Journal of Information Processing 27 巻

EasyTrack: Zero-Calibration Smart-Home Tracking System

Location-based services in household enable not only estimating activities but also detecting the accident location of residents including children, parents and elderly people. Furthermore, home management systems make use of location information of residents for encouraging residents to live comfortably in their own homes. Passive infrared binary motion sensors are widely used in home tracking systems because of low energy consumption and flexibility on deployment. However, it's hard for non-specialists like residents to manage such location information of sensors which are very important for tracking systems. To mitigate human efforts and errors, we propose a sensor localization method to automatically identify the location of multiple binary motion sensors in a house from the observed motion detection event sequences by binary sensors. The method finds the movement patterns and characteristics of sojourn time of residents to identify the rooms where those sensors are located as well as the proximity relations among sensors assisted by prior knowledge such as from floorplan. The experimental results in actual houses show that our method can estimate the location of sensors placed close to the anchor locations within a one-day observation, and the accuracy of our approach is above 80% after three-day observation.

Student Log Analysis Functions for Web-based Programming Education Support Tool pgtracer

We are developing a programming education support tool pgtracer as a plug-in of well-known Web-based Learning Management System Moodle. Pgtracer provides fill-in-the-blank questions composed of a C++ program and a trace table to students. When a student answers a question by filling the blanks, pgtracer automatically collects student's answers, required time, evaluation result, etc. as student log. In this paper, we propose and evaluate seven analysis functions of the student log. The student log analysis functions are classified into the analysis functions of a student, those of a question, and those of an answering process. A teacher can analyze achievement level of the students and difficulty level of the problems utilizing the analysis functions. Some of the functions are also provided to the students as student feedback functions. We perform a preliminary evaluation of the analysis functions against two teachers teaching computer programming to demonstrate the usefulness of the proposed functions. We also perform an evaluation experiment at an actual class and demonstrate usability of the student feedback functions. The two teachers and more than 80% of the students positively appreciate the proposed functions through our survey evaluation.

Scope-aware Code Completion with Discriminative Modeling

Code completion is a traditional popular feature for API access in integrated development environments (IDEs). It not only frees programmers from remembering specific details about an API but also saves keystrokes and corrects typographical errors. Existing methods for code completion usually suggest APIs based on statistics in code bases described by language models. However, they neglect the fact that the user's input is also very useful for ranking, as the underlying patterns can be used to improve the accuracy of predictions of intended APIs. In this paper, we propose a novel method to improve the quality of code completion by incorporating the users' acronym-like input conventions and the APIs' scope context into a discriminative model. The users' input conventions are learned using a logistic regression model by extracting features from collected training data. The weights in the discriminative model are learned using a support vector machine (SVM). To improve the real-time efficiency of code completion, we employ a trie to index and store the scope context information. An efficient top-k algorithm is developed. Experiments show that our proposed method outperforms the baseline methods in terms of both effectiveness and efficiency.

Buffered Garbage Collection: An Approach to Collecting Self-Created Garbage Objects

This paper proposes a new garbage-collection (GC) algorithm, named buffered garbage collection. It allows customizing a garbage collector through computational self-reflection. Although self-reflection seems a promising approach, self-reflection has not been well investigated for garbage collection as far as we know. Our buffered garbage collector collects garbage objects while avoiding both infinite regression and unacceptable memory consumption. We implemented a Scheme-subset interpreter supporting buffered garbage collection and evaluated its memory efficiency.

Visualization of Counterexamples of Memory Model-aware Model Checking Using SPIN

In modern computer processors, the order of memory access instructions in a program (the “program order”) is not necessarily the same as the order in which the instructions are reflected in memory (the “memory order”). This means that the memory order has to be taken into account when verifying concurrent programs. We previously developed a library, MMLib, that facilitates model checking of programs by enabling the memory order to be taken into account when using the SPIN model checker. The input to SPIN is a model of the program written in Promela, an imperative style modeling language. When SPIN detects an error, it generates a trace of the execution path that led to the error. To determine what caused the error, the user has to understand this counterexample. However, counterexamples of models written using MMLib are difficult to understand because include internal MMLib execution steps, and the user has to interpret the internal data structures of MMLib to understand the memory order. We have now In this paper, we developed software for visualizing counterexamples of models written using MMLib. It visualizes execution of the model step by step along the path of the counterexample. It skips visualizing the internal MMLib steps and visualizes only the execution of each step corresponding to statement in the user model. It also highlights memory access instructions that have been executed but have not yet been reflected in memory. This makes users aware of when the memory order differs from the program order.

