Computer Standards & Interfaces最新文献

Publicly verifiable random number seeds are widely used in distributed systems and applications, especially in consensus algorithms. The purpose was to distribute the tasks and benefits among the participants fairly. A secure and efficient consensus algorithm is the foundation and guarantee of blockchain. We have been working on more concise, fair, and secure blockchain consensus algorithms. In this paper, we propose a new, more concise, efficient, and publicly verifiable random number seed generation scheme based on the existing secret sharing scheme and one-way function. We combined it with two blockchain consensus algorithms to improve the security and efficiency of the original scheme.

Requirement traceability is a crucial quality factor that highly impacts the software evolution process and maintenance costs. Automated traceability links recovery techniques are required for a reliable and low-cost software development life cycle. Pre-trained language models have shown promising results on many natural language tasks. However, using such pre-trained models for requirement traceability needs large and quality traceability datasets and accurate fine-tuning mechanisms. This paper proposes code augmentation and fine-tuning techniques to prepare the MS-CodeBERT pre-trained language model for various types of requirements traceability prediction including documentation-to-method, issue-to-commit, and issue-to-method links. Three program transformation operations, namely, Rename Variable, Swap Operands, and Swap Statements are designed to generate new quality samples increasing the sample diversity of the traceability datasets. A 2-stage and 3-stage fine-tuning mechanism is proposed to fine-tune the language model for the three types of requirement traceability prediction on provided datasets. Experiments on 14 Java projects demonstrate a 6.2% to 8.5% improvement in the precision, 2.5% to 5.2% improvement in the recall, and 3.8% to 7.3% improvement in the F1 score of the traceability prediction models compared to the best results from the state-of-the-art methods.

Mouse dynamics, information on user’s interaction with a computer mouse, are in vogue in machine learning for purposes such as recommendations, personalization, prediction of user characteristics and behavioral biometrics. We point out a blind spot in current works involving mouse dynamics that originates in underestimating the gravity of the characteristics of the mouse device and configuration on the data that mouse dynamics are inferred from. In a controlled study with $N=32$ participants, across three kinds of mouse interaction activities, we collect data for mouse dynamics utilizing a variety of mouse parameter configurations. We show that mouse dynamics commonly used in studies can be significantly altered by differences in mouse parameters. Out of 108 evaluated mouse dynamics metrics, 95 and 84 are affected between two conducted studies. A machine learning model’s performance can be warped by the mouse parameters being used. We demonstrate on a prediction task that mouse parameters cannot be approached uniformly and without consideration. We discuss methodological implications — how mouse dynamics studies should account for the diversity of mouse-related conditions.

Provable Data Possession (PDP) has gained widespread adoption for ensuring the integrity of data in remote cloud storage, where a data owner can delegate a third party auditor (TPA) to perform data auditing. To eliminate key escrow problem or complicated certificate management in classic solutions, numerous certificateless PDP schemes have been proposed while they failed to achieve efficient user revocation and protect user identity privacy. Therefore, we propose ReCIP, a revocable certificateless PDP scheme with identity privacy, where a TPA can perform public data integrity batch verification for a user while learning no useful knowledge about user identity privacy. Technically, we introduce a new user revocation strategy that directly revokes users’ secret keys, with no correlation to the number of data blocks in place for revocation time cost. To further boost the efficiency of ReCIP, we employ a semi-generic online–offline strategy to obtain an online–offline ReCIP (ReCIPoo) to reduce the time cost of tag generation. Moreover, we conduct a formal security proof of ReCIP, where the security is reduced to simple computational Diffie–Hellman problem and discrete logistic problem. Compared to state-of-the-art solutions, our ReCIPoo achieves comparable computation and communication cost while still achieving user revocation and protecting user identity privacy.

Nowadays, e-commerce platforms, such as Amazon, Flipkart, Netflix and YouTube, extensively use recommender systems (RS) techniques. Collaborative filtering (CF) is used widely among all RS techniques. A CF analyzes the user’s preference from past data, like ratings, and then suggests actual items to the intended user. The existing techniques compute the similarity between users/items and predict the ratings. However, most of them indicate the user’s preference for the items using a single technique, which may produce poor results. This paper proposes a hybrid CF technique to enhance the movie recommendation (HCFMR). The HCFMR consists of two modules. The first module finds the prediction score with the help of matrix factorization (MF) and passes the prediction score as input to the prediction algorithm, i.e., extreme gradient boosting (XGBoost). The second module generates handcrafted features, such as similar users and movies, along with the user, item and global average. Finally, these features are supplied to the XGBoost to predict the rating score of the movie and recommend the topmost movie to the user. We conduct various simulations on real-world datasets to verify the effectiveness of the proposed technique against the baseline techniques. The exploratory outcomes signify that the HCFMR technique outperforms the baselines and provides a better prediction on the benchmark datasets.

