ALBERT

Description: In this paper, we present a methodology to evaluate the feasibility, effectiveness and complexity of a class of cache-based side-channel attacks. The methodology provides estimates on the lower bound of the required number of observations on the side channel and the number of trials for a successful attack. As a case study, a weak implementation of the Advanced Encryption Standard algorithm is selected to apply the proposed methodology to three different categories of cache-based attacks; namely, access-driven, trace-driven and time-driven attacks. The approach, however, is generic in the sense that it can be utilized in other algorithms that are subject to the micro-architectural side-channel attacks. The adopted approach bases its analysis method partially on the conditional entropy of secret keys given the observations of the intermediate variables in software implementations of cryptographic algorithms via the side channel and explores the extent to which the observations can be exploited in a successful attack. Provided that the intermediate variables are relatively simple functions of the key material and the known inputs or outputs of cryptographic algorithms, a successful attack is theoretically feasible. Our methodology emphasizes the need for an analysis of this leakage through such intermediate variables and demonstrates a systematic way to measure it. The method allows us to explore every attack possibility, estimate the feasibility of an attack, and compare the efficiency and the costs of different attack strategies to determine an optimal level of effective countermeasures.

Description: In Cramer et al. (2007, Bounded CCA2-Secure Encryption. In Kurosawa, K. (ed.), Advances in Cryptology – ASIACRYPT 2007 , Kuching, Malaysia, December 2–6, Lecture Notes in Computer Science, Vol. 4833, pp. 502–518. Springer, Berlin, Germany) proposed a public-key encryption scheme secure against adversaries with a bounded number of decryption queries based on the decisional Diffie–Hellman problem. In this paper, we show that the same result can be obtained based on weaker computational assumptions, namely: the computational Diffie–Hellman and the hashed Diffie–Hellman assumptions.

Description: Certificateless public key encryption (CLE) and certificate-based encryption (CBE) are motivated to simultaneously solve the heavy certificate management problem inherent in the traditional public key encryption (PKE) and the key escrow problem inherent in the identity-based encryption (IBE). Al-Riyami and Paterson proposed a general conversion from CLE to CBE, which is neat and natural. Kang and Park pointed out a flaw in their security proof. Wu et al. proposed another generic conversion from CLE to CBE which additionally involves collision resistant hash functions. It remains an open problem whether the generic conversion due to Al-Riyami and Paterson is provably secure or not. We are motivated to solve this open problem. Our basic idea is to enhance Type II adversary's power a little by allowing it to conditionally replace a user's public key. We first formalize a new security model of CLE in this way. Then, we succeed in proving that the Al-Riyami–Paterson generic conversion from CLE to CBE is secure, if the CLE scheme is secure in our new security model. Finally, a concrete provably secure CBE scheme is presented to demonstrate the applicability of our result.

Description: Human recognition with heartbeat signal is useful for different applications such as information security, user identification and remote patient monitoring. In this paper, we propose a model-based method for the alignment of heartbeat morphology to enhance the recognition capability. The scale change of different heartbeats of the same individual due to heart rate variability is estimated and inversed to yield better alignment. Recognition capabilities of different alignment methods are analyzed and measured by intra-individual and inter-individual distances of aligned heartbeats. A framework for heartbeat recognition incorporating the model-based alignment method is also presented. We tested the recognition capability of heartbeat morphology by using two different databases. It was found that model-based alignment method was useful to boost the recognition capability of heartbeat morphology. A statistical t -test revealed that the improvement was significant with respect to recognition capabilities of other existing alignment methods. We also used the aligned morphology as a feature, tested the recognition accuracy on both databases and compared the recognition performance to those of four other state-of-the-art features. A large increase in recognition accuracy was obtained especially for a multisession database of heartbeat signals captured from fingers using a handheld ECG device.

Description: Malicious code attacks pose a serious threat to the security of information systems, as malware evolved from innocuous conceptual software to advanced and destructive cyber weapons. However, there is still the lack of a comprehensive and useful taxonomy to classify malware according to their behavior, since commonly used names are obsolete and unable to handle the complex and multipurpose currently observed samples. In this article, we present a brief survey on available malware taxonomies, discuss about issues on existing naming schemes and introduce an extensible taxonomy consisting of an initial set of behaviors usually exhibited by malware during an infection. The main goal of our proposed taxonomy is to address the menace of potentially malicious programs based on their observed behaviors, thus aiding in incident response procedures. Finally, we present a case study to evaluate our behavior-centric taxonomy, in which we apply identification patterns extracted from the proposed taxonomy to over 12 thousand known malware samples. The leveraged results show that it is possible to screen malicious programs that exhibit suspicious behaviors, even when they remain undetected by antivirus tools.

Description: Metamorphism is a technique that mutates the binary code using different obfuscations and never keeps the same sequence of opcodes in the memory. This stealth technique provides the capability to a malware for evading detection by simple signature-based (such as instruction sequences, byte sequences and string signatures) anti-malware programs. In this paper, we present a new scheme named Annotated Control Flow Graph (ACFG) to efficiently detect such kinds of malware. ACFG is built by annotating CFG of a binary program and is used for graph and pattern matching to analyse and detect metamorphic malware. We also optimize the runtime of malware detection through parallelization and ACFG reduction, maintaining the same accuracy (without ACFG reduction) for malware detection. ACFG proposed in this paper: (i) captures the control flow semantics of a program; (ii) provides a faster matching of ACFGs and can handle malware with smaller CFGs, compared with other such techniques, without compromising the accuracy; (iii) contains more information and hence provides more accuracy than a CFG. Experimental evaluation of the proposed scheme using an existing dataset yields malware detection rate of 98.9% and false positive rate of 4.5%.

Description: The success of location-based services is growing together with the diffusion of GPS-equipped smart devices. As a consequence, privacy concerns are raising year by year. Location privacy is becoming a major interest in research and industry world, and many solutions have been proposed for it. One of the simplest and most flexible approaches is obfuscation, in which the precision of location data is artificially degraded before disclosing it. In this paper, we present an obfuscation approach capable of dealing with measurement imprecision, multiple levels of privacy, untrusted servers and adversarial knowledge of the map. We estimate its resistance against statistical-based deobfuscation attacks, and we improve it by means of three techniques, namely extreme vectors , enlarge-and-scale and hybrid vectors .

Description: We consider the problem of access privilege management in a classical protection environment featuring subjects attempting to access the protected objects. We express an access privilege in terms of an access right and a privilege level. The privilege level and a protection diagram associated with each given object determine whether a nominal access privilege for this object corresponds to an effective, possibly weaker access privilege, or is revoked. We associate a password system with each object; the password system takes the form of a hierarchical bidimensional one-way chain. A subject possesses a nominal access privilege for a given object if it holds a key that matches one of the passwords in the password system of this object; the protection diagram determines the extent of the corresponding effective access privilege. The resulting protection environment has several interesting properties. A key reduction mechanism allows a subject that holds a key for a given object to distribute keys for weaker access rights at lower privilege levels. A subject that owns a given object can review or revoke the passwords for this object by simply modifying the protection diagram. The memory requirements to represent a protection diagram are negligible; as far as password storage is concerned, space–time trade-offs are possible.

Description: A proxy re-encryption (PRE) allows a data owner to delegate the decryption rights of some encrypted data stored on the cloud without revealing the data to an honest-but-curious cloud service provider (i.e. the PRE proxy). Furthermore, the data owner can offload most of the computational operations to the cloud service provider and hence, using PRE for encrypted cloud data sharing can be very effective even for data owners using limited resource devices (e.g. mobile devices). However, PRE schemes only enables data owners to delegate the decryption rights of all their encrypted data. A more practical notion is a conditional PRE (CPRE) that allows us to specify under what condition the decryption of an encrypted data can be delegated, for example, only sharing all the encrypted files under a directory called ‘public’. In this paper, we provide an affirmative result on the long-standing question of building a full chosen-ciphertext attacks (CCA)-secure CPRE system in the standard model and for the first time, we show that a class of Hierarchical Identity-Based Encryption (HIBE) schemes can be transferred to building a CCA-secure CPRE in the standard model. We also list out some concrete HIBE schemes which fall into this class, e.g., Lewko-Waters HIBE. All existing CCA-secure PRE schemes in the standard model are not conditional while all existing CPRE schemes are either not CCA secure or not in the standard model. By instantiating our generic HIBE-based transformation, we show that an efficient and concrete CPRE scheme which is both CCA secure in the standard model and conditional can be built.

Description: As people increasingly rely on road maps in the digital age, manually maintained maps cannot keep up with the demand for accuracy and freshness, evidenced by the recent iOS map incident and the bidding war for Waze. There are many research works on automatic map inference using GPS data, and some have suggested that Google and Waze automate their map update processes to some degree with user data. However, existing published work focuses on refining road geometry. In reality, connectivity issues at intersections, including missing connections and unmarked turn restrictions, are much more prevalent and also more difficult to infer. In this paper, we report our study on the connectivity issues in the OSM Shanghai map using 21 months of GPS data from over $10\,000$ taxis. We first adapt a robust map matching algorithm. Then, we propose simple algorithms for detecting missing intersections, turn restrictions and road closures. Empirical results show that our algorithms of connectivity refinement for road maps are effective.

Description: The degree distribution is an important characteristic of complex networks. In many data analysis applications, the networks should be represented as fixed-length feature vectors and therefore the feature extraction from the degree distribution is a necessary step. Moreover, many applications need a similarity function for comparison of complex networks based on their degree distributions. Such a similarity measure has many applications, including classification and clustering of network instances, evaluation of network sampling methods, anomaly detection and study of epidemic dynamics. The existing methods are unable to effectively capture the similarity of degree distributions, particularly when the corresponding networks have different sizes. In this paper, we propose a feature extraction method and a similarity function for the degree distributions in complex networks. We propose to calculate the feature values based on the mean and standard deviation of the node degrees in order to decrease the effect of the network size on the extracted features. Experiments on a wide range of real and artificial networks confirms the accuracy, stability and effectiveness of the proposed method.

Description: Given a query photo characterizing a location-aware landmark shot by a user, landmark retrieval is about returning a set of photos ranked in their similarities to the query. Existing studies on landmark retrieval focus on conducting a matching process between candidate photos and a query photo by exploiting location-aware visual features. Notwithstanding the good results achieved, these approaches are based on an assumption that a landmark of interest is well-captured and distinctive enough to be distinguished from others. In fact, distinctive landmarks may be badly selected, e.g. changes on viewpoints or angles. This will discourage the recognition results if a biased query photo is issued. In this paper, we present a novel technique that exploits user communities in social media networks. Given a biased query photo containing some landmarks taken by a user, we select multiple users to complement this user for retrieval. Multiple photos are then used to enrich the query photo, constituting a more representative yet robust multi-query set. A pattern mining method is developed to obtain a compact feature representation of photos from the multi-query set. Such a representation is utilized to efficiently query the database so as to improve retrieval results. Extensive experiments on real-world datasets demonstrate the effectiveness and efficiency of our approach.

