Collaborative filtering (CF) has been widely used in recommender systems to generate personalized recommendations. However, recommender systems using CF are vulnerable to shilling attacks, in which attackers inject fake profiles to manipulate recommendation results. Thus, shilling attacks pose a threat to the credibility of recommender systems. Previous studies mainly derive features from characteristics of item ratings in user profiles to detect attackers, but the methods suffer from low accuracy when attackers adopt new rating patterns. To overcome this drawback, we derive features from properties of item popularity in user profiles, which are determined by users' different selecting patterns. This feature extraction method is based on the prior knowledge that attackers select items to rate with man-made rules while normal users do this according to their inner preferences. Then, machine learning classification approaches are exploited to make use of these features to detect and remove attackers. Experiment results on the MovieLens dataset and Amazon review dataset show that our proposed method improves detection performance. In addition, the results justify the practical value of features derived from selecting patterns.

In recent data centers, large-scale storage systems storing big data comprise thousands of large-capacity drives. Our goal is to establish a method for building highly reliable storage systems using more than a thousand low-cost large-capacity drives. Some large-scale storage systems protect data by erasure coding to prevent data loss. As the redundancy level of erasure coding is increased, the probability of data loss will decrease, but the increase in normal data write operation and additional storage for coding will be incurred. We therefore need to achieve high reliability at the lowest possible redundancy level. There are two concerns regarding reliability in large-scale storage systems: (i) as the number of drives increases, systems are more subject to multiple drive failures and (ii) distributing stripes among many drives can speed up the rebuild time but increase the risk of data loss due to multiple drive failures. If data loss occurs by multiple drive failure, it affects many users using a storage system. These concerns were not addressed in prior quantitative reliability studies based on realistic settings. In this work, we analyze the reliability of large-scale storage systems with distributed stripes, focusing on an effective rebuild method which we call Dynamic Refuging. Dynamic Refuging rebuilds failed blocks from those with the lowest redundancy and strategically selects blocks to read for repairing lost data. We modeled the dynamic change of amount of storage at each redundancy level caused by multiple drive failures, and performed reliability analysis with Monte Carlo simulation using realistic drive failure characteristics. We showed a failure impact model and a method for localizing the failure. When stripes with redundancy level 3 were sufficiently distributed and rebuilt by Dynamic Refuging, the proposed technique turned out to scale well, and the probability of data loss decreased by two orders of magnitude for systems with a thousand drives compared to normal RAID. The appropriate setting of a stripe distribution level could localize the failure.

A map-reduce framework is popular for big data analysis. In the typical map-reduce framework, both master node and worker nodes can use hard-disk drives (HDDs) as local disks for the map-reduce computation. However, because of the inherit mechanical problems of HDDs, the I/O performance is a bottleneck for the map-reduce framework when I/O-intensive applications (e.g., sorting) are performed. Replacing HDDs with solid-state drives (SSDs) is not economical, although SSDs have better performance than HDDs. In this paper, we propose a virtualization-based hybrid storage system for the map-reduce framework. The objective of the paper is to combine the advantages of the fast access property of SSDs and the low cost of HDDs by realizing an economical design and improving I/O performance of a map-reduce framework in a virtualization environment. We propose three storage combinations: SSD-based, HDD-based, and a hybrid of SSD-based and HDD-based storage systems which balances speed, capacity, and lifetime. According to experiments, the hybrid of SSD-based and HDD-based storage systems offers superior performance and economy.

As the number of surveillance cameras keeps increasing, the demand for automated traffic-monitoring systems is growing. In this paper, we propose a practical vehicle detection method for such systems. In the last decade, vehicle detection mainly has been performed by employing an image scan strategy based on sliding windows whereby a pre-trained appearance model is applied to all image areas. In this approach, because the appearance models are built from vehicle sample images, the normalization of the scales and aspect ratios of samples can significantly influence the performance of vehicle detection. Thus, to successfully apply sliding window schemes to detection, it is crucial to select the normalization sizes very carefully in a wise manner. To address this, we present a novel vehicle detection technique. In contrast to conventional methods that determine the normalization sizes without considering given scene conditions, our technique first learns local region-specific size models based on scene-contextual clues, and then utilizes the obtained size models to normalize samples to construct more elaborate appearance models, namely local size-specific classifiers (LSCs). LSCs can provide advantages in terms of both accuracy and operational speed because they ignore unnecessary information on vehicles that are observable in faraway areas from each sliding window position. We conduct experiments on real highway traffic videos, and demonstrate that the proposed method achieves a 16% increased detection accuracy with at least 3 times faster operational speed compared with the state-of-the-art technique.

