Journal of Systems Architecture最新文献_第2页

The rCOS framework for multi-dimensional separation of concerns in model-driven engineering 模型驱动工程中多维关注点分离的 rCOS 框架

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2024-10-06 DOI: 10.1016/j.sysarc.2024.103287

Bo Liu , Shmuel Tyszberowicz , Zhiming Liu

The software industry increasingly turns to Model-Driven Engineering (MDE) to mitigate complexity by automating model creation and transformation. Many organisations are pursuing Integrated Development Platforms (IDPs) to enhance automation in their software development processes within MDE. However, the adoption of MDE and engagement with IDPs remain limited due to concerns over their efficacy. We address these challenges in this review paper by introducing a framework for the formal refinement of component and object systems (rCOS). It provides: (1) a formal theory that consists of a modelling language (named OPL) with a calculus of refinement for object-oriented models and component models; (2) a suite of analysis and design techniques that facilitate abstractions and decompositions, leading to a multidimensional separation of concerns; and (3) an IDP (named rCOS Modeller) that supports modelling, design and verification from requirements elicitation through to coding. By advocating for an rCOS-enabled multidimensional approach to separating concerns, this paper offers a comprehensive solution to the challenges facing MDE and IDPs, paving the way for their successful implementation in practice. By delineating the emerging challenges and prospects associated with integrating formal methods for modelling and designing human-cyber–physical systems (HCPS), we show the potential of extending rCOS for MDE in HCPS.

软件行业越来越多地采用模型驱动工程（MDE），通过自动创建和转换模型来降低复杂性。许多组织都在采用集成开发平台（IDP）来提高 MDE 中软件开发流程的自动化程度。然而，由于人们对集成开发平台的功效存在疑虑，因此 MDE 的采用率和参与度仍然有限。在这篇综述论文中，我们通过引入组件和对象系统（rCOS）的正式完善框架来应对这些挑战。该框架提供了：(1) 一种由建模语言（名为 OPL）和面向对象模型和组件模型的精炼微积分组成的形式理论；(2) 一套便于抽象和分解的分析和设计技术，从而实现多维度的关注点分离；(3) 一种 IDP（名为 rCOS Modeller），支持从需求激发到编码的建模、设计和验证。通过倡导采用 rCOS 支持的多维方法来分离关注点，本文为 MDE 和 IDP 所面临的挑战提供了全面的解决方案，为它们在实践中的成功实施铺平了道路。通过描述与集成形式化方法来建模和设计人-网络-物理系统（HCPS）相关的新出现的挑战和前景，我们展示了在 HCPS 中扩展 rCOS 进行 MDE 的潜力。

{"title":"The rCOS framework for multi-dimensional separation of concerns in model-driven engineering","authors":"Bo Liu , Shmuel Tyszberowicz , Zhiming Liu","doi":"10.1016/j.sysarc.2024.103287","DOIUrl":"10.1016/j.sysarc.2024.103287","url":null,"abstract":"<div><div>The software industry increasingly turns to Model-Driven Engineering (MDE) to mitigate complexity by automating model creation and transformation. Many organisations are pursuing Integrated Development Platforms (IDPs) to enhance automation in their software development processes within MDE. However, the adoption of MDE and engagement with IDPs remain limited due to concerns over their efficacy. We address these challenges in this review paper by introducing a framework for the formal refinement of component and object systems (rCOS). It provides: (1) a formal theory that consists of a modelling language (named <em>OPL</em>) with a calculus of refinement for object-oriented models and component models; (2) a suite of analysis and design techniques that facilitate abstractions and decompositions, leading to a multidimensional separation of concerns; and (3) an IDP (named <em>rCOS Modeller</em>) that supports modelling, design and verification from requirements elicitation through to coding. By advocating for an rCOS-enabled multidimensional approach to separating concerns, this paper offers a comprehensive solution to the challenges facing MDE and IDPs, paving the way for their successful implementation in practice. By delineating the emerging challenges and prospects associated with integrating formal methods for modelling and designing human-cyber–physical systems (HCPS), we show the potential of extending rCOS for MDE in HCPS.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"156 ","pages":"Article 103287"},"PeriodicalIF":3.7,"publicationDate":"2024-10-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142418576","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

On the degree of parallelism for parallel real-time tasks 关于并行实时任务的并行程度

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2024-10-05 DOI: 10.1016/j.sysarc.2024.103286

Qingqiang He , Nan Guan , Zhe Jiang , Mingsong Lv

The degree of parallelism, which measures how a task can execute concurrently, is an important characterization in scheduling. This paper studies the degree of parallelism in the domain of real-time scheduling of parallel tasks, including the DAG task model and the conditional DAG task model. The definition of the degree of parallelism for DAG tasks is clarified; the definition and computing algorithm of the degree of parallelism for conditional DAG tasks are proposed. By leveraging the degree of parallelism, new response time bounds are derived and simple but effective real-time scheduling approaches are presented. This research is the first work to study the degree of parallelism for conditional DAG tasks and explore its benefits in real-time scheduling. Experimental results demonstrate that the proposed scheduling approaches significantly outperform existing state-of-the-art methods.

