Marika IZAWA Toshiyuki MIYAMOTO
The choreography realization problem is a design challenge for systems based on service-oriented architecture. In our previous studies, we studied the problem on a case where choreography was given by one or two scenarios and was expressed by an acyclic relation of events; we introduced the notion of re-constructibility as a property of acyclic relations to be satisfied. However, when choreography is defined by multiple scenarios, the resulting behavior cannot be expressed by an acyclic relation. An event structure is composed of an acyclic relation and a conflict relation. Because event structures are a generalization of acyclic relations, a wider class of systems can be expressed by event structures. In this paper, we propose the use of event structures to express choreography, introduce the re-constructibility of event structures, and show a necessary condition for an event structure to be re-constructible.
Mengce ZHENG Noboru KUNIHIRO Honggang HU
We address the security issue of RSA with implicitly related keys in this paper. Informally, we investigate under what condition is it possible to efficiently factorize RSA moduli in polynomial time given implicit relation of the related private keys that certain portions of bit pattern are the same. We formulate concrete attack scenarios and propose lattice-based cryptanalysis by using lattice reduction algorithms. A subtle lattice technique is adapted to represent an unknown private key with the help of known implicit relation. We analyze a simple case when given two RSA instances with the known amount of shared most significant bits (MSBs) and least significant bits (LSBs) of the private keys. We further extend to a generic lattice-based attack for given more RSA instances with implicitly related keys. Our theoretical results indicate that RSA with implicitly related keys is more insecure and better asymptotic results can be achieved as the number of RSA instances increases. Furthermore, we conduct numerical experiments to verify the validity of the proposed attacks.
Fan WU He LI Wenhao FAN Bihua TANG Yuanan LIU
Android occupies a very large market share in the field of mobile devices, and quantities of applications are created everyday allowing users to easily use them. However, privacy leaks on Android terminals may result in serious losses to businesses and individuals. Current permission model cannot effectively prevent privacy data leakage. In this paper, we find a way to protect privacy data on Android terminals from the perspective of privacy information propagation by porting the concept of contextual integrity to the realm of privacy protection. We propose a computational model of contextual integrity suiting for Android platform and design a privacy protection system based on the model. The system consists of an online phase and offline phase; the main function of online phase is to computing the value of distribution norm and making privacy decisions, while the main function of offline phase is to create a classification model that can calculate the value of the appropriateness norm. Based on the 6 million permission requests records along with 2.3 million runtime contextual records collected by dynamic analysis, we build the system and verify its feasibility. Experiment shows that the accuracy of offline classifier reaches up to 0.94. The experiment of the overall system feasibility illustrates that 70% location data requests, 84% phone data requests and 46% storage requests etc., violate the contextual integrity.
Soudalin KHOUANGVICHIT Nattapong KITSUWAN Eiji OKI
This paper proposes an optimization approach that designs the backup network with the minimum total capacity to protect the primary network from random multiple link failures with link failure probability. In the conventional approach, the routing in the primary network is not considered as a factor in minimizing the total capacity of the backup network. Considering primary routing as a variable when deciding the backup network can reduce the total capacity in the backup network compared to the conventional approach. The optimization problem examined here employs robust optimization to provide probabilistic survivability guarantees for different link capacities in the primary network. The proposed approach formulates the optimization problem as a mixed integer linear programming (MILP) problem with robust optimization. A heuristic implementation is introduced for the proposed approach as the MILP problem cannot be solved in practical time when the network size increases. Numerical results show that the proposed approach can achieve lower total capacity in the backup network than the conventional approach.
Faster R-CNN uses a region proposal network which consists of a single scale convolution filter and fully connected networks to localize detected regions. However, using a single scale filter is not enough to detect full regions of characters. In this letter, we propose a simple but effective way, i.e., utilizing variously sized convolution filters, to accurately detect Chinese characters of multiple scales in documents. We experimentally verified that our method improved IoU by 4% and detection rate by 3% than the previous single scale Faster R-CNN method.
Qiaochu ZHAO Ittetsu TANIGUCHI Makoto NAKAMURA Takao ONOYE
Vision systems are widely adopted in industrial fields for monitoring and automation. As a typical example, industrial vision systems are extensively implemented in vibrator parts feeder to ensure orientations of parts for assembling are aligned and disqualified parts are eliminated. An efficient parts orientation recognition and counting method is thus critical to adopt. In this paper, an integrated method for fast parts counting and orientation recognition using industrial vision systems is proposed. Original 2D spatial image signal of parts is decomposed to 1D signal with its temporal variance, thus efficient recognition and counting is achievable, feeding speed of each parts is further leveraged to elaborate counting in an adaptive way. Experiments on parts of different types are conducted, the experimental results revealed that our proposed method is both more efficient and accurate compared to other relevant methods.