Due to the increasing demand for 3D video transmission over wireless networks, managing the quality of experience (QoE) of wireless 3D video clients is becoming increasingly important. However, the variability of compressed 3D video bit streams and the wireless channel condition as well as the complexity of 3D video viewing experience assessment make it difficult to properly allocate wireless transmission resources. In this paper, we discuss the characteristics of H.264 3D videos and QoE assessment of 3D video clients, and further propose a transmission scheme for 3D video transmission over a wireless communication system. The purpose of our scheme is to minimize the average ratio of stalls among all video streaming clients. By taking into account the playout lead and its change, we periodically evaluate the degree of urgency of each client as regards bitstream receipt based on fuzzy logic, and then allocate the transmission resource blocks to clients jointly considering their degrees of urgency and channel conditions. The adaptive modulation and coding scheme (MCS) is applied to ensure a low transmission error rate. Our proposed scheme is suitable for practical implementation since it has low complexity, and can be easily applied in 2D video transmission and in non-OFDM systems. Simulation results, based on three left-and-right-views 3D videos and the Long Term Evolution (LTE) system, demonstrate the validity of our proposed scheme.

In this paper, we study the spectral efficiency of the uplink multi-user large-scale distributed antenna systems (DAS) with imperfect channel state information. We propose the system model of multi-user DAS and illustrate the necessity of pilot reuse. Then, we derive the sum-rate of the system under pilot contamination. Furthermore, we investigate the asymptotical performance when the number of antennas goes to infinity. To reduce the pilot contamination, we present two novel pilot assignment algorithms to improve the spectral efficiency. Finally, we evaluate our proposed strategies through extensive simulations which show that compared with random pilot reuse, the min-max algorithm shows impressive performance with low complexity.

In this research, we investigated the reliability of a 1-out-of-2 system with two-stage repair comprising hardware restoration and data reconstruction modes. Hardware restoration is normally independently executed by two modules. In contrast, we assumed that one of the modules could omit data reconstruction by replicating the data from the module during normal operation. In this 1-out-of-2 system, the two modules mutually cooperated in the recovery mode. As a first step, an evaluation model using Markov chains was constructed to derive a reliability measure: “unavailability in steady state.” Numerical examples confirmed that the reliability of the system was improved by the use of two cooperating modules. As the data reconstruction time increased, the gains in terms of system reliability also increased.

DDoS remains a major threat to Software Defined Networks. To keep SDN secure, effective detection techniques for DDoS are indispensable. Most of the newly proposed schemes for detecting such attacks on SDN make the SDN controller act as the IDS or the central server of a collaborative IDS. The controller consequently becomes a target of the attacks and a heavy loaded point of collecting traffic. A collaborative intrusion detection system is proposed in this paper without the need for the controller to play a central role. It is deployed as a modified artificial neural network distributed over the entire substrate of SDN. It disperses its computation power over the network that requires every participating switch to perform like a neuron. The system is robust without individual targets and has a global view on a large-scale distributed attack without aggregating traffic over the network. Emulation results demonstrate its effectiveness.

In this paper, we propose a single-channel speech enhancement method for a push-to-talk enabled wireless communication device. The proposed method is based on adaptive weighted β-order spectral amplitude estimation under speech presence uncertainty and enhanced instantaneous phase estimation in order to achieve flexible and effective noise reduction while limiting the speech distortion due to different noise conditions. Experimental results confirm that the proposed method delivers higher voice quality and intelligibility than the reference methods in various noise environments.

Since many cyber-physical systems (CPSs) manipulate security-sensitive data, enhancing the quality of security in a CPS is a critical and challenging issue in CPS design. Although there has been a large body of research on securing general purpose PCs, directly applying such techniques to a CPS can compromise the real-time property of CPSs since the timely execution of tasks in a CPS typically relies on real-time scheduling. Recognizing this property, previous works have proposed approaches to add a security constraint to the real-time properties to cope with the information leakage problem that can arise between real-time tasks with different security levels. However, conventional works have mainly focused on non-preemptive scheduling and have suggested a very naive approach for preemptive scheduling, which shows limited analytical capability. In this paper, we present a new preemptive fixed-priority scheduling algorithm incorporating a security constraint, called lowest security-level first (LSF) and its strong schedulability analysis to reduce the potential of information leakage. Our simulation results show that LSF schedulability analysis outperforms state-of-the-art FP analysis when the security constraint has reasonable timing penalties.

As the demand for higher transmission rates and spectral efficiency is steadily increasing, the research and development of novel mobile communication systems has gained momentum. This paper focuses on providing a comprehensive survey of research and development activities on fifth generation mobile communication systems in Japan. We try to survey a vast area of wireless communication systems and the developments that led to future 5G systems.

Fine-grained power gating (FGPG) is a power-saving technique by switching off circuit blocks while the blocks are idle. Although FGPG can reduce power consumption without compromising computational performance, switching the power supply on and off causes energy overhead. To prevent power increase caused by the energy overhead, in our prior research we proposed an FGPG control method of the operating system(OS) based on pre-analyzing applications' power usage. However, modern computing systems have a wide variety of use cases and run many types of application; this makes it difficult to analyze the behavior of all these applications in advance. This paper therefore proposes a new FGPG control method without profiling application programs in advance. In the new proposed method, the OS monitors a circuit's idle interval periodically while application programs are running. The OS enables FGPG only if the interval time is long enough to reduce the power consumption. The experimental results in this paper show that the proposed method reduces power consumption by 9.8% on average and up to 17.2% at 25°C. The results also show that the proposed method achieves almost the same power-saving efficiency as the previous profile-based method.

