sub-system within the Privacy Preserving Speech Processing framework architecture as part of the PPSP-in-Cloud Platform. Following a preliminary study of GPU efficiency gains optimisations benchmarked for AES implementation we have addressed and resolved the Big Integer processing challenges in parallel implementation of bilinear pairing thus enabling the creation of partially homomorphic encryption schemes which facilitates applications such as speech processing in the encrypted domain on the cloud. This novel implementation has been validated in laboratory tests using a standard speech corpus and can be used for other application domains to support secure computation and privacy preserving big data storage/processing in the cloud.

Wang, X., Zhou, S..  2017.  Accelerated Stochastic Gradient Method for Support Vector Machines Classification with Additive Kernel. 2017 First International Conference on Electronics Instrumentation Information Systems (EIIS). :1–6.

Support vector machines (SVMs) have been widely used for classification in machine learning and data mining. However, SVM faces a huge challenge in large scale classification tasks. Recent progresses have enabled additive kernel version of SVM efficiently solves such large scale problems nearly as fast as a linear classifier. This paper proposes a new accelerated mini-batch stochastic gradient descent algorithm for SVM classification with additive kernel (AK-ASGD). On the one hand, the gradient is approximated by the sum of a scalar polynomial function for each feature dimension; on the other hand, Nesterov's acceleration strategy is used. The experimental results on benchmark large scale classification data sets show that our proposed algorithm can achieve higher testing accuracies and has faster convergence rate.

Perry, David M., Mattavelli, Andrea, Zhang, Xiangyu, Cadar, Cristian.  2017.  Accelerating Array Constraints in Symbolic Execution. Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis. :68–78.

Despite significant recent advances, the effectiveness of symbolic execution is limited when used to test complex, real-world software. One of the main scalability challenges is related to constraint solving: large applications and long exploration paths lead to complex constraints, often involving big arrays indexed by symbolic expressions. In this paper, we propose a set of semantics-preserving transformations for array operations that take advantage of contextual information collected during symbolic execution. Our transformations lead to simpler encodings and hence better performance in constraint solving. The results we obtain are encouraging: we show, through an extensive experimental analysis, that our transformations help to significantly improve the performance of symbolic execution in the presence of arrays. We also show that our transformations enable the analysis of new code, which would be otherwise out of reach for symbolic execution.

Jaeger, D., Cheng, F., Meinel, C..  2018.  Accelerating Event Processing for Security Analytics on a Distributed In-Memory Platform. 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech). :634-643.

The analysis of security-related event logs is an important step for the investigation of cyber-attacks. It allows tracing malicious activities and lets a security operator find out what has happened. However, since IT landscapes are growing in size and diversity, the amount of events and their highly different representations are becoming a Big Data challenge. Unfortunately, current solutions for the analysis of security-related events, so called Security Information and Event Management (SIEM) systems, are not able to keep up with the load. In this work, we propose a distributed SIEM platform that makes use of highly efficient distributed normalization and persists event data into an in-memory database. We implement the normalization on common distribution frameworks, i.e. Spark, Storm, Trident and Heron, and compare their performance with our custom-built distribution solution. Additionally, different tuning options are introduced and their speed advantage is presented. In the end, we show how the writing into an in-memory database can be tuned to achieve optimal persistence speed. Using the proposed approach, we are able to not only fully normalize, but also persist more than 20 billion events per day with relatively small client hardware. Therefore, we are confident that our approach can handle the load of events in even very large IT landscapes.

Duraisamy, Karthi, Lu, Hao, Pande, Partha Pratim, Kalyanaraman, Ananth.  2017.  Accelerating Graph Community Detection with Approximate Updates via an Energy-Efficient NoC. Proceedings of the 54th Annual Design Automation Conference 2017. :89:1–89:6.

