Vol. 43, No. 11,
Nov. 2016
Digital Library
An Effective Technique for Detecting Vulnerabilities in Android Device Drivers
Android- and Linux-based embedded systems require device drivers, which are structured and built in kernel functions. However, device driver software (firmware) provided by various 3rd parties is not usually checked in terms of their security requirements but is simply included in the final products, that is, Android-based smart phones. In addition, static analysis, which is generally used to detect vulnerabilities, may result in extra cost to detect critical security issues such as privilege escalation due to its large proportion of false positive results. In this paper, we propose and evaluate an effective technique to detect vulnerabilities in Android device drivers using both static and dynamic analyses.
Hybrid Recommendation System of Qualitative Information Based on Content Similarity and Social Affinity Analysis
Recommendation systems play a significant role in providing personalized information to users, with enhanced satisfaction and reduced information overload. Since the mid-1990s, many studies have been conducted on recommendation systems, but few have examined the recommendations of information from people in the online social networking environment. In this paper, we present a hybrid recommendation method that combines both the traditional system of content-based techniques to improve specialization, and the recently developed system of social network-based techniques to best overcome a few limitations of the traditional techniques, such as the cold-start problem. By suggesting a state-of-the-art method, this research will help users in online social networks view more personalized information with less effort than before.
Analysis System for SNS Issues per Country based on Topic Model
As the use of SNS continues to increase, various related studies have been conducted. According to the effectiveness of the topic model for existing theme extraction, a huge number of related research studies on topic model based analysis have been introduced. In this research, we suggested an automation system to analyze topics of each country and its distribution in twitter by combining world map visualization and issue matching method. The core system components are the following three modules; 1) collection of tweets and classification by nation, 2) extraction of topics and distribution by country based on topic model algorithm, and 3) visualization of topics and distribution based on Google geochart. In experiments with USA and UK, we could find issues of the two nations and how they changed. Based on these results, we could analyze the differences of each nation"s position on ISIS problem.
Feature Extraction to Detect Hoax Articles
Readership of online newspapers has grown with the proliferation of smart devices. However, fierce competition between Internet newspaper companies has resulted in a large increase in the number of hoax articles. Hoax articles are those where the title does not convey the content of the main story, and this gives readers the wrong information about the contents. We note that the hoax articles have certain characteristics, such as unnecessary celebrity quotations, mismatch in the title and content, or incomplete sentences. Based on these, we extract and validate features to identify hoax articles. We build a large-scale training dataset by analyzing text keywords in replies to articles and thus extracted five effective features. We evaluate the performance of the support vector machine classifier on the extracted features, and a 92% accuracy is observed in our validation set. In addition, we also present a selective bigram model to measure the consistency between the title and content, which can be effectively used to analyze short texts in general.
An Analysis of the Overhead of Multiple Buffer Pool Scheme on InnoDB-based Database Management Systems
Yongju Song, Minho Lee, Young Ik Eom
The advent of large-scale web services has resulted in gradual increase in the amount of data used in those services. These big data are managed efficiently by DBMS such as MySQL and MariaDB, which use InnoDB engine as their storage engine, since InnoDB guarantees ACID and is suitable for handling large-scale data. To improve I/O performance, InnoDB caches data and index of its database through a buffer pool. It also supports multiple buffer pools to mitigate lock contentions. However, the multiple buffer pool scheme leads to the additional data consistency overhead. In this paper, we analyze the overhead of the multiple buffer pool scheme. In our experimental results, although multiple buffer pool scheme mitigates the lock contention by up to 46.3%, throughput of DMBS is significantly degraded by up to 50.6% due to increased disk I/O and fsync calls.
An SDN-based Bandwidth Control Scheme considering Traffic Variation in the Virtualized WLAN Environment
A virtual network technology can provide a network reflecting the requirements of various services. The virtual network can distribute resources of the physical network to each virtual slice. An efficient resource distribution technique is needed to reflect the requirements of various services. Existing bandwidth distribution techniques can only control downlink traffic without taking traffic conditions on the network into account. Downlink and uplink share the same resources in a wireless network. The existing bandwidth distribution techniques assumed that all stations generate saturated traffic. Therefore, the existing bandwidth distribution technique cannot make traffic isolation in a virtual wireless network. In this paper, we proposed a traffic-based bandwidth control techniques to solve these problems. We applied Software-Defined Networking(SDN) to the virtual wireless network, monitored the traffic at each station, and searched for stations that generated unsaturated traffic. We also controlled both uplink and downlink traffics dynamically based on monitoring information. Our system can be implemented with legasy 802.11 clients and SDN-enabled APs. After the actual test bed configuration, it was compared to existing techniques. As a result, the distribution performance of the proposed technique was improved by 14% in maximum.
A Route Repair Scheme for Reducing DIO Poisoning Overhead in RPL-based IoT Networks
In the IoT network environments for LLNs(Low power and Lossy networks), IPv6 Routing Protocol for Low Power and Lossy networks(RPL) has been proposed by IETF(Internet Engineering Task Force). The goal of RPL is to create a directed acyclic graph, without loops. As recommended by the IETF standard, RPL route recovery mechanisms in the event of a failure of a node should avoid loop, loop detection, DIO Poisoning. In this process, route recovery time and control message might be increased in the sub-tree because of the repeated route search. In this paper, we suggested RPL route recovery method to solve the routing overhead problem in the sub-tree during a loss of a link in the RPL routing protocol based on IoT wireless networks. The proposed method improved local repair process by utilizing a route that could not be selected as the preferred existing parents. This reduced the traffic control packet, especially in the disconnected node’s sub tree. It also resulted in a quick recovery. Our simulation results showed that the proposed RPL local repair reduced the recovery time and the traffic of control packets of RPL. According to our experiment results, the proposed method improved the recovery performance of RPL.
