2013-2014 IEEE JAVA Project List With Abstract

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.
com
IEEE 2012-13 JAVA/ J2EE TITLES

CLOUD COMPUTING
1.A Stochastic Model to Investigate Data Center Performance and QoS
in IaaS Cloud Computing Systems
Abstract:
Cloud data center management is a key problem due to the numerous and
heterogeneous strategies that can be applied, ranging from the VM
placement to the federation with other clouds. Performance evaluation of
Cloud Computing infrastructures is required to predict and quantify the
cost-benefit of a strategy portfolio and the corresponding Quality of
Service (QoS) experienced by users. Such analyses are not feasible by
simulation or on-the-field experimentation, due to the great number of
parameters that have to be investigated. In this paper, we present an
analytical model, based on Stochastic Reward Nets (SRNs), that is both
scalable to model systems composed of thousands of resources and
flexible to represent different policies and cloud-specific strategies.
Several performance metrics are defined and evaluated to analyze the
behavior of a Cloud data center: utilization, availability, waiting time, and
responsiveness. A resiliency analysis is also provided to take into account
load bursts. Finally, a general approach is presented that, starting from the
concept of system capacity, can help system managers to opportunely set
the data center parameters under different working conditions.
2.CloudMoV: Cloud-based Mobile Social TV

Mindsoft: 2nd Floor, 2nd Main, Service Road, Vijayanagara, Bangalore-40.
Landmark: Near Hotel New Santhi Sagar or BSVP School
Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com
Abstract:
The rapidly increasing power of personal mobile devices (smart phones,
tablets, etc.) is providing much richer contents and social interactions to
users on the move. This trend however is throttled by the limited battery
lifetime of mobile devices and unstable wireless connectivity, making the
highest possible quality of service experienced by mobile users not
feasible. The recent cloud computing technology, with its rich resources
to compensate for the limitations of mobile devices and connections, can
potentially provide an ideal platform to support the desired mobile
services. Tough challenges arise on how to effectively exploit cloud
resources to facilitate mobile services, especially those with stringent
interaction delay requirements. In this paper, we propose the design of a
Cloud-based, novel Mobile social TV system (CloudMoV). The system
effectively
utilizes
both
PaaS
(Platform-as-a-Service)
and
IaaS
(Infrastructure-as-a- Service) cloud services to offer the living-room

experience of video watching to a group of disparate mobile users who
can interact socially while sharing the video. To guarantee good
streaming quality as experienced by the mobile users with time varying
wireless connectivity, we employ a surrogate for each user in the IaaS
cloud for video downloading and social exchanges on behalf of the user.
The surrogate performs efficient stream transcoding that matches the
current connectivity quality of the mobile user. Given the battery life as a
key performance bottleneck, we advocate the use of burst transmission
from the surrogates to the mobile users, and carefully decide the burst
size which can lead to high energy efficiency and streaming quality.
Social interactions among the users, in terms of spontaneous textual
exchanges, are effectively achieved by efficient designs of data storage
with Big Table and dynamic handling of large volumes of concurrent
messages in a typical PaaS cloud. These various designs for flexible
transcoding capabilities, battery efficiency of mobile devices and

spontaneous social interactivity together provide an ideal platform for
mobile social TV services. We have implemented CloudMoV on Amazon
EC2 and Google App Engine and verified its superior performance based
on real world experiments.
3.Dynamic Resource Allocation Using Virtual Machines for Cloud
Computing Environment
Abstract:
Cloud computing allows business customers to scale up and down their
resource usage based on needs. Many of the touted gains in the cloud
model
come
from
resource
multiplexing
through
virtualization
technology. In this paper, we present a system that uses virtualization

technology to allocate data center resources dynamically based on
application demands and support green computing by optimizing the
number of servers in use. We introduce the concept of skewness to
measure the unevenness in the multidimensional resource utilization of a
server. By minimizing skewness, we can combine different types of
workloads nicely and improve the overall utilization of server resources.
We develop a set of heuristics that prevent overload in the system
effectively while saving energy used. Trace driven simulation and
experiment results demonstrate that our algorithm achieves good
performance.
4.Error-Tolerant Resource Allocation and Payment Minimization for

Cloud System
Abstract:
virtual machine (VM) technology being increasingly mature, compute
resources in cloud systems can be partitioned in fine granularity and
allocated on demand. We make three contributions in this paper: 1) we
formulate a deadline-driven resource allocation problem based on the
cloud environment facilitated with VM resource isolation technology, and
also propose a novel solution with polynomial time, which could
minimize users payment in terms of their expected deadlines. 2) By
analyzing the upper bound of task execution length based on the possibly
inaccurate workload prediction, we further propose an error-tolerant
method to guarantee tasks completion within its deadline. 3) We validate
its effectiveness over a real VM-facilitated cluster environment under
different levels of competition. In our experiment, by tuning algorithmic
input deadline based on our derived bound, task execution length can
always be limited within its deadline in the sufficient-supply situation; the
mean execution length still keeps 70 percent as high as user specified
deadline under the severe competition. Under the original-deadline-based
solution, about 52.5 percent of tasks are completed within 0.95-1.0 as
high as their deadline, which still conforms to the deadline-guaranteed
requirement. Only 20 percent of tasks violate deadlines, yet most (17.5
percent) are still finished within 1.05 times of deadlines.
5.Harnessing the Cloud for Securely Outsourcing Large-Scale Systems

of Linear Equations
Abstract:
Cloud computing economically enables customers with limited
computational resources to outsource large-scale computations to the
cloud. However, how to protect customers confidential data involved in
the computations then becomes a major security concern. In this paper,
we present a secure outsourcing mechanism for solving large-scale
systems of linear equations (LE) in cloud. Because applying traditional
approaches like Gaussian elimination or LU decomposition (aka. direct
method) to such large- scale LEs would be prohibitively expensive, we
build the secure LE outsourcing mechanism via a completely different
approachiterative method, which is much easier to implement in
practice and only demands relatively simpler matrix-vector operations.
Specifically, our mechanism enables a customer to securely harness the
cloud for iteratively finding successive approximations to the LE
solution, while keeping both the sensitive input and output of the
computation private. For robust cheating detection, we further explore the
algebraic property of matrix-vector operations and propose an efficient
result verification mechanism, which allows the customer to verify all
answers received from previous iterative approximations in one batch
with high probability. Thorough security analysis and prototype
experiments on Amazon EC2 demonstrate the validity and practicality of
our proposed design.
6.Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the

Cloud
Abstract:
Cloud computing provides an economical and efficient solution for
sharing group resource among cloud users. Unfortunately, sharing data in
a multi-owner manner while preserving data and identity privacy from an
untrusted cloud is still a challenging issue, due to the frequent change of
the membership. In this paper, we propose a secure multi owner data
sharing scheme, named Mona, for dynamic groups in the cloud. By
leveraging group signature and dynamic broadcast encryption techniques,
any cloud user can anonymously share data with others. Meanwhile, the
storage overhead and encryption computation cost of our scheme are
independent with the number of revoked users. In addition, we analyze
the security of our scheme with rigorous proofs, and demonstrate the
efficiency of our scheme in experiments.
7.PACK: Prediction-Based Cloud Bandwidth and Cost Reduction
System
Abstract:
In this paper, we present PACK (Predictive ACKs), a novel end-to-end
traffic redundancy elimination (TRE) system, designed for cloud
computing customers. Cloud-based TRE needs to apply a judicious use of
cloud resources so that the bandwidth cost reduction combined with the
additional cost of TRE computation and storage would be optimized.
PACKs main advantage is its capability of offloading the cloud-server
TRE effort to end clients, thus minimizing the processing costs induced
by the TRE algorithm. Unlike previous solutions, PACK does not require
the server to continuously maintain clients status. This makes PACK
very suitable for pervasive computation environments that combine client
mobility and server migration to maintain cloud elasticity. PACK is based
on a novel TRE technique, which allows the client to use newly received
chunks to identify previously received chunk chains, which in turn can be

used as reliable predictors to future transmitted chunks. We present a
fully functional PACK implementation, transparent to all TCP-based
applications and network devices. Finally, we analyze PACK benefits for
cloud users, using traffic traces from various sources.
8.Privacy-Preserving Public Auditing for Secure Cloud Storage
Abstract:
Using cloud storage, users can remotely store their data and enjoy the ondemand high-quality applications and services from a shared pool of
configurable computing resources, without the burden of local data
storage and maintenance. However, the fact that users no longer have
physical possession of the outsourced data makes the data integrity
protection in cloud computing a formidable task, especially for users with
constrained computing resources. Moreover, users should be able to just
use the cloud storage as if it is local, without worrying about the need to
verify its integrity. Thus, enabling public auditability for cloud storage is
of critical importance so that users can resort to a third-party auditor
(TPA) to check the integrity of outsourced data and be worry free. To
securely introduce an effective TPA, the auditing process should bring in
no new vulnerabilities toward user data privacy, and introduce no
additional online burden to user. In this paper, we propose a secure cloud
storage system supporting privacy-preserving public auditing. We further
extend our result to enable the TPA to perform audits for multiple users
simultaneously and efficiently. Extensive security and performance
analysis show the proposed schemes are provably secure and highly
efficient. Our preliminary experiment conducted on Amazon EC2
instance further demonstrates the fast performance of the design.
9.Scalable and Secure Sharing of Personal Health Records in Cloud

Computing Using Attribute-Based Encryption
Abstract:
Personal health record (PHR) is an emerging patient-centric model of
health information exchange, which is often outsourced to be stored at a
third party, such as cloud providers. However, there have been wide
privacy concerns as personal health information could be exposed to
those third party servers and to unauthorized parties. To assure the
patients control over access to their own PHRs, it is a promising method
to encrypt the PHRs before outsourcing. Yet, issues such as risks of
privacy exposure, scalability in key management, flexible access, and
efficient user revocation, have remained the most important challenges
toward achieving fine-grained, cryptographically enforced data access
control. In this paper, we propose a novel patient-centric framework and a
suite of mechanisms for data access control to PHRs stored in semitrusted
servers. To achieve fine-grained and scalable data access control for
PHRs, we leverage attribute-based encryption (ABE) techniques to
encrypt each patients PHR file. Different from previous works in secure
data outsourcing, we focus on the multiple data owner scenario, and
divide the users in the PHR system into multiple security domains that
greatly reduces the key management complexity for owners and users. A
high degree of patient privacy is guaranteed simultaneously by exploiting
multiauthority ABE. Our scheme also enables dynamic modification of
access policies or file attributes, supports efficient on-demand
user/attribute revocation and break-glass access under emergency
scenarios. Extensive analytical and experimental results are presented

which show the security, scalability, and efficiency of our proposed

scheme.
10.Enabling Dynamic Data and Indirect Mutual Trust for Cloud
Computing Storage Systems
Abstract:
Storage-as-a-Service offered by cloud service providers (CSPs) is a paid
facility that enables organizations to outsource their sensitive data to be
stored on remote servers. In this paper, we propose a cloud-based storage
scheme that allows the data owner to benefit from the facilities offered by
the CSP and enables indirect mutual trust between them. The proposed
scheme has four important features: (i) it allows the owner to outsource
sensitive data to a CSP, and perform full block-level dynamic operations
on the outsourced data, i.e., block modification, insertion, deletion, and
append, (ii) it ensures that authorized users (i.e., those who have the right
to access the owners file) receive the latest version of the outsourced
data, (iii) it enables indirect mutual trust between the owner and the CSP,
and (iv) it allows the owner to grant or revoke access to the outsourced
data. We discuss the security issues of the proposed scheme. Besides, we
justify its performance through theoretical analysis and a prototype
implementation on Amazon cloud platform to evaluate storage,
communication, and computation overheads.
11.A Load Balancing Model Based on Cloud Partitioning for the Public
Cloud
Abstract:
Load balancing in the cloud computing environment has an important

impact on the performance. Good load balancing makes cloud computing
more efficient and improves user satisfaction. This article introduces a
better load balance model for the public cloud based on the cloud
partitioning concept with a switch mechanism to choose different
strategies for different situations. The algorithm applies the game theory
to the load balancing strategy to improve the efficiency in the public
cloud environment.
12.Load Rebalancing for Distributed File Systems in Clouds
Abstract:
Distributed file systems are key building blocks for cloud computing
applications based on the MapReduce programming paradigm. In such
file systems, nodes simultaneously serve computing and storage
functions; a file is partitioned into a number of chunks allocated in
distinct nodes so that MapReduce tasks can be performed in parallel over
the nodes. However, in a cloud computing environment, failure is the
norm, and nodes may be upgraded, replaced, and added in the system.
Files can also be dynamically created, deleted, and appended. This results
in load imbalance in a distributed file system; that is, the file chunks are
not distributed as uniformly as possible among the nodes. Emerging
distributed file systems in production systems strongly depend on a
central node for chunk reallocation. This dependence is clearly inadequate
in a large-scale, failure-prone environment because the central load
balancer is put under considerable workload that is linearly scaled with
the system size, and may thus become the performance bottleneck and the
single point of failure. In this paper, a fully distributed load rebalancing
algorithm is presented to cope with the load imbalance problem. Our
algorithm is compared against a centralized approach in a production

system and a competing distributed solution presented in the literature.
The simulation results indicate that our proposal is comparable with the
existing centralized approach and considerably outperforms the prior
distributed algorithm in terms of load imbalance factor, movement cost,
and algorithmic overhead. The performance of our proposal implemented
in the Hadoop distributed file system is further investigated in a cluster
environment.
13.Optimizing Cloud Resources for Delivering IPTV Services Through
Virtualization
Abstract:
Virtualized cloud-based services can take advantage of statistical
multiplexing across applications to yield significant cost savings.
However, achieving similar savings with real-time services can be a
challenge. In this paper, we seek to lower a providers costs for real-time
IPTV services through a virtualized IPTV architecture and through
intelligent time-shifting of selected services. Using Live TV and Videoon-Demand (VoD) as examples, we show that we can take advantage of
the different deadlines associated with each service to effectively
multiplex these services. We provide a generalized framework for
computing the amount of resources needed to support multiple services,
without missing the deadline for any service.We construct the problem as
an optimization formulation that uses a generic cost function. We
consider multiple forms for the cost function (e.g., maximum, convex and
concave functions) reflecting the cost of providing the service. The
solution to this formulation gives the number of servers needed at
different time instants to support these services. We implement a simple
mechanism for time-shifting scheduled jobs in a simulator and study the

reduction in server load using real traces from an operational IPTV
network. Our results show that we are able to reduce the load by
(compared to a possible as predicted by the optimization framework).
14.Privacy Preserving Delegated Access Control in Public Clouds
Abstract:
Current approaches to enforce fine-grained access control on confidential
data hosted in the cloud are based on fine-grained encryption of the data.
Under such approaches, data owners are in charge of encrypting the data
before uploading them on the cloud and re-encrypting the data whenever
user credentials change. Data owners thus incur high communication and
computation costs. A better approach should delegate the enforcement
offline-grained access control to the cloud, so to minimize the overhead at
the data owners, while assuring data confidentiality from the cloud. We
propose an approach, based on two layers of encryption that addresses
such requirement. Under our approach, the data owner performs a coarsegrained encryption, whereas the cloud performs a fine-grained encryption
on top of the owner encrypted data. A challenging issue is how to
decompose access control policies (ACPs) such that the two layer
encryption can be performed. We show that this problem is NP-complete
and propose novel optimization algorithms. We utilize an efficient group
key management scheme that supports expressive ACPs. Our system
assures the confidentiality of the data and preserves the privacy of users
from the cloud while delegating most of the access control enforcement
to the cloud.
15.Attribute-Based Encryption With Verifiable Outsourced Decryption
Abstract:
Attribute-based encryption (ABE) is a public-keybased one-to-many

encryption that allows users to encrypt and decrypt data based on user
attributes. A promising application of ABE is flexible access control of
encrypted data stored in the cloud, using access polices and ascribed
attributes associated with private keys and ciphertexts.One of themain
efficiency drawbacks of the existing ABE schemes is that decryption
involves expensive pairing operations and the number of such operations
grows with the complexity of the access policy. Recently, Green et al.
proposed an ABE system with outsourced decryption that largely
eliminates the decryption overhead for users. In such a system, a user
provides an untrusted server, say a cloud service provider, with a
transformation key that allows the cloud to translate any ABE ciphertext
satisfied by that users attributes or access policy into a simple ciphertext,
and it only incurs a small computational overhead for the user to recover
the plaintext from the transformed ciphertext. Security of an ABE system
with outsourced decryption ensures that an adversary (including a
malicious cloud) will not be able to learn anything about the encrypted
message; however, it does not guarantee the correctness of the
transformation done by the cloud. In this paper, we consider a new
requirement of ABE with outsourced decryption: verifiability. Informally,
verifiability guarantees that a user can efficiently check if the
transformation is done correctly. We give the formal model of ABE with
verifiable outsourced decryption and propose a concrete scheme. We
prove that our new scheme is both secure and verifiable, without relying
on random oracles. Finally, we show an implementation of our scheme
and result of performance measurements, which indicates a significant
reduction on computing resources imposed on users.