Description: Social media have been used by some companies to support customer co-creation in recent years. However, few academic studies have been done to investigate the use of social media in customer co-creation. To understand the current state-of-the-art and future trends about the use of social media in customer co-creation, we conducted two studies to analyze relevant posts on blogs and social media-based online forums. This study reveals some interesting patterns, themes and future trends in this specific area. Recommendations are given to help managers engage in co-creation activities with customers.

Description: Mobile message push has become a ubiquitous technology in various applications such as online resource sharing, traffic surveillance, mobile health care and environmental monitoring. In mobile terminals, energy efficiency optimization is one of the most important issues due to battery power limitations, resource constraints and quality-of-service (QoS) requirements. Considering the timely delivery, network load and terminal diversity, this paper proposes an adaptive message push strategy (AMPS) for energy efficiency optimization in mobile terminals. In AMPS, running parameters including energy parameter, operating system (OS) version and connection/polling cost in mobile terminal are first acquired and sent to the server together with the requisition data, and then the dispatching module will automatically choose a message pushing mode between polling-based and connection-based ones. The AMPS was tested in real environments using mobile phones with different OSs. Experiment results show that AMPS can efficiently optimize energy exploitation with dynamic tradeoff between terminal using time and QoS performance in comparison with polling-based and connection-based message push strategies.

Description: Wireless sensor networks (WSNs) are vulnerable to the unfavorable funneling effect. The optimization of WSN clustering is a natural way to suppress the funneling effect. WSN clusters involve the edge effect that was undervalued in existing techniques. We propose an optimal clustering routing protocol GreenOCR to reduce the detrimental influence of the funnel effect and minimize the energy consumption in WSNs. Our work focuses on the approximate unequal optimal clustering and dropping energy consumption arising from the edge effect. First, according to the data repeat rate among overlapped clusters, we estimate the actual data compression ratio to offset the negative influence of the edge effect and save WSN energy. Secondly, we reduce the issue of minimizing the total energy consumption in a WSN to a nonlinear programming (NLP). We have proved that this NLP problem is NP complete. Third, we turn over to exploring an approximate optimal clustering and propose an approximate optimal clustering algorithm. A GreenOCR enabled WSN clustering minimizes the energy consumption in the whole network and extends the lifetime of the WSN. The simulation experiment shows that GreenOCR outperforms its rivals in alleviating the funnel effect.

Description: To improve the video semantic analysis for video surveillance, a new video semantic analysis method based on the kernel discriminative sparse representation (KSVD) and weighted K nearest neighbors (KNN) is proposed in this paper. A discriminative model is built by introducing a kernel discriminative function to the KSVD dictionary optimization algorithm, mapping the sparse representation features into a high-dimensional space. The optimal dictionary is then generated and applied to compute the sparse representations of video features. For video semantic analysis, a weighted KNN algorithm based on the optimal sparse representation is proposed. In the algorithm, a kernel function is introduced to establish discrimination about sparse representation features and the classification vote result is weighted, the purpose of which is to improve the accuracy and rationality for video semantic analysis. The experimental results show that the proposed method significantly improves the discrimination of sparse representation features when compared with the traditional KSVD-based support vector machine method. The method can effectively detect the concept and event, which can be potentially useful for improving the video surveillance.

Description: In cloud computing, companies usually use high-end storage systems to guarantee the I/O performance of virtual machines (VM). These storage systems cost a lot of energy for their high performance. In this paper, we propose an EEVS, a deduplication-based energy efficiency storage system for VM storage. We firstly investigate some VM image files with general operating systems. With the analysis result, we find there are many redundant data blocks that bring extra energy cost VM storage. Therefore, in the EEVS, we design an online-deduplication mechanism to reduce these redundant data without service interruption, while traditional deduplication technology is used for offline backup. Based on the system design, we implement an EEVS with the existing cloud platform. Since this mechanism needs considerable computing resources, we design a deduplication selection algorithm such that the storage energy consumption is minimized for a given set of VMs with limited resources for deduplication. Experiment results in a para-virtualization environments of the EEVS show that energy consumption is reduced by even up to 66% with negligible performance degradation.

Description: Smarter use of the renewable energy produced by solar panels reduces the return time of the investment necessary for their installation. This improvement consequently motivates more households to use solar panels so as to not only help protect the environment, but also better use the expensive energy. The difference in tariff prices at different hours of the day is one such opportunity for smarter use of solar electricity: we propose and implement a real-time strategy to more economically use the produced solar electrical energy by forecasting future demand of a few days ahead and by using that energy at the most economical time. Evaluation of the proposed technique in an educational building showed that this scheme improves financial advantage of solar panels by 41% compared with the direct connection of production of solar panels to the grid, or using the stored solar energy completely unawares, hence it can reduce the return time of investment by the same amount. Moreover, since our technique reduces power usage from the utility grid at peak tariff hours, it is one way to move toward a uniform consumption at the suppliers’ level that leads to better use and higher quality and stability.

Description: In vehicular networks, since reliable end-to-end paths between data source and destination seldom exist, replication-based routing protocols are widely used to increase the delivery ratio and reduce the transfer delay. However, after a data message is delivered, its replicas still exist and greatly waste network resources, such as transmission bandwidth and storage spaces. In mobile multimedia communications, the large size of multimedia data greatly aggravates this situation. In this paper, we propose a GPS-based replica deletion scheme with anti-packet distribution for vehicular networks, namely RAD. It utilizes vehicle-to-vehicle and vehicle-to-roadside-unit communications to remove redundant data replicas by a certain number of anti-packets. A roadside unit at each crossing distributes its collected anti-packets to nearby vehicles moving for different directions according to the geographical locations of the to-be-deleted targets. This distribution increases the delivery probability of these anti-packets. Experiment results in a real taxi network show that, compared with others, RAD accelerates replica deletion with less extra overhead

Description: The uncertainty and extreme large scale of cloud resources make task scheduling very difficult which affects the user quality of experience and probably result in a waste of cloud resources and energy consumption. Moreover, some resources stay in an unusable state for extended time. To take into account these problems a cloud resource evaluation model is proposed, termed Entropy Optimization Evaluation and ant colony clustering Model (EOEACCM). The model releases long-term unavailable resources to save energy. First, by mean of the entropy increasing minimum principle, the proposed model can maximize the system utilization and balance profits of both cloud resource providers and users. As a consequence, it can shorten task completion time. Secondly, the model narrows the task scheduling size and achieves optimal scheduling by clustering. To make the model more suitable for the dynamics of cloud resources, the model design improves pheromone update policies by fixing total path length in each function cycle when clustering by the ant colony algorithm. Evaluation of results using EOEACCM demonstrate that it may be applicable for resource management strategies for migration and release, an application which can effectively save energy. The proposed model was evaluated by simulation. Experiment results showed the positive effect of user satisfaction from entropy optimization, as well as scheduling time from clustering. Moreover, when the scale of tasks was large, this clustering algorithm performed much better than others. The clustering model also demonstrated better adaptability when some cloud resources were joined or terminated.

Description: To support the sustainable operation of wireless sensor networks using limited energy, duty cycling is a promising solution. However, it is a challenge to guarantee each node communicating with its neighbors under duty cycle when the network is asynchronous. The challenge becomes bigger when nodes’ duty cycles are required to be adjusted separately according to their demands to save energy and achieve high channel utilization. Existing low power listening- and contention-based protocols are not energy-efficient and cannot ensure high channel utility. Additionally, synchronization-based media access control (MAC) protocols suffer from extra energy consumption and low synchronization precision. This paper proposes a localized and on-demand (LOD) duty cycling scheme based on a specifically designed semi-quorum system. LOD can adjust duty cycle of each node adaptively according to its demand so as to avoid channel contention, consequently achieving high channel utilization. This allows the fairness for channel access within asynchronous sensor networks. Extensive experiments are conducted on a real test-bed of 100 TelosB nodes to evaluate the performance of LOD. As compared with B-MAC, LOD substantially reduces contention for channel access and the energy consumption, thus improving the network throughput significantly.

Description: Recently, wireless sensor networks (WSNs) have been widely used in many applications, such as Smart Grid. However, it is generally known that WSNs are energy limited, which makes WSNs vulnerable to malicious attacks. Among these malicious attacks, a sinkhole attack is the most destructive one, since only one sinkhole node can attract surrounding nodes with unfaithful routing information, and it executes severe malicious attacks, e.g. the selective forwarding attack. In addition, a sinkhole node can cause a large amount of energy wastes of surrounding nodes, which results in abnormal energy hole in WSNs. Thus, it is necessary to design an effective mechanism to detect the sinkhole attack. In this paper, we propose a novel Intrusion Detection Algorithm based on neighbor information against Sinkhole Attack (IDASA). Different from traditional intrusion detection algorithms, IDASA takes full advantage of neighbor information of sensor nodes to detect sinkhole nodes. In addition, we evaluate IDASA in terms of malicious node detection accuracy, packet loss rate, energy consumption and network throughput in MATLAB. Simulation results show that the performance of IDASA is better than that of other related algorithms.

Description: Loosely coupled and cross-platform features make Web services accessible and increasingly popular on the Internet. However, efficient service discovery and automated service composition are still challenges under the conventional practice where services are organized into categories. In this paper, we propose a graph-based method to organize Web services into a service ecosystem interlaced with service relationships at the semantic level. First, Web services are modelled as a set of interfaces, whose input and output parameters are annotated with well-defined ontologies. Secondly, semantic associations and interactions between Web services are mined, and services are constructed into a Web services network (SN), a variant of bipartite graph, by projecting the functional aspects of concrete Web services onto the abstract service layer. Thirdly, from the complex network perspective, the services relations are investigated and the structure of SN is analysed. To demonstrate the basic topological properties of SN, an empirical study is conducted on two data sets for comparative purposes, 10 000+ Web services collected from the Internet and 1231 Web services provided by Titan system of Zhejiang University. The experimental results reveal that SNs, which are built by different data sets on the semantic level, exhibit the same features such as small-world and scale-free. In addition, our results yield valuable insight for developing service discovery and automated composition algorithms, and characterizing the evolution of the entire Web service ecosystem.

Description: Mixed Polarity Reed-Muller (MPRM) logic draws more and more attention for its advantages over Boolean logic. This paper works on power optimization in logic synthesis for MPRM logic circuits. We present a power estimation model for MPRM logic circuits from a probabilistic point of view. A key feature of this technique is that it provides an accurate and efficient way to handle temporal signal correlations during estimation of average power by using lag-one Markov chains. Besides, an ordered binary decision diagrams-based procedure is used to propagate the temporal correlations from the primary inputs throughout the network. At last, this power estimation model is used in low power synthesis for MPRM logic circuits. This model has been evaluated in C language and a comparative analysis has been presented for many benchmark circuits. The results show that this model gives very good accuracy and does well in low power design for MPRM logic circuit.

Description: Energy demand in a smart grid is directly related to energy consumption, as defined by user needs and comfort experience. This article presents a multi-agent architecture for smart control of space heating and cooling processes, in an attempt to enable flexible ways of monitoring and adjusting energy supply and demand. In this proposed system, control agents are implemented in order to perform temperature set-point delegation for heating and cooling systems in a building, offering a means to observe and learn from both the environment and the occupant. Operation of the proposed algorithms is compared with traditional algorithms utilized for room heating, using a simulated model of a residential building and real data about user behaviour. The results show (i) the performance of machine learning for the occupancy forecasting problem and for the problem of calculating the time to heat or cool a room; and (ii) the performance of the control algorithms, with respect to energy consumption and occupant comfort. The proposed control agents make it possible to significantly improve an occupant comfort with a relatively small increase in energy consumption, compared with simple control strategies that always maintain predefined temperatures. The findings enable the smart grid to anticipate the energy needs of the building.

Description: Environment reconstruction is to rebuild the physical environment in the cyberspace using the sensory data collected by sensor networks, which is a fundamental method for human to understand the physical world in depth. A lot of basic scientific work such as nature discovery and organic evolution heavily relies on the environment reconstruction. However, gathering large amount of environmental data costs huge energy and storage space. The shortage of energy and storage resources has become a major problem in sensor networks for environment reconstruction applications. Motivated by exploiting the inherent feature of environmental data, in this paper, we design a novel data gathering protocol based on compressive sensing theory and time series analysis to further improve the resource efficiency. This protocol adapts the duty cycle and sensing probability of every sensor node according to the dynamic environment, which cannot only guarantee the reconstruction accuracy, but also save energy and storage resources. We implement the proposed protocol on a 51-node testbed and conduct the simulations based on three real datasets from Intel Indoor, GreenOrbs and Ocean Sense projects. Both the experiment and simulation performances demonstrate that our method significantly outperforms the conventional methods in terms of resource efficiency and reconstruction accuracy.

Description: Computing network paths under worst-case delay constraints has been the subject of abundant literature in the past two decades. Assuming weighted fair queueing scheduling at the nodes, this translates to computing paths and reserving rates at each link. The problem is NP -hard in general, even for a single path; hence polynomial-time heuristics have been proposed in the past that either assume equal rates at each node, or compute the path heuristically and then allocate the rates optimally on the given path. In this paper we show that the above heuristics, albeit finding optimal solutions quite often, can lead to failing of paths at very low loads, and that this could be avoided by solving the problem, i.e. path computation and rate allocation, jointly at optimality . This is possible by modeling the problem as a mixed-integer second-order cone program and solving it optimally in split-second times for relatively large networks on commodity hardware; this approach can also be easily turned into a heuristic one, trading a negligible increase in blocking probability for one order of magnitude of computation time. Extensive simulations show that these methods are feasible in today's Internet service provider networks and they significantly outperform the existing schemes in terms of blocking probability.

Description: There is considerable evidence that exposure to air pollution is harmful to health. In the USA, ambient air quality is monitored by Federal and State agencies for regulatory purposes. There are limited options, however, for people to access this data in real time, which hinders an individual's ability to manage their own risks. This paper describes a new software package that models environmental concentrations of fine particulate matter (PM 2.5 ), coarse particulate matter (PM 10 ) and ozone concentrations for the state of Oregon and calculates personal health risks at the smartphone's current location. Predicted air pollution risk levels can be displayed on mobile devices as interactive maps and graphs color-coded to coincide with Environmental Protection Agency air quality index categories. Users have the option of setting air quality warning levels via color-coded bars and are notified whenever warning levels are exceeded by predicted levels within 10 km. We validated the software using data from participants as well as from simulations, which showed that the application was capable of identifying spatial and temporal air quality trends. This unique application provides a potential low-cost technology for reducing personal exposure to air pollution which can improve quality of life, particularly for people with health conditions, such as asthma, that make them more susceptible to these hazards.

Description: IP address lookup modules for backbone routers should store 100Ks of entries, find the longest prefix match (LPM) for each incoming packet at 10s of Gbps line speed and support thousands of lookup table (LUT) updates each second. It is desired that these updates are non-blocking , that is without disrupting the ongoing lookups. Furthermore, considering the increasing line rates and table sizes, the scalability of the design is very important. Ternary content-addressable memory (TCAM) architectures are widely deployed for hardware IP lookup. In this paper, we propose a novel TCAM architecture, S-DIRECT-Scalable and Dynamically REConfigurable TCAM , that is custom designed for hardware IP lookup. S-DIRECT consists of hierarchically combined TCAM cells with inherent priority encoders (PEs) to support LPM. Hence, its design is scalable without any need for a separate PE or a redesign for different table size. Furthermore, S-DIRECT can perform constant time, non-blocking updates in hardware provided that certain write capabilities are present in the TCAM entries. S-DIRECT architecture is both independent of the hardware platform and the implementation of the TCAM cells. We demonstrate the generality and viability of S-DIRECT by implementing it both with prefix/mask register and LUT-based TCAM cells on FPGA.

Description: The IEEE 802.11 standard defines access categories (AC) and differentiated medium access control mechanisms for wireless local area networks. The preferential or deferral treatment of frames is achieved using configurable Arbitration Inter-Frame Spaces (AIFS) and customizable Contention Window (CW) sizes. In this paper, we address the problem of determining when a station, being a part of wireless communication, will access the medium. We present an algorithm calculating the probability of winning the contention by a given station, characterized by its AIFS and CW values. The probability of collision is calculated by similar means. The results were verified by simulations in Matlab and OPNET Modeler tools. We also introduce a web applet implementing and interactively demonstrating the results.

Description: Although the growth in the scale and complexity is the response of High Performance Computing (HPC) systems like computational grids to the ever-increasing demand for high processing capacity, it also makes these systems considerable energy consumers. In fact, high energy consumption is the new challenge in front of performance improvement of HPC systems and thus power management is now a necessity for them. One of the major components that can have a great role in the power-saving process is the scheduler. In this paper, a new power-aware scheduling algorithm is proposed by incorporating the characteristics of both job and resource into the job mapping and ordering, and frequency-setting decision steps. In addition to the analytical study, the proposed scheduler has been evaluated based on results obtained from experiments in different resources heterogeneity levels and workload conditions. The results show the greater capability of the proposed scheduling algorithm in comparison with other related approaches.

Description: Nowadays, green energy management is a fundamental perspective for supporting cyber-physical interactions and managing energy resources, and smart grid is emerging as the next generation energy management paradigm. Toward the green energy management and smart grid, there are several open issues to be explored. This special issue is to provide a platform for the last results in the related topics.

Description: With the energy and power costs increasing alongside the growth of the IT infrastructures, achieving workload concentration and high availability in cloud computing environments is becoming more and more complex. Virtual machine (VM) migration has become an important approach to address this issue, particularly; live migration of the VMs across the physical servers facilitates dynamic workload scheduling of the cloud services as per the energy management requirements, and also reduces the downtime by allowing the migration of the running instances. However, migration is a complex process affected by several factors such as bandwidth availability, application workload and operating system configurations, which in turn increases the complications in predicting the migration time in order to negotiate the service-level agreements in a real datacenter. In this paper, we propose an adaptive approach named improved MIGration (iMIG), in which we characterize some of the key metrics of the live migration performance, and conduct several experiments to study the impacts of the investigated metrics on the Kernel-based VM (KVM) functionalities, as well as the energy consumed by both the destination and the source hosts. Our results reveal the importance of the configured parameters: speed limit , TCP buffer size and max downtime , along with the VM properties and also their corresponding impacts on the migration process. Improper setting of these parameters may either incur migration failures or causes excess energy consumption. We witness a few bugs in the existing Quick EMUlator (QEMU)/KVM parameter computation framework, which is one of most widely used KVM frameworks based on QEMU. Based on our observations, we develop an analytical model aimed at better predictions of both the migration time and the downtime, during the process of VM deployment. Finally, we implement a suite of profiling tools in the adaptive mechanism based on the qemu-kvm-0.12.5 version, and our experiment results prove the efficiency of our approach in improving the live migration performance. In comparison with the default migration approach, our approach achieves a 40% reduction in the migration latency and a 45% reduction in the energy consumption.

Description: Community detection in social networks is one of the most active problems with lots of applications. Most of the existing works on the problem have focused on detecting the community considering only the closeness between community members. In the real world, however, it is also important to consider bad relationships between members. In this paper, we propose a new variant of the community detection problem, called friendly community search . In the proposed problem, for a given graph, we aim to not only find a densely connected subgraph that contains a given set of query nodes but also minimizes the number of nodes involved in bad relationships in the subgraph. We prove that is Non-deterministic Polynomial-time hard (NP-hard), and develop two novel algorithms, called G reedy and S teiner S wap that return the near optimal solutions. Experimental results show that two proposed algorithms outperform the algorithm adapted from an existing algorithm for the optimal quasi-clique problem.

Description: A conditional proxy re-encryption (CPRE) scheme enables the proxy to convert a ciphertext from Alice to Bob, if the ciphertext satisfies one condition set by Alice. To improve the issue of more fine-grained on the condition set, Fang, Wang, Ge and Ren proposed a new primitive named Interactive conditional PRE with fine grain policy (ICPRE-FG) in 2011, and left an open problem on how to construct CCA-secure ICPRE-FG without random oracles. In this paper, we answer this open problem affirmatively by presenting a new construction of CCA-secure key-policy attribute-based PRE (KP-ABPRE) without random oracles. In this paper, we enhance the security model of Fang's ICPRE-FG scheme by allowing the adversary to make some extra queries, which do not help them win the game trivially. Finally, we present a CCA-secure KP-ABPRE without random oracles under the 3-weak decisional bilinear Diffie–Hellman inversion(3-wDBDHI) assumption.

Description: The key-insulated signature scheme provides a good method to solve key exposure problem. The key-insulated mechanism has been extended to the identity-based cryptography (IBC) and certificateless cryptography. As a new cryptographic primitive, certificate-based cryptography has unique advantage without key escrow problem in IBC and the complex certificate management problem in traditional PKI. However, certificate-based signature operations are usually performed on insecure environments where the signature key exposure is inevitable. In order to solve this problem, we intro- duce key-insulated idea into certificate-based cryptography and propose the notion and security model of the certificate-based key-insulated signature (CBKIS). In addition, we present a CBKIS scheme that is provably secure in the standard model. Security of scheme is reduced to the hardness of Non Pairing-based Generalized Bilinear DH problem and Many Diffie–Hellman problem. The proposed scheme solves the key exposure problem and improves the security in certificate-based cryptography.

Description: In this paper, we propose a privacy-preserving reservation system for electric vehicles (EV) charging stations. Due to the short driving range of EV, frequent charging is necessary. A mechanism for charging station reservation for EV owners is desirable. Our proposed system allows the vehicle owner to reserve a number of charging stations along the intended route at different time-slots. Yet it is secure against misuse such that a user can only hold a limited number of reservations simultaneously. More importantly, our system can provide privacy for users. The charging station does not know the identity of the user who has reserved it. Thus location privacy can be protected. We demonstrate the practicality of our system with a prototype implementation on a smart phone. Finally, we also provide a security proof to show that our system is secure under well-known computational assumptions.

Description: A blackbox traceable Attribute-Based Encryption (ABE) can identify a malicious user called traitor, which created a decryption box with respect to an attribute set (respectively, access policy), out of all the users who share the same attribute set (respectively, access policy). However, none of the existing traceable ABE schemes can also support revocation and large attribute universe, that is, being able to revoke compromised keys, and can take an exponentially large number of attributes. In this paper, we formalize the definitions and security models, and propose constructions of both Ciphertext-Policy ABE and Key-Policy ABE that support (i) public and fully collusion-resistant blackbox traceability, (ii) revocation, (iii) large universe and (iv) any monotonic access structures as policies (i.e. high expressivity). We also show that the schemes are secure and blackbox traceable in the standard model against selective adversaries.

Description: White-box cryptography aims at implementing a cipher to protect its key from being extracted in an untrusted environment, where the attacker has full access to the execution of the cryptographic software. In 2002, Chow et al. proposed the original white-box implementation of AES. Afterwards, various white-box implementations were presented. However, they were all badly broken because of a weakness of the implemented cryptographic algorithms: every parameter of the cryptographic operations is fixed except the round keys. In this paper, we present an AES-like cipher based on key-dependent S-boxes. The new cipher is designed to meet the design criteria of AES and hence provides a security level comparable to AES to resist black-box attacks. Moreover, we present a white-box implementation for our AES-like cipher, which is sufficient to withstand existing white-box attacks.

Description: Identity-based encryption (IBE) has many appealing applications. However, some traditional IBE schemes may not be secure in the real world due to the side-channel attacks. Leakage-resilient cryptography can capture these attacks by modeling information leakage that adversary can access. In this paper, we apply a hash proof technique in the existing CCA-secure variant of the Gentry's IBE scheme to construct a new leakage-resilient IBE scheme in the bounded-leakage model. The proposed scheme is more computationally efficient than the original Alwen et al. 's leakage-resilient IBE scheme. It enjoys a shorter key (public/secret key) length, and a higher relative key leakage ratio. The new leakage-resilient scheme is proved semantically secure against adaptive chosen ciphertext attack in the standard model under the truncated augmented bilinear Diffie-Hellman exponent ( $q$ -TABDHE) assumption.

Description: The ciphertext retrieval is of paramount importance for data confidentiality and utilization in mobile cloud environment. The receiver, usually equipped with resource constrained devices, retrieves data stored in the cloud server by submitting a confidential request (or trapdoor) to the cloud. Previous schemes need at least one exponentiation operation in group $\mathbb {G}$ for each keyword to generate the trapdoor, which is quite burdensome for mobile devices to support such computational cost. The computational cost of trapdoor generation limits the application of ciphertext retrieval, especially in a wireless environment. In this paper, we propose the first online/offline ciphertext retrieval (OOCR) scheme, where the trapdoor generation is split into two phases: offline phase and online phase . Most of the computation of the trapdoor could be performed in the offline phase prior to knowing the keyword. The generation of the real trapdoor with keyword can be done efficiently in the online phase. The most challenging task is to resist the so-called insider attacks, which is about keyword guessing attacks from the untrusted cloud server. We also build a novel framework to resist insider attacks and propose an OOCR scheme against insider attacks. Our semantic security proof and performance analysis demonstrate that the proposal is practical for mobile cloud applications.

Description: In this paper, we point out some faulty instantiations of threshold ring signatures (TRS) based on the threshold proof-of-knowledge (TPoK) protocol. Although a TRS can be regarded as the non-interactive version of the TPoK, the computational domains of the variables should be carefully chosen. We show that by choosing some inappropriate domains, two such instantiations suffer from forgery and anonymity attacks. Our attacks rely on algebraic techniques which involve solving some particular instances of the well-known subset sum problem. While we focus our attacks on two particular instantiations of the TRS, they are generic and are applicable to other schemes with the same choice of domains or a similar structure. We believe this paper can act as an important security remark on the design of future TRS schemes.

Description: The typical Secure Document Management System (SDMS) uses cryptography or access control mechanisms to restrict illegal access by unauthorized users to digital documents. However, these techniques are insufficient when authorized users betray the trust of their organizations, distributing sensitive digital documents to unauthorized users. This paper presents a novel end-to-end approach to construct a robust SDMS able to guarantee not only the integrity and confidentiality of digital documents (data-centric security), but also providing robust insider threat tracing mechanisms (user-centric security). As far as the authors' knowledge extends, this is the first contribution that analyses security issues of SDMS considering data-centric (by means of encryption) and user-centric (based on fingerprinting) security services for the construction of an SDMS. Security requirements are identified from the modeling of a digital document's lifecycle. Then cryptographic techniques are carefully coupled with a fingerprinting technique at specific stages of the proposed document lifecycle. As a proof of concept, an SDMS was created, implemented and evaluated, demonstrating its feasibility for deployment in production environments. The robustness of the SDMS was proved, using standard cryptographic algorithms and secure key lengths. The created SDMS also resisted the collusion and retyping attacks commonly directed at fingerprinting applications.

Description: Nowadays, trust systems (TSs) are widely used for tackling dishonest entities in many modern environments. However, these systems are vulnerable to some kinds of attacks where attackers try to deceive the system using sequences of misleading behaviors and dishonest recommendations. A robust TS is expected to function properly even in the possibility of such attacks. To the best of our knowledge, simulation has been the main approach for evaluation of TSs so far, and there is no remarkable verification method for this aim. In this paper, a method for quantitative verification of TSs' robustness against malicious attackers is proposed. The proposed method consists of a formalism for specifying any given trust model named TS attack process that is cast into partially observable Markov decision process mathematical framework. The proposed method is capable of verifying TSs against both well-known attacks and the worst possible attack scenario. The method could also be used to help adjusting parameters of the given TS. Moreover, a quantitative robustness measure is introduced, which helps to compare the robustness of different TSs. To illustrate the applicability of the proposed method, a number of case studies for analysis and comparison of selected trust models (including Subjective Logic and REGRET) are presented.

Description: Multivariate cryptographic systems are one of the most popular public key cryptographic systems, since they have the potential to resist quantum computer attacks. Multivariate signatures have few applications where low area is more of a priority since they are much larger than rivest-shamir-adleman and elliptic curves cryptography. In this paper, we propose a very small cryptographic processor for multivariate signatures and enhance our design in three directions. First, we propose a Modular Arithmetic Logic Unit based on composite field representations. Second, we design a small instruction set. Third, we adapt register reuse and time sharing. Via further other minor optimizations and by integrating the major improvement above, our design is implemented on a small Xilinx field programmable logic array and utilizes only 47 flip flops, 155 look up tables and 92 slices. Its small area would present a significant saving, including fitting into a smaller device, e.g. radio frequency identification tag. Our design can generate multivariate signatures with a moderate speed, e.g. Unbalanced Oil–Vinegar Signature, Rainbow and extensions of Tame Transformation Signature, which is sufficient for numerous applications where area usage is more of a priority. Comparison results show that our design is 50% smaller than the smallest available public key cryptographic system.

Description: Inversions in small finite fields are playing a key role in many areas. We present techniques to exploit binary trees for fast inversions in $GF(2^n)$ and $GF(p)$ , where $n$ is a positive integer and $p$ is a prime number. The non-pipelined versions of our design in $GF(2^n)$ and $GF(p)$ have the execution time of $(n-1)(T_{AND}+T_{XOR})$ and $\lfloor \log _2p\rfloor (T_{AND}+T_{XOR})$ , where $T_{AND}$ and ${T_{XOR}}$ are delays of AND and XOR gates, respectively. The pipelined version of our design has a throughput rate of one result per $T_{AND}$ (or $T_{XOR}$ ). The latency is the greater value between $T_{AND}$ and $T_{XOR}$ . In other words, the time complexities of non-pipelined and pipelined versions are $O(n)$ (or $O(log_2p)$ ) and $O(1)$ , respectively. Experimental results and comparisons show that our design provides significant reductions in both the execution time and time–area product, e.g. the execution time of inversion in $GF(2^{12})$ is reduced by 73 $\%$ and time–area product of inversion in $GF(2^6)$ is reduced by 77 $\%$ .

Description: We proposed two multiparty quantum secret sharing schemes based on n -particle Greenberger–Horne–Zeilinger-states (GHZ states), which are transformed from Einstein–Podolsky–Rosen pairs by entanglement swapping. In our schemes, the dealer imposes messages by performing local unitary operations ( I, x, i y, z ) on the n -particle GHZ state she holds, and the agents collaborate to deduce the dealer's messages by performing local unitary operations on their own qubit. The amount of dealer's secret message is positively related with the number of agents. The need of qubits is one-third less than the former schemes and, also, they can be reused for the next new round. The scheme (II) does not have to pre-share the code table, which increases the security without the risk of being stolen.

Description: Automatic fare collection (AFC) systems calculate the fare that the users must pay depending on the time of service (time-based) or the points of entrance and exit of the system (distance-based). The progressive introduction of Information and Communication Technologies allows the use of electronic tickets, which helps us to reduce costs and improve the control of the infrastructures. Nevertheless, these systems must be secure against possible fraud and they must also preserve users’ privacy. Therefore, we have studied the security requirements for the time-based and distance-based systems and we have proposed a protocol for each of the AFC systems. 1 The protocols offer strong privacy for honest users, i.e. the service provider is not able to disclose the identity of its users and, moreover, different journeys of the same user are not linkable between them. However, anonymity for users could be revoked if they misbehave. The protocols have been implemented in Android and its performance has been evaluated in two Android smartphones. The results remark that protocols are suitable to be used on an AFC system with a medium class mobile device although they offer a better experience with a high-class smartphone. The appearance in the market of more powerful mobile devices suggests a better usability of our proposal in a near future.

Description: Accurately locating unknown nodes is a critical issue in the study of wireless sensor networks (WSNs). Many localization approaches have been proposed based on anchor nodes, which are assumed to know their locations by manual placement or additional equipments such as global positioning system. However, none of these approaches can work properly under the adversarial scenario. In this paper, we propose a novel scheme called two-step secure localization (TSSL) stand against many typical malicious attacks, e.g. wormhole attack and location spoofing attack. TSSL detects malicious nodes step by step. First, anchor nodes collaborate with each other to identify suspicious nodes by checking their coordinates, identities and time of sending information. Then, by using a modified mesh generation scheme, malicious nodes are isolated and the WSN is divided into areas with different trust grades. Finally, a novel localization algorithm based on the arrival time difference of localization information is adopted to calculate locations of unknown nodes. Simulation results show that the TSSL detects malicious nodes effectively and the localization algorithm accomplishes localization with high localization accuracy.

