Ruijin ZHU Yu-an TAN Quanxin ZHANG Fei WU Jun ZHENG Yuan XUE
Disassembly, as a principal reverse-engineering tool, is the process of recovering the equivalent assembly instructions of a program's machine code from its binary representation. However, when disassembling a firmware file, the disassembly process cannot be performed well if the image base is unknown. In this paper, we propose an innovative method to determine the image base of a firmware file with ARM/Thumb instruction set. First, based on the characteristics of the function entry table (FET) for an ARM processor, an algorithm called FIND-FET is proposed to identify the function entry tables. Second, by using the most common instructions of function prologue and FETs, the FIND-BASE algorithm is proposed to determine the candidate image base by counting the matched functions and then choose the one with maximal matched FETs as the final result. The algorithms are applied on some firmwares collected from the Internet, and results indicate that they can effectively find out the image base for the majority of example firmware files.
Zhaofeng WU Guyu HU Fenglin JIN Yinjin FU Jianxin LUO Tingting ZHANG
The hop-limited adaptive routing (HLAR) mechanism and its enhancement (EHLAR), both tailored for the packet-switched non-geostationary (NGEO) satellite networks, are proposed and evaluated. The proposed routing mechanisms exploit both the predictable topology and inherent multi-path property of the NGEO satellite networks to adaptively distribute the traffic via all feasible neighboring satellites. Specifically, both mechanisms assume that a satellite can send the packets to their destinations via any feasible neighboring satellites, thus the link via the neighboring satellite to the destination satellite is assigned a probability that is proportional to the effective transmission to the destination satellites of the link. The satellite adjusts the link probability based on the packet sending information observed locally for the HLAR mechanism or exchanged between neighboring satellites for the EHLAR mechanism. Besides, the path of the packets are bounded by the maximum hop number, thus avoiding the unnecessary over-detoured packets in the satellite networks. The simulation results corroborate the improved performance of the proposed mechanisms compared with the existing in the literature.
Noriaki KAMIYAMA Yousuke TAKAHASHI Keisuke ISHIBASHI Kohei SHIOMOTO Tatsuya OTOSHI Yuichi OHSITA Masayuki MURATA
Although the use of software-defined networking (SDN) enables routes of packets to be controlled with finer granularity (down to the individual flow level) by using traffic engineering (TE) and thereby enables better balancing of the link loads, the corresponding increase in the number of states that need to be managed at routers and controller is problematic in large-scale networks. Aggregating flows into macro flows and assigning routes by macro flow should be an effective approach to solving this problem. However, when macro flows are constructed as TE targets, variations of traffic rates in each macro flow should be minimized to improve route stability. We propose two methods for generating macro flows: one is based on a greedy algorithm that minimizes the variation in rates, and the other clusters micro flows with similar traffic variation patterns into groups and optimizes the traffic ratio of extracted from each cluster to aggregate into each macro flow. Evaluation using traffic demand matrixes for 48 hours of Internet2 traffic demonstrated that the proposed methods can reduce the number of TE targets to about 1/50 ∼ 1/400 without degrading the link-load balancing effect of TE.
Nguyen Ngoc BINH Pham Van HUONG Bui Ngoc HAI
Optimizing embedded software is a problem having scientific and practical signification. Optimizing embedded software can be done in different phases of the software life cycle under different optimal conditions. Most studies of embedded software optimization are done in forward engineering and these studies have not given an overall model for the optimization problem of embedded software in both forward engineering and reverse engineering. Therefore, in this paper, we propose a new approach to embedded software optimization based on reverse engineering. First, we construct an overall model for the embedded software optimization in both forward engineering and reverse engineering and present a process of embedded software optimization in reverse engineering. The main idea of this approach is that decompiling executable code to source code, converting the source code to models and optimizing embedded software under different levels such as source code and model. Then, the optimal source code is recompiled. To develop this approach, we present two optimization techniques such as optimizing power consumption of assembly programs based on instruction schedule and optimizing performance based on alternating equivalent expressions.
Tatsuya OTOSHI Yuichi OHSITA Masayuki MURATA Yousuke TAKAHASHI Noriaki KAMIYAMA Keisuke ISHIBASHI Kohei SHIOMOTO Tomoaki HASHIMOTO
In recent years, the time variation of Internet traffic has increased due to the growth of streaming and cloud services. Backbone networks must accommodate such traffic without congestion. Traffic engineering with traffic prediction is one approach to stably accommodating time-varying traffic. In this approach, routes are calculated from predicted traffic to avoid congestion, but predictions may include errors that cause congestion. We propose prediction-based traffic engineering that is robust against prediction errors. To achieve robust control, our method uses model predictive control, a process control method based on prediction of system dynamics. Routes are calculated so that future congestion is avoided without sudden route changes. We apply calculated routes for the next time slot, and observe traffic. Using the newly observed traffic, we again predict traffic and re-calculate the routes. Repeating these steps mitigates the impact of prediction errors, because traffic predictions are corrected in each time slot. Through simulations using backbone network traffic traces, we demonstrate that our method can avoid the congestion that the other methods cannot.
