Research on File System Event Monitoring in Android Platform

Android is a standard and popular platform of various smart phone. Security thread is a major problem to smart phone. File system event monitoring is essential for many types of programs ranging from file managers to security tools. In this paper, we make research on file system event monitoring. Our approach involves file nodes monitor by Android API and Linux native system call. We compare different features between them. It shows that each method has its benefit and limitation. Linux system calls method outperforms API in flexibility and scalability. But it has its un-convenience to user for its page alignment. A comprehensive method is proposed to take advantage of significant performance gains.

Download Full-text

HAL-ASOS Accelerator Model: Evolutive Elasticity by Design

Electronics ◽

10.3390/electronics10172078 ◽

2021 ◽

Vol 10 (17) ◽

pp. 2078

Author(s):

Vítor Silva ◽

Paulo Pinto ◽

Paulo Cardoso ◽

Jorge Cabral ◽

Adriano Tavares

Keyword(s):

File System ◽

Control Unit ◽

Computing Unit ◽

System Calls ◽

Hardware System ◽

Software Reconfiguration ◽

Field Programmable ◽

Significant Performance ◽

Programmable Gate Arrays ◽

Virtual File System

To address the integration of software threads and hardware accelerators into the Linux Operating System (OS) programming models, an accelerator architecture is proposed, based on micro-programmable hardware system calls, which fully export these resources into the Linux OS user-space through a design-specific virtual file system. The proposed HAL-ASOS accelerator model is split into a user-defined Hardware Task and a parameterizable Hardware Kernel with three differentiated transfer channels, aiming to explore distinct BUS technology interfaces and promote the accelerator to a first-class computing unit. This paper focuses on the Hardware Kernel and mainly its microcode control unit, which will leverage the elasticity to naturally evolve with Linux OS through key differentiating capabilities of field programmable gate arrays (FPGAs) when compared to the state of the art. To comply with the evolutive nature of Linux OS, or any Hardware Task incremental features, the proposed model generates page-faults signaling runtime errors that are handled at the kernel level as part of the virtual file system runtime. To evaluate the accelerator model’s programmability and its performance, a client-side application based on the AES 128-bit algorithm was implemented. Experiments demonstrate a flexible design approach in terms of hardware and software reconfiguration and significant performance increases consistent with rising processing demands or clock design frequencies.

Download Full-text

DDxNet: a deep learning model for automatic interpretation of electronic health records, electrocardiograms and electroencephalograms

Scientific Reports ◽

10.1038/s41598-020-73126-9 ◽

2020 ◽

Vol 10 (1) ◽

Author(s):

Jayaraman J. Thiagarajan ◽

Deepta Rajan ◽

Sameeksha Katoch ◽

Andreas Spanias

Keyword(s):

Electronic Health Records ◽

Rapid Development ◽

Benchmark Problems ◽

Health Records ◽

Automatic Interpretation ◽

Deep Architecture ◽

Significant Performance ◽

Electronic Health ◽

Improving Accuracy ◽

Performance Gains

Abstract Effective patient care mandates rapid, yet accurate, diagnosis. With the abundance of non-invasive diagnostic measurements and electronic health records (EHR), manual interpretation for differential diagnosis has become time-consuming and challenging. This has led to wide-spread adoption of AI-powered tools, in pursuit of improving accuracy and efficiency of this process. While the unique challenges presented by each modality and clinical task demand customized tools, the cumbersome process of making problem-specific choices has triggered the critical need for a generic solution to enable rapid development of models in practice. In this spirit, we develop DDxNet, a deep architecture for time-varying clinical data, which we demonstrate to be well-suited for diagnostic tasks involving different modalities (ECG/EEG/EHR), required level of characterization (abnormality detection/phenotyping) and data fidelity (single-lead ECG/22-channel EEG). Using multiple benchmark problems, we show that DDxNet produces high-fidelity predictive models, and sometimes even provides significant performance gains over problem-specific solutions.

