A novel experimental design method based on a low-frequency active load-pull technique that includes harmonic tuning has been proposed for high-efficiency microwave power amplifiers. The intrinsic core component of a transistor with a maximum oscillation frequency of more than several tens of gigahertz can be approximately assumed as the nonlinear current source with no frequency dependence at an operation frequency of several gigahertz. In addition, the reactive parasitic elements in a transistor can be omitted at a frequency of much less than 1GHz. Therefore, the optimum impedance condition including harmonics for obtaining high efficiency in a nonlinear current source can be directly investigated based on a low-frequency active harmonic load-pull technique in the low-frequency region. The optimum load condition at the operation frequency for an external load circuit can be estimated by considering the properties of the reactive parasitic elements and the nonlinear current source. For an InGaAs/GaAs pHEMT, active harmonic load-pull considering up to the fifth-order harmonic frequency was experimentally carried out at the fundamental frequency of 20MHz. By using the estimated optimum impedance condition for an equivalent nonlinear current source, high-frequency amplifiers were designed and fabricated at the 1.9-GHz, 2.45-GHz, and 5.8-GHz bands. The fabricated amplifiers exhibited maximum drain efficiency values of 79%, 80%, and 74% at 1.9GHz, 2.47GHz, and 5.78GHz, respectively.

In this paper, we propose an overloaded multiple-input multiple-output (MIMO) signal detection scheme with slab decoding and lattice reduction (LR). The proposed scheme firstly splits the transmitted signal vector into two parts, the post-voting vector composed of the same number of signal elements as that of receive antennas, and the pre-voting vector composed of the remaining elements. Secondly, it reduces the candidates of the pre-voting vector using slab decoding and determines the post-voting vectors for each pre-voting vector candidate by LR-aided minimum mean square error (MMSE)-successive interference cancellation (SIC) detection. From the performance analysis of the proposed scheme, we derive an upper bound of the error probability and show that it can achieve the full diversity order. Simulation results show that the proposed scheme can achieve almost the same performance as the optimal ML detection while reducing the required computational complexity.

This article describes an approximate model of a group of cells in the wireless 4G network with implemented load balancing mechanism. An appropriately modified model of Erlang's Ideal Grading is used to model this group of cells. The model makes it possible to take into account limited availability of resources of individual cells to multi-rate elastic and adaptive traffic streams generated by Erlang and Engset sources. The developed solution allows the basic traffic characteristics in the considered system to be determined, i.e. the occupancy distribution and the blocking probability. Because of the approximate nature of the proposed model, the results obtained based on the model were compared with the results of a digital simulation. The present study validates the adopted assumptions of the proposed model.

Network Intrusion Detection Systems (NIDS) are deployed to protect computer networks from malicious attacks. Proper evaluation of NIDS requires more scrutiny than the evaluation for general network appliances. This evaluation is commonly performed by sending pre-generated traffic through the NIDS. Unfortunately, this technique is often limited in diversity resulting in evaluations incapable of examining the complex data structures employed by NIDS. More sophisticated methods that generate workload directly from NIDS rules consume excessive resources and are incapable of running in real-time. This work proposes a novel approach to real-time workload generation for NIDS evaluation to improve evaluation diversity while maintaining much higher throughput. This work proposes a generative grammar which represents an optimized version of a context-free grammar derived from the set of strings matching to the given NIDS rule database. The grammar is memory-efficient and computationally light when generating workload. Experiments demonstrate that grammar-generated workloads exert an order of magnitude more effort on the target NIDS. Even better, this improved diversity comes at much smaller cost in memory and speeds four times faster than current approaches.

Wireless Sensor Networks (WSNs) have gained importance with a rapid growth in their applications during the past decades. There has also been a rise in the need for energy-efficient and scalable routing along with the data aggregation protocols for the large scale deployments of sensor networks. The traditional routing algorithms suffer from drawbacks such as the presence of one hop long distance data transmissions, very large or very small clusters within a network at the same moment, over-accumulated energy consumption within the cluster-heads (CHs) etc. The lifetime of WSNs is also decreased due to these drawbacks. To overcome them, we have proposed a new method for the Multi-Hop, Far-Zone and Load-Balancing Hierarchical-Based Routing Algorithm for Wireless Sensor Network (MFLHA). Various improvements have been brought forward by MFLHA. The first contribution of the proposed method is the existence of a large probability for the nodes with higher energy to become the CH through the introduction of the energy decision condition and energy-weighted factor within the electing threshold of the CH. Secondly, MFLHA forms a Far-Zone, which is defined as a locus where the sensors can reach the CH with an energy less than a threshold. Finally, the energy consumption by CHs is reduced by the introduction of a minimum energy cost method called the Multi-Hop Inter-Cluster routing algorithm. Our experimental results indicate that MFLHA has the ability to balance the network energy consumption effectively as well as extend the lifetime of the networks. The proposed method outperforms the competitors especially in the middle range distances.