16.A Secure Erasure Code-Based Cloud Storage System with Secure

Data Forwarding
Abstract:
A cloud storage system, consisting of a collection of storage servers,
provides long-term storage services over the Internet. Storing data in a
third
partys cloud
system
causes
serious
concern over
data
confidentiality. General encryption schemes protect data confidentiality,

but also limit the functionality of the storage system because a few
operations are supported over encrypted data. Constructing a secure
storage system that supports multiple functions is challenging when the
storage system is distributed and has no central authority. We propose a
threshold proxy re-encryption scheme and integrate it with a
decentralized erasure code such that a secure distributed storage system is
formulated. The distributed storage system not only supports secure and
robust data storage and retrieval, but also lets a user forward his data in
the storage servers to another user without retrieving the data back. The
main technical contribution is that the proxy re-encryption scheme
supports encoding operations over encrypted messages as well as
forwarding operations over encoded and encrypted messages. Our method
fully integrates encrypting, encoding, and forwarding. We analyze and
suggest suitable parameters for the number of copies of a message
dispatched to storage servers and the number of storage servers queried
by a key server. These parameters allow more flexible adjustment
between the number of storage servers and robustness.
17.Cloud Computing Security: From Single to Multi-Clouds
Abstract:
The use of cloud computing has increased rapidly in many organizations.

Cloud computing provides many benefits in terms of low cost and
accessibility of data. Ensuring the security of cloud computing is a major
factor in the cloud computing environment, as users often store sensitive
information with cloud storage providers but these providers may be
untrussed. Dealing with single cloud providers is predicted to become
less popular with customers due to risks of service availability failure and
the possibility of malicious insiders in the single cloud. A movement
towards multi-clouds, or in other words, interclouds or cloud-ofclouds has emerged recently. This paper surveys recent research related
to single and multi-cloud security and addresses possible solutions. It is
found that the research into the use of multi-cloud providers to maintain
security has received less attention from the research community than has
the use of single clouds. This work aims to promote the use of multiclouds due to its ability to reduce security risks that affect the cloud
computing user.
18.Scalable and Secure Sharing of Personal Health Records in Cloud
Computing Using Attribute-Based Encryption
Abstract:
Personal health record (PHR) is an emerging patient-centric model of
health information exchange, which is often outsourced to be stored at a
third party, such as cloud providers. However, there have been wide
privacy concerns as personal health information could be exposed to
those third party servers and to unauthorized parties. To assure the
patients control over access to their own PHRs, it is a promising method
to encrypt the PHRs before outsourcing. Yet, issues such as risks of
privacy exposure, scalability in key management, flexible access, and
efficient user revocation, have remained the most important challenges

toward achieving fine-grained, cryptographically enforced data access
control. In this paper, we propose a novel patient-centric framework and a
suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control
for PHRs, we leverage attribute-based encryption (ABE) techniques to
encrypt each patients PHR file. Different from previous works in secure
data outsourcing, we focus on the multiple data owner scenario, and
divide the users in the PHR system into multiple security domains that
greatly reduces the key management complexity for owners and users. A
high degree of patient privacy is guaranteed simultaneously by exploiting
multi authority ABE. Our scheme also enables dynamic modification of
access policies or file attributes, supports efficient on-demand
user/attribute revocation and break-glass access under emergency
scenarios. Extensive analytical and experimental results are presented
which show the security, scalability, and efficiency of our proposed
scheme.
19.Ensuring Distributed Accountability for Data Sharing in the Cloud
Abstract:
Cloud computing enables highly scalable services to be easily consumed
over the Internet on an as-needed basis. A major feature of the cloud
services is that users data are usually processed remotely in unknown
machines that users do not own or operate. While enjoying the
convenience brought by this new emerging technology, users fears of
losing control of their own data (particularly, financial and health data)
can become a significant barrier to the wide adoption of cloud services.
To address this problem, in this paper, we propose a novel highly
decentralized information accountability framework to keep track of the

actual usage of the users data in the cloud. In particular, we propose an
object-centered approach that enables enclosing our logging mechanism
together with users data and policies. We leverage the JAR
programmable capabilities to both create a dynamic and traveling object,
and to ensure that any access to users data will trigger authentication and
automated logging local to the JARs. To strengthen users control, we
also provide distributed auditing mechanisms. We provide extensive
experimental studies that demonstrate the efficiency and effectiveness of
the proposed approaches.
20.Cooperative Provable Data Possession for Integrity Verification in
Multi-Cloud Storage
Abstract:
Provable data possession (PDP) is a technique for ensuring the integrity of
data in storage outsourcing. In this paper, we address the construction of
an efficient PDP scheme for distributed cloud storage to support the
scalability of service and data migration, in which we consider the
existence of multiple cloud service providers to cooperatively store and
maintain the clients data. We present a cooperative PDP (CPDP) scheme
based on homomorphic verifiable response and hash index hierarchy. We
prove the security of our scheme based on multi-prover zero-knowledge
proof system, which can satisfy completeness, knowledge soundness, and
zero-knowledge properties. In addition, we articulate performance
optimization mechanisms for our scheme, and in particular present an
efficient method for selecting optimal parameter values to minimize the
computation costs of clients and storage service providers. Our

experiments show that our solution introduces lower computation and

communication overheads in comparison with non-cooperative approaches.
21.HASBE: A Hierarchical Attribute-Based Solution for Flexible and

Scalable Access Control in Cloud Computing
Abstract:
Cloud computing has emerged as one of the most influential paradigms in
the IT industry in recent years. Since this new computing technology
requires users to entrust their valuable data to cloud providers, there have
been increasing security and privacy concerns on outsourced data.
Several schemes employing attribute-based encryption (ABE) have been
proposed for access control of outsourced data in cloud computing;
however, most of them suffer from inflexibility in implementing complex
access control policies. In order to realize scalable, flexible, and finegrained access control of outsourced data in cloud computing, in this
paper, we propose hierarchical attribute-set-based encryption (HASBE)
by extending ciphertext-policy attribute-set-based encryption (ASBE)
with a hierarchical structure of users. The proposed scheme not only
achieves scalability due to its hierarchical structure, but also inherits
flexibility and fine-grained access control in supporting compound
attributes of ASBE. In addition, HASBE employs multiple value
assignments for access expiration time to deal with user revocation more
efficiently than existing schemes. We formally prove the security of
HASBE based on security of the cipher text-policy attribute-based
encryption (CP-ABE) scheme by Bethencourt et al. and analyze its
performance and computational complexity. We implement our scheme
and show that it is both efficient and flexible in dealing with access
control for outsourced data in cloud computing with comprehensive

experiments.
22.Outsourced Similarity Search on Metric Data Assets
Abstract:
This paper considers a cloud computing setting in which similarity
querying of metric data is outsourced to a service provider. The data is to
be revealed only to trusted users, not to the service provider or anyone
else. Users query the server for the most similar data objects to a query
example. Outsourcing offers the data owner scalability and a low-initial
investment. The need for privacy may be due to the data being sensitive
(e.g., in medicine), valuable (e.g., in astronomy), or otherwise
confidential. Given this setting, the paper presents techniques that
transform the data prior to supplying it to the service provider for
similarity queries on the transformed data. Our techniques provide
interesting trade-offs between query cost and accuracy. They are then
further extended to offer an intuitive privacy guarantee. Empirical studies
with real data demonstrate that the techniques are capable of offering
privacy while enabling efficient and accurate processing of similarity
queries.
23.Toward Secure and Dependable Storage Services in Cloud

Computing
Abstract:
Cloud storage enables users to remotely store their data and enjoy the ondemand high quality cloud applications without the burden of local
hardware and software management. Though the benefits are clear, such a
service is also relinquishing users physical possession of their outsourced
data, which inevitably poses new security risks toward the correctness of
the data in cloud. In order to address this new problem and further
achieve a secure and dependable cloud storage service, we propose in this
paper a flexible distributed storage integrity auditing mechanism,
utilizing the homomorphic token and distributed erasure-coded data. The
proposed design allows users to audit the cloud storage with very
lightweight communication and computation cost. The auditing result not
only ensures strong cloud storage correctness guarantee, but also
simultaneously achieves fast data error localization, i.e., the identification
of misbehaving server. Considering the cloud data are dynamic in nature,
the proposed design further supports secure and efficient dynamic
operations on outsourced data, including block modification, deletion,
and append. Analysis shows the proposed scheme is highly efficient and
resilient against Byzantine failure, malicious data modification attack,
and even server colluding attacks.
DATA MINING
24.A Fast Clustering-Based Feature Subset Selection Algorithm for
High-Dimensional Data
Abstract:
Feature selection involves identifying a subset of the most useful features
that produces compatible results as the original entire set of features. A
feature selection algorithm may be evaluated from both the efficiency and
effectiveness points of view. While the efficiency concerns the time
required to find a subset of features, the effectiveness is related to the
quality of the subset of features. Based on these criteria, a fast clusteringMindsoft: 2nd Floor, 2nd Main, Service Road, Vijayanagara, Bangalore-40.
based feature selection algorithm (FAST) is proposed and experimentally

evaluated in this paper. The FAST algorithm works in two steps. In the
first step, features are divided into clusters by using graph-theoretic
clustering methods. In the second step, the most representative feature
that is strongly related to target classes is selected from each cluster to
form a subset of features. Features in different clusters are relatively
independent, the clustering-based strategy of FAST has a high probability
of producing a subset of useful and independent features. To ensure the
efficiency of FAST, we adopt the efficient minimum-spanning tree (MST)
clustering method. The efficiency and effectiveness of the FAST
algorithm are evaluated through an empirical study. Extensive
experiments are carried out to compare FAST and several representative
feature selection algorithms, namely, FCBF, ReliefF, CFS, Consist, and
FOCUS-SF, with respect to four types of well-known classifiers, namely,
the probabilitybased Naive Bayes, the tree-based C4.5, the instance-based
IB1, and the rule-based RIPPER before and after feature selection. The
results, on 35 publicly available real-world high-dimensional image,
microarray, and text data, demonstrate that the FAST not only produces
smaller subsets of features but also improves the performances of the four
types of classifiers.
25.A New Algorithm for Inferring User Search Goals with Feedback
Sessions
Abstract:
For a broad-topic and ambiguous query, different users may have
different search goals when they submit it to a search engine. The
inference and analysis of user search goals can be very useful in
improving search engine relevance and user experience. In this paper, we
propose a novel approach to infer user search goals by analyzing search
engine query logs. First, we propose a framework to discover different

user search goals for a query by clustering the proposed feedback
sessions. Feedback sessions are constructed from user click-through logs
and can efficiently reflect the information needs of users. Second, we
propose a novel approach to generate pseudo-documents to better
represent the feedback sessions for clustering. Finally, we propose a new
criterion Classified Average Precision (CAP) to evaluate the
performance of inferring user search goals. Experimental results are
presented using user click-through logs from a commercial search engine
to validate the effectiveness of our proposed methods.
26.Annotating Search Results from Web Databases
Abstract:
An increasing number of databases have become web accessible through
HTML form-based search interfaces. The data units returned from the
underlying database are usually encoded into the result pages
dynamically for human browsing. For the encoded data units to be
machine process able, which is essential for many applications such as
deep web data collection and Internet comparison shopping, they need to
be extracted out and assigned meaningful labels. In this paper, we present
an automatic annotation approach that first aligns the data units on a
result page into different groups such that the data in the same group have
the same semantic. Then, for each group we annotate it from different
aspects and aggregate the different annotations to predict a final
annotation label for it. An annotation wrapper for the search site is
automatically constructed and can be used to annotate new result pages
from the same web database. Our experiments indicate that the proposed
approach is highly effective.
27.Anomaly Detection via Online Over-Sampling Principal Component
Analysis
Abstract:
Anomaly detection has been an important research topic in data mining
and machine learning. Many real-world applications such as intrusion or
credit card fraud detection require an effective and efficient framework to
identify deviated data instances. However, most anomaly detection
methods are typically implemented in batch mode, and thus cannot be
easily extended to large-scale problems without sacrificing computation
and memory requirements. In this paper, we propose an online oversampling principal component analysis (osPCA) algorithm to address this
problem, and we aim at detecting the presence of outliers from a large
amount of data via an online updating technique. Unlike prior PCA based
approaches, we do not store the entire data matrix or covariance matrix,
and thus our approach is especially of interest in online or large-scale
problems. By over-sampling the target instance and extracting the
principal direction of the data, the proposed osPCA allows us to
determine the anomaly of the target instance according to the variation of
the resulting dominant eigenvector. Since our osPCA need not perform
eigen analysis explicitly, the proposed framework is favored
for online applications which have computation or memory limitations.
Compared with the well-known power method for PCA and other popular
anomaly detection algorithms, our experimental results verify the
feasibility of our proposed method in terms of both accuracy and
efficiency.
28.Distributed Processing of Probabilistic Top-k Queries in Wireless
Sensor Networks
Abstract:
In this paper, we introduce the notion of sufficient set and necessary set
for distributed processing of probabilistic top-k queries in cluster-based
wireless sensor networks. These two concepts have very nice properties
that can facilitate localized data pruning in clusters. Accordingly, we
develop a suite of algorithms, namely, sufficient set-based (SSB),
necessary set-based (NSB), and boundary-based (BB), for intercluster
query processing with bounded rounds of communications. Moreover, in
responding to dynamic changes of data distribution in the network, we
develop an adaptive algorithm that dynamically switches among the three
proposed algorithms to minimize the transmission cost. We show the
applicability of sufficient set and necessary set to wireless sensor
networks with both two-tier hierarchical and tree-structured network
topologies. Experimental results show that the proposed algorithms
reduce data transmissions significantly and incur only small constant
rounds of data communications. The experimental results also
demonstrate the superiority of the adaptive algorithm, which achieves a
near-optimal performance under various conditions.
29.m-Privacy for Collaborative Data Publishing
Abstract:
In this paper, we consider the collaborative data publishing problem for
anonymizing horizontally partitioned data at multiple data providers. We
consider a new type of insider attack by colluding data providers who
may use their own data records (a subset of the overall data) to infer the
data records contributed by other data providers. The paper addresses this
new threat, and makes several contributions. First, we introduce the
notion of m-privacy, which guarantees that the anonymized data satisfies
a given privacy constraint against any group of up to m colluding data
providers. Second, we present heuristic algorithms exploiting the
monotonicity of privacy constraints for efficiently checking m-privacy