Download Full-text

Taint Graph of System Call Arguments for Intrusion Detection in Mobile Intelatrac

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.546-547.1101 ◽

2012 ◽

Vol 546-547 ◽

pp. 1101-1106

Author(s):

Dan Nie ◽

Yu Hui Wang

Keyword(s):

Intrusion Detection ◽

Control Flow ◽

System Call ◽

Mobile Telecommunication ◽

Control Data ◽

Critical Data ◽

Buffer Overflows ◽

System Calls ◽

Flow Information ◽

Behavior Profile

The intended data-flow in a vulnerable program is subject to be subverted by attacks which exploit buffer overflows or format string vulnerabilities to write data to unintended location. In Mobile Telecommunication it is especially important on data safety. These attacks can be classified into two types: control-flow-attacks exploit buffer overflows or other vulnerabilities to overwrite a return address, a function pointer, or some other piece of control-data; non-control-data attacks exploit similar vulnerabilities to overwrite security critical data without subverting the intended control-flow in the program. The control-flow attacks are well studied and widely used, so there are several typical approaches to prevent them, which monitor the sequence of system calls emitted by the application being monitored and utilize control-flow information of the system calls for intrusion detection. However, the non-control-data attacks are rare for the reason that they rely on specific semantics of the target applications, and there are only few works that defend them to some extent. In order to prevent non-control-data attacks, we leverage dynamic taint technique to track the instruction level relationship between different system call arguments and construct taint graph which can represent behavior profile of a benign program in this paper..

Download Full-text

Simulation of a Floating Offshore Wind Turbine With an Integrated Response Mitigation Technology

ASME 2018 1st International Offshore Wind Technical Conference ◽

10.1115/iowtc2018-1087 ◽

2018 ◽

Author(s):

Christopher K. Allen ◽

Andrew J. Goupee ◽

Jeffrey Lindner ◽

Robert Berry

Keyword(s):

Offshore Wind ◽

Offshore Wind Turbine ◽

The Novel ◽

Mass Reduction ◽

Turbine Performance ◽

Additional Equipment ◽

Significant Performance ◽

Integrated Response ◽

The University ◽

Performance Gains

This work investigates the implementation of a novel, NASA-developed Fluid Harmonic Absorber (FHA) technology to mitigate platform motions and structural loads that can lead to lighter platforms, increased turbine performance, and ultimately, a lower LCOE. The novel damping strategy takes advantage of existing water ballast in the VolturnUS semi-submersible platform to achieve significant performance gains with minimal additional equipment and complexity. NREL’s FOWT software FAST is modified to include the primary features of the FHA technology. A study of the University of Maine-developed VolturnUS semi-submersible FOWT augmented with FHA technology is undertaken to quantify global performance of the system. When compared to the baseline technology, numerical simulations of a redesigned platform utilizing the FHA dampers indicate a reduction of 15.8% in hull structural material. Finally, the improvements in LCOE resulting from this mass reduction are assessed to demonstrate the advantages of NASA’s FHA technology for FOWT applications.

Download Full-text

A Generic Data-Driven Recommendation System for Large-Scale Regular and Ride-Hailing Taxi Services

Electronics ◽

10.3390/electronics9040648 ◽

2020 ◽

Vol 9 (4) ◽

pp. 648 ◽

Cited By ~ 3

Author(s):

Xiangpeng Wan ◽

Hakim Ghazzai ◽

Yehia Massoud

Keyword(s):

Waiting Time ◽

Large Scale ◽

Recommendation System ◽

Performance Metrics ◽

Routing Algorithm ◽

Area Of Interest ◽

The Future ◽

Taxi Service ◽

Significant Performance ◽

Performance Gains

Modern taxi services are usually classified into two major categories: traditional taxicabs and ride-hailing services. For both services, it is required to design highly efficient recommendation systems to satisfy passengers’ quality of experience and drivers’ benefits. Customers desire to minimize their waiting time before rides, while drivers aim to speed up their customer hunting. In this paper, we propose to leverage taxi service efficiency by designing a generic and smart recommendation system that exploits the benefits of Vehicular Social Networks (VSNs). Aiming at optimizing three key performance metrics, number of pick-ups, customer waiting time, and vacant traveled distance for both taxi services, the proposed recommendation system starts by efficiently estimating the future customer demands in different clusters of the area of interest. Then, it proposes an optimal taxi-to-region matching according to the location of each taxi and the future requested demand of each region. Finally, an optimized geo-routing algorithm is developed to minimize the navigation time spent by drivers. Our simulation model is applied to the borough of Manhattan and is validated with realistic data. Selected results show that significant performance gains are achieved thanks to the additional cooperation among taxi drivers enabled by VSN, as compared to traditional cases.

