Future Generation Computer Systems-The International Journal of Escience最新文献

Traffic classification is essential for network management and optimization, enhancing user experience, network performance, and security. However, evolving technologies and complex network environments pose challenges. Recently, researchers have turned to machine learning for traffic classification due to its ability to automatically extract and distinguish traffic features, outperforming traditional methods in handling complex patterns and environmental changes while maintaining high accuracy. Federated learning, a distributed learning approach, enables model training without revealing original data, making it appealing for traffic classification to safeguard user privacy and data security. However, applying it to this task poses two challenges. Firstly, common client devices like routers and switches have limited computing resources, which can hinder efficient training and increase time costs. Secondly, real-world applications often demand personalized models and tasks for clients, posing further complexities. To address these issues, we propose Split Federated Mutual Learning (SFML), an innovative federated learning architecture designed for traffic classification that combines split learning and mutual learning. In SFML, each client maintains two models: a privacy model for the local task and a public model for the global task. These two models learn from each other through knowledge distillation. Furthermore, by leveraging split learning, we offload most of the computational tasks to the server, significantly reducing the computational burden on the client. Experimental results demonstrate that SFML outperforms typical training architectures in terms of convergence speed, model performance, and privacy protection. Not only does SFML improve training efficiency, but it also satisfies the personalized needs of clients and reduces their computational workload and communication overhead, providing users with a superior network experience.

As the scale of Mobile CrowdSensing (MCS) system expands, effective mobile user allocation and recruitment system design becomes crucial. Mobile users can be divided into opportunistic users and participatory ones. Most of the existing recruitment strategy have neglected some aspects, such as without considering the low-paying opportunistic users, without comprehensively considering users’ attributes and without considering their future location, etc. In this paper, the recruitment scheme is investigated by considering the opportunistic users. Firstly, the User Recruitment problem based on User Comprehensive Capabilities (urUCC) is proposed with the objective of maximizing the total revenue. In addition, this problem is proved to be NP-Hard. Secondly, the Opportunistic Users recruitment strategy based on Deep Learning (OUDL) is designed, which consists of three parts, the user location prediction algorithm based on the Long Short-Term Memory (LSTM), the user evaluation algorithm based on the topsis comprehensive evaluation method and the dynamic user recruitment algorithm. Finally, a large number of simulation experiments are conducted by using real datasets. It is proved that the strategy OUDL can recruit high-quality opportunistic users to participate in the sensing task while guaranteeing the task completion rate. Compared with other strategies, the task coverage of the strategy OUDL increased by more than 5% while the comprehensive quality of users increased by about 10%. Thus, the quality of data can be guaranteed while reducing the cost.

Data privacy is a major concern in industries such as healthcare or finance. The requirement to safeguard privacy is essential to prevent data breaches and misuse, which can have severe consequences for individuals and organisations. Federated learning is a distributed machine learning approach where multiple participants collaboratively train a model without compromising the privacy of their data. However, a significant challenge arises from the differences in feature spaces among participants, known as non-IID data. This research introduces a novel federated learning framework employing fuzzy cognitive maps, designed to comprehensively address the challenges posed by diverse data distributions and non-identically distributed features in federated settings. The proposal is tested through several experiments using four distinct federation strategies: constant-based, accuracy-based, AUC-based, and precision-based weights. The results demonstrate the effectiveness of the approach in achieving the desired learning outcomes while maintaining privacy and confidentiality standards.

Motivation:

Computational drug repositioning is a vital path to improve efficiency of drug discovery, which aims to find potential Drug–Disease Associations (DDAs) to develop new effects of the existing drugs. Many approaches detected novel DDAs from heterogenous network which integrates similar drugs, similar diseases and the known DDAs. However, sparsity of the known DDAs and intrinsic synergic relations on representations of drugs and diseases in the heterogenous network are still the main challenges for DDAs prediction.

Results:

To address the problems, a novel drug repositioning approach is proposed here. Firstly, a drug similar network is constructed by Gaussian similarity kernel fusion of multisource drug similarities. Likewise, a disease similar network is generated by the same strategy. Secondly, the known DDAs network is extended by a bi-random walk algorithm from the above-mentioned similar networks. Meanwhile, representations of drugs and diseases are learned from their similar networks through graph convolutions and then a DDAs network is induced from the representations. Finally, to discover latent DDAs, the inductive DDAs network is refined iteratively by collaborating with the extended known DDAs network. Comprehensive experimental results show that our method outperforms several state-of-the-art methods for predicting DDAs on indicators including precision, recall, F1-score, MCC, ROC and AUPR. Moreover, case studies suggest that our method is highly effective in practices. The success of our method may be attributed to three aspects: (1) reliable similar relationships of drugs and diseases; (2) enhanced connectivity of the heterogenous network; (3) reasonable collaborative induction on DDAs network. Our method is freely available at https://github.com/BioMLab/DRCLN.

JointCloud computing represents a new generation cloud computing paradigm, which deeply integrates the cloud resources of multiple Cloud Service Providers (CSPs) to offer tailored cloud services to users. In contrast to traditional multi-cloud environment, JointCloud environment involve data circulation among multiple CSPs. However, in JointCloud environment, CSPs are not always fully trustworthy and they may illegally infringe upon users’ data privacy and security for their own benefit. Additionally, the heterogeneity arising from different data storage formats, structures, access control, and permission management mechanisms adopted by various CSPs makes achieving unified data management in JointCloud challenging. Therefore, to ensure secure storage and efficient circulation of data within JointCloud, it is essential to prevent violations for user privacy and data ownership, shield the heterogeneity of underlying data management mechanisms across different CSPs, and establish trusted transactions between CSPs. In this paper, we propose a framework called JointCloud Data Chain (JCDC) based on JointCloud computing and blockchain for data storage and circulation, aiming to ensure secure data storage and trustworthy transactions. JCDC utilizes blockchain to record data ownership and control data circulation, while integrating storage resources from various CSPs to construct a distributed off-chain Personal Data Storage (PDS) for expanding system storage capacity. Additionally, JCDC employs Certificateless Public Key Cryptography (CL-PKC) and Proxy Re-encryption technologies for user identity management and secure data transactions. Furthermore, smart contracts are designed to enable automated data storage and sharing. We conduct a security analysis of JCDC and develop a prototype system to validate its performance and practicality. Finally, extensive experimentation and analysis demonstrate that JCDC exhibits low time latency and cost, which makes it practical.

As the fundamental infrastructure for edge–cloud architectures, the inter-datacenter elastic optical network is used for data analysis and processing. As the demand for applications increases, the large number of service requests increases the processing overhead in the control plane, resulting in unbalanced controller loads. Existing switch migration mechanisms have been proposed for controller load balancing. Unfortunately, most of the existing mechanisms only consider the switch with the highest flow request rate as the migration object in the process of switch selection, and ignore the migration cost generated in the switch migration activity, such as the update cost of flow request message and the deployment cost of migration rule, which may increase the controller load. Additionally, most of them choose the controller with light load as the target controller to associate with the switch to be migrated, without considering whether the target controller is overloaded after the switch migration, which leads to the low load balancing performance of the controller. In view of the above problems, this paper proposes a Load-Aware Switch Migration (LASM) mechanism in edge–cloud architectures. The LASM mechanism models and analyses the cost metrics affecting switch migration and selects lower-cost switches from overloaded controller-controlled domain networks for migration activities. Besides, the LASM mechanism models switch migration based on the 0-1 knapsack problem and avoids overloading the target controllers through a greedy policy to achieving optimal migration activities. The experimental results show that the proposed LASM mechanism improves controller load balancing performance by an average of 34.3%, eliminates migration costs by 30.2%, and reduces response times by an average of 39.3%, respectively, compared to existing solutions.

The Internet of Things (IoT) has ushered in an era of connected devices that, while facilitating real-time data collection and sharing, also exposes these devices to significant security risks. This study addresses the challenges of security risks and vulnerabilities by employing the Network Policy in Kubernetes and focusing on the SARIK framework. SARIK is designed to automate the creation and implementation of network policies, with the aim of enhancing the efficiency and strengthening the protection of IoT devices. Experiments conducted in a controlled environment with Minikube in Kubernetes showed that the implementation of SARIK notably improved the security of IoT devices. Key observations included a noticeable reduction in vulnerability to cyberattacks and a significant increase in the overall resilience of the system. In particular, the study revealed improvements in the performance metrics analyzed, which is evidence of SARIK’s effectiveness in real-world scenarios. Compared with existing frameworks - e.g., those of Sysdig -, SARIK is notable for its integration with Kubernetes network policies and its emphasis on automated security management. Although automation is a key factor in related works, SARIK’s unique approach to leveraging the inherent capabilities of Kubernetes offers a distinct advantage in ensuring the security of IoT environments. This aspect, along with its performance benefits, underlines the value of SARIK’s contribution to IoT security. The application of SARIK in protecting IoT devices in Kubernetes environments meets the need for automated and cohesive strategies to tackle current security threats. This study not only highlights the efficiency of SARIK but also emphasizes the need for evolving security strategies, that can be adapted to dynamic threat modeling in complex and interconnected IT environments.