Analysis of Research Trend and Performance Comparison on Message Authentication Code
Cryptographic technologies providing confidentiality and integrity such as encryption algorithms and message authentication codes (MACs) are necessary for preventing security threats in the Internet of Things (IoT) where various kinds of devices are interconnected. As a number of encryption schemes that have passed security verification are not necessarily suitable for low-power and low-performance IoT devices, various lightweight cryptographic schemes have been proposed. However, a study of lightweight MACs is not sufficient in comparison to that of lightweight block ciphers. Therefore, in this paper, we reviewed various kinds of MACs for their classification and analysis and then, we presented a new way for future MAC development. We also implemented major MAC algorithms and performed experiments to investigate their performance degradation on low-end micro-controllers.
Continuous-authentication Method based on the Risk Profile associated with Context-awareness to Lock Smart Devices
In order to block the access of the information in the smartphone of a user by other users, it is checked if the current user is the owner or not in the smartphone authentication process, whenever a user begins to use a smartphone. This makes smartphone users in front of frequent smartphone authentications, which leads significant inconvenience to them. Because of such inconvenience, users tend not to use the smartphone authentication anymore. Finally, their smartphones become very vulnerable against malicious access. This paper proposes a progressive authentication method on the android-platform in order to solve the problem described above. With the proposed method, smartphones can identify relevant risks based on users" past experiences and determine whether an authentication is needed. Because authentication occurs only when the identified risk level is high, it can achieve both a high-level of security in the high-level risk situation and user convenience in the low-level risk situation.
Value Weighted Regularized Logistic Regression Model
Logistic regression is widely used for predicting and estimating the relationship among variables. We propose a new logistic regression model, the value weighted logistic regression, which comprises of a fine-grained weighting method, and assigns adapted weights to each feature value. This gradient approach obtains the optimal weights of feature values. Experiments were conducted on several data sets from the UCI machine learning repository, and the results revealed that the proposed method achieves meaningful improvement in the prediction accuracy.
An Efficient String Similarity Search Technique based on Generating Inverted Lists of Variable-Length Grams
Existing techniques for string similarity search first generate a set of candidate strings and then verify the candidates. The efficiency of string similarity search is highly dependent on candidate generation methods. State of the art techniques select fixed length q-grams from a query string and generate candidates using inverted lists of the selected q-grams. In this paper, we propose a technique to generate candidates using variable length grams of a query string and develop a dynamic programming algorithm that selects an optimal combination of variable length grams from a query string. Experimental results show that the proposed technique improves the performance of string similarity search compared with the existing techniques.
A Personal Video Event Classification Method based on Multi-Modalities by DNN-Learning
In recent years, personal videos have seen a tremendous growth due to the substantial increase in the use of smart devices and networking services in which users create and share video content easily without many restrictions. However, taking both into account would significantly improve event detection performance because videos generally have multiple modalities and the frame data in video varies at different time points. This paper proposes an event detection method. In this method, high-level features are first extracted from multiple modalities in the videos, and the features are rearranged according to time sequence. Then the association of the modalities is learned by means of DNN to produce a personal video event detector. In our proposed method, audio and image data are first synchronized and then extracted. Then, the result is input into GoogLeNet as well as Multi-Layer Perceptron (MLP) to extract high-level features. The results are then re-arranged in time sequence, and every video is processed to extract one feature each for training by means of DNN.
Human Visual System-Aware and Low-Power Histogram Specification and Its Automation for TFT-LCDs
Backlight has a major factor in power consumption of TFT-LCDs which are most popular in portable devices. There have been a lot of attempts to achieve power savings by backlight dimming. At the same time, the researches have shown image compensation due to decreased brightness of a displayed image. However, existing image compensation methods such as histogram equalization have some limits in completely satisfying the human visual system (HVS)-awareness. This paper proposes an enhanced dimming technique to obtain both power saving and HVS-awareness by combining pixel compensation and histogram specification for TFT-LCDs. This method executes a search algorithm and an automation algorithm employing simplified calculations for fast image processing. Experimental results showed that the proposed method achieved significant improvement in visual satisfaction per power saving over existing backlight dimming.
Finger-Touch based Hangul Input Interface for Usability Enhancement among Visually Impaired Individuals
Seung-Shik Kang, Yoon-Seung Choi
Virtual Hangul keyboards like Chun-Ji-In, Narat-Gul, and QWERTY are based on eyesight recognition, in which input letter positions are fixed in the smartphone environment. The input method of a fixed-position style is not very convenient for visually impaired individuals. In order to resolve the issue of inconvenience of the Hangul input system, we propose a new paradigm of the finger-touch based Hangul input system that does not need eyesight recognition of input buttons. For the convenience of learning the touch-motion based keyboard, finger touches are designed by considering the shape and frequencies of Hangul vowels and consonants together with the preference of fingers. The base position is decided by the first touch of the screen, and the finger-touch keyboard is used in the same way for all the other touch-style devices, regardless of the differences in size and operation system. In this input method, unique finger-touch motions are assigned for Hangul letters that significantly reduce the input errors.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr