Pub Date : 2023-02-23DOI: https://dl.acm.org/doi/10.1145/3561051
Man Zeng, Dandan Li, Pei Zhang, Kun Xie, Xiaohong Huang
In the inter-domain network, route leaks can disrupt the Internet traffic and cause large outages. The accurate detection of route leaks requires the sharing of AS business relationship information. However, the business relationship information between ASes is confidential. ASes are usually unwilling to reveal this information to the other ASes, especially their competitors. In this paper, we propose a method named FL-RLD to detect route leaks while maintaining the privacy of business relationships between ASes by using a blockchain-based federated learning framework, where ASes can collaboratively train a global detection model without directly disclosing their specific business relationships. To mitigate the lack of ground-truth validation data in route leaks, FL-RLD provides a self-validation scheme by labeling AS triples with local routing policies. We evaluate FL-RLD under a variety of datasets including imbalanced and balanced datasets, and examine different deployment strategies of FL-RLD under different topologies. According to the results, FL-RLD performs better in detecting route leaks than the single AS detection, whether the datasets are balanced or imbalanced. Additionally, the results indicate that selecting ASes with the most peers to first deploy FL-RLD brings more significant benefits in detecting route leaks than selecting ASes with the most providers and customers.
{"title":"Federated Route Leak Detection in Inter-domain Routing with Privacy Guarantee","authors":"Man Zeng, Dandan Li, Pei Zhang, Kun Xie, Xiaohong Huang","doi":"https://dl.acm.org/doi/10.1145/3561051","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3561051","url":null,"abstract":"<p>In the inter-domain network, route leaks can disrupt the Internet traffic and cause large outages. The accurate detection of route leaks requires the sharing of AS business relationship information. However, the business relationship information between ASes is confidential. ASes are usually unwilling to reveal this information to the other ASes, especially their competitors. In this paper, we propose a method named FL-RLD to detect route leaks while maintaining the privacy of business relationships between ASes by using a blockchain-based federated learning framework, where ASes can collaboratively train a global detection model without directly disclosing their specific business relationships. To mitigate the lack of ground-truth validation data in route leaks, FL-RLD provides a self-validation scheme by labeling AS triples with local routing policies. We evaluate FL-RLD under a variety of datasets including imbalanced and balanced datasets, and examine different deployment strategies of FL-RLD under different topologies. According to the results, FL-RLD performs better in detecting route leaks than the single AS detection, whether the datasets are balanced or imbalanced. Additionally, the results indicate that selecting ASes with the most peers to first deploy FL-RLD brings more significant benefits in detecting route leaks than selecting ASes with the most providers and customers.</p>","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":null,"pages":null},"PeriodicalIF":5.3,"publicationDate":"2023-02-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138533438","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-02-23DOI: https://dl.acm.org/doi/10.1145/3565884
Feijie Wu, Ho Yin Yuen, Henry Chan, Victor C. M. Leung, Wei Cai
Applying peer-to-peer (P2P) architecture to online video games has already attracted both academic and industrial interests, since it removes the need for expensive server maintenance. However, there are two major issues preventing the use of a P2P architecture, namely how to provide an effective distributed data storage solution, and how to tackle potential cheating behaviors. Inspired by emerging blockchain techniques, we propose a novel consensus model called Proof-of-Play (PoP) to provide a decentralized data storage system that incorporates an anti-cheating mechanism for P2P games, by rewarding players that interact with the game as intended, along with consideration of security measures to address the Nothing-at-stake Problem and the Long-range Attack. To validate our design, we utilize a game-theory model to show that under certain assumptions, the integrity of the PoP system would not be undermined due to the best interests of any user. Then, as a proof-of-concept, we developed a P2P game (Infinity Battle) to demonstrate how a game can be integrated with PoP in practice. Finally, experiments were conducted to study PoP in comparison with Proof-of-Work (PoW) to show its advantages in various aspects.