Description: Distance-bounding protocols form a family of challenge–response authentication protocols that have been introduced to thwart relay attacks. They enable a verifier to authenticate and to establish an upper bound on the physical distance to an untrusted prover. We provide a detailed security analysis of a family of such protocols. More precisely, we show that the secret key shared between the verifier and the prover can be leaked after a number of nonce repetitions. The leakage probability, while exponentially decreasing with the nonce length, is only weakly dependent on the key length. Our main contribution is a high probability bound on the number of sessions required for the attacker to discover the secret, and an experimental analysis of the attack under noisy conditions. Both of these show that the attack's success probability mainly depends on the length of the used nonces rather than the length of the shared secret key. The theoretical bound could be used by practitioners to appropriately select their security parameters. While longer nonces can guard against this type of attack, we provide a possible countermeasure which successfully combats these attacks even when short nonces are used.

Description: In threshold public-key encryption (TPKE), the decryption key is divided into n shares, each one of which is given to a different decryption user in order to avoid single points of failure. A robust TPKE is that if threshold decryption of a valid ciphertext fails, the combiner can identify the decryption users that supplied invalid partial decryption shares. In this paper, we propose a practical and efficient TPKE scheme which is robust and non-interactive. Security against chosen-ciphertext attacks (CCAs) can be proved in the standard model under the hashed Diffie–Hellman assumption in bilinear groups. The security reduction is tight and simple. We use an instantiation hash function of the Kiltz's key encapsulation mechanism and Lai et al. 's chosen-ciphertext secure technique to construct a TPKE scheme. Moreover, our scheme is more simple and shown to be more efficient than currently existing CCA-secure TPKE schemes.

Description: The advances in the digital world (e.g. the Internet, Communications, etc.) are closing the gap between consumers and providers, in both Business to Consumer and Business to Business environments. Through the Internet, providers can offer their products directly to consumers, which increase their choices and allow them to contract a set of different services/products from different providers. But sometimes the consumer needs an all-or-nothing exchange with these providers: an atomic exchange. The consumer has negotiated/obtained a set of conditions that are only met if she acquires all the services/products. Thus, we need an Atomic Multi-Two-Party contract signing protocol. Even though digital signature of contracts is a topic that has been widely studied, it lacks a solution when applied to Atomic Multi-Two-Party scenarios. Here, we propose the first solution to solve this problem.

Description: Key-evolving cryptography is intended to mitigate the damage in case of a secret key compromise, one of the severest security threats to actual cryptographic schemes. In the public-key setting, the essential idea of key-evolving lies in updating the private key with time, while maintaining the same public key. Key evolution in encryption and signing has been well studied, especially in the identity-based (ID-based) setting where an entity's public key can be derived from that entity's identity information. From a more practical standpoint, however, one would like to use the primitive signcryption in the hierarchical ID-based setting. In this paper, we propose the first key-evolving hierarchical ID-based signcryption scheme that is scalable and joining-time-oblivious and allows secret keys to be updated autonomously. The security proofs of our construction depend on the bilinear Diffie–Hellman assumption and the computational Diffie–Hellman assumption in the random oracle model. To be specific, our proposal not only achieves the fundamental goals of confidentiality and authenticity, but also enjoys desirable properties of non-repudiation, ciphertext anonymity and strong forward security. Compared with the conventional sign-then-encrypt approach, our construction provides better efficiency in terms of the computation cost and the communication overhead.

Description: Cooperative Intelligent Transportation Systems (ITS) will turn up to us with safer and more efficient driving environments as well as convenient and infotainment features for future ITS stations. ETSI and ISO are completing the standardization of the building blocks of a reference communication architecture for cooperative ITS. Future ITS stations complying with this set of standards deployed in vehicles, at the roadside infrastructures and within the Internet are expected to communicate with each other through a combination of ITS dedicated communication protocols and legacy Internet protocols. However, in spite of the wide adoption of IPv6 for cooperative ITS communications, relatively little attention has been paid to the security issues related to IPv6 signaling and IPv6 transport communications. In this paper, we present our position on the emerging and urgent IPv6-related security issues that occur in communications between ITS stations complying with the ITS station reference architecture under standardization within ETSI TC ITS and ISO TC204.

Description: The objectives of this special issue are advanced security technologies and services for future computing environments, including, but not limited to, security primitives, protocols and security applications and services. Recent advances in security technologies and services for future computing environments have created a new class of the following: (i) Wireless sensor networks and radio-frequency identification security and privacy; (ii) security architectures for distributed network systems, P2P systems, cloud and grid systems; and (iii) security in e-commerce, mobile and wireless networks, and finally, security standards and assurance methods. All papers are expected to focus on novel approaches for advanced security technologies and services for future computing environments and to present high-quality results for tackling problems arising from the ever-growing advanced security technologies and services for future computing environments.

Description: In this paper, we present a statistical analysis of six traffic features based on entropy and distinct feature number at the packet level, and we find that, although these traffic features are unstable and show seasonal patterns like traffic volume in a long-time period, they are stable and consistent with Gaussian distribution in a short-time period. However, this equilibrium property will be violated by some anomalies. Based on this observation, we propose a Multi-dimensional Box plot method for Short-time scale Traffic (MBST) to classify abnormal and normal traffic. We compare our new method with the MCST method proposed in our prior work and the well-known wavelet-based and A Short-Timescale Uncorrelated-Traffic Equilibrium (ASTUTE) techniques. The detection result on synthetic anomaly traffic shows that MBST can better detect the low-rate attacks than wavelet-based and MCST methods, and detection result on real traffic demonstrates that MBST can detect more anomalies with lower false alarm rate than the two methods. Especially compared with ASTUTE, MBST performs much better for detecting anomalies involving a few large flows despite a little poor for detecting anomalies involving large number of small flows.

Description: Given a text or database T , the circular pattern discovery (CPD) problem is to identify ‘interesting’ circular patterns in T . Here, no specific input pattern is provided, and what is interesting is typically defined in terms of constraints in the search. We propose two algorithms for the CPD problem. The first algorithm uses suffix trees and suffix links to solve the exact CPD problem in time, where m 2 is the maximum length of the circular patterns and N is the total length of the sequence database. The second algorithm uses suffix arrays to solve the more challenging approximate CPD (ACPD) problem in worst case, and on average, where k is the maximum allowed error(s). By exploiting the nature of the ACPD problem, the complexity is reduced to time in the worst case, and on average.

Description: We introduce a process algebra with processes able to migrate between different explicit locations of a distributed environment defined by a number of distinct locations. We use timing constraints over local clocks to control migration and communication, together with local maximal concurrency in the way actions are executed. Two processes may communicate if they are present at the same location and, in addition, they have appropriate access permissions to communicate over a shared channel. Access permissions can be acquired or lost while moving from one location to another. Timing constraints coordinate and control both communication between processes and migration between locations. We completely characterize the situations in which a process is guaranteed to possess safe access permissions in all possible environments. In this way, one can design systems in which processes are not blocked (deadlocked) due to the lack of dynamically changing access permissions.

Description: We propose an approach which, given a state-transition model of a system, constructs, in parallel, an approximate automaton model and a test suite for the system. The approximate model construction relies on a variant of Angluin's automata learning algorithm, adapted to finite cover automata. A finite cover automaton represents an approximation of the system that only considers sequences of length up to an established upper bound . Crucially, the size of the cover automaton, which normally depends on , can be significantly lower than the size of the exact automaton model. Thus, controlling , the state explosion problem normally associated with constructing and checking state-based models can be mitigated. The proposed approach also allows for a gradual construction of the model and of the associated test suite, with complexity and time savings. Moreover, we provide automation of counterexample search, by a combination of black-box and random testing, and metrics to evaluate the quality of the produced results. The approach is presented and implemented in the context of the Event-B modeling language, but its underlying ideas and principles are much more general and can be applied to any system whose behavior can be suitably described by a state-transition model.

Description: An algorithm for very efficient compression of a set of natural language text files is presented. Not only a very good compression ratio is reached, the used compression method allows fast pattern matching in compressed text, which is an attractive property especially for search engines. Much information is stored in the form of a large collection of text files. The web search engines can store the web pages in the raw text form to build so-called snippets or to perform so-called positional ranking functions on them. Furthermore, there exist many other similar contexts such as the storage of emails, application logs or the databases of text files (literary works or technical reports). In this paper, we address the problem of the compression of a large collection of text files distributed in cluster of computers, where the single files need to be randomly accessed in very short time. The compression algorithm is based on a word-based approach and the idea of combination of two statistical models: global model (common for all the files of the set) and local model. The latter is built as a set of changes that transform the global model to the proper model of the single compressed file.

Description: Given two strings X and Y and a constraining string P , a string Z is called a constrained longest common subsequence of X and Y with respect to P if Z is the longest common subsequence of X and Y such that P is a subsequence of Z . In this paper, we propose an O ( r x min{ mN , nM })-time algorithm for solving this problem, where m , n and r are the lengths of X , Y and P , respectively, and M and N are the number of runs of the run-length-encoded strings of X and Y , respectively.

Description: One of the most important steps in obtaining a relational model from legacy systems is the extraction of functional dependencies (FDs) through data mining techniques. Several methods have been proposed for this purpose and most use direct search methods that traverse the search space in exponential time in the number of attributes of the relation. As it is not uncommon to find in practice relations with tens of attributes, a need exists to further develop more efficient techniques to find FDs. The method studied here finds the minimal set of minimal FDs using algorithms that solve the hypergraph duality problem applied on the complement of the refutation hypergraph of the relation without going through the exponential search space. After showing that the extraction of FDs can be reduced to the hypergraph duality problem, experimental results are given as verification and characterization of the correctness and time complexity of the proposed tool.

Description: Suppose that we are given a vector consisting of only 1's and 0's and we are interested in finding some special properties of this vector. For instance, we like to determine whether all of the bits from location s to location e in the vector are all 1's or whether there exists a 1 from location s to location e . In more complicated cases, we are given two bit-vectors and we like to investigate the mutual properties between the two vectors. For instance, we want to find all locations i in vector B such that there exists a k in vector A , k ≤ i , such that A ( k )=1 and in vector B , locations from k to i all assume value 1. These problems all involve ‘for-all’ or ‘there-exists’ notations and can of course be solved by sequential programs. In this paper, we are interested in bit-parallel process to solve these problems. That is, we are interested in solving the problem efficiently by using ‘bitwise-and’, ‘bitwise-or’ and other bitwise logical operations. A sequence of logical operations can be expressed as a logical formula. This paper proposes a systematical method to find such logical formulas to solve problems involving bit-vectors with ‘for-all’ and ‘there-exists’ notations. Five logical prototype problems, named ‘single-for-all’ (1's), ‘single-there-exists’, ‘multiple-for-all’, ‘multiple-there-exists’ and ‘multiple-there-exists-and-for-all’, are defined in this paper. For each problem, we show that there exists a corresponding logical formula that can be computed using bit-parallel operations in O ( n / w ) time, where w is the word size of the machine. We also propose four variants for these five problems, and show that their logical formulas can be obtained using those of the five prototype problems.