given a group of records. Third, we present a data provider-aware
anonymization algorithm with adaptive m-privacy checking strategies to
ensure high utility and m-privacy of anonymized data with efficiency.
Finally, we propose secure multi-party computation protocols for
collaborative data publishing with m-privacy. All protocols are
extensively analyzed and their security and efficiency are formally
proved. Experiments on real-life datasets suggest that our approach
achieves better or comparable utility and efficiency than existing and
baseline algorithms while satisfying m-privacy.
30.Sensitive Labels in Social Network Data Anonymization
31.Tweet Analysis for Real-Time Event Detection and Earthquake
Reporting System Development
Abstract:
Twitter has received much attention recently. An important characteristic
of Twitter is its real-time nature. We investigate the real-time interaction
of events such as earthquakes in Twitter and propose an algorithm to
monitor tweets and to detect a target event. To detect a target event, we
devise a classifier of tweets based on features such as the keywords in a
tweet, the number of words, and their context. Subsequently, we produce
a probabilistic spatiotemporal model for the target event that can find the
center of the event location. We regard each Twitter user as a sensor and
apply particle filtering, which are widely used for location estimation.
The particle filter works better than other comparable methods for
estimating the locations of target events. As an application, we develop an
earthquake reporting system for use in Japan. Because of the numerous
earthquakes and the large number of Twitter users throughout the country,
we can detect an earthquake with high probability (93 percent of

earthquakes of Japan Meteorological Agency (JMA) seismic intensity
scale 3 or more are detected) merely by monitoring tweets. Our system
detects earthquakes promptly and notification is delivered much faster
than JMA broadcast announcements.
32.Document Clustering for Forensic Analysis: An Approach for
Improving Computer Inspection
Abstract:
In computer forensic analysis, hundreds of thousands of files are usually
examined. Much of the data in those files consists of unstructured text,
whose analysis by computer examiners is difficult to be performed. In
this context, automated methods of analysis are of great interest. In
particular, algorithms for clustering documents can facilitate the
discovery of new and useful knowledge from the documents under
analysis. We present an approach that applies document clustering
algorithms to forensic analysis of computers seized in police
investigations. We illustrate the proposed approach by carrying out
extensive experimentation with six well-known clustering algorithms (Kmeans, K-medoids, Single Link, Complete Link, Average Link, and
CSPA) applied to five real-world datasets obtained from computers seized
in real-world investigations. Experiments have been performed with
different combinations of parameters, resulting in 16 different
instantiations of algorithms. In addition, two relative validity indexes
were used to automatically estimate the number of clusters. Related
studies in the literature are significantly more limited than our study. Our
experiments show that the Average Link and Complete Link algorithms
provide the best results for our application domain. If suitably initialized,
partitional algorithms (K-means and K-medoids) can also yield to very
good results. Finally, we also present and discuss several practical results
that can be useful for researchers and practitioners of forensic computing.
33.A Method for Mining Infrequent Causal Associations and Its
Application in Finding Adverse Drug Reaction Signal Pairs
Abstract:
In many real-world applications, it is important to mine causal
relationships where an event or event pattern causes certain outcomes
with low probability. Discovering this kind of causal relationships can
help us prevent or correct negative outcomes caused by their antecedents.
In this paper, we propose an innovative data mining framework and apply
it to mine potential causal associations in electronic patient data sets
where the drug-related events of interest occur infrequently. Specifically,
we created a novel interestingness measure, exclusive causal-leverage,
based on a computational, fuzzy recognition-primed decision (RPD)
model that we previously developed. On the basis of this new measure, a
data mining algorithm was developed to mine the causal relationship
between drugs and their associated adverse drug reactions (ADRs). The
algorithm was tested on real patient data retrieved from the Veterans
Affairs Medical Center in Detroit, Michigan. The retrieved data included
16,206 patients (15,605 male, 601 female). The exclusive causal-leverage
was employed to rank the potential causal associations between each of
the three selected drugs (i.e., enalapril, pravastatin, and rosuvastatin) and
3,954 recorded symptoms, each of which corresponded to a potential
ADR. The top10 drug-symptom pairs for each drug were evaluated by the
physicians on our project team. The numbers of symptoms considered as
likely real ADRs for enalapril, pravastatin, and rosuvastatin were 8, 7,
and 6, respectively. These preliminary results indicate the usefulness of
our method in finding potential ADR signal pairs for further analysis
(e.g., epidemiology study) and investigation (e.g., case review) by drug

safety professionals.
34.Clustering Sentence-Level Text Using a Novel Fuzzy Relational
Clustering Algorithm
Abstract:
In comparison with hard clustering methods, in which a pattern belongs
to a single cluster, fuzzy clustering algorithms allow patterns to belong to
all clusters with differing degrees of membership. This is important in
domains such as sentence clustering, since a sentence is likely to be
related to more than one theme or topic present within a document or set
of documents. However, because most sentence similarity measures do
not represent sentences in a common metric space, conventional fuzzy
clustering approaches based on prototypes or mixtures of Gaussians are
generally not applicable to sentence clustering. This paper presents a
novel fuzzy clustering algorithm that operates on relational input data;
i.e., data in the form of a square matrix of pairwise similarities between
data objects. The algorithm uses a graph representation of the data, and
operates in an Expectation-Maximization framework in which the graph
centrality of an object in the graph is interpreted as a likelihood. Results
of applying the algorithm to sentence clustering tasks demonstrate that
the algorithm is capable of identifying overlapping clusters of
semantically related sentences, and that it is therefore of potential use in a
variety of text mining tasks. We also include results of applying the
algorithm to benchmark data sets in several other domains.
35.Crowd sourcing Predictors of Behavioral Outcomes
Abstract:
Generating models from large data setsand determining which subsets

of data to mineis becoming increasingly automated. However,
choosing what data to collect in the first place requires human intuition or
experience, usually supplied by a domain expert. This paper describes a
new approach to machine science which demonstrates for the first time
that nondomain experts can collectively formulate features and provide
values for those features such that they are predictive of some behavioral
outcome of interest. This was accomplished by building a Web platform
in which human groups interact to both respond to questions likely to
help predict a behavioral outcome and pose new questions to their peers.
This results in a dynamically growing online survey, but the result of this
cooperative behavior also leads to models that can predict the users
outcomes based on their responses to the user-generated survey questions.
Here, we describe two Web-based experiments that instantiate this
approach: The first site led to models that can predict users monthly
electric energy consumption, and the other led to models that can predict
users body mass index. As exponential increases in content are often
observed in successful online collaborative communities, the proposed
methodology may, in the future, lead to similar exponential rises in
discovery and insight into the causal factors of behavioral outcomes.
36.Facilitating Document Annotation using Content and Querying Value
Abstract:
A large number of organizations today generate and share textual
descriptions of their products, services, and actions. Such collections of
textual data contain significant amount of structured information, which
remains buried in the unstructured text. While information extraction
algorithms facilitate the extraction of structured relations, they are often
expensive and inaccurate, especially when operating on top of text that
does not contain any instances of the targeted structured information. We

present a novel alternative approach that facilitates the generation of the
structured metadata by identifying documents that are likely to contain
information of interest and this information is going to be subsequently
useful for querying the database. Our approach relies on the idea that
humans are more likely to add the necessary metadata during creation
time, if prompted by the interface; or that it is much easier for humans
(and/or algorithms) to identify the metadata when such information
actually exists in the document, instead of naively prompting users to fill
in forms with information that is not available in the document. As a
major contribution of this paper, we present algorithms that identify
structured attributes that are likely to appear within the document, by
jointly utilizing the content of the text and the query workload. Our
experimental evaluation shows that our approach generates superior
results compared to approaches that rely only on the textual content or
only on the query workload, to identify attributes of interest.
37.A Generalized Flow-Based Method for Analysis of Implicit
Relationships on Wikipedia
Abstract:
We focus on measuring relationships between pairs of objects in
Wikipedia whose pages can be regarded as individual objects. Two kinds
of relationships between two objects exist: in Wikipedia, an explicit
relationship is represented by a single link between the two pages for the
objects, and an implicit relationship is represented by a link structure
containing the two pages. Some of the previously proposed methods for
measuring
relationships
are
cohesion-based
methods,
which
underestimate objects having high degrees, although such objects could

be important in constituting relationships in Wikipedia. The other
methods are inadequate for measuring implicit relationships because they

use only one or two of the following three important factors: distance,
connectivity, and co citation. We propose a new method using a
generalized maximum flow which reflects all the three factors and does
not underestimate objects having high degree. We confirm through
experiments that our method can measure the strength of a relationship
more appropriately than these previously proposed methods do. Another
remarkable aspect of our method is mining elucidatory objects, that is,
objects constituting a relationship. We explain that mining elucidatory
objects would open a novel way to deeply understand a relationship.
38.A System to Filter Unwanted Messages from OSN User Walls
Abstract:
One fundamental issue in todays Online Social Networks (OSNs) is to
give users the ability to control the messages posted on their own private
space to avoid that unwanted content is displayed. Up to now, OSNs
provide little support to this requirement. To fill the gap, in this paper, we
propose a system allowing OSN users to have a direct control on the
messages posted on their walls. This is achieved through a flexible rulebased system, which allows users to customize the filtering criteria to be
applied to their walls, and a Machine Learning-based soft classifier
automatically labeling messages in support of content-based filtering.
39.Anonymization of Centralized and Distributed Social Networks by
Sequential Clustering
Abstract:
We study the problem of privacy-preservation in social networks. We
consider the distributed setting in which the network data is split between
several data holders. The goal is to arrive at an anonymized view of the
unified network without revealing to any of the data holders information
about links between nodes that are controlled by other data holders. To
that end, we start with the centralized setting and offer two variants of an
anonymization algorithm which is based on sequential clustering (Sq).
Our algorithms significantly outperform the SaNGreeA algorithm due to
Campan and Truta which is the leading algorithm for achieving
anonymity in networks by means of clustering. We then devise secure
distributed versions of our algorithms. To the best of our knowledge, this
is the first study of privacy preservation in distributed social networks.
We conclude by outlining future research proposals in that direction.
40.Intrusion Detection Technique by using K-means, Fuzzy Neural
Network and SVM classifiers.
Abstract:
With the impending era of internet, the network security has become the
key foundation for lot of financial and business web applications.
Intrusion detection is one of the looms to resolve the problem of network
security. Imperfectness of intrusion detection systems (IDS) has given an
opportunity for data mining to make several important contributions to
the field of intrusion detection. In recent years, many researchers are
using data mining techniques for building IDS. Here, we propose a new
approach by utilizing data mining techniques such as neuro-fuzzy and
radial basis support vector machine (SVM) for helping IDS to attain
higher detection rate. The proposed technique has four major steps:
primarily, k-means clustering is used to generate different training
subsets. Then, based on the obtained training subsets, different neurofuzzy models are trained. Subsequently, a vector for SVM classification is
formed and in the end, classification using radial SVM is performed to
detect intrusion has happened or not. To illustrate the applicability and
capability of the new approach, the results of experiments on KDD CUP
1999 dataset is demonstrated. Experimental results shows that our

proposed new approach do better than BPNN, multiclass SVM and other
well-known methods such as decision trees and Columbia model in terms
of sensitivity, specificity and in particular detection accuracy.
41.Spatial Approximate String Search
Abstract:
This work deals with the approximate string search in large spatial
databases. Specically, we investigate range queries augmented with a
string similarity search predicate in both Euclidean space and road
networks. We dub this query the spatial approximate string (SAS) query.
In Euclidean space, we propose an approximate solution, the MHR-tree,
which embeds min-wise signatures into an R-tree. The min-wise
signature for an index node u keeps a concise representation of the union
of q-grams from strings under the sub-tree of u. We analyze the pruning
functionality of such signatures based on the set resemblance between the
query string and the q-grams from the sub-trees of index nodes. We also
discuss how to estimate the selectivity of a SAS query in Euclidean
space, for which we present a novel adaptive algorithm to nd balanced
partitions using both the spatial and string information stored in the tree.
For queries on road networks, we propose a novel exact method,
RSASSOL, which signicantly outperforms the baseline algorithm in
practice. The RSASSOL combines the q-gram based inverted lists and the
reference nodes based pruning. Extensive experiments on large real data
sets demonstrate the efciency and effectiveness of our approaches.
42.Preventing Private Information Inference Attacks on Social
Networks

Abstract:
Online social networks, such as Facebook, are increasingly utilized by
many people. These networks allow users to publish details about
themselves and to connect to their friends. Some of the information
revealed inside these networks is meant to be private. Yet it is possible to
use learning algorithms on released data to predict private information. In
this paper, we explore how to launch inference attacks using released
social networking data to predict private information. We then devise
three possible sanitization techniques that could be used in various
situations. Then, we explore the effectiveness of these techniques and
attempt to use methods of collective inference to discover sensitive
attributes of the data set. We show that we can decrease the effectiveness
of both local and relational classification algorithms by using the
sanitization methods we described.
43.Multiparty Access Control for Online Social Networks Model and
mechanisms
ABSTRACT:
Online social networks (OSNs) have experienced tremendous growth in
recent years and become a de facto portal for hundreds of millions of
Internet users. These OSNs offer attractive means for digital social
interactions and information sharing, but also raise a number of security
and privacy issues. While OSNs allow users to restrict access to shared
data, they currently do not provide any mechanism to enforce privacy
concerns over data associated with multiple users. To this end, we
propose an approach to enable the protection of shared data associated
with multiple users in OSNs. We formulate an access control model to
capture the essence of multiparty authorization requirements, along with a
multiparty policy specification scheme and a policy enforcement
mechanism. Besides, we present a logical representation of our access

control model that allows us to leverage the features of existing logic
solvers to perform various analysis tasks on our model. We also discuss a
proof-of-concept prototype of our approach as part of an application in
Facebook and provide usability study and system evaluation of our
method.
44.Incentive Compatible Privacy-Preserving Data Analysis
Abstract:
In many cases, competing parties who have private data may
collaboratively conduct privacy-preserving distributed data analysis
(PPDA) tasks to learn beneficial data models or analysis results. Most
often, the competing parties have different incentives. Although certain
PPDA techniques guarantee that nothing other than the final analysis
result is revealed, it is impossible to verify whether participating parties
are truthful about their private input data. Unless proper incentives are
set, current PPDA techniques cannot prevent participating parties from
modifying their private inputs. This raises the question of how to design
incentive compatible privacy-preserving data analysis techniques that
motivate participating parties to provide truthful inputs. In this paper, we
first develop key theorems, then base on these theorems, we analyze
certain important privacy-preserving data analysis tasks that could be
conducted in a way that telling the truth is the best choice for any
participating party.
SECURE COMPUTING
45.EAACKA Secure Intrusion-Detection System for MANETs
Abstract:
The migration to wireless network from wired network has been a global
trend in the past few decades. The mobility and scalability brought by
wireless network made it possible in many applications. Among all the
contemporary wireless networks, Mobile Ad hoc NETwork (MANET) is
one of the most important and unique applications. On the contrary to
traditional network architecture, MANET does not require a fixed
network infrastructure; every single node works as both a transmitter and
a receiver. Nodes communicate directly with each other when they are
both within the same communication range. Otherwise, they rely on their
neighbors to relay messages. The self-configuring ability of nodes in
MANET made it popular among critical mission applications like
military use or emergency recovery. However, the open medium and wide
distribution of nodes make MANET vulnerable to malicious attackers. In
this case, it is crucial to develop efficient intrusion-detection mechanisms
to protect MANET from attacks. With the improvements of the
technology and cut in hardware costs, we are witnessing a current trend
of expanding MANETs into industrial applications. To adjust to such
trend, we strongly believe that it is vital to address its potential security
issues. In this paper, we propose and implement a new intrusion-detection
system named Enhanced Adaptive Acknowledgment (EAACK) specially
designed for MANETs. Compared to contemporary approaches, EAACK
demonstrates higher malicious-behavior-detection rates in certain
circumstances while does not greatly affect the network performances.
46.Identity-Based Secure Distributed Data Storage Schemes

