Showing total 661 results

1. Does additional audio really work? A study on users' cognitive behavior with audio-visual dual-channel in panoramic digital museum

Author

He, Xiaoyang and Wu, Dan

Subjects

Cognition, Museums -- User statistics, Business, Computers and office automation industries, Library and information science

Abstract

Keywords Panoramic roaming; Digital museum; Audio-visual channel; Cognitive load; Eye-tracking Highlights * Eye-tracking, WP scale, Personal Meaning Map, and knowledge tests were jointly used to investigate the impact of the inclusion of the audio channel on user cognition in the panoramic digital museums. * The adoption of dual-channel audio-visual interaction increases the overall cognitive load on users. * Adding an audio channel has no positive effect on learning outcomes. * Suggestions are proposed to museum practitioners and platform developers. Abstract Multi-channel human-computer interaction offers a new perspective for optimization research in the digital museum, though there is no empirical evidence on how these factors affect cognition. This paper conducted a controlled experiment using the audio guide as a breakthrough point, aiming to determine the cognitive changes before and after the audio-visual dual-channel interaction. The results demonstrate that adding the auditory channel brought more cognitive load but not better cognitive outcomes. This paper evaluated the reasons behind it and noted that designing channels based solely on technical feasibility is undesirable, with suggestions proposed for museum practitioners and platform developers. Author Affiliation: (a) School of Information Management, Wuhan University, Luojia Hill, 430072, Wuhan, China * Corresponding author. Article History: Received 18 October 2021; Revised 5 April 2023; Accepted 9 April 2023 Byline: Xiaoyang He, Dan Wu [woodan@whu.edu.cn] (*)

Published

2023

2. Extending the classical side-channel analysis framework to access-driven cache attacks

Author

Guo, Pengfei, Yan, Yingjian, Zhang, Fan, Zhu, Chunsheng, Zhang, Lichao, and Dai, Zibin

Subjects

Information science -- Analysis, Noise control -- Analysis, Business, Computers and office automation industries

Abstract

Keywords Classical side-channel analysis framework; Access-driven cache attacks; Difference of means-based analysis; Vector distance-based analysis; Mutual information-based analysis; Guessing entropy Abstract Cryptographic devices are vulnerable to side-channel attacks, which have attracted broad attention in the hardware security field. The side-channel analysis framework proposed at Eurocrypt 2009 has been widely adopted in academia, containing key elements such as points of interest, leakage models, distinguishers, and security metrics. This classical framework, however, is not intuitively compatible with recent micro-architectural attacks such as cache attacks, therefore, few attempts have been made to link them. In this paper, we extend the classical side-channel analysis framework and migrate its ideas to access-driven cache attacks. We find that cache attacks can be effectively incorporated into this framework. Specifically, we propose a leakage model called cache access pattern vector according to the cache timing leakage characteristics. Furthermore, we propose data preprocessing schemes such as noise reduction, dimensionality reduction, and vector expansion to implement efficient attacks. Subsequently, we proposed seven distinguishers in three categories: difference of means-based analysis, vector distance-based analysis, and mutual information-based analysis. Moreover, we attacked the last round of the AES fast software implementation algorithm based on the Chipyard platform. According to the experimental results, all proposed methods can successfully extract the key, and five of them are comparable to mainstream cache analysis in attack efficiency. Finally, we evaluate the five efficient distinguishers under three different cache micro-architectures using guessing entropy. Based on the experimental environment of this paper, vector distance-based distinguishers have the best attack efficiency, and the difference of mean-based analysis has the worst. Surprisingly, the most general mutual information-based attacks can achieve excellent medium results in a few attack rounds without the help of static analysis tools. Meanwhile, the experimental results demonstrate that cache micro-architecture directly impacts the attack effect, in which the smaller cache line size benefits the attacks, while the random replacement policy increases the noise and difficulty of the attacks. Author Affiliation: (a) College of Cryptography Engineering, Information Engineering University, Zhengzhou 450001, China (b) College of Information Science and Electronic Engineering, Zhejiang University, Hangzhou 310027, China (c) College of Cyber Science and Technology, Zhejiang University, Hangzhou 310027, China * Corresponding author at: College of Cryptography Engineering, Information Engineering University, No. 62, Science Avenue, High-Tech Zone, Zhengzhou 450001, China. Article History: Received 8 October 2022; Revised 17 March 2023; Accepted 7 April 2023 Byline: Pengfei Guo [pfguo_hit@126.com] (a,b,*), Yingjian Yan (a), Fan Zhang (c), Chunsheng Zhu (a), Lichao Zhang (a), Zibin Dai (a)

Published

2023

3. A survey on the (in)security of trusted execution environments

Author

Muñoz, Antonio, Ríos, Ruben, Román, Rodrigo, and López, Javier

Subjects

Business, Computers and office automation industries

Abstract

Keywords Computer security; Secure hardware; Trusted execution environments; Hardware attacks; Software attacks; Side-channel attacks Abstract As the number of security and privacy attacks continue to grow around the world, there is an ever increasing need to protect our personal devices. As a matter of fact, more and more manufactures are relying on Trusted Execution Environments (TEEs) to shield their devices. In particular, ARM TrustZone (TZ) is being widely used in numerous embedded devices, especially smartphones, and this technology is the basis for secure solutions both in industry and academia. However, as shown in this paper, TEE is not bullet-proof and it has been successfully attacked numerous times and in very different ways. To raise awareness among potential stakeholders interested in this technology, this paper provides an extensive analysis and categorization of existing vulnerabilities in TEEs and highlights the design flaws that led to them. The presented vulnerabilities, which are not only extracted from existing literature but also from publicly available exploits and databases, are accompanied by some effective countermeasures to reduce the likelihood of new attacks. The paper ends with some appealing challenges and open issues. Author Affiliation: Network, Information and Computer Security (NICS) Lab, University of Malaga, Spain * Corresponding author. Article History: Received 16 November 2022; Revised 4 February 2023; Accepted 9 March 2023 Byline: Antonio Muñoz [amunoz@lcc.uma.es] (*), Ruben Ríos [ruben@lcc.uma.es], Rodrigo Román [roman@lcc.uma.es], Javier López [jlm@lcc.uma.es]

Published

2023

4. Full-stack vulnerability analysis of the cloud-native platform

Author

Zeng, Qingyang, Kavousi, Mohammad, Luo, Yinhong, Jin, Ling, and Chen, Yan

Subjects

Systems and data security software, Container industry, Containers, Cloud computing, Virtualization, Security systems, Systems/data security software, Business, Computers and office automation industries

Abstract

Keywords Cloud-native security; Container security; Vulnerability; Docker; Kubernetes; Istio; CNI Abstract Cloud-native systems have recently emerged as one of the most popular platforms for application development, providing lightweight virtualization, simplified DevOps procedures, scaling, resource efficiency, monitoring, and more. The typical cloud-native system may include containers, container orchestrators, and service meshes. However, a number of attacks exploit vulnerabilities in different components, leading the attacker to gain control over the cloud-native system. In this paper, we collect, classify, exploit, and mitigate vulnerabilities of different components. Firstly, we choose Docker, Kubernetes, and Istio as the most popular cloud technologies and give each an overview. Secondly, we give an in-depth analysis of the vulnerabilities. We collect cloud-native vulnerabilities over the past five years and propose two classifications of those vulnerabilities. One is based on the architecture of the component, and the other is based on the attack enabled. We exploit vulnerabilities that enable us to discover some insightful findings and provide mitigation solutions. Third, we analyze 15 open-source security tools provided for the cloud-native environment. We argue that among all these security tools, none of them covers all features which we will discuss in this paper. We believe that our analysis of cloud security vulnerabilities and open-source security tools can benefit the security of the cloud-native ecosystem. Author Affiliation: (a) Zhejiang University, China (b) Northwestern University, USA * Corresponding author. Article History: Received 23 May 2022; Revised 22 February 2023; Accepted 2 March 2023 Byline: Qingyang Zeng [qyzeng@zju.edu.cn] (a), Mohammad Kavousi [kavousi@u.northwestern.edu] (b), Yinhong Luo [22021181@zju.edu.cn] (a), Ling Jin [ljin1995@zju.edu.cn] (a), Yan Chen [ychen@northwestern.edu] (*,b)

Published

2023

5. A lightweight encrypted deduplication scheme supporting backup

Author

Wu, Xinyan, Wang, Huanwei, Yuan, Yangkai, and Li, Fagen

Subjects

Investment analysis -- Analysis, Computer science -- Analysis, Security management -- Analysis, Business, Computers and office automation industries

Abstract

Keywords Ciphertext backup; Convergent encryption; Ownership modification; User revocation Abstract Data deduplication technology is frequently used by many cloud service providers to handle the exponential growth in data. To protect their data privacy, users frequently encrypt their data before uploading it to a cloud storage provider. Therefore, efficient encrypted deduplication technology has been widely studied. Although cloud storage provides convenience for users, it also has the problem of high data concentration. Once an accident occurs in the data center, the impact is enormous. Therefore, it is necessary to back up the ciphertext data after deduplication. In this paper, we propose an efficient encrypted data deduplication technology that supports backup. Our scheme uses a one-way hash chain to verify the legitimacy of a user's identity. It updates the user's ownership of the data using the user's index table. In this paper, we use the XOR operation to re-encrypt data to obtain backup ciphertext, reducing computational complexity. In LEDB, the user can extract the key from the data label. Therefore, the user does not need to manage the key separately. In addition, LEDB supports a two-level deduplication mechanism, which can not only ensure transmission security but also reduce network transmission bandwidth. Finally, LEDB allows the user to determine the integrity of the data before decrypting the ciphertext. Security analysis and experimental results show that our scheme is secure and efficient for data encryption and decryption. Author Affiliation: (a) School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu 611731, China (b) Information Engineering University, Zhengzhou 450001, China * Corresponding author. Article History: Received 8 December 2022; Revised 26 February 2023; Accepted 11 March 2023 Byline: Xinyan Wu (a), Huanwei Wang (b), Yangkai Yuan (a), Fagen Li [fagenli@uestc.edu.cn] (a,*)

Published

2023

6. A survey on cybersecurity attacks and defenses for unmanned aerial systems

Author

Wang, Zhaoxuan, Li, Yang, Wu, Shihao, Zhou, Yuan, Yang, Libin, Xu, Yuan, Zhang, Tianwei, and Pan, Quan

Subjects

Data security -- Surveys, Public software -- Surveys, Internet -- Safety and security measures, Cyberterrorism -- Surveys, Computer science -- Surveys, Military electronics industry -- Surveys, Internet security, Data security issue, Open source software, Business, Computers and office automation industries

Abstract

Keywords UAS; Cybersecurity; Threat assessment; Software security; Artificial intelligence Abstract In recent years, unmanned aerial systems (UAS) have been widely used in both military and civilian fields. However, their open-source software and protocols have made their security vulnerable, resulting in a growing number of cybersecurity issues. This paper provides a comprehensive review of UAS cybersecurity research, with a focus on attack and defense technologies. Regarding UAS being a system that integrates software and hardware and can work independently with complex tasks, this paper analyzes the UAS architecture and classifies security threats into four categories: communication network security, software security, payload security, and intelligent security. Additionally, it provides an overview of existing threat assessment methods. This paper also highlights representative research progress in UAS cyberattacks and defense technologies in the four identified categories. Finally, this paper examines the current research status and future prospects of UAS cybersecurity. Author Affiliation: (a) School of Cybersecurity, Northwestern Polytechnical University, Xi'an 710129, China (b) School of Automation, Northwestern Polytechnical University, Xi'an 710129, China (c) School of Computer Science and Engineering, Nanyang Technological University, Singapore, 639798, Singapore * Corresponding author. Article History: Received 18 December 2022; Revised 12 March 2023; Accepted 29 March 2023 (footnote)[white star] This research is supported by the National Natural Science Foundation of China (No. 62103330, No. 62233014, No. 62203358), and the Fundamental Research Funds for the Central Universities of China (3102021ZDHQD09). Byline: Zhaoxuan Wang [zxwang@mail.nwpu.edu.cn] (a), Yang Li [liyangnpu@nwpu.edu.cn] (b,*), Shihao Wu [wshnpu@mail.nwpu.edu.cn] (b), Yuan Zhou [y.zhou@ntu.edu.sg] (c), Libin Yang [libiny@nwpu.edu.cn] (a), Yuan Xu [xu.yuan@ntu.edu.sg] (c), Tianwei Zhang [tianwei.zhang@ntu.edu.sg] (c), Quan Pan [quanpan@nwpu.edu.cn] (b)

Published

2023

7. Fully homomorphic encryption-based privacy-preserving scheme for cross edge blockchain network

Author

Ma, Zhaofeng, Wang, Jingyu, Gai, Keke, Duan, Pengfei, Zhang, Yuqing, and Luo, Shoushan

Subjects

Privacy -- Analysis -- Usage, Algorithms -- Analysis -- Usage, Algorithm, Privacy issue, Business, Computers and office automation industries

