Cyber attacks targeting specific victims use multiple intrusion routes and various attack methods. In order to combat such diversified cyber attacks, Threat Intelligence is attracting attention. Attack activities, vulnerability information and other threat information are gathered, analyzed and organized in threat intelligence and it enables organizations to understand their risks. Integrated analysis of the threat information is needed to compose the threat intelligence. Threat information can be found in incident reports published by security vendors. However, it is difficult to analyze and compare their reports because they are described in various formats defined by each vendor. Therefore, in this paper, we apply a modeling framework for analyzing and deriving the relevance of the reports from the views of similarity and relation between the models. This paper presents the procedures of modeling incident information described in the reports. Moreover, as case studies, we apply the modeling method to some actual incident reports and compare their models.

This paper presents a high step-up DC-DC converter for low voltage sources such as solar cells, fuel cells and battery banks. A novel non isolated Zero-Voltage Switching (ZVS) interleaved DC-DC boost converter condition is introduced. In this converter, by using coupled inductor and active clamp circuit, the stored energy in leakage inductor is recycled. Furthermore, ZVS turn on condition for both main and clamp switches are provided. The active clamp circuit suppresses voltage spikes across the main switch and the voltage of clamp capacitor leads to higher voltage gain. In the proposed converter, by applying interleaved technique, input current ripple and also conduction losses are decreased. Also, with simple and effective method without applying any additional element, the input ripple due to couple inductors and active clamp circuit is cancelled to achieve a smooth low ripple input current. In addition, the applied technique in this paper leads to increasing the life cycle of circuit components which makes the proposed converter suitable for high power applications. Finally an experimental prototype of the presented converter with 40 V input voltage, 400 V output voltage and 200 W output power is implemented which verifies the theoretical analysis.

Discrete Gaussian is a cornerstone of many lattice-based cryptographic constructions. Aiming at the orthogonal lattice of a vector, we propose a discrete Gaussian rejection sampling algorithm, by modifying the dynamic programming process for subset sum problems. Within O(nq2) time, our algorithm generates a distribution statistically indistinguishable from discrete Gaussian at width s>ω(log n). Moreover, we apply our sampling algorithm to general high-dimensional dense lattices, and orthogonal lattices of matrices $matAinZ_q^{O(1) imes n}$. Compared with previous polynomial-time discrete Gaussian samplers, our algorithm does not rely on the short basis.

Touch screen has become the mainstream manipulation technique on handheld devices. However, its innate limitations, e.g. the occlusion problem and fat finger problem, lower user experience in many use scenarios on handheld displays. Back-of-device interaction, which makes use of input units on the rear of a device for interaction, is one of the most promising approaches to address the above problems. In this paper, we present the findings of a user study in which we explored users' pointing performances in using two types of touch input on handheld devices. The results indicate that front-of-device touch input is averagely about two times as fast as back-of-device touch input but with higher error rates especially in acquiring the narrower targets. Based on the results of our study, we argue that in the premise of keeping the functionalities and layouts of current mainstream user interfaces back-of-device touch input should be treated as a supplement to front-of-device touch input rather than a replacement.

Stochastic resonance (SR) is a phenomenon in which signal response in a nonlinear system is enhanced by noise. Fluctuating activities in deterministic chaos are known to cause a phenomenon called chaotic resonance (CR), which is similar to SR. Most previous studies on CR showed that these signal responses were controlled by internal parameters. However, in several applications of CR, it is difficult to control these parameters externally, particularly in biological systems. In this study, to overcome this difficulty, we propose a method for controlling the signal response of CR by adjusting the strength of external feedback control. By using this method, we demonstrate the control of CR in a one-dimensional cubic map, where CR arises from chaos-chaos switching to a weak input signal.