Analyzing the schedulability of hierarchical real-time systems is difficult because of the systems' complex behavior. It gets more complicated when shared resources or dependencies among tasks are included. This paper introduces a framework based on UPPAAL that can analyze the schedulability of hierarchical real-time systems.

Buffer overflow is one of the main approaches to get control of vulnerable programs. This paper presents a protection technique called BFWindow for performance and resource sensitive embedded systems. By coloring data structure in memory with single associate property bit to each byte and extending the target memory block to a BFWindow(2), it validates each memory write by speculatively checking consistency of data properties within the extended buffer window. Property bits are generated by compiler statically and checked by hardware at runtime. They are transparent to users. Experimental results show that the proposed mechanism is effective to prevent sequential memory writes from crossing buffer boundaries which is the common scenario of buffer overflow exploitations. The performance overhead for practical protection mode across embedded system benchmarks is under 1%.

In the classical computation theory, the language of a system features the computational behavior of the system but it does not distinguish the determinism and nondeterminism of actions. However, Milner found that the determinism and nondeterminism affect the interactional behavior of interactive systems and thus the notion of language does not features the interactional behavior. Therefore, Milner proposed the notion of (weak) bisimulation to solve this problem. With the development of internet, more and more interactive systems occur in the world, such as electronic trading system. Security is one of the most important topics for these systems. We find that different security policies can also affect the interactional behavior of a system, which exactly is the reason why a good policy can strengthen the security. In other words, two interactive systems with different security policies are not of an equivalent behavior although their functions (or business processes) are identical. However, the classic (weak) bisimulation theory draws an opposite conclusion that their behaviors are equivalent. The notion of (weak) bisimulation is not suitable for these security-oriented interactive systems since it does not consider a security policy. This paper proposes the concept of secure bisimulation in order to solve the above problem.

In heterogeneous networks, network selection is an important task for reconfigurable mobile devices (MDs). In the reconfigurable MD architecture that has been standardized by the European Telecommunications Standards Institute (ETSI), the network selection functionality is handled by a software component called Mobility Policy Manager (MPM). In this paper, we present an implementation of the MPM whereby a reconfigurable MD conforming to the ETSI standard can select the most appropriate radio access network (RAN) to use. We implemented a reconfigurable MD test-bed compliant with the ETSI standard, and show that the network selection driven by the MPM enhances the throughput of the receiving MD by about 26% compared to the arbitrary network selection provided by a conventional reconfigurable MD without the functionality of MPM, verifying the functionality of the MPM.

In most existing centralized lighting control systems, the lighting control problem (LCP) is reformulated as a constrained minimization problem and solved by linear programming (LP). However, in real-world applications, LCP is actually discrete and non-linear, which means that more accurate algorithm may be applied to achieve improvements in energy saving. In this paper, particle swarm optimization (PSO) is successfully applied for office lighting control and a linear programming guided particle swarm optimization (LPPSO) algorithm is developed to achieve considerable energy saving while satisfying users' lighting preference. Simulations in DIALux office models (one with small number of lamps and one with large number of lamps) are made and analyzed using the proposed control algorithms. Comparison with other widely used methods including LP shows that LPPSO can always achieve higher energy saving than other lighting control methods.

The software birthmarking technique has conventionally been studied in fields such as software piracy, code theft, and copyright infringement. The most recent API-based software birthmarking method (Han et al., 2014) extracts API call sequences in entire code sections of a program. Additionally, it is generated as a birthmark using a cryptographic hash function (MD5). It was reported that different application types can be categorized in a program through pre-filtering based on DLL/API numbers/names. However, similarity cannot be measured owing to the cryptographic hash function, occurrence of false negatives, and it is difficult to functionally categorize applications using only DLL/API numbers/names. In this paper, we propose an API-based software birthmarking method using fuzzy hashing. For the native code of a program, our software birthmarking technique extracts API call sequences in the segmented procedures and then generates them using a fuzzy hash function. Unlike the conventional cryptographic hash function, the fuzzy hash is used for the similarity measurement of data. Our method using a fuzzy hash function achieved a high reduction ratio (about 41% on average) more than an original birthmark that is generated with only the API call sequences. In our experiments, when threshold ε is 0.35, the results show that our method is an effective birthmarking system to measure similarities of the software. Moreover, our correlation analysis with top 50 API call frequencies proves that it is difficult to functionally categorize applications using only DLL/API numbers/names. Compared to prior work, our method significantly improves the properties of resilience and credibility.

This paper proposes a static application mapping technique, based on integer linear programming, for non-hierarchical manycore embedded systems. Unlike previous work which was designed for hierarchical manycore SoCs, this work allows more flexible application mapping to achieve higher performance. The experimental results show the effectiveness of this work.

In this letter, an underground facility management system for effective underground facility management is suggested. The present underground facility management system uses a wired and wireless duplex communication method to enable seamless communication, and rapid responses to any failures encountered. In this letter, the architecture and components of underground facility management system supporting heterogeneous duplex communication is suggested, and relevant work flow is presented.