Abstract:
Secure distributed data storage can shift the burden of maintaining a large
number of files from the owner to proxy servers. Proxy servers can
convert encrypted files for the owner to encrypted files for the receiver
without the necessity of knowing the content of the original files. In
practice, the original files will be removed by the owner for the sake of
space efficiency. Hence, the issues on confidentiality and integrity of the
outsourced data must be addressed carefully. In this paper, we propose
two identity-based secure distributed data storage (IBSDDS) schemes.
Our schemes can capture the following properties: (1) The file owner can
decide the access permission independently without the help of the
private key generator (PKG); (2) For one query, a receiver can only
access one file, instead of all files of the owner; (3) Our schemes are
secure against the collusion attacks, namely even if the receiver can
compromise the proxy servers, he cannot obtain the owners secret key.
Although the first scheme is only secure against the chosen plaintext
attacks (CPA), the second scheme is secure against the chosen cipher text
attacks (CCA). To the best of our knowledge, it is the first IBSDDS
schemes where an access permissions is made by the owner for an exact
file and collusion attacks can be protected in the standard model.
47.Modeling the Pair-wise Key Pre-distribution Scheme in the Presence
of Unreliable Links
Abstract:
We investigate the secure connectivity of wireless sensor networks under
the random pairwise key predistribution scheme of Chan, Perrig, and
Song. Unlike recent work carried out under the assumption of full
visibility, here we assume a (simplified) communication model where
unreliable wireless links are represented as independent on/off
channels.We present conditions on how to scale the model parameters so

that the network 1) has no secure node that is isolated and 2) is securely
connected, both with high probability, when the number of sensor nodes
becomes large. The results are given in the form of zero-one laws, and
exhibit significant differences with corresponding results in the fullvisibility case. Through simulations, these zero-one laws are shown to
also hold under a more realistic communication model, namely the disk
model.
48.NICE: Network Intrusion Detection and Countermeasure Selection
in Virtual Network Systems
Abstract:
Cloud security is one of most important issues that have attracted a lot of
research and development effort in past few years. Particularly, attackers
can explore vulnerabilities of a cloud system and compromise virtual
machines to deploy further large-scale Distributed Denial-of-Service
(DDoS). DDoS attacks usually involve early stage actions such as multistep
exploitation,
low
frequency
vulnerability
scanning,
and
compromising identified vulnerable virtual machines as zombies, and

finally DDoS attacks through the compromised zombies. Within the cloud
system, especially the Infrastructure-as-a-Service (IaaS) clouds, the
detection of zombie exploration attacks is extremely difficult. This is
because cloud users may install vulnerable applications on their virtual
machines. To prevent vulnerable virtual machines from being
compromised in the cloud, we propose a multi-phase distributed
vulnerability detection, measurement, and countermeasure selection
mechanism called NICE, which is built on attack graph based analytical
models and reconfigurable virtual network-based countermeasures. The
proposed framework leverages Open Flow network programming APIs to
build a monitor and control plane over distributed programmable virtual

switches in order to significantly improve attack detection and mitigate
attack consequences. The system and security evaluations demonstrate
the efficiency and effectiveness of the proposed solution.
49.Privacy Preserving Data Sharing With Anonymous ID Assignment
Abstract:
An algorithm for anonymous sharing of private data among parties is
developed. This technique is used iteratively to assign these nodes ID
numbers ranging from 1 to N. This assignment is anonymous in that the
identities received are unknown to the other members of the group.
Resistance to collusion among other members is verified in an
information theoretic sense when private communication channels are
used. This assignment of serial numbers allows more complex data to be
shared and has applications to other problems in privacy preserving data
mining, collision avoidance in communications and distributed database
access. The required computations are distributed without using a trusted
central authority. Existing and new algorithms for assigning anonymous
IDs are examined with respect to trade-offs between communication and
computational requirements. The new algorithms are built on top of a
secure sum data mining operation using Newtons identities and Sturms
theorem. An algorithm for distributed solution of certain polynomials
over finite fields enhances the scalability of the algorithms. Markov chain
representations are used to find statistics on the number of iterations
required, and computer algebra gives closed form results for the
completion rates.
50.Securing Class Initialization in Java-like Languages
Abstract:
Language-based information-flow security is concerned with specifying

and enforcing security policies for information flow via language
constructs. Although much progress has been made on understanding
information flow in object-oriented programs, little attention has been
given to the impact of class initialization on information flow. This paper
turns the spotlight on security implications of class initialization. We
reveal the subtleties of information propagation when classes are
initialized, and demonstrate how these flows can be exploited to leak
information through error recovery. Our main contribution is a type-andeffect system which tracks these information flows. The type system is
parameterized by an arbitrary lattice of security levels. Flows through the
class hierarchy and dependencies in field initializers are tracked by typing
class initializers wherever they could be executed. The contexts in which
each class can be initialized are tracked to prevent insecure flows of outof-scope contextual information through class initialization statuses and
error recovery. We show that the type system enforces terminationinsensitive noninterference.
51.Security Analysis of a Single Sign-On Mechanism for Distributed
Computer Networks
Abstract:
The Single sign-on (SSO) is a new authentication mechanism that enables
a legal user with a single credential to be authenticated by multiple
service providers in a distributed computer network. Recently, Chang and
Lee proposed a new SSO scheme and claimed its security by providing
well-organized security arguments. In this paper, however, we
demonstrative that their scheme is actually insecure as it fails to meet
credential privacy and soundness of authentication. Specifically, we
present two impersonation attacks. The first attack allows a malicious
service provider, who has successfully communicated with a legal user

twice, to recover the users credential and then to impersonate the user to
access resources and services offered by other service providers. In
another attack, an outsider without any credential may be able to enjoy
network services freely by impersonating any legal user or a nonexistent
user. We identify the flaws in their security arguments to explain why
attacks are possible against their SSO scheme. Our attacks also apply to
another SSO scheme proposed by Hsu and Chuang, which inspired the
design of the ChangLee scheme. Moreover, by employing an efficient
verifiable encryption of RSA signatures proposed by Ateniese, we
propose an improvement for repairing the ChangLee scheme. We
promote the formal study of the soundness of authentication as one open
problem.
52.SORT: A Self-Organizing Trust Model for Peer-to-Peer Systems
Abstract:
Open nature of peer-to-peer systems exposes them to malicious activity.
Building trust relationships among peers can mitigate attacks of malicious
peers. This paper presents distributed algorithms that enable a peer to
reason about trustworthiness of other peers based on past interactions and
recommendations. Peers create their own trust network in their proximity
by using local information available and do not try to learn global trust
information. Two contexts of trust, service, and recommendation contexts
are defined to measure trustworthiness in providing services and giving
recommendations. Interactions and recommendations are evaluated based
on importance, recentness, and peer satisfaction parameters. Additionally,
recommenders trustworthiness and confidence about a recommendation
are
considered
while
evaluating
recommendations.
Simulation
experiments on a file sharing application show that the proposed model

can mitigate attacks on 16 different malicious behavior models. In the

experiments, good peers were able to form trust relationships in their
proximity and isolate malicious peers.
53.WARNINGBIRD: A Near Real-time Detection System for Suspicious
URLs in Twitter Stream
Abstract:
Twitter is prone to malicious tweets containing URLs for spam, phishing,
and malware distribution. Conventional Twitter spam detection schemes
utilize account features such as the ratio of tweets containing URLs and
the account creation date, or relation features in the Twitter graph. These
detection schemes are ineffective against feature fabrications or consume
much time and resources. Conventional suspicious URL detection
schemes utilize several features including lexical features of URLs, URL
redirection, HTML content, and dynamic behavior. However, evading
techniques such as time-based evasion and crawler evasion exist. In this
paper, we propose WARNINGBIRD, a suspicious URL detection system
for Twitter. Our system investigates correlations of URL redirect chains
extracted from several tweets. Because attackers have limited resources
and usually reuse them, their URL redirect chains frequently share the
same URLs. We develop methods to discover correlated URL redirect
chains using the frequently shared URLs and to determine their
suspiciousness. We collect numerous tweets from the Twitter public
timeline and build a statistical classifier using them. Evaluation results
show that our classifier accurately and efficiently detects suspicious
URLs. We also present WARNINGBIRD as a near real-time system for
classifying suspicious URLs in the Twitter stream.
54.Two tales of privacy in online social networks
Abstract:
Privacy is one of the friction points that emerges when communications

get mediated in Online Social Networks (OSNs). Different communities
of computer science researchers have framed the OSN privacy problem
as one of surveillance, institutional or social privacy. In tackling these
problems they have also treated them as if they were independent. We
argue that the different privacy problems are entangled and that research
on privacy in OSNs would benefit from a more holistic approach. In this
article, we first provide an introduction to the surveillance and social
privacy perspectives emphasizing the narratives that inform them, as well
as their assumptions, goals and methods. We then juxtapose the
differences between these two approaches in order to understand their
complementarily, and to identify potential integration challenges as well
as research questions that so far have been left unanswered.
55.Secure Encounter-based Mobile Social Networks: Requirements,
Designs, and Tradeoffs
Abstract:
Encounter-based social networks and encounter-based systems link users
who share a location at the same time, as opposed to the traditional social
network paradigm of linking users who have an offline friendship. This
new approach presents challenges that are fundamentally different from
those tackled by previous social network designs. In this paper, we
explore the functional and security requirements for these new systems,
such as availability, security, and privacy, and present several design
options for building secure encounter-based social networks. To highlight
these challenges we examine one recently proposed encounter-based
social network design and compare it to a set of idealized security and
functionality requirements. We show that it is vulnerable to several
attacks, including impersonation, collusion, and privacy breaching, even
though it was designed specifically for security. Mindful of the possible

pitfalls, we construct a flexible framework for secure encounter-based
social networks, which can be used to construct networks that offer
different security, privacy, and availability guarantees. We describe two
example constructions derived from this framework, and consider each in
terms of the ideal requirements. Some of our new designs fulfill more
requirements in terms of system security, reliability, and privacy than
previous work. We also evaluate real-world performance of one of our
designs by implementing a proof-of-concept iPhone application called
MeetUp. Experiments highlight the potential of our system and hint at the
deploy ability of our designs on a large scale.
56.Twitsper: Tweeting Privately
Abstract:
While OSNs today provide some form of privacy controls to protect a
users shared content from other users, these controls are not sufficiently
expressive to provide fine grained protection. In this article, we introduce
Twitsper, to support fine-grained control over who sees a users
messages. Twitsper provides privacy controls to the users of Twitter today
without relying on Twitter to make changes. This is because it is a
wrapper around Twitter that enables private group communication while
preserving Twitters commercial interests. It preserves privacy both from
the Twitsper server as well as from undesired Twitsper users.
57.Combining Cryptographic Primitives to Prevent Jamming Attacks in
Wireless Networks
Abstract:
The Open Nature of wireless medium leaves an intentional interference
attack, typically referred to as jamming. This intentional interference with
wireless transmission launch pad for mounting Denial-Of- Service attack
on wireless networks. Typically, jamming has been addresses under an

external threat model. However, adversaries with internal knowledge of
protocol specification and network secrets can launch low-effort jamming
attacks that are difficult to detect and counter. In this work we address the
problem of jamming attacks and adversary is active for short period of
time, selectively targeting the messages of high importance. We show that
the selective jamming attacks can be launched by performing real-time
packet classification at the physical layer. To mitigate these attacks, we
develop three schemes that prevent real time packet classification by
combining cryptographic primitives with physical-layer attributes. They
are Strong Hiding Commitment Schemes (SHCS), Cryptographic Puzzles
Hiding Schemes (CPHS), and All- Or-Nothing Transformation Hiding
Schemes (AONTSHS). Random key distribution methods are done along
with three schemes to give more secured packet transmission in wireless
networks.
58.Cross-Domain Privacy-Preserving Cooperative Firewall

Optimization
Abstract:
Firewalls have been widely deployed on the Internet for securing private
networks. A firewall checks each incoming or outgoing packet to decide
whether to accept or discard the packet based on its policy. Optimizing
firewall policies is crucial for improving network performance. Prior
work on firewall optimization focuses on either intra-firewall or inter
firewall optimization within one administrative domain where the privacy
of firewall policies is not a concern. This paper explores inter firewall
optimization across administrative domains for the first time. The key
technical challenge is that firewall policies cannot be shared across
domains because a firewall policy contains confidential information and

even potential security holes, which can be exploited by attackers. In this
paper, we propose the first cross-domain privacy-preserving cooperative
firewall policy optimization protocol. Specifically, for any two adjacent
firewalls belonging to two different administrative domains, our protocol
can identify in each firewall the rules that can be removed because of the
other
firewall.
The
optimization
process
involves
cooperative
computation between the two firewalls without any party disclosing its
policy to the other. We implemented our protocol and conducted
extensive experiments. The results on real firewall policies show that our
protocol can remove as many as 49% of the rules in a firewall, whereas
the average is 19.4%. The communication cost is less than a few hundred
kilobytes. Our protocol incurs no extra online packet processing
overhead, and the offline processing time is less than a few hundred
seconds.
Networking
59.A Highly Scalable Key Pre-Distribution Scheme for Wireless Sensor
Networks
Abstract:
Given the sensitivity of the potential WSN applications and because of
resource limitations, key management emerges as a challenging issue for
WSNs. One of the main concerns when designing a key management
scheme is the network scalability. Indeed, the protocol should support a
large number of nodes to enable a large scale deployment of the network.
In this paper, we propose a new scalable key management scheme for
WSNs which provides a good secure connectivity coverage. For this
purpose, we make use of the unital design theory. We show that the basic
mapping from unitals to key pre-distribution allows us to achieve high
network scalability. Nonetheless, this naive mapping does not guarantee a

high key sharing probability. Therefore, we propose an enhanced unitalbased key pre-distribution scheme providing high network scalability and
good key sharing probability approximately lower bounded by 1 e
0.632. We conduct approximate analysis and simulations and
compare our solution to those of existing methods for different criteria

such as storage overhead, network scalability, network connectivity,
average secure path length and network resiliency. Our results show that
the proposed approach enhances the network scalability while providing
high secure connectivity coverage and overall improved performance.
Moreover, for an equal network size, our solution reduces significantly
the storage overhead compared to those of existing solutions.
60.Delay-Based Network Utility Maximization
Abstract:
It is well known that max-weight policies based on a queue backlog index
can be used to stabilize stochastic networks, and that similar stability
results hold if a delay index is used. Using Lyapunov optimization, we
extend this analysis to design a utility maximizing algorithm that uses
explicit delay information from the head-of-line packet at each user. The
resulting policy is shown to ensure deterministic worst-case delay
guarantees and to yield a throughput utility that differs from the optimally
fair value by an amount that is inversely proportional to the delay
guarantee. Our results hold for a general class of 1-hop networks,
including packet switches
61.Dynamic Control of Coding for Progressive Packet Arrivals in DTNs
Abstract:
In Delay Tolerant Networks (DTNs) the core challenge is to cope with
lack of persistent connectivity and yet be able to deliver messages from
source to destination. In particular, routing schemes that leverage relays
memory and mobility are a customary solution in order to improve
message delivery delay. When large files need to be transferred from
source to destination, not all packets may be available at the source prior
to the first transmission. This motivates us to study general packet
arrivals at the source, derive performance analysis of replication based
routing policies and study their optimization under two hop routing. In
particular, we determine the conditions for optimality in terms of
probability of successful delivery and mean delay and we devise optimal
policies, so-called piecewise-threshold policies. We account for linear
block-codes and rate less random linear coding to efficiently generate
redundancy, as well as for an energy constraint in the optimization. We
numerically assess the higher efficiency of piecewise-threshold policies
compared with other policies by developing heuristic optimization of the
thresholds for all flavors of coding considered.
62.Minimum Cost Blocking Problem in Multi-path Wireless Routing
Protocols
Abstract:
We present a class of Minimum Cost Blocking (MCB) problems in
Wireless Mesh Networks (WMNs) with multi-path wireless routing
protocols. We establish the provable superiority of multi-path routing
protocols over conventional protocols against blocking, node-isolation
and network-partitioning type attacks. In our attack model, an adversary
is considered successful if he is able to capture/isolate a subset of nodes
such that no more than a certain amount of traffic from source nodes
reaches the gateways. Two scenarios, viz. (a) low mobility for network
nodes, and (b) high degree of node mobility, are evaluated. Scenario (a) is
proven to be NP-hard and scenario (b) is proven to be #P-hard for the
adversary to realize the goal. Further, several approximation algorithms
are presented which show that even in the best case scenario it is at least
exponentially hard for the adversary to optimally succeed in such
blocking-type attacks. These results are verified through simulations
which demonstrate the robustness of multi-path routing protocols against
such attacks. To the best of our knowledge, this is the first work that
theoretically evaluates the attack-resiliency and performance of multipath protocols with network node mobility.
63.On the Node Clone Detection in Wireless Sensor Networks
Abstract:
Wireless sensor networks are vulnerable to the node clone, and several
distributed protocols have been proposed to detect this attack. However,
they require too strong assumptions to be practical for large-scale,
randomly deployed sensor networks. In this paper, we propose two novel
node clone detection protocols with different tradeoffs on network
conditions and performance. The first one is based on a distributed hash
table (DHT), by which a fully decentralized, key-based caching and
checking system is constructed to catch cloned nodes effectively. The
protocol performance on efficient storage consumption and high security
level is theoretically deducted through a probability model, and the
resulting equations, with necessary adjustments for real application, are
supported by the simulations. Although the DHT-based protocol incurs
similar communication cost as previous approaches, it may be considered
a little high for some scenarios. To address this concern, our second
distributed detection protocol, named randomly directed exploration,

