Different types of malicious attacks have been increasing simultaneously and have become a serious issue for cybersecurity. Most attacks leverage domain URLs as an attack communications medium and compromise users into a victim of phishing or spam. We take advantage of machine learning methods to detect the maliciousness of a domain automatically using three features: DNS-based, lexical, and semantic features. The proposed approach exhibits high performance even with a small training dataset. The experimental results demonstrate that the proposed scheme achieves an approximate accuracy of 0.927 when using a random forest classifier.

Series-connection of resonant-tunneling diodes (RTDs) has been considered to be efficient in upgrading the output power when it is introduced to oscillator architecture. This work is for clarifying the same architecture also contributes to increasing oscillation frequency because the device parasitic capacitance is reduced M times for M series-connected RTD oscillator. Although this mechanism is expected to be universal, we restrict the discussion to the recently proposed multiphase oscillator utilizing an RTD oscillator lattice loop. After explaining the operation principle, we evaluate how the oscillation frequency depends on the number of series-connected RTDs through full-wave calculations. In addition, the essential dynamics were validated experimentally in breadboarded multiphase oscillators using Esaki diodes in place of RTDs.

An Oblivious Priority Queue (OPQ) is a cryptographic primitive that enables a client to outsource its data to a dishonest server, and also to securely manage the data according to a priority queue algorithm. Though the first OPQ achieves perfect security, it supports only two operations; Inserting an element and extracting the top-priority element, which are the minimal requirement for a priority queue. In addition, this OPQ allows an adversary to observe operations in progress, which leaks the exact number of elements in the data structure. On the other hand, there are many subsequent works for OPQs that implement additional operations of a priority queue, hide the running operations, and improve efficiency. Though the recent works realize optimal efficiency, all of them achieve only statistical or computational security. Aiming to reconcile perfect security of the first OPQ with all functions (including the operation hiding) supported by recent OPQs, we construct a novel perfectly secure OPQ that can simulate the following operations while hiding which one is in progress; Inserting an element, extracting the top-priority one, deleting an element, and modifying the priority of an element. The efficiency of our scheme is O(log2 N), which is larger than that of the best known statistically secure OPQ but is the same as the known perfectly secure scheme.

The reliability of deep neural networks (DNN) against hardware errors is essential as DNNs are increasingly employed in safety-critical applications such as automatic driving. Transient errors in memory, such as radiation-induced soft error, may propagate through the inference computation, resulting in unexpected output, which can adversely trigger catastrophic system failures. As a first step to tackle this problem, this paper proposes constructing a vulnerability model (VM) with a small number of fault injections to identify vulnerable model parameters in DNN. We reduce the number of bit locations for fault injection significantly and develop a flow to incrementally collect the training data, i.e., the fault injection results, for VM accuracy improvement. We enumerate key features (KF) that characterize the vulnerability of the parameters and use KF and the collected training data to construct VM. Experimental results show that VM can estimate vulnerabilities of all DNN model parameters only with 1/3490 computations compared with traditional fault injection-based vulnerability estimation.

In this paper, the spurious modes and quality-factor (Q) values of the one-port dual-mode AlN lamb-wave resonators at 500-1000 MHz were studied by theoretical analysis and experimental verification. Through finite element analysis, we found that optimizing the width of the lateral reflection boundary at both ends of the resonator to reach the quarter wavelength (λ/4), which can improve its spectral purity and shift its resonant frequency. The designed resonators were micro-fabricated by using lithography processes on a 6-inch wafer. The measured results show that the spurious mode can be converted and dissipated, splitting into several longitudinal modes by optimizing the width of the lateral reflection boundary, which are consistent well with the theoretical analysis. Similarly, optimizing the interdigital transducer (IDT) width and number of IDT fingers can also suppress the resonator's spurious modes. In addition, it is found that there is no significant difference in the Qs value for the two modes of the dual-mode resonator with the narrow anchor and full anchor. The acoustic wave leaked from the anchor into the substrate produces a small displacement, and the energy is limited in the resonator. Compared to the resonator with Au IDTs, the resonator with Al IDTs can achieve a higher Q value due to its lower thermo-elastic damping loss. The measured results show the optimized dual-mode lamb-wave resonator can obtain Qs value of 2946.3 and 2881.4 at 730.6 MHz and 859.5 MHz, Qp values of 632.5 and 1407.6, effective electromechanical coupling coefficient (k2eff) of 0.73% and 0.11% respectively, and has excellent spectral purity simultaneously.