{"title":"Facilitating Serverless Match-based Online Games with Novel Blockchain Technologies","authors":"Feijie Wu, Ho Yin Yuen, Henry Chan, Victor C. M. Leung, Wei Cai","doi":"https://dl.acm.org/doi/10.1145/3565884","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3565884","url":null,"abstract":"<p>Applying <b>peer-to-peer (P2P)</b> architecture to online video games has already attracted both academic and industrial interests, since it removes the need for expensive server maintenance. However, there are two major issues preventing the use of a P2P architecture, namely how to provide an effective distributed data storage solution, and how to tackle potential cheating behaviors. Inspired by emerging blockchain techniques, we propose a novel consensus model called <b>Proof-of-Play (PoP)</b> to provide a decentralized data storage system that incorporates an anti-cheating mechanism for P2P games, by rewarding players that interact with the game as intended, along with consideration of security measures to address the Nothing-at-stake Problem and the Long-range Attack. To validate our design, we utilize a game-theory model to show that under certain assumptions, the integrity of the PoP system would not be undermined due to the best interests of any user. Then, as a proof-of-concept, we developed a P2P game (<i>Infinity Battle</i>) to demonstrate how a game can be integrated with PoP in practice. Finally, experiments were conducted to study PoP in comparison with <b>Proof-of-Work (PoW)</b> to show its advantages in various aspects.</p>","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":null,"pages":null},"PeriodicalIF":5.3,"publicationDate":"2023-02-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138533450","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-02-23DOI: https://dl.acm.org/doi/10.1145/3561300
Massimo La Morgia, Alessandro Mei, Francesco Sassi, Julinda Stefa
Cryptocurrencies are increasingly popular. Even people who are not experts have started to invest in these assets, and nowadays, cryptocurrency exchanges process transactions for over 100 billion US dollars per month. Despite this, many cryptocurrencies have low liquidity and are highly prone to market manipulation. This paper performs an in-depth analysis of two market manipulations organized by communities over the Internet: The pump and dump and the crowd pump. The pump and dump scheme is a fraud as old as the stock market. Now, it has new vitality in the loosely regulated market of cryptocurrencies. Groups of highly coordinated people systematically arrange this scam, usually on Telegram and Discord. We monitored these groups for more than 3 years, detecting around 900 individual events. We report on three case studies related to pump and dump groups. We leverage our unique dataset of the verified pump and dumps to build a machine learning model able to detect a pump and dump in 25 seconds from the moment it starts, achieving the results of 94.5% of F1-score. Then, we move on to the crowd pump, a new phenomenon that hit the news in the first months of 2021, when a Reddit community inflated the price of the GameStop stocks (GME) by over 1,900% on Wall Street, the world’s largest stock exchange. Later, other Reddit communities replicated the operation on the cryptocurrency markets. The targets were DogeCoin (DOGE) and Ripple (XRP). We reconstruct how these operations developed and discuss differences and analogies with the standard pump and dump. We believe this study helps understand a widespread phenomenon affecting cryptocurrency markets. The detection algorithms we develop effectively detect these events in real-time and helps investors stay out of the market when these frauds are in action.
{"title":"The Doge of Wall Street: Analysis and Detection of Pump and Dump Cryptocurrency Manipulations","authors":"Massimo La Morgia, Alessandro Mei, Francesco Sassi, Julinda Stefa","doi":"https://dl.acm.org/doi/10.1145/3561300","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3561300","url":null,"abstract":"<p>Cryptocurrencies are increasingly popular. Even people who are not experts have started to invest in these assets, and nowadays, cryptocurrency exchanges process transactions for over 100 billion US dollars per month. Despite this, many cryptocurrencies have low liquidity and are highly prone to market manipulation. This paper performs an in-depth analysis of two market manipulations organized by communities over the Internet: The pump and dump and the crowd pump. The pump and dump scheme is a fraud as old as the stock market. Now, it has new vitality in the loosely regulated market of cryptocurrencies. Groups of highly coordinated people systematically arrange this scam, usually on Telegram and Discord. We monitored these groups for more than 3 years, detecting around 900 individual events. We report on three case studies related to pump and dump groups. We leverage our unique dataset of the verified pump and dumps to build a machine learning model able to detect a pump and dump in 25 seconds from the moment it starts, achieving the results of 94.5% of F1-score. Then, we move on to the crowd pump, a new phenomenon that hit the news in the first months of 2021, when a Reddit community inflated the price of the GameStop stocks (GME) by over 1,900% on Wall Street, the world’s largest stock exchange. Later, other Reddit communities replicated the operation on the cryptocurrency markets. The targets were DogeCoin (DOGE) and Ripple (XRP). We reconstruct how these operations developed and discuss differences and analogies with the standard pump and dump. We believe this study helps understand a widespread phenomenon affecting cryptocurrency markets. The detection algorithms we develop effectively detect these events in real-time and helps investors stay out of the market when these frauds are in action.</p>","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":null,"pages":null},"PeriodicalIF":5.3,"publicationDate":"2023-02-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138533451","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jing Chen, Wenjun Jiang, Jie Wu, Kenli Li, Keqin Li