Abstract

Keywords Fully homomorphic encryption; Cross blockchain; Privacy-preserving; Edge computing Abstract The growing development of blockchain technology has led to the emergence of blockchain applications for various fields. One significant use of blockchain technology is the edge blockchain network, which is a blockchain network made up of connected edge computer nodes. However, on-chain privacy data leaking is a concern on the present edge blockchain network. The demand for collaborative interaction amongst edge computing nodes in many domains is growing more critical as the Internet of Things continues to evolve. In this paper, we propose a data privacy-preserving scheme for cross edge blockchain network, which uses the privacy protection technology of fully homomorphic encryption to encrypt the data on the chain to ensure the 'available and invisible' of the on-chain privacy data. First of all, this paper designs a cross edge blockchain model and give details of the interaction and privacy computing process in the cross edge blockchain. a distributed private key sharing scheme is designed in this work to provide the relay chain's auditable functionality. Subsequently, we describe the security of the scheme in detail. Finally, we implement this scheme using the CKKS algorithm. Through simulation experiments, we evaluate the performance of the instantiation process of the scheme. The test results manifest that the proposed scheme has excellent practicability and security. Author Affiliation: (a) School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China (b) School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing 100876, China * Corresponding author. Article History: Received 5 June 2022; Revised 1 September 2022; Accepted 2 November 2022 (footnote)[white star] The research work is supported by Beijing Natural Science Foundation, China (Grant No. M21034) and the National Key Research and Development Plan in China (Grant No. 2020YFB1005500). Byline: Zhaofeng Ma (a), Jingyu Wang (a), Keke Gai [gaikeke@bit.edu.cn] (b,*), Pengfei Duan (a), Yuqing Zhang (a), Shoushan Luo (a)

Published

2023

8. CKDAN: Content and keystroke dual attention networks with pre-trained models for continuous authentication

Author

Yang, Haitian, Meng, Xiang, Zhao, Xuan, Wang, Yan, Liu, Yuejun, Kang, Xiaoyu, Shen, Jiahui, and Huang, Weiqing

Subjects

Identification cards -- Analysis, Biometry -- Analysis, Business, Computers and office automation industries

Abstract

Keywords User authentication; Roberta; Keystroke dynamics; Continuous authentication; Attention network Abstract With the rapid development of digitalization, information security becomes more and more important. User authentication is a significant line of defense. During the past few years, many research works concentrating on user authentication have been published. Traditional authentication techniques (password, ID card-based authentication, or other biometrics like fingerprint or iris) basically fall into the category of one-time authentication. The disadvantage of these methods is that once an unknown user completes an authentication through forgery, the system would continue to operate without any resistance, thus putting the entire system at risk. Recently, due to the prevalence of deep learning techniques, some researchers have applied learning-based models to user authentication. However, almost all existing methods only focus on keystroke dynamics while ignoring the 'text' entered by users during keystrokes. In this paper, we propose contents and keystroke dual attention networks with pre-trained models for continuous authentication. To the best of our knowledge, our paper is the first to address user-inputted 'text' during keystrokes as an important asset beyond traditional characteristic keystroke dynamics. Specifically, we use the well-known pre-trained RoBERTa model to capture textual features. Then, we pass textual features and conventional features through our proposed dual attention networks. Our networks fuse these features and acquire final representations. Experiments show that the CKDAN model achieves state-of-the-art performance on two datasets, Clarkson II keystroke dataset and Buffalo dataset, outperforming all baseline methods. Author Affiliation: (a) Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China (b) School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China (c) York University, Ontario, Canada (d) Jiangnan University, Wuxi, China * Corresponding author. Article History: Received 22 July 2022; Revised 18 February 2023; Accepted 21 February 2023 Byline: Haitian Yang [yanghaitian@iie.ac.cn] (a,b), Xiang Meng [mengxiang@iie.ac.cn] (b,*), Xuan Zhao [xuanzhao@eecs.yorku.ca] (c), Yan Wang [wangyan@iie.ac.cn] (a), Yuejun Liu [liuyuejun@jndxrwxy.wecom.work] (d), Xiaoyu Kang [kangxiaoyu@iie.ac.cn] (a), Jiahui Shen [shenjiahui@iie.ac.cn] (a), Weiqing Huang [huangweiqing@iie.ac.cn] (a,b)

Published

2023

9. A comparative risk analysis on CyberShip system with STPA-Sec, STRIDE and CORAS

Author

Sahay, Rishikesh, Estay, D.A. Sepulveda, Meng, Weizhi, Jensen, Christian D., and Barfod, Michael Bruhn

Subjects

Investment analysis -- Usage, Risk assessment -- Usage -- Comparative analysis, Cyberterrorism -- Comparative analysis -- Usage, Business, Computers and office automation industries

Abstract

Keywords Cyber ship; Cyber physical systems (CPS); STPA; Cyber risk assessment; STRIDE; CORAS Abstract The widespread use of software-intensive cyber systems in critical infrastructures such as ships (CyberShips) has brought huge benefits, yet it has also opened new avenues for cyber attacks to potentially disrupt operations. Cyber risk assessment plays a vital role in identifying cyber threats and vulnerabilities that can be exploited to compromise cyber systems. Understanding the nature of cyber threats and their potential risks and impact is essential to improve the security and resilience of cyber systems, and to build systems that are secure by design and better prepared to detect and mitigate cyber attacks. A number of methodologies have been proposed to carry out these analyses. This paper evaluates and compares the application of three risk assessment methodologies: system theoretic process analysis (STPA-Sec), STRIDE and CORAS for identifying threats and vulnerabilities in a CyberShip system. We specifically selected these three methodologies because they identify threats not only at the component level, but also threats or hazards caused due to the interaction between components, resulting in sets of threats identified with each methodology and relevant differences. Moreover, STPA-Sec, which is a variant of the STPA, is widely used for safety and security analysis of cyber physical systems (CPS); CORAS offers a framework to perform cyber risk assessment in a top-down approach that aligns with STPA-Sec; and STRIDE (Spoofing, Tampering, Repudiation,Information disclosure, Denial of Service, Elevation of Privilege) considers threat at the component level as well as during the interaction that is similar to STPA-Sec. As a result of this analysis, this paper highlights the pros and cons of these methodologies, illustrates areas of special applicability, and suggests that their complementary use as threats identified through STRIDE can be used as an input to CORAS and STPA-Sec to make these methods more structured. Author Affiliation: (a) Business Management Department, Oregon Institute of Technology, Klamath Falls, OR 97601, United states (b) Digitalization Group, Rigshospitalet, Denmark (c) Department of Applied Mathematics & Computer Science, Technical University of Denmark, Kgs. Lyngby, DK-2800, Denmark (d) DTU Management Engineering, Technical University of Denmark, DK-2800, Kgs. Lyngby, Denmark * Corresponding author. Article History: Received 15 December 2022; Revised 13 February 2023; Accepted 8 March 2023 Byline: Rishikesh Sahay [rishikesh.sahay@oit.edu] (a), D.A. Sepulveda Estay [daniel.alberto.sepulveda.estay@regionh.dk] (b), Weizhi Meng [weme@dtu.dk] (*,c), Christian D. Jensen [cdje@dtu.dk] (c), Michael Bruhn Barfod [mbba@dtu.dk] (d)

Published

2023

10. DroidRL: Feature selection for android malware detection with reinforcement learning

Author

Wu, Yinwei, Li, Meijin, Zeng, Qi, Yang, Tao, Wang, Junfeng, Fang, Zhiyang, and Cheng, Luyu

Subjects

Natural language interfaces -- Rankings, Spyware, Computational linguistics -- Rankings, Language processing -- Rankings, Machine learning, Data mining, Computer science, Neural networks -- Rankings, Algorithms, Data warehousing/data mining, Neural network, Algorithm, Business, Computers and office automation industries

Abstract

Keywords Reinforcement learning; Android malware detection; Feature selection; RNN; Sequence processing Highlights * This paper applied reinforcement learning algorithms to the feature selection phase of Android malware detection, reducing the burden of feature selection tasks. * This paper adopts Natural Language Processing methods to tackle the feature selection methods. * This paper presented a modifiable framework that can be easily ported to other feature selection tasks for malware detection. Abstract Due to the completely open-source nature of Android, the exploitable vulnerability of malware attacks is increasing. Machine learning, leading to a great evolution in Android malware detection in recent years, is typically applied in the classification phase. Since the correlation between features is ignored in some traditional ranking-based feature selection algorithms, applying wrapper-based feature selection models is a topic worth investigating. Though considering the correlation between features, wrapper-based approaches are time-consuming for exploring all possible valid feature subsets when processing a large number of Android features. To reduce the computational expense of wrapper-based feature selection, a framework named DroidRL is proposed. The framework deploys DDQN algorithm to obtain a subset of features which can be used for effective malware classification. To select a valid subset of features over a larger range, the exploration-exploitation policy is applied in the model training phase. The recurrent neural network (RNN) is used as the decision network of DDQN to give the framework the ability to sequentially select features. Word embedding is applied for feature representation to enhance the framework's ability to find the semantic relevance of features. The framework's feature selection exhibits high performance without any human intervention and can be ported to other feature selection tasks with minor changes. The experiment results show a significant effect when using the Random Forest as DroidRL's classifier, which reaches 95.6% accuracy with only 24 features selected. Author Affiliation: (a) College of Software Engineering, Sichuan University, Chengdu, China (b) School of Cyber Science and Engineering, Sichuan University, Chengdu, China (c) College of Computer Science, Sichuan University, Chengdu, China (d) School of Business, Sichuan University, Chengdu, China * Corresponding author. Article History: Received 21 September 2022; Revised 21 December 2022; Accepted 26 January 2023 Byline: Yinwei Wu (a), Meijin Li (a), Qi Zeng (c), Tao Yang (c), Junfeng Wang (c), Zhiyang Fang [fangzhiyang@scu.edu.cn] (*,b), Luyu Cheng (d)

Published

2023

11. AIDTF: Adversarial training framework for network intrusion detection

Author

Xiong, Wen Ding, Luo, Kai Lun, and Li, Rui

Subjects

Detectors, Machine learning, Computer science, Business, Computers and office automation industries

Abstract

Keywords Cyberspace security; Intrusion detection; Adversarial training; Machine learning; Generative adversarial networks Abstract Network Intrusion Detection Systems (IDS) have achieved high accuracy by widely applying Machine Learning (ML) models. However, most current ML-based IDSs can not cope with targeted attacks from adversaries because they are commonly trained and tested using fixed data sets. In this paper, we propose an Adversarial Intrusion Detection Training Framework (AIDTF) to improve the robustness of IDSs, which consists of an attacker model a-model, a defender model d-model, and a black-box trainer t-module. Both the a-model and d-model are multilayer perceptrons, and the t-module is the module used to train IDSs. AIDTF improves the accuracy of IDS by using an adversarial training method, which is different from traditional training methods. Taking the distribution of normal samples in the dataset as the distribution that the a-model and d-model need to learn, the goal of the a-model is to generate samples that deceive the d-model, while the goal of the d-model is to determine whether the input samples are real samples, so there is an adversarial relationship between a-model and d-model. Different types of IDSs can be trained by the t-module using the samples generated from the confrontation between the a-model and the d-model, and we call this kind of IDS the Adversarial Training Intrusion Detection System (ATIDS). The main contribution of this paper is to propose a training method that is used to obtain an IDS with high accuracy not only for known test sets but also to identify unknown disguised attack samples. We tested different types of ATIDSs using the current mainstream attack methods, which include the Fast Gradient Method, Fast Gradient Sign Method, Projected Gradient Descent, and Jacobs Saliency Map Algorithm. The experimental results prove that AIDTF outperforms other adversarial training methods with not only higher accuracy for the test set but also up to a 99% recognition rate for the attack samples. Author Affiliation: (a) School of Computer Science and Technology, Dongguan University Of Technology, GuangDong, China (b) School of Cyberspace Security, Dongguan University Of Technology, GuangDong, China * Corresponding author. Article History: Received 11 October 2022; Revised 2 February 2023; Accepted 13 February 2023 Byline: Wen Ding Xiong [xiongwending@hotmail.com] (a), Kai Lun Luo [luokl@dgut.edu.cn] (b), Rui Li [ruili@dgut.edu.cn] (*,b)

Published

2023

12. Adversarial attacks against Windows PE malware detection: A survey of the state-of-the-art

Author

Ling, Xiang, Wu, Lingfei, Zhang, Jiangyu, Qu, Zhenqing, Deng, Wei, Chen, Xiang, Qian, Yaguan, Wu, Chunming, Ji, Shouling, Luo, Tianyue, Wu, Jingzheng, and Wu, Yanjun

Subjects

Natural language interfaces -- Surveys, Spyware -- Surveys, Computational linguistics -- Surveys, Language processing -- Surveys, Machine learning -- Surveys, Machine vision -- Surveys, Business, Computers and office automation industries

Abstract

Keywords Portable executable; Malware detection; Machine learning; Adversarial machine learning; Deep learning; Adversarial attack Abstract Malware has been one of the most damaging threats to computers that span across multiple operating systems and various file formats. To defend against ever-increasing and ever-evolving malware, tremendous efforts have been made to propose a variety of malware detection that attempt to effectively and efficiently detect malware so as to mitigate possible damages as early as possible. Recent studies have shown that, on the one hand, existing machine learning (ML) and deep learning (DL) techniques enable superior solutions in detecting newly emerging and previously unseen malware. However, on the other hand, ML and DL models are inherently vulnerable to adversarial attacks in the form of adversarial examples, which are maliciously generated by slightly and carefully perturbing the legitimate inputs to misbehave. Adversarial attacks are initially studied in the domain of computer vision like image classification, and then quickly extended to other domains, including natural language processing, audio recognition, and even malware detection. In this paper, we focus on malware with the file format of portable executable (PE) in the family of Windows operating systems, namely Windows PE malware, as a representative case to study the adversarial attack methods in such adversarial settings. To be specific, we start by first outlining the general learning framework of Windows PE malware detection based on ML/DL and subsequently highlighting three unique challenges of performing adversarial attacks in the context of Windows PE malware. Then, we conduct a comprehensive and systematic review to categorize the state-of-the-art adversarial attacks against PE malware detection, as well as corresponding defenses to increase the robustness of Windows PE malware detection. Finally, we conclude the paper by first presenting other related attacks against Windows PE malware detection beyond the adversarial attacks and then shedding light on future research directions and opportunities. Author Affiliation: (a) Institute of Software, Chinese Academy of Sciences, Beijing, 100190, Beijing, China (b) Pinterest,New York, 10018, NY, USA (c) Zhejiang University of Science and Technology, Hangzhou, 310023, Zhejiang, China (d) Zhejiang University, Hangzhou, 310027, Zhejiang, China * Corresponding authors. Article History: Received 9 October 2022; Revised 19 December 2022; Accepted 4 February 2023 Byline: Xiang Ling [lingxiang@iscas.ac.cn] (a), Lingfei Wu [lwu@email.wm.edu] (b), Jiangyu Zhang [zhangjiangyu@zju.edu.cn] (d), Zhenqing Qu [quzhenqing@zju.edu.cn] (d), Wei Deng [dengwei@zju.edu.cn] (d), Xiang Chen [wasdnsxchen@gmail.com] (d), Yaguan Qian [qianyaguan@zust.edu.cn] (c), Chunming Wu [wuchunming@zju.edu.cn] (d), Shouling Ji [sji@zju.edu.cn] (d), Tianyue Luo [tianyue@iscas.ac.cn] (a), Jingzheng Wu [jingzheng08@iscas.ac.cn] (*,a), Yanjun Wu [yanjun@iscas.ac.cn] (*,a)

Published

2023

13. SoK: Run-time security for cloud microservices. Are we there yet?

Author

Minna, Francesco and Massacci, Fabio

Subjects

Cloud computing -- Analysis -- Safety and security measures, Digital libraries -- Safety and security measures -- Analysis, Business, Computers and office automation industries

Abstract

Keywords Survey; Microservices; Containers; Security; Cloud Abstract The adoption of microservice architecture is rapidly growing, involving industries of every size. Their ability to scale and reconstitute complex functionalities into small, cohesive, and interconnected components (the microservices), and their limited use of isolation contribute to this success. Unfortunately but unsurprisingly, these very factors enlarge the attack surface and increase the security risks of today's deployments. In this study, we performed a systematization of knowledge about the run-time security of microservices. Starting from a keyword search, we initially reviewed 807 papers available in digital libraries (e.g., Google Scholar and Scopus), which we filtered down to 48 by applying a number of selection criteria (e.g., the presence of a proof-of-concept implementation). We also considered over 30 industry tools that offer various security services for microservices. We categorized both papers and tools and highlighted areas where research is abundant, where it is lacking, and where it is misleading. We conclude that the run-time security of microservices is still in its infancy and we supplement our analyses with insights into addressing the key challenges. Author Affiliation: (a) Vrije Universiteit Amsterdam, Netherlands (b) University of Trento, Italy * Corresponding author. Article History: Received 11 September 2022; Revised 19 December 2022; Accepted 22 January 2023 (footnote)[white star] This work has received funding from the European Union under the H2020 grant 952647 (AssureMOSS). Byline: Francesco Minna [f.minna@vu.nl] (*,a), Fabio Massacci [fabio.massacci@ieee.org] (a,b)

Published

2023

14. A comprehensive study of DDoS attacks over IoT network and their countermeasures

Author

Kumari, Pooja and Jain, Ankit Kumar

Subjects

Confidential communications -- Analysis, Denial of service attacks -- Analysis, Machine learning -- Analysis, Zombies -- Analysis, Business, Computers and office automation industries

Abstract

Keywords Internet of things; DDoS attack; Botnet; Machine learning; Software defined network Abstract IoT offers capabilities to gather information from digital devices, infer from their results, and maintain and optimize these devices in different domains. IoT is heterogeneous in nature, which makes it prone to various security threats like confidentiality and integrity breaches, lack of availability of resources, trust issues, etc. The security concerns lead to different attacks over the system, and the Distributed Denial of Services (DDoS) bout is growing generously. DDoS is an assault that targets the availability of resources and servers of a network by flooding the communication medium from distinct locations by utilizing various IoT devices, which makes it harder to detect. Thus, analyzing and defending DDoS is a protruding field of research these days. The paper gives a thorough knowledge of DDoS over IoT. In this, we have critically analysed the existing DDoS variants, IoT Security issues, the execution of DDoS attempts, along with the exploitation of IoT devices and creation of them in Botnets or zombies. Moreover, the paper will also cover prevailing DDoS defense methodologies as well as their comparative analysis for ease of understanding. Author Affiliation: Computer Engineering Department, National Institute of Technology, Kurukshetra, India * Corresponding author. Article History: Received 4 January 2022; Revised 4 January 2023; Accepted 8 January 2023 Byline: Pooja Kumari [poojakumari.cse7@gmail.com] (*), Ankit Kumar Jain

Published

2023

15. Distributed query execution under access restrictions

Author

De Capitani di Vimercati, Sabrina, Foresti, Sara, Jajodia, Sushil, Livraga, Giovanni, Paraboschi, Stefano, and Samarati, Pierangela

Subjects

Business, Computers and office automation industries

Abstract

Keywords Distributed query execution; Controlled data sharing; Authorization model; Relation profile; Cloud computing Abstract The availability of a multitude of data sources has naturally increased the need for subjects to collaborate for supporting distributed computations that combine different data collections for their elaboration and analysis. Due to the quick pace at which datasets grow, often the authorities collecting and owning such datasets resort to external third parties (e.g., cloud providers) for their storage and management. Data under the control of different authorities are autonomously encrypted (using different encryption schemes and keys) for their external storage. This makes distributed computations combining these sources difficult to support. In this paper, we propose an approach enabling collaborative computations over data encrypted in storage, selectively involving also subjects that might not be authorized for accessing the data in plaintext when their collaboration is considered economically convenient. We also consider the possible adoption of trusted hardware components, to enable the evaluation of operations over plaintext data at non-fully trusted computational providers. The experimental results confirm the economic benefits that can be enabled by our proposal. Author Affiliation: (a) Università degli Studi di Milano Via Celoria 18, Milano 20133 MI, Italy (b) George Mason University, 10401 York River Road, Fairfax, VA, 22030-4422, USA (c) Università degli Studi di Bergamo, Viale Marconi 5, Dalmine 24044 BG, Italy * Corresponding author. Article History: Received 13 April 2022; Revised 4 August 2022; Accepted 6 December 2022 (footnote)[white star] A preliminary version of this paper appeared under the title 'Distributed query evaluation over encrypted data,' in Proc. of the 35th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2021), Calgary, Canada, July 19-20, 2021 (). Byline: Sabrina De Capitani di Vimercati [sabrina.decapitani@unimi.it] (*,a), Sara Foresti [sara.foresti@unimi.it] (a), Sushil Jajodia [jajodia@gmu.edu] (b), Giovanni Livraga [giovanni.livraga@unimi.it] (a), Stefano Paraboschi [parabosc@unibg.it] (c), Pierangela Samarati [pierangela.samarati@unimi.it] (*,a)

Published

2023

16. Do telecommunications prices depend on consumer engagement?

Author

Calzada, Joan, García-Mariñoso, Begoña, and Suárez, David

Subjects

Telecommunications services industry -- Prices and rates -- Analysis, Communications industry -- Prices and rates -- Analysis, Telecommunications services industry, Company pricing policy, Business, Computers and office automation industries, Economics, Library and information science

Abstract

Keywords Telecommunications; Consumer engagement; Retention offers; Behavior-based price discrimination Highlights * Telecommunications operators use behavior-base price discrimination strategies. * We analyze the effects of consumer engagement on prices in the Spanish telecommunications market. * Engaged consumers pay 9.4% less than unengaged consumers for their services. * The excess price paid by unengaged consumers increases as they contract premium television content. * The elderly are the more likely to be unengaged. Abstract This paper analyzes how customers' heterogeneous search and switching habits affect the prices paid for telecommunication services in a context in which operators use price discrimination strategies to retain their customers and attract those of their rivals. Drawing on a representative sample of Spanish households (N=3,113), we show that engaged consumers pay 9.4% less than completely unengaged consumers for their telecommunication services, after controlling for the characteristics of the bundle of services contracted. We also find that highly engaged consumers (i.e. those that have called their operator to obtain a better deal and who have switched to a different operator at least once) pay 13.6% less for their services than unengaged consumers, that consumers who have switched operator at least once pay 8.4% less, and that consumers who call their operator to request better conditions for their contracts pay 5.8% less. Finally, we show that the excess price paid by unengaged consumers increases as they contract more sophisticated services, such as premium television content and additional mobile lines. Author Affiliation: (a) Departament d'Economia and BEAT, Universitat de Barcelona, Spain (b) Department of Statistics and Knowledge Management, Comisión Nacional de los Mercados y la Competencia, Spain * Corresponding author. Article History: Received 25 March 2022; Revised 25 December 2022; Accepted 5 January 2023 (footnote) The opinions and analysis that appear in this paper are responsibility of the authors only and do not necessarily represent those of the CNMC. Joan Calzada acknowledges financial support from the Spanish Ministry of Science, Innovation and Universities (grant PID2021-128237OB-I00). Byline: Joan Calzada [calzada@ub.edu] (a,*), Begoña García-Mariñoso (b), David Suárez (b)

Published

2023

17. Understanding situation awareness in SOCs, a systematic literature review

Author

Ofte, Håvard Jakobsen and Katsikas, Sokratis

Subjects

Business, Computers and office automation industries

Abstract

Keywords Situation awareness; Security operations center; Cyber security; Human performance System performance Abstract Situation awareness is shown through human factors research to be a valuable construct to understand and improve how humans perform while operating complex systems in critical environments. Within cyber security one such environment is the Security Operations Center (SOC). With the increasing threat of hybrid warfare, knowledge about situation awareness within SOC environments, where human error or low performance may be detrimental, must be developed. This paper reports on the results of a Systematic Descriptive Literature Review of the current research on situation awareness within SOCs. The goal of the paper is to analyze how situation awareness is understood in the current research. To achieve this goal three aspects of understanding were addressed: Theoretical foundations; levels of conceptualization; and measurement of situation awareness. Theoretical foundations in the literature were assessed by how situation awareness was defined and the presence of references to theoretical models of SA. The results show a clear trend of basing the research on Endsley's three level situation awareness model; this model has been developed into a domain specific formulation called 'Cyber Situation Awareness'. Some parts of the literature, particularly in research aimed at developing tools for improving situation awareness, lack a theoretical foundation; some refer to alternative theoretical foundations of situation awareness like Stanton et al.'s Distributed Situation Awareness. Further, a balance between conceptualizations on the individual, group and system level has been identified. Within research aimed at developing tools for improving situation awareness there are some examples of specialized and precise measurements of situation awareness, but in general the research seems too reliant on indirect measures of situation awareness. The paper concludes with the proposition of connecting the systems-based theoretical perspective of distributed situation awareness into the research, utilizing a systems level conceptualization of situation awareness. This might prove to be a useful bridge between the human cognitive perspective of situation awareness and the development of the complex technical environment of critical importance that SOCs represent. Abbreviations HFR, Human Factors Research; SA, Situation Awareness; ISA, Individual Situation Awareness; DSA, Distributed Situation Awareness; SSA, Shared Situation Awareness; CSA, Cyber Situation Awareness Author Affiliation: Department of Information Security and Communication Technology, Norwegian University of Science and Technology, Gjøvik 2802, Norway * Corresponding author. Article History: Received 17 October 2022; Revised 12 December 2022; Accepted 15 December 2022 (footnote) This work was supported by the Research Council of Norway under Project nr 333900 'Situation awareness in virtual security operations centers' and Project nr 310105 'Norwegian Centre for Cyber Security in Critical Sectors (NORCICS)'. Byline: Håvard Jakobsen Ofte [havard.ofte@ntnu.no] (*), Sokratis Katsikas [sokratis.katsikas@ntnu.no]

Published

2023

18. The BH-mixed scheduling algorithm for DAG tasks with constrained deadlines

Author

Qiao, Jiaqing, Liu, Langyu, Guan, Fei, and Zheng, Wenbin

Subjects

Computer science -- Analysis, Algorithms -- Analysis, Algorithm, Business, Computers and office automation industries

Abstract

Keywords Real-time systems; Constrained deadlines; DAG tasks Abstract The development of real-time systems has stimulated studies of real-time scheduling algorithms and schedulability analysis methods for parallel tasks, whose number has increased from year to year. For parallel tasks that cannot be converted to sequential tasks, the existing scheduling strategies mostly use one scheduling strategy. From the experiment results when we use different scheduling strategies to schedule the same tasks, we can observe these strategies have advantages for tasks with specific parameter characteristics. We combine the strengths of three algorithms: the partitioned algorithm, the federated scheduling algorithm and the GFP algorithm. A BH-Mixed scheduling algorithm for directed acyclic graph tasks with constrained deadlines is proposed in this paper. We design a classification method according to the feature of these three algorithms. The tasks are divided into three groups and scheduled by the partitioned algorithm, the federated scheduling algorithm and the GFP algorithm respectively. Experimental results show that the BH-Mixed scheduling algorithm outperforms other algorithms tested in this paper. Author Affiliation: (a) School of Electronics and Information Engineering, Harbin Institute of Technology, China (b) Department of Computer Science and Technology, Northeast Forestry University, China * Corresponding authors. Article History: Received 12 March 2022; Revised 12 June 2022; Accepted 6 August 2022 Byline: Jiaqing Qiao [qiaojiaqing@hit.edu.cn] (a), Langyu Liu [20s105149@stu.hit.edu.cn] (a), Fei Guan [fei.guan@nefu.edu.cn] (b,*), Wenbin Zheng [zhengwenbin@hit.edu.cn] (a,*)