并行度衡量任务如何并发执行，是调度中的一个重要特征。本文研究了并行任务实时调度领域的并行度，包括 DAG 任务模型和条件 DAG 任务模型。明确了 DAG 任务并行度的定义；提出了条件 DAG 任务并行度的定义和计算算法。通过利用并行度，得出了新的响应时间界限，并提出了简单而有效的实时调度方法。这项研究首次研究了条件 DAG 任务的并行度，并探索了其在实时调度中的优势。实验结果表明，所提出的调度方法明显优于现有的最先进方法。

引用次数: 0

BIDS: An efficient Intrusion Detection System for in-vehicle networks using a two-stage Binarised Neural Network on low-cost FPGA BIDS：在低成本 FPGA 上使用两级二值化神经网络的高效车载网络入侵检测系统

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2024-10-05 DOI: 10.1016/j.sysarc.2024.103285

Auangkun Rangsikunpum, Sam Amiri, Luciano Ost

Automotive networks are crucial for ensuring safety as the number of Electronic Control Units (ECUs) grows to support vehicle intelligence. The Controller Area Network (CAN) is commonly used for efficient in-vehicle communication among ECUs. However, its broadcast nature and lack of a dedicated security layer make it vulnerable to attacks. This paper proposes a novel CAN bus Intrusion Detection System (IDS), named BNN-based IDS (BIDS), which efficiently provides both unknown attack detection and known attack classification using a hierarchical two-stage Binarised Neural Network (BNN) and Generative Adversarial Network (GAN). BIDS was validated on three datasets, and its implementation achieves an average inference time of less than 0.170 ms with minimal resource utilisation on a low-cost Field Programmable Gate Array (FPGA). This rapid inference speed enables real-time inference on individual CAN messages using a sliding window technique, eliminating the need to wait for multiple accumulated CAN messages required for data preprocessing. Evaluation metrics demonstrate that our IDS achieves high accuracy in both identifying unseen attacks and categorising known attacks. Furthermore, our FPGA implementation consumes merely 2.09 W, which is a 57% reduction compared to a cutting-edge FPGA-based IDS that is capable of detecting unknown attacks using the same dataset.

随着支持汽车智能化的电子控制单元（ECU）数量不断增加，汽车网络对于确保安全至关重要。控制器区域网络（CAN）通常用于 ECU 之间的高效车内通信。然而，其广播性质和专用安全层的缺乏使其容易受到攻击。本文提出了一种新颖的 CAN 总线入侵检测系统（IDS），名为基于 BNN 的 IDS（BIDS），它利用分层的两级二值化神经网络（BNN）和生成对抗网络（GAN），有效地提供未知攻击检测和已知攻击分类。BIDS 在三个数据集上进行了验证，其实现在低成本现场可编程门阵列 (FPGA) 上以最小的资源利用率实现了小于 0.170 毫秒的平均推理时间。这种快速的推理速度可利用滑动窗口技术对单个 CAN 报文进行实时推理，无需等待数据预处理所需的多个累积 CAN 报文。评估指标表明，我们的 IDS 在识别未见攻击和对已知攻击进行分类方面都达到了很高的准确率。此外，我们的 FPGA 实现仅消耗 2.09 W，与基于 FPGA 的尖端 IDS 相比降低了 57%，后者能够使用相同的数据集检测未知攻击。

{"title":"BIDS: An efficient Intrusion Detection System for in-vehicle networks using a two-stage Binarised Neural Network on low-cost FPGA","authors":"Auangkun Rangsikunpum, Sam Amiri, Luciano Ost","doi":"10.1016/j.sysarc.2024.103285","DOIUrl":"10.1016/j.sysarc.2024.103285","url":null,"abstract":"<div><div>Automotive networks are crucial for ensuring safety as the number of Electronic Control Units (ECUs) grows to support vehicle intelligence. The Controller Area Network (CAN) is commonly used for efficient in-vehicle communication among ECUs. However, its broadcast nature and lack of a dedicated security layer make it vulnerable to attacks. This paper proposes a novel CAN bus Intrusion Detection System (IDS), named BNN-based IDS (BIDS), which efficiently provides both unknown attack detection and known attack classification using a hierarchical two-stage Binarised Neural Network (BNN) and Generative Adversarial Network (GAN). BIDS was validated on three datasets, and its implementation achieves an average inference time of less than 0.170 ms with minimal resource utilisation on a low-cost Field Programmable Gate Array (FPGA). This rapid inference speed enables real-time inference on individual CAN messages using a sliding window technique, eliminating the need to wait for multiple accumulated CAN messages required for data preprocessing. Evaluation metrics demonstrate that our IDS achieves high accuracy in both identifying unseen attacks and categorising known attacks. Furthermore, our FPGA implementation consumes merely 2.09 W, which is a 57% reduction compared to a cutting-edge FPGA-based IDS that is capable of detecting unknown attacks using the same dataset.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"156 ","pages":"Article 103285"},"PeriodicalIF":3.7,"publicationDate":"2024-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142418578","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