Nowadays, open source software (OSS) systems are adopted by proprietary software projects. To reduce the risk of using problematic OSS systems (e.g., causing system crashes), it is important for proprietary software projects to assess OSS systems in advance. Therefore, OSS quality assessment models are studied to obtain information regarding the quality of OSS systems. Although the OSS quality assessment models are partially validated using a small number of case studies, to the best of our knowledge, there are few studies that empirically report how industrial projects actually use OSS quality assessment models in their own development process. In this study, we empirically evaluate the cost and effectiveness of OSS quality assessment models at Fujitsu Kyushu Network Technologies Limited (Fujitsu QNET). To conduct the empirical study, we collect datasets from (a) 120 OSS projects that Fujitsu QNET's projects actually used and (b) 10 problematic OSS projects that caused major problems in the projects. We find that (1) it takes average and median times of 51 and 49 minutes, respectively, to gather all assessment metrics per OSS project and (2) there is a possibility that we can filter problematic OSS systems by using the threshold derived from a pool of assessment metrics. Fujitsu QNET's developers agree that our results lead to improvements in Fujitsu QNET's OSS assessment process. We believe that our work significantly contributes to the empirical knowledge about applying OSS assessment techniques to industrial projects.

A summer-embedded sense amplifier (SE SA) is proposed to reduce feedback loop delay (TFB) in a decision feedback equalizer (DFE). In the SE SA, the position of the ISI compensator is changed from the latch input to the latch output, and hence the TFB is reduced. The simulated DFE achieves 32Gb/s and 66fJ/b with a 1-V 65-nm CMOS process.

In a large-scale information-sharing platform, such as a cloud storage, it is often required to not only securely protect sensitive information but also recover it in a reliable manner. Public-key encryption with non-interactive opening (PKENO) is considered as a suitable cryptographic tool for this requirement. This primitive is an extension of public-key encryption which enables a receiver to provide a non-interactive proof which confirms that a given ciphertext is decrypted to some public plaintext. In this paper, we present a Tag-KEM/DEM framework for PKENO. In particular, we define a new cryptographic primitive called a Tag-KEM with non-interactive opening (Tag-KEMNO), and prove the KEM/DEM composition theorem for this primitives, which ensures a key encapsulation mechanism (KEM) and a data encapsulation mechanism (DEM) can be, under certain conditions, combined to form a secure PKENO scheme. This theorem provides a secure way of combining a Tag-KEMNO scheme with a DEM scheme to construct a secure PKENO scheme. Using this framework, we explain the essence of existing constructions of PKENO. Furthermore, we present four constructions of Tag-KEMNO, which yields four PKENO constructions. These PKENO constructions coincide with the existing constructions, thereby we explain the essence of these existing constructions. In addition, our Tag-KEMNO framework enables us to expand the plaintext space of a PKENO scheme. Some of the previous PKENO schemes are only able to encrypt a plaintext of restricted length, and there has been no known way to expand this restricted plaintext space to the space of arbitrary-length plaintexts. Using our framework, we can obtain a PKENO scheme with the unbounded-length plaintext space by modifying and adapting such a PKENO scheme with a bounded-length plaintext space.

We examined single crystal growth of benzothienobenzothiophene-based organic semiconductors by solution coating method using liquid crystal and investigated its electrical characteristics. As the results, we revealed that the averaged mobility in the saturation region reached 2.08 cm2/Vs along crystalline b-axis, and 1.08 cm2/Vs along crystalline a-axis.

A b-symbol read channel is a channel model in which b consecutive symbols are read at once. As special cases, it includes a symbol-pair read channel (b=2) and an ordinary channel (b=1). The sphere packing bound, the Gilbert-Varshamov (G-V) bound, and the asymptotic G-V bound for symbol-pair read channels are known for b=1 and 2. In this paper, we derive these three bounds for b-symbol read channels with b≥1. From analysis of the proposed G-V bound, it is confirmed that the achievable rate is higher for b-symbol read channels compared with those for ordinary channels based on the Hamming metric. Furthermore, it is shown that the optimal value of b that maximizes the asymptotic G-V bound is finitely determined depending on the fractional minimum distance.

An efficient two-layer coding method using the histogram packing technique with the backward compatibility to the legacy JPEG is proposed in this paper. The JPEG XT, which is the international standard to compress HDR images, adopts two-layer coding scheme for backward compatibility to the legacy JPEG. However, this two-layer coding structure does not give better lossless performance than the other existing methods for HDR image compression with single-layer structure. Moreover, the lossless compression of the JPEG XT has a problem on determination of the coding parameters; The lossless performance is affected by the input images and/or the parameter values. That is, finding appropriate combination of the values is necessary to achieve good lossless performance. It is firstly pointed out that the histogram packing technique considering the histogram sparseness of HDR images is able to improve the performance of lossless compression. Then, a novel two-layer coding with the histogram packing technique and an additional lossless encoder is proposed. The experimental results demonstrate that not only the proposed method has a better lossless compression performance than that of the JPEG XT, but also there is no need to determine image-dependent parameter values for good compression performance without losing the backward compatibility to the well known legacy JPEG standard.