Junyao RAN Youhua FU Hairong WANG Chen LIU
We propose to use clustered interference alignment for the situation where the backhaul link capacity is limited and the base station is cache-enabled given MIMO interference channels, when the number of Tx-Rx pairs exceeds the feasibility constraint of interference alignment. We optimize clustering with the soft cluster size constraint algorithm by adding a cluster size balancing process. In addition, the CSI overhead is quantified as a system performance indicator along with the average throughput. Simulation results show that cluster size balancing algorithm generates clusters that are more balanced as well as attaining higher long-term throughput than the soft cluster size constraint algorithm. The long-term throughput is further improved under high SNR by reallocating the capacity of the backhaul links based on the clustering results.
Taewhan KIM Kangsoo JUNG Seog PARK
Web service users are overwhelmed by the amount of information presented to them and have difficulties in finding the information that they need. Therefore, a recommendation system that predicts users' taste is an essential factor for the success of businesses. However, recommendation systems require users' personal information and can thus lead to serious privacy violations. To solve this problem, many research has been conducted about protecting personal information in recommendation systems and implementing differential privacy, a privacy protection technique that inserts noise into the original data. However, previous studies did not examine the following factors in applying differential privacy to recommendation systems. First, they did not consider the sparsity of user rating information. The total number of items is much more than the number of user-rated items. Therefore, a rating matrix created for users and items will be very sparse. This characteristic renders the identification of user patterns in rating matrixes difficult. Therefore, the sparsity issue should be considered in the application of differential privacy to recommendation systems. Second, previous studies focused on protecting user rating information but did not aim to protect the lists of user-rated items. Recommendation systems should protect these item lists because they also disclose user preferences. In this study, we propose a differentially private recommendation scheme that bases on a grouping method to solve the sparsity issue and to protect user-rated item lists and user rating information. The proposed technique shows better performance and privacy protection on actual movie rating data in comparison with an existing technique.
Toshinori USUI Tomonori IKUSE Yuto OTSUKI Yuhei KAWAKOYA Makoto IWAMURA Jun MIYOSHI Kanta MATSUURA
Return-oriented programming (ROP) has been crucial for attackers to evade the security mechanisms of recent operating systems. Although existing ROP detection approaches mainly focus on host-based intrusion detection systems (HIDSes), network-based intrusion detection systems (NIDSes) are also desired to protect various hosts including IoT devices on the network. However, existing approaches are not enough for network-level protection due to two problems: (1) Dynamic approaches take the time with second- or minute-order on average for inspection. For applying to NIDSes, millisecond-order is required to achieve near real time detection. (2) Static approaches generate false positives because they use heuristic patterns. For applying to NIDSes, false positives should be minimized to suppress false alarms. In this paper, we propose a method for statically detecting ROP chains in malicious data by learning the target libraries (i.e., the libraries that are used for ROP gadgets). Our method accelerates its inspection by exhaustively collecting feasible ROP gadgets in the target libraries and learning them separated from the inspection step. In addition, we reduce false positives inevitable for existing static inspection by statically verifying whether a suspicious byte sequence can link properly when they are executed as a ROP chain. Experimental results showed that our method has achieved millisecond-order ROP chain detection with high precision.
Satoshi YAMAZAKI Ryuji ASAKURA Kouji OHUCHI
Previously, dynamic multi-hop shortcut (DMHS) communications to improve packet delivery rate and reduce end-to-end transmission delay was proposed. In this letter, we theoretically derive the end-to-end throughput of DMHS considering the retransmission at each node for a simple network model without considering collision. Moreover, we show the validity of the derived expression using computer simulations, and we clarify the effect of various parameters on the throughput using DMHS.
Hiroki KUZUNO Toshihiro YAMAUCHI
Countermeasures against attacks targeting an operating system are highly effective in preventing security compromises caused by kernel vulnerability. An adversary uses such attacks to overwrite credential information, thereby overcoming security features through arbitrary program execution. CPU features such as Supervisor Mode Access Prevention, Supervisor Mode Execution Prevention and the No eXecute bit facilitate access permission control and data execution in virtual memory. Additionally, Linux reduces actual attacks through kernel vulnerability affects via several protection methods including Kernel Address Space Layout Randomization, Control Flow Integrity, and Kernel Page Table Isolation. Although the combination of these methods can mitigate attacks as kernel vulnerability relies on the interaction between the user and the kernel modes, kernel virtual memory corruption can still occur (e.g., the eBPF vulnerability allows malicious memory overwriting only in the kernel mode). We present the Kernel Memory Observer (KMO), which has a secret observation mechanism to monitor kernel virtual memory. KMO is an alternative design for virtual memory can detect illegal data manipulation/writing in the kernel virtual memory. KMO determines kernel virtual memory corruption, inspects system call arguments, and forcibly unmaps the direct mapping area. An evaluation of KMO reveals that it can detect kernel virtual memory corruption that contains the defeating security feature through actual kernel vulnerabilities. In addition, the results indicate that the system call overhead latency ranges from 0.002 µs to 8.246 µs, and the web application benchmark ranges from 39.70 µs to 390.52 µs for each HTTP access, whereas KMO reduces these overheads by using tag-based Translation Lookaside Buffers.