Community detection is an advanced graph operation that is used to reveal tightly-knit groups of vertices (aka. communities) in real-world networks. Given the intractability of the problem, efficient heuristics are used in practice. Yet, even the best of these state-of-the-art heuristics can become computationally demanding over large inputs and can generate workloads that exhibit inherent irregularity in data movement on manycore platforms. In this paper, we posit that effective acceleration of the graph community detection operation can be achieved by reducing the cost of data movement through a combined innovation at both software and hardware levels. More specifically, we first propose an efficient software-level parallelization of community detection that uses approximate updates to cleverly exploit a diminishing returns property of the algorithm. Secondly, as a way to augment this innovation at the software layer, we design an efficient Wireless Network on Chip (WiNoC) architecture that is suited to handle the irregular on-chip data movements exhibited by the community detection algorithm under both unicast- and broadcast-heavy cache coherence protocols. Experimental results show that our resulting WiNoC-enabled manycore platform achieves on average 52% savings in execution time, without compromising on the quality of the outputs, when compared to a traditional manycore platform designed with a wireline mesh NoC and running community detection without employing approximate updates.

Choi, Jongsok, Lian, Ruolong, Li, Zhi, Canis, Andrew, Anderson, Jason.  2018.  Accelerating Memcached on AWS Cloud FPGAs. Proceedings of the 9th International Symposium on Highly-Efficient Accelerators and Reconfigurable Technologies. :2:1–2:8.
In recent years, FPGAs have been deployed in data centres of major cloud service providers, such as Microsoft [1], Amazon [2], Alibaba [3], Tencent [4], Huawei [5], and Nimbix [6]. This marks the beginning of bringing FPGA computing to the masses, as being in the cloud, one can access an FPGA from anywhere. A wide range of applications are run in the cloud, including web servers and databases among many others. Memcached is a high-performance in-memory ob ject caching system, which acts as a caching layer between web servers and databases. It is used by many companies, including Flicker, Wikipedia, Wordpress, and Facebook [7, 8]. In this paper, we present a Memcached accelerator implemented on the AWS FPGA cloud (F1 instance). Compared to AWS ElastiCache, an AWS-managed CPU Memcached service, our Memcached accelerator provides up to 9 x better throughput and latency. A live demo of the Memcached accelerator running on F1 can be accessed on our website [9].
Bai, Xu, Jiang, Lei, Dai, Qiong, Yang, Jiajia, Tan, Jianlong.  2017.  Acceleration of RSA processes based on hybrid ARM-FPGA cluster. 2017 IEEE Symposium on Computers and Communications (ISCC). :682–688.

Cooperation of software and hardware with hybrid architectures, such as Xilinx Zynq SoC combining ARM CPU and FPGA fabric, is a high-performance and low-power platform for accelerating RSA Algorithm. This paper adopts the none-subtraction Montgomery algorithm and the Chinese Remainder Theorem (CRT) to implement high-speed RSA processors, and deploys a 48-node cluster infrastructure based on Zynq SoC to achieve extremely high scalability and throughput of RSA computing. In this design, we use the ARM to implement node-to-node communication with the Message Passing Interface (MPI) while use the FPGA to handle complex calculation. Finally, the experimental results show that the overall performance is linear with the number of nodes. And the cluster achieves 6× 9× speedup against a multi-core desktop (Intel i7-3770) and comparable performance to a many-core server (288-core). In addition, we gain up to 2.5× energy efficiency compared to these two traditional platforms.

Yousefzadeh, Saba, Basharkhah, Katayoon, Nosrati, Nooshin, Sadeghi, Rezgar, Raik, Jaan, Jenihhin, Maksim, Navabi, Zainalabedin.  2019.  An Accelerator-based Architecture Utilizing an Efficient Memory Link for Modern Computational Requirements. 2019 IEEE East-West Design Test Symposium (EWDTS). :1—6.

Hardware implementation of many of today's applications such as those in automotive, telecommunication, bio, and security, require heavy repeated computations, and concurrency in the execution of these computations. These requirements are not easily satisfied by existing embedded systems. This paper proposes an embedded system architecture that is enhanced by an array of accelerators, and a bussing system that enables concurrency in operation of accelerators. This architecture is statically configurable to configure it for performing a specific application. The embedded system architecture and architecture of the configurable accelerators are discussed in this paper. A case study examines an automotive application running on our proposed system.

Oharada, Kazuya, Shizuki, Buntarou, Takahashi, Shin.  2017.  AccelTag: A Passive Smart ID Tag with Acceleration Sensor for Interactive Applications. Adjunct Publication of the 30th Annual ACM Symposium on User Interface Software and Technology. :63–64.