presents good communication performance for dense sensor networks, by
a probabilistic directed forwarding technique along with random initial
direction and border determination. The simulation results uphold the
protocol design and show its efficiency on communication overhead and
satisfactory detection probability
64.Opportunistic MANETs: Mobility Can Make Up for Low
Transmission Power
Abstract:
Opportunistic mobile ad hoc networks (MANETs) are a special class of
sparse and disconnected MANETs where data communication exploits
sporadic contact opportunities among nodes. We consider opportunistic
MANETs where nodes move independently at random over a square of
the plane. Nodes exchange data if they are at a distance at most within
each other, where is the node transmission radius. The flooding time is
the number of time-steps required to broadcast a message from a source
node to every node of the network. Flooding time is an important
measure of how fast information can spread in dynamic networks. We
derive the first upper bound on the flooding time, which is a decreasing
function of the maximal speed of the nodes. The bound holds with high
probability, and it is nearly tight. Our bound shows that, thanks to node
mobility, even when the network is sparse and disconnected, information
spreading can be fast.
65.Back-Pressure-Based Packet-by-Packet Adaptive Routing in
Communication Networks
Abstract:
Back-pressure-based adaptive routing algorithms where each packet is

routed along a possibly different path have been extensively studied in
the literature. However, such algorithms typically result in poor delay
performance and involve high implementation complexity. In this paper,
we develop a new adaptive routing algorithm built upon the widely
studied back-pressure algorithm. We decouple the routing and scheduling
components of the algorithm by designing a probabilistic routing table
that is used to route packets to per-destination queues. The scheduling
decisions in the case of wireless networks are made using counters called
shadow queues. The results are also extended to the case of networks that
employ simple forms of network coding. In that case, our algorithm
provides a low-complexity solution to optimally exploit the routing
coding tradeoff.
66.Fast Transmission to Remote Cooperative Groups: A New Key
Management Paradigm
Abstract:
The problem of efficiently and securely broadcasting to a remote
cooperative group occurs in many newly emerging networks. A major
challenge in devising such systems is to overcome the obstacles of the
potentially limited communication from the group to the sender, the
unavailability of a fully trusted key generation center, and the dynamics
of the sender. The existing key management paradigms cannot deal with
these challenges effectively. In this paper, we circumvent these obstacles
and close this gap by proposing a novel key management paradigm. The
new paradigm is a hybrid of traditional broadcast encryption and group
key agreement. In such a system, each member maintains a single
public/secret key pair. Upon seeing the public keys of the members, a
remote sender can securely broadcast to any intended subgroup chosen in
an ad hoc way. Following this model, we instantiate a scheme that is

proven secure in the standard model. Even if all the non-intended
members collude, they cannot extract any useful information from the
transmitted messages. After the public group encryption key is extracted,
both the computation overhead and the communication cost are
independent of the group size. Furthermore, our scheme facilitates simple
yet efficient member deletion/ addition and flexible rekeying strategies.
Its strong security against collusion, its constant overhead, and its
implementation friendliness without relying on a fully trusted authority
render our protocol a very promising solution to many applications.
67.Participatory Privacy: Enabling Privacy in Participatory Sensing
Abstract:
Participatory sensing is an emerging computing paradigm that enables the
distributed collection of data by self-selected participants. It allows the
increasing number of mobile phone users to share local knowledge
acquired by their sensor-equipped devices (e.g., to monitor temperature,
pollution level, or consumer pricing information). While research
initiatives and prototypes proliferate, their real-world impact is often
bounded to comprehensive user participation. If users have no incentive,
or feel that their privacy might be endangered, it is likely that they will
not participate. In this article, we focus on privacy protection in
participatory sensing and introduce a suitable privacy-enhanced
infrastructure. First, we provide a set of definitions of privacy
requirements for both data producers (i.e., users providing sensed
information) and consumers (i.e., applications accessing the data). Then
we propose an efficient solution designed for mobile phone users, which

incurs very low overhead. Finally, we discuss a number of open problems

and possible research directions.
68.Using Fuzzy Logic Control to Provide Intelligent Traffic
Management Service for High-Speed Networks
Abstract:
In view of the fast-growing Internet traffic, this paper propose a
distributed traffic management framework, in which routers are deployed
with intelligent data rate controllers to tackle the traffic mass. Unlike
other explicit traffic control protocols that have to estimate network
parameters (e.g., link latency, bottleneck bandwidth, packet loss rate, or
the number of flows) in order to compute the allowed source sending rate,
our fuzzy-logic-based controller can measure the router queue size
directly; hence it avoids various potential performance problems arising
from parameter estimations while reducing much consumption of
computation and memory resources in routers. As a network parameter,
the queue size can be accurately monitored and used to proactively decide
if action should be taken to regulate the source sending rate, thus
increasing the resilience of the network to traffic congestion. The
communication QoS (Quality of Service) is assured by the good
performances of our scheme such as max-min fairness, low queueing
delay and good robustness to network dynamics. Simulation results and
comparisons have verified the effectiveness and showed that our new
traffic management scheme can achieve better performances than the
existing protocols that rely on the estimation of network parameters.
PARALLEL & DISTRIBUTED SYSTEMS

69.A Secure Protocol for Spontaneous Wireless Ad Hoc Networks
Creation
Abstract:
This paper presents a secure protocol for spontaneous wireless ad hoc

networks which uses a hybrid symmetric/ asymmetric scheme and the
trust between users in order to exchange the initial data and to exchange
the secret keys that will be used to encrypt the data. Trust is based on the
first visual contact between users. Our proposal is a complete selfconfigured secure protocol that is able to create the network and share
secure services without any infrastructure. The network allows sharing
resources and offering new services among users in a secure
environment. The protocol includes all functions needed to operate
without any external support. We have designed and developed it in
devices with limited resources. Network creation stages are detailed and
the communication, protocol messages, and network management are
explained. Our proposal has been implemented in order to test the
protocol procedure and performance. Finally, we compare the protocol
with other spontaneous ad hoc network protocols in order to highlight its
features and we provide a security analysis of the system.
70.Security Analysis of a Privacy-Preserving Decentralized Key-Policy
Attribute-Based Encryption Scheme
Abstract:
In a decentralized attribute-based encryption (ABE) system, any party can
act as an authority by creating a public key and issuing private keys to
different users that reflect their attributes without any collaboration. Such
an ABE scheme can eliminate the burden of heavy communication and
collaborative computation in the setup phase of multi-authority ABE
schemes, thus is considered more preferable. Recently in IEEE Trans.
Parallel Distrib. Syst., Han et al. [3] proposed an interesting privacypreserving decentralized key-policy ABE scheme, which was claimed to
achieve better privacy for users and to be provably secure in the standard
model. However, after carefully revisiting the scheme, we conclude that

their scheme cannot resist the collusion attacks, hence fails to meet the
basic security definitions of the ABE system.
71.IP-Geolocation Mapping for Moderately Connected Internet Regions
Abstract:
Most
IP-geolocation
mapping
schemes
take
delay-measurement
approach, based on the assumption of a strong correlation between

networking delay and geographical distance between the targeted client
and the landmarks. In this paper, however, we investigate a large region
of moderately connected Internet and find the delay-distance correlation
is weak. But we discover a more probable rulewith high probability the
shortest delay comes from the closest distance. Based on this closestshortest rule, we develop a simple and novel IP-geolocation mapping
scheme for moderately connected Internet regions, called GeoGet. In
GeoGet, we take a large number of webservers as passive landmarks and
map a targeted client to the geolocation of the landmark that has the
shortest delay. We further use JavaScript at targeted clients to generate
HTTP/Get probing for delay measurement. To control the measurement
cost, we adopt a multistep probing method to refine the geolocation of a
targeted client, finally to city level. The evaluation results show that when
probing about 100 landmarks, GeoGet correctly maps 35.4 percent clients
to city level, which outperforms current schemes such as GeoLim [16]
and GeoPing [14] by 270 and 239 percent, respectively, and the median
error distance in GeoGet is around 120 km, outperforming GeoLim and
GeoPing by 37 and 70 percent, respectively.
72.Optimal Client-Server Assignment for Internet Distributed Systems
Abstract:
We investigate an underlying mathematical model and algorithms for

optimizing the performance of a class of distributed systems over the
Internet. Such a system consists of a large number of clients who
communicate with each other indirectly via a number of intermediate
servers. Optimizing the overall performance of such a system then can be
formulated as a client-server assignment problem whose aim is to assign
the clients to the servers in such a way to satisfy some prespecified
requirements on the communication cost and load balancing. We show
that 1) the total communication load and load balancing are two opposing
metrics, and consequently, their tradeoff is inherent in this class of
distributed systems; 2) in general, finding the optimal client-server
assignment for some prespecified requirements on the total load and load
balancing is NP-hard, and therefore; 3) we propose a heuristic via relaxed
convex optimization for finding the approximate solution. Our simulation
results indicate that the proposed algorithm produces superior
performance than other heuristics, including the popular Normalized Cuts
algorithm.
73.Social Tube P2P-assisted Video Sharing in Online Social Networks
Abstract:
Video sharing has been an increasingly popular application in online
social networks (OSNs). However, its sustainable development is
severely hindered by the intrinsic limit of the client/server architecture
deployed in current OSN video systems, which is not only costly in terms
of server bandwidth and storage but also not scalable with the soaring
amount of users and video content. The peer-assisted Video-on-Demand
(VoD) technique, in which participating peers assist the server in
delivering video content has been proposed recently. Unfortunately,
videos can only be disseminated through friends in OSNs. Therefore,
current VoD works that explore clustering nodes with similar interests or
close location for high performance are suboptimal, if not entirely
inapplicable, in OSNs. Based on our long-term real-world measurement
of over 1,000,000 users and 2,500 videos on Facebook, we propose
SocialTube, a novel peer-assisted video sharing system that explores
social relationship, interest similarity, and physical location between
peers in OSNs. Specifically, SocialTube incorporates four algorithms: a
social network (SN)-based P2P overlay construction algorithm, a SNbased chunk prefetching algorithm, chunk delivery and scheduling
algorithm, and a buffer management algorithm. Experimental results from
a prototype on PlanetLab and an event-driven simulator show that
SocialTube can improve the quality of user experience and system
scalability over current P2P VoD techniques.
74.A System for Denial-of-Service Attack Detection Based on
Multivariate Correlation Analysis
Abstract:
Interconnected systems, such as Web servers, database servers, cloud
computing servers etc, are now under threads from network attackers. As
one of most common and aggressive means, Denial-of-Service (DoS)
attacks cause serious impact on these computing systems. In this paper,
we present a DoS attack detection system that uses Multivariate
Correlation Analysis (MCA) for accurate network traffic characterization
by extracting the geometrical correlations between network traffic
features. Our MCA-based DoS attack detection system employs the
principle of anomaly-based detection in attack recognition. This makes
our solution capable of detecting known and unknown DoS attacks
effectively by learning the patterns of legitimate network traffic only.
Furthermore, a triangle-area-based technique is proposed to enhance and
to speed up the process of MCA. The effectiveness of our proposed

detection system is evaluated using KDD Cup 99 dataset, and the
influences of both non-normalized data and normalized data on the
performance of the proposed detection system are examined. The results
show that our system outperforms two other previously developed stateof-the-art approaches in terms of detection accuracy.
MOBILE COMPUTING
75.DCIM: Distributed Cache Invalidation Method for Maintaining
Cache Consistency in Wireless Mobile Networks
Abstract:
This paper proposes distributed cache invalidation mechanism (DCIM), a
client-based cache consistency scheme that is implemented on top of a
previously proposed architecture for caching data items in mobile ad hoc
networks (MANETs), namely COACS, where special nodes cache the
queries and the addresses of the nodes that store the responses to these
queries. We have also previously proposed a server-based consistency
scheme, named SSUM, whereas in this paper, we introduce DCIM that is
totally client-based. DCIM is a pull-based algorithm that implements
adaptive time to live (TTL), piggybacking, and prefetching, and provides
near strong consistency capabilities. Cached data items are assigned
adaptive TTL values that correspond to their update rates at the data
source, where items with expired TTL values are grouped in validation
requests to the data source to refresh them, whereas unexpired ones but
with high request rates are prefetched from the server. In this paper,
DCIM is analyzed to assess the delay and bandwidth gains (or costs)
when compared to polling every time and push-based schemes. DCIM
was also implemented using ns2, and compared against client-based and
server-based schemes to assess its performance experimentally. The
consistency ratio, delay, and overhead traffic are reported versus several
variables, where DCIM showed to be superior when compared to the
other systems.
76.Discovery and Verification of Neighbor Positions in Mobile Ad Hoc
Networks
Abstract:
A growing number of ad hoc networking protocols and location-aware
services require that mobile nodes learn the position of their neighbors.
However, such a process can be easily abused or disrupted by adversarial
nodes. In absence of a priori trusted nodes, the discovery and verification
of neighbor positions presents challenges that have been scarcely
investigated in the literature. In this paper, we address this open issue by
proposing a fully distributed cooperative solution that is robust against
independent and colluding adversaries, and can be impaired only by an
overwhelming presence of adversaries. Results show that our protocol
can thwart more than 99 percent of the attacks under the best possible
conditions for the adversaries, with minimal false positive rates.
77.Efficient Rekeying Framework for Secure Multicast with DiverseSubscription-Period Mobile Users
Abstract:
Group key management (GKM) in mobile communication is important to
enable access control for a group of users. A major issue in GKM is how
to minimize the communication cost for group rekeying. To design the
optimal GKM, researchers have assumed that all group members have the
same leaving probabilities and that the tree is balanced and complete to
simplify analysis. In the real mobile computing environment, however,
these assumptions are impractical and may lead to a large gap between
the impractical analysis and the measurement in real-life situations, thus
allowing for GKM schemes to incorporate only a specific number of

users. In this paper, we propose a new GKM framework supporting more
general cases that do not require these assumptions. Our framework
consists of two algorithms: one for initial construction of a basic key-tree
and another for optimizing the key-tree after membership changes. The
first algorithm enables the framework to generate an optimal key-tree that
reflects the characteristics of users leaving probabilities, and the second
algorithm allows continual maintenance of communication with less
overhead in group rekeying. Through simulations, we show that our
GKM framework outperforms the previous one which is known to be the
best balanced and complete structure.
78.Toward a Statistical Framework for Source Anonymity in Sensor
Networks
Abstract:
In certain applications, the locations of events reported by a sensor
network need to remain anonymous. That is, unauthorized observers must
be unable to detect the origin of such events by analyzing the network
traffic. Known as the source anonymity problem, this problem has
emerged as an important topic in the security of wireless sensor networks,
with variety of techniques based on different adversarial assumptions
being proposed. In this work, we present a new framework for modeling,
analyzing, and evaluating anonymity in sensor networks. The novelty of
the proposed framework is twofold: first, it introduces the notion of
interval indistinguishability and provides a quantitative measure to
model anonymity in wireless sensor networks; second, it maps source
anonymity to the statistical problem of binary hypothesis testing with
nuisance parameters. We then analyze existing solutions for designing
anonymous sensor networks using the proposed model. We show how
mapping source anonymity to binary hypothesis testing with nuisance