Drive-by download attacks force users to automatically download and install malware by redirecting them to malicious URLs that exploit vulnerabilities of the user's web browser. In addition, several evasion techniques, such as code obfuscation and environment-dependent redirection, are used in combination with drive-by download attacks to prevent detection. In environment-dependent redirection, attackers profile the information on the user's environment, such as the name and version of the browser and browser plugins, and launch a drive-by download attack on only certain targets by changing the destination URL. When malicious content detection and collection techniques, such as honeyclients, are used that do not match the specific environment of the attack target, they cannot detect the attack because they are not redirected. Therefore, it is necessary to improve analysis coverage while countering these adversarial evasion techniques. We propose a method for exhaustively analyzing JavaScript code relevant to redirections and extracting the destination URLs in the code. Our method facilitates the detection of attacks by extracting a large number of URLs while controlling the analysis overhead by excluding code not relevant to redirections. We implemented our method in a browser emulator called MINESPIDER that automatically extracts potential URLs from websites. We validated it by using communication data with malicious websites captured during a three-year period. The experimental results demonstrated that MINESPIDER extracted 30,000 new URLs from malicious websites in a few seconds that conventional methods missed.

Modern web users may encounter a browser security threat called drive-by-download attacks when surfing on the Internet. Drive-by-download attacks make use of exploit codes to take control of user's web browser. Many web users do not take such underlying threats into account while clicking URLs. URL Blacklist is one of the practical approaches to thwarting browser-targeted attacks. However, URL Blacklist cannot cope with previously unseen malicious URLs. Therefore, to make a URL blacklist effective, it is crucial to keep the URLs updated. Given these observations, we propose a framework called automatic blacklist generator (AutoBLG) that automates the collection of new malicious URLs by starting from a given existing URL blacklist. The primary mechanism of AutoBLG is expanding the search space of web pages while reducing the amount of URLs to be analyzed by applying several pre-filters such as similarity search to accelerate the process of generating blacklists. AutoBLG consists of three primary components: URL expansion, URL filtration, and URL verification. Through extensive analysis using a high-performance web client honeypot, we demonstrate that AutoBLG can successfully discover new and previously unknown drive-by-download URLs from the vast web space.

Efficient detection schemes for an overloaded multiple-input multiple-output (MIMO) system have been investigated recently. The literature shows that trellis coded modulation (TCM) is able to enhance a system's capability to separate signal streams in the detection process of MIMO systems. However, the computational complexity remains high as a maximum likelihood detection (MLD) algorithm is used in the scheme. Thus, a sphere decoding (SD) algorithm with a pseudo distance (PD) is proposed in this paper. The PD maintains the coding gain advantage of the TCM by keeping some potential paths connected unlike conventional SD which truncates them. It is shown that the proposed scheme can reduce the number of distance calculations by about 98% for the transmission of 3 signal streams. In addition, the proposed scheme improves the performance by about 2dB at the bit error rate of 10-2.

This paper presents a low complexity metric for joint maximum-likelihood detection (MLD) in overloaded multiple-input multiple-output (MIMO)-orthogonal frequency division multiplexing (OFDM) systems. In overloaded MIMO systems, a nonlinear detection scheme such as MLD combined with error correction coding achieves better performance than is possible with a single signal stream with higher order modulation. However, MLD incurs high computation complexity because of the multiplications in the selection of candidate signal points. Thus, a Manhattan metric has been used to reduce the complexity. Nevertheless, it is not accurate and causes performance degradation in overloaded MIMO systems. Thus, this paper proposes a new metric whose calculations involve only summations and bit shifts. New numerical results obtained through computer simulation show that the proposed metric improves bit error rate (BER) performance by more than 0.2dB at the BER of 10-4 in comparison with a Manhattan metric.

In this paper, we propose a workload assignment policy for reducing power consumption by air conditioners in data centers. In the proposed policy, to reduce the air conditioner power consumption by raising the temperature set points of the air conditioners, the temperatures of all server back-planes are equalized by moving workload from the servers with the highest temperatures to the servers with the lowest temperatures. To evaluate the proposed policy, we use a computational fluid dynamics simulator for obtaining airflow and air temperature in data centers, and an air conditioner model based on experimental results from actual data center. Through evaluation, we show that the air conditioners' power consumption is reduced by 10.4% in a conventional data center. In addition, in a tandem data center proposed in our research group, the air conditioners' power consumption is reduced by 53%, and the total power consumption of the whole data center is exhibited to be reduced by 23% by reusing the exhaust heat from the servers.