Description: Non-functional or quality requirements such as, performance, timeliness and security are often crucial for the success of a software system. Several well-known techniques and frameworks have been developed to deal with the functional aspect of requirements engineering. Recent years have seen the emergence of frameworks that incorporate non-functional requirements (NFRs). The NFR Framework is a qualitative method that bridges the gap between the idea of NFRs, and a software design that encompasses these ideas. The framework functions by modelling NFRs and the associated implementation methods, eventually resulting in a fully documented decision regarding the implementation of said methods. This paper presents a formal linear programming optimization model for the NFR Framework with regard to operationalization selection. The optimization model has the capability of handling large, complicated graphs that were unwieldy in the original framework. The inclusion of a sensitivity analysis expands the functionality of the optimization model to provide useful data on even the smallest of problems. These additional data allow the optimization model to assist in conflict resolution with regard to the initial quantitative values. The approach is illustrated using two case studies from the literature and verified through a simulation-based analysis.

Description: Functional dependencies (FDs) are an integral part of database design. However, they are only defined when we exclude null markers. However, we commonly use null markers in practice. To bridge this gap between theory and practice, researchers have proposed definitions of FDs over relations with null markers. Though sound, these definitions lack some qualities that we find desirable. For example, some fail to satisfy Armstrong's axioms—while these axioms are part of the foundation of common database methodologies. We propose a set of properties that any extension of FDs over relations with null markers should possess. We then propose two new extensions having these properties. These extensions attempt to allow null markers where they make sense to practitioners. They both support Armstrong's axioms and provide realizable null markers: at any time, some or all of the null markers can be replaced by actual values without causing an anomaly. Our proposals may improve database designs.

Description: A 2-layer drawing of a bipartite graph G is a drawing such that the vertices of each partition set are drawn as points of a distinct horizontal line (called a layer ) and the edges are drawn as straight-line segments. We study 2-layer drawings where edges can cross only at right angles; these drawings are called 2-layer right angle crossing drawings ( 2-layer RAC drawings for short). We focus on the following problem, which we call the maximum 2-layer RAC subgraph ( M2LRacS ) problem. Given a bipartite graph G , compute a subgraph H of G such that: (i) H admits a 2-layer RAC drawing and (ii) H has the maximum number of edges among the subgraphs of G that satisfy (i). We study this problem both in the no-fixed-layer setting , where no restriction is given on the vertex ordering on each layer, and in the 1-fixed-layer setting , where the ordering of the vertices of one of the two layers is given as part of the input and cannot be changed. The M2LRacS problem is known to be NP-hard in the no-fixed-layer setting (Di Giacomo, E., Didimo, W., Eades, P. and Liotta, G. (2011) 2-Layer Right Angle Crossing Drawings. Proc. IWOCA 2011 , Lecturer Notes in Computer Science 7056, pp. 156–169; Di Giacomo, E., Didimo, W., Eades, P. and Liotta, G. (2014) 2-layer right angle crossing drawings. Algorithmica , 68, 954–997), but no algorithm has been proposed so far to solve it. We prove that the M2LRacS problem remains NP-hard even in the 1-fixed-layer setting, and provide different heuristics to solve it in the two settings; one of these heuristics is a 3-approximation algorithm for the no-fixed-layer setting. Also, we present the results of an experimental study that compares our heuristics and shows the effectiveness of the 3-approximation algorithm in practice.

Description: We consider two order relations: that induced by the m -ary reflected Gray code and a suffix partitioned variation of it. We show that both of them when applied to some sets of restricted growth sequences still yield Gray codes. These sets of sequences are: subexcedant and ascent sequences, restricted growth functions and staircase words. In particular, we give the first suffix partitioned Gray codes for restricted growth functions and ascent sequences; these latter sequences code various combinatorial classes as interval orders, upper triangular matrices without zero rows and zero columns whose non-negative integer entries sum up to n , and certain pattern-avoiding permutations. For each Gray code, we give efficient exhaustive generating algorithms and compare the obtained results.

Description: A great amount of fault-based testing strategies have been proposed to generate test cases for detecting certain types of faults in Boolean specifications. However, most of the previous studies on these strategies were focused on the Boolean expressions in the disjunctive normal form (DNF), even the irredundant DNF (IDNF)—little work has been conducted to comprehensively investigate their performance on general Boolean specifications. In this study, we conducted a series of experiments to evaluate and compare 18 fault-based testing strategies using over 4000 randomly generated fault-seeded Boolean expressions. In the experiments, a testing strategy is regarded as effective and efficient if it can detect most of the seeded faults using a small number of test cases. Our experimental results show that if a testing strategy is highly effective and efficient when testing the Boolean expressions in the IDNF, it also shows high effectiveness and efficiency on general Boolean expressions. It is found that one family of fault-based testing strategies, namely MUMCUT, normally deliver the best performance among all the 18 strategies. Our study provides an in-depth understanding and insight of fault-based testing for general Boolean expressions.

Description: It has been reported in the literature on computational neuroscience that a rat's uncanny ability to dash back to a home position in the absence of any visual clues (or in total darkness, for that matter) may stem from its distinctive method of position representation. More specifically, it is hypothesized that the rat uses a multimodular method akin to residue number system (RNS), but with continuous residues or digits, to encode position information. After a brief review of the evidence in support of this hypothesis, and how it relates to RNS, we discuss the properties of continuous-digit RNS, and derive results on the dynamic range, representational accuracy and factors affecting the choice of the moduli, which are themselves real numbers. We conclude with suggestions for further research on important open problems concerning the process of selection, or evolutionary refinement, of the set of moduli in such a representation.

Description: Social networking service (SNS) is one of the major technological applications based on Web 2.0, which can help users to express their views and share information with others. How to describe the information diffusion process in online SNS accurately has attracted considerable interest recently. However, almost all existing models focus on a single online SNS tool and face many challenges with multiple online SNS tools. In this paper, we turn to users’ privacy setting policies and propose a general stochastic model with multiple diffusion mechanisms in online SNS, called DMPS. Specifically, we first define a privacy protection mechanism based on information sharing in online SNS and classify nodes according to different privacy setting policies; then, we define the states of the nodes and information dissemination rules with dynamics of infectious disease; finally, we describe the evolution process of different nodes by dynamic evolution equations. Detailed simulations and analysis show that the DMPS can precisely describe the diffusion process with multiple diffusion mechanisms and have the same characteristics as a diffusion process in real online SNS. As a result, DMPS can be used to identify the underlying diffusion mechanism of information and forecast its trend in online SNS.

Description: Many security protocols are vulnerable to type-flaw attacks (TFAs), in which a message variable of one type is essentially substituted with a message of another type by adversary, causing a violation of a security property. The previous approaches mostly focus on how to prevent TFAs on security protocols, which avoid the question: whether an existing protocol (without any change) is vulnerable to TFAs or not. Formal methods provide well-defined languages that allow precise specifications to be written and subsequent rigorous verification procedures to be performed. Analyses of protocols susceptible to TFAs have been attempted using various formalisms. But most of them belong to heuristic methods. The research on type theory is still not mature. In this paper, we introduce a multi-branch tag tree, build a strong intruder model and make a classification to extend the strand space model (SSM). This overcomes the limitation of SSM for detecting TFAs on security protocols. Then, based on the extended strand spaces, we establish a three-level model to detect TFAs on security protocols. Our three-level model can verify whether a protocol is susceptible to TFAs and how many TFAs can be launched by the penetrator in the protocol.

Description: Datasets containing individuals’ information (stored in back-end databases) are often published and shared in social networks. The disclosure of sensitive individuals’ information in social networks is potentially a serious problem. When an attacker studies a published table in a social network, the attacker could infer valuable information of individuals if the attacker learnt some sensitive information of other related individuals from other sources which are different from the published table. This type of attack is referred to as corruption attack . Existing privacy-preserving data publication ( PPDP ) approaches have been developed against corruption attacks, however, they could cause severe information loss, and reduce the usefulness of the published data. In addition, PPDP models based on -diversity and its variants may lead to individual sensitive information disclosure. Motivated by providing a solution to overcome these drawbacks, an independent -diversity principle is proposed in this study. Based on this principle a PPDP model is presented. The model could prevent attacks from attackers who have known data publishing algorithms and have the corruption abilities. A new data utility measurement global loss penalty is also proposed in this study. Related algorithms to our approach have been developed and implemented. Extensive experiments have been performed and comparisons with other related methods have been made. The results have shown the effectiveness of our approaches. It has been noted that when compared with -diversity model and its variant models, our model could resist corruption attacks more effectively; furthermore, when compared with other solutions against corruption attacks, our method would result in less information loss.

Description: Nowadays multimedia social networks are fueled by sensational coverage of sex, violence and crime. In this paper, we provide a normalized cross entropy metric to determine whether a headline is a sensational headline or not by the literal consistency between the headline and its corresponding document. Experiments on a Chinese data set show that the traditional relevancy measurements—vector cosine, relative entropy, likelihood and cross entropy—suffer from strong dependence on text length and are unable to effectively identify sensational headline. The experimental results on both Chinese data sets and English data sets show that our metric can cover the positive effects of high-frequency words and overcome the negative effects of the lengths of the title and the document.

Description: The multimedia social network (MSN), a combination of the multimedia sharing technology and social network, has prominent social features and diffusion characteristics. Owing to its centerlessness and lack of regulation, MSNs have some serious network environment problems, such as spread of negative digital content and serious data redundancy. To solve the above problems, this paper proposes a strong and weak ties feedback-based trust model in MSNs on the basis of the Weak Ties Theory of sociology. This model evaluates the trust level from two different aspects, multimedia content and user behaviors, and computes the reputation value by the Bayesian estimation principle and the damped window mechanism. On the basis of the trust model, we establish a trust-based information dissemination model in MSNs to study the relationship between trust and digital content dissemination. Simulation results indicate that the trust model is reliable in design, valid in network transmission, and effective in resisting malicious feedback and collusive attacks, enables positive digital data to spread rapidly and widely, and limits the dissemination of negative content.

Description: Multimedia social networks (MSNs) services and tools provide a convenient platform for users to share multimedia contents, such as electronic book, digital image, audio and video, with each other. However, in an open network, uncontrolled sharing and transmission mode of digital content between users create considerable problems regarding digital rights management (DRM). This paper aims to explore potential paths on the propagation of copyrighted contents. An approach to mining credible potential paths is proposed for MSNs. The formal descriptions were primarily based on rough set theory for mining potential paths. Trust was also measured to find credible potential paths. We presented related algorithms for mining two kinds of paths between any two nodes. Finally, we conducted an experiment based on three non-overlapped sharing communities multiplied by 150 nodes. In the communities found by using a representative real-world MSN YouTube dataset, we further mine the general and credible potential paths based on the simulated trust assessment values. The proposed method could effectively and accurately mine two kinds of potential paths of copyrighted digital content distribution and sharing, which can help to resolve critical DRM issues.