Lu YIN Junfeng LI Yonghong YAN Masato AKAGI
The simultaneous utterances impact the ability of both the hearing-impaired persons and automatic speech recognition systems. Recently, deep neural networks have dramatically improved the speech separation performance. However, most previous works only estimate the speech magnitude and use the mixture phase for speech reconstruction. The use of the mixture phase has become a critical limitation for separation performance. This study proposes a two-stage phase-aware approach for multi-talker speech separation, which integrally recovers the magnitude as well as the phase. For the phase recovery, Multiple Input Spectrogram Inversion (MISI) algorithm is utilized due to its effectiveness and simplicity. The study implements the MISI algorithm based on the mask and gives that the ideal amplitude mask (IAM) is the optimal mask for the mask-based MISI phase recovery, which brings less phase distortion. To compensate for the error of phase recovery and minimize the signal distortion, an advanced mask is proposed for the magnitude estimation. The IAM and the proposed mask are estimated at different stages to recover the phase and the magnitude, respectively. Two frameworks of neural network are evaluated for the magnitude estimation on the second stage, demonstrating the effectiveness and flexibility of the proposed approach. The experimental results demonstrate that the proposed approach significantly minimizes the distortions of the separated speech.
Lia SADITA Pedro Gabriel Fonteles FURTADO Tsukasa HIRASHIMA Yusuke HAYASHI
Concept mapping is one of the instructional strategies implemented in collaborative learning to support discourse and learning. While prior studies have established its positive significance on the learning achievements and attitudes of students, they have also discovered that it can lead to students conducting less discussion on conceptual knowledge compared to procedural and team coordination. For instance, some inaccurate ideas are never challenged and can become ingrained. Designing a learning environment where individual knowledge is acknowledged and developed constructively is necessary to achieve similarity of individual knowledge after collaboration. This study applies the Reciprocal Kit Build (RKB) approach before collaborative concept mapping. The approach consists of three main phases: (1) individual map construction; (2) re-constructional map building; and (3) difference map discussion. Finally, each team will build a group map. Previous studies have shown that the visualization of similarities and differences during the third phase correlates with the improvement of concept map quality. The current paper presents our investigation on the effects of the first and second phases in terms of the final group products. We analyze the correlations between the similarity of individual knowledge represented in the first-phase maps, the comprehension of partner's representation during the second phase, and the changes of map scores. Our findings indicate that comprehension level is a stronger predictor than the similarity of individual knowledge for estimating score gain. The ways in which patterns of knowledge transfer from individual to group maps, which exhibit how the group products are built based on individual inputs, are also discussed. We illustrate that the number of shared and unshared links in the group solutions are proportionally distributed, and that the number of reconstructed links dominates the group solutions, rather than the non-reconstructed ones.
Vulnerabilities in hypervisors are crucial in multi-tenant clouds and attractive for attackers because a vulnerability in the hypervisor can undermine all the virtual machine (VM) security. This paper focuses on vulnerabilities in instruction emulators inside hypervisors. Vulnerabilities in instruction emulators are not rare; CVE-2017-2583, CVE-2016-9756, CVE-2015-0239, CVE-2014-3647, to name a few. For backward compatibility with legacy x86 CPUs, conventional hypervisors emulate arbitrary instructions at any time if requested. This design leads to a large attack surface, making it hard to get rid of vulnerabilities in the emulator.This paper proposes FWinst that narrows the attack surface against vulnerabilities in the emulator. The key insight behind FWinst is that the emulator should emulate only a small subset of instructions, depending on the underlying CPU micro-architecture and the hypervisor configuration. FWinst recognizes emulation contexts in which the instruction emulator is invoked, and identifies a legitimate subset of instructions that are allowed to be emulated in the current context. By filtering out illegitimate instructions, FWinst narrows the attack surface. In particular, FWinst is effective on recent x86 micro-architectures because the legitimate subset becomes very small. Our experimental results demonstrate FWinst prevents existing vulnerabilities in the emulator from being exploited on Westmere and Skylake micro-architectures, and the runtime overhead is negligible.
