Journal of Information Processing Volume 23, Issue 5

System-level Design Method for Control Systems with Hardware-implemented Interrupt Handler

In this paper, we propose a system-level design method for control systems that enables the development of Hardware-implemented interrupt handler. The increasing complexity of control systems has led to a rise in the frequency of interrupts. As a result, the processor load increases, leading to a deterioration in the latency of interrupt processing. To solve these problems, we require dedicated hardware that is activated by an interrupt and can directly access devices during its processing. The proposed method enables control systems with the above dedicated hardware to be developed using a model that abstracts an interrupt, interrupt processing, and communication between the control processing and devices. We have developed a system-level design tool which automatically generates the target implementation from the model. Case studies on a motor control system show that the proposed method reduces the processor load, improves the latency of the interrupt processing, and enables the design space exploration for the control system.

Real-Time Scheduling for Reducing Jitters of Periodic Tasks

For control applications implemented with periodic tasks, fluctuations in start or response timing cause jitters which may disturb periodicity and result in performance degradation or instability. This study proposes real-time scheduling techniques that reduce jitters and average response times of periodic tasks. In the proposed scheduling, two techniques are employed: one which adaptively extends deadlines according to varying execution times, and the other which further obtains short deadlines by virtually advancing release times. These two techniques aim at scheduling target tasks as early as possible by giving them short enough deadlines. The evaluation shows that the former shortens average response times of the target tasks by up to 20.5% and the latter mitigates jitters by up to 35.4%, compared to the existing scheduling algorithm, Total Bandwidth Server.

A Model for Adversarial Wiretap Channels and its Applications

In the wiretap model of secure communication, Alice is connected to Bob and Eve by two noisy channels. Wyner's insight was that the difference in noise between the two channels can be used to provide perfect secrecy for communication between Alice and Bob, against the eavesdropper Eve. In Wyner's model, the adversary is passive. We consider a coding-theoretic model for wiretap channels with active adversaries who can choose their view of the communication channel and also add adversarial noise to the channel. We give an overview of the security definition and the known results for this model, and discuss its relation to two important cryptographic primitives: secure message transmission and robust secret sharing. In particular, we show that this model unifies the study of wiretap channels and secure message transmission in networks.

Ciphertext Divided Anonymous HIBE and Its Transformation to Identity-Based Encryption with Keyword Search

It has been shown that identity-based encryption with keyword search (IBEKS) can be constructed from level-2 anonymous hierarchical identity-based encryption (A-HIBE). A-HIBE is more complicated than non-anonymous HIBE (NA-HIBE). We have shown the definition of Ciphertext Divided A-HIBE (CD-A-HIBE). The basic idea of CD-A-HIBE is to make it possible to regard NA-HIBE as A-HIBE by dividing ciphertext into two parts so as not to leak the information of identity from the original ciphertext of NA-HIBE. We also have shown a concrete construction of CD-A-HIBEfrom BB1-HIBE, which is one of the NA-HIBE schemes and transformed BB1-CD-A-HIBE to IBEKS whose ciphertext is divided (CD-IBEKS). Then, the computational cost of CD-IBEKS is shown to be often more reasonable than that of IBEKS. In this paper, we show what type of NA-HIBEnot limited to BB1-HIBE can be used for constructing CD-A-HIBEand how to transform a certain type of NA-HIBEto CD-A-HIBE generally. Then, we prove that these CD-A-HIBE schemes have indistinguishability and anonymity. The general transformation from CD-A-HIBEto CD-IBEKS is also shown. We prove that these CD-IBEKS schemes have indistinguishability.

New Secret Sharing Schemes Realizing General Access Structures

We propose new secret sharing schemes realizing general access structures. Our proposed schemes are perfect secret sharing schemes and can reduce the number of shares distributed to specified participants. Furthermore, for any access structure, the proposed schemes are more efficient than the previous results based on authorized subsets.

Empowering Anti-malware Research in Japan by Sharing the MWS Datasets

Substantial research has been conducted to develop proactive and reactive countermeasures against malware threats. Gathering and analyzing data are widely accepted approaches for accelerating the research towards understanding malware threats. However, collecting useful data is not an easy task for individuals or new researchers owing to several technical barriers, such as conducting honeypot operations securely. The anti-Malware engineering WorkShop (MWS) was organized in 2008 to fill this gap; since then, we have shared datasets that are useful for accelerating the data-driven anti-malware research in Japan. This paper provides the definitive collection of the MWS Datasets that are a collection of different datasets for use in anti-malware research. We also report the effectiveness of the MWS Datasets from the viewpoint of published research papers and how to empower some of the papers by using the MWS Datasets. Furthermore, our discussion about issues of the MWS Datasets reveal the future directions for accelerating anti-malware research from the perspectives of dataset collection activity and dataset use activity.