A novel compact 5-pole bandpass filter (BPF) using two different types of resonators, one is coaxial TEM-mode resonator and the other dielectric triple-mode resonator, is proposed in this paper. The coaxial resonator is a simple single-mode resonator, while the triple-mode dielectric resonator (DR) includes one TM01δ mode and two degenerate HE11 modes. An excellent spurious performance of the BPF is obtained due to the different resonant behaviors of these two types of resonators used in the BPF. The coupling scheme of the 5-pole BPF includes two cascade triplets (CTs) which produce two transmission zeros (TZs) and a sharp skirt of the passband. Behaviors of the resonances, the inter-resonance couplings, as well as their tuning methods are investigated in detail. A procedure of mapping the coupling matrix of the BPF to its physical dimensions is developed, and an optimization of these physical dimensions is implemented to achieve best performance of the filter. The designed BPF is operated at 1.84GHz with a bandwidth of 51MHz. The stopband rejection is better than 20dB up to 9.7GHz (about 5.39×f0) except 7.85GHz. Good agreement between the designed and theoretically synthesized responses of the BPF is reached, verifying well the proposed configuration of the BPF and its design method.

In a 1-out-of-n oblivious signature scheme, a user provides a set of messages to a signer for signatures but he/she can only obtain a valid signature for a specific message chosen from the message set. There are two security requirements for 1-out-of-n oblivious signature. The first is ambiguity, which requires that the signer is not aware which message among the set is signed. The other one is unforgeability which requires that the user is not able to derive any other valid signature for any messages beyond the one that he/she has chosen. In this paper, we provide a generic construction of 1-out-of-n oblivious signature. Our generic construction consists of two building blocks, a commitment scheme and a standard signature scheme. Our construction is round efficient since it only asks one interaction (i.e., two rounds) between the user and signer. Meanwhile, in our construction, the ambiguity of the 1-out-of-n oblivious signature scheme is based on the hiding property of the underlying commitment, while the unforgeability is based on the binding property of the underlying commitment scheme and the unforgeability of the underlying signature scheme. Moreover, our construction can also enjoy strong unforgeability as long as the underlying building blocks have strong binding property and strong unforgeability respectively. Given the fact that commitment and digital signature are well-studied topics in cryptography and numerous concrete schemes have been proposed in the standard model, our generic construction immediately yields a bunch of instantiations in the standard model based on well-known assumptions, including not only traditional assumptions like Decision Diffie-Hellman (DDH), Decision Composite Residue (DCR), etc., but also some post-quantum assumption like Learning with Errors (LWE). As far as we know, our construction admits the first 1-out-of-n oblivious signature schemes based on the standard model.

We propose a target detection network (RMF-Net) based on the multi-scale strategy to solve the problems of large differences in the detection scale and mutual occlusion, which result in inaccurate locations. A multi-layer feature fusion module and multi-expansion dilated convolution pyramid module were designed based on the ResNet-101 residual network. The ability of the network to express the multi-scale features of the target could be improved by combining the shallow and deep features of the target and expanding the receptive field of the network. Moreover, RoI Align pooling was introduced to reduce the low accuracy of the anchor frame caused by multiple quantizations for improved positioning accuracy. Finally, an AD-IoU loss function was designed, which can adaptively optimise the distance between the prediction box and real box by comprehensively considering the overlap rate, centre distance, and aspect ratio between the boxes and can improve the detection accuracy of the occlusion target. Ablation experiments on the RMF-Net model verified the effectiveness of each factor in improving the network detection accuracy. Comparative experiments were conducted on the Pascal VOC2007 and Pascal VOC2012 datasets with various target detection algorithms based on convolutional neural networks. The results demonstrated that RMF-Net exhibited strong scale adaptability at different occlusion rates. The detection accuracy reached 80.4% and 78.5% respectively.

Coprime (pair of) DFT filter banks (coprime DFTFB), which process signals like a spectral analyzer in time domain, divides the power spectrum equally into MN bands by employing two DFT filter banks (DFTFBs) of size only M and N respectively, where M and N are coprime integers. With coprime DFTFB, frequencies in wide sense stationary (WSS) signals can be effectively estimated with a much lower sampling rates than the Nyquist rates. However, the imperfection of practical FIR filter and the correlation based detection mode give rise to two kinds of spurious peaks in power spectrum estimation, that greatly limit the application of coprime DFTFB. Through detailed analysis of the spurious peaks, this paper proposes a modified spectral analyzer based on dual coprime DFTFBs and sub-decimation, which not only depresses the spurious peaks, but also improves the frequency estimation accuracy. The mathematical principle proof of the proposed spectral analyzer is also provided. In discussion of simultaneous signals detection, an O-extended MN-band coprime DFTFB (OExt M-N coprime DFTFB) structure is naturally deduced, where M, N, and O are coprime with each other. The original MN-band coprime DFTFB (M-N coprime DFTFB) can be seen a special case of the OExt M-N coprime DFTFB with extending factor O equals ‘1’. In the numerical simulation section, BPSK signals with random carrier frequencies are employed to test the proposed spectral analyzer. The results of detection probability versus SNR curves through 1000 Monte Carlo experiments verify the effectiveness of the proposed spectrum analyzer.