This paper proposes an open-loop correlation reduction precoding scheme for overloaded multiple-input multiple-output (MIMO) orthogonal frequency division multiplexing (OFDM) systems. In overloaded MIMO-OFDM systems, frequency diversity through joint maximum likelihood (ML) decoding suppresses performance degradation owing to spatial signal multiplexing. However, on a line-of-sight (LOS) channel, a channel matrix may have a large correlation between coded symbols transmitted on separate subcarriers. The correlation reduces the frequency diversity gain and deteriorates the signal separation capability. Thus, in the proposed scheme, open-loop precoding is employed at the transmitter of an overloaded MIMO system in order to reduce the correlation between codewords transmitted on different signal streams. The proposed precoding scheme changes the amplitude as well as the phase of the coded symbols transmitted on different subcarriers. Numerical results obtained through computer simulation show that the proposed scheme improves the bit error rate performance on Rician channels. It is also shown that the proposed scheme greatly suppresses the performance degradation on an independent Rayleigh fading channel even though the amplitude of the coded symbols varies.

Considering diversified HTTP types, the performance bottleneck of signature-based classification must be resolved. We define a signature model classifying the traffic in multiple dimensions and suggest a hierarchical signature structure to remove signature redundancy and minimize search space. Our experiments on campus traffic demonstrated 1.8 times faster processing speed than the Aho-Corasick matching algorithm in Snort.

The hop-limited adaptive routing (HLAR) mechanism and its enhancement (EHLAR), both tailored for the packet-switched non-geostationary (NGEO) satellite networks, are proposed and evaluated. The proposed routing mechanisms exploit both the predictable topology and inherent multi-path property of the NGEO satellite networks to adaptively distribute the traffic via all feasible neighboring satellites. Specifically, both mechanisms assume that a satellite can send the packets to their destinations via any feasible neighboring satellites, thus the link via the neighboring satellite to the destination satellite is assigned a probability that is proportional to the effective transmission to the destination satellites of the link. The satellite adjusts the link probability based on the packet sending information observed locally for the HLAR mechanism or exchanged between neighboring satellites for the EHLAR mechanism. Besides, the path of the packets are bounded by the maximum hop number, thus avoiding the unnecessary over-detoured packets in the satellite networks. The simulation results corroborate the improved performance of the proposed mechanisms compared with the existing in the literature.

Recent studies on switching fabrics mainly focus on the switching schedule algorithms, which aim at improving the throughput (a key performance metric). However, the delay (another key performance metric) of switching fabrics cannot be well guaranteed. A good switching fabric should be endowed with the properties of high throughput, delay guarantee, low component complexity and high-speed multicast, which are difficult for conventional switching fabrics to achieve. This has fueled great interest in designing a new switching fabric that can support large-scale extension and high-speed multicast. Motivated by this, we reuse the self-routing Boolean concentrator network and embed a model of multicast packet copy separation in front to construct a load-balanced multicast switching fabric (LB-MSF) with delay guarantee. The first phase of LB-MSF is responsible for balancing the incoming traffic into uniform cells while the second phase is in charge of self-routing the cells to their final destinations. In order to improve the throughput, LB-MSF is combined with the merits of erasure codes against packet loss. Experiments and analyses verify that the proposed fabric is able to achieve high-speed multicast switching and suitable for building super large-scale switching fabric in Next Generation Network(NGN) with all the advantages mentioned above. Furthermore, a prototype of the proposed switch is developed on FPGA, and presents excellent performance.

We demonstrated that load balancing using actual subscriber extension numbers was practical and effective against traffic congestion after a disaster based on actual data. We investigated the ratios of the same subscriber extension numbers in each prefecture and found that most of them were located almost evenly all over the country without being concentrated in a particular area. The ratio of every number except for the fourth-last digit in the last group of four numbers in a telephone number was used almost equally and located almost evenly all over the country. Tolerance against overload in the last, second-, and third-last single digits stays close to that in the ideal situation if we assume that each session initiation protocol server has a capacity in accordance with the ratio of each number on every single digit in the last group of four numbers in Japan. Although tolerance against overload in double-, triple-, and quadruple-digit numbers does not stay close to that in the ideal situation, it still remains sufficiently high in the case of double- and triple-digit numbers. Although tolerance against overload in the quadruple-digit numbers becomes low, disaster congestion is still not likely to occur in almost half of the area of Japan (23 out of 47 prefectures).