Reducing Congestion in the Tor Network with Circuit Switching

The Tor network is a distributed circuit-switching overlay network, which provides anonymous communication by using voluntarily running onion routers around the world. Tor is vulnerable to network congestion and performance problems because circuit traffics with different rates are competing to transfer their data through a single TCP connection. A large fraction of available network capacity is consumed by the bulk users' traffic, resulting in increasing delays for the light interactive users. The unfair distribution between the circuit traffics of bulk and light users are contributing to bottleneck in the Tor routers. This problem increases the end-to-end latency and reduces the quality of communication in Tor, which discourages many users from using and joining the network. As a result, the degradation of Tor performance does not only affect the users' experience, but also degrade the anonymity of Tor. In this work, we discovered that the current Tor design encountered problems from several performance and deployment issues relating to lower network capacity. To improve the problems in Tor, we applied the circuit switching method and addressed the short-comings of limited network capacity, by connecting the congested OR to higher bandwidth ORs. The proposed method is evaluated on our setup testbed environment and partly in the live Tor network. The experimental results showed that TCP socket buffers and Tor network capacity are better utilized and the overall end-to-end latency is reduced.

Evaluating Header Information Features for Malware Infection Detection

We analyzed traffic data after a malware infection and clarified which features would be the most effective in the detection of infection. The focus is on the use of traffic data to detect infections and on the use of features that do not change much over time from those of the training data. The characteristics of features that are effective for detecting malware infections are also described. Experimental results clarified the effects of the time difference, and the effective features that were little affected by the time difference were identified. There is thus a need to focus on the effect of the time difference when investigating malware infection detection.

METRO: Measurement of End-to-End Route Trust

Given the current security situation on the Internet, it is important to determine the trust of the communication routes between a client and server. However, such determination can only be established by end terminals such as clients and servers, not by intermediate routers or network providers so far. Revelations regarding PRISM and other programs highlight the importance of this issue. In this paper, a method to identify the trust level of a route between a client and a server is proposed that uses packet authentication, Probabilistic Packet Marking (PPM), and knowledge bases maintained by trusted third parties. A prototype system of the proposed method was developed and evaluated, prove its feasibility. To the best of our knowledge, the proposed method is the first for identifying the trust level of a route based on information obtained from intermediate routers or Autonomous Systems (ASs).

Detecting Malicious Domains and Authoritative Name Servers Based on Their Distinct Mappings to IP Addresses

As Domain Name System (DNS) provides flexibility and robustness in communications of hosts on Internet, not only legitimate users but also attackers often take advantages of it. If we know how attackers are managing their malicious domains with authoritative name servers, there is a possibility to detect not only malicious domains but also malicious authoritative name servers. In this study, we present a novel method for detecting malicious “domains” (noted as d) and malicious “authoritative name servers” (noted as ns-d) based on their distinct mappings to “IP addresses” (noted as IP). Namely, we present three features to detect them; 1) Single ns-d is mapped to many IP, 2) Single IP is mapped to many ns-d, and 3) Single IP is mapped to both ns-d and d. We evaluate proposed method in terms of accuracy and coverage in detection of malicious d and ns-d. The evaluation shows that our detection method can achieve significantly low false positive rate in detecting both malicious d and ns-d without relying on any previous knowledge, such as blacklists or whitelists.

Study on the Feasibility of Smart-Banknotes

A large number of counterfeit banknotes have been found around the world. Every possible effort must therefore be made to prevent counterfeit banknotes. We focus on NFC technology as a new countermeasure against these threats. A banknote-authentication system using NFC-tags and smartphones called a “smart-banknote system”-was developed. The smart-banknote system has three anti-counterfeiting functions, and distinguishes legitimate banknotes from counterfeit ones. The effectiveness of the system was evaluated by fault tree analysis and flow model analysis. The evaluation shows the smart-banknote system is most effective against low-level counterfeiters and is reasonably effective against high-level counterfeiters. In this paper, we report a summary of the smart-banknote system and an evaluation of the effectiveness of the system.

