Most existing methods of effort estimations in software development are manual, labor-intensive and subjective, resulting in overestimation with bidding fail, and underestimation with money loss. This paper investigates effectiveness of sequence models on estimating development effort, in the form of man-months, from software project data. Four architectures; (1) Average word-vector with Multi-layer Perceptron (MLP), (2) Average word-vector with Support Vector Regression (SVR), (3) Gated Recurrent Unit (GRU) sequence model, and (4) Long short-term memory (LSTM) sequence model are compared in terms of man-months difference. The approach is evaluated using two datasets; ISEM (1,573 English software project descriptions) and ISBSG (9,100 software projects data), where the former is a raw text and the latter is a structured data table explained the characteristic of a software project. The LSTM sequence model achieves the lowest and the second lowest mean absolute errors, which are 0.705 and 14.077 man-months for ISEM and ISBSG datasets respectively. The MLP model achieves the lowest mean absolute errors which is 14.069 for ISBSG datasets.

The outcome of document clustering depends on the scheme used to assign a weight to each term in a document. While recent works have tried to use distributions related to class to enhance the discrimination ability. It is worth exploring whether a deviation approach or an entropy approach is more effective. This paper presents a comparison between deviation-based distribution and entropy-based distribution as constraints in term weighting. In addition, their potential combinations are investigated to find optimal solutions in guiding the clustering process. In the experiments, the seeded k-means method is used for clustering, and the performances of deviation-based, entropy-based, and hybrid approaches, are analyzed using two English and one Thai text datasets. The result showed that the deviation-based distribution outperformed the entropy-based distribution, and a suitable combination of these distributions increases the clustering accuracy by 10%.

Currently, mobile terminals face serious security threats. A Trusted Execution Environment (TEE) which can provide an isolated execution environment for sensitive workloads, is seen as a trusted relay for providing security services for any mobile application. However, mobile TEE's architecture design and implementation strategy are not unbreakable at present. The existing researches lack of detect mechanisms for attack behaviour and malicious software. This paper proposes a Malicious code Detection scheme for Trusted Execution Environment based on Homomorphic Encryption (HE-TEEMD), which is a novel detection mechanism for data and code in the trusted execution environment. HE-TEEMD uses the Paillier additive homomorphic algorithm to implement the signature matching and transmits the ciphertext information generated in the TEE to the normal world for detection by the homomorphism and randomness of the homomorphic encryption ciphertext. An experiment and security analysis proves that our scheme can achieve malicious code detection in the secure world with minimal cost. Furthermore, evaluation parameters are introduced to address the known plaintext attack problem of privileged users.

Recently, criminals frequently utilize logical attacks to Automated Teller Machines (ATMs) and financial institutes' (FIs') networks to steal cash. We proposed a security measure utilizing peripheral devices in an ATM for smart card transactions to prevent “unauthorized cash withdrawals” of logical attacks, and the fundamental framework as a generalized model of the measure in other paper. As the measure can prevent those logical attacks with tamper-proof hardware, it is quite difficult for criminals to compromise the measure. However, criminals can still carry out different types of logical attacks to ATMs, such as “unauthorized deposit”, to steal cash. In this paper, we propose a security measure utilizing peripheral devices to prevent unauthorized deposits with a smart card. The measure needs to protect multiple transaction sub-processes in a deposit transaction from multiple types of logical attacks and to be harmonized with existing ATM system/operations. A suitable implementation of the fundamental framework is required for the measure and such implementation design is confusing due to many items to be considered. Thus, the measure also provides an implementation model analysis of the fundamental framework to derive suitable implementation for each defense point in a deposit transaction. Two types of measure implementation are derived as the result of the analysis.

Deep neural networks have achieved great success in visual tracking by learning a generic representation and leveraging large amounts of training data to improve performance. Most generic object trackers are trained from scratch online and do not benefit from a large number of videos available for offline training. We present a real-time generic object tracker capable of incorporating temporal information into its model, learning from many examples offline and quickly updating online. During the training process, the pre-trained weight of convolution layer is updated lagging behind, and the input video sequence length is gradually increased for fast convergence. Furthermore, only the hidden states in recurrent network are updated to guarantee the real-time tracking speed. The experimental results show that the proposed tracking method is capable of tracking objects at 150 fps with higher predicting overlap rate, and achieves more robustness in multiple benchmarks than state-of-the-art performance.