Stance Detection Attending External Knowledge from Wikipedia

This paper presents a novel approach to stance detection for unseen topics that takes advantage of external knowledge about the topics. We build a new stance detection dataset consisting of 6, 701 tweets on seven topics with associated Wikipedia articles. An analysis of this dataset confirms the necessity of external knowledge for this task. This paper also presents a method of extracting related concepts and events from Wikipedia articles. To incorporate this extracted knowledge into stance detection, we propose a novel neural network model that can attend to such related concepts and events when encoding the given text using bi-directional long short-term memories. Our experimental results demonstrate that the proposed method, using knowledge extracted from Wikipedia, can improve stance detection performance.

Efficiency Improvement in Group Signature Scheme with Probabilistic Revocation

In group signature schemes, one of the important issues is the member revocation, and lots of revocable schemes have been proposed. Recently, Group Signature scheme with Probabilistic Revocation (GSPR) is proposed. In GSPR, by employing a novel notion of probabilistic revocation, the computation cost of the revocation check is drastically reduced, although the correctness of the check is with a certain probability. However, in the GSPR scheme, there is another problem: m alias tokens are embedded into the certificate of a member. Then, in signing, each token is used, and O(m) exponentiations are needed to prove that the used token is embedded in the certificate. When m is large, this signing cost including O(m) exponentiations becomes a big problem for powerless mobile devices. In this paper, we propose an extended GSPR scheme where the signing cost is reduced, but the revocation mechanism is exactly the same as the original GSPR scheme. Our main idea is to utilize an efficient pairing-based accumulator with multiplications to embed lots of alias tokens in a certificate. Thus, in the proposed scheme, the signing cost is reduced to only O(m) multiplications instead of O(m) exponentiations.

Chosen Message Attack on Multivariate Signature ELSA at Asiacrypt 2017

One of the most efficient post-quantum signature schemes is Rainbow whose hardness is based on the multivariate quadratic polynomial (MQ) problem. ELSA, a new multivariate signature scheme proposed at Asiacrypt 2017, has a similar construction to Rainbow. Its advantages, compared to Rainbow, are its smaller secret key and faster signature generation. In addition, its existential unforgeability against an adaptive chosen-message attack has been proven under the hardness of the MQ-problem induced by a public key of ELSA with a specific parameter set in the random oracle model. The high efficiency of ELSA is derived from a set of hidden quadratic equations used in the process of signature generation. However, the hidden quadratic equations yield a vulnerability. In fact, a piece of information of these equations can be recovered by using valid signatures and an equivalent secret key can be partially recovered from it. In this paper, we describe how to recover an equivalent secret key of ELSA by a chosen message attack. Our experiments show that we can recover an equivalent secret key for the claimed 128-bit security parameter of ELSA on a standard PC in 177 seconds with 1,326 valid signatures.

Detecting Dynamic IP Addresses and Cloud Blocks Using the Sequential Characteristics of PTR Records

Malware-infected hosts are used to conduct many types of cyberattacks. Most of such malware-infected hosts are end-user devices such as PCs, mobile devices and Internet of Things (IoT) devices. In Internet protocol (IP), the IP addresses of most end users are dynamic IP addresses that are allocated by Internet service providers (ISPs). Some countermeasures against cyberattacks use IP addresses as unique indicators of infected hosts. However, due to certain configurations and policies of the particular ISP, the same dynamic IP address is not always reallocated to the same host. Therefore, the accurate detection of dynamic IP address blocks is necessary to take appropriate countermeasures against cyberattacks. Furthermore, attacks from hosts on a cloud block have been observed. A cloud block is defined as an IP address block used in cloud services. Cloud service administrators can take countermeasures against these attacks, such as restricting suspicious traffic and disabling the accounts of suspicious users. Thus, to implement such appropriate countermeasures, the detection of cloud blocks is also important. Using conventional methods, dynamic IP address blocks can be detected by matching a PTR record of the target IP address with predefined keywords that indicate dynamic allocation. However, these keywords do not always match the PTR records of dynamic IP addresses. On the contrary, they can also falsely match non-dynamic IP addresses. In this study, we propose a new method for detecting dynamic IP address blocks more accurately and with a greater coverage rate than conventional methods. Our method focuses on a unique feature of dynamic IP addresses, namely that the PTR records of dynamic IP address blocks are sequentially configured by network administrators. In cloud block detection, our method uses a unique feature of cloud blocks, namely that the users of a cloud service can manually configure the PTR records of the hosts on the cloud blocks. The performance of our method was validated through evaluation using real and manually labeled data. We found that many hosts with the dynamic IP addresses detected by our method send malicious traffic through validation using real traffic data collected in a large-scale darknet.