Analyzing a malware sample requires much more time and cost than creating it. To understand the behavior of a given malware sample, security analysts often make use of API call logs collected by the dynamic malware analysis tools such as a sandbox. As the amount of the log generated for a malware sample could become tremendously large, inspecting the log requires a time-consuming effort. Meanwhile, antivirus vendors usually publish malware analysis reports (vendor reports) on their websites. These malware analysis reports are the results of careful analysis done by security experts. The problem is that even though there are such analyzed examples for malware samples, associating the vendor reports with the sandbox logs is difficult. This makes security analysts not able to retrieve useful information described in vendor reports. To address this issue, we developed a system called AMAR-Generator that aims to automate the generation of malware analysis reports based on sandbox logs by making use of existing vendor reports. Aiming at a convenient assistant tool for security analysts, our system employs techniques including template matching, API behavior mapping, and malicious behavior database to produce concise human-readable reports that describe the malicious behaviors of malware programs. Through the performance evaluation, we first demonstrate that AMAR-Generator can generate human-readable reports that can be used by a security analyst as the first step of the malware analysis. We also demonstrate that AMAR-Generator can identify the malicious behaviors that are conducted by malware from the sandbox logs; the detection rates are up to 96.74%, 100%, and 74.87% on the sandbox logs collected in 2013, 2014, and 2015, respectively. We also present that it can detect malicious behaviors from unknown types of sandbox logs.

Nyquist folding receiver (NYFR) is a novel reconnaissance receiving architecture and it can realize wideband receiving with small amount of equipment. As a tradeoff of non-cooperative wideband receiving, the NYFR output will add an unknown key parameter that is called Nyquist zone (NZ) index. In this letter, we concentrate on the NZ index estimation of the NYFR output. Focusing on the basic pulse radar signals, the constant frequency signal, the binary phase coded signal and the linear frequency modulation signal are considered. The matching component function is proposed to estimate the NZ indexes of the NYFR outputs without the prior information of the signal modulation type. In addition, the relations between the matching component function and the parameters of the NYFR are discussed. Simulation results demonstrate the efficacy of the proposed method.

Permission warnings and privacy policy enforcement are widely used to inform mobile app users of privacy threats. These mechanisms disclose information about use of privacy-sensitive resources such as user location or contact list. However, it has been reported that very few users pay attention to these mechanisms during installation. Instead, a user may focus on a more user-friendly source of information: text description, which is written by a developer who has an incentive to attract user attention. When a user searches for an app in a marketplace, his/her query keywords are generally searched on text descriptions of mobile apps. Then, users review the search results, often by reading the text descriptions; i.e., text descriptions are associated with user expectation. Given these observations, this paper aims to address the following research question: What are the primary reasons that text descriptions of mobile apps fail to refer to the use of privacy-sensitive resources? To answer the research question, we performed empirical large-scale study using a huge volume of apps with our ACODE (Analyzing COde and DEscription) framework, which combines static code analysis and text analysis. We developed light-weight techniques so that we can handle hundred of thousands of distinct text descriptions. We note that our text analysis technique does not require manually labeled descriptions; hence, it enables us to conduct a large-scale measurement study without requiring expensive labeling tasks. Our analysis of 210,000 apps, including free and paid, and multilingual text descriptions collected from official and third-party Android marketplaces revealed four primary factors that are associated with the inconsistencies between text descriptions and the use of privacy-sensitive resources: (1) existence of app building services/frameworks that tend to add API permissions/code unnecessarily, (2) existence of prolific developers who publish many applications that unnecessarily install permissions and code, (3) existence of secondary functions that tend to be unmentioned, and (4) existence of third-party libraries that access to the privacy-sensitive resources. We believe that these findings will be useful for improving users' awareness of privacy on mobile software distribution platforms.