More and more attacks are found due to the insecure channel between different network domains in legacy mobile network. In this letter, we discover an attack exploiting SUCI to track a subscriber in 5G network, which is directly caused by the insecure air channel. To cover this issue, a secure authentication scheme is proposed utilizing the existing PKI mechanism. Not only dose our protocol ensure the authentication signalling security in the channel between UE and SN, but also SN and HN. Further, formal methods are adopted to prove the security of the proposed protocol.

Real-time pulse rate (PR) monitoring based on photoplethysmography (PPG) has been drawn much attention in recent years. However, PPG signal detected under movement is easily affected by random noises, especially motion artifacts (MA), affecting the accuracy of PR estimation. In this paper, a parallel method structure is proposed, which effectively combines wavelet threshold denoising with recursive least squares (RLS) adaptive filtering to remove interference signals, and uses spectral peak tracking algorithm to estimate real-time PR. Furthermore, we propose a parallel structure RLS adaptive filtering to increase the amplitude of spectral peak associated with PR for PR estimation. This method is evaluated by using the PPG datasets of the 2015 IEEE Signal Processing Cup. Experimental results on the 12 training datasets during subjects' walking or running show that the average absolute error (AAE) is 1.08 beats per minute (BPM) and standard deviation (SD) is 1.45 BPM. In addition, the AAE of PR on the 10 testing datasets during subjects' fast running accompanied with wrist movements can reach 2.90 BPM. Furthermore, the results indicate that the proposed approach keeps high estimation accuracy of PPG signal even with strong MA.

Addition is a key fundamental function for many error-tolerant applications. Approximate addition is considered to be an efficient technique for trading off energy against performance and accuracy. This paper proposes a carry-maskable adder whose accuracy can be configured at runtime. The proposed scheme can dynamically select the length of the carry propagation to satisfy the quality requirements flexibly. Compared with a conventional ripple carry adder and a conventional carry look-ahead adder, the proposed 16-bit adder reduced the power consumption by 54.1% and 57.5%, respectively, and the critical path delay by 72.5% and 54.2%, respectively. In addition, results from an image processing application indicate that the quality of processed images can be controlled by the proposed adder. Good scalability of the proposed adder is demonstrated from the evaluation results using a 32-bit length.

In this letter, an active complex filter with finite transmission zeros is proposed. In order to obtain a complex prototype ladder filter including no inductors, a new circuit transformation is proposed. This circuit is classified into the RiCR filter. It is shown that it includes no negative capacitors when it is obtained through a frequency transformation. The validity of the proposed method is confirmed through computer simulation.

Recurrent Neural Network (RNN) has achieved many state-of-the-art performances on various complex tasks related to the temporal and sequential data. But most of these RNNs require much computational power and a huge number of parameters for both training and inference stage. Several tensor decomposition methods are included such as CANDECOMP/PARAFAC (CP), Tucker decomposition and Tensor Train (TT) to re-parameterize the Gated Recurrent Unit (GRU) RNN. First, we evaluate all tensor-based RNNs performance on sequence modeling tasks with a various number of parameters. Based on our experiment results, TT-GRU achieved the best results in a various number of parameters compared to other decomposition methods. Later, we evaluate our proposed TT-GRU with speech recognition task. We compressed the bidirectional GRU layers inside DeepSpeech2 architecture. Based on our experiment result, our proposed TT-format GRU are able to preserve the performance while reducing the number of GRU parameters significantly compared to the uncompressed GRU.

