The arms race between offense and defense in the cloud impels the innovation of techniques for monitoring attacks and unauthorized activities. The promising technique of virtual machine introspection (VMI) becomes prevalent for its tamper-resistant capability. However, some elaborate exploitations are capable of invalidating VMI-based tools by breaking the assumption of a trusted guest kernel. To achieve a more reliable and robust introspection, we introduce a practical approach to monitor and detect attacks that attempt to subvert VMI in this paper. Our approach combines supervised machine learning and hardware architectural events to identify those malicious behaviors which are targeted at VMI techniques. To demonstrate the feasibility, we implement a prototype named HyperMon on the Xen hypervisor. The results of our evaluation show the effectiveness of HyperMon in detecting malicious behaviors with an average accuracy of 90.51% (AUC).

In this paper, we propose a new scheme which uses blind detection algorithm for recovering the conventional user signal in a system which the sporadic machine-to-machine (M2M) communication share the same spectrum with the conventional user. Compressive sensing techniques are used to estimate the M2M devices signals. Based on the Hopfield neural network (HNN), the blind detection algorithm is used to recover the conventional user signal. The simulation results show that the conventional user signal can be effectively restored under an unknown channel. Compared with the existing methods, such as using the training sequence to estimate the channel in advance, the blind detection algorithm used in this paper with no need for identifying the channel, and can directly detect the transmitted signal blindly.

This paper introduces methods to modify a buggy sequential gate-level circuit to conform to the specification. In order to preserve the optimization efforts, the modifications should be as small as possible. Assuming that the locations to be modified are given, our proposed method finds an appropriate set of fan-in signals for the patch function of those locations by iteratively calculating the state correspondence between the specification and the buggy circuit and applying a method for debugging combinational circuits. The experiments are conducted on ITC99 benchmark circuits, and it is shown that our proposed method can work when there are at most 30,000 corresponding reachable state pairs between two circuits. Moreover, a heuristic method using the information of data-path FFs is proposed, which can find a correct set of fan-ins for all the benchmark circuits within practical time.

In this paper, we consider a source coding with side information partially used at the decoder through a codeword. We assume that there exists a relative delay (or gap) of the correlation between the source sequence and side information. We also assume that the delay is unknown but the maximum of possible delays is known to two encoders and the decoder, where we allow the maximum of delays to change by the block length. In this source coding, we give an inner bound and an outer bound on the achievable rate region, where the achievable rate region is the set of rate pairs of encoders such that the decoding error probability vanishes as the block length tends to infinity. Furthermore, we clarify that the inner bound coincides with the outer bound when the maximum of delays for the block length converges to a constant.

This paper focuses on power-area trade-off axis to memory systems. Compared with the power-performance-area trade-off application on the traditional high performance cache, this paper focuses on the edge processing environment which is becoming more and more important in the Internet of Things (IoT) era. A new power-oriented trade-off is proposed for on-chip cache architecture. As a case study, this paper exploits a good energy efficiency of Standard-Cell Memory (SCM) operating in a near-threshold voltage region and a good area efficiency of Static Random Access Memory (SRAM). A hybrid 2-level on-chip cache structure is first introduced as a replacement of 6T-SRAM cache as L0 cache to save the energy consumption. This paper proposes a method for finding the best capacity combination for SCM and SRAM, which minimizes the energy consumption of the hybrid cache under a specific cache area constraint. The simulation result using a 65-nm process technology shows that up to 80% energy consumption is reduced without increasing the die area by replacing the conventional SRAM instruction cache with the hybrid 2-level cache. The result shows that energy consumption can be reduced if the area constraint for the proposed hybrid cache system is less than the area which is equivalent to a 8kB SRAM. If the target operating frequency is less than 100MHz, energy reduction can be achieved, which implies that the proposed cache system is suitable for low-power systems where a moderate processing speed is required.