SAR: Sharpness-Aware minimization for enhancing DNNs’ Robustness against bit-flip errors SAR：锐度感知最小化，增强 DNN 对比特翻转错误的鲁棒性

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2024-10-02 DOI: 10.1016/j.sysarc.2024.103284

Changbao Zhou , Jiawei Du , Ming Yan , Hengshan Yue , Xiaohui Wei , Joey Tianyi Zhou

As Deep Neural Networks (DNNs) are increasingly deployed in safety-critical scenarios, there is a growing need to address bit-flip errors occurring in hardware, such as memory. These errors can lead to changes in DNN weights, potentially degrading the performance of deployed models and causing catastrophic consequences. Existing methods improve DNNs’ fault tolerance or robustness by modifying network size, structure, or inference and training processes. Unfortunately, these methods often enhance robustness at the expense of clean accuracy and introduce additional overhead during inference. To address these issues, we propose Sharpness-Aware Minimization for enhancing DNNs’ Robustness against bit-flip errors (SAR), which aims to leverage the intrinsic robustness of DNNs. We begin with a comprehensive investigation of DNNs under bit-flip errors, yielding insightful observations regarding the intensity and occurrence of such errors. Based on these insights, we identify that Sharpness-Aware Minimization (SAM) has the potential to enhance DNN robustness. We further analyze this potential through the relationship between SAM formulation and our observations, building a robustness-enhancing framework based on SAM. Experimental validation across various models and datasets demonstrates that SAR can effectively improve DNN robustness against bit-flip errors without sacrificing clean accuracy or introducing additional inference costs, making it a “double-win” method compared to existing approaches.

随着深度神经网络（DNN）越来越多地部署在安全关键型场景中，解决内存等硬件中发生的位翻转错误的需求日益增长。这些错误会导致 DNN 权重发生变化，从而可能降低已部署模型的性能并造成灾难性后果。现有方法通过修改网络规模、结构或推理和训练过程来提高 DNN 的容错性或鲁棒性。遗憾的是，这些方法在提高鲁棒性的同时，往往会以牺牲准确性为代价，并在推理过程中引入额外的开销。为了解决这些问题，我们提出了 "锐度感知最小化"（Sharpness-Aware Minimization）方法来增强 DNN 对比特翻转错误的鲁棒性（SAR），旨在利用 DNN 固有的鲁棒性。我们首先对比特翻转错误下的 DNN 进行了全面研究，并对此类错误的强度和发生率进行了深入观察。基于这些洞察力，我们发现锐度感知最小化（SAM）具有增强 DNN 鲁棒性的潜力。我们通过 SAM 表述与观察结果之间的关系进一步分析了这一潜力，并基于 SAM 构建了一个鲁棒性增强框架。在各种模型和数据集上的实验验证表明，SAR 可以有效提高 DNN 对比特翻转错误的鲁棒性，而不会牺牲清零精度或引入额外的推理成本，与现有方法相比是一种 "双赢 "方法。

{"title":"SAR: Sharpness-Aware minimization for enhancing DNNs’ Robustness against bit-flip errors","authors":"Changbao Zhou , Jiawei Du , Ming Yan , Hengshan Yue , Xiaohui Wei , Joey Tianyi Zhou","doi":"10.1016/j.sysarc.2024.103284","DOIUrl":"10.1016/j.sysarc.2024.103284","url":null,"abstract":"<div><div>As Deep Neural Networks (DNNs) are increasingly deployed in safety-critical scenarios, there is a growing need to address bit-flip errors occurring in hardware, such as memory. These errors can lead to changes in DNN weights, potentially degrading the performance of deployed models and causing catastrophic consequences. Existing methods improve DNNs’ fault tolerance or robustness by modifying network size, structure, or inference and training processes. Unfortunately, these methods often enhance robustness at the expense of clean accuracy and introduce additional overhead during inference. To address these issues, we propose <strong><u>S</u>harpness-<u>A</u>ware Minimization for enhancing DNNs’ <u>R</u>obustness against bit-flip errors</strong> (<strong>SAR</strong>), which aims to leverage the intrinsic robustness of DNNs. We begin with a comprehensive investigation of DNNs under bit-flip errors, yielding insightful observations regarding the intensity and occurrence of such errors. Based on these insights, we identify that Sharpness-Aware Minimization (SAM) has the potential to enhance DNN robustness. We further analyze this potential through the relationship between SAM formulation and our observations, building a robustness-enhancing framework based on SAM. Experimental validation across various models and datasets demonstrates that SAR can effectively improve DNN robustness against bit-flip errors without sacrificing clean accuracy or introducing additional inference costs, making it a “double-win” method compared to existing approaches.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"156 ","pages":"Article 103284"},"PeriodicalIF":3.7,"publicationDate":"2024-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142418579","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A convolutional autoencoder architecture for robust network intrusion detection in embedded systems 用于嵌入式系统稳健网络入侵检测的卷积自动编码器架构