Possible functional roles of the phase resetting control during rhythmic movements have been attracting much attention in the field of robotics. The phase resetting control is a control mechanism in which the phase shift of periodic motion is induced depending on the timing of a given perturbation, leading to dynamical stability such as a rapid transition from an unstable state to a stable state in rhythmic movements. A phase response curve (PRC) is used to quantitatively evaluate the phase shift in the phase resetting control. It has been demonstrated that an optimal PRC for bipedal walking becomes bimodal. The PRCs acquired by reinforcement learning in simulated biped walking are qualitatively consistent with measured results obtained from experiments. In this study, we considered how such characteristics are obtained from a mathematical point of view. First, we assumed a symmetric Bonhoeffer-Van der Pol oscillator and phase excitable element known as an active rotator as a model of the central pattern generator for controlling rhythmic movements. Second, we constructed feedback control systems by combining them with manipulators. Next, we numerically computed the PRCs of such systems and compared the resulting PRCs. Furthermore, we approximately calculated analytical solutions of the PRCs. Based on the results, we systematically investigated the parameter dependence of the analytical PRCs. Finally, we investigated the requirements for realizing an optimal PRC for the phase resetting control during rhythmic movements.

In this paper, we propose the low voltage CMOS current mode reference circuit using self-regulator with adaptive biasing technique. It drastically reduces the line sensitivity (LS) of the output voltage and the power supply voltage dependence of the temperature coefficient (TC). The self-regulator used in the proposed circuit adaptively generates the minimum voltage required the reference core circuit following the PVT (process, voltage and temperature) conditions. It makes possible to improve circuit performances instead of slightly increasing minimum power supply voltage. This proposed circuit has been designed and evaluated by SPICE simulation using TSMC 65nm CMOS process with 3.3V (2.5V over-drive) transistor option. From simulation results, LS is reduced to 0.0065%/V under 0.8V < VDD < 3.0V. TC is 67.6ppm/°C under the condition that the temperature range is from -40°C to 125°C and VDD range is from 0.8V to 3.0V. The power supply rejection ratio (PSRR) is less than -80.4dB when VDD is higher than 0.8V and the noise frequency is 100Hz. According to the simulation results, we could confirm that the performances of the proposed circuit are improved compared with the conventional circuit.

Register-transfer-level (RTL) information is hardly available for hardware Trojan detection. In this paper, four RTL Trojan features related to branching statement are proposed. The Minimum Redundancy Maximum Relevance (mRMR) feature selection is applied to the proposed Trojan features to determine the recommended feature combinations. The feature combinations are then tested using different machine learning concepts in order to determine the best approach for classifying Trojan and normal branches. The result shows that a Decision Tree classification algorithm with all the four proposed Trojan features can achieve an average true positive detection rate of 93.72% on unseen test data.

Unlike black-box cryptography, an adversary in a white-box security model has full access to the implementation of the cryptographic algorithm. Thus, white-box implementation of cryptographic algorithms is more practical. Nevertheless, in recent years, there is no white-box implementation for public key cryptography. In this paper, we propose the first white-box implementation of the identity-based signature scheme in the IEEE P1363 standard. Our main idea is to hide the private key to multiple lookup tables, so that the private key cannot be leaked during the algorithm executed in the untrusted environment. We prove its security in both black-box and white-box models. We also evaluate the performance of our white-box implementations, in order to demonstrate utility for real-world applications.

Software-Defined Networking (SDN) enables flexible deployment and innovation of new networking applications by decoupling and abstracting the control and data planes. It has radically changed the concept and way of building and managing networked systems, and reduced the barriers to entry for new players in the service markets. It is considered to be a promising solution providing the scale and versatility necessary for IoT. However, SDN may also face many challenges, i.e., the centralized control plane would be a single point of failure. With the advent of blockchain technology, blockchain-based SDN has become an emerging architecture for securing a distributed network environment. Motivated by this, in this work, we summarize the generic framework of blockchain-based SDN, discuss security challenges and relevant solutions, and provide insights on the future development in this field.