Published

2022

19. Efficient persistent memory file systems using virtual superpages with multi-level allocator

Author

Yang, Chaoshu, Yu, Zhiwang, Zhang, Runyu, Nie, Shun, Li, Hui, Chen, Xianzhang, Long, Linbo, and Liu, Duo

Subjects

Strategic planning (Business), Memory, Computer science, Business, Computers and office automation industries

Abstract

Keywords Persistent memory; Persistent memory file system; Virtual superpage; Space management strategy Abstract Emerging persistent memory file systems can significantly improve performance by utilizing the advantages of Persistent Memories (PMs). Especially, they can employ superpages of PMs to alleviate the overhead of locating file data and space management, reduce TLB misses rate. Unfortunately, file systems that organize file data using superpages also induce two critical problems. First, ensuring data consistency can cause severe write amplification during overwrite. Second, existing superpages management may lead to large space waste. In this paper, we propose a Virtual Superpage Mechanism (VSM) to solve the problems by taking advantages of virtual address space. In detail, VSM adopts multi-grained copy-on-write mechanism to reduce the write amplification and zero-copy file data migration mechanism to improve the space utilization efficiency. We implement the proposed VSM mechanism in Linux kernel. Compared with PMFS and NOVA, the state-of-the-art persistent memory file systems, the experimental results show that VSM improves the performance by 36% and 14% on average, respectively. Meanwhile, VSM can achieve the same space utilization efficiency of the file systems using 4 KB pages. Furthermore, we also propose a multi-level allocator, called VSMA, to further improve the performance of VSM. Experimental results show that the proposed VSMA outperforms VSM by 14% on average. Author Affiliation: (a) State Key Laboratory of Public Big Data, College of Computer Science and Technology, Guizhou University, Guiyang, China (b) College of Computer Science, Chongqing University, Chongqing, China (c) College of Computer Science and Technology, Chongqing University of Posts and Telecommunications, Chongqing, China * Corresponding author. Article History: Received 21 February 2022; Revised 19 May 2022; Accepted 18 June 2022 (footnote)[white star] A preliminary version of this paper has presented in the 2020 Design, Automation and Test in Europe Conference (DATE 2020). Byline: Chaoshu Yang (a), Zhiwang Yu (a), Runyu Zhang (b), Shun Nie (b), Hui Li (a), Xianzhang Chen (b), Linbo Long (c), Duo Liu [liuduo@cqu.edu.cn] (b,*)

Published

2022

20. Semantic Attribute-Based Access Control: A review on current status and future perspectives

Author

Arshad, Hamed, Johansen, Christian, and Owe, Olaf

Subjects

Business, Computers and office automation industries

Abstract

Keywords Access Control; Authorization; Semantic technologies; Attribute-Based Access Control; XACML; Semantic Attribute-Based Access Control Abstract Attribute-based access control (ABAC) uses the attributes of the involved entities (i.e., subject, object, action, and environment) to provide access control. Despite various advantages offered by ABAC, it is not the best fit for distributed and heterogeneous environments where the attributes of an entity may not necessarily match (syntactically) those used in the access control policies. Therefore, another type of access control called Semantic Attribute-Based Access Control (SABAC) has emerged that takes into account the semantics of attributes by combining ABAC with semantic technologies. SABAC not only facilitates interoperability but also enhances the expressiveness of access control policies. Over the last decade, a number of research efforts have been conducted in developing semantic attribute-based access control schemes. However, there exists no survey paper on SABAC schemes, giving an overview of the existing approaches. Hence, this paper comprehensively reviews the conducted research efforts for developing SABAC. The main goal of this paper is to provide a comprehensive summary of the conducted research studies that is useful for researchers who want to enter and make contributions to this field. Furthermore, the paper identifies open problems and possible research entry points by demonstrating the advantages and disadvantages of the previous studies. Author Affiliation: (a) University of Oslo, Norway (b) Norwegian University of Science and Technology, Norway * Corresponding author. Article History: Received 9 April 2022; Revised 23 May 2022; Accepted 13 June 2022 Byline: Hamed Arshad [hamedar@ifi.uio.no] (a,*), Christian Johansen [christian.johansen@ntnu.no] (b), Olaf Owe [olaf@ifi.uio.no] (a)

Published

2022

21. CREW: Computation reuse and efficient weight storage for hardware-accelerated MLPs and RNNs

Author

Riera, Marc, Arnau, José María, and González, Antonio

Subjects

Energy conservation -- Analysis, Energy efficiency -- Analysis, Computer storage device industry -- Analysis, Neural networks -- Analysis, Neural network, Business, Computers and office automation industries

Abstract

Keywords Machine learning; Deep neural networks; Computation reuse; Accelerators; Low energy Abstract Deep Neural Networks (DNNs) have achieved tremendous success for cognitive applications. The core operation in a DNN is the dot product between quantized inputs and weights. Prior works exploit the weight/input repetition that arises due to quantization to avoid redundant computations in Convolutional Neural Networks (CNNs). However, in this paper we show that their effectiveness is severely limited when applied to Fully-Connected (FC) layers, which are commonly used in state-of-the-art DNNs, as it is the case of modern Recurrent Neural Networks (RNNs) and Transformer models. To improve energy-efficiency of FC computation we present CREW, a hardware accelerator that implements Computation Reuse and an Efficient Weight Storage mechanism to exploit the large number of repeated weights in FC layers. CREW first performs the multiplications of the unique weights by their respective inputs and stores the results in an on-chip buffer. The storage requirements are modest due to the small number of unique weights and the relatively small size of the input compared to convolutional layers. Next, CREW computes each output by fetching and adding its required products. To this end, each weight is replaced offline by an index in the buffer of unique products. Indices are typically smaller than the quantized weights, since the number of unique weights for each input tends to be much lower than the range of quantized weights, which reduces storage and memory bandwidth requirements. Overall, CREW greatly reduces the number of multiplications and provides significant savings in model memory footprint and memory bandwidth usage. We evaluate CREW on a diverse set of modern DNNs. On average, CREW provides 2.61x speedup and 2.42x energy savings over a TPU-like accelerator. Compared to UCNN, a state-of-art computation reuse technique, CREW achieves 2.10x speedup and 2.08x energy savings on average. Author Affiliation: Universitat Politècnica de Catalunya (UPC), Barcelona, Spain * Corresponding author. Article History: Received 26 January 2022; Revised 29 April 2022; Accepted 31 May 2022 (footnote)[white star] New Paper, Not an Extension of a Conference Paper. Byline: Marc Riera [mriera@ac.upc.edu] (*), José María Arnau, Antonio González

Published

2022

22. Packet-in request redirection: A load-balancing mechanism for minimizing control plane response time in SDNs

Author

Xia, Rui, Dai, Haipeng, Zheng, Jiaqi, Xu, Hong, Li, Meng, and Chen, Guihai

Subjects

Computer science, Algorithms, Algorithm, Business, Computers and office automation industries

Abstract

Keywords Software defined networking (SDN); Distributed control plane; Load balancing; Lyapunov optimization; Approximation algorithm Abstract A distributed control plane is more scalable and robust in software defined networking. This paper focuses on controller load balancing using packet-in request redirection, that is, given the instantaneous state of the system, determining whether to redirect packet-in requests for each switch, such that the overall control plane response time (CPRT) is minimized. To address the above problem, we propose a framework based on Lyapunov optimization. First, we use the drift-plus-penalty algorithm to combine CPRT minimization problem with controller capacity constraints, and further derive a non-linear program, whose optimal solution is obtained with brute force using standard linearization techniques. Second, we present a greedy strategy to efficiently obtain a solution with a bounded approximation ratio. Third, we reformulate the program as a problem of maximizing a non-monotone submodular function subject to matroid constraints. We implement a controller prototype for packet-in request redirection, and conduct trace-driven simulations to validate our theoretical results. The results show that our algorithms can reduce the average CPRT by 81.6% compared to static assignment, and achieve a 3x improvement in maximum controller capacity violation ratio. Author Affiliation: (a) State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, 210023, China (b) Department of Computer Science and Engineering, Chinese University of Hong Kong, Shatin, Hong Kong Special Administrative Region of China * Corresponding authors. Article History: Received 16 February 2022; Revised 13 May 2022; Accepted 25 May 2022 (footnote)[white star] This paper is an extended version of work published in . This work was supported in part by the National Natural Science Foundation of China under Grant No. 61872178, 61832005, 61672276, 61872173, 61802172, in part by the Natural Science Foundation of Jiangsu Province, China under Grant No. BK20181251, in part by the Fundamental Research Funds for the Central Universities, China under Grant 021014380079, in part by funding from the Research Grants Council of Hong Kong (GRF 11209520) and from CUHK, Hong Kong Special Administrative Region of China (4937007, 4937008, 5501329, 5501517). Byline: Rui Xia [xiarui@smail.nju.edu.cn] (a), Haipeng Dai [haipengdai@nju.edu.cn] (a,*), Jiaqi Zheng [jzheng@nju.edu.cn] (a,*), Hong Xu [hongxu@cuhk.edu.hk] (b), Meng Li [menson@smail.nju.edu.cn] (a), Guihai Chen [gchen@nju.edu.cn] (a,*)

Published

2022

23. Algorithms and architecture support of degree-based quantization for graph neural networks

Author

Guo, Yilong, Chen, Yuxuan, Zou, Xiaofeng, Yang, Xulei, and Gu, Yuandong

Subjects

Protective clothing, Information science, Neural networks, Algorithms, Neural network, Algorithm, Business, Computers and office automation industries

Abstract

Keywords Graph neural networks; Degree-based quantization; Sensitive node; Protective mask Abstract Recently, graph neural networks (GNNs) have achieved excellent performance on many graph-related tasks. Existing typical GNNs follow the neighborhood aggregation strategy, which updates nodes' information by aggregating the feature of neighboring nodes. However, these hybrid execution patterns limit their deployment on resource-limited devices. Quantification is an effective technique for deep neural networks (DNNs) inference acceleration, but few studies have considered exploring suitable quantization algorithms for GNNs. In this paper, we propose a degree-based quantization (DBQ) that can identify sensitive nodes in the graph structure. The protective masks are used to ensure that sensitive nodes perform full-precision operations, and the remaining nodes are quantized. In this way, the effect of dynamically changing the precision is achieved to achieve greater acceleration while retaining better classification accuracy. To support DBQ and convert it into performance improvements, we design a new architecture. Elaborate pipelines and specialized optimizations effectively improve inference speed and accuracy. Compared to state-of-the-art GNN accelerators, DBQ gains on 2.4 x speedups and improves accuracy by 27.7%. Author Affiliation: (a) School of microelectronics, Shanghai University, Shanghai, 201899, China (b) College of Information Science and Engineering, Hunan University, Hunan, 410082, China (c) Electrical and Computer Engineering, National University of Singapore, Singapore, 119077, Singapore (d) Institute for Infocomm Research (I2R), A*STAR, Singapore, 138632, Singapore (e) Shanghai University, Shanghai, 201899, China * Corresponding author. Article History: Received 31 December 2021; Revised 7 April 2022; Accepted 19 May 2022 (footnote)[white star] This document is the result of a research project funded by Shanghai University in China. (footnote)1 Yilong Guo and Yuxuan Chen contributed equally to this paper. Byline: Yilong Guo [wdz_gyl@shu.edu.cn] (a,1), Yuxuan Chen [chenyuxuan123@shu.edu.cn] (a,1), Xiaofeng Zou [zouxiaofeng@hnu.edu.cn] (b,c,*), Xulei Yang [yang_xulei@i2r.a-star.edu.sg] (d), Yuandong Gu [Alex.Gu@shu.edu.cn] (e)

Published

2022

24. Is your FPGA bitstream Hardware Trojan-free? Machine learning can provide an answer

Author

Palumbo, Alessandro, Cassano, Luca, Luzzi, Bruno, Hernández, José Alberto, Reviriego, Pedro, Bianchi, Giuseppe, and Ottavi, Marco

Subjects

Central processing units -- Analysis, Microprocessors -- Analysis, Digital integrated circuits -- Analysis, Spyware -- Analysis, Machine learning -- Analysis, Microprocessor, Microprocessor upgrade, Programmable logic array, Business, Computers and office automation industries

Abstract

Keywords CAD; Hardware security; Hardware Trojans; Machine learning; Microprocessors; RISC-V; SRAM-based FPGA Abstract Software exploitable Hardware Trojan Horses (HTHs) inserted into commercial CPUs allow the attacker to run his/her own software or to gain unauthorized privileges. Recently a novel menace raised: HTHs inserted by CAD tools. A consequence of such scenario is that HTHs must be considered a serious threat not only by academy but also by industry. In this paper we try to answer to the following question: can Machine Learning (ML) help designers of microprocessor softcores implemented onto SRAM-based FPGAs at detecting HTHs introduced by the employed CAD tool during the generation of the bitstream? We present a comparative analysis of the ability of several ML models at detecting the presence of HTHs in the bitstream by exploiting a previously performed characterization of the microprocessor softcore and an associated ML training. An experimental analysis has been carried out targeting the IBEX RISC-V microprocessor running a set of benchmark programs. A detailed comparison of multiple ML models is conducted, showing that many of them achieve accuracy above 98%, and [kappa] values above 0.97. By identifying the most effective ML models and the best features to be employed, this paper lays the foundation for the integration of a ML-based bitstream verification flow. Author Affiliation: (a) University of Rome Tor Vergata, Italy (b) Politecnico di Milano, Italy (c) Universidad Carlos III de Madrid, Spain (d) University of Twente, The Netherlands * Corresponding author. Article History: Received 4 November 2021; Revised 20 April 2022; Accepted 26 April 2022 Byline: Alessandro Palumbo [alessandro.palumbo@uniroma2.it] (a), Luca Cassano [luca.cassano@polimi.it] (b,*), Bruno Luzzi [bruno.luzzi@uniroma2.it] (a), José Alberto Hernández [jahgutie@it.uc3m.es] (c), Pedro Reviriego [revirieg@it.uc3m.es] (c), Giuseppe Bianchi [giuseppe.bianchi@uniroma2.it] (a), Marco Ottavi [m.ottavi@utwente.nl] (a,d)