parameters leads to converting the problem of exposing private source
information into searching for an appropriate data transformation that
removes or minimize the effect of the nuisance information. By doing so,
we transform the problem from analyzing real-valued sample points to
binary codes, which opens the door for coding theory to be incorporated
into the study of anonymous sensor networks. Finally, we discuss how
existing solutions can be modified to improve their anonymity.
79.Mobile Relay Configuration in Data-Intensive Wireless Sensor
Networks
Abstract:
Wireless Sensor Networks (WSNs) are increasingly used in dataintensive applications such as microclimate monitoring, precision
agriculture, and audio/video surveillance. A key challenge faced by dataintensive WSNs is to transmit all the data generated within an
applications lifetime to the base station despite the fact that sensor nodes
have limited power supplies. We propose using lowcost disposable
mobile relays to reduce the energy consumption of data-intensive WSNs.
Our approach differs from previous work in two main aspects. First, it
does not require complex motion planning of mobile nodes, so it can be
implemented on a number of low-cost mobile sensor platforms. Second,
we integrate the energy consumption due to both mobility and wireless
transmissions into a holistic optimization framework. Our framework
consists of three main algorithms. The first algorithm computes an
optimal routing tree assuming no nodes can move. The second algorithm
improves the topology of the routing tree by greedily adding new nodes
exploiting mobility of the newly added nodes. The third algorithm
improves the routing tree by relocating its nodes without changing its
topology. This iterative algorithm converges on the optimal position for

each node given the constraint that the routing tree topology does not
change. We present efficient distributed implementations for each
algorithm that require only limited, localized synchronization. Because
we do not necessarily compute an optimal topology, our final routing tree
is not necessarily optimal. However, our simulation results show that our
algorithms significantly outperform the best existing solutions.
80.Vampire Attacks: Draining Life from Wireless Ad Hoc Sensor
Networks
Abstract:
Ad hoc low-power wireless networks are an exciting research direction in
sensing and pervasive computing. Prior security work in this area has
focused primarily on denial of communication at the routing or medium
access control levels. This paper explores resource depletion attacks at
the routing protocol layer, which permanently disable networks by
quickly draining nodes battery power. These Vampire attacks are not
specific to any specific protocol, but rather rely on the properties of many
popular classes of routing protocols. We find that all examined protocols
are susceptible to Vampire attacks, which are devastating, difficult to
detect, and are easy to carry out using as few as one malicious insider
sending only protocol-compliant messages. In the worst case, a single
Vampire can increase network-wide energy usage by a factor of O (N),
where N in the number of network nodes. We discuss methods to mitigate
these types of attacks, including a new proof-of-concept protocol that
provably bounds the damage caused by Vampires during the packet
forwarding phase.
81.Toward Privacy Preserving and Collusion Resistance in a Location
Proof Updating System
Abstract:
Todays location-sensitive service relies on users mobile device to
determine the current location. This allows malicious users to access a
restricted resource or provide bogus alibis by cheating on their locations.
To address this issue, we propose A Privacy-Preserving Location proof
Updating System (APPLAUS) in which co-located Bluetooth enabled
mobile devices mutually generate location proofs and send updates to a
location proof server. Periodically changed pseudonyms are used by the
mobile devices to protect source location privacy from each other, and
from the untrusted location proof server. We also develop user-centric
location privacy model in which individual users evaluate their location
privacy levels and decide whether and when to accept the location proof
requests. In order to defend against colluding attacks, we also present
betweens ranking-based and correlation clustering-based approaches for
outlier detection. APPLAUS can be implemented with existing network
infrastructure, and can be easily deployed in Bluetooth enabled mobile
devices with little computation or power cost. Extensive experimental
results show that APPLAUS can effectively provide location proofs,
significantly preserve the source location privacy, and effectively detect
colluding attacks.
PATTERN ANALYSIS & MACHINE INTELLIGENCE

82.A Framework for Mining Signatures from Event Sequences and Its
Applications in Healthcare Data
Abstract:
This paper proposes a novel temporal knowledge representation and
learning framework to perform large-scale temporal signature mining of
longitudinal heterogeneous event data. The framework enables the

representation, extraction, and mining of high order latent event structure
and relationships within single and multiple event sequences. The
proposed knowledge representation maps the heterogeneous event
sequences to a geometric image by encoding events as a structured
spatial-temporal shape process. We present a doubly constrained
convolutional sparse coding framework that learns interpretable and shiftinvariant latent temporal event signatures. We show how to cope with the
sparsity in the data as well as in the latent factor model by inducing a
double sparsity constraint on the -divergence to learn an over complete
sparse latent factor model. A novel stochastic optimization scheme
performs large-scale incremental learning of group-specific temporal
event signatures. We validate the framework on synthetic data and on an
electronic health record dataset.
Service Computing (Web Service)

83.A Decentralized Service Discovery Approach on Peer-to-Peer
Networks
Abstract:
Service-Oriented Computing (SOC) is emerging as a paradigm for
developing distributed applications. A critical issue of utilizing SOC is to
have a scalable, reliable, and robust service discovery mechanism.
However, traditional service discovery methods using centralized
registries can easily suffer from problems such as performance bottleneck
and vulnerability to failures in large scalable service networks, thus
functioning abnormally. To address these problems, this paper proposes a
peer-to-peer-based decentralized service discovery approach named
Chord4S. Chord4S utilizes the data distribution and lookup capabilities of
the popular Chord to distribute and discover services in a decentralized
manner. Data availability is further improved by distributing published
descriptions of functionally equivalent services to different successor

nodes that are organized into virtual segments in the Chord4S circle.
Based on the service publication approach, Chord4S supports QoS-aware
service discovery. Chord4S also supports service discovery with
wildcard(s). In addition, the Chord routing protocol is extended to support
efficient discovery of multiple services with a single query. This enables
late negotiation of Service Level Agreements (SLAs) between service
consumers and multiple candidate service providers. The experimental
evaluation shows that Chord4S achieves higher data availability and
provides efficient query with reasonable overhead.
84.Personalized QoS-Aware Web Service Recommendation and
Visualization
Abstract:
With the proliferation of web services, effective QoS-based approach to
service recommendation is becoming more and more important. Although
service recommendation has been studied in the recent literature, the
performance of existing ones is not satisfactory, since 1) previous
approaches fail to consider the QoS variance according to users
locations; and 2) previous recommender systems are all black boxes
providing limited information on the performance of the service
candidates. In this paper, we propose a novel collaborative filtering
algorithm designed for large-scale web service recommendation.
Different from previous work, our approach employs the characteristic of
QoS and achieves considerable improvement on the recommendation
accuracy. To help service users better understand the rationale of the
recommendation and remove some of the mystery, we use a
recommendation visualization technique to show how a recommendation
is grouped with other choices. Comprehensive experiments are conducted
using more than 1.5 million QoS records of real-world web service
invocations. The experimental results show the efficiency and
effectiveness of our approach.
85.Privacy-Enhanced Web Service Composition
Abstract:
Data as a Service (DaaS) builds on service-oriented technologies to
enable fast access to data resources on the Web. However, this paradigm
raises several new privacy concerns that traditional privacy models do not
handle. In addition, DaaS composition may reveal privacy-sensitive
information. In this paper, we propose a formal privacy model in order to
extend DaaS descriptions with privacy capabilities. The privacy model
allows a service to define a privacy policy and a set of privacy
requirements. We also propose a privacy-preserving DaaS composition
approach allowing verifying the compatibility between privacy
requirements and policies in DaaS composition. We propose a negotiation
mechanism that makes it possible to dynamically reconcile the privacy
capabilities of services when incompatibilities arise in a composition. We
validate the applicability of our proposal through a prototype
implementation and a set of experiments.
SOFTWARE ENGINEERING
86.Whole Test Suite Generation
Abstract:
Not all bugs lead to program crashes, and not always is there a formal
specification to check the correctness of a software tests outcome. A
common scenario in software testing is therefore that test data are
generated, and a tester manually adds test oracles. As this is a difficult
task, it is important to produce small yet representative test sets, and this
representativeness is typically measured using code coverage. There is,
however, a fundamental problem with the common approach of targeting

one coverage goal at a time: Coverage goals are not independent, not
equally difficult, and sometimes infeasiblethe result of test generation
is therefore dependent on the order of coverage goals and how many of
them are feasible. To overcome this problem, we propose a novel
paradigm in which whole test suites are evolved with the aim of covering
all coverage goals at the same time while keeping the total size as small
as possible. This approach has several advantages, as for example, its
effectiveness is not affected by the number of infeasible targets in the
code. We have implemented this novel approach in the EVOSUITE tool,
and compared it to the common approach of addressing one goal at a
time. Evaluated on open source libraries and an industrial case study for a
total of 1,741 classes, we show that EVOSUITE achieved up to 188 times
the branch coverage of a traditional approach targeting single branches,
with up to62 percent smaller test suites.
MULTIMEDIA
87.Understanding the External Links of Video Sharing Sites:
Measurement and Analysis
Abstract:
Recently, many video sharing sites provide external links so that their
video or audio contents can be embedded into external web sites. For
example, users can copy the embedded URLs of the videos of YouTube
and post the URL links on their own blogs. Clearly, the purpose of such
function is to increase the distribution of the videos and the associated
advertisement. Does this function fulfill its purpose and what is the
quantification? In this paper, we provide a comprehensive measurement
study and analysis on these external links to answer these two questions.
With the traces collected from two major video sharing sites, YouTube
and Youku of China, we show that the external links have various impacts
on the popularity of the video sharing sites. More specifically, for videos
that have been uploaded for eight months in Youku, around 15% of views
can come from external links. Some contents are densely linked. For
example, comedy videos can attract more than 800 external links on
average. We also study the relationship between the external links and the
internal links. We show that there are correlations; for example, if a video
is popular itself, it is likely to have a large number of external links.
Another observation we find is that the external links usually have a
higher impact on Youku than that of YouTube. We conjecture that it is
more likely that the external links have higher impact for a regional site
than a worldwide site.
88.Learn and Personalized Image Search
Abstract:
Increasingly developed social sharing websites, like Flickr and Youtube,
allow users to create, share, annotate and comment medias. The largescale user-generated meta-data not only facilitate users in sharing and
organizing multimedia content, but provide useful information to improve
media retrieval and management. Personalized search serves as one of
such examples where the web search experience is improved by
generating the returned list according to the modified user search intents.
In this paper, we exploit the social annotations and propose a novel
framework simultaneously considering the user and query relevance to
learn to personalized image search. The basic premise is to embed the
user preference and query-related search intent into user-specific topic
spaces. Since the users original annotation is too sparse for topic
modeling, we need to enrich users annotation pool before user-specific
topic spaces construction. The proposed framework contains two
components: 1) A Ranking based Multi-correlation Tensor Factorization

model is proposed to perform annotation prediction, which is considered
as users potential annotations for the images; 2) We introduce Userspecific Topic Modeling to map the query relevance and user preference
into the same user-specific topic space. For performance evaluation, two
resources involved with users social activities are employed.
Experiments on a large-scale Flickr dataset demonstrate the effectiveness
of the proposed method.
SERVICE COMPUTING
89.Design and Implementation of TARF: A Trust-Aware Routing
Framework for WSNs
Abstract:
The multihop routing in wireless sensor networks (WSNs) offers little
protection
against
identity
deception
through
replaying
routing
information. An adversary can exploit this defect to launch various

harmful or even devastating attacks against the routing protocols,
including sinkhole attacks, wormhole attacks, and Sybil attacks. The
situation is further aggravated by mobile and harsh network conditions.
Traditional cryptographic techniques or efforts at developing trust-aware
routing protocols do not effectively address this severe problem. To
secure the WSNs against adversaries misdirecting the multihop routing,
we have designed and implemented TARF, a robust trust-aware routing
framework for dynamic WSNs. Without tight time synchronization or
known geographic information, TARF provides trustworthy and energyefficient route. Most importantly, TARF proves effective against those
harmful attacks developed out of identity deception; the resilience of
TARF is verified through extensive evaluation with both simulation and
empirical experiments on large-scale WSNs under various scenarios

including mobile and RF-shielding network conditions. Further, we have
implemented a low-overhead TARF module in TinyOS; as demonstrated,
this implementation can be incorporated into existing routing protocols
with the least effort. Based on TARF, we also demonstrated a proof-ofconcept mobile target detection application that functions well against an
antidetection mechanism.
90.Packet-Hiding Methods for Preventing Selective Jamming Attacks
Abstract:
The open nature of the wireless medium leaves it vulnerable to
intentional interference attacks, typically referred to as jamming. This
intentional interference with wireless transmissions can be used as a
launch pad for mounting Denial-of-Service attacks on wireless networks.
Typically, jamming has been addressed under an external threat model.
However, adversaries with internal knowledge of protocol specifications
and network secrets can launch low-effort jamming attacks that are
difficult to detect and counter. In this work, we address the problem of
selective jamming attacks in wireless networks. In these attacks, the
adversary is active only for a short period of time, selectively targeting
messages of high importance. We illustrate the advantages of selective
jamming in terms of network performance degradation and adversary
effort by presenting two case studies; a selective attack on TCP and one
on routing. We show that selective jamming attacks can be launched by
performing real-time packet classification at the physical layer. To
mitigate these attacks, we develop three schemes that prevent real-time
packet classification by combining cryptographic primitives with
physical-layer attributes. We analyze the security of our methods and
evaluate their computational and communication overhead.
91.Risk-Aware Mitigation for MANET Routing Attacks
Abstract:
Mobile Ad hoc Networks (MANET) have been highly vulnerable to
attacks due to the dynamic nature of its network infrastructure. Among
these attacks, routing attacks have received considerable attention since it
could cause the most devastating damage to MANET. Even though there
exist several intrusion response techniques to mitigate such critical
attacks, existing solutions typically attempt to isolate malicious nodes
based on binary or nave fuzzy response decisions. However, binary
responses may result in the unexpected network partition, causing
additional damages to the network infrastructure, and nave fuzzy
responses could lead to uncertainty in countering routing attacks in
MANET. In this paper, we propose a risk-aware response mechanism to
systematically cope with the identified routing attacks. Our risk-aware
approach is based on an extended Dempster-Shafer mathematical theory
of evidence introducing a notion of importance factors. In addition, our
experiments demonstrate the effectiveness of our approach with the
consideration of several performance metrics.
92.DoubleGuard: Detecting Intrusions in Multitier Web Applications
Abstract:
Internet services and applications have become an inextricable part of
daily life, enabling communication and the management of personal
information from anywhere. To accommodate this increase in application
and data complexity, web services have moved to a multitier design
wherein the web server runs the application front-end logic and data are
outsourced to a database or file server. In this paper, we present Double
Guard, an IDS system that models the network behavior of user sessions
across both the front-end web server and the back-end database. By
monitoring both web and subsequent database requests, we are able to
ferret out attacks that independent IDS would not be able to identify.
Furthermore, we quantify the limitations of any multitier IDS in terms of
training sessions and functionality coverage. We implemented Double
Guard using an Apache web server with MySQL and lightweight
virtualization. We then collected and processed real-world traffic over a
15-day period of system deployment in both dynamic and static web
applications. Finally, using Double Guard, we were able to expose a wide
range of attacks with 100 percent accuracy while maintaining 0 percent
false positives for static web services and 0.6 percent false positives for
dynamic web services.
Image Processing
93.Adaptive Membership Functions for Hand-Written Character
Recognition by Voronoi-based Image Zoning
Abstract:
In the field of hand-written character recognition, image zoning is a
widespread technique for feature extraction since it is rightly considered
able to cope with hand-written pattern variability. As a matter of fact, the
problem of zoning design has attracted many researchers that have
proposed several image zoning topologies, according to static and
dynamic strategies. Unfortunately, little attention has been paid so far to
the role of feature-zone membership functions, that define the way in
which a feature influences different zones of the zoning method. The
results is that the membership functions defined to date follow nonadaptive, global approaches that are unable to model local information on
feature distributions. In this paper, a new class of zone-based membership
functions with adaptive capabilities is introduced and its effectiveness is
shown. The basic idea is to select, for each zone of the zoning method,
the membership function best suited to exploit the characteristics of the

feature distribution of that zone. In addition, a genetic algorithm is
proposed to determine in a unique process - the most favorable
membership functions along with the optimal zoning topology, described
by Voronoi tessellation. The experimental tests show the superiority of
the new technique with respect to traditional zoning methods.
Cloud Computing
94.A Gossip Protocol for Dynamic Resource Management in Large
Cloud Environments
Abstract:
We address the problem of dynamic resource management for a largescale cloud environment. Our contribution includes outlining a distributed
middleware architecture and presenting one of its key elements: a gossip
protocol that (1) ensures fair resource allocation among sites/applications,
(2) dynamically adapts the allocation to load changes and (3) scales both
in the number of physical machines and sites/applications. We formalize
the resource allocation problem as that of dynamically maximizing the
cloud utility under CPU and memory constraints. We first present a
protocol that computes an optimal solution without considering memory
constraints and prove correctness and convergence properties. Then, we
extend that protocol to provide an efficient heuristic solution for the
complete problem, which includes minimizing the cost for adapting an
allocation. The protocol continuously executes on dynamic, local input
and does not require global synchronization, as other proposed gossip
protocols do. We evaluate the heuristic protocol through simulation and
find its performance to be well-aligned with our design goals.
Parallel and Distributed Systems