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2024-09-28 DOI: 10.1016/j.sysarc.2024.103283

Niccolò Borgioli , Federico Aromolo , Linh Thi Xuan Phan , Giorgio Buttazzo

Security threats are becoming an increasingly relevant concern in cyber–physical systems. Cyber attacks on these systems are not only common today but also increasingly sophisticated and constantly evolving. One way to secure the system against such threats is by using intrusion detection systems (IDSs) to detect suspicious or abnormal activities characteristic of potential attacks. State-of-the-art IDSs exploit both signature-based and anomaly-based strategies to detect network threats. However, existing solutions mainly focus on the analysis of statically defined features of the traffic flow, making them potentially less effective against new attacks that cannot be properly captured by analyzing such features. This paper presents an anomaly-based IDS approach that leverages unsupervised neural models to learn the expected network traffic, enabling the detection of unknown novel attacks (as well as previously-known ones). The proposed solution uses an autoencoder to reconstruct the received packets and detect malicious packets based on the reconstruction error. A careful optimization of the model architecture allowed improving detection accuracy while reducing detection time. The proposed solution has been implemented on a real embedded platform, showing that it can support modern high-performance communication interfaces, while significantly outperforming existing approaches in both detection accuracy, inference time, generalization capability, and robustness to poisoning (which is commonly ignored by state-of-the-art IDSs). Finally, a novel mechanism has been developed to explain the detection performed by the proposed IDS through an analysis of the reconstruction error.

在网络物理系统中，安全威胁正成为一个日益重要的问题。如今，对这些系统的网络攻击不仅常见，而且日益复杂和不断演变。确保系统免受此类威胁的一种方法是使用入侵检测系统（IDS）来检测潜在攻击的可疑或异常活动。最先进的 IDS 采用基于签名和异常的策略来检测网络威胁。然而，现有的解决方案主要侧重于分析静态定义的流量特征，这使得它们在应对无法通过分析此类特征正确捕获的新攻击时可能效果不佳。本文提出了一种基于异常的 IDS 方法，该方法利用无监督神经模型来学习预期的网络流量，从而能够检测未知的新型攻击（以及以前已知的攻击）。所提出的解决方案使用自动编码器重构接收到的数据包，并根据重构误差检测恶意数据包。对模型架构的精心优化提高了检测精度，同时缩短了检测时间。所提出的解决方案已在一个真实的嵌入式平台上实现，表明它可以支持现代高性能通信接口，同时在检测精度、推理时间、泛化能力和对中毒的鲁棒性（这通常被最先进的 IDS 所忽视）方面都明显优于现有方法。最后，通过对重构误差的分析，开发了一种新的机制来解释所提出的 IDS 所进行的检测。

{"title":"A convolutional autoencoder architecture for robust network intrusion detection in embedded systems","authors":"Niccolò Borgioli , Federico Aromolo , Linh Thi Xuan Phan , Giorgio Buttazzo","doi":"10.1016/j.sysarc.2024.103283","DOIUrl":"10.1016/j.sysarc.2024.103283","url":null,"abstract":"<div><div>Security threats are becoming an increasingly relevant concern in cyber–physical systems. Cyber attacks on these systems are not only common today but also increasingly sophisticated and constantly evolving. One way to secure the system against such threats is by using intrusion detection systems (IDSs) to detect suspicious or abnormal activities characteristic of potential attacks. State-of-the-art IDSs exploit both signature-based and anomaly-based strategies to detect network threats. However, existing solutions mainly focus on the analysis of statically defined features of the traffic flow, making them potentially less effective against new attacks that cannot be properly captured by analyzing such features. This paper presents an anomaly-based IDS approach that leverages unsupervised neural models to learn the expected network traffic, enabling the detection of unknown novel attacks (as well as previously-known ones). The proposed solution uses an autoencoder to reconstruct the received packets and detect malicious packets based on the reconstruction error. A careful optimization of the model architecture allowed improving detection accuracy while reducing detection time. The proposed solution has been implemented on a real embedded platform, showing that it can support modern high-performance communication interfaces, while significantly outperforming existing approaches in both detection accuracy, inference time, generalization capability, and robustness to poisoning (which is commonly ignored by state-of-the-art IDSs). Finally, a novel mechanism has been developed to explain the detection performed by the proposed IDS through an analysis of the reconstruction error.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"156 ","pages":"Article 103283"},"PeriodicalIF":3.7,"publicationDate":"2024-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142418575","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A survey on unmanned aerial systems cybersecurity 无人驾驶航空系统网络安全调查