This paper presents a practical side-channel attack that identifies the social web service account of a visitor to an attacker's website. Our attack leverages the widely adopted user-blocking mechanism, abusing its inherent property that certain pages return different web content depending on whether a user is blocked from another user. Our key insight is that an account prepared by an attacker can hold an attacker-controllable binary state of blocking/non-blocking with respect to an arbitrary user on the same service; provided that the user is logged in to the service, this state can be retrieved as one-bit data through the conventional cross-site timing attack when a user visits the attacker's website. We generalize and refer to such a property as visibility control, which we consider as the fundamental assumption of our attack. Building on this primitive, we show that an attacker with a set of controlled accounts can gain a complete and flexible control over the data leaked through the side channel. Using this mechanism, we show that it is possible to design and implement a robust, large-scale user identification attack on a wide variety of social web services. To verify the feasibility of our attack, we perform an extensive empirical study using 16 popular social web services and demonstrate that at least 12 of these are vulnerable to our attack. Vulnerable services include not only popular social networking sites such as Twitter and Facebook, but also other types of web services that provide social features, e.g., eBay and Xbox Live. We also demonstrate that the attack can achieve nearly 100% accuracy and can finish within a sufficiently short time in a practical setting. We discuss the fundamental principles, practical aspects, and limitations of the attack as well as possible defenses. We have successfully addressed this attack by collaborative working with service providers and browser vendors.

The requirement of safety, roadway capacity and efficiency in the vehicular network, which makes vehicular platoons concept continue to be of interest. For the authentication in vehicular platoons, efficiency and cooperation are the two most important things. Cooperative authentication is a way to recognize false identities and messages as well as saving resources. However, taking part in cooperative authentication makes the vehicle more vulnerable to privacy leakage which is commonly done by location tracking. Moreover, vehicles consume their resources when cooperating with others during the process of cooperation authentication. These two significant factors cause selfish behaviors of the vehicles not to participate in cooperate cooperation actively. In this paper, an infinitely repeated game for cooperative authentication in vehicular platoons is proposed to help analyze the utility of all nodes and point out the weakness of the current collaborative authentication protocol. To deal with this weakness, we also devised an enhanced cooperative authentication protocol based on mechanisms which makes it easier for vehicles to stay in the cooperate strategy rather than tend to selfish behavior. Meanwhile, our protocol can defense insider attacks.

This paper proposes statistical analysis of phase-only correlation functions between two signals with stochastic phase-spectra following bivariate circular probability distributions based on directional statistics. We give general expressions for the expectation and variance of phase-only correlation functions in terms of joint characteristic functions of the bivariate circular probability density function. In particular, if we assume bivariate wrapped distributions for the phase-spectra, we obtain exactly the same results between in case of a bivariate linear distribution and its corresponding bivariate wrapped distribution.

This paper presents the excitation coefficient optimization of slot array antennas for increasing channel capacity in 2×2-mode two-dimensional ROM (rectangular coordinate orthogonal) transmission. Because the ROM transmission is for non-far region communication, the transmission between Tx (transmission) and Rx (reception) antennas increases when the antennas radiate beams inwardly. At first, we design the excitation coefficients of the slot arrays in order to enhance the transmission rate for a given transmission distance. Then, we fabricate monopulse corporate-feed waveguide slot array antennas that have the designed excitation amplitude and phase in the 60-GHz band for the 2×2-mode two-dimensional ROM transmission. The measured transmission between the fabricated Tx and Rx antennas increases at the given propagation distance and agrees with the simulation.

Secret key generation based on channel characteristics is an effective physical-layer security method for 5G wireless networks. The issues of how to ensure the high key generation rate and correlation of the secret key under active attack are needed to be addressed. In this paper, a new practical secret key generation scheme with high rate and correlation is proposed. In our proposed scheme, Alice and Bob transmit independent random sequences instead of known training sequences or probing signals; neither Alice nor Bob can decode these random sequences or estimate the channel. User's random sequences together with the channel effects are used as common random source to generate the secret key. With this solution, legitimate users are able to share secret keys with sufficient length and high security under active attack. We evaluate the proposed scheme through both analytic and simulation studies. The results show that our proposed scheme achieves high key generation rate and key security, and is suitable for 5G wireless networks with resource-constrained devices.