Detection Method of Homograph Internationalized Domain Names with OCR

Currently, many attacks are targeting legitimate domain names. In homograph attacks, attackers exploit human visual misrecognition, thereby leading users to visit different (fake) sites. These attacks involve the generation of new domain names that appear similar to an existing legitimate domain name by replacing several characters in the legitimate name with others that are visually similar. Specifically, internationalized domain names (IDNs), which may contain non-ASCII characters, can be used to generate/register many similar IDNs (homograph IDNs) for their application as phishing sites. A conventional method of detecting such homograph IDNs uses a predefined mapping between ASCII and similar non-ASCII characters. However, this approach has two major limitations: (1) it cannot detect homograph IDNs comprising characters that are not defined in the mapping and (2) the mapping must be manually updated. Herein, we propose a new method for detecting homograph IDNs using optical character recognition (OCR). By focusing on the idea that homograph IDNs are visually similar to legitimate domain names, we leverage OCR techniques to recognize such similarities automatically. Further, we compare our approach with a conventional method in evaluations employing 3.19 million real (registered) and 10, 000 malicious IDNs. Results reveal that our method can automatically detect homograph IDNs that cannot be detected when using the conventional approach.

Using Seq2Seq Model to Detect Infection Focusing on Behavioral Features of Processes

Sophisticated cyber-attacks intended to earn money or steal confidential information, such as targeted attacks, have become a serious problem. Such attacks often use specially crafted malware, which utilizes the art of hiding such as by process injection. Thus, preventing intrusion using conventional countermeasures is difficult, so a countermeasure needs to be developed that prevents attackers from reaching their ultimate goal. Therefore, we propose a method for estimating process maliciousness by focusing on process behavior. In our proposal, we first use one Seq2Seq model to extract a feature vector sequence from a process behavior log. Then, we use another Seq2Seq model to estimate the process maliciousness score by classifying the obtained feature vectors. By applying Seq2Seq models stepwise, our proposal can compress behavioral logs and extract abstracted behavioral features. We present an experimental evaluation using logs when actual malware is executed. The obtained results show that malicious processes are classified with a highest Areas Under the Curve (AUC) of 0.979 and 80% TPR even when the FPR is 1%. Furthermore, the results of an experiment using the logs when simulated attacks are executed show our proposal can detect unknown malicious processes that do not appear in training data.

Detecting Unseen Malicious VBA Macros with NLP Techniques

In recent years, the number of targeted email attacks which use Microsoft (MS) document files has been increasing. In particular, malicious VBA (Visual Basic for Applications) macros are often contained in the MS document files. Some researchers proposed methods to detect malicious MS document files. However, there are a few methods to analyze malicious macros themselves. This paper proposes a method to detect unseen malicious macros with the words extracted from the source code. Malicious macros tend to contain typical functions to download or execute the main body, and obfuscated strings such as encoded or divided characters. Our method represents feature vectors from the corpus with several NLP (Natural Language Processing) techniques. Our method then trains the extracted feature vectors and labels with basic classifiers, and the trained classifiers predict the labels from unseen macros. Experimental results show that our method can detect 89% of new malware families. The best F-measure achieves 0.93.

On Automation and Orchestration of an Initial Computer Security Incident Response by Introducing Centralized Incident Tracking System

A critical computer security incident may cause great damage to an organization for example by a confidential data breach or malware pandemic. In order to avoid or mitigate such damage, a quick and accurate response against a computer security incident is becoming more important. In order to realize these quickness and accuracy, this paper presents the Incident Tracking System (ITS) that orchestrates several information systems and automates an initial incident response. The ITS automatically locates and isolates a suspicious host, and sends a mail notification to the person in charge of handling an incident. The ITS can also identify or suggest a user of the suspicious host by network authentication logs or other service logs.

A Histogram and GLCM-based Approach for Image Copy-Move Forgery Detection

In this paper, a novel copy-move forgery detection (CMFD) method for the digital image using the histogram and GLCM-based rotation-invariant feature descriptor is proposed. In developing an efficient CMFD method, there are two fundamental challenges needed to be addressed: accuracy and processing time. To achieve this goal, a fast and straightforward histogram-based, and GLCM-based local features are combined to increase the uniqueness and accuracy of the detection while also maintaining the computational cost, resulting in relatively fast detection mechanism suitable for practical use. The detection mechanism, firstly, performs keypoint detection using SURF-based keypoint detection method. The local GLCM-based and histogram-based features for each block are then calculated and combined using the convolution method. All generated features are then sorted and compared. Finally, lines between matched features are drawn to express the relationship between the original and copy-move regions. Experimental results show that the proposed method outperforms some traditional methods in term of accuracy while also greatly reduces the computational complexity of the system compared to some existing techniques.