95.Cut Detection in Wireless Sensor Networks
Abstract:
A wireless sensor network can get separated into multiple connected
components due to the failure of some of its nodes,which is called a
cut. In this article we consider the problem of detecting cuts by the
remaining nodes of a wireless sensor network.We propose an algorithm
that allows (i) every node to detect when the connectivity to a specially
designated node has been lost,and (ii) one or more nodes (that are
connected to the special node after the cut) to detect the occurrence of the
cut. The algorithm is distributed and asynchronous: every node needs to
communicate with only those nodes that are within its communication
range. The algorithm is based on the iterative computation of a fictitious
electrical potential of the nodes. The convergence rate of the underlying
iterative scheme is independent of the size and structure of the network.
Image Processing & Secure Computing

96.Robust Video Data Hiding Using Forbidden Zone Data Hiding And
Selective Embedding.
Abstract:
Video data hiding is still an important research topic due to the design
complexities involved. We propose a new video data hiding method that
makes use of erasure correction capability of Repeat Accumulate codes
and superiority of Forbidden Zone Data Hiding. Selective embedding is
utilized in the proposed method to determine host signal samples suitable
for data hiding. This method also contains a temporal synchronization
scheme in order to withstand frame drop and insert attacks. The proposed
framework is tested by typical broadcast material against MPEG-2, H.264
compression, frame-rate conversion attacks, as well as other well-known
video data hiding methods. The decoding error values are reported for
typical system parameters. The simulation results indicate that the
framework can be successfully utilized in video data hiding applications.
Image Processing & Knowledge and Data Engg

97.Sketch4Match Content-based Image Retrieval System Using
Sketches.
Abstract:
The content based image retrieval (CBIR) is one of the most popular,
rising research areas of the digital image processing. Most of the
available image search tools, such as Google Images and Yahoo! Image
search, are based on textual annotation of images. In these tools, images
are manually annotated with keywords and then retrieved using textbased search methods. The performances of these systems are not
satisfactory. The goal of CBIR is to extract visual content of an image
automatically, like color, texture, or shape. This paper aims to introduce
the problems and challenges concerned with the design and the creation
of CBIR systems, which is based on a free hand sketch (Sketch based
image retrieval SBIR). With the help of the existing methods, describe a
possible solution how to design and implement a task specific descriptor,
which can handle the informational gap between a sketch and a colored
image, making an opportunity for the efficient search hereby. The used
descriptor is constructed after such special sequence of preprocessing
steps that the transformed full color image and the sketch can be
compared. We have studied EHD, HOG and SIFT. Experimental results
on two sample databases showed good results. Overall, the results show
that the sketch based system allows users an intuitive access to searchtools. The SBIR technology can be used in several applications such as
digital libraries, crime prevention, and photo sharing sites. Such a system
has great value in apprehending suspects and identifying victims in
forensics and law enforcement. A possible application is matching a
forensic sketch to a gallery of mug shot images. The area of retrieve
images based on the visual content of the query picture intensified
recently, which demands on the quite wide methodology spectrum on the

area of the image processing.
Networking
98.Denial of Service Attacks in Wireless Networks: The Case of
Jammers
Abstract:
The shared nature of the medium in wireless networks makes it easy for
an adversary to launch a Wireless Denial of Service (WDoS) attack.
Recent studies, demonstrate that such attacks can be very easily
accomplished using off-the shelf equipment. To give a simple example, a
malicious node can continually transmit a radio signal in order to block
any legitimate access to the medium and/or interfere with reception. This
act is called jamming and the malicious nodes are referred to as jammers.
Jamming techniques vary from simple ones based on the continual
transmission of interference signals, to more sophisticated attacks that
aim at exploiting vulnerabilities of the particular protocol used. In this
survey, we present a detailed up-to-date discussion on the jamming
attacks recorded in the literature. We also describe various techniques
proposed for detecting the presence of jammers. Finally, we survey
numerous mechanisms which attempt to protect the network from
jamming attacks. We conclude with a summary and by suggesting future
directions.
99.Optimal Bandwidth Assignment for Multiple-Description-Coded
Video
Abstract:
In video streaming over multicast network, user bandwidth requirement is
often heterogeneous possibly with orders of magnitude difference (say,
from hundreds of kb/s for mobile devices to tens of Mb/s for highdefinition TV). Multiple descriptions coding (MDC) can be used to
address this bandwidth heterogeneity issue. In MDC, the video source is

encoded into multiple independent descriptions. A receiver, depending on
its available bandwidth, joins different descriptions to meet their
bandwidth requirements. An important but challenging problem for MDC
video multicast is how to assign bandwidth to each description in order to
maximize overall user satisfaction. In this paper,we investigate this issue
by formulating it as an optimization problem, with the objective to
maximize user bandwidth experience by taking into account the encoding
inefficiency due to MDC. We prove that the optimization problem is NPhard. However, if the description number is larger than or equal to a
certain threshold (e.g., if the minimum and maximum bandwidth
requirements are 100 kb/s and 10 Mb/s, respectively, such threshold is
seven descriptions), there is an exact and simple solution to achieve
maximum user satisfaction, i.e., meeting all the bandwidth requirements.
For the case when the description number is smaller, we present an
efficient heuristic called simulated annealing for MDC bandwidth
assignment (SAMBA) to assign bandwidth to each description given the
distribution of user bandwidth requirement. We evaluate our algorithm
using simulations. SAMBA achieves virtually the same optimal
performance based on exhaustive search. By comparing with other
assignment algorithms, SAMBA significantly improves user satisfaction.
We also show that, if the coding efficiency decreases with the number of
descriptions, there is an optimal description number to achieve maximal
user satisfaction.
Image Processing & Secure Computing

100.Embedded Extended Visual Cryptography Schemes
Abstract

A visual cryptography scheme (VCS) is a kind of secret sharing scheme

which allows the encoding of a secret image into shares distributed to
participants. The beauty of such a scheme is that a set of qualified
participants is able to recover the secret image without any cryptographic
knowledge and computation devices. An extended visual cryptography
scheme (EVCS) is a kind of VCS which consists of meaningful shares
(compared to the random shares of traditional VCS). In this paper, we
propose a construction of EVCS which is realized by embedding random
shares into meaningful covering shares, and we call it the embedded
EVCS. Experimental results compare some of the well-known EVCSs
proposed in recent years systematically, and show that the proposed
embedded EVCS has competitive visual quality compared with many of
the well-known EVCSs in the literature. In addition, it has many specific
advantages against these well-known EVCSs, respectively.
Mobile Computing
101.Protecting Location Privacy in Sensor Networks against a Global
Eavesdropper
Abstract:
While many protocols for sensor network security provide confidentiality
for the content of messages, contextual information usually remains
exposed. Such contextual information can be exploited by an adversary to
derive sensitive information such as the locations of monitored objects
and data sinks in the field. Attacks on these components can significantly
undermine any network application. Existing techniques defend the
leakage of location information from a limited adversary who can only
observe network traffic in a small region. However, a stronger adversary,
the global eavesdropper, is realistic and can defeat these existing
techniques. This paper first formalizes the location privacy issues in
sensor networks under this strong adversary model and computes a lower
bound on the communication overhead needed for achieving a given level

of location privacy. The paper then proposes two techniques to provide
location privacy to monitored objects (source-location privacy)periodic
collection and source simulationand two techniques to provide location
privacy to data sinks (sink-location privacy)sink simulation and
backbone flooding. These techniques provide trade-offs between privacy,
communication cost, and latency. Through analysis and simulation, we
demonstrate that the proposed techniques are efficient and effective for
source and sink-location privacy in sensor networks.
Knowledge And Data Engineering

102.Slicing: A New Approach for Privacy Preserving Data Publishing
Abstract:
Several
anonymization
techniques,
such
as
generalization
and
bucketization, have been designed for privacy preserving microdata

publishing. Recent work has shown that generalization loses considerable
amount
of
information,
especially
for
high
dimensional
data.
Bucketization, on the other hand, does not prevent membership disclosure

and does not apply for data that do not have a clear separation between
quasi-identifying attributes and sensitive attributes. In this paper, we
present a novel technique called slicing, which partitions the data both
horizontally and vertically. We show that slicing preserves better data
utility than generalization and can be used for membership disclosure
protection. Another important advantage of slicing is that it can handle
high-dimensional data. We show how slicing can be used for attribute
disclosure protection and develop an efficient algorithm for computing
the sliced data that obey the -diversity requirement. Our workload
experiments
confirm
that
slicing
preserves
better
utility
than
generalization and is more effective than bucketization in workloads

involving the sensitive attribute. Our experiments also demonstrate that

slicing can be used to prevent membership disclosure.
IMAGE PROCESSING
111. Linear Distance Coding for Image Classification
112. Local Directional Number Pattern for Face Analysis: Face and
Expression Recognition
113. Log-Gabor Filters for Image-Based Vehicle Verification
114. Noise Reduction Based on Partial-Reference, Dual-Tree
Complex Wavelet Transform Shrinkage
115. Query-Adaptive Image Search With Hash Codes
116. Regional Spatially Adaptive Total Variation Super-Resolution
With Spatial Information Filtering and Clustering
117. Revealing the Traces of JPEG Compression Anti-Forensics
118. Reversible Data Hiding With Optimal Value Transfer
119. Reversible Watermarking Based on Invariant Image
Classification and Dynamic Histogram Shifting
120. Robust Hashing for Image Authentication Using Zernike
Moments and Local Features
121. Scene Text Detection via Connected Component Clustering and
Non- text Filtering
122. Robust Face Recognition for Uncontrolled Pose and Illumination
Changes
Face recognition has made significant advances in the last decade,
but robust commercial applications are still lacking. Current
authentication/identification applications are limited to controlled
settings, e.g., limited pose and illumination changes, with the user usually
aware of being screened and collaborating in the process. Among others,
pose and illumination changes are limited. To address challenges from
looser restrictions, this paper proposes a novel framework for real-world
face recognition in uncontrolled settings named Face Analysis for
Commercial Entities (FACE). Its robustness comes from normalization
(correction) strategies to address pose and illumination variations. In
addition, two separate image quality indices quantitatively assess pose
and illumination changes for each biometric query, before submitting it to
the classifier. Samples with poor quality are possibly discarded or
undergo a manual classification or, when possible, trigger a new capture.
After such filter, template similarity for matching purposes is measured

using a localized version of the image correlation index. Finally, FACE
adopts reliability indices, which estimate the acceptability of the final
identification decision made by the classifier.
123. Reversible Watermarking Based on Invariant Image
Classification and Dynamic Histogram Shifting
In this paper, we propose a new reversible watermarking scheme.
One first contribution is a histogram shifting modulation which
adaptively takes care of the local specificities of the image content. By
applying it to the image prediction-errors and by considering their
immediate neighborhood, the scheme we propose inserts data in textured
areas where other methods fail to do so. Furthermore, our scheme makes
use of a classification process for identifying parts of the image that can
be watermarked with the most suited reversible modulation. This
classification is based on a reference image derived from the image itself,
a prediction of it, which has the property of being invariant to the
watermark insertion. In that way, the watermark embedder and extractor
remain synchronized for message extraction and image reconstruction.
124. Automatic Detection and Reconstruction of Building Radar
Footprints From Single VHR SAR Images
The spaceborne synthetic aperture radar (SAR) systems CosmoSkyMed, TerraSAR-X, and TanDEM-X acquire imagery with very high
spatial resolution (VHR), supporting various important application
scenarios, such as damage assessment in urban areas after natural
disasters. To ensure a reliable, consistent, and fast extraction of the
information from the complex SAR scenes, automatic information
extraction methods are essential. Focusing on the analysis of urban areas,
which is of prime interest of VHR SAR, in this paper, we present a novel
method for the automatic detection and 2-D reconstruction of building
radar footprints from VHR SAR scenes. Unlike most of the literature
methods, the proposed approach can be applied to single images. The
method is based on the extraction of a set of low-level features from the
images and on their composition to more structured primitives using a
production system. Then, the concept of semantic meaning of the

primitives is introduced and used for both the generation of building
candidates and the radar footprint reconstruction. The semantic meaning
represents the probability that a primitive belongs to a certain scattering
class (e.g., double bounce, roof, facade) and has been defined in order to
compensate for the lack of detectable features in single images. Indeed, it
allows the selection of the most reliable primitives and footprint
hypotheses on the basis of fuzzy membership grades.
125. Interactive Segmentation for Change Detection in Multispectral
Remote-Sensing Images
In this letter, we propose to solve the change detection (CD)
problem in multitemporal remote-sensing images using interactive
segmentation methods. The user needs to input markers related to change
and no-change classes in the difference image. Then, the pixels under
these markers are used by the support vector machine classifier to
generate a spectral-change map. To enhance further the result, we include
the spatial contextual information in the decision process using two
different solutions based on Markov random field and level-set methods.
126. Estimating Information from Image Colors: An Application to
Digital Cameras and Natural Scenes
The colors present in an image of a scene provide information
about its constituent elements. But the amount of information depends on
the imaging conditions and on how information is calculated. This work
had two aims. The first was to derive explicitly estimators of the
information available and the information retrieved from the color values
at each point in images of a scene under different illuminations.
127. Airborne Vehicle Detection in Dense Urban Areas Using HoG
Features
Vehicle detection has been an important research field for years as
there are a lot of valuable applications, ranging from support of traffic
planners to real-time traffic management. Especially detection of cars in
dense urban areas is of interest due to the high traffic volume and the
limited space. In city areas many car-like objects (e.g., dormers) appear
which might lead to confusion. Additionally, the inaccuracy of road