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2024-09-26 DOI: 10.1016/j.sysarc.2024.103282

Ning Bai , Xiaoya Hu , Shouyue Wang

Unmanned aerial systems (UASs) have recently seen widespread use in both military and civilian applications due to their flexibility and versatility. As embedded systems integrating communications, computing and control, UASs are vulnerable due to the generic components and communication protocols they adopt, resulting in numerous cybersecurity threats. This paper provides a comprehensive review of UAS cybersecurity, focusing on its characteristics and challenges. First, the architecture and communication mechanisms of UASs are analyzed. Then, by comparing UAS with industrial control system (ICS) architectures, the security characteristics and challenges specific to UASs are identified. After that, vulnerabilities, threats, and representative research progress in attack and defense techniques are summarized. Additionally, security challenges are categorized across the full life cycle of UASs to develop threat assessment methods and comprehensive protection strategies. Finally, the current status and future prospects of research on UAS cybersecurity are summarized.

无人机系统（UAS）凭借其灵活性和多功能性，近来在军事和民用领域得到广泛应用。作为集通信、计算和控制于一体的嵌入式系统，无人机系统因其采用的通用组件和通信协议而容易受到攻击，从而导致众多网络安全威胁。本文针对无人机系统的特点和挑战，对无人机系统的网络安全进行了全面评述。首先，分析了无人机系统的架构和通信机制。然后，通过比较无人机系统与工业控制系统（ICS）架构，确定了无人机系统特有的安全特征和挑战。之后，总结了漏洞、威胁以及攻击和防御技术方面的代表性研究进展。此外，还对无人机系统整个生命周期的安全挑战进行了分类，以制定威胁评估方法和综合保护策略。最后，总结了无人机系统网络安全研究的现状和未来前景。

引用次数: 0

Cloud security in the age of adaptive adversaries: A game theoretic approach to hypervisor-based intrusion detection 自适应对手时代的云安全：基于管理程序的入侵检测博弈论方法

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2024-09-23 DOI: 10.1016/j.sysarc.2024.103281

Sadia , Ahsan Saadat , Yasir Faheem , Zainab Abaid , Muhammad Moazam Fraz

Recent advancements in cloud computing have underscored the critical need for robust security mechanisms to counter evolving cyber-threats. Traditional security solutions such as Intrusion Detection Systems (IDSs) often fall short due to their inability to anticipate the strategies of adaptive cyber adversaries. Game theory is considered a popular analytical tool for understanding the strategic interactions between defenders and adversaries, providing a more informed decision-making process. However, existing game-theoretic IDSs often employ non-comprehensive utility functions with limited parameters that fail to capture the complexity of real-world dynamics. This paper introduces a novel Game-Theoretic Hypervisor-based IDS (GHyIDS), which employs comprehensive utility functions and an innovative belief update model to enhance detection accuracy and adaptability in dynamic cloud environments. To overcome the limitations of existing models, we design comprehensive utility functions by incorporating a wider range of real-world parameters, such as trust score, risk, vulnerability, damage severity, worth of the VM, means, opportunities, and access available to the attacker, as well as success rates of attack detection and execution. We propose a Resource-Aware Static Intrusion Detection Bayesian Game (S-IDBG) and extend it into a Dynamic Multi-Stage IDBG (D-IDBG), enabling the system to dynamically adapt to changes in attack patterns and system vulnerabilities. The belief update model is pivotal in continuously refining the system’s strategies based on observed behaviors and outcomes, allowing for precise adjustments to the evolving threats. Our experimental results show a significant improvement over existing models, with our approach achieving approximately 10% increase in detection rate, 20% reduction in false positive rate and 10% reduction in false negative rate in comparative analysis against state-of-the-art models namely, the trust-based Maxmin game and the repeated Bayesian Stackelberg game.

云计算领域的最新进展凸显了对强大安全机制的迫切需要，以应对不断演变的网络威胁。入侵检测系统（IDS）等传统安全解决方案往往因无法预测适应性网络对手的策略而无法发挥作用。博弈论被认为是理解防御者和对手之间战略互动的常用分析工具，可提供更明智的决策过程。然而，现有的博弈论 IDS 通常采用参数有限的非全面效用函数，无法捕捉现实世界动态的复杂性。本文介绍了一种新颖的基于管理程序的博弈论 IDS（GHyIDS），它采用了全面的效用函数和创新的信念更新模型，以提高动态云环境中的检测准确性和适应性。为了克服现有模型的局限性，我们设计了综合效用函数，纳入了更广泛的真实世界参数，如信任分值、风险、脆弱性、破坏严重性、虚拟机价值、攻击者可用的手段、机会和访问，以及攻击检测和执行的成功率。我们提出了资源感知静态入侵检测贝叶斯博弈（S-IDBG），并将其扩展为动态多阶段 IDBG（D-IDBG），使系统能够动态适应攻击模式和系统漏洞的变化。信念更新模型在根据观察到的行为和结果不断完善系统策略方面起着关键作用，可针对不断演变的威胁进行精确调整。我们的实验结果表明，与现有模型相比，我们的方法有了显著的改进，在与基于信任的最大值博弈和重复贝叶斯斯塔克尔伯格博弈等最先进模型的比较分析中，我们的方法提高了约 10%的检测率，降低了 20%的误报率，并减少了 10%的误报率。