A hard-type oscillator is defined as an oscillator having stable fixed points within a stable limit cycle. For resonant tunneling diode (RTD) oscillators, using hard-type configuration has a significant advantage that it can suppress spurious oscillations in a bias line. We have fabricated hard-type oscillators using an InGaAs-based RTD, and demonstrated a proper operation. Furthermore, the oscillating properties have been compared with a soft-type oscillator having a same parameters. It has been demonstrated that the same level of the phase noise can be obtained with a much smaller power consumption of approximately 1/20.

This letter presents an oblivious and load-balanced routing (OLBR) method without virtual channels for 2D mesh Network-on-chip (NoC). To balance the traffic load of network and avoid deadlock, OLBR divides network nodes into two regions, one region contains the nodes of east and west sides of NoC, in which packets are routed by odd-even turn rule with Y direction preference (OE-YX), and the remaining nodes are divided to the other region, in which packets are routed by odd-even turn rule with alterable priority arbitration (OE-APA). Simulation results show that OLBR's saturation throughput can be improved than related works by 11.73% and OLBR balances the traffic load over entire network.

The unattended malicious nodes pose great security threats to the integrity of the IoT sensor networks. However, preventions such as cryptography and authentication are difficult to be deployed in resource constrained IoT sensor nodes with low processing capabilities and short power supply. To tackle these malicious sensor nodes, in this study, the trust computing method is applied into the IoT sensor networks as a light weight security mechanism, and based on the theory of Chebyshev Polynomials for the approximation of time series, the trust data sequence generated by each sensor node is linearized and treated as a time series for malicious node detection. The proposed method is evaluated against existing schemes using several simulations and the results demonstrate that our method can better deal with malicious nodes resulting in higher correct packet delivery rate.

On the Internet, there are lots of unused domain names that are not used for any actual services. Domain parking is a monetization mechanism for displaying online advertisements in such unused domain names. Some domain names used in cyber attacks are known to leverage domain parking services after the attack. However, the temporal relationships between domain parking services and malicious domain names have not been studied well. In this study, we investigated how malicious domain names using domain parking services change over time. We conducted a large-scale measurement study of more than 66.8 million domain names that have used domain parking services in the past 19 months. We reveal the existence of 3,964 domain names that have been malicious after using domain parking. We further identify what types of malicious activities (e.g., phishing and malware) such malicious domain names tend to be used for. We also reveal the existence of 3.02 million domain names that utilized multiple parking services simultaneously or while switching between them. Our study can contribute to the efficient analysis of malicious domain names using domain parking services.

Emerging byte-addressable non-volatile memory devices attract much attention. A non-volatile main memory (NVMM) built on them enables larger memory size and lower power consumption than a traditional DRAM main memory. To fully utilize an NVMM, both software and hardware must be cooperatively optimized. Simultaneously, even focusing on a memory module, its micro architecture is still being developed though real non-volatile memory modules, such as Intel Optane DC persistent memory (DCPMM), have been on the market. Looking at existing NVMM evaluation environments, software simulators can evaluate various micro architectures with their long simulation time. Emulators can evaluate the whole system fast with less flexibility in their configuration than simulators. Thus, an NVMM emulator that can realize flexible and fast system evaluation still has an important role to explore the optimal system. In this paper, we introduce an NVMM emulator for embedded systems and explore a direction of optimization techniques for NVMMs by using it. It is implemented on an SoC-FPGA board employing three NVMM behaviour models: coarse-grain, fine-grain and DCPMM-based. The coarse and fine models enable NVMM performance evaluations based on extensions of traditional DRAM behaviour. The DCPMM-based model emulates the behaviour of a real DCPMM. Whole evaluation environment is also provided including Linux kernel modifications and several runtime functions. We first validate the developed emulator with an existing NVMM emulator, a cycle-accurate NVMM simulator and a real DCPMM. Then, the program behavior differences among three models are evaluated with SPEC CPU programs. As a result, the fine-grain model reveals the program execution time is affected by the frequency of NVMM memory requests rather than the cache hit ratio. Comparing with the fine-grain model and the coarse-grain model under the condition of the former's longer total write latency than the latter's, the former shows lower execution time for four of fourteen programs than the latter because of the bank-level parallelism and the row-buffer access locality exploited by the former model.