The Point Of Interest (POI) sequence recommendation is the key task in itinerary and travel route planning. Existing works usually consider the temporal and spatial factors in travel planning. However, the external environment, such as the weather, is usually overlooked. In fact, the weather is an important factor because it can affect a user’s check-in behaviors. Furthermore, most of the existing research is based on a static environment for POI sequence recommendation. While the external environment (e.g., the weather) may change during travel, it is difficult for existing works to adjust the POI sequence in time. What’s more, people usually prefer the attractive routes when traveling. To address these issues, we first conduct comprehensive data analysis on two real-world check-in datasets to study the effects of weather and time, as well as the features of the POI sequence. Based on this, we propose a model of Dynamic Personalized POI Sequence Recommendation with fine-grained contexts (DPSR for short). It extracts user interest and POI popularity with fine-grained contexts and captures the attractiveness of the POI sequence. Next, we apply the Monte Carlo Tree Search model (MCTS for short) to simulate the process of recommending POI sequence in the dynamic environment, i.e., the weather and time change after visiting a POI. What’s more, we consider different speeds to reflect the fact that people may take different transportation to transfer between POIs. To validate the efficacy of DPSR, we conduct extensive experiments. The results show that our model can improve the accuracy of the recommendation significantly. Furthermore, it can better meet user preferences and enhance experiences.
{"title":"Dynamic Personalized POI Sequence Recommendation with Fine-Grained Contexts","authors":"Jing Chen, Wenjun Jiang, Jie Wu, Kenli Li, Keqin Li","doi":"10.1145/3583687","DOIUrl":"https://doi.org/10.1145/3583687","url":null,"abstract":"The Point Of Interest (POI) sequence recommendation is the key task in itinerary and travel route planning. Existing works usually consider the temporal and spatial factors in travel planning. However, the external environment, such as the weather, is usually overlooked. In fact, the weather is an important factor because it can affect a user’s check-in behaviors. Furthermore, most of the existing research is based on a static environment for POI sequence recommendation. While the external environment (e.g., the weather) may change during travel, it is difficult for existing works to adjust the POI sequence in time. What’s more, people usually prefer the attractive routes when traveling. To address these issues, we first conduct comprehensive data analysis on two real-world check-in datasets to study the effects of weather and time, as well as the features of the POI sequence. Based on this, we propose a model of Dynamic Personalized POI Sequence Recommendation with fine-grained contexts (DPSR for short). It extracts user interest and POI popularity with fine-grained contexts and captures the attractiveness of the POI sequence. Next, we apply the Monte Carlo Tree Search model (MCTS for short) to simulate the process of recommending POI sequence in the dynamic environment, i.e., the weather and time change after visiting a POI. What’s more, we consider different speeds to reflect the fact that people may take different transportation to transfer between POIs. To validate the efficacy of DPSR, we conduct extensive experiments. The results show that our model can improve the accuracy of the recommendation significantly. Furthermore, it can better meet user preferences and enhance experiences.","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":null,"pages":null},"PeriodicalIF":5.3,"publicationDate":"2023-02-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47225148","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yibin Xu, Jia-Jung Shao, Tijs Slaats, Boris Düdder
Blockchain sharding splits a blockchain into several shards where consensus is reached at the shard level rather than over the entire blockchain. It improves transaction throughput and reduces the computational resources required of individual nodes. But a derivation of trustworthy consensus within a shard becomes an issue as the longest chain based mechanisms used in conventional blockchains can no longer be used. Instead, a vote-based consensus mechanism must be employed. However, existing vote-based Byzantine fault tolerance consensus protocols do not offer sufficient security guarantees for sharded blockchains. First, when used to support consensus where only one block is allowed at a time (binary consensus), these protocols are susceptible to progress-hindering attacks (i.e., unable to reach a consensus). Second, when used to support a stronger type of consensus where multiple concurrent blocks are allowed (strong consensus), their tolerance of adversary nodes is low. This article proposes a new consensus protocol to address all these issues. We call the new protocol MWPoW+, as its basic framework is based on the existing Multiple Winners Proof of Work (MWPoW) protocol but includes new mechanisms to address the issues mentioned previously. MWPoW+ is a vote-based protocol for strong consensus, asynchronous in consensus derivation but synchronous in communication. We prove that it can tolerate up to f < n/2 adversary nodes in a n-node system as if using a binary consensus protocol and does not suffer from progress-hindering attacks.