databases supporting the extraction process has to be handled in a proper
way. This paper describes an integrated real-time processing chainwhich
utilizes multiple occurrence of objects in images.
128. Histology Image Retrieval in Optimized Multifeature Spaces
Content-based histology image retrieval systems have shown great
potential in supporting decision making in clinical activities, teaching,
and biological research. In content-based image retrieval, feature
combination plays a key role. It aims at enhancing the descriptive power
of visual features corresponding to semantically meaningful queries. It is
particularly valuable in histology image analysis where intelligent
mechanisms are needed for interpreting varying tissue composition and
architecture into histological concepts. This paper presents an approach to
automatically combine heterogeneous visual features for histology image
retrieval. The aim is to obtain the most representative fusion model for a
particular keyword that is associated with multiple query images. The
core of this approach is a multiobjective learning method, which aims to
understand an optimal visual-semantic matching function by jointly
considering the different preferences of the group of query images. The
task is posed as an optimization problem, and a multiobjective
optimization strategy is employed in order to handle potential
contradictions in the query images associated with the same keyword.
129. Automatic License Plate Recognition (ALPR)
Automatic license plate recognition (ALPR) is the extraction of
vehicle license plate information from an image or a sequence of images.
The extracted information can be used with or without a database in many
applications, such as electronic payment systems (toll payment, parking
fee payment), and freeway and arterial monitoring systems for traffic
surveillance. The ALPR uses either a color, black and white, or infrared
camera to take images. The quality of the acquired images is a major
factor in the success of the ALPR. ALPR as a reallife application has to
quickly and successfully process license plates under different
environmental conditions, such as indoors, outdoors, day or night time. It
should also be generalized to process license plates from different
nations, provinces, or states. These plates usually contain different colors,
are written in different languages, and use different fonts; some plates
may have a single color background and others have background images.
The license plates can be partially occluded by dirt, lighting, and towing
accessories on the car.
130. Context-Based Hierarchical Unequal Merging for SAR Image
Segmentation
This paper presents an image segmentation method named
Context-based Hierarchical Unequal Merging for Synthetic aperture radar
(SAR) Image Segmentation (CHUMSIS), which uses superpixels as the
operation units instead of pixels. Based on the Gestalt laws, three rules
that realize a new and natural way to manage different kinds of features
extracted from SAR images are proposed to represent superpixel context.
The rules are prior knowledge from cognitive science and serve as topdown constraints to globally guide the superpixel merging. The features,
including brightness, texture, edges, and spatial information, locally
describe the superpixels of SAR images and are bottom-up forces. While
merging superpixels, a hierarchical unequalmerging algorithm is
designed, which includes two stages: 1) coarse merging stage and 2) fine
merging stage. The merging algorithm unequally allocates computation
resources so as to spend less running time in the superpixels without
ambiguity and more running time in the superpixels with ambiguity.
131. Context-Dependent Logo Matching and Recognition
We contribute, through this paper, to the design of a novel
variational framework able to match and recognize multiple instances of
multiple reference logos in image archives. Reference logos and test
images are seen as constellations of local features (interest points,
regions, etc.) and matched by minimizing an energy function mixing: 1) a
fidelity term that measures the quality of feature matching, 2) a
neighborhood criterion that captures feature co-occurrence/geometry, and
3) a regularization term that controls the smoothness of the matching
solution.
132. Human Detection in Images via Piecewise Linear Support Vector
Machines
Human detection in images is challenged by the view and posture

variation problem. In this paper, we propose a piecewise linear support
vector machine (PL-SVM) method to tackle this problem. The motivation
is to exploit the piecewise discriminative function to construct a nonlinear
classification boundary that can discriminate multiview and multiposture
human bodies from the backgrounds in a high-dimensional feature space.
A PL-SVM training is designed as an iterative procedure of feature space
division and linear SVM training, aiming at the margin maximization of
local linear SVMs. Each piecewise SVM model is responsible for a
subspace, corresponding to a human cluster of a special view or posture.
In the PL-SVM, a cascaded detector is proposed with block orientation
features and a histogram of oriented gradient features. Extensive
experiments show that compared with several recent SVM methods, our
method reaches the state of the art in both detection accuracy and
computational efficiency, and it performs best when dealing with lowresolution human regions in clutter backgrounds.
133. Learning-based, automatic 2D-to-3D image and video
conversion
Despite a significant growth in the last few years, the availability
of 3D content is still dwarfed by that of its 2D counterpart. In order to
close this gap, many 2D-to-3D image and video conversion methods have
been proposed.
Methods involving human operators have been most successful but also
time-consuming and costly. Automatic methods, that typically make use
of a deterministic 3D scene model, have not yet achieved the same level
of quality for they rely on assumptions that are often violated in practice.
In this paper, we propose a new class of method that are based on the
radically different approach of learning the 2D-to-3D conversion from
examples. We develop a method based on globally estimating the entire
depth map of a query image directly from a repository of 3D images
(image + depth pairs or stereopairs) using a nearest-neighbor regression
type idea. We demonstrate both the efficacy and the computational
efficiency of our methods on numerous 2D images and discuss their
drawbacks and benefits. Although far from perfect, our results
demonstrate that repositories of 3D content can be used for effective 2DMindsoft: 2nd Floor, 2nd Main, Service Road, Vijayanagara, Bangalore-40.
to-3D image conversion. An extension to video is immediate by enforcing

temporal continuity of computed depth maps.
134. Automated Biometric Voice-Based Access Control in ATM
An automatic teller machine requires a user to pass an identity test
before any transaction can be granted. The current method available for
access control in ATM is based on smartcard. Efforts were made to
conduct an interview with structured questions among the ATM users and
the result proofed that a lot of problems was associated with ATM
smartcard for access control. Among the problems are; it is very difficult
to prevent another person from attaining and using a legitimate persons
card, also conventional smartcard can be lost, duplicated, stolen or
impersonated with accuracy. To address the problems, the paper proposed
the use of biometric voice-based access control system in automatic teller
machine. In the proposed system, access will be authorized simply by
means of an enroll user speaking into a microphone attached to the
automatic teller machine. There are 2 phases in implementation of the
proposed system: first training phase, second testing or operational phase.
135. Steganography using Genetic Algorithm along with Visual
Cryptography
Image steganography is an emerging field of research for secure
data hiding and transmission over networks. The proposed system
provides the best approach for Least Significant Bit (LSB) based
steganography using Genetic Algorithm (GA) along with Visual
Cryptography (VC). Original message is converted into cipher text by
using secret key and then hidden into the LSB of original image. Genetic
Algorithm and Visual Cryptography has been used for enhancing the
security. Genetic Algorithm is used to modify the pixel location of stego
image and the detection of this message is complex. Visual Cryptography
is used to encrypt the visual information. It is achieved by breaking the
image into two shares based on a threshold. The performance of the
proposed system is experimented by performing steganalysis and
conducting benchmarking test for analysing the parameters like Mean
Squared Error (MSE) and Peak Signal to Noise Ratio (PSNR). The main
aim of this paper is to design the enhanced secure algorithm which uses
both steganography using Genetic Algorithm and Visual Cryptography to
ensure improved security and reliability.
136. Human Skeleton Identification Methods
Uncomfortable Light from a Digital Projector
to
Reduce
When a speaker stands in front of a projector screen for a

presentation, the eyes will be hurt by the direct light from the digital
projector. This paper proposes a design to reduce the strong light by
projecting a black round mask on the speaker's head. The black round
mask is superimposed to the slide frame by the software of this design
and the mask traces the speakers head. The Webcam captures the images
from the speaker with the projector screen. The location of the speakers
head is determined. This design efficiently continues to trace the head
location. The computer uses this head location and superimposes a black
round mask to reduce the uncomfortable feeling caused by the strong
light of the projector.
137. IMAGE STITCHING WITH COMBINED MOMENT
INVARIANTS AND SIFT FEATURES
Image stitching is used to combine multiple photographic images
from camera network with overlapping field of view to produce
panoramic view. With image stitching, the view is enlarged and the
amount of information increases with the no. of images that are stitched.
In the existing methods, the whole images from the adjacent views are
considered thus leads to increase in both time and computational
complexity. In this paper, an approach for image stitching using invariant
moments combined with SIFT features is presented to reduce the time
and computational complexity. It is observed that only a small portion of
the adjacent view images are overlapped. Hence, the proposed method
aims in detecting overlapping portion for extracting matching points. The
overlapping regions are determined using gradient based dominant edge
extraction and invariant moments. In the deduced region, the SIFT (Shift
Invariant Feature Transform) features are extracted to determine the
matching features. The registration is carried on with RANSAC (Random
Sample Consensus) algorithm and final output mosaic is obtained by
warping the images. The proposed approach results in reduced time and
computational when compared to existing methods.
138. Vertical-Edge-Based Car-License-Plate Detection Method
This paper proposes a fast method for car-licenseplate detection
(CLPD) and presents three main contributions. The first contribution is
that we propose a fast vertical edge detection algorithm (VEDA) based on
the contrast between the grayscale values, which enhances the speed of
the CLPD method. After binarizing the input image using adaptive
thresholding (AT), an unwanted-line elimination algorithm (ULEA) is
proposed to enhance the image, and then, the VEDA is applied. The
second contribution is that our proposed CLPD method processes verylow-resolution images taken by a web camera. After the vertical edges
have been detected by the VEDA, the desired plate details based on color
information are highlighted. Then, the candidate region based on
statistical and logical operations will be extracted. Finally, an LP is
detected. The third contribution is that we compare the VEDA to the
Sobel operator in terms of accuracy, algorithm complexity, and
processing time.
Bio-Medical Based Image Processing
139. Lossless medical image compression by IWT
The proposed work is to compress the medical data without any
loss(i.e. lossless). Medical information is either in multidimensional or
multi-resolution form, this creates enormous amount of data. Retrieval,
Efficient storage, management and transmission of this voluminous data
are highly complex. This technique combines integer transforms and
JPEGLS Prediction to enhance the performance of lossless compression.
140. Analyzing Macular Edema In Diabetic Patients
Diabetic macular edema (DME) is an advanced symptom of
diabetic retinopathy and can lead to irreversible vision loss. In this paper,
a two-stage methodology for the detection and classification of DME
severity from color fundus images is proposed. DME detection is carried
out via a supervised learning approach using the normal fundus images. A
feature extraction technique is introduced to capture the global
characteristics of the fundus images and discriminate the normal from

DME images. Disease severity is assessed using the neural networks.
141. Wavelet Based Image Fusion for Detection of Brain Tumor
Brain tumor, is one of the major causes for the increase in
mortality among children and adults. Detecting the regions of brain is the
major challenge in tumor detection. In the field of medical image
processing, multi sensor images are widely being used as potential
sources to detect brain tumor. In this paper, a wavelet based image
fusion algorithm is applied on the Magnetic Resonance (MR) images
and Computed Tomography (CT) images which are used as primary
sources to extract the redundant and complementary information in
order to enhance the tumor detection in the resultant fused image. The
main features taken into account for detection of brain tumor are
location of tumor and size of the tumor, which is further optimized
through fusion of images using various wavelet transforms parameters.
We discuss and enforce the principle of evaluating and comparing the
performance of the algorithm applied to the images with respect to
various wavelets type used for the wavelet analysis. The performance
efficiency of the algorithm is evaluated on the basis of PSNR values. The
obtained results are compared on the basis of PSNR with gradient vector
field and big bang optimization. The algorithms are analyzed in terms of
performance with respect to accuracy in estimation of tumor region and
computational efficiency of the algorithms.
Power Systems
142. Synchronous Detection and Digital control of Shunt Active
Power Filter in Power Quality Improvement
Power Quality means to maintain purely sinusoidal current wave
form in phase with a purely sinusoidal voltage wave form. Power quality
improvement using traditional compensation methods include many
disadvantages like electromagnetic interference, possible resonance, fixed
compensation, bulkiness etc. So power system and power electronic
engineers need to develop adjustable and dynamic solutions using custom
power devices. These power conditioning equipments use static power
electronic converters to improve the power quality of distribution system
customers. The devices include Active Power Filter (APF), dynamic

voltage restorer (DVR) and Unified Power Quality Conditioner (UPQC).
APF is a compensator used to eliminate the disturbances in current. There
are basically two types of APFs: the shunt type and the series type. This
paper examines the control of Shunt Active Power Filter (SAPF) from
two different aspects: Synchronous Detection Method (SDM) and digital
control based on instantaneous power theory (p-q theory). Simulation
results using MATLAB SIMULINK demonstrates the application of these
methods to the control of APF. Moreover, this work shows that digital
control provides better power quality improvement than SDM.
ANDROID
1. T-Drive: Enhancing Driving Directions with Taxi Drivers
Intelligence
Abstract
This paper presents a smart driving direction system leveraging the
intelligence of experienced drivers. In this system, GPS-equipped
taxis are employed as mobile sensors probing the traffic rhythm of
a city and taxi drivers intelligence in choosing driving directions in
the physical world. We propose a time-dependent landmark graph
to model the dynamic traffic pattern as well as the intelligence of
experienced drivers so as to provide a user with the practically
fastest route to a given destination at a given departure time. Then,
a Variance-Entropy-Based Clustering approach is devised to
estimate the distribution of travel time between two landmarks in
different time slots. Based on this graph, we design a two-stage
routing algorithm to compute the practically fastest and customized
route for end users. We build our system based on a real-world
trajectory data set generated by over 33,000 taxis in a period of
three months, and evaluate the system by conducting both synthetic

experiments and in-the-field evaluations. As a result, 60-70 percent
of the routes suggested by our method are faster than the
competing methods, and 20 percent of the routes share the same
results. On average, 50 percent of our routes are at least 20 percent
faster than the competing approaches.
2. Dynamic Personalized Recommendation on Sparse Data
Abstract:
Recommendation techniques are very important in the fields of Ecommerce and other Web-based services. One of the main
difficulties is dynamically providing high-quality recommendation
on sparse data. In this paper, a novel dynamic personalized
recommendation algorithm is proposed, in which information
contained in both ratings and profile contents are utilized by
exploring latent relations between ratings, a set of dynamic features
are designed to describe user preferences in multiple phases, and
finally a recommendation is made by adaptively weighting the
features. Experimental results on public datasets show that the
proposed algorithm has satisfying performance.
3. Spatial Query Integrity with Voronoi Neighbors
Abstract:
With the popularity of location-based services and the abundant
usage of smart phones and GPS-enabled devices, the necessity of
outsourcing spatial data has grown rapidly over the past few years.
Meanwhile, the fast a rising trend of cloud storage and cloud
computing services has provided a flexible and cost-effective
platform for hosting data from businesses and individuals, further
enabling many location-based applications. Nevertheless, in this
database outsourcing paradigm, the authentication of the query

results at the client remains a challenging problem. In this paper,
we focus on the Outsourced Spatial Database (OSDB) model and
propose an efficient scheme, called VN-Auth, which allows a client
to verify the correctness and completeness of the result set. Our
approach is based on neighborhood information derived from the
Voronoi diagram of the underlying spatial data set and can handle
fundamental spatial query types, such as k nearest neighbor and
range queries, as well as more advanced query types like reverse k
nearest neighbor, aggregate nearest neighbor, and spatial skyline.
We evaluated VN-Auth based on real-world data sets using mobile
devices (Google Droid smart phones with Android OS) as query
clients. Compared to the current state-of-the-art approaches (i.e.,
methods based on Merkle Hash Trees), our experiments show that
VN-Auth produces significantly smaller verification objects and is
more computationally efficient, especially for queries with low
selectivity.
4. Meet You -- Social Networking on Android
Abstract:
This paper aims to present a system that illustrates the social nature
of a human being the need to be always in touch with family and
friends taking into account facilities available on Android
platform. The role of this application is to create a social network
in which the users are being alerted when their friends are around.
This gives them the possibility to set up a meeting or to avoid one.
The users have the possibility to check in some locations and allow
their friends to follow their activity. Taking into account the
security of the users, we included in the facilities of the application
an option which allows close friends or family to check the users

location based on a keyword text message. For this purpose,
available Android location and messages services are used for
finding an approximate location of a mobile phone running this
program and then sharing it through Meet You or via SMS.
Information is being displayed using default components provided
by Android platform and also more complex elements including
heterogeneous lists CWAC, Google Maps and augmented reality
using