Download Full-text

Dirichlet Multinomial Mixture with Variational Manifold Regularization: Topic Modeling over Short Texts

Proceedings of the AAAI Conference on Artificial Intelligence ◽

10.1609/aaai.v33i01.33017884 ◽

2019 ◽

Vol 33 ◽

pp. 7884-7891 ◽

Cited By ~ 2

Author(s):

Ximing Li ◽

Jiaojiao Zhang ◽

Jihong Ouyang

Keyword(s):

Topic Model ◽

Topic Models ◽

Manifold Regularization ◽

Neighborhood Structure ◽

Short Text ◽

Semantic Level ◽

Clustering And Classification ◽

Significant Performance ◽

Sparsity Problem ◽

Performance Gains

Conventional topic models suffer from a severe sparsity problem when facing extremely short texts such as social media posts. The family of Dirichlet multinomial mixture (DMM) can handle the sparsity problem, however, they are still very sensitive to ordinary and noisy words, resulting in inaccurate topic representations at the document level. In this paper, we alleviate this problem by preserving local neighborhood structure of short texts, enabling to spread topical signals among neighboring documents, so as to correct the inaccurate topic representations. This is achieved by using variational manifold regularization, constraining the close short texts should have similar variational topic representations. Upon this idea, we propose a novel Laplacian DMM (LapDMM) topic model. During the document graph construction, we further use the word mover’s distance with word embeddings to measure document similarities at the semantic level. To evaluate LapDMM, we compare it against the state-of-theart short text topic models on several traditional tasks. Experimental results demonstrate that our LapDMM achieves very significant performance gains over baseline models, e.g., achieving even about 0.2 higher scores on clustering and classification tasks in many cases.

Download Full-text

Multi-Component Graph Convolutional Collaborative Filtering

Proceedings of the AAAI Conference on Artificial Intelligence ◽

10.1609/aaai.v34i04.6094 ◽

2020 ◽

Vol 34 (04) ◽

pp. 6267-6274

Author(s):

Xiao Wang ◽

Ruijia Wang ◽

Chuan Shi ◽

Guojie Song ◽

Qingyong Li

Keyword(s):

Collaborative Filtering ◽

Research Effort ◽

User Preference ◽

Cost Performance ◽

Fine Grained ◽

Multiple Components ◽

Significant Performance ◽

Performance Gains ◽

Latent Components ◽

Component Graph

The interactions of users and items in recommender system could be naturally modeled as a user-item bipartite graph. In recent years, we have witnessed an emerging research effort in exploring user-item graph for collaborative filtering methods. Nevertheless, the formation of user-item interactions typically arises from highly complex latent purchasing motivations, such as high cost performance or eye-catching appearance, which are indistinguishably represented by the edges. The existing approaches still remain the differences between various purchasing motivations unexplored, rendering the inability to capture fine-grained user preference. Therefore, in this paper we propose a novel Multi-Component graph convolutional Collaborative Filtering (MCCF) approach to distinguish the latent purchasing motivations underneath the observed explicit user-item interactions. Specifically, there are two elaborately designed modules, decomposer and combiner, inside MCCF. The former first decomposes the edges in user-item graph to identify the latent components that may cause the purchasing relationship; the latter then recombines these latent components automatically to obtain unified embeddings for prediction. Furthermore, the sparse regularizer and weighted random sample strategy are utilized to alleviate the overfitting problem and accelerate the optimization. Empirical results on three real datasets and a synthetic dataset not only show the significant performance gains of MCCF, but also well demonstrate the necessity of considering multiple components.

Download Full-text

Towards Using Cloud Elasticity on the Internet of Things Landscape

Big Data and Cloud Innovation ◽

10.18063/bdci.v3i1.835 ◽

2019 ◽

Vol 3 (1) ◽

Author(s):

Rodrigo Da Rosa Righi ◽

Márcio Miguel Gomes ◽

Cristiano Andrá Da Costa ◽

Helge Parzyjegla ◽

Hans-Ulrich Heiss

Keyword(s):