In this paper, we propose a method to reduce the labeling cost while acquiring training data for a malicious domain name detection system using supervised machine learning. In the conventional systems, to train a classifier with high classification accuracy, large quantities of benign and malicious domain names need to be prepared as training data. In general, malicious domain names are observed less frequently than benign domain names. Therefore, it is difficult to acquire a large number of malicious domain names without a dedicated labeling method. We propose a method based on active learning that labels data around the decision boundary of classification, i.e., in the gray area, and we show that the classification accuracy can be improved by using approximately 1% of the training data used by the conventional systems. Another disadvantage of the conventional system is that if the classifier is trained with a small amount of training data, its generalization ability cannot be guaranteed. We propose a method based on ensemble learning that integrates multiple classifiers, and we show that the classification accuracy can be stabilized and improved. The combination of the two methods proposed here allows us to develop a new system for malicious domain name detection with high classification accuracy and generalization ability by labeling a small amount of training data.

Currently, mobile terminals face serious security threats. A Trusted Execution Environment (TEE) which can provide an isolated execution environment for sensitive workloads, is seen as a trusted relay for providing security services for any mobile application. However, mobile TEE's architecture design and implementation strategy are not unbreakable at present. The existing researches lack of detect mechanisms for attack behaviour and malicious software. This paper proposes a Malicious code Detection scheme for Trusted Execution Environment based on Homomorphic Encryption (HE-TEEMD), which is a novel detection mechanism for data and code in the trusted execution environment. HE-TEEMD uses the Paillier additive homomorphic algorithm to implement the signature matching and transmits the ciphertext information generated in the TEE to the normal world for detection by the homomorphism and randomness of the homomorphic encryption ciphertext. An experiment and security analysis proves that our scheme can achieve malicious code detection in the secure world with minimal cost. Furthermore, evaluation parameters are introduced to address the known plaintext attack problem of privileged users.

In this paper, we propose a Pyramid Predictive Attention Network (PPAN) for medical image segmentation. In the medical field, the size of dataset generally restricts the performance of deep CNN and deploying the trained network with gross parameters into the terminal device with limited memory is an expectation. Our team aims to the future home medical diagnosis and search for lightweight medical image segmentation network. Therefore, we designed PPAN mainly made of Xception blocks which are modified from DeepLab v3+ and consist of separable depthwise convolutions to speed up the computation and reduce the parameters. Meanwhile, by utilizing pyramid predictions from each dimension stage will guide the network more accessible to optimize the training process towards the final segmentation target without degrading the performance. IoU metric is used for the evaluation on the test dataset. We compared our designed network performance with the current state of the art segmentation networks on our RGB tongue dataset which was captured by the developed TIAS system for tongue diagnosis. Our designed network reduced 80 percentage parameters compared to the most widely used U-Net in medical image segmentation and achieved similar or better performance. Any terminal with limited storage which is needed a segment of RGB image can refer to our designed PPAN.

In the obnoxious facility game, we design mechanisms that output a location of an undesirable facility based on the locations of players reported by themselves. The benefit of a player is defined to be the distance between her location and the facility. A player may try to manipulate the output of the mechanism by strategically misreporting her location. We wish to design a λ-group strategy-proof mechanism i.e., for every group of players, at least one player in the group cannot gain strictly more than λ times her primary benefit by having the entire group change their reports simultaneously. In this paper, we design a k-candidate λ-group strategy-proof mechanism for the obnoxious facility game in the metric defined by k half lines with a common endpoint such that each candidate is a point in each of the half-lines at the same distance to the common endpoint as other candidates. Then, we show that the benefit ratio of the mechanism is at most 1+2/(k-1)λ. Finally, we prove that the bound is nearly tight.

Epidemic cyber incidents are caused by malicious websites using exploit kits. The exploit kit facilitate attackers to perform the drive-by download (DBD) attack. However, it is reported that malicious websites using an exploit kit have similarity in their website structure (WS)-trees. Hence, malicious website identification techniques leveraging WS-trees have been studied, where the WS-trees can be estimated from HTTP traffic data. Nevertheless, the defensive component of the exploit kit prevents us from capturing the WS-tree perfectly. This paper shows, hence, a new WS-tree construction procedure by using the fact that a DBD attack happens in a certain duration. This paper proposes, moreover, a new malicious website identification technique by clustering the WS-tree of the exploit kits. Experiment results assuming the D3M dataset verify that the proposed technique identifies exploit kits with a reasonable accuracy even when HTTP traffic from the malicious sites are partially lost.

In order to evaluate the vehicle detection method, it is necessary to know the correct vehicle position considered as “ground truth”. We propose indices considering subjective evaluation in vehicle detection utilizing IoU. Subjective evaluation experiments were carried out with respect to misregistration from ground truth in vehicle detection.