{"title":"MWPoW+: A Strong Consensus Protocol for Intra-Shard Consensus in Blockchain Sharding","authors":"Yibin Xu, Jia-Jung Shao, Tijs Slaats, Boris Düdder","doi":"10.1145/3584020","DOIUrl":"https://doi.org/10.1145/3584020","url":null,"abstract":"Blockchain sharding splits a blockchain into several shards where consensus is reached at the shard level rather than over the entire blockchain. It improves transaction throughput and reduces the computational resources required of individual nodes. But a derivation of trustworthy consensus within a shard becomes an issue as the longest chain based mechanisms used in conventional blockchains can no longer be used. Instead, a vote-based consensus mechanism must be employed. However, existing vote-based Byzantine fault tolerance consensus protocols do not offer sufficient security guarantees for sharded blockchains. First, when used to support consensus where only one block is allowed at a time (binary consensus), these protocols are susceptible to progress-hindering attacks (i.e., unable to reach a consensus). Second, when used to support a stronger type of consensus where multiple concurrent blocks are allowed (strong consensus), their tolerance of adversary nodes is low. This article proposes a new consensus protocol to address all these issues. We call the new protocol MWPoW+, as its basic framework is based on the existing Multiple Winners Proof of Work (MWPoW) protocol but includes new mechanisms to address the issues mentioned previously. MWPoW+ is a vote-based protocol for strong consensus, asynchronous in consensus derivation but synchronous in communication. We prove that it can tolerate up to f < n/2 adversary nodes in a n-node system as if using a binary consensus protocol and does not suffer from progress-hindering attacks.","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":null,"pages":null},"PeriodicalIF":5.3,"publicationDate":"2023-02-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45019870","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The popularity of intelligent devices provides straightforward access to the Internet and online social networks. However, the quick and easy data updates from networks also benefit the risk spreading, such as rumor, malware, or computer viruses. To this end, this article studies the problem of source detection, which is to infer the source node out of an aftermath of a cascade, that is, the observed infected graph GN of the network at some time. Prior arts have adopted various statistical quantities such as degree, distance, or infection size to reflect the structural centrality of the source. In this article, we propose a new metric that we call the infected tree entropy (ITE), to utilize richer underlying structural features for source detection. Our idea of ITE is inspired by the conception of structural entropy [21], which demonstrated that the minimization of average bits to encode the network structures with different partitions is the principle for detecting the natural or true structures in real-world networks. Accordingly, our proposed ITE based estimator for the source tries to minimize the coding of network partitions brought by the infected tree rooted at all the potential sources, thus minimizing the structural deviation between the cascades from the potential sources and the actual infection process included in GN. On polynomially growing geometric trees, with increasing tree heterogeneity, the ITE estimator remarkably yields more reliable detection under only moderate infection sizes, and returns an asymptotically complete detection. In contrast, for regular expanding trees, we still observe guaranteed detection probability of ITE estimator even with an infinite infection size, thanks to the degree regularity property. We also algorithmically realize the ITE based detection that enjoys linear time complexity via a message-passing scheme, and further extend it to general graphs. Extensive experiments on synthetic and real datasets confirm the superiority of ITE to the baselines. For example, ITE returns an accuracy of 85%, ranking the source among the top 10%, far exceeding 55% of the classic algorithm on scale-free networks.