Shigeyuki YAMASHITA Daiki IMACHI Miki YAMAMOTO Takashi MIYAMURA Shohei KAMAMURA Koji SASAYAMA
Large-scale content transfer, especially video transfer, is now a dominant traffic component in the Internet. Originally, content transfer had a content-oriented feature, i.e., “Users do not care where content is retrieved. Users only take care of what content they obtain.” Conventional traffic engineering (TE) aims to obtain optimal routes for traffic between ingress and egress router pairs, i.e., TE has focused on a location-oriented approach that takes care of where to connect. With increased demand for content-oriented features for content traffic, TE needs to focus on content-oriented routing design. In this study, we therefore propose a novel approach to content-oriented TE, called content aware routing (CAR). In CAR, routes are designed for content and egress router pairs, i.e., content traffic toward a receiver-side router. Content demand can be flexibly distributed to multiple servers (i.e., repositories) providing the same content, meaning that content can be obtained from anywhere. CAR solves the optimization problem of minimizing maximum link utilization. If there are multiple optimal solutions, CAR selects a solution in which resource usage is minimized. Using numerical examples formulated by the linear programming problem, we evaluated CAR by comparing it with combinations of conventional content delivery networks and TE, i.e., location-oriented designs. Our numerical results showed that CAR improved maximum link utilization by up to 15%, with only a 5% increase of network resource usage.
Huimin LIANG Jiaxin YOU Zhaowen CAI Guofu ZHAI
The reliability of electromagnetic relay (EMR) which contains a permanent magnet (PM) can be improved by a robust design method. In this parameter design process, the calculation of electromagnetic system is very important. In analytical calculation, PM is often equivalent to a lumped parameter model of one magnetic resistance and one magnetic potential, but significant error is often caused; in order to increase the accuracy, a distributed parameter calculation model (DPM) of PM bar is established; solution procedure as well as verification condition of this model is given; by a case study of the single PM bar, magnetic field lines division method is adopted to build the DPM, the starting point and section magnetic flux of each segment are solved, a comparison is made with finite element method (FEM) and measured data; the accuracy of this magnetic field line based distributed parameter model (MFDPM) in PM bar is verified; this model is applied to the electromagnetic system of a certain type EMR, electromagnetic system calculation model is established based on MFDPM, and the static force is calculated under different rotation angles; compared with traditional lumped parameter model and FEM, it proves to be of acceptable calculation accuracy and high calculation speed which fit the requirement of robust design.
Hiroaki YOSHIDA Masayuki WAKIZAKA Shigeru YAMASHITA Masahiro FUJITA
With the shorter time-to-market and the rising cost in SoC development, the demand for post-silicon programmability has been increasing. Recently, programmable accelerators have attracted more attention as an enabling solution for post-silicon engineering change. However, programmable accelerators suffers from 5∼10X less energy efficiency than fixed-function accelerators mainly due to their extensive use of memories. This paper proposes a highly energy-efficient accelerator which enables post-silicon engineering change by a control patching mechanism. Then, we propose a patch compilation method from a given pair of an original design and a modified design. We also propose a design method to add redundant wires in advance to decrease the necessary amount of patch memory for post-silicon engineering change. Experimental results demonstrate that the proposed accelerators offer high energy efficiency competitive to fixed-function accelerators and can achieve about 5X higher efficiency than the existing programmable accelerators. We also show the trade-off between redundant wires and the necessary amount of patch memory.
Hao HAN Yinxing XUE Keizo OYAMA Yang LIU
The rendering mechanism plays an indispensable role in browser-based Web application. It generates active webpages dynamically and provides human-readable layout through template engines, which are used as a standard programming model to separate the business logic and data computations from the webpage presentation. The client-side rendering mechanism, owing to the advances of rich application technologies, has been widely adopted. The adoption of client side rendering brings not only various merits but also new problems. In this paper, we propose and construct “pagelet”, a segment-based template engine for developing flexible and extensible Web applications. By presenting principles, practice and usage experience of pagelet, we conduct a comprehensive analysis of possible advantages and disadvantages brought by client-side rendering mechanism from the viewpoints of both developers and end-users.