Stronger Bridge Mechanisms of Tor which Take into Consideration Exhaustive Adversarial Models

Tor is the most popular anonymous communication tool in the world. Its anonymity, however, has not been thoroughly evaluated. For example, it is possible for an adversary to restrict access to the Tor network by blocking all the publicly listed relays. In response, Tor utilizes bridges, which are unlisted relays, as alternative entry points. However, the vulnerabilities of the current bridge mechanism have not been thoroughly investigated yet. We first investigate the vulnerabilities of the current bridge mechanism under different adversarial models. Then we compare the current bridge mechanism with our two proposals and discuss their effects on the security and performance of Tor.

HTTP-GET Flood Prevention Method by Dynamically Controlling Multiple Types of Virtual Machine Resources

Currently, Web services are widely utilized to disclose company information, and offer online services and e-commerce. As these services have become an essential part of our everyday lives, the public is greatly inconvenienced when they are disrupted. Denial of service (DoS) attacks exert adverse influences on Web services. We focus on HTTP-GET Flood attacks, which are manually operable DoS attacks. It is possible to simply block manually operable DoS attacks such as F5 attacks on the server side; however, such measures could be noticed by the attackers. Therefore, to prevent the attacker changing their method of attack, it is possible to overcome the attack by redirecting the attack to another system, for which a previous study has proposed a feasible technique located in the service provider. The previous study assumes a correlation between the CPU resource and the request error rate. However, the Web Server actually has multiple resources. Therefore, it is important to be able to control the server resources rather than the CPU and the memory. The operational implementation of the proposed method and the evaluation experiments confirm the effectiveness of the proposed method.

Reducing Resource Consumption of SELinux for Embedded Systems with Contributions to Open-Source Ecosystems

Security-Enhanced Linux (SELinux) is a useful countermeasure for resisting security threats to embedded systems, because of its effectiveness against zero-day attacks. Furthermore, it can generally mitigate attacks without the application of security patches. However, the combined resource requirements of the SELinux kernel, userland, and the security policy reduce the performance of resource-constrained embedded systems. SELinux requires tuning, and modified code should be provided to the open-source software (OSS) community to receive value from its ecosystem. In this paper, we propose an embedded SELinux with reduced resource requirements, using code modifications that are acceptable to the OSS community. Resource usage is reduced by employing three techniques. First, the Linux kernel is tuned to reduce CPU overhead and memory usage. Second, unnecessary code is removed from userland libraries and commands. Third, security policy size is reduced with a policy-writing tool. To facilitate acceptance by the OSS community, build flags can be used to bypass modified code, such that it will not affect existing features; moreover, side effects of the modified code are carefully measured. Embedded SELinux is evaluated using an evaluation board targeted for M2M gateway, and benchmark results show that its read/write overhead is almost negligible. SELinux's file space requirements are approximately 200Kbytes, and memory usage is approximately 500Kbytes; these account for approximately 1% of the evaluation board's respective flash ROM and RAM capacity . Moreover, the modifications did not result in any adverse side effects. The modified code was submitted to the OSS community along with the evaluation results, and was successfully merged into the community code.

Process Hiding by Virtual Machine Monitor for Attack Avoidance

As attacks to computers increase, protective software is developed. However, that software is still open to attacks by adversaries that disable its functionality. If that software is stopped or disabled, the risk of damage to the computer increases. Protections of that software are proposed however existing approaches are insufficient or cannot use those software without modification. To decrease the risk and to address these problems, this paper presents an attack avoidance method that hides process from adversaries who intend to terminate essential services. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems is unnecessary.

DiffHub: An Efficient Cloud Sync Technology based on Binary Diffs

Among several distinct kinds of syncing technology implemented in clouds today, none implement binary diffs for efficiency. Binary diffs are well established in literature and can be used to drastically reduce the bulk transferred over the network. Since most cloud technologies are distributed and depend on intensive internetworking, binary diffs can offer a considerable efficiency boost. This paper proposes the DiffHub method for cloud syncs. Its performance is analyzed separately on real filesystems and then on synthetic traces based on hotspot distributions. Results show that traffic bulk can be reduced by between 1 and 2 orders of magnitude, depending on conditions.