{"title":"Finding the Source in Networks: An Approach Based on Structural Entropy","authors":"Chong Zhang, Qiang Guo, Luoyi Fu, Jiaxin Ding, Xinde Cao, Fei Long, Xinbing Wang, Cheng Zhou","doi":"10.1145/3568309","DOIUrl":"https://doi.org/10.1145/3568309","url":null,"abstract":"The popularity of intelligent devices provides straightforward access to the Internet and online social networks. However, the quick and easy data updates from networks also benefit the risk spreading, such as rumor, malware, or computer viruses. To this end, this article studies the problem of source detection, which is to infer the source node out of an aftermath of a cascade, that is, the observed infected graph GN of the network at some time. Prior arts have adopted various statistical quantities such as degree, distance, or infection size to reflect the structural centrality of the source. In this article, we propose a new metric that we call the infected tree entropy (ITE), to utilize richer underlying structural features for source detection. Our idea of ITE is inspired by the conception of structural entropy [21], which demonstrated that the minimization of average bits to encode the network structures with different partitions is the principle for detecting the natural or true structures in real-world networks. Accordingly, our proposed ITE based estimator for the source tries to minimize the coding of network partitions brought by the infected tree rooted at all the potential sources, thus minimizing the structural deviation between the cascades from the potential sources and the actual infection process included in GN. On polynomially growing geometric trees, with increasing tree heterogeneity, the ITE estimator remarkably yields more reliable detection under only moderate infection sizes, and returns an asymptotically complete detection. In contrast, for regular expanding trees, we still observe guaranteed detection probability of ITE estimator even with an infinite infection size, thanks to the degree regularity property. We also algorithmically realize the ITE based detection that enjoys linear time complexity via a message-passing scheme, and further extend it to general graphs. Extensive experiments on synthetic and real datasets confirm the superiority of ITE to the baselines. For example, ITE returns an accuracy of 85%, ranking the source among the top 10%, far exceeding 55% of the classic algorithm on scale-free networks.","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":null,"pages":null},"PeriodicalIF":5.3,"publicationDate":"2023-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42896656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the increasing popularity of social networks, many businesses have started implementing their branding or targeted advertising strategies to reach potential customers through social media platforms. It is desirable and essential to help businesses to reach mass audiences and assist users to find favorite business accounts on social media platforms. In the movie industry, movie companies often create business accounts (movie accounts) to promote their movies and capture the attention of followers on Instagram. Instagram contains rich information about movies and user feedback, while IMDb, one of the most popular online databases, contains well-organized information related to movies. The features extracted from the data collected from Instagram and IMDb can complement each other. Therefore, in this study, we propose a framework for recommending movie accounts to users on Instagram by using the data collected from Instagram and IMDb platforms. The experiment results show that our proposed framework outperforms the comparing methods in terms of precision, recall, F1-score, and Normalized Discounted Cumulative Gain (NDCG), and mitigates the effect of cold start problems. The proposed framework can help movie companies or businesses reach potential audiences and implement effective targeted advertising strategies.
{"title":"Movie Account Recommendation on Instagram","authors":"Yu-Jhen Wang, Anthony J. T. Lee","doi":"10.1145/3579852","DOIUrl":"https://doi.org/10.1145/3579852","url":null,"abstract":"With the increasing popularity of social networks, many businesses have started implementing their branding or targeted advertising strategies to reach potential customers through social media platforms. It is desirable and essential to help businesses to reach mass audiences and assist users to find favorite business accounts on social media platforms. In the movie industry, movie companies often create business accounts (movie accounts) to promote their movies and capture the attention of followers on Instagram. Instagram contains rich information about movies and user feedback, while IMDb, one of the most popular online databases, contains well-organized information related to movies. The features extracted from the data collected from Instagram and IMDb can complement each other. Therefore, in this study, we propose a framework for recommending movie accounts to users on Instagram by using the data collected from Instagram and IMDb platforms. The experiment results show that our proposed framework outperforms the comparing methods in terms of precision, recall, F1-score, and Normalized Discounted Cumulative Gain (NDCG), and mitigates the effect of cold start problems. The proposed framework can help movie companies or businesses reach potential audiences and implement effective targeted advertising strategies.","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":null,"pages":null},"PeriodicalIF":5.3,"publicationDate":"2023-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43478361","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
While JavaScript established itself as a cornerstone of the modern web, it also constitutes a major tracking and security vector, thus raising critical privacy and security concerns. In this context, some browser extensions propose to systematically block scripts reported by crowdsourced trackers lists. However, this solution heavily depends on the quality of these built-in lists, which may be deprecated or incomplete, thus exposing the visitor to unknown trackers. In this article, we explore a different strategy by investigating the benefits of disabling JavaScript in the browser. More specifically, by adopting such a strict policy, we aim to quantify the JavaScript addiction of web elements composing a web page through the observation of web breakages. As there is no standard mechanism for detecting such breakages, we introduce a framework to inspect several page features when blocking JavaScript, that we deploy to analyze 6,384 pages, including landing and internal web pages. We discover that 43% of web pages are not strictly dependent on JavaScript and that more than 67% of pages are likely to be usable as long as the visitor only requires the content from the main section of the page, for which the user most likely reached the page, while reducing the number of tracking requests by 85% on average. Finally, we discuss the viability of currently browsing the web without JavaScript and detail multiple incentives for websites to be kept usable without JavaScript.
{"title":"Breaking Bad: Quantifying the Addiction of Web Elements to JavaScript","authors":"Romain Fouquet, Pierre Laperdrix, Romain Rouvoy","doi":"10.1145/3579846","DOIUrl":"https://doi.org/10.1145/3579846","url":null,"abstract":"While JavaScript established itself as a cornerstone of the modern web, it also constitutes a major tracking and security vector, thus raising critical privacy and security concerns. In this context, some browser extensions propose to systematically block scripts reported by crowdsourced trackers lists. However, this solution heavily depends on the quality of these built-in lists, which may be deprecated or incomplete, thus exposing the visitor to unknown trackers. In this article, we explore a different strategy by investigating the benefits of disabling JavaScript in the browser. More specifically, by adopting such a strict policy, we aim to quantify the JavaScript addiction of web elements composing a web page through the observation of web breakages. As there is no standard mechanism for detecting such breakages, we introduce a framework to inspect several page features when blocking JavaScript, that we deploy to analyze 6,384 pages, including landing and internal web pages. We discover that 43% of web pages are not strictly dependent on JavaScript and that more than 67% of pages are likely to be usable as long as the visitor only requires the content from the main section of the page, for which the user most likely reached the page, while reducing the number of tracking requests by 85% on average. Finally, we discuss the viability of currently browsing the web without JavaScript and detail multiple incentives for websites to be kept usable without JavaScript.","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":null,"pages":null},"PeriodicalIF":5.3,"publicationDate":"2023-01-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"64063297","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Xiuwen Fu, P. Pace, G. Aloi, A. Guerrieri, Wenfeng Li, G. Fortino
In practical cyber-manufacturing systems (CMS), the node component is the forwarder of information and the provider of services. This dual role makes the whole system have the typical physical-services interaction characteristic, making CMS more vulnerable to cascading failures than general manufacturing systems. In this work, in order to reasonably characterize the cascading process of CMS, we first develop an interdependent network model for CMS from a physical-service networking perspective. On this basis, a realistic cascading failure model for CMS is designed with full consideration of the routing-oriented load distribution characteristics of the physical network and selective load distribution characteristics of the service network. Through extensive experiments, the soundness of the proposed model has been verified and some meaningful findings have been obtained: 1) attacks on the physical network are more likely to trigger cascading failures and may cause more damage; 2) interdependency failures are the main cause of performance degradation in the service network during cascading failures; 3) isolation failures are the main cause of performance degradation in the physical network during cascading failures. The obtained results can certainly help users to design a more reliable CMS against cascading failures.