Published

2022

25. Multiserver configuration for cloud service profit maximization in the presence of soft errors based on grouped grey wolf optimizer

Author

Cong, Peijin, Hou, Xiangpeng, Zou, Minhui, Dong, Jiangshan, Chen, Mingsong, and Zhou, Junlong

Subjects

Engineering schools -- Analysis, Cloud computing -- Analysis, Computer science -- Analysis, Business, Computers and office automation industries

Abstract

Keywords Cloud computing; Multiserver configuration; Deadline miss rate; Soft error reliability; Profit Abstract With the growing demand of cloud customers for computing resources, cloud computing has become more and more popular. As a pay-as-you-go model, cloud computing enables customers to use cloud services on demand anytime, anywhere over the Internet and it has become the backbone of modern economy. Obviously, profit maximization is especially important for cloud service providers (CSPs) in a competitive cloud service market. Extensive research papers have been conducted during the past few years for CSPs to optimize cloud service profit, whereas few of them considers the transient faults (resulting in soft errors) that may happen during service requests' execution and thus cause failed execution of these requests. In this paper, we study the multiserver configuration problem for cloud service profit maximization considering the deadline miss rate of service requests and the soft error reliability of the multiserver system. To solve the profit optimization problem, we first construct the models of multiserver system, deadline miss rate, and soft error reliability. Based on these models, we derive the models associated with cloud service revenue and cloud service costs. Then, we formulate the cloud service profit optimization problem and propose an effective grouped grey wolf optimizer (GWO)-based heuristic method that can determine the optimal multiserver configuration for a given customer demand to maximize cloud service profit. Experimental results show that the cloud service profit improvement achieved by our scheme can be up to 33.76% as compared with a state-of-the-art benchmark scheme. Author Affiliation: (a) School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, China (b) Shanghai AI Laboratory, Shanghai 200062, China (c) Ministry of Education Engineering Research Center of Software/Hardware Co-design Technology and Application, East China Normal University, Shanghai 200062, China (d) State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190, China (e) National Trusted Embedded Software Engineering Technology Research Center, East China Normal University, Shanghai 200062, China * Corresponding author at: School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, China. Article History: Received 20 December 2021; Revised 11 April 2022; Accepted 12 April 2022 (footnote)[white star] This work was supported in part by the National Key Research and Development Program of China under Grant 2018YFB2101300, the National Natural Science Foundation of China under Grants 62172224, 61802185 and 61872147, in part by the Natural Science Foundation of Jiangsu Province, China under Grants BK20180470 and BK20190447, in part by the China Postdoctoral Science Foundation under Grants BX2021128, 2021T140327 and 2020M680068, in part by the Postdoctoral Science Foundation of Jiangsu Province, China under Grant 2021K066A, in part by the Open Research Fund of the State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences under Grant CARCHA202105, in part by the Future Network Scientific Research Fund Project, China under Grant FNSRFP-2021-YB-6, and in part by the Open Research Fund of the National Trusted Embedded Software Engineering Technology Research Center (East China Normal University ). Byline: Peijin Cong (a), Xiangpeng Hou (a), Minhui Zou (a), Jiangshan Dong (b), Mingsong Chen (c), Junlong Zhou [jlzhou@njust.edu.cn] (a,d,e,*)

Published

2022

26. A regulatory control framework for decentrally governed DLT systems: Action design research

Author

Benedict, Gayan and Gill, Asif Qumer

Subjects

Business, Computers and office automation industries, Library and information science

Abstract

Keywords Blockchain; DLT; Decentralized governance; Regulation; Risk Abstract Although distributed ledger technology (DLT) systems seem to address conventional regulatory governance concerns, they also present systemic risks. This paper aims to address the risks of decentrally governed DLT systems. It achieves this by identifying regulatory controls that address the altered governance dynamics of decentralized systems. To address the research gap in DLT regulation, we co-designed regulatory control treatments with Australian regulatory DLT experts using a participatory action design research approach. This paper provides a theory-ingrained, practitioner-vetted framework to inform regulators, regulated entities and researchers of appropriate control responses to systemic and participant risks presented by decentrally governed DLT systems. Author Affiliation: University of Technology Sydney, Ultimo, NSW 2007, Australia * Corresponding author. Article History: Received 20 July 2020; Revised 14 October 2021; Accepted 17 October 2021 Byline: Gayan Benedict, Asif Qumer Gill (*)

Published

2022

27. Evaluation of Asian Countries using Data Center Security Index: A Spherical Fuzzy AHP-based EDAS Approach

Author

Özkan, Baris, Erdem, Mehmet, and Özceylan, Eren

Subjects

Data security -- Analysis, Decision-making -- Analysis, Data security issue, Business, Computers and office automation industries

Abstract

Keywords Asian countries; Data centre security index; EDAS; Evaluation; Spherical fuzzy AHP Abstract The motivation of this paper is to assess and compare Asia Pacific Accreditation Cooperation (APAC) countries' risk profiles that impact data centers' (DCs) effectiveness. Because of the importance of DCs, security to protect a DC from external threats and attacks is an issue to be addressed. However, the conflicted nature of the evaluation criteria (such as infrastructure, energy, natural, business, political, and legal risks) makes it difficult to assess the countries' profiles. The objective of this paper is to provide a systematic evaluation methodology using two different multi-criteria decision making (MCDM) approaches, namely spherical fuzzy analytical hierarchy process (SF-AHP) and EDAS (evaluation based on distance from average solution). While SF-AHP is preferred to prioritize the main and sub-criteria under imprecise decision making environment, EDAS is used to rank the countries' DC profiles embedding the obtained criteria weights. The results of the methods have been compared with the ranking results presented in the report called as Data Centre Security Index (DCSI) is published by Technology Research Project Corporate (TRPC). Consequently, Singapore, Hong Kong and New Zealand rank in the top three due to their high electrification rates and secure internet servers. Author Affiliation: (a) Department of Industrial Engineering, Ondokuz Mayis University, 55139, Samsun, Turkey (b) Department of Industrial Engineering, Gaziantep University, 27310, Gaziantep, Turkey * Corresponding author. Article History: Received 25 March 2022; Revised 26 July 2022; Accepted 25 August 2022 Byline: Baris Özkan (a), Mehmet Erdem (a), Eren Özceylan [erenozceylan@gmail.com] (b,*)

Published

2022

28. Automated city shuttles: Mapping the key challenges in cybersecurity, privacy and standards to future developments

Author

Benyahya, Meriem, Collen, Anastasija, Kechagia, Sotiria, and Nijdam, Niels Alexander

Subjects

Data security -- Analysis, Privacy -- Analysis, Sensors -- Standards -- Access control, Internet -- Safety and security measures, Cyberterrorism -- Analysis, Security management -- Analysis, Local transit -- Standards -- Access control, Internet security, Data security issue, Privacy issue, Business, Computers and office automation industries

Abstract

Keywords Automated city shuttles; Connected automated vehicles; Shared mobility; Cybersecurity; Data privacy Abstract The Automated City Shuttles (ACSs) aim to shape the future public transportation and provide more efficient and accessible mobility in smart cities. With the absence of a driver, such mini-busses process the sensors' inputs and exchanged data with other vehicles and intelligent transport systems to achieve a real time assimilation of its surroundings. Consequently, the technologies supporting the driverless functionalities ushered new cybersecurity risks and data privacy breaches. Unfortunately, several studies mostly focus on individual Connected-Automated Vehicles (CAV), though intrinsic underpinnings of the ACS's threat vectors remain unexplored. In the present paper, we considerably extend that investigation by proposing a comprehensive state of the art with farsighted analyses addressing security threats and data privacy concerns from both technical and legal perspectives to thwart potential attacks. Moreover, as existing approaches have not provided yet a clear road map about ACS's security standards, the present work sheds light on recent and up to date standards and standardisation bodies dealing with cybersecurity and privacy issues in the automated driving ecosystem. This paper presents an analysis debating the trade-off between maximising the ACS benefits and minimising the associated security vulnerabilities and attacks through an overview of technical and legal mitigation strategies. Author Affiliation: (a) Centre Universitaire d'Informatique, Geneva School of Economics and Management, University of Geneva, Geneva, Switzerland (b) Faculty of Law, University of Geneva, Geneva, Switzerland * Corresponding author. Article History: Received 29 July 2021; Revised 7 February 2022; Accepted 28 August 2022 Byline: Meriem Benyahya [meriem.benyahya@unige.ch] (*,a), Anastasija Collen [anastasija.collen@unige.ch] (a), Sotiria Kechagia [sotiria.kechagia@unige.ch] (b), Niels Alexander Nijdam [niels.nijdam@unige.ch] (a)

Published

2022

29. Web-tracking compliance: websites' level of confidence in the use of information-gathering technologies

Author

Martínez, David, Calle, Eusebi, Jové, Albert, and Pérez-Solà, Cristina

Subjects

Web sites -- Case studies -- Analysis -- Usage, Algorithms -- Case studies -- Analysis -- Usage, Information management -- Case studies -- Analysis -- Usage, Company Web site/Web page, Information accessibility, Algorithm, Business, Computers and office automation industries

Abstract

Keywords web tracking; cookies; web beacons; level of confidence; privacy; compliance Abstract With the emergence of new technologies and the generalized use of social media, corporations have an invested economic interest in employing web-tracking techniques, but there is also the issue of protecting users' privacy. In this field of research, only few articles introduce methods to evaluate website compliance in the use of current web-tracking techniques. Moreover, evaluating the level of compliance requires, in the majority of cases, manually implementing an extensive data analysis. In this paper, we present four new algorithms (CIA, CDA, BDA, and SCA) and a novel measure (WLoC) to evaluate user tracking compliance in websites and the level of confidence in the use of information-gathering technologies, by employing the recently published Website Evidence Collector (WEC) software from the European Data Protection Supervisor (EDPS). The paper also showcases a case study of the top 500 websites most visited by Alexa in Spain to evaluate the performance of the presented algorithms and metrics. Results reveal a novel procedure for obtaining categorized websites' compliance and confidence levels of a set of websites under the current European legislation, thus updating and enhancing some of the previous research work. Author Affiliation: (a) Institute of Informatics and Applications, Universitat de Girona, Girona, Spain (b) Universitat Oberta de Catalunya Spain (c) K-riptography and Information Security for Open Networks, IN3, Universitat Oberta de Catalunya Spain (d) CYBERCAT-Center for Cybersecurity Research of Catalonia Spain * Corresponding author. Article History: Received 2 February 2022; Revised 22 July 2022; Accepted 8 August 2022 Byline: David Martínez [david.martineza@udg.edu] (*,a), Eusebi Calle [eusebi.calle@udg.edu] (a), Albert Jové [ajove@uoc.edu] (b), Cristina Pérez-Solà [cperezsola@uoc.edu] (c,d)

Published

2022

30. A Taxonomy for Threat Actors' Persistence Techniques

Author

Villalón-Huerta, Antonio, Marco-Gisbert, Hector, and Ripoll-Ripoll, Ismael

Subjects

Spyware -- Methods -- Analysis, Actors -- Methods -- Analysis, Actresses -- Methods -- Analysis, Business, Computers and office automation industries

Abstract

Keywords TTP; Persistence; Advanced Persistent Threat; Malware; MITRE ATT&CK Abstract The main contribution of this paper is to provide an accurate taxonomy for Persistence techniques, which allows the detection of novel techniques and the identification of appropriate countermeasures. Persistence is a key tactic for advanced offensive cyber operations. The techniques that achieve persistence have been largely analyzed in particular environments, but there is no suitable platform--agnostic model to structure persistence techniques. This lack causes a serious problem in the modeling of activities of advanced threat actors, hindering both their detection and the implementation of countermeasures against their activities. In this paper we analyze previous work in this field and propose a novel taxonomy for persistence techniques based on persistence points, a key concept we introduce in our work as the basis for the proposed taxonomy. Our work will help analysts to identify, classify and detect compromises, significantly reducing the amount of effort needed for these tasks. It follows a logical structure that can be easy to expand and adapt, and it can be directly used in commonly accepted industry standards such as MITRE ATT&CK. Author Affiliation: (a) S2 Grupo, Ramiro de Maeztu 7, Valencia, 46022 Spain (b) Department of Computing Engineering, Universitat Politécnica de Valéncia, Camino de Vera s/n, Valencia,46022 Spain * Corresponding author. Article History: Received 18 March 2022; Revised 22 June 2022; Accepted 21 July 2022 Byline: Antonio Villalón-Huerta [antonio.villalon@s2grupo.es] (*,a), Hector Marco-Gisbert [iripoll@disca.upv.es] (b), Ismael Ripoll-Ripoll (b)

Published

2022

31. Comparative research on network intrusion detection methods based on machine learning

Author

Zhang, Chunying, Jia, Donghao, Wang, Liya, Wang, Wenjie, Liu, Fengchun, and Yang, Aimin

Subjects

Security software -- Comparative analysis -- Methods, Detectors -- Comparative analysis -- Methods, Machine learning -- Comparative analysis -- Methods, Neural networks -- Comparative analysis -- Methods, Data mining -- Comparative analysis -- Methods, Algorithms -- Methods -- Comparative analysis, Military electronics industry -- Comparative analysis -- Methods, Network security software, Data warehousing/data mining, Neural network, Algorithm, Business, Computers and office automation industries