Rogene LACANIENTA Shingo TAKADA Haruto TANNO Morihide OINUMA
For the past couple of decades, the usage of the Web as a platform for deploying software products has become incredibly popular. Web applications became more prevalent, as well as more complex. Countless Web applications have already been designed, developed, tested, and deployed on the Internet. However, it is noticeable that many common functionalities are present among these vast number of applications. This paper proposes an approach based on a database containing information from previous test artifacts. The information is used to generate test scenarios for Web applications under test. We have developed a tool based on our proposed approach, with the aim of reducing the effort required from software test engineers and professionals during the test planning and creation stage of software engineering. We evaluated our approach from three viewpoints: comparison between our approach and manual generation, qualitative evaluation by professional software engineers, and comparison between our approach and two open-source tools.
Tianyang DONG Jianwei SHI Jing FAN Ling ZHANG
Rule engine technologies have been widely used in the development of enterprise information systems. However, these rule-based systems may suffer the problem of low performance, when there is a large amount of facts data to be matched with the rules. The way of cluster or grid to construct rule engines can flexibly expand system processing capability by increasing cluster scale, and acquire shorter response time. In order to speed up pattern matching in rule engine, a double hash filter approach for alpha network, combined with beta node indexing, is proposed to improve Rete algorithm in this paper. By using fact type node in Rete network, a hash map about ‘fact type - fact type node’ is built in root node, and hash maps about ‘attribute constraint - alpha node’ are constructed in fact type nodes. This kind of double hash mechanism can speed up the filtration of facts in alpha network. Meanwhile, hash tables with the indexes calculated through fact objects, are built in memories of beta nodes, to avoid unnecessary iteration in the join operations of beta nodes. In addition, rule engine based on this improved Rete algorithm is applied in the enterprise information systems. The experimental results show that this method can effectively speed up the pattern matching, and significantly decrease the response time of the application systems.
Hisashi IWAMOTO Yuji YANO Yasuto KURODA Koji YAMAMOTO Kazunari INOUE Ikuo OKA
Ternary content addressable memory (TCAM) is popular LSI for use in high-throughput forwarding engines on routers. However, the unique structure applied in TCAM consume huge amounts of power, therefore it restricts the ability to handle large lookup table capacity in IP routers. In this paper, we propose a commodity-memory based hardware architecture for the forwarding information base (FIB) application that solves the substantial problems of power and density. The proposed architecture is examined by a fabricated test chip with 40 nm embedded DRAM (eDRAM) technology, and the effect of power reduction verified is greatly lower than conventional TCAM based and the energy metric achieve 0.01 fJ/bit/search. The power consumption is almost 0.5 W at 250 Msps and 8M entries.
With the successful adoption of link analysis techniques such as PageRank and web spam filtering, current web search engines well support “navigational search”. However, due to the use of a simple conjunctive Boolean filter in addition to the inappropriateness of user queries, such an engine does not necessarily well support “informational search”. Informational search would be better handled by a web search engine using an informational retrieval model combined with enhancement techniques such as query expansion and relevance feedback. Moreover, the realization of such an engine requires a method to prosess the model efficiently. In this paper we propose a novel extension of an existing top-k query processing technique to improve search efficiency. We add to it the technique utilizing a simple data structure called a “term-document binary matrix,” resulting in more efficient evaluation of top-k queries even when the queries have been expanded. We show on the basis of experimental evaluation using the TREC GOV2 data set and expanded versions of the evaluation queries attached to this data set that the proposed method can speed up evaluation considerably compared with existing techniques especially when the number of query terms gets larger.
Identification of early aspects is the critical problem in aspect-oriented requirement engineering. But the representation of crosscutting concerns is various, which makes the identification difficult. To address the problem, this paper proposes the AspectQuery method based on goal model. We analyze four kinds of goal decomposition models, then summarize the main factors about identification of crosscutting concerns and conclude the identification rules based on a goal model. A goal is crosscutting concern when it satisfies one of the following conditions: i) the goal is contributed to realize one soft-goal; ii) parent goal of the goal is candidate crosscutting concern; iii) the goal has at least two parent goals. AspectQuery includes four steps: building the goal model, transforming the goal model, identifying the crosscutting concerns by identification rules, and composing the crosscutting concerns with the goals affected by them. We illustrate the AspectQuery method through a case study (a ticket booking management system). The results show the effectiveness of AspectQuery in identifying crosscutting concerns in the requirement phase.