{"title":"Cloud security in the age of adaptive adversaries: A game theoretic approach to hypervisor-based intrusion detection","authors":"Sadia , Ahsan Saadat , Yasir Faheem , Zainab Abaid , Muhammad Moazam Fraz","doi":"10.1016/j.sysarc.2024.103281","DOIUrl":"10.1016/j.sysarc.2024.103281","url":null,"abstract":"<div><div>Recent advancements in cloud computing have underscored the critical need for robust security mechanisms to counter evolving cyber-threats. Traditional security solutions such as Intrusion Detection Systems (IDSs) often fall short due to their inability to anticipate the strategies of adaptive cyber adversaries. Game theory is considered a popular analytical tool for understanding the strategic interactions between defenders and adversaries, providing a more informed decision-making process. However, existing game-theoretic IDSs often employ non-comprehensive utility functions with limited parameters that fail to capture the complexity of real-world dynamics. This paper introduces a novel Game-Theoretic Hypervisor-based IDS (GHyIDS), which employs comprehensive utility functions and an innovative belief update model to enhance detection accuracy and adaptability in dynamic cloud environments. To overcome the limitations of existing models, we design comprehensive utility functions by incorporating a wider range of real-world parameters, such as trust score, risk, vulnerability, damage severity, worth of the VM, means, opportunities, and access available to the attacker, as well as success rates of attack detection and execution. We propose a Resource-Aware Static Intrusion Detection Bayesian Game (S-IDBG) and extend it into a Dynamic Multi-Stage IDBG (D-IDBG), enabling the system to dynamically adapt to changes in attack patterns and system vulnerabilities. The belief update model is pivotal in continuously refining the system’s strategies based on observed behaviors and outcomes, allowing for precise adjustments to the evolving threats. Our experimental results show a significant improvement over existing models, with our approach achieving approximately 10% increase in detection rate, 20% reduction in false positive rate and 10% reduction in false negative rate in comparative analysis against state-of-the-art models namely, the trust-based Maxmin game and the repeated Bayesian Stackelberg game.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"156 ","pages":"Article 103281"},"PeriodicalIF":3.7,"publicationDate":"2024-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142323673","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

VCSA: Verifiable and collusion-resistant secure aggregation for federated learning using symmetric homomorphic encryption VCSA：使用对称同态加密为联合学习提供可验证、抗串通的安全聚合

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2024-09-18 DOI: 10.1016/j.sysarc.2024.103279

Yang Ming , Shan Wang , Chenhao Wang , Hang Liu , Yutong Deng , Yi Zhao , Jie Feng

As a novel distributed learning framework for protecting personal data privacy, federated learning, (FL) has attained widespread attention through sharing gradients among users without collecting their data. However, an untrusted cloud server may infer users’ individual information from gradients and global model. In addition, it may even forge incorrect aggregated results to save resources. To deal with these issues, despite that the existing works can protect local model privacy and achieve verifiability of aggregated results, they are defective in protecting global model privacy, guaranteeing verifiability if collusion attacks occur, and suffer from high computation cost. To further tackle the above challenges, a verifiable and collusion-resistant secure aggregation scheme for FL is proposed, named VCSA. Concretely, we combine symmetric homomorphic encryption with single masking to protect model privacy. Meanwhile, we adopt verifiable multi-secret sharing and generalized Pedersen commitment to achieve verifiability and prevent users from uploading incorrect shares. Furthermore, high model accuracy can be ensured even if some users go offline. Security analysis illustrates that our VCSA enhances the security of FL, realizes verifiability despite collusion attacks and robustness to dropout. Performance evaluation displays that our VCSA can reduce at least 28.27% and 79.15% regarding computation cost compared to existing schemes.

作为一种保护个人数据隐私的新型分布式学习框架，联合学习（FL）通过在不收集用户数据的情况下在用户之间共享梯度信息而获得了广泛关注。然而，不受信任的云服务器可能会从梯度和全局模型中推断出用户的个人信息。此外，它甚至可能为了节省资源而伪造不正确的汇总结果。针对这些问题，尽管现有的研究成果可以保护局部模型隐私并实现聚合结果的可验证性，但它们在保护全局模型隐私、保证发生串通攻击时的可验证性方面存在缺陷，并且存在计算成本高的问题。为了进一步解决上述难题，我们提出了一种可验证且防串通的 FL 安全聚合方案，命名为 VCSA。具体来说，我们将对称同态加密与单一掩码相结合，以保护模型隐私。同时，我们采用可验证的多机密共享和广义 Pedersen 承诺来实现可验证性，防止用户上传错误的共享。此外，即使部分用户离线，也能确保较高的模型准确性。安全性分析表明，我们的 VCSA 增强了 FL 的安全性，即使受到串通攻击也能实现可验证性，并且对掉线具有鲁棒性。性能评估显示，与现有方案相比，我们的 VCSA 至少能减少 28.27% 和 79.15% 的计算成本。