Abstract

Keywords Network intrusion detection; Machine learning; Deep learning; Comparative experiment Abstract Network intrusion detection system is an essential part of network security research. It detects intrusion behaviors through active defense technology and takes emergency measures such as alerting and terminating intrusions. With the rapid development of machine learning technology, more and more researchers apply machine learning algorithms to network intrusion detection to improve detection efficiency and accuracy. Due to the different principles of various algorithms, they also have their advantages and disadvantages. To construct the dominant algorithm model in the field of network intrusion detection and provide the accuracy value, this paper systematically combs the application literature of machine learning algorithms in intrusion detection in the past ten years. A review is made from three categories: traditional machine learning, ensemble learning, and deep learning. Then, this paper selects the KDD CUP99 and NSL-KDD datasets to conduct comparative experiments on decision trees, Naive Bayes, support vector machines, random forests, XGBoost, convolutional neural networks, and recurrent neural networks. The detection accuracy, F1, AUC, and other indicators of these algorithms on different data sets are compared. The experimental results show that the effect of the ensemble learning algorithm is generally better. The Naive Bayes algorithm has low accuracy in recognizing the learned data, but it has obvious advantages when facing new types of attacks, and the training speed is faster. The deep learning algorithm is not particularly prominent in this experiment, but its optimal results are affected by the structure, hyperparameters, and the number of training iterations, which need further in-depth study. Finally, the main challenges facing the current network intrusion detection field are summarized, and the future research directions have been prospected. Author Affiliation: (a) College of Science. North China University of Science and Technology. China (b) Qianan College. North China University of Science and Technology. China * Corresponding author. Article History: Received 23 February 2022; Revised 2 July 2022; Accepted 24 July 2022 Byline: Chunying Zhang (a), Donghao Jia (a), Liya Wang [hblgwly@126.com] (a,*), Wenjie Wang (a), Fengchun Liu (b), Aimin Yang (a)

Published

2022

32. Investigating perceptions about risk of data breaches in financial institutions: A routine activity-approach

Author

Lee, Jaeung, de Guzman, Melchor C., Wang, Jingguo, Gupta, Manish, and Rao, H. Raghav

Subjects

Data security -- Investigations, Financial institutions -- Investigations, Employees -- Beliefs, opinions and attitudes, Information management -- Investigations, Company legal issue, Information accessibility, Data security issue, Business, Computers and office automation industries

Abstract

Keywords Risk Assessment; Financial Institutions; Data Breaches; Routine Activity Theory; Sensitive Data; Information availability ABSTRACT Data breaches in financial institutions could produce extensive damage to an organization's operations. Therefore, it is critical for organizations to identify and assess threats in their operational environment to be able to implement prevention and mitigation strategies. Applying Routine Activity Theory (RAT), this paper develops a risk assessment model using employees' perceptions of risks relative to potential breaches of sensitive data in their organizations. This paper empirically examines the roles of motivated offenders, suitable targets, and the influences of capable guardianship within the organization. Analyses of surveyed employees show that perceptions of value (using a multi-dimensional perspective), inertia, and accessibility of targeted sensitive data along with presence of guardians have an impact on assessment of risk about data breaches in financial institutions. The paper also extends RAT to account for the amount of information (both online and offline) available regarding the data influence the relationship between value of the sensitive data and suitability for data breach. Theoretical and practical implications are discussed. Author Affiliation: (a) Louisiana Tech University (b) Georgia Gwinnett College (c) University of Texas at Arlington (d) State University of New York at Buffalo (e) University of Texas at San Antonio * Corresponding author. Article History: Received 28 September 2021; Revised 24 May 2022; Accepted 10 July 2022 Byline: Jaeung Lee [jakelee@latech.edu] (a,*), Melchor C. de Guzman (b), Jingguo Wang (c), Manish Gupta (d), H. Raghav Rao (e)

Published

2022

33. Online privacy and market structure: Theory and evidence

Author

Sabatino, Lorien and Sapi, Geza

Subjects

Privacy, Privacy issue, Business, Computers and office automation industries, Economics, Library and information science

Abstract

Keywords Privacy; Competition; Regulation; Eprivacy directive Highlights * How does privacy regulation affects the structure of online markets? * We empirically analyse the effects of the 2009 ePrivacy Directive in Europe on firm revenues; * Firms stayed largely unaffected, but we see some negative effects on large firms only; * Larger firms may offer more privacy than smaller rivals; * We provide a theoretical model where larger firms offer more privacy but are hit harder by privacy regulation; * Privacy regulation is not without costs to businesses, but it need not distort competition to the favour of larger firms. Abstract This paper investigates how privacy regulation affects the structure of online markets. We empirically analyse the effects of the 2009 ePrivacy Directive in Europe on firm revenues. Our results indicate that, if any, only large firms were weakly negatively affected by the implementation of the Directive. We also provide a simple theoretical model predicting an avenue how privacy regulation may predominantly influence the revenues and profits of larger firms, even if - as some of our evidence indicates - these larger firms may actually offer more privacy than smaller rivals. Our results suggest that while privacy regulation is not without costs to businesses, it need not distort competition to the favour of larger firms. Author Affiliation: (a) Department of Management and Production Engineering, Politecnico di Torino Italy (b) European Commission DG COMP - Chief Economist Team and Düsseldorf Institute for Competition Economics (DICE), Heinrich Heine University of Düsseldorf. Belgium * Corresponding author. Article History: Received 28 January 2021; Revised 4 April 2022; Accepted 10 June 2022 (footnote)[white star] We are grateful to the Editor and two anonymous referees for their valuable suggestions which greatly improved the paper. We would also like to thank Carlo Cambini, Grazia Cecere, Szabolcs Lorincz, Ulrich Laitenberger, and Mario Pagliero, as well as seminar participants at the 11th Paris Conference on Digital Economics, Bergen Competition Policy Conference 2019, X Workshop on Individual Behaviour and Economic Outcomes, 17th ZEW Conference on the Economics of Information and Communication Technologies, CRESSE Conference 2019, and 17th Media Economics Workshop in Braga for helpful comments and discussions. All remaining errors are ours. (footnote)1 The views expressed in this article are solely those of the authors and may not, under any circumstances, be regarded as representing an official position of the European Commission. Byline: Lorien Sabatino [lorien.sabatino@polito.it] (a), Geza Sapi [sapi@dice.uni-duesseldorf.de] (1,*,b)

Published

2022

34. Partisan selective exposure in news consumption

Author

Dejean, Sylvain, Lumeau, Marianne, and Peltier, Stéphanie

Subjects

Right and left (Political science) -- Analysis, Social media -- Analysis, Internet -- Analysis, Internet, Business, Computers and office automation industries, Economics, Library and information science

Abstract

Keywords Media; Selective exposure; Partisan news; Internet and social media; Echo chamber Highlights * Based on a sample of 4000 French internet users, our index of partisan selective exposure shows that on average, partisan exposure is low when social media are excluded. * The more people declare extreme (right- or left-wing) political views, the more they are over-exposed to like-minded content. * It also indicates that social media consumption increases selective exposure to partisan news. * While the youngest and the less educated appear to be less exposed to partisan content in the absence of social media, our results suggest that this is no longer the case when social media are included in the news diet. Abstract The development of online social media has raised concerns about how individuals are over-exposed to partisan news. However, social media are only a part of the daily media diet of an average consumer (; ). The aim of this paper is therefore to examine partisan news exposure with respect to the entire media diet. We develop a partisan selective exposure index that indicates the over-representation of partisan political opinions in individual daily news consumption. Our analysis of data from a survey of 4,000 people in France shows that on average, partisan exposure is low when social media are excluded. Our estimations also indicate that social media consumption increases selective exposure to partisan content. While the youngest and the less educated appear to be less exposed to partisan content in the absence of social media, our results suggest that this is no longer the case when social media are included in the news diet. Finally, we show that the more people declare extreme (right- or left-wing) political views, the more they are over-exposed to like-minded content. Author Affiliation: (a) La Rochelle University, CEREGE, France (b) University of Angers, GRANEM and Labex ICCA, France (c) La Rochelle University, CRHIA and Sorbonne Nouvelle University, IRCAV 1 1 This paper forms part of the PIL research project (Plurality of Online News, grant No. ANR-17-CE27-0010) funded by the French National Agency for Research, whose financial support is gratefully acknowledged. It has benefited from comments and suggestions from participants at the 2019 3EN Meeting, at the Louvain and Paris Online Digital Economics seminar, and at the 2021 AFSE conference. The authors also thank Blaise Boton for his research assistance. , France * Corresponding author. Article History: Received 22 July 2021; Revised 19 June 2022; Accepted 27 July 2022 (footnote)1 This paper forms part of the PIL research project (Plurality of Online News, grant No. ANR-17-CE27-0010) funded by the French National Agency for Research, whose financial support is gratefully acknowledged. It has benefited from comments and suggestions from participants at the 2019 3EN Meeting, at the Louvain and Paris Online Digital Economics seminar, and at the 2021 AFSE conference. The authors also thank Blaise Boton for his research assistance. Byline: Sylvain Dejean [sylvain.dejean@univ-lr.fr] (a,*), Marianne Lumeau (b), Stéphanie Peltier (c)

Published

2022

35. Exclusive content and platform competition in Latin America

Author

Cuntz, Alexander and Bergquist, Kyle

Subjects

Internet piracy, Motion pictures -- Production and direction, Competition (Economics), Piracy (Copyright), Business, Computers and office automation industries, Economics, Library and information science

Abstract

Keywords Platform competition; Exclusive distribution; Piracy; Quality; Movies; Copyright Highlights * The paper uses rich data on movie streaming services and a quasi-natural experiment in Brazil to explore causal effects around content market fragmentation. * It investigates the effects of cross-platform availability of titles on online piracy searches and the investment in average quality of titles. * Non-exclusive distribution is more effective in deterring online piracy than is single-homing content. * Non-exclusive distribution induces higher average investment in the quality of new domestic movie productions. * The paper discusses policy options in the light of these findings. Abstract Platforms often compete over non-price strategies such as the exclusive distribution of products. But these strategies are not always welfare-enhancing. Using rich data on audiovisuals distributed on platforms in Brazil, we find that non-exclusive distribution and availability of titles across platforms is more effective in deterring online piracy than in the single-homing case. Moreover, for the subset of domestic movies, it induces higher average investment in the quality of new titles upstream. We discuss options of copyright and competition policies in the light of these findings. Author Affiliation: World Intellectual Property Organization (WIPO) 34, chemin des Colombettes, Geneva CH-1211, Switzerland * Corresponding author. Article History: Received 28 January 2021; Revised 24 June 2022; Accepted 8 July 2022 (footnote)[white star] The views expressed are those of the authors, and do not necessarily reflect the views of the World Intellectual Property Organization or its member states. The authors gratefully acknowledge the generous data donation by justwatch.com. Moreover, they would like to thank Luis Aguiar, Paul Belleflamme, Carsten Fink, Kevin Hiller, Franziska Kaiser, Leonardo Madio, Dimitri Paolini, Bernd Riefler, Matthias Sahli and Rafael Ferraz Vazquez, as well as participants of the 5th Summer school for Data & Algorithms at KU Leuven for their feedback on previous versions of the paper. In addition, we are grateful for comments received by the editor and two anonymous reviewers. Byline: Alexander Cuntz [alexander.cuntz@wipo.int] (*,a), Kyle Bergquist [kyle.bergquist@wipo.int] (a)

Published

2022

36. Let the user speak: Is feedback on Facebook a source of firms' innovation?

Author

Bertschek, Irene and Kesler, Reinhold

Subjects

Product development -- Analysis, Time to market, Business, Computers and office automation industries, Economics, Library and information science

Abstract

Keywords Social media; Open innovation; Feedback; Product innovation Highlights * We use a unique data set combining survey data of German firms with information from firms' Facebook pages. * Firm's adoption of Facebook as well as feedback from users are positively and significantly correlated with the firm's probability to introduce a product innovation. * Our results withstand a large set of robustness checks including panel and IV analyses. * A content analysis of firm posts and user comments reveals that Facebook adoption is only correlated with product innovation if firms and users actively participate in a discussion. Abstract Social media open up new possibilities for firms to exploit information from various external sources. Does this information help firms to become more innovative? Combining firm-level survey data with information from firms' Facebook pages, we study the role that firms' and users' activities on Facebook play in the innovation process. We find that firms' adoption of a Facebook page as well as feedback from users are positively and significantly related to product innovations. Our results withstand a large set of robustness checks, including estimations that take potential endogeneity of firms' Facebook use as well as unobserved heterogeneity into account. Analyzing the content of firm posts and user comments reveals that Facebook adoption is only correlated with product innovations if firms and users actively participate in a discussion, especially when engagement is above-average and comes from both sides. Author Affiliation: (a) ZEW Mannheim, Digital Economy, P.O. Box 103443, D--68034 Mannheim, and University of Giessen, Germany (b) University of Zurich, Department of Business Administration, Plattenstrasse 14, Zurich CH--8032, Switzerland, and ZEW Mannheim, Germany * Corresponding author. Article History: Received 27 April 2021; Revised 30 June 2022; Accepted 18 July 2022 (footnote)[white star] Support from the 7th European Framework Program (Grant Agreement No. 320203) is gratefully acknowledged. We are grateful to Chris Forman, Ulrich Kaiser, Jenny Meyer, Peter Winker, and Michael Zhang for their valuable comments. We thank the participants of the CRE8TV workshops in Milan and Manchester, the SEEK Digital Economy Workshop in Turin, the research seminars at the Universities of Ulm, Giessen, Münster, Kassel, and Bochum, as well as the participants of the annual conferences at IIOC 2016 in Philadelphia, EARIE 2016 in Lisbon, and the VfS 2016 in Augsburg for their helpful comments. We thank Niklas Gösser and Florian Schoner for their outstanding research assistance, as well as Erin Goldfinch for proof reading the paper. An earlier version of this paper is available as a CRE8TV Project Deliverable DEL: 4.2.4-R titled 'Social Media as a Source of Creativity: Hype or a Serious Strategy?.' Byline: Irene Bertschek [irene.bertschek@zew.de] (*,a), Reinhold Kesler [reinhold.kesler@business.uzh.ch] (b)