A privacy-preserving support vector machine (SVM) computing scheme is proposed in this paper. Cloud computing has been spreading in many fields. However, the cloud computing has some serious issues for end users, such as the unauthorized use of cloud services, data leaks, and privacy being compromised. Accordingly, we consider privacy-preserving SVM computing. We focus on protecting visual information of images by using a random unitary transformation. Some properties of the protected images are discussed. The proposed scheme enables us not only to protect images, but also to have the same performance as that of unprotected images even when using typical kernel functions such as the linear kernel, radial basis function (RBF) kernel and polynomial kernel. Moreover, it can be directly carried out by using well-known SVM algorithms, without preparing any algorithms specialized for secure SVM computing. In an experiment, the proposed scheme is applied to a face-based authentication algorithm with SVM classifiers to confirm the effectiveness.

Modern code review is a well-known practice to assess the quality of software where developers discuss the quality in a web-based review tool. However, this lightweight approach may risk an inefficient review participation, especially when comments becomes either excessive (i.e., too many) or underwhelming (i.e., too few). In this study, we investigate the phenomena of reviewer commenting. Through a large-scale empirical analysis of over 1.1 million reviews from five OSS systems, we conduct an exploratory study to investigate the frequency, size, and evolution of reviewer commenting. Moreover, we also conduct a modeling study to understand the most important features that potentially drive reviewer comments. Our results find that (i) the number of comments and the number of words in the comments tend to vary among reviews and across studied systems; (ii) reviewers change their behaviours in commenting over time; and (iii) human experience and patch property aspects impact the number of comments and the number of words in the comments.

The output feedback consensus problem of lower triangular nonlinear systems under a directed network with a switching topology is studied. It is assumed that every possible network topology contains a directed spanning tree. The proposed design method utilizes a high gain approach to compensate for triangular nonlinearity and to remove the restriction imposed on dwell time. Compared to the previous research, it is shown that the proposed control method can achieve the output feedback consensus of lower triangular nonlinear systems even in the presence of an arbitrarily small average dwell time. A numerical example is given to illustrate the effectiveness of the proposed design method.

In most supervised learning problems, the labelling quality of datasets plays a paramount role in the learning of high-performance classifiers. The performance of a classifier can significantly be degraded if it is trained with mislabeled data. Therefore, identification of such examples from the dataset is of critical importance. In this study, we proposed an improved majority filtering algorithm, which utilized the ability of a support vector machine in terms of capturing potentially mislabeled examples as support vectors (SVs). The key technical contribution of our work, is that the base (or component) classifiers that construct the ensemble of classifiers are trained using non-SV examples, although at the time of testing, the examples captured as SVs were employed. An example can be tagged as mislabeled if the majority of the base classifiers incorrectly classifies the example. Experimental results confirmed that our algorithm not only showed high-level accuracy with higher F1 scores, for identifying the mislabeled examples, but was also significantly faster than the previous methods.

In previous studies, we determined that workloads often contain many input-output (IO) concentrations. Such concentrations are aggregations of IO accesses. They appear in narrow regions of a storage volume and continue for durations of up to about an hour. These narrow regions occupy a small percentage of the logical unit number capacity, include most IO accesses, and appear at unpredictable logical block addresses. We investigated these workloads by focusing on page-level regularity and found that they often include few regularities. This means that simple caching may not reduce the response time for these workloads sufficiently because the cache migration algorithm uses page-level regularity. We previously developed an on-the-fly automated storage tiering (OTF-AST) system consisting of an SSD and an HDD. The migration algorithm identifies IO concentrations with moderately long durations and migrates them from the HDD to the SSD. This means that there is little or no reduction in the response time when the workload includes few such concentrations. We have now developed a hybrid storage system consisting of a cache drive with an SSD and HDD and a multi-tier SSD that uses OTF-AST, called “OTF-AST with caching.” The OTF-AST scheme handles the IO accesses that produce moderately long duration IO concentrations while the caching scheme handles the remaining IO accesses. Experiments showed that the average response time for our system was 45% that of Facebook FlashCache on a Microsoft Research Cambridge workload.

Network function virtualization (NFV) achieves the flexibility of network service provisioning by using virtualization technology. However, NFV is exposed to a serious security threat known as cross-VM cache timing attacks. In this letter, we look into real security impacts on network virtualization. Specifically, we present two kinds of practical cache timing attacks on virtualized firewalls and routers. We also propose some countermeasures to mitigate such attacks on virtualized network functions.