Description: Multi-hop wireless networks (MWNs) have been widely accepted as an indispensable component of next-generation communication systems due to their broad applications and easy deployment without relying on any infrastructure. Although showing huge benefits, MWNs face many security problems, particularly the internal multi-layer security threats being one of the most challenging issues. Since most security mechanisms require the cooperation of nodes, characterizing and learning actions of neighboring nodes and the evolution of these actions over time is vital to constructing an efficient and robust solution for security-sensitive applications such as social networking, mobile banking and teleconferencing. In this paper, we propose a new dynamic Cross-layer Reputation computation Model (CRM) to dynamically characterize and quantify actions of nodes. CRM couples an uncertainty-based conventional layered reputation computation model (RCM) with cross-layer design and multi-level security technology to identify malicious nodes and preservation of security against internal multi-layer threats. Simulation results and performance analyses demonstrate that CRM can provide rapid and accurate malicious node identification and management, and implement the preservation of security against the internal multi-layer and bad-mouthing attacks more effectively and efficiently than existing models.

Description: Due to the disconnected and store-and-forward architecture in multimedia social networks (MSNs), routing becomes a great challenge with the frequent path disruptions. Moreover, some nodes in MSNs tend to be selfish or malicious, e.g. they sometimes will not forward packets for other nodes or will launch passive and active attacks in order to save their limited resources such as bandwidth, battery or storage. In order to address this issue, we propose a fuzzy-based trust management technique for context-based routing in MSNs. We incorporate social trust metrics and quality of service metrics into our trust model. By adopting fuzzy sets, every node can evaluate the credibility of other nodes based on the direct and indirect relationship. By ranking all its neighbors according to the trust values, each node can purge untrustworthy nodes. Since only trusted nodes’ packets will be forwarded, the selfish or malicious nodes have the incentive to behave well again in order to be able to send packets. Additionally, we perform extensive security and performance evaluation with the opportunistic network environment simulator. The simulation results show that our trust model can dynamically update the trust value in real time, effectively measure the trust relationship and correctly identify malicious or selfish nodes. Furthermore, the proposed trust routing is a lightweight protocol balancing the message overhead and delivery ratio.

Description: In recent years, social botnets have become a major security threat to both online social networking websites and their users. Social bots communicate over probabilistically unobservable communication channels and steal sensitive information from its victims. Stegobot is a social botnet which uses image steganography to hide the presence of communication. Since these botnets exhibit unique propagation methods, existing botnet detection techniques cannot identify these bots. In this paper, we propose an effective method to detect Stegobot hosts within a monitored social network. Based on the observations, Stegobot often has a differentiable communication pattern because of the unique design and implementation. Hence by investigating each host profile activity, it is possible to determine whether the profile is a Stegobot or normal. Our experiments show that the traffic patterns among Stegobot and normal traffic can be classified efficiently using multilevel social network profile analysis. In addition to the ability to detect bot traffic, a classification model is constructed using profile level and content level analysis to improve the detection ability. The experimental results show that the proposed method can detect Stegobot profiles with more than 97% accuracy and false-positive rate lower than 3%.

Description: Modern applications can be easily developed and operated by discovering and consuming cloud services that provide the desired functionality. We observe the emergence of ‘Service ecosystems’, i.e. combinations of services which are offered by different providers and which interoperate seamlessly behind the curtains to build applications generating added value compared with single components. However, security and trustworthiness concerns constitute an obstacle for uptake, as trust relations that were in place in traditional component acquisition and operation phases cannot be established in the same forms due to the high number of service providers available and shorter time-to-market requirements. This paper presents our view about how security certification could address these issues, going beyond existing schemes, which mostly address static systems and environments. We show how the combination of recent innovations can lead to the introduction of new security certification schemes that adapt to service-based ecosystems. Such schemes are based on explicit representation of service security features, their machine readability, and an advanced processing and composition support. We present a security-aware service marketplace, allowing consumers to build secure business applications through advanced search and discovery capabilities that consider functional requirements together with certified security features.

Description: Mobile social network service (MSNS) provides daily services for the user and can also be used in emergencies, such as natural disasters. How to conduct service composition and recovery among mobile devices quickly and efficiently is one of the important research areas of MSNS. This paper puts forward a comprehensive strategy applied to MSNS during natural disasters. When communication facilities are limited, several devices can work cooperatively to provide users with reliable composite service, also known as the service composition process. In addition, when some of the devices fail and the composite service interrupts, the presented recovery process reconstructs a service path quickly. Composition and recovery cost functions are used in the two processes separately. The goal is to find the service path or the recovery path with minimal cost function value in each process that satisfies the quality-of-service requirement. The simulation results show that the proposed strategy not only reduces the interrupt number and recovery time but also improves the success rate of the service request, making the performance of this strategy better than that of the other similar strategies.

Description: Certificateless encryption (CLE) can be used to prevent the key generation centre from decrypting ciphertexts (which addresses the key escrow problem of identity-based encryption), but it cannot provide user revocation mechanism by default. A revocable CLE scheme was proposed by Shen et al. (2014. Efficient revocable certificateless encryption secure in the standard model. Comput. J. , 57, 592–601) which realizes the revocation by requiring a time key in the decryption process. Despite of their security proofs, this paper shows an attack of their revocation mechanism.

Description: Presently, many identity-based proxy signature (IBPS) schemes have been proposed, but most of them are constructed in the random oracle model. Also, the proposed security model for IBPS is not enough complete according to Boldyreva's work. Cao and Cao proposed an IBPS scheme in the standard model. However, their scheme is not secure because of not resisting the attack of delegator and requires more computation cost. In this paper, we present a framework for IBPS and show a detailed security model for IBPS. Under our framework, we present an efficient IBPS scheme in the standard model. Compared with other IBPS schemes, the proposed scheme has more complete security and is more efficient.

Description: Establishment of trust between Cloud consumers and service providers is a challenging issue, which is a major reason why organizations are reluctant to adopt the Cloud paradigm. In order to resolve this issue, various trust models have been proposed for the Cloud domain; however, none of these models are widely accepted by the industry because they only cover a few aspects of trust establishment, and do not support all the essential features. Several problems exist in the Cloud trust models, but lack of standardization and interoperability are the primary concerns. Similarly, there is no such generic and comprehensive trust model that can establish trust on all the layers of Cloud services, namely software, platform and infrastructure. Moreover, existing trust models have their limitations in terms of providing essential functionality and security features for trust evaluation. In order to provide reliable trust establishment in the Cloud environment, there is an indispensable need to carry out research and gather knowledge about the functional and non-functional features offered by the existing Cloud trust models. Comprehensive research about trust models would further help the Cloud consumers in the selection of an appropriate model, according to their security and functional requirements. In this paper, we have performed in-depth analysis of the existing trust models in the Cloud, considering the essential functional and non-functional aspects to accurately evaluate the trust of the Cloud providers. We present panoramic taxonomies covering state of the art features, which are considered critical for trust models to effectively establish and evaluate the trust between Cloud consumers and providers. Furthermore, we have applied the proposed taxonomies as assessment criteria for the analysis of various trust models in the Cloud domain. In order to effectively demonstrate the realization and use of proposed taxonomies in real life scenarios, we have presented an extensive case study about the Health Information Exchange System.

Description: Electronic multicoupons are the digital version of paper-based booklet of coupons, which allow a customer to obtain goods or services from a merchant typically with discounts or gifts. In this paper, we propose a multicoupon scheme for multi-merchant environments that enhances the security and the efficiency as regards the previous solution that deals with this kind of scenario. On one hand, our scheme meets basic security requirements (unforgeability, reuse detection), but also unsplittability. This fact will help to increase the trust on the part of merchants. On the other hand, we focus on achieving a high degree of privacy for customers (anonymity, unlinkability, confidentiality) that will contribute to gaining the trust of the involved customers. Moreover, we provide measures to protect honest parties from dishonest participants, keeping in mind the scalability and efficiency of the multicoupon scheme, to attract customers and merchants. In addition, we show by implementation that our proposal outperforms previous solutions of this kind.

Description: As sophisticated photo editing software is increasingly available and the widespread use of multimedia social network, the reliability of digital images becomes more and more important. Photographic splicing, herein defined as a cut-and-paste of image regions from one image onto another image, is difficult to be detected due to the absence of a reference object. To carry out such forensic analysis, we present a novel shadow-based method, with which the fake shadow of the composites can be detected. We show how to estimate the shadow scale factors with a shadow removal technique and, further, how to estimate the growth rate of the penumbra width (GRPW). Inconsistencies in the shadows are then used as evidence of tampering. Compared with other shadow-based forensic methods, the proposed method can not only deal with the problem of shadow cloning in the same image, but also expose the fakery containing the real shadow, which benefit from the estimation of shadow scale factors and GRPW. Comparison results obtained from the splicing forgery detection database verify the ability of our approach.

Description: In a secure cloud storage setting, a client outsources storage of her data to a server, who may, willingly or not, corrupt the data, or delete infrequently accessed parts to save space. Existing proof of storage schemes only solve part of this problem: The client may obtain a cryptographic proof of integrity. But what happens if this proof fails to verify? We argue that in such a case, both the client and the server should be able to contact an official court, providing cryptographic proofs, to resolve this dispute. We show that, this property is stronger than what is known as public verifiability since we must handle a malicious client as well. We present multiple schemes that work for various static and dynamic storage solutions. We show implementation results where the overhead for adding the ability to resolve such disputes at a court is only 2 ms and 80 bytes for each update on the stored data, using standard desktop hardware. Finally, we note that disputes may arise in many other situations, such as when two parties exchange items (e.g. e-commerce) or agree on something (e.g. contract-signing). We extend our official arbitration protocols for a general case, including dynamic authenticated data structures.

Description: Web-application attacks are considered to be one of the major security concerns of a large number of applications, especially those deployed in health care, banking and e-business operations. These applications must involve high security in addition to other application requirements such as friendliness, effectiveness and efficiency in service provided to the end users. In this paper, we focus on security vulnerabilities resulting from generic input validation problems that may cause cross-site scripting (XSS) attacks. We take a look at the types of XSS attacks and current practices for their detection and identify the research issues and challenges. We propose a method for the detection of XSS attacks. The detection method identifies a malicious execution sequence based on the initialized list of— legitimate execution sequences and malicious strings or malicious literals generated during a training phase. The initialized lists are stored into four different Web-Application Execution Profiles (WAEPs) corresponding to four different attack scenarios. The detection module searches the run-time sequence in the respective WAEPs . We test our method for the detection of three different categories of XSS attacks under four different attack scenarios—two in the client side and two in the web-application server. Satisfactory results have been found under all the four scenarios.

Description: Digital watermarking is recognized as an innovative technique developed to deal with the problem of copyright protection of digital content distributed on the Internet. Such a technique can address the problem of asserting authorship but cannot directly solve the problem of determining accountability when piracy occurs. Therefore, it is necessary to implement watermarking protocols to determine whether a user illegally possesses content distributed by content providers as well as to protect the entire digital asset of the web-based distribution and of the associated rights. In this paper, the author reviews and discusses merits and limitations of relevant proposals existing in the literature in the field of watermarking protocols, identifies open issues and challenges, and presents a novel watermarking protocol able both to solve specific documented problems and to meet the requirements of robustness, security, modularity and flexibility needed in the current models of web-based content distribution.