There are many everyday situations in which users need to enter their user identification (user ID), such as logging in to computer systems and entering secure offices. In such situations, contactless passive IC cards are convenient because users can input their user ID simply by passing the card over a reader. However, these cards cannot be used for successive interactions. To address this issue, we propose AccelTag, a contactless IC card equipped with an acceleration sensor and a liquid crystal display (LCD). AccelTag utilizes high-function RFID technology so that the acceleration sensor and the LCD can also be driven by a wireless power supply. With its built-in acceleration sensor, AccelTag can acquire its direction and movement when it is waved over the reader. We demonstrate several applications using AccelTag, such as displaying several types of information in the card depending on the user's requirements.

Yi, Zhuo, Du, Xuehui, Liao, Ying, Lu, Xin.  2019.  An Access Authentication Algorithm Based on a Hierarchical Identity-Based Signature over Lattice for the Space-Ground Integrated Network. 2019 International Conference on Advanced Communication Technologies and Networking (CommNet). :1–9.

Access authentication is a key technology to identify the legitimacy of mobile users when accessing the space-ground integrated networks (SGIN). A hierarchical identity-based signature over lattice (L-HIBS) based mobile access authentication mechanism is proposed to settle the insufficiencies of existing access authentication methods in SGIN such as high computational complexity, large authentication delay and no-resistance to quantum attack. Firstly, the idea of hierarchical identity-based cryptography is introduced according to hierarchical distribution of nodes in SGIN, and a hierarchical access authentication architecture is built. Secondly, a new L-HIBS scheme is constructed based on the Small Integer Solution (SIS) problem to support the hierarchical identity-based cryptography. Thirdly, a mobile access authentication protocol that supports bidirectional authentication and shared session key exchange is designed with the aforementioned L-HIBS scheme. Results of theoretical analysis and simulation experiments suggest that the L-HIBS scheme possesses strong unforgeability of selecting identity and adaptive selection messages under the standard security model, and the authentication protocol has smaller computational overhead and shorter private keys and shorter signature compared to given baseline protocols.

Tan, Gaosheng, Zhang, Rui, Ma, Hui, Tao, Yang.  2017.  Access Control Encryption Based on LWE. Proceedings of the 4th ACM International Workshop on ASIA Public-Key Cryptography. :43–50.

Damgard et al. proposed a new primitive called access control encryption (ACE) [6] which not only protects the privacy of the message, but also controls the ability of the sender to send the message. We will give a new construction based on the Learning with Error (LWE) assumption [12], which is one of the two open problems in [6]. Although there are many public key encryption schemes based on LWE and supporting homomorphic operations. We find that not every scheme can be used to build ACE. In order to keep the security and correctness of ACE, the random constant chosen by the sanitizer should satisfy stricter condition. We also give a different security proof of ACE based on LWE from it based on DDH. We will see that although the modulus of LWE should be super-polynomial, the ACE scheme is still as secure as the general public key encryption scheme based on the lattice [5].

Guo, Hao, Li, Wanxin, Nejad, Mark, Shen, Chien-Chung.  2019.  Access Control for Electronic Health Records with Hybrid Blockchain-Edge Architecture. 2019 IEEE International Conference on Blockchain (Blockchain). :44–51.
The global Electronic Health Record (EHR) market is growing dramatically and expected to reach \$39.7 billions by 2022. To safe-guard security and privacy of EHR, access control is an essential mechanism for managing EHR data. This paper proposes a hybrid architecture to facilitate access control of EHR data by using both blockchain and edge node. Within the architecture, a blockchain-based controller manages identity and access control policies and serves as a tamper-proof log of access events. In addition, off-chain edge nodes store the EHR data and apply policies specified in Abbreviated Language For Authorization (ALFA) to enforce attribute-based access control on EHR data in collaboration with the blockchain-based access control logs. We evaluate the proposed hybrid architecture by utilizing Hyperledger Composer Fabric blockchain to measure the performance of executing smart contracts and ACL policies in terms of transaction processing time and response time against unauthorized data retrieval.