Integrative Acceleration of First-order Boolean Masking for Embedded IoT Devices

Physical attacks, especially side-channel attacks, are threats to IoT devices which are located everywhere in the field; and therefore, protecting such devices against side-channel attacks is one of our emerging issues. Toward that, Coron et al. gave an efficient arithmetic-to-Boolean mask conversion algorithm which enables us to protect cryptographic algorithms including arithmetic operations, such as hash functions, from the attacks. Recently, Biryukov et al. improved it by locally optimizing subroutines of the conversion algorithm. In this paper, we revisit the algorithm. Unlike Biryukov et al., we improve the Coron et al.'s algorithm with integrative optimizations over the subroutines. The gains against these algorithms are about 22.6% and 7.0% in the general setting. We also apply our algorithm to HMAC-SHA-1 and have an experiment to show that the implementation on a test vehicle smartcard leaks no sensitive information, i.e., secure against the first-order side-channel attack, with the ISO/IEC17825 test.

Understanding the Origins of Weak Cryptographic Algorithms Used for Signing Android Apps

Android applications are digitally signed using developers' signing keys. Since each key is associated with a developer, it can be used to establish trust between applications published by the author, i.e., apps signed with the same key are allowed to update themselves if package names are identical, or access each other's resources. However, if a signature is generated using a weak algorithm such as MD5, then apps signed with the corresponding key are exposed to several risks, such as hijacking apps with fake updates or granting permissions to a malicious app. In this work, we analyze several Android apps to identify the threats caused by using weak algorithms. Our study uncovered the following findings: Of the more than one million apps collected from Google Play, 223 and 52, 866 were digitally signed using the weak algorithms of 512-bit RSA key and MD5, respectively. We identified the causal mechanisms for generating certificates that employ weak algorithms, and found that these mechanisms can be attributed to app-building frameworks and online app-building services. On the basis of these findings, we provide guidelines for stakeholders of the Android app distribution ecosystem.

Chronological Analysis of Source Code Reuse Impact on Android Application Security

Application developers consider open discussion forum on software development such as question and answer (Q&A) forums to be very important. There are cases where snippets which are partial source code on such forums contains vulnerabilities, and application developers divert snippets without knowing it. Previous works were focused on security-related codes such as a TLS connection, and not on actual vulnerable codes that are used widely. Thus, a time series investigation on the spread of such codes has not been conducted. In this paper, a method that enables the chronological analysis of source code reuse is proposed. By determining source code reuse in applications, we can investigate the context using time information such as the respective publication dates and time, and clarify how many cases are not source code reuse. An evaluation of the proposed method is achieved using large-scale data which includes 527, 249 snippets of source code and 249, 987 applications. The result shows that the appearance rate of applications having the same code as the snippet has increased after the release of the snippet. Furthermore, experiments on extracting vulnerable snippets from all snippets show that vulnerable snippets often have a greater impact than the overall snippet trend.

Sensing and Changing Human Behavior for Workplace Wellness

Recently, companies have begun to care more about the well-being of their employees. With the spread of sensors, the Internet of Things, and artificial intelligence, the movement to build a better working environment by utilizing these technologies has been spreading. Especially, research on behavior that can change lifestyle habits is becoming popular. In this paper, we summarize workplace behavior research and projects for sensing and changing human behavior in a workplace and aim to improve the productivity and wellness of employees. Also, we introduce concepts for future workplaces and some of our related achievements. For physical state sensing, we have developed a continuous posture-sensing chair, which will soon be available commercially. For internal state sensing, we propose a method for estimating quality of life with wearable sensors. Our system have already achieved to estimate QoL (Quality of Life) around 90% with only 9 questions. In addition, we propose interactive digital signage to provide habit-changing reminders. Through one month experiment, we confirmed that our system can be feasible in daily life.

Towards Privacy-preserving Authenticated Disease Risk Queries

Recent improvement in genomic research is paving the way towards significant progress in diagnosis and treatment of diseases. A disease risk query returns the probability of a patient to develop a particular disease based on her genomic and clinical data. Despite various innovative prospects, frequent and ubiquitous usage of genomic data in medical tests and personalized medicine may cause various privacy threats like genetic discrimination, exposure of susceptibility to diseases, and revelation of genomic data of relatives. Another major concern is on ensuring the reliability of the genome data and the correctness of the computed disease risk, which is known as authentication. We develop a novel secret sharing approach to protect privacy of sensitive genomic and clinical data, disease markers, disease name, and the query answer while ensuring authenticated result of the disease risk query. In addition, we discuss the applicability of our approach in the field of personalized medicine. We perform a comprehensive security analysis for our system. Experiments with real datasets show that our approach for authenticated disease risk queries achieves a high level of privacy with reduced processing and storage overhead.