With the vigorous development of Internet technology, the scale of systems in the network has increased sharply, which provides a great opportunity for potential attacks, especially the Distributed Denial of Service (DDoS) attack. In this case, detecting DDoS attacks is critical to system security. However, current detection methods exhibit limitations, leading to compromises in accuracy and efficiency. To cope with it, three key strategies are implemented in this paper: (i) Using tensors to model large-scale and heterogeneous data in complex networks; (ii) Proposing a denoising algorithm based on the improved and distributed tensor train (IDTT) decomposition, which optimizes the tensor train(TT) decomposition in terms of parallel computation and low-rank estimation; (iii) Combining (i), (ii) and Light Gradient Boosting Machine (LightGBM) classification model, an efficient DDoS attack detection framework is proposed. Datasets CIC-DDoS2019 and NSL-KDD are used to evaluate the framework, and results demonstrate that accuracy can reach 99.19% while having the characteristics of low storage consumption and well speedup ratio.

As the capacity of NAND flash-based SSDs keeps increasing, it becomes crucial to design a memory-efficient address translation algorithm that offers high performance when a translation table cannot be entirely loaded in a controller DRAM. Existing flash translation layers (FTL) employ demand-based address translation which caches popular mapping information in DRAM by leveraging locality of I/O references. Owing to the lack of information about detailed behaviors of applications, however, existing demand-based FTLs often suffer from many translation-table misses and thus result in sub-optimal performance. In this paper, we propose a new Program context-AssisteD Flash Translation Layer, called PADFTL. Unlike existing FTLs which are implemented as the form of firmware, PADFTL is vertically integrated with a host-level I/O classifier which provides useful hints for an FTL in an SSD to make a better decision in managing a translation table. The host-level I/O classifier monitors unique behaviors of applications by analyzing their program contexts and categorizes I/O patterns into four types, (1) Loop, (2) Hot, (3) Sequential, and (4) Random, which are then delivered to an SSD through extended interfaces. The SSD-side module of PADFTL partitions a controller DRAM into four zones and isolates mapping information associated with different I/O patterns into separate zones. By employing cache management strategies optimized for individual zones, PADFTL can lower the overall translation-table miss ratio. To evaluate the effectiveness of PADFTL, we implement the host-level classifier in the Linux kernel and PADFTL’s FTL in a trace-driven FTL simulator. In our experimental results, compared to the state-of-the-art FTL, PADFTL increases the overall table hit ratio by 16% while reducing the address translation time by up to 20% on average.

Quantum algorithms are often represented in terms of quantum circuits operating on ideal (logical) qubits. However, the practical implementation of these algorithms poses significant challenges. Many quantum algorithms require a substantial number of logical qubits, and the inherent susceptibility to errors of quantum computers require quantum error correction. The integration of error correction introduces overhead in terms of both space (physical qubits required) and runtime (how long the algorithm needs to be run for). This paper addresses the complexity of comparing classical and quantum algorithms, primarily stemming from the additional quantum error correction overhead. We propose a comprehensive framework that facilitates a direct and meaningful comparison between classical and quantum algorithms. By acknowledging and addressing the challenges introduced by quantum error correction, our framework aims to provide a clearer understanding of the comparative performance of classical and quantum computing approaches. This work contributes to understanding the practical viability and potential advantages of quantum algorithms in real-world applications.

We apply our framework to quantum cryptanalysis, since it is well known that quantum algorithms can break factoring and discrete logarithm based cryptography and weaken symmetric cryptography and hash functions. In order to estimate the real-world impact of these attacks, apart from tracking the development of fault-tolerant quantum computers it is important to have an estimate of the resources needed to implement these quantum attacks. This analysis provides state-of-the art snap-shot estimates of the realistic costs of implementing quantum attacks on these important cryptographic algorithms, assuming quantum fault-tolerance is achieved using surface code methods, and spanning a range of potential error rates. These estimates serve as a guide for gauging the realistic impact of these algorithms and for benchmarking the impact of future advances in quantum algorithms, circuit synthesis and optimization, fault-tolerance methods and physical error rates.