Automatic Generation of Photorealistic 3D Inner Mouth Animation only from Frontal Images

In this paper, we propose a novel method to generate highly photorealistic three-dimensional (3D) inner mouth animation that is well-fitted to an original ready-made speech animation using only frontal captured images and small-size databases. The algorithms are composed of quasi-3D model reconstruction and motion control of teeth and the tongue, and final compositing of photorealistic speech animation synthesis tailored to the original. In general, producing a satisfactory photorealistic appearance of the inner mouth that is synchronized with mouth movement is a very complicated and time-consuming task. This is because the tongue and mouth are too flexible and delicate to be modeled with the large number of meshes required. Therefore, in some cases, this process is omitted or replaced with a very simple generic model. Our proposed method, on the other hand, can automatically generate 3D inner mouth appearances by improving photorealism with only three inputs: an original tailor-made lip-sync animation, a single image of the speaker's teeth, and a syllabic decomposition of the desired speech. The key idea of our proposed method is to combine 3D reconstruction and simulation with two-dimensional (2D) image processing using only the above three inputs, as well as a tongue database and mouth database. The satisfactory performance of our proposed method is illustrated by the significant improvement in picture quality of several tailor-made animations to a degree nearly equivalent to that of camera-captured videos.

Sensor Number Reduction in Skeleton Estimation from Magnetic Motion Capture Data

In this paper, we try to reduce the number of sensors used in skeleton estimation from magnetic motion capture data. A disadvantage of limiting the subject's motion caused by wiring for sensors can thereby be reduced. We remove the sensors attached to the lower legs and forearms. The parameters related to non-sensor body segments are estimated based on the biomechanical structure of the human body. Experimental results showed that the parameters were properly estimated by the present method, even though the number of sensors was reduced.

Probabilistic Touchscreen Text Entry Method Incorporating Gaze Point Information

We propose a novel probabilistic text entry method that takes into account the influence of the distance between a gaze point and a touch position in order to improve typing efficiency. The proposed method dynamically changes the size of the search space for predicting candidate words based on a model that estimates the magnitude of touch position errors according to the distance between the gaze point and the touch position. This makes it easier for users to type intended words even when they glance at different areas on the screen. The performance of the method was evaluated in terms of input accuracy in total error rate (TER) and of typing speed in words per minute (WPM). The results showed that the proposed text entry method successfully reduced the TER by 19.4% and increased WPM by 12.3% compared to the conventional method.

Design and Implementation of a Java Bytecode Manipulation Library for Clojure

Recently, the Java Virtual Machine (JVM) has become widely used as a common execution platform for various applications. There is often the need to manipulate bytecodes at class-load time, particularly in application domains that demand dynamic modification of program behaviors. Whereas several bytecode manipulation tools for Java exist for implementing such behaviors, JVM is also the platform for various modern programming languages, and there is no need to write bytecode manipulation programs exclusively in Java. In this paper, we propose a novel bytecode manipulation library for Clojure, a Lisp dialect running on JVM. Our library is as expressive and flexible as ASM, the de facto standard bytecode manipulation tool in Java, while enabling more concise representation of typical manipulation cases. Our library works at class-load time as a series of rewrites of (parts of) the tree representing the target class file, basically in a similar way to Lisp's macro system. However, our library differs from Lisp's macro system in the following significant respects. First, instead of matching a single name against the first item of the target form (tree), our library matches a tree pattern against the target tree itself during macro expansion so that users can define rewriting rules for raw class files that cannot contain any special tags (names) for pattern matching. Furthermore, along with matching tree patterns, our library can extract any information from the static context easily and thus allows users to avoid cumbersome manual management of such information.

Relaxing Heavy Congestion by State Propagation

Interconnection network is still one of the most important key issues for building massively parallel computing systems. As a general characteristic, communication performance does not always increase as the size of network grows. Furthermore, large-scale networks suffer catastrophic performance degradation since speed of spread of congestion surpasses by far suppression speed. This paper focuses discussions on relaxation of congestion so that we can expect performance enhancement even in congested situations. This paper discusses dynamical behaviors, specifically in propagation of congestion states. When a receiver buffer becomes fully occupied, it inhibits the corresponding buffer from sending any packet to avoid loss of packet. Thus, a congested area propagates against packets' traveling direction. Based on the observation results, as the second issue of this paper, we propose a new throttling method, called State-Propagation Throttling (SPTh). The method can boost communication performance in many of typical traffic patterns in both steady and unsteady communication situations. Furthermore, this paper discusses extending the throttling method to prevent congestion from a proactive point of view. In steady communications, the proposed method improves throughput two times and latency four times. The method also improves performance of collective communication at most 1.8 times.