In this paper, we focus on a large-scale ICN (Information-Centric Networking), and reveal the scaling property of ICN. Because of in-network content caching, ICN is a sort of cache networks and expected to be a promising architecture for replacing future Internet. To realize a global-scale (e.g., Internet-scale) ICN, it is crucial to understand the fundamental properties of such large-scale cache networks. However, the scaling property of ICN has not been well understood due to the lack of theoretical foundations and analysis methodologies. For answering research questions regarding the scaling property of ICN, we derive the cache hit probability at each router, the average content delivery delay of each entity, and the average content delivery delay of all entities over a content distribution tree comprised of a single repository (i.e., content provider), multiple routers, and multiple entities (i.e., content consumers). Through several numerical examples, we investigate the effect of the topology and the size of the content distribution tree and the cache size at routers on the average content delivery delay of all entities. Our findings include that the average content delivery delay of ICNs converges to a constant value if the cache size of routers are not small, which implies high scalability of ICNs, and that even when the network size would grow indefinitely, the average content delivery delay is upper-bounded by a constant value if routers in the network are provided with a fair amount of content caches.

Information-Centric or Content-Centric Networking (ICN/CCN) is a promising novel network architecture that naturally integrates in-network caching, multicast, and multipath capabilities, without relying on centralized application-specific servers. Software platforms are vital for researching ICN/CCN; however, existing platforms lack a focus on extensibility and lightweight implementation. In this paper, we introduce a newly developed software platform enabling CCN, named Cefore. In brief, Cefore is lightweight, with the ability to run even on top of a resource-constrained device, but is also easily extensible with arbitrary plugin libraries or external software implementations. For large-scale experiments, a network emulator (Cefore-Emu) and network simulator (Cefore-Sim) have also been developed for this platform. Both Cefore-Emu and Cefore-Sim support hybrid experimental environments that incorporate physical networks into the emulated/simulated networks. In this paper, we describe the design, specification, and usage of Cefore as well as Cefore-Emu and Cefore-Sim. We show performance evaluations of in-network caching and streaming on Cefore-Emu and content fetching on Cefore-Sim, verifying the salient features of the Cefore software platform.

Dedicated Short Range Communication (DSRC) is currently standardized as a leading technology for the implementation of Vehicular Networks. Non-safety application in DSRC is emerging beyond the initial safety application. However, it suffers from a typical issue of low data delivery ratio in urban environments, where static and moving obstacles block or attenuate the radio propagation, as well as other technical issues such as temporal-spatial restriction, capital cost for infrastructure deployments and limited radio coverage range. On the other hand, Content-Centric Networking (CCN) advocates ubiquitous in-network caching to enhance content distribution. The major characteristics of CCN are compatible with the requirements of vehicular networks so that CCN could be available by vehicular networks. In this paper, we propose a CCN-based vehicle-to-vehicle (V2V) communication scheme on the top of DSRC standard for content dissemination, while demonstrate its feasibility by analyzing the frame format of Beacon and WAVE service advertisement (WSA) messages of DSRC specifications. The simulation-based validations derived from our software platform with OMNeT++, Veins and SUMO in realistic traffic environments are supplied to evaluate the proposed scheme. We expect our research could provide references for future more substantial revision of DSRC standardization for CCN-based V2V communication.

Dynamic sharing of limited radio spectrum resources is expected to satisfy the increasing demand for spectrum resources in the upcoming 5th generation mobile communication system (5G) era and beyond. Distributed real-time spectrum sensing is a key enabler of dynamic spectrum sharing, but the costs incurred in observed-data transmission are a critical problem, especially when massive numbers of spectrum sensors are deployed. To cope with this issue, the proposed spectrum sensors learn the ambient radio environment in real-time and create a time-spectral model whose parameters are shared with servers operating in the edge-computing layer. This process makes it possible to significantly reduce the communication cost of the sensors because frequent data transmission is no longer needed while enabling the edge servers to keep up on the current status of the radio environment. On the basis of the created time-spectral model, sharable spectrum resources are dynamically harvested and allocated in terms of geospatial, temporal, and frequency-spectral domains when accepting an application for secondary-spectrum use. A web-based prototype spectrum management system has been implemented using ten servers and dozens of sensors. Measured results show that the proposed approach can reduce data traffic between the sensors and servers by 97%, achieving an average data rate of 10 kilobits per second (kbps). In addition, the basic operation flow of the prototype has been verified through a field experiment conducted at a manufacturing facility and a proof-of-concept experiment of dynamic-spectrum sharing using wireless local-area-network equipment.