{"title":"VCSA: Verifiable and collusion-resistant secure aggregation for federated learning using symmetric homomorphic encryption","authors":"Yang Ming , Shan Wang , Chenhao Wang , Hang Liu , Yutong Deng , Yi Zhao , Jie Feng","doi":"10.1016/j.sysarc.2024.103279","DOIUrl":"10.1016/j.sysarc.2024.103279","url":null,"abstract":"<div><div>As a novel distributed learning framework for protecting personal data privacy, federated learning, (FL) has attained widespread attention through sharing gradients among users without collecting their data. However, an untrusted cloud server may infer users’ individual information from gradients and global model. In addition, it may even forge incorrect aggregated results to save resources. To deal with these issues, despite that the existing works can protect local model privacy and achieve verifiability of aggregated results, they are defective in protecting global model privacy, guaranteeing verifiability if collusion attacks occur, and suffer from high computation cost. To further tackle the above challenges, a verifiable and collusion-resistant secure aggregation scheme for FL is proposed, named VCSA. Concretely, we combine symmetric homomorphic encryption with single masking to protect model privacy. Meanwhile, we adopt verifiable multi-secret sharing and generalized Pedersen commitment to achieve verifiability and prevent users from uploading incorrect shares. Furthermore, high model accuracy can be ensured even if some users go offline. Security analysis illustrates that our VCSA enhances the security of FL, realizes verifiability despite collusion attacks and robustness to dropout. Performance evaluation displays that our VCSA can reduce at least 28.27% and 79.15% regarding computation cost compared to existing schemes.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"156 ","pages":"Article 103279"},"PeriodicalIF":3.7,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142319398","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

DUDS: Diversity-aware unbiased device selection for federated learning on Non-IID and unbalanced data DUDS：在非 IID 和不平衡数据上进行联合学习的多样性感知无偏设备选择

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2024-09-16 DOI: 10.1016/j.sysarc.2024.103280

Xinlei Yu , Zhipeng Gao , Chen Zhao , Yan Qiao , Ze Chai , Zijia Mo , Yang Yang

Federated Learning (FL) is a distributed machine learning approach that preserves privacy by allowing numerous devices to collaboratively train a global model without sharing raw data. However, the frequent exchange of model updates between numerous devices and the central server, and some model updates are similar and redundant, resulting in a waste of communication and computation. Selecting a subset of all devices for FL training can mitigate this issue. Nevertheless, most existing device selection methods are biased, while unbiased methods often perform unstable on Non-Independent Identically Distributed (Non-IID) and unbalanced data. To address this, we propose a stable Diversity-aware Unbiased Device Selection (DUDS) method for FL on Non-IID and unbalanced data. DUDS diversifies the participation probabilities for device sampling in each FL training round, mitigating the randomness of the individual device selection process. By using a leader-based cluster adjustment mechanism to meet unbiased selection constraints, DUDS achieves stable convergence and results close to the optimal, as if all devices participated. Extensive experiments demonstrate the effectiveness of DUDS on Non-IID and unbalanced data scenarios in FL.

联合学习（FL）是一种分布式机器学习方法，它允许众多设备在不共享原始数据的情况下协作训练一个全局模型，从而保护隐私。然而，众多设备与中央服务器之间频繁交换模型更新，而且有些模型更新是相似和多余的，从而造成通信和计算的浪费。从所有设备中选择一个子集进行 FL 训练可以缓解这一问题。然而，现有的大多数设备选择方法都存在偏差，而无偏方法在非独立同分布（Non-IID）和不平衡数据上的表现往往不稳定。为了解决这个问题，我们提出了一种稳定的 "多样性感知无偏设备选择（DUDS）"方法，用于非独立同分布（Non-IID）和不平衡数据上的 FL。DUDS 分散了每轮 FL 培训中设备采样的参与概率，减轻了单个设备选择过程的随机性。通过使用基于领导者的集群调整机制来满足无偏选择约束，DUDS 实现了稳定收敛，结果接近最优，就像所有设备都参与了一样。大量实验证明了 DUDS 在 FL 中的非 IID 和不平衡数据场景中的有效性。