Internet Of Things ◽

Radio Frequency Identification ◽

High Performance ◽

Virtual Machines ◽

The Internet ◽

Data Volume ◽

Significant Performance ◽

Cloud Elasticity ◽

Performance Gains ◽

The Internet Of Things

The digital universe is growing at significant rates in recent years. One of the main responsible for this sentence is the Internet of Things, or IoT, which requires a middleware that should be capable to handle this increase of data volume at real-time. Particularly, data can arrive in the middleware in parallel as in terms of input data from Radio-Frequency Identification (RFID) readers as request-reply query operations from the users side. Solutions modeled at software, hardware and/or architecture levels present limitations to handle such load, facing the problem of scalability in the IoT scope. In this context, this arti- cle presents a model denoted Eliot - Elasticity-driven Internet of Things - which combines both cloud and high performance computing to address the IoT scal- ability problem in a novel EPCglobal-compliant architecture. Particularly, we keep the same API but offer an elastic EPCIS component in the cloud, which is designed as a collection of virtual machines (VMs) that are allocated and deallocated on-the-fly in accordance with the system load. Based on the Eliot model, we developed a prototype that could run over any black-box EPCglobal- compliant middleware. We selected the Fosstrak for this role, which is currently one of the most used IoT middlewares. Thus, the prototype acts as an upper layer over the Fosstrak to offer a better throughput and latency performances in an effortless way. The results are encouraging, presenting significant performance gains in terms of response time and request throughput when comparing both elastic (Eliot) and non-elastic (standard Fosstrak) executions.

Download Full-text

Intrusion Detection Based on Self-Organizing Map and Artificial Immunisation Algorithm

Key Engineering Materials ◽

10.4028/www.scientific.net/kem.439-440.29 ◽

2010 ◽

Vol 439-440 ◽

pp. 29-34 ◽

Cited By ~ 1

Author(s):

Zhen Guo Chen ◽

Guang Hua Zhang ◽

Li Qin Tian ◽

Zi Lin Geng

Keyword(s):

Intrusion Detection ◽

Computer Security ◽

Real World ◽

User Behavior ◽

Experimental Result ◽

System Call ◽

Self Organizing Map ◽

System Calls ◽

Real World Datasets ◽

Self Organizing

The rate of false positives which caused by the variability of environment and user behavior limits the applications of intrusion detecting system in real world. Intrusion detection is an important technique in the defense-in-depth network security framework and a hot topic in computer security in recent years. To solve the intrusion detection question, we introduce the self-organizing map and artificial immunisation algorithm into intrusion detection. In this paper, we give an method of rule extraction based on self-organizing map and artificial immunisation algorithm and used in intrusion detection. After illustrating our model with a representative dataset and applying it to the real-world datasets MIT lpr system calls. The experimental result shown that We propose an idea of learning different representations for system call arguments. Results indicate that this information can be effectively used for detecting more attacks with reasonable space and time overhead. So our experiment is feasible and effective that using in intrusion detection.

Download Full-text

Mal-Netminer: Malware Classification Approach Based on Social Network Analysis of System Call Graph

Mathematical Problems in Engineering ◽

10.1155/2015/769624 ◽

2015 ◽

Vol 2015 ◽

pp. 1-20 ◽

Cited By ~ 5

Author(s):

Jae-wook Jang ◽

Jiyoung Woo ◽

Aziz Mohaisen ◽

Jaesung Yun ◽

Huy Kang Kim

Keyword(s):

Social Network ◽

Social Network Analysis ◽

Network Analysis ◽

Clustering Coefficient ◽

Component Ratio ◽

System Call ◽

Degree Centrality ◽

Call Graph ◽

System Calls ◽

Graph Metrics

As the security landscape evolves over time, where thousands of species of malicious codes are seen every day, antivirus vendors strive to detect and classify malware families for efficient and effective responses against malware campaigns. To enrich this effort and by capitalizing on ideas from the social network analysis domain, we build a tool that can help classify malware families using features driven from the graph structure of their system calls. To achieve that, we first construct a system call graph that consists of system calls found in the execution of the individual malware families. To explore distinguishing features of various malware species, we study social network properties as applied to the call graph, including the degree distribution, degree centrality, average distance, clustering coefficient, network density, and component ratio. We utilize features driven from those properties to build a classifier for malware families. Our experimental results show that “influence-based” graph metrics such as the degree centrality are effective for classifying malware, whereas the general structural metrics of malware are less effective for classifying malware. Our experiments demonstrate that the proposed system performs well in detecting and classifying malware families within each malware class with accuracy greater than 96%.

Download Full-text