Akio KAWABATA Bijoy CHAND CHATTERJEE Eiji OKI
This paper proposes an efficient server selection scheme in successive participation scenario with participating-domain segmentation. The scheme is utilized by distributed processing systems for real-time interactive communication to suppress the communication latency of a wide-area network. In the proposed scheme, users participate for server selection one after another. The proposed scheme determines a recommended server, and a new user selects the recommended server first. Before each user participates, the recommended servers are determined assuming that users exist in the considered regions. A recommended server is determined for each divided region to minimize the latency. The new user selects the recommended available server, where the user is located. We formulate an integer linear programming problem to determine the recommended servers. Numerical results indicate that, at the cost additional computation, the proposed scheme offers smaller latency than the conventional scheme. We investigate different policies to divide the users' participation for the recommended server finding process in the proposed scheme.
Jingyu LI Dandan XIAO Yue ZHANG
A high-speed high-resolution sampling system is the crucial part in wideband radar receivers. A 10.4-GS/s 12-bit wideband sampling system based on TIADC technique is designed in this letter. The acquisition function is implemented on a VPX platform. The storage function is implemented on a standard 19-inch rack server. The sampled data is transmitted at high speed through optical fibers between them. A mixed calibration method based on perfect reconstruction is adopted to compensate channel mismatches of wideband TIADC system. For sinusoidal signals from 100MHz to 5000MHz, more than 46-dB SNDR and 56-dB SFDR can be obtained in this sampling system. This letter provides a high-speed and high-resolution acquisition scheme for direct intermediate frequency sampling wideband digital receivers.
Daiki CHIBA Ayako AKIYAMA HASEGAWA Takashi KOIDE Yuta SAWABE Shigeki GOTO Mitsuaki AKIYAMA
Internationalized domain names (IDNs) are abused to create domain names that are visually similar to those of legitimate/popular brands. In this work, we systematize such domain names, which we call deceptive IDNs, and analyze the risks associated with them. In particular, we propose a new system called DomainScouter to detect various deceptive IDNs and calculate a deceptive IDN score, a new metric indicating the number of users that are likely to be misled by a deceptive IDN. We perform a comprehensive measurement study on the identified deceptive IDNs using over 4.4 million registered IDNs under 570 top-level domains (TLDs). The measurement results demonstrate that there are many previously unexplored deceptive IDNs targeting non-English brands or combining other domain squatting methods. Furthermore, we conduct online surveys to examine and highlight vulnerabilities in user perceptions when encountering such IDNs. Finally, we discuss the practical countermeasures that stakeholders can take against deceptive IDNs.
Kokoro KOBAYASHI Tsuyoshi OGUNI Masaki NAKAGAWA
This paper presents a series of secure PIN/password input methods resilient to shoulder hacking. When a person inputs a PIN or password to a smartphone, tablet, banking terminal, etc., there is a risk of shoulder hacking of the PIN or the password being stolen. To decrease the risk, we propose a method that erases key-top labels, moves them smoothly and simultaneously, and lets the user touch the target key after they stopped. The user only needs to trace a single key, but peepers have to trace the movements of all the keys at the same time. We extend the method by assigning different colors, shapes, and/or sizes to keys for enhancing distinguishability, which allows all the keys to be moved instantaneously after key-top labels are erased and the user to touch the target key. We also introduce a “move backward/forward” function that allows the user to play back the movements. This series of methods does not have the highest security, but it is easy to use and does not require any changes to the server side. Results of a performance evaluation demonstrate that this method has high resistance to shoulder hacking while providing satisfactory usability without large input errors.
De-identification[1]-[5], [30]-[71] is the process that organizations can use to remove personal information from data that they collect, use, archive, and share with other organizations. It is recognized as an important tool for organizations to balance requirements between the use of data and privacy protection of personal information. Its objective is to remove the association between a set of identifying attributes and the data principal where identifying attribute is attribute in a dataset that is able to contribute to uniquely identifying a data principal within a specific operational context and data principal is entity to which data relates. This paper provides an overview of de-identification techniques including the data release models. It also describes the current standardization activities by the standardization development organizations in terms of de-identification. It suggests future standardization directions including potential future work items.
Keika MORI Takuya WATANABE Yunao ZHOU Ayako AKIYAMA HASEGAWA Mitsuaki AKIYAMA Tatsuya MORI
This work aims to determine the propensity of password creation through the lens of language spheres. To this end, we consider four different countries, each with a different culture/language: China/Chinese, United Kingdom (UK) and India/English, and Japan/Japanese. We first employ a user study to verify whether language and culture are reflected in password creation. We found that users in India, Japan, and the UK prefer to create their passwords from base words, and the kinds of words they are incorporated into passwords vary between countries. We then test whether the findings obtained through the user study are reflected in a corpus of leaked passwords. We found that users in China and Japan prefer dates, while users in India, Japan, and the UK prefer names. We also found that cultural words (e.g., “sakura” in Japan and “football” in the UK) are frequently used to create passwords. Finally, we demonstrate that the knowledge on the linguistic background of targeted users can be exploited to increase the speed of the password guessing process.