With shortest path bridging MAC (SPBM), shortest path trees are computed based on link metrics from each node to all other participating nodes. When an edge bridge receives a frame, it selects a path along which to forward the frame to its destination node from multiple shortest paths. Blocking ports are eliminated to allow full use of the network links. This approach is expected to use network resources efficiently and to simplify the operating procedure. However, there is only one multipath distribution point in the SPBM network. This type of network can be defined as an end-to-end multipath network. Edge bridges need to split flows to achieve the load balancing of the entire network. This paper proposes a rate-based path selection scheme that can be employed for end-to-end multipath networks including SPBM. The proposed scheme assumes that a path with a low average rate will be congested because the TCP flow rates decrease on a congested path. When a new flow arrives at an edge bridge, it selects the path with the highest average rate since this should provide the new flow with the highest rate. The performance of the proposed scheme is confirmed by computer simulations. The appropriate timeout value is estimated from the expected round trip time (RTT). If an appropriate timeout value is used, the proposed scheme can realize good load balancing. The proposed scheme improves the efficiency of link utilization and throughput fairness. The performance is not affected by differences in the RTT or traffic congestion outside the SPBM network.

This paper presents a codeword metric calculation scheme for two step joint decoding of block coded signals in overloaded multiple-input multiple-output (MIMO) orthogonal frequency division multiplexing (OFDM) systems. A two step joint decoding scheme has been proposed for the complexity reduction as compared to joint maximum likelihood decoding in overloaded MIMO systems. Outer codes are widely used in wireless LANs such as IEEE802.11n. However, the two step joint decoding has not been combined with an outer code. In the first step of the two step joint decoding candidate codewords for metric calculation in the second step are selected. The selection of the candidate codewords in the inner block code may not always be able to provide the metric of a binary coded symbol for the outer code. Moreover, a bit flipping based codeword selection scheme in the two step joint decoding may not always provide the second best candidate codeword. Thus, in the proposed scheme the metric of the binary coded symbol calculated in the first step is reused in the second step of two step joint decoding. It is shown that the two step joint decoding with the proposed metric calculation scheme achieves better performance than that of the joint decoding with the bit flipping based codeword calculation scheme and reduces the complexity by about 0.013 for 4 signal streams with the cost of bit error rate degradation within 0.5dB.

To eliminate CAMs from the load/store queues, several techniques to detect memory access order violation with hash filters composed of RAMs have been proposed. This paper proposes a technique with parallel counting Bloom filters (PCBF). A Bloom filter has extremely low false positive rates owing to multiple hash functions. Although some existing researches claim the use of Bloom filters, none of them make mention to multiple hash functions. This paper also addresses the problem relevant to the variety of access sizes of load/store instructions. The evaluation results show that our technique, with only 2720-bit Bloom filters, achieves a relative IPC of 99.0% while the area and power consumption are greatly reduced to 14.3% and 22.0% compared to a conventional model with CAMs. The filter is much smaller than usual branch predictors.

Controlling interference from the secondary system (SS) to the receiver of the primary system (PS) is an important issue when the SS uses the same frequency band as the television broadcast system. The reason includes that the SS is unaware of the interference imposed on the primary receiver (PS-Rx), which does not have a transmitter. In this paper, we propose an interference control method between PS-Rx and SS, where a load modulation scheme is introduced to the PS-Rx. In this method, the signal from the PS transmitting station is scattered by switching its load impedance. The SS observes the scattered channel and calculates the interference suppression weights for transmitting, and controls interference by transmit beamforming. A simulation shows that the Signal-to-Interference Ratio (SIR) with interference control is improved by up to 41.5dB compared to that without interference control at short distances; the results confirm that the proposed method is effective in controlling interference between PS-Rx and SS. Furthermore, we evaluate the Signal-to-Noise Ratio (SNR) and channel capacity at SS.

We investigated client honeypots for detecting and circumstantially analyzing drive-by download attacks. A client honeypot requires both improved inspection performance and in-depth analysis for inspecting and discovering malicious websites. However, OS overhead in recent client honeypot operation cannot be ignored when improving honeypot multiplication performance. We propose a client honeypot system that is a combination of multi-OS and multi-process honeypot approaches, and we implemented this system to evaluate its performance. The process sandbox mechanism, a security measure for our multi-process approach, provides a virtually isolated environment for each web browser. It prevents system alteration from a compromised browser process by I/O redirection of file/registry access. To solve the inconsistency problem of file/registry view by I/O redirection, our process sandbox mechanism enables the web browser and corresponding plug-ins to share a virtual system view. Therefore, it enables multiple processes to be run simultaneously without interference behavior of processes on a single OS. In a field trial, we confirmed that the use of our multi-process approach was three or more times faster than that of a single process, and our multi-OS approach linearly improved system performance according to the number of honeypot instances. In addition, our long-term investigation indicated that 72.3% of exploitations target browser-helper processes. If a honeypot restricts all process creation events, it cannot identify an exploitation targeting a browser-helper process. In contrast, our process sandbox mechanism permits the creation of browser-helper processes, so it can identify these types of exploitations without resulting in false negatives. Thus, our proposed system with these multiplication approaches improves performance efficiency and enables in-depth analysis on high interaction systems.