Revisiting the Robustness of Complex Networks against Random Node Removal

It is widely known that scale-free networks are robust against random node removal, which is one of major interesting findings in network science. This suggests that, for instance, communication networks such as the Internet is robust against random node failures caused by breakdowns and/or malicious attacks if their network topologies are scale-free networks. Generally, the ratio of failed devices (e.g., routers) to operational devices is not extremely high. In this paper, we revisit the robustness of complex networks against random node removal. Through simulations, we compare the robustness of scale-free and non-scale-free networks against random node removal as well as random edge removal. Our findings include that, contrary to common understanding, non-scale-free networks are more robust than scale-free networks except under extremely high node removal ratio. We also show that the robustness of non-scale-free networks can be further improved by bounding the minimum node degree of those networks.

Large-scale Certificate Management on Multi-tenant Web Servers

For large-scale certificate management of multi-tenant web servers, preloading numerous certificates for managing numerous hosts under the single server process results in increasing the required memory usage because of the respective page table entry manipulation, which might be a poor resource efficiency and a reduced capacity. To resolve this issue, we propose a method for dynamic loading of certificates bound to the hostnames found during the SSL/TLS handshake sequences without preloading, provided that the Server Name Indication (SNI) extension is available. We implemented the function of choosing the respective certificates with the ngx_mruby module, which extends web server functions using mruby with a small memory footprint while maintaining the execution speed. The proposed method was evaluated by a web hosting service employing the authors.

Design and Implementation of Superinstructions for JavaScript Virtual Machine Generation System for Embedded Systems eJSTK

Embedded systems generally have a small amount of memory and slow CPUs. Therefore it is desirable to increase the speed of JavaScript virtual machines (VMs) without increasing memory footprint. In this research, we introduce superinstructions, combinations of constant load instructions and arithmetic, logical, and relational (ALR) instructions to increase execution speed. Introducing superinstructions increases the size of a VM. Thus, we designed superinstructions so that they would share their implementation code with the ALR instructions, from which they are made. Furthermore, we simplified their type-based dispatching code through specialization to the datatypes of their constant operands. We developed a VM generator that creates VMs that have superinstructions in accordance with this approach and a compiler that compiles JavaScript programs using them.

BET Estimation on Power Saving by Intermittent Disabling Network Interface on Android

The large power consumption of smartphones is an important issue. Smartphone operating systems such as Android have a function that invokes an application without user's operation. That is, an application runs and may communicate using its network interface in the screen-off state without user's operation. This behavior consumes large batteries. Temporarily disabling its network interface is one of the promising methods for reducing power consumption in the screen-off state. Less power is consumed while its network interface is disabled, but processes of disabling and enabling its network interface consume battery. Therefore, it is necessary to keep the interface disabled for a sufficiently long period such that the power consumption decreased by disabling the network interface exceeds the power consumption increased by the transition process of disabling and enabling the interface. In this paper, we focus on a method of reducing power consumption in the screen-off state by repeating to disable and enable the network interface and discuss estimation of its Break-Even Time (BET) with which the sizes of increased and decreased power consumption are the same. We then propose two methods for estimating BET. One method estimates BET by integrating the electric current. The other method estimates it according to the average electric current. We evaluate the methods with practical applications and Android devices and show that the method based on the average electric current can estimate BET accurately. In the case of our experiments, the difference between the actual and estimated BETs was less than 16.4%.

HamoKara: A System that Enables Amateur Singers to Practice Backing Vocals for Karaoke

Creating harmony in karaoke by a lead vocalist and a backing vocalist is enjoyable, but backing vocals are not easy for non-advanced karaoke users. First, it is difficult to find musically appropriate submelodies (melodies for backing vocals). Second, the backing vocalist has to practice backing vocals in advance in order to play backing vocals accurately, because singing submelodies is often influenced by the singing of the main melody. In this paper, we propose a backing vocals practice system called HamoKara. This system automatically generates a submelody with a rule-based or probabilistic-model-based method, and provides users with an environment for practicing backing vocals. Users can check whether their pitch is correct through audio and visual feedback. Experimental results show that the generated submelodies are musically appropriate to some degree, and the system helped users to learn to sing submelodies to some extent.