Description: This paper studies the minimum number of differential and linear active S-boxes for 3D-like structure with block size of n 3 m bits. We prove that the lower bounds of differential active S-boxes in 2 rounds and 4 rounds are d () and d () 2 , respectively, where is the MixColumn transformation and d () is its differential branch number with respect to m bits. Moreover, for r ≥3 and d ()≥3, the lower bounds of differential active S-boxes in 2 r rounds and 2 r +1 rounds are ( d () – 1) d () r and ( d () – 1)( d () r +1) respectively, where r is the number of the rounds. By the duality between differential trails and linear trails, for l ()≥3, the lower bounds of linear active S-boxes in 2, 4, 2 r and 2 r +1 consecutive rounds are l (), l () 2 , ( l () – 1) l () r and ( l () – 1)( l () r +1) respectively, where l () is the linear branch number of the MixColumn transformation. We give some sufficient conditions for the reachability of the lower bounds. It is worth mentioning that the lower bounds are all reachable for 3D block cipher.

Description: Although power analysis attacks have been extensively applied to block ciphers, only limited research has been done to analyze their effectiveness on stream cipher hardware implementations. In this paper, we investigate methods of simple power analysis applied to stream ciphers based on multiple feedback shift registers (FSRs) and demonstrate the effectiveness of the methods by examining the cipher Grain which involves both a linear and a nonlinear FSR. A divide-and-conquer attack is presented where the attacker guesses the bit values of the FSRs independently and then checks the correctness of the guess using information derived from measured power consumption of the cipher core. Experimental results of the attack applied to simulated power data obtained for a CMOS implementation of Grain show that it is possible to recover directly the cipher state using only about 3000 power samples. For ciphers constructed using a general architecture of multiple FSRs, the attack has the potential to be successful with a complexity substantially less than exhaustive key search.

Description: At present, ‘mixed-type’ multivariate schemes are relatively rare except the Dragon scheme and its variants (Little Dragon Two scheme and Poly-Dragon scheme). However, they are insecure. In this paper, we first define a particular polynomial called Three-color Polynomial (this polynomial has three-class variables, and the form of the associated symmetric matrix of its quadratic part is similar to the ‘three-color model’ in colorimetry. So we call it three-color polynomial), and its corresponding Three-color Map. Based on the three-color map, we then present a mixed multivariate signature scheme named RGB (it means Red–Green–Blue, because the central map of this scheme is a three-color map, and the ‘three-color’ stands for RGB in colorimetry), which is a variant of the Unbalanced Oil–Vinegar (UOV) signature scheme. Compared with UOV, each polynomial of the central map of RGB has more cross-terms among all the variables $\{Y,Z,T\}$ . The variable $Y$ has much to do with message values. To a certain degree, the variable $Y$ stands for the message values. This means that the message values can be more fully mixed with other variable values in the central map, and the adversary is very difficult to forge the signature. Thus, in theory RGB is more secure than UOV. Through detailed analysis, we find that RGB can resist current known algebraic attacks under proper parameters, such as exhaustive search attack, separation attack, MinRank attack and direct attack (other algebraic attacks are inapplicable for RGB). Besides, our experiments show that under choosing the security level of $2^{80}$ , the signing time of Magma implementation of RGB is 0.046 s on an ordinary Linux-PC with 2.50 GHz, and the signing time of its C implementation is $\boldsymbol {\sim }$ 0.003 s on an 800 MHz machine. The comparisons show that the signing speed of RGB is faster than that of ${\rm Sflash}^{v2}$ , Quartz, UOV, Rainbow and RSA-1024, and is slightly slower than that of ECDSA-163 and NTRUSign-251. Overall, this new scheme can attain very good performance in terms of security and efficiency.

Description: We present a new construction of anonymous hierarchical identity-based encryption (HIBE) over prime order groups. The distinct feature of our proposed scheme is that both private key and ciphertext have a constant size, which has never been achieved in all other existing anonymous HIBE schemes. Moreover, we utilized a double exponent technique to generate the ciphertext in order to provide anonymity. This simple and efficient method allows us to construct a more compact anonymous HIBE in prime order groups. Under the decisional bilinear $n+1$ -Diffie–Hellman exponent assumption and linear assumption, we show that the proposed scheme is secure and anonymous against chosen plaintext attacks in the standard model.

Description: Separation of duty (SoD) is a fundamental principle of computer security that has not been addressed sufficiently in multi-level security (MLS) mandatory access control (MAC) models, as realized through the adoption of the Bell-LaPadula (BLP) model. This is due to the lack of means at present to express SoD constraints in MAC. The primary objective of this paper is to overcome this but within a framework that allows for rigour and linguistic features to express SoD constraints, while retaining the core security properties of BLP, namely the Simple Security Property and $\bigstar $ -Property. To this end, we propose a formal framework which bridges the BLP model with the more general hierarchical role-based access control (RBAC) model. Our framework is based on a hierarchy of permissions that is founded on a novel concept of permission capacity , determined on the basis of the security levels that characterize objects in MLS models. Such a hierarchy naturally provides a solid basis for defining role seniority and deriving a hierarchical ordering on roles within MLS models. SoD constraints are expressed by means of conflicting permissions that give rise to mutually exclusive roles.

Description: In mobile environments, data stored in nodes are subject to side-channel attacks such as power analysis, emitted signal, detected radiation, etc. In this work, we propose a leakage-resilient inner-product encryption that the decryption will succeed if and only if the decryption attribute vector (generate the token) meets the orthogonal encryption attribute vector (obfuscated encryption policy), that is, the match holds that the inner product of two vectors is zero. Propose scheme supports the security of attribute-hiding and leakage-resilient in the standard model. The adversary cannot only issue any token reveal query on non-match vector, but also can request at most $\ell $ -bit information on the token-leakage query even if the queried vector matches the challenge vector. We prove the security by the technique of dual system encryption in the orthogonal subgroups, to be strongly leakage-resilient and adaptively attribute-hiding. We also deploy our scheme as a building block to devise a secure two-party point/polynomial evaluation protocol in mobility environments, in which two parties cooperate to evaluate a polynomial in the sense that their sensitive inputs of both point and polynomial are fully preserved. Finally, we assess the performance of leakage resilience including the leakage bound and the leakage fraction (LF). Analysis shows that the leakage bound is approximate $(n-1)\log {\pi _2}$ and the LF is about ${1}/{2(1+\omega _1+\omega _3)}$ , where $n$ is the length of vector, $\pi _2$ is the order of subgroup $\mathbb {G}_{\pi _2}$ and $\omega _1,\omega _3$ are the constants. We can obtain optimized LF $1/2-o(1)$ by varying the sizes of subgroups.

Description: A mixed graph has both directed and undirected edges. We study how to compute a crossing-free drawing of an embedded planar mixed graph, such that it is upward ‘as much as possible’. Roughly speaking, in an upward drawing of a mixed graph all (undirected) edges are monotone in the vertical direction and directed edges flow monotonically from bottom to top according to their orientation. We study quasi-upward drawings of mixed graphs, that is, upward drawings where edges can break the vertical monotonicity in a finite number of edge points, called bends. We describe both efficient heuristic techniques and exact approaches for computing quasi-upward planar drawings of embedded mixed graphs with few bends, and we extensively compare them experimentally: the results suggest that our algorithms are effective in many cases.

Description: This article proposes context-aware integrated scheme for mobile cloud service allocation, which can provide desirable cloud services to mobile cloud clients according to the mobile cloud contexts. The article makes use of various contexts information in the mobile cloud environment, such as the mobile cloud user's preferences, the battery levels and the parameters of cloud datacenter servers to improve the performance of mobile cloud. Interplay coupling of the mobile cloud users and the cloud datacenter supplier is used to achieve global optimization of the mobile cloud system. The article integrates energy-based service provisioning, cloud virtual resource allocation and dynamic load balancing. The integrated scheme can adapt to dynamic context information changes of the mobile cloud system such as device energy consumption, bandwidth and server load without compromising mobile application's quality of service. Based on the proposed model, the context-aware integrated mobile cloud service allocation algorithm is proposed, it uses the mobile cloud service profile to select the services among the available service suppliers to enhance the mobile cloud user's quality of experience. The efficiency of the context-aware integrated mobile cloud service allocation algorithm is tested by the experiments.

Description: Compiling for distributed-memory architectures comprise two main phases. The first phase is to determine computation and data composition. In the 1990s, a great deal of work addressed this problem. The second phase is code generation. However, there is still no effective solution to this problem. Existing methods try to generate codes on the basis of computation and data composition. To enhance the performance of generated codes, various communication optimizations are introduced since communication is one of the main factors degrading the performance. These approaches would bring redundant communication data, as they did not optimize communications jointly with code generation. In this paper, we propose a novel code generation technique for distributed-memory architectures. First, we determine the communication sender and receiver by traversing a loop-based tree structure. To support message aggregation, we find the most appropriate point to insert a message. Secondly, we construct the communication set by proposing some code generation rules, and prove their correctness and accuracy. Redundant communication is thus eliminated. Also, we have evaluated some programs ranging from micro-kernels to applications in NAS parallel benchmarks, and have compared the performance with their message passing interface (MPI), High Performance Fortran (HPF) and Unified Parallel C (UPC) versions. Compared with these versions, our compiler can generate fewer communication points. The generated codes of outperform the HPF and UPC versions and the state-of-the-art, and the average performance can reach 70% of the hand-coded MPI programs.

Description: If $d(x,y)$ denotes the distance between vertices $x$ and $y$ in a graph $G$ , then an $L(2,1)$ -labeling of a graph $G$ is a function $f$ from vertices of $G$ to nonnegative integers such that $\boldsymbol {\vert f(x) - f(y)\vert \ge 2}$ if $\boldsymbol {d(x,y) = 1}$ , and $\boldsymbol {\vert f(x) - f(y)\vert \ge 1}$ if $\boldsymbol {d(x,y) = 2}$ . Griggs and Yeh conjectured that for any graph with maximum degree $\boldsymbol {\Delta \ge 2}$ , there is an $\boldsymbol {L(2,1)}$ -labeling with all labels not greater than $\boldsymbol {\Delta ^2}$ . We prove that the conjecture holds for dot-Cartesian products and dot-lexicographic products of two graphs with possible minor exceptions in some special cases. The bounds obtained are in general much better than the $\boldsymbol {\Delta ^2}$ -bound.

Description: This article describes a technique for implementing the quicksort sorting algorithm. Our method ‘vectorizes’ the computations and leverages the capabilities of the advanced vector extensions (AVX) instructions, available on Intel Core processors, and of the AVX2 instructions that were introduced with Intel's recent architecture codename Haswell. Our solution offers several advantages when compared with other high-performance sorting implementations, such as the radix sort, as implemented in Intel IPP library, or the introsort, as implemented in the $\hbox {C}{++}$ STL. In addition to sorting numeric arrays, our method can also be used to sort complex structures with numeric keys and even pointers to such structures.