Published

2022

37. Telework in the spread of COVID-19

Author

Okubo, Toshihiro

Subjects

Disease transmission, Telecommuting, Coronaviruses, Telecommuting, Business, Computers and office automation industries, Economics, Library and information science

Abstract

Keywords Telework; COVID-19; ICT tools; Working environments; Digitalization; Non-routine task Highlights * In the spread of COVID-19, people have been requested to use telework. * This paper uses the unique panel survey on telework use in Japan from 2020 to 2021 (Okubo=NIRA Survey). * Educated, high ICT-skilled, younger, and female workers who engage in nonroutine tasks tend to use telework. * IT communication tools, digitalized offices, and flexible-hour working systems are positively correlated with telework use. Abstract In the spread of coronavirus disease (COVID-19), people have been requested to work from home with information and communication technology (ICT) tools, i.e. telework. This paper investigates which factors (infection of COVID-19, individual characteristics, task characteristics, and working environments) are associated with telework use in Japan. Using the unique panel survey on telework, our estimation finds that although telework use remains low in Japan, educated, high ICT-skilled, younger, and female workers who engage in less teamwork and less routine tasks tend to use telework. Working environments such as the richness of IT communication tools, digitalized offices, and flexible-hour working systems are all positively correlated with telework use. Author Affiliation: Faculty of Economics, Keio University, 2-15-45 Mita Minato Tokyo, 108-8345, Japan Article History: Received 19 October 2021; Revised 11 May 2022; Accepted 17 June 2022 Byline: Toshihiro Okubo [okubo@econ.keio.ac.jp]

Published

2022

38. KRTunnel: DNS channel detector for mobile devices

Author

Wang, Senmiao, Sun, Luli, Qin, Sujuan, Li, WenMin, and Liu, Wentao

Subjects

Mobile devices -- Analysis, Detectors -- Analysis, Business, Computers and office automation industries

Abstract

Keywords DNS tunnel detection; DNS response; Isolated forest; Android; Network security Highlights * In this paper, we proposed a method for DNS tunnel detection based on isolated forest for Android. * We constructed a framework for mobile devices to collect DNS tunnel traffic. * Based on the analysis of DNS tunnel traffic generated on mobile devices, we extracted features based on DNS request and response and constructed the feature set * We proposed a DNS tunnel detector, KRTunnel, for mobile devices. Experiments showed that KRTunnel can identify unseen DNS tunnel traffic with the accuracy of 98.1%. Abstract Nowadays, DNS channel attacks on mobile devices have become a challenging threat. Attackers usually attack mobile devices and steal information with the help of DNS channel. It is difficult for users to detect this kind of attack, especially when attackers covert sensitive information in the DNS response. In this paper, we proposed a method for DNS tunnel detection based on isolated forest for Android. We constructed a framework for mobile devices to collect DNS tunnel traffic. Based on the analysis of DNS tunnel traffic generated on mobile devices, we extracted features based on DNS request and response and constructed the feature set. We proposed a DNS tunnel detector, KRTunnel, for mobile devices. Experiments showed that KRTunnel can identify unseen DNS tunnel traffic with the accuracy of 98.1%. Author Affiliation: The State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China * Corresponding authors. Article History: Received 2 September 2021; Revised 22 June 2022; Accepted 27 June 2022 Byline: Senmiao Wang, Luli Sun, Sujuan Qin [qsujuan@bupt.edu.cn] (*), WenMin Li [liwenmin02@outlook.com] (*), Wentao Liu

Published

2022

39. An empirical study of vulnerability discovery methods over the past ten years

Author

Cui, Lei, Cui, Jiancong, Hao, Zhiyu, Li, Lun, Ding, Zhenquan, and Liu, Yongji

Subjects

Business, Computers and office automation industries

Abstract

Keywords Vulnerability discovery; Empirical study; Effectiveness comparison; Vulnerability; Vulnerability detection; Vulnerability analysis Abstract In recent years, hundreds of vulnerability discovery methods have been proposed and proven to be effective (i.e., Is Effective) by discovering thousands of vulnerabilities in real-world programs. However, the quantified ability to indicate how effective (i.e., How Effective) a method is still unknown. In this paper, we perform an empirical study to understand the effectiveness of these methods better. More specifically, we prepare a dataset of 124 papers focusing on vulnerability discovery from S&P, SECURITY, CCS, and NDSS over the past ten years. These papers cover four techniques, including static analysis, dynamic analysis, concolic analysis, and fuzzing, yielding 3970 vulnerabilities, of which 954 get CVE records. Then, we extract several attributes from the paper and categorize them into five dimensions, i.e., popularity, scalability, capability, severity, and diversity, which facilitate us to compare various techniques along these dimensions statistically. Moreover, taking these attributes into account, we propose a scoring method to quantify the effectiveness of a method, thereby indicating how effective a method is. The empirical study on dimensions and effectiveness scores reveals several findings that help better understand the effectiveness of vulnerability discovery techniques. Author Affiliation: (a) Institute of Information Engineering, Chinese Academy of Science, Beijing 100093, China (b) Institute of Information Engineering, Chinese Academy of Science and University of Chinese Academy of Sciences, Beijing, China * Corresponding author. Article History: Received 5 March 2022; Revised 24 May 2022; Accepted 27 June 2022 Byline: Lei Cui [cuilei@iie.ac.cn] (a), Jiancong Cui (b), Zhiyu Hao [haozhiyu@iie.ac.cn] (*,a), Lun Li (a), Zhenquan Ding (a), Yongji Liu (a)

Published

2022

40. Uncovering APT malware traffic using deep learning combined with time sequence and association analysis

Author

Niu, Weina, Zhou, Jie, Zhao, Yibin, Zhang, Xiaosong, Peng, Yujie, and Huang, Cheng

Subjects

Societies -- Analysis, Spyware -- Analysis, Cyberterrorism -- Analysis, Machine learning -- Analysis, Neural networks -- Analysis, Computer science -- Analysis, Associations, institutions, etc. -- Analysis, Neural network, Business, Computers and office automation industries

Abstract

Keywords APT Malware; Deep learning; Association analysis; PARALLEL_Lstm; RSENET_Lstm Abstract Traditional malware detection methods based on static traffic characteristics and machine learning are hard to cope with the increasing number of APT malware variants. In order to alleviate this problem, this paper proposes a deep-learning-based malware classification approach that combines time sequence features and association rules features. This method uses the improved LSTM neural network structure named RESNET_LSTM and PARALLEL_LSTM to extract time sequence features of different protocol traffic. It also utilizes association analysis to generate quantitative rule features. Finally, we connect the time sequence feature vector and the quantization rule vector as input to deep learning models to detect malware traffic. We evaluated our proposed approach on a dataset consisting of malicious traffic generated by 57 types of malware and normal traffic. The experimental results demonstrate that the loss decline rate of PARALLEL_LSTM structure during the training phase is faster than that of the LSTM and RESNET_LSTM structures. When the RESNET_LSTM structure is used, the prediction accuracy is close to 100%, which is slightly higher than the other two structures. The accuracy of the detection methods proposed in this paper are all above 96%, while the accuracy of malware detection methods combined with static traffic characteristics and machine learning is about 85%. Author Affiliation: (a) School of Computer Science and Engineering, Institute for Cyber Security, University of Electronic Science and Technology of China (UESTC), Chengdu, 611731, China (b) School of Cyber Science and Engineering, Sichuan University, Chengdu, 610065, China * Corresponding authors. Article History: Received 29 October 2020; Revised 8 March 2022; Accepted 20 June 2022 Byline: Weina Niu [niuweina1@126.com] (*,a), Jie Zhou [fishjrunning@163.com] (a), Yibin Zhao [18200181243@163.com] (a), Xiaosong Zhang [johnsonzxs@uestc.edu.cn] (a), Yujie Peng [13201497153@l63.com] (a), Cheng Huang [opcodesec@gmail.com] (b,*)

Published

2022

41. An evaluation of potential attack surfaces based on attack tree modelling and risk matrix applied to self-sovereign identity

Author

Naik, Nitin, Grace, Paul, Jenkins, Paul, Naik, Kshirasagar, and Song, Jingping

Subjects

Denial of service attacks -- Models, Identity theft -- Models, Business, Computers and office automation industries

Abstract

Keywords Attack tree model; Risk matrix model; Digital identity; Self-sovereign identity; SSI; Identity management system; Decentralized IDentifier; DID; Verifiable credential; Distributed ledger technology; Blockchain; Faking identity; Identity theft; Distributed denial of service; Lockheed Martin's cyber kill chain; MITRE ATT&CK framework; Diamond model of intrusion analysis Abstract Self-Sovereign Identity (SSI) empowers users to govern their digital identity and personal data. This approach has changed the identity paradigm where users become the central governor of their identity; hence the rapid growth of the SSI model. Utilizing the security and privacy properties of blockchain, together with other security technologies, SSI purports to provide a robust security and privacy service. However, this governing power for users comes with a greater accountability and security risk, as not all users are capable or trained in its use and therefore in its efficient application. This trade-off requires a systematic evaluation of potential attacks on the SSI system and their security risks. Hitherto, there have been no noteworthy research studies performed to evaluate potential attacks on the SSI system and their security risks. This paper proposes an easy, efficient and economical approach to perform an evaluation of potential attacks on the SSI system and their security risks. This approach utilises a combination of an attack tree model and risk matrix model to perform this evaluation of potential attacks and their security risks, in addition to outlining a systematic approach including describing the system architecture and determining its assets in order to perform this evaluation of potential attacks and their security risks. This evaluation work has identified three potential attacks on the SSI system: faking identity, identity theft and distributed denial of service attacks, and performed their security risk evaluation utilising the proposed approach. Finally, this paper has proposed several mitigation strategies for the three evaluated attacks on the SSI system. This proposed evaluation approach is a systematic and generalised approach for evaluating attacks and their security risks, and can be applied to any other IT system. Author Affiliation: (a) School of Informatics and Digital Engineering, Aston University, Birmingham, United Kingdom (b) Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff, United Kingdom (c) Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Canada (d) Software College, Northeastern University, Shenyang, China * Corresponding author. Article History: Received 8 September 2021; Revised 23 April 2022; Accepted 17 June 2022 Byline: Nitin Naik [n.naik1@aston.ac.uk] (*,a), Paul Grace (a), Paul Jenkins (b), Kshirasagar Naik (c), Jingping Song (d)

Published

2022

42. MMM-RF: A novel high accuracy multinomial mixture model for network intrusion detection systems

Author

Hammad, Mohamed, Hewahi, Nabil, and Elmedany, Wael

Subjects

Security software -- Usage, Detectors -- Usage, Algorithms -- Analysis -- Models -- Usage, Network security software, Algorithm, Business, Computers and office automation industries

Abstract

Keywords Intrusion detection; Statistics; Network traffic; Multinomial mixture model; Computer security Abstract The rise of malicious practice in network traffic is one of the most noticeable issues in network security. This practice is negatively impacting the productivity of various organizations and end-users. In this paper, a novel approach called Multinomial Mixture Modeling with Median Absolute Deviation and Random Forest Algorithm (MMM-RF) is proposed for the classification of network attacks. Conducted with a three fold objective, this paper aims to use Correlation Feature Selection (CFS) to perform analysis on the most prominent factors involved in network traffic, focuses on using T-Distributed Stochastic Neighbor Embedding (T-SNE) to minimize data dimension, and finally, the study explores the use of Synthetic Minority Oversampling Technique (SMOTE) coupled with random under-sampling in controlling imbalance in the CSE-CIC-IDS2018 dataset. The use of Multinomial Mixture Modeling (MMM) in this study is coupled with the Expectation-Maximization (EM) algorithm and Median Absolute Deviation (MAD). This precedes the use of the Random Forest (RF) classification algorithm on the CSE-CIC-IDS2018 dataset experiment. The outcome showed a high detection accuracy of 99.98% and a very low False Positive Rate (FPR) of 0.02%. Author Affiliation: College of Information Technology, University of Bahrain, Bahrain * Corresponding author. Article History: Received 17 September 2021; Revised 22 January 2022; Accepted 25 May 2022 Byline: Mohamed Hammad [mnhammad90@gmail.com] (*), Nabil Hewahi, Wael Elmedany

Published

2022

43. Energy-efficient acceleration of convolutional neural networks using computation reuse

Author

Ghanbari, Azam and Modarressi, Mehdi

Subjects

Energy conservation, Energy efficiency, Neural networks -- Energy use, Energy management systems -- Energy use, Neural network, Business, Computers and office automation industries