Automatic Music Completion Based on Joint Optimization of Harmony Progression and Voicing

This paper proposes automatic music completion - the automatic generation of music pieces from any incomplete fragments of music - as a new class of music composition assistance tasks. This is a generalization of conventional music information problems such as automatic melody generation and harmonization. The goal is to turn musical ideas of a user into music pieces, allowing users to quickly explore new ideas and enabling inexperienced users to create their own music. This principle is applicable to a wide variety of music, and as a first step, we present a system that automatically fills in missing parts of a four-part chorale, as well as the underlying harmony progression. The user can input any combination of melody fragments, and freely constrain the harmony. Our system searches for harmonies and melodies that adhere to music-theoretical principles, which requires extensive knowledge and practice for human composers. Accounting for the mutual influence of melodic and harmonic development in music composition, the system is based on a joint model of harmony and voicing. The system was evaluated by analyzing generated music with respect to music theory, in addition to a subjective evaluation experiment. The readers are invited to experiment with our system at http://160.16.202.131/music_completion.

A Method to Reduce Transaction Time for Real-time IoT Applications

Due to the recent prevalence of IoT (Internet of Things) devices, streaming data such as video data or sensor data are collected and analyzed for real-time applications. The transaction time for data collection and analysis is one of the main factors to improve performance of some real-time IoT applications. For instance, in real-time surveillance camera systems, a shorter transaction time further reduces the delay to find thieves recorded by the cameras. However, computational and communication capacities of processing computers give lower limits to transaction time. To break this limitation, we propose an efficient data collection method using a progressive quality improvement approach. In our proposed method, each data source produces some content data of those qualities are lower than the quality of the original content data such as low resolution image data. Only the cases where higher quality data are needed for analyses, the processing computer progressively collects them. Thus, by reducing the average data amount of collections and for analyses, our proposed method reduces the average transaction time. We measured the transaction time of our proposed method in our developed simulator and confirmed that our proposed method can reduce the transaction time.

An Attempt to Read Network Traffic with Doc2vec

Detecting new malicious traffic is a challenging task. There are many behavior-based detection methods which extract the features of malicious traffic. However, many previous methods require knowledge of how to extract feature vectors. If attackers modify the attack techniques, these previous methods may have to extract new feature representation to detect them. To address this problem, neural networks can be applied to perform feature learning. Doc2vec is one of these models that learn fixed-length feature representation from variable-length documents and has been applied to proxy logs. However, some attackers still use protocols other than http or https. In this paper, we extend the previous method to a generic detection method which supports any protocol. The key idea of this research is reading network packets as a natural language. In our method, a protocol analyzer reads network packets, and summarizes the traffic. Our method extracts the feature representation from the summary with Doc2vec. We apply several classifiers to the automatically extracted feature representation, and classify traffic into benign and malicious traffic. In the fundamental experiment, the best F-measure achieves 0.98 in the timeline analysis and 0.97 in the cross-dataset validation. Furthermore, we generate imbalanced datasets which simulate actual network traffic. In the practical experiment, the best F-measure achieves 0.82 in the timeline analysis and 0.73 in the cross-dataset validation.

Context Style Explanation for Recommender Systems

Recommender systems support users by helping them choose items, and explanations for the recommendations further enhance such support. Previous explanation styles were based on information about users and items, such as the demographics of users and contents of items. Contexts, such as “usage scenarios” and “accompanying persons, ” have not been used for explanations, although they influence user's choice of items. In this paper, we propose a context style explanation method, presenting contexts suitable for consuming the recommended items. The expected impacts of context style explanations are as follows: 1) persuasiveness: recognition of a suitable context for usage motivates users to consume items, and 2) usefulness: envisioning a context helps users to make the right choices because the values of items depend on contexts. We evaluate the persuasiveness and usefulness of the context-style explanation by a crowdsourcing-based user study in a restaurant recommendation setting. The context style explanation is compared to the demographic and content style explanations. We also combine the context style and other explanation styles, confirming that hybrid styles improve the persuasiveness and usefulness of the explanation. Further, we investigate the personal preferences for explanation styles and reveal how gender and age relate to such preferences. The contributions of this paper are: the proposal of the novel context style explanation method, the demonstration of the persuasiveness and usefulness of the proposed method by a user study, and the findings of gender- and age-dependence of explanation style preferences.

An Effective Parameter-free Comparison of NGS Short Reads for Phylogeny Reconstruction

With the growth of the amount of genomic data generated from high-throughput sequencing, next-generation sequencing (NGS) has become the mainstream format for genome sequence data. NGS presents new challenges for many applications for genome sequence analysis. In sequence comparison applications, traditional multiple-sequence alignment approaches do not provide a solution for analyzing NGS data because of the short-read assembly and computational resource problems. Thus, alignment-free methods are more suitable for NGS data comparisons. Most of the alignment-free methods are based on the k-mer algorithm. However, the characteristics of NGS data make such k-mer-based methods suboptimal because the k parameter is a crucial factor in distance measurement and for the construction of phylogenetic trees. We propose an effective parameter-free comparison of NGS short reads, with the aim of eliminating the dependency on the k parameters. We compared the proposed method with existing methods, and the results show that the proposed method can measure accurate distances for the dataset without requiring any parameter.