Yoshiaki KIRIHA Motoo NISHIHARA
In recent years, technologies and markets related to data centers have been rapidly changing and growing. Data centers are playing an important role in ICT infrastructure deployment and promise to become common platforms for almost all social infrastructures. Even though research has focused on networking technologies, various technologies are needed to develop high-performance, cost-efficient, and flexible large-scale data centers. To understand those technologies better, this paper surveys recent research and development efforts and results in accordance with a data center network taxonomy that the authors defined.
ChangKyun KIM Eun-Gu JUNG Dong Hoon LEE Chang-Ho JUNG Daewan HAN
The cryptographic algorithm called INCrypt32 is a MAC algorithm to authenticate participants, RFID cards and readers, in HID Global's iCLASS systems. HID's iCLASS cards are widely used contactless smart cards for physical access control. Although INCrypt32 is a heart of the security of HID's iCLASS systems, its security has not been evaluated yet since the specification has not been open to public. In this paper, we reveal the specification of INCrypt32 by reverse-engineering iCLASS cards and investigate the security of INCrypt32 with respect to the cryptographic sense. This result is the first work to describe the details of INCrypt32 and the possibility of a secret key (64-bit) recovery in our attack environments. 242 MAC queries are required in the real environment using secure communication protocols. But the required number of MAC queries decreases to 218 if MAC quires for chosen messages with arbitrary length can be requested.
Akito MONDEN Tomoko MATSUMURA Mike BARKER Koji TORII Victor R. BASILI
This paper customizes Goal/Question/Metric (GQM) project monitoring models for various projects and organizations to take advantage of the data from the software tool EPM and to allow the tailoring of the interpretation models based upon the context and success criteria for each project and organization. The basic idea is to build less concrete models that do not include explicit baseline values to interpret metrics values. Instead, we add hypothesis and interpretation layers to the models to help people of different projects make decisions in their own context. We applied the models to two industrial projects, and found that our less concrete models could successfully identify typical problems in software projects.
Kunihiro NODA Takashi KOBAYASHI Shinichiro YAMAMOTO Motoshi SAEKI Kiyoshi AGUSA
Program comprehension using dynamic information is one of key tasks of software maintenance. Software visualization with sequence diagrams is a promising technique to help developer comprehend the behavior of object-oriented systems effectively. There are many tools that can support automatic generation of a sequence diagram from execution traces. However it is still difficult to understand the behavior because the size of automatically generated sequence diagrams from the massive amounts of execution traces tends to be beyond developer's capacity. In this paper, we propose an execution trace slicing and visualization method. Our proposed method is capable of slice calculation based on a behavior model which can treat dependencies based on static and dynamic analysis and supports for various programs including exceptions and multi-threading. We also introduce our tool that perform our proposed slice calculation on the Eclipse platform. We show the applicability of our proposed method by applying the tool to two Java programs as case studies. As a result, we confirm effectiveness of our proposed method for understanding the behavior of object-oriented systems.
Yong-Luo SHEN Seok-Jae KIM Sang-Woo SEO Hyun-Goo LEE Hyeong-Cheol OH
This paper introduces a hardware engine for rendering two-dimensional vector graphics based on the OpenVG standard in portable devices. We focus on two design challenges posed by the rendering engines: the number of vertices to represent the images and the amount of memory usage. Redundant vertices are eliminated using adaptive tessellation, in which the redundancy can be judged using a proposed cost-per-quality measure. A simplified edge-flag rendering algorithm and the scanline-based rendering scheme are adopted to reduce external memory access. The designed rendering engine occupies approximately 173 K gates and can satisfy real-time requirements of many applications when it is implemented using a 0.18 µm, 1.8 V CMOS standard cell library. An FPGA prototype using a system-on-a-chip platform has been developed and tested.
Hasan S.M. AL-KHAFFAF Abdullah Z. TALIB Rosalina ABDUL SALAM
Many factors, such as noise level in the original image and the noise-removal methods that clean the image prior to performing a vectorization, may play an important role in affecting the line detection of raster-to-vector conversion methods. In this paper, we propose an empirical performance evaluation methodology that is coupled with a robust statistical analysis method to study many factors that may affect the quality of line detection. Three factors are studied: noise level, noise-removal method, and the raster-to-vector conversion method. Eleven mechanical engineering drawings, three salt-and-pepper noise levels, six noise-removal methods, and three commercial vectorization methods were used in the experiment. The Vector Recovery Index (VRI) of the detected vectors was the criterion used for the quality of line detection. A repeated measure ANOVA analyzed the VRI scores. The statistical analysis shows that all the studied factors affected the quality of line detection. It also shows that two-way interactions between the studied factors affected line detection.