Vehicular Ad Hoc Network (VANET) serves as a crucial component in developing the Intelligent Transport System (ITS), which provides a range of services expected to increase road safety and improve the global driving experience. At the same time, Software Defined Network (SDN) is a promising solution for VANET communication security due to the risk related to the dynamic nature of the vehicular network. However, the centralized structure of SDN-based VANET exposes vulnerabilities to Distributed Denial of Service (DDoS) attacks, which can significantly impact the network’s performance. This work presents a deep learning technique for identifying DDoS attacks in SDN-based VANET, commonly called TabNet, a cutting-edge deep learning model for tabular data that generally surpasses traditional machine learning models regarding crucial performance metrics. The model underwent hyperparameter tuning and employed Adam optimization to enhance its performance. Comparative evaluations against other machine learning algorithms demonstrated the proposed model’s robustness, achieving an overall accuracy of 99.42%. Our suggested method presents a potential solution for detecting DDoS attacks in SDN-based VANET, outperforming conventional techniques in terms of accuracy and efficiency.

Oblivious polynomial evaluation (OPE) constitutes a crucial element in various two-party computation protocols, including private set intersection, data mining, and oblivious keyword search. Consequently, the development of an efficient OPE protocol is of paramount significance. Leveraging the homomorphic properties of encryption algorithms offers an effective avenue for constructing such a protocol. In this paper, we propose an elliptic code-based symmetric homomorphic encryption scheme that incorporates concepts introduced by Armknecht et al. We also provide parameter selection tailored to various security levels. This encryption scheme accommodates arbitrary additions and a finite number of multiplication operations. Expanding on our encryption scheme, we introduce three practical and straightforward OPE protocols that are fully compatible with our encryption framework. We complement these protocols with a comprehensive security analysis. Our protocols not only achieve a high level of security but also exhibit efficiency, requiring only two message transmissions for the entire OPE process. Furthermore, our protocols can concurrently compute function values at multiple evaluation points, whether for distinct functions or the same function.

Unmanned Aerial Vehicles (UAVs) are highly versatile and efficient tools utilized across diverse industries for data collection. However, they are vulnerable to wireless communication and data exchange risks, including unauthorized access, data theft, and network attacks. To address these problems, we introduce a secure and reliable UAV network service architecture that incorporates blockchain and deep learning to provide more secure and efficient network services for UAVs. We propose a UAV cluster identity management module by combining blockchain, encryption algorithms, and digital signatures to enhance the security of UAV communication data transmission. Then, based on machine learning, deep learning, and malicious process detection technology, we propose a real-time secure situational awareness system for UAV cluster terminal devices to enhance the security of the operating environment for UAVs. Finally, we propose a data-trustworthy interconnection platform based on blockchain, smart contracts, and consensus algorithms to realize secure and efficient sharing and transmission of terminal data. The results of the experiments demonstrate the feasibility and effectiveness of our UAV network service architecture.

Cross-chain transactions between heterogeneous blockchain systems pose various challenges, encompassing atomicity, security, and fairness of the transactions. While Traditional Hash Time Lock Contracts (HTLCs) can achieve atomic cross-chain transactions, they exhibit fairness deficiencies in two aspects: firstly, the transaction initiator benefits from an American Option (AO) advantage, and secondly, the transaction responder may be incentivized to launch a Draining Attack (DA), both of which impact the fairness of cross-chain transactions. Because of significant fluctuations in the exchange rate of tokens held by both parties, cross-chain transactions often face timeout rollbacks, resulting in a diminished probability of successful transactions. To tackle these issues, we propose a novel atomic cross-chain exchange protocol—$H{T}^{2}REP$. This protocol integrates Time Released Encryption (TRE), ShangMi 3 Hash function (SM3), and scalable smart contract technologies to enhance fairness within the traditional HTLCs protocol. Additionally, $H{T}^{2}REP$ ensures atomicity, security, and a heightened probability of success for cross-chain exchanges. Finally, we demonstrate that $H{T}^{2}REP$ is Universally Composable (UC) secure.

Personal health records (PHR) offer significant benefit for patients, such as reducing medical cost and improving the quality of medical care. Majority of the current schemes lack provisions for tracking and revoking malicious doctors. The explicit access policies are prone to leaking patient private information. What is more, owning to the uneven distribution of medical supplies, shocking computational overhead during decryption is a burden that cannot be ignored for busy medical workers. This paper proposed a patient-centric medical service matching scheme that supports policy hiding, attribute matching, fine-grained access control, and user dynamic management. The scheme uses ciphertext policy-based attribute encryption (CP-ABE) to achieve fine-grained access control and supports policy hiding. It utilizes white-box tracking technology and binary tree structure to achieve malicious doctor tracking. Revocation information is ciphertext to achieve dynamic management of doctors. From the experimental results, it can be concluded that our protocol achieves both patient-centric security and performance advantages.