Attitude Detection for One-Round Conversation: Jointly Extracting Target-Polarity Pairs

We tackle Attitude Detection, which we define as the task of extracting the replier's attitude, i.e., a target-polarity pair, from a given one-round conversation. While previous studies considered Target Extraction and Polarity Classification separately, we regard them as subtasks of Attitude Detection. Our experimental results show that treating the two subtasks independently is not the optimal solution for Attitude Detection, as achieving high performance in each subtask is not sufficient for obtaining correct target-polarity pairs. Our jointly trained model AD-NET substantially outperforms the separately trained models by alleviating the target-polarity mismatch problem. By employing pointer networks to consider the target extraction task a boundary prediction problem instead of a sequence labelling problem, the model obtained better performance and faster training/inference than LSTM and LSTM-CRF based models. Moreover, we proposed a method utilising the attitude detection model to improve retrieval-based chatbots by re-ranking the response candidates with attitude features. Human evaluation indicates that with attitude detection integrated, the new responses to the sampled queries are statistically significantly more consistent, coherent, engaging and informative than the original ones obtained from a commercial chatbot.

Time Series Link Prediction Using NMF

Data in many fields such as e-commerce, social networks, and web data can be modeled as bipartite graphs, where a node represents a person and/or an object and a link represents the relationship between people and/or objects. Since the relationships change with time, data mining techniques for time series graphs have been actively studied. In this paper, we study the problem of predicting links in the future graph from historical graphs. Although various studies have been carried out on link prediction, the prediction accuracy of existing methods is still low because it is difficult to capture continuous change with time. Therefore, we propose a new method that combines non-negative matrix factorization (NMF) and a time series data forecasting method. NMF extracts the latent features while the forecasting method captures and predicts the changes of the features with time. Our method can predict hidden links that do not appear in historical graphs. Our experiments with real datasets show that our method has a higher prediction accuracy compared to existing methods.

Helping Johnny to Search: Usable Encrypted Search on Webmail System

End-to-end encryption is becoming common in messaging applications. E-mail that is the one of most popular a messaging application has several standards and systems in its encryption. However, it is hard to say that e-mail encryption has spread enough. It has been pointed out that there are usability problems in message encryption. Even though various studies on message encryption and usability have been made, there is no study discussing utility function such as searching and sorting. In this paper, the search function is focused. We aim to investigate the usability problems on encrypted search. Therefore, a method that applies encrypted search transparently is proposed at first. The implementation of the proposed method is achieved using Google Chrome Extension for Gmail, and evaluation both performance and usability is conducted. We found that participants do not mind whether the search function is encrypted or not if both have almost identical UI and encrypted search operates at high speed.

A Demographic Perspective of Smartphone Security and Its Redesigned Notifications

Billions of smartphones, globally, are running out-of-date Operating Systems (OS) which make them vulnerable to cyberattacks. Behaviours of users in updating their OS vary between different geographic locations considering various demographic factors. For instance, developing countries have a very different stance compared to developed ones on how their users perceive device updates. To assert our claim, we first investigated security behaviours among different demographics in Japan and Tanzania. The results indicate that demographic factors such as culture, income, and geographic location highly impact behaviours of participants on OS updating. However, education and awareness do not seem to have significant impact on security behaviours. Consequently, insecure behaviours were equally exhibited among most participants regardless of their education levels or awareness. We also found that most participants do not update their application software on their smartphones despite being aware. Moreover, in the developing country settings, most participants tend to avoid certain security advice because they necessitate incurring data charges that take up a high percentage of their incomes. Then, we surveyed and evaluated the participants' preferences for different re-designed security notifications for improving update compliance. Finally, we propose color-coded fear-appeal designs for persuading users into updating their devices' application software.

The Effects of Nudging a Privacy Setting Suggestion Algorithm's Outputs on User Acceptability

In prior work, a machine learning approach was used to develop a suggestion system for 80 privacy settings, based on a limited sample of five user preferences. Such suggestion systems may help with the user-burden of preference selection. However, such a system may also be used by a malicious provider to manipulate users' preference selections through nudging the output of the algorithm. This paper reports an experiment with such manipulation to clarify the impact and users' resistance of or susceptibility to such manipulation. Users are shown to be highly accepting of suggestions, even where the suggestions are random (though less so than for nudged suggestions).