{"title":"Tolerance Analysis of Cyber-Manufacturing Systems to Cascading Failures","authors":"Xiuwen Fu, P. Pace, G. Aloi, A. Guerrieri, Wenfeng Li, G. Fortino","doi":"10.1145/3579847","DOIUrl":"https://doi.org/10.1145/3579847","url":null,"abstract":"In practical cyber-manufacturing systems (CMS), the node component is the forwarder of information and the provider of services. This dual role makes the whole system have the typical physical-services interaction characteristic, making CMS more vulnerable to cascading failures than general manufacturing systems. In this work, in order to reasonably characterize the cascading process of CMS, we first develop an interdependent network model for CMS from a physical-service networking perspective. On this basis, a realistic cascading failure model for CMS is designed with full consideration of the routing-oriented load distribution characteristics of the physical network and selective load distribution characteristics of the service network. Through extensive experiments, the soundness of the proposed model has been verified and some meaningful findings have been obtained: 1) attacks on the physical network are more likely to trigger cascading failures and may cause more damage; 2) interdependency failures are the main cause of performance degradation in the service network during cascading failures; 3) isolation failures are the main cause of performance degradation in the physical network during cascading failures. The obtained results can certainly help users to design a more reliable CMS against cascading failures.","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":null,"pages":null},"PeriodicalIF":5.3,"publicationDate":"2023-01-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48427794","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Michell Boerger, Philipp Lämmel, Nikolay Tcholtchev, M. Hauswirth
Climate change has put significant pressure on energy markets. Political decisions such as the plan of the German government to shut down coal power plants by 2038 are shifting electricity production towards renewable and distributed energy resources. The share of these resources will continue to grow significantly in the coming years. This trend changes the ways how energy markets work which mandates fundamental changes in the underlying IT infrastructure. In this paper, we propose a blockchain-based solution which enables an economically viable and grid-serving integration of distributed energy resources into the existing energy system. Our blockchain-based approach targets intraday and day-ahead operating reserve markets, on which energy grid operators and operators of distributed energy resources can trade flexibilities within the schedulable energy production and consumption of their resources. By utilizing these flexibilities as an operating reserve, renewable and climate-friendly technologies can contribute to maintaining the grid stability and security of supply while simultaneously creating economically interesting business models for their operators. We propose to define blockchain-based short-term energy markets by utilizing the concept of general-purpose smart contracts and cryptocurrencies. This enables direct and decentralized trading of energy flexibilities without any intermediary or central instance. We demonstrate the feasibility of our approach through an implementation of a prototype of the proposed markets based on the Ethereum blockchain and provide a detailed evaluation of its efficiency and scalability.
{"title":"Enabling Short-Term Energy Flexibility Markets Through Blockchain","authors":"Michell Boerger, Philipp Lämmel, Nikolay Tcholtchev, M. Hauswirth","doi":"10.1145/3542949","DOIUrl":"https://doi.org/10.1145/3542949","url":null,"abstract":"Climate change has put significant pressure on energy markets. Political decisions such as the plan of the German government to shut down coal power plants by 2038 are shifting electricity production towards renewable and distributed energy resources. The share of these resources will continue to grow significantly in the coming years. This trend changes the ways how energy markets work which mandates fundamental changes in the underlying IT infrastructure. In this paper, we propose a blockchain-based solution which enables an economically viable and grid-serving integration of distributed energy resources into the existing energy system. Our blockchain-based approach targets intraday and day-ahead operating reserve markets, on which energy grid operators and operators of distributed energy resources can trade flexibilities within the schedulable energy production and consumption of their resources. By utilizing these flexibilities as an operating reserve, renewable and climate-friendly technologies can contribute to maintaining the grid stability and security of supply while simultaneously creating economically interesting business models for their operators. We propose to define blockchain-based short-term energy markets by utilizing the concept of general-purpose smart contracts and cryptocurrencies. This enables direct and decentralized trading of energy flexibilities without any intermediary or central instance. We demonstrate the feasibility of our approach through an implementation of a prototype of the proposed markets based on the Ethereum blockchain and provide a detailed evaluation of its efficiency and scalability.","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":null,"pages":null},"PeriodicalIF":5.3,"publicationDate":"2022-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41369045","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}