Automatic game strategy data acquisition is important for the realization of the professional strategy analysis systems by providing evaluation values such as the team status and the efficacy of plays. The key factor that influences the performance of the strategy data acquisition in volleyball game is the unknown player roles. Player role means the position with game meaning of each player in the team formation, such as the setter, attacker and blocker. The unknown player role makes individual player unreliable and loses the contribution of each player in the strategy analysis. This paper proposes a court-divisional team motion feature and a player performance curve to deal with the unknown player roles in strategy data acquisition. Firstly, the court-divisional team motion feature is proposed for the team tactical status detection. This feature reduces the influence of individual player information by summing up the ball relative motion density of all the players in divided court area, which corresponds to the different plays. Secondly, the player performance curves are proposed for the efficacy variables acquisition in attack play. The player roles candidates are detected by three features that represent the entire process of a player starting to rush (or jump) to the ball and hit the ball: the ball relative distance, ball approach motion and the attack motion feature. With the 3D ball trajectories and multiple players' positions tracked from multi-view volleyball game videos, the experimental detection rate of each team status (attack, defense-ready, offense-ready and offense status) are 75.2%, 84.2%, 79.7% and 81.6%. And for the attack efficacy variables acquisition, the average precision of the set zone, the number of available attackers, the attack tempo and the number of blockers are 100%, 100%, 97.8%, and 100%, which achieve 8.3% average improvement compared with manual acquisition.

A simple and novel multiple-symbol differential detection (MSDD) scheme is proposed for IEEE 802.15.4 binary phase shift keying (BPSK) receivers. The detection is initiated by estimating and compensating the carrier frequency offset (CFO) effect in the chip sample of interest. With these new statistics, the decisions are jointly made by allowing the observation window length to be longer than two bit intervals. Simulation results demonstrate that detection reliability of the IEEE 802.15.4 BPSK receivers is significantly improved. Namely, at packet error rate (PER) of 1×10-3, the signal-to-noise ratio (SNR) gap between ideal coherent detection (perfect carrier reference phase and no CFO) with differential decoding and conventional optimal single differential coherent detection (SDCD) is filled by 2.1dB when the observation window length is set to 6bit intervals. Then, the benefit that less energy consumed by retransmissions is successfully achieved.

In this letter, we present a class of binary sequences with optimal autocorrelation magnitude. Compared with Krengel-Ivanov sequences, some proposed sequences have different autocorrelation distribution. This indicates those sequences would be new. As an application of constructed binary sequences, we derive a class of quaternary sequences of length 4p with autocorrelation magnitude equal to $2sqrt{2}$, which is lower than the autocorrelation magnitude equal to 4 of Chung-Han-Yang sequences given in 2011.

Recently, IoT compatible products have been popular, and various kinds of things are IoT compliant products. In these devices, cryptosystems and authentication are not treated properly, and security measures for IoT devices are not sufficient. Requirements of authentication for IoT devices are power saving and one-to-many communication. In this paper, we propose a zero-knowledge identification scheme using LDPC codes. In the proposed scheme, the zero-knowledge identification scheme that relies on the binary syndrome decoding problem is improved and the computational cost of identification is reduced by using the sparse parity-check matrix of the LDPC codes. In addition, the security level, computational cost and safety of the proposed scheme are discussed in detail.

In this paper, we propose a scalable and seamless connection migration scheme for moving target defense in legacy networks. The main idea is that a host is allowed to receive incoming packets with a destination address that is either its current IP address or its previous IP address for a period of time because the host does not physically move into another network. Experimental results show that our scheme outperforms the existing connection migration mechanism regardless of the number of active connections in the host.

The great increase of the digital communications, where the technological society depends on applications, devices and networks, the security problems motivate different researches for providing algorithms and systems resistant to attacks, and these lasts need of services of confidentiality, authentication, integrity, etc. This paper proposes the hardware implementation of an steganographic/cryptographic algorithm, which is based on the DWT (Discrete Wavelet Transform) and the AES (Advanced Encryption Standard) cipher algorithm in CBC mode. The proposed scheme takes advantage of a double-security ciphertext, which makes difficult to identify and decipher it. The hardware architecture reports a high efficiency (182.2 bps/slice and 85.2 bps/LUT) and low hardware resources consumption (867 slices and 1853 LUTs), where several parallel implementations can improve the throughout (0.162 Mbps) for processing large amounts of data.