Understanding Attack Trends from Security Blog Posts Using Guided-topic Model

Organizations are plagued by sophisticated and diversified cyber attacks. In order to prevent such attacks, it is necessary to understand threat trends and to take measures to protect their assets. Security vendors publish reports which contain threat trends or analysis of malware. These reports are useful for help in responding to a cyber security incident. However, it is difficult to collect threat information from multiple sources such as security blog posts. In this paper, we propose a method to efficiently collect information from the relationship between words using SeededLDA. In our case studies, we visualize the relationship between the words from security blog posts which were published in 2017 by eight security vendors, and demonstrate how our method helps to understand threat trends in the IoT industry and financial institutions.

Solving String Constraints with Streaming String Transducers

We present a procedure to solve the satisfiability problem of string constraints consisting of (i) string concatenation and rational transductions of string variables restricted to be in the “straight-line” fragment, (ii) regular constraints to string variables, and (iii) integer constraints involving the length of string variables. We represent each atomic string constraint by a streaming string transducer. By the sequential composition of streaming string transducers, we obtain a single streaming string transducer. The input straight-line constraint is satisfiable if and only if the domain of the composed streaming string transducer is not empty. In addition, by calculating the Parikh image of the composed streaming string transducers, we can represent the constraints among the length of string variables as a semi-linear set. Then the integer constraints together with the Parikh image can be solved by existing SMT solvers. We have implemented this procedure and performed experiments on several string constraints. Our implementation is slower than other solvers for general cases but performs better for some special cases.

Time Segment Correction Method for Parallel Time Integration

Parallel time integration methods provide the time integral simulation with parallelism in time direction and enhance the performance of the applications on parallel machines. Many parallel time integration methods apply re-discretization with enlarged time step width to propagate prior time step information to later time steps with low calculation cost. However, this re-discretization tends to create an unstable time integral problem and causes the performance degradation depending on the length of the time step width. Therefore, we paid attention to the correction scheme involved in the (parallel) TP-EEC method that uses Jacobian matrices of original simulation problem to propagate the prior time step information to later time steps very quickly. This paper showed our parallel time integration approach using a correction method similar to the TP-EEC method, and proposed the efficient implementation methods with pipeplined coarse level correction. The performance results for simple non-linear time step simulation show our method performed well and was faster than other representative parallel time integration scheme.

QR Factorization of Block Low-rank Matrices with Weak Admissibility Condition

The QR factorization of a matrix is a fundamental operation in linear algebra and it is widely utilized in scientific simulations. Although the QR factorization requires a memory storage of O(N²) and the computational cost of O(N³), they can be reduced if the matrix could be approximated using low-rank structured matrices, such as hierarchical matrices (H-matrices). In this paper, we study the QR factorization based on the block low-rank (BLR-) matrix representation, which is a simplified variant of the H-matrix. We demonstrate how the BLR block size should be defined in such matrices and confirm that the memory and computational complexities of the BLR are O(N^1.5) and O(N²) when using an appropriate block size. Furthermore, using the simple structure of BLR-matrices, we also present a parallel algorithm for the QR factorization of BLR-matrices on distributed memory systems. In numerical experiments performed, we observe that the accuracy of the QR factorization is controllable by the accuracy of the BLR-matrix approximation of the original matrix. Finally, we verify that our algorithm enables us to perform the QR factorization of matrices of several hundred thousand N within a reasonable amount of time using moderate computer resources.

Parallelization of Matrix Partitioning in Construction of Hierarchical Matrices using Task Parallel Languages

A hierarchical matrix (H-matrix) is an approximated form that represents N × N correlations of N objects. H-matrix construction is achieved by partitioning a matrix into submatrices, followed by calculating the element values of these submatrices. This paper proposes implementations of matrix partitioning using task parallel languages, Cilk Plus and Tascell. Matrix partitioning is divided into two steps: cluster tree construction by dividing objects into clusters hierarchically, and block cluster tree construction by observing all cluster pairs at the same level of the cluster tree that satisfy an admissibility condition. As the two types of trees constructed and traversed in these steps are unpredictably unbalanced, it is expected that we can efficiently parallelize both these steps using task parallel languages. To obtain sufficient parallelism in the cluster tree construction, we not only execute recursive calls in parallel but also parallelize the inside of each recursive step. For the block cluster tree construction, we assigned each worker its own space so that the workers can store the cluster pairs without using locks. As a result, compared to a sequential implementation in C, we achieved up to an 11.5-fold speedup using Cilk Plus and a 12.6-fold speedup by Tascell for the cluster tree construction. For the block cluster tree construction, up to a 37.7-fold speedup by Cilk Plus and a 38.8-fold speedup using Tascell are achieved. In regard to the entire process of matrix partitioning, we achieved up to a 12.2-fold speedup by Cilk Plus and a 14.5-fold speedup using Tascell. All experiments were executed on two 18-core Xeon processors with real datasets to generate coefficient matrices used in the surface charge method.