{"title":"DUDS: Diversity-aware unbiased device selection for federated learning on Non-IID and unbalanced data","authors":"Xinlei Yu , Zhipeng Gao , Chen Zhao , Yan Qiao , Ze Chai , Zijia Mo , Yang Yang","doi":"10.1016/j.sysarc.2024.103280","DOIUrl":"10.1016/j.sysarc.2024.103280","url":null,"abstract":"<div><p>Federated Learning (FL) is a distributed machine learning approach that preserves privacy by allowing numerous devices to collaboratively train a global model without sharing raw data. However, the frequent exchange of model updates between numerous devices and the central server, and some model updates are similar and redundant, resulting in a waste of communication and computation. Selecting a subset of all devices for FL training can mitigate this issue. Nevertheless, most existing device selection methods are biased, while unbiased methods often perform unstable on Non-Independent Identically Distributed (Non-IID) and unbalanced data. To address this, we propose a stable Diversity-aware Unbiased Device Selection (DUDS) method for FL on Non-IID and unbalanced data. DUDS diversifies the participation probabilities for device sampling in each FL training round, mitigating the randomness of the individual device selection process. By using a leader-based cluster adjustment mechanism to meet unbiased selection constraints, DUDS achieves stable convergence and results close to the optimal, as if all devices participated. Extensive experiments demonstrate the effectiveness of DUDS on Non-IID and unbalanced data scenarios in FL.</p></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"156 ","pages":"Article 103280"},"PeriodicalIF":3.7,"publicationDate":"2024-09-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142272754","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Computation of tight bounds for the worst-case end-to-end delay on Avionics Full-Duplex Switched Ethernet 计算航空电子全双工交换式以太网最坏情况端到端延迟的严格界限

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture

Pub Date : 2024-09-10 DOI: 10.1016/j.sysarc.2024.103278

Zeynep Ayhan Kilinc, Ece Guran Schmidt, Klaus Werner Schmidt

Avionics Full-Duplex Switched Ethernet (AFDX) is a fault-tolerant real-time communication bus for safety–critical applications in aircraft. AFDX configures communication channels, denoted as virtual links (VLs), ensuring bounded message delays through traffic shaping at both end-systems and switches. Effective AFDX network design necessitates computing the worst-case end-to-end delay of time-critical VLs to meet specified message deadlines. This paper presents a new method for calculating tight bounds on the worst-case end-to-end delay for each VL in an AFDX network. We introduce the new notion of an extended uninterrupted transmission interval, which is the prerequisite for computing the worst-case queuing delay at switches. Adding up these queuing delays along the path of each VL between end-systems yields a tight upper bound on the worst-case end-to-end delay. The correctness of our results is formally proved, and comprehensive simulation experiments on different example networks confirm the tightness of our bound. These simulations also demonstrate the superior performance of our method compared to existing approaches that offer more pessimistic as well as optimistic results.

航空电子全双工交换以太网（AFDX）是一种容错实时通信总线，适用于飞机上的安全关键应用。AFDX 配置的通信信道被称为虚拟链路 (VL)，通过在终端系统和交换机上进行流量整形，确保信息延迟受限。有效的 AFDX 网络设计需要计算时间关键型 VL 的最坏端到端延迟，以满足指定的信息截止时间。本文提出了一种新方法，用于计算 AFDX 网络中每个 VL 的最坏端到端延迟的严格界限。我们引入了扩展不间断传输间隔的新概念，这是计算交换机最坏情况下队列延迟的前提条件。将终端系统之间每个 VL 路径上的排队延迟相加，就能得出最坏情况下端到端延迟的严格上限。我们对结果的正确性进行了正式证明，并在不同的示例网络上进行了全面的模拟实验，证实了我们的约束的严密性。这些模拟实验还证明，与提供更悲观和更乐观结果的现有方法相比，我们的方法性能更优越。

{"title":"Computation of tight bounds for the worst-case end-to-end delay on Avionics Full-Duplex Switched Ethernet","authors":"Zeynep Ayhan Kilinc, Ece Guran Schmidt, Klaus Werner Schmidt","doi":"10.1016/j.sysarc.2024.103278","DOIUrl":"10.1016/j.sysarc.2024.103278","url":null,"abstract":"<div><p>Avionics Full-Duplex Switched Ethernet (AFDX) is a fault-tolerant real-time communication bus for safety–critical applications in aircraft. AFDX configures communication channels, denoted as virtual links (VLs), ensuring bounded message delays through traffic shaping at both end-systems and switches. Effective AFDX network design necessitates computing the worst-case end-to-end delay of time-critical VLs to meet specified message deadlines. This paper presents a new method for calculating tight bounds on the worst-case end-to-end delay for each VL in an AFDX network. We introduce the new notion of an extended uninterrupted transmission interval, which is the prerequisite for computing the worst-case queuing delay at switches. Adding up these queuing delays along the path of each VL between end-systems yields a tight upper bound on the worst-case end-to-end delay. The correctness of our results is formally proved, and comprehensive simulation experiments on different example networks confirm the tightness of our bound. These simulations also demonstrate the superior performance of our method compared to existing approaches that offer more pessimistic as well as optimistic results.</p></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"156 ","pages":"Article 103278"},"PeriodicalIF":3.7,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142173417","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0