In-phase and quadrature-phase imbalance (IQI) at transceivers is one of the serious hardware impairments degrading system performance. In this paper, we study the overall performance of massive multi-user multi-input multi-output (MU-MIMO) systems with IQI at both the base station (BS) and user equipments (UEs), including the estimation of channel state information, required at the BS for the precoding design. We also adopt a widely-linear precoding based on the real-valued channel model to make better use of the image components of the received signal created by IQI. Of particular importance, we propose estimators of the real-valued channel and derive the closed-form expression of the achievable downlink rate. Both the analytical and simulation results show that IQI at the UEs limits the dowlink rate to finite ceilings even when an infinite number of BS antennas is available, and the results also prove that the widely-linear precoding based on the proposed channel estimation method can improve the overall performance of massive MU-MIMO systems with IQI.

In this research, we propose a novel method to determine fingerprint liveness to improve the discriminative behavior and classification accuracy of the combined features. This approach detects if a fingerprint is from a live or fake source. In this approach, fingerprint images are analyzed in the differential excitation (DE) component and the centralized binary pattern (CBP) component, which yield the DE image and CBP image, respectively. The images obtained are used to generate a two-dimensional histogram that is subsequently used as a feature vector. To decide if a fingerprint image is from a live or fake source, the feature vector is processed using support vector machine (SVM) classifiers. To evaluate the performance of the proposed method and compare it to existing approaches, we conducted experiments using the datasets from the 2011 and 2015 Liveness Detection Competition (LivDet), collected from four sensors. The results show that the proposed method gave comparable or even better results and further prove that methods derived from combination of features provide a better performance than existing methods.

Hardware prefetching involves a sophisticated balance between accuracy, coverage, and timeliness while minimizing hardware cost. Recent prefetchers have achieved these goals, but they still require complex hardware and a significant amount of storage. In this paper, we propose an efficient Per-page Most-Offset Prefetcher (PMOP) that minimizes hardware cost and simultaneously improves accuracy while maintaining coverage and timeliness. We achieve these objectives using an enhanced offset prefetcher that performs well with a reasonable hardware cost. Our approach first addresses coverage and timeliness by allowing multiple Most-Offset predictions. To minimize offset interference between pages, the PMOP leverages a fine-grain per-page offset filter. This filter records the access history with page-IDs, which enables efficient mapping and tracking of multiple offset streams from diverse pages. Analysis results show that PMOP outperforms the state-of-the-art Signature Path Prefetcher while reducing storage overhead by a factor of 3.4.

This paper introduces recent trends in video streaming and four methods proposed by the authors for video streaming. Video traffic dominates the Internet as seen in current trends, and new visual contents such as UHD and 360-degree movies are being delivered. MPEG-DASH has become popular for adaptive video streaming, and machine learning techniques are being introduced in several parts of video streaming. Along with these research trends, the authors also tried four methods: route navigation, throughput prediction, image quality assessment, and perceptual video streaming. These methods contribute to improving QoS/QoE performance and reducing power consumption and storage size.

This paper proposed an iterative soft interference canceller (IC) referred to as turbo equalizer for the self-coherent detection, and extrinsic information transfer (EXIT) chart based irregular low density parity check (LDPC) code optimization for the turbo equalizer in optical fiber short-reach transmissions. The self-coherent detection system is capable of linear demodulation by a single photodiode receiver. However, the self-coherent detection suffers from the interference induced by signal-signal beat components, and the suppression of the interference is a vital goal of self-coherent detection. For improving the error-free signal detection performance of the self-coherent detection, we proposed an iterative soft IC with the aid of forward error correction (FEC) decoder. Furthermore, typical FEC code is no longer appropriate for the iterative detection of the turbo equalizer. Therefore, we designed an appropriate LDPC code by using EXIT chart aided code design. The validity of the proposed turbo equalizer with the appropriate LDPC is confirmed by computer simulations.