Abstract

Keywords Convolutional neural networks; Computation reuse; Energy-efficiency; Quantization; Hardware acceleration Highlights * Most convolutional neural networks can undergo low-precision quantization. * A quantized network has millions of weights, but very limited unique weight values. * Limited unique weight values yields many repetitive arithmetic operations. * A coding method to eliminate storing redundant weight values. * A computation reuse-aware architecture to skip repetitive arithmetic operations. Abstract The large and ever-increasing size of state-of-the-art convolutional neural networks (CNNs) poses both throughput and energy challenges to the underlying hardware, especially in embedded and mobile computing platforms. Weight quantization is a promising method to reduce the computational complexity of neural networks without losing significant accuracy. In this paper, we show that the value locality of quantized filter weights brings about a high amount of computation redundancy in CNNs. In order to leverage this computational redundancy to reduce neural network complexity, this paper proposes CORN-C, a computation reuse-aware accelerator for CNNs. CORN-C leverages two opportunities to eliminate repetitive computations: (1) the specific algorithmic structure of the convolutional neural networks in which each element of the input data (and intermediate feature maps) is multiplied by tens to thousands of CNN filter weights, and (2) the data value locality in the network filter weights when low-precision quantization is applied. Experimental results show that by eliminating the considerable amount of repetitive multiplication, computation reuse offers up to 10.5%--20.9% energy reduction and 13.4%--41.6% latency reduction over state-of-the-art accelerators across a set of widely-used CNN benchmarks. Author Affiliation: School of Electrical and Computer Engineering, College of Engineering, University of Tehran, Iran * Corresponding author. Article History: Received 13 July 2021; Revised 19 March 2022; Accepted 29 March 2022 Byline: Azam Ghanbari [azam.ghanbari@ut.ac.ir], Mehdi Modarressi [modarressi@ut.ac.ir] (*)

Published

2022

44. Computing exact WCRT for typed DAG tasks on heterogeneous multi-core processors

Author

Chang, Shuangshuang, Sun, Jinghao, Hao, Zhixiong, Deng, Qingxu, and Guan, Nan

Subjects

Energy efficiency -- Analysis, Business, Computers and office automation industries

Abstract

Keywords Heterogeneous multi-cores; Typed DAG tasks; Satisfiability modulo theories; WCRT Abstract Heterogeneous multi-core architectures achieve high performance and energy efficiency in real-time domain towards various applications. Most real-time parallel applications on heterogeneous multi-cores can be modeled as a typed directed acyclic graph (DAG) task, where the workload of each vertex is only allowed to execute on a particular type of core. Traditional worst-case response time (WCRT) analysis methods for these applications modeled as DAG are very pessimistic and impractical, i.e., there is a big gap between existing WCRT bounds and the exact WCRT. In this paper, we propose a satisfiability modulo theories-based method to exactly analyze the WCRT of the typed DAG task scheduled upon heterogeneous multi-cores. Experimental results show that our method can significantly improve the precision of the WCRT, and thus, dramatically increase the acceptance rate in the schedulability analysis. Author Affiliation: (a) Northeastern University, China (b) Dalian University of Technology, China (c) City University of Hong Kong, Hong Kong * Corresponding author. Article History: Received 26 August 2021; Revised 22 November 2021; Accepted 22 December 2021 (footnote)[white star] Our work is an extension of the paper 'On Computing Exact WCRT for DAG Tasks' presented in the 2020 57th ACM/IEEE Design Automation Conference (DAC) by Sun et al. Byline: Shuangshuang Chang (a), Jinghao Sun (b), Zhixiong Hao (a), Qingxu Deng [dengqx@mail.neu.edu.cn] (a,*), Nan Guan (c)

Published

2022

45. Reducing Ransomware Crime: Analysis of Victims' Payment Decisions

Author

Yuryna Connolly, Alena and Borrion, Hervé

Subjects

Decision-making -- Analysis, Police -- Analysis, Business, Computers and office automation industries

Abstract

Keywords Ransomware attacks; Organisations; Decision processes; Ransom payments; Cybercrime Abstract In this paper, the decision-making processes of victims during ransomware attacks were analysed. Forty-one ransomware attacks using qualitative data collected from organisations and police officers from cybercrime units in the UK were examined. The hypothesis tested in this paper is that victims carefully analyse the situation before deciding whether to pay a ransom. This research confirms that victims often weigh the costs and benefits of interventions before making final decisions, and that their decisions are based on a range of reasons. As ransomware attacks become more prevalent globally, the findings should be highly relevant to those developing guidance and policies to prevent or minimise ransom payments. Author Affiliation: Zayed University, Liberty Building, Leeds, United Arab Emirates * Corresponding author. Article History: Received 5 June 2021; Revised 18 February 2022; Accepted 16 May 2022 Byline: Alena Yuryna Connolly [alena.yuryna-connolly@fulbrightmail.org] (*), Hervé Borrion

Published

2022

46. Cybersecurity education, awareness raising, and training initiatives: National level evidence-based results, challenges, and promise

Author

Shillair, Ruth, Esteve-González, Patricia, Dutton, William H., Creese, Sadie, Nagyfejeo, Eva, and von Solms, Basie

Subjects

Data security -- Analysis, Internet -- Safety and security measures, Developing countries -- Analysis, Cyberterrorism -- Analysis, Education -- Analysis, Internet security, Data security issue, Business, Computers and office automation industries

Abstract

Keywords Cybersecurity; Education; Training; Awareness; Internet Abstract This paper assesses the impact of cybersecurity education, awareness raising, and training (CEAT) on the vitality of internet use and services at the national level. CEAT encompasses one of five dimensions of a larger cybersecurity capacity building model (CMM) that was developed by the Global Cybersecurity Capacity Centre. The paper describes this dimension of capacity building within the CMM, and its indicators of education, awareness, and training in cybersecurity capacity. The paper then presents a cross-national analysis of the outcomes of CEAT on internet use based on comparative data from 80 nations. Controlling for contextual variables, such as the wealth of the nations and scale of internet use, the analysis shows a positive and statistically significant impact of CEAT on the vitality of internet use and services, as well as a distribution of CEAT scores that indicates key issues for low-income and developing nations. A qualitative analysis of responses from these nations is used to identify key reasons for their levels of maturity in this area. While recognising key limitations of these findings, it offers suggestions for policy and practice to meet the need for effective programs for education, awareness raising, and training. In addition, the research suggests the need for more detailed indicators of CEAT initiatives in more nations and over time to assess the validity of the findings and the recommendations for policy and practice in this area of capacity building offered in this paper. Author Affiliation: (a) Quello Center, Michigan State University, East Lansing, United States (b) Global Cyber Security Capacity Centre, Department of Computer Science, University of Oxford, Oxford, United Kingdom (c) Director of the University of Johannesburg (UJ) Centre for Cyber Security, Johannesburg, South Africa * Corresponding author. Article History: Received 14 December 2021; Revised 4 May 2022; Accepted 13 May 2022 (footnote)[white star] Funding for this research provided by: The UK Foreign, Commonwealth, and Development Office along with the State Government of Victoria, Australia. In kind support from the Organization of American States and the Inter-American Development Bank Byline: Ruth Shillair [shillai7@msu.edu] (a,*), Patricia Esteve-González (b), William H. Dutton (b), Sadie Creese (b), Eva Nagyfejeo (b), Basie von Solms (c)

Published

2022

47. Big Data analytics for sustainability: Insight through technological innovation

Author

Barnes, Stuart J., Guo, Yue, and Chan, Jason

Subjects

Urban health -- Usage, Consumption (Economics) -- Usage, Sustainable urban development -- Usage, Big data -- Usage, Air pollution -- Usage, Business, Computers and office automation industries, Library and information science

Abstract

Keywords Sustainability; Analytics; Health; Consumption; Environment; Methods Highlights * Introduces a special issue on big data analytics for sustainability. * Contains nine papers that contribute to our understanding of sustainability issues. * Papers cover four key areas: health, consumption, environment, and methods. Abstract How do information systems and big data analytics help to enable a sustainable future? This question is investigated in nine papers in this special issue that examine the issue of big data analytics for sustainability from a variety of perspectives. Broadly, these papers can be considered in four main areas: health, online behavior and consumption, safety and the environment, and methods to improve understanding of sustainability issues. Recent advances in data-driven decision-making analytics research focusing on different aspects of sustainability are discussed in these papers, including air pollution management, online health consultation services, gamification of exercise and health, sustainable urban mobility, the sustainable use of resources in hospitals, the design of anticrime information support systems, the interdependence effects among mobile social apps, networks of sustainable development goals, and the spillover effect of sustainable consumption. Author Affiliation: (a) Newcastle University, United Kingdom (b) Southern University of Science and Technology, China (c) University of Minnesota, United States of America * Corresponding author. Byline: Stuart J. Barnes [stuart.barnes@kcl.ac.uk] (a,*), Yue Guo (b), Jason Chan (c)

Published

2022

48. DIFCS: A Secure Cloud Data Sharing Approach Based on Decentralized Information Flow Control

Author

Lu, Jintian, Sun, Jiakun, Xiao, Ruizhi, and Jin, Shuyuan

Subjects

Data security -- Analysis, Cloud computing -- Analysis, Computer science -- Analysis, Information management -- Analysis, Information accessibility, Data security issue, Business, Computers and office automation industries

Abstract

Keywords Decentralized information flow control; Cloud data sharing; Privilege protection; Model checking; Formal verification Abstract Summary In the field of cloud computing, collaboration and data sharing among clouds have dramatically increased. How to protect the security of shared cloud data is being an urgent problem. Based on decentralized information flow control (DIFC) model, this paper presents an approach, DIFC-based data sharing approach (DIFCS), to protect both confidentiality and integrity of shared cloud data. Additionally, this paper designs a privilege protection policy for DIFCS, resulting in its capability of preventing malicious users from modifying privilege. The correctness and security properties of DIFCS are proved by formal analysis and verification, where firstly, DIFCS is formally interpreted into high-level petri net (HLPN) representation and analyzed using Z language, then is automatically verified with SMT-Lib and Z3 solver. The formal analysis and verification results reveal that DIFCS holds the security properties of confidentiality, integrity, authenticity, and privilege tamper-proof. The experimental results further demonstrate the high efficiency of DIFCS. Author Affiliation: School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China * Corresponding author. Article History: Received 15 September 2021; Revised 8 February 2022; Accepted 1 March 2022 Byline: Jintian Lu, Jiakun Sun, Ruizhi Xiao, Shuyuan Jin [jinshuyuan@mail.sysu.edu.cn] (*)

Published

2022

49. DNN pruning with principal component analysis and connection importance estimation

Author

Riera, Marc, Arnau, José María, and González, Antonio

Subjects

Neurons -- Analysis, Energy efficiency -- Analysis, Neural networks -- Analysis, Neural network, Business, Computers and office automation industries

Abstract

Keywords Machine learning; Deep neural networks; Pruning; PCA Abstract DNN pruning reduces memory footprint and computational work of DNN-based solutions to improve performance and energy-efficiency. An effective pruning scheme should be able to systematically remove connections and/or neurons that are unnecessary or redundant, reducing the DNN size without any loss in accuracy. In this paper we show that some of the most popular pruning schemes, such as the Near Zero Weights, require an extremely time-consuming iterative process that requires retraining the DNN many times to tune the pruning hyperparameters. Then, we propose a DNN pruning scheme based on Principal Component Analysis and relative importance of each neuron's connection (PCA+DIRIE) that automatically finds the optimized DNN in one shot without requiring hand-tuning of multiple parameters. The experimental results show the effectiveness of our method on several benchmarks. Notably, on ImageNet, PCA+DIRIE can prune up to 60% of ResNet-50 with negligible impact on accuracy. Author Affiliation: Universitat Politècnica de Catalunya (UPC), Barcelona, Spain * Corresponding author. Article History: Received 10 March 2021; Revised 17 September 2021; Accepted 9 November 2021 (footnote)[white star] New Paper, Not an Extension of a Conference Paper. Byline: Marc Riera [mriera@ac.upc.edu] (*), José María Arnau, Antonio González

Published

2022

50. Optimal computational resource pricing in vehicular edge computing: A Stackelberg game approach

Author

Tang, Chaogang and Wu, Huaming

Subjects

Pricing -- Analysis, Mineral industry -- Analysis, Mining industry -- Analysis, Algorithms -- Analysis, Energy consumption -- Analysis, Algorithm, Product price, Business, Computers and office automation industries

Abstract

Keywords Vehicular edge computing; Pricing; Stackelberg game; Privacy; Computational resources Abstract Vehicular edge computing (VEC) pushes the computational resources to the logical edge of the networks, thus enabling vehicles to run resource-hungry and time-sensitive applications by outsourcing operations. Many studies revolved around VEC focus on the optimization of response latency, energy consumption, or both of them, assuming that the computational resources in VEC can be utilized for free. However, VEC provisions computational resources on a pay-as-you-go basis, which means VEC can obtain revenues by leasing the computational resources. In this paper, we focus on the real-time computational resource pricing in VEC, in the hope to reach a win--win situation where both VEC and vehicles can optimize their respective utility values. To reach such a mutually satisfactory result, we adopt the Stackelberg game to model the computational resource pricing problem in this paper. In this game, vehicles are followers and the edge server serves as the leader. Furthermore, we have proven that a unique Stackelberg equilibrium exists in the proposed pricing game. A distributed algorithm is put forward to solve our problem, which considers the privacy of vehicles. The distributed approach is evaluated by extensive experiments, in terms of convergence rate, running time and so on. The simulation results demonstrate that the distributed approach can achieve satisfactory results without privacy disclosure compared to the centralized approach. Author Affiliation: (a) School of Computer Science and Technology, China University of Mining and Technology, 221116, Xuzhou, China (b) Center for Applied Mathematics, Tianjin University, 300072, Tianjin, China * Corresponding author. Article History: Received 8 May 2021; Revised 28 October 2021; Accepted 1 November 2021 Byline: Chaogang Tang (a), Huaming Wu [whming@tju.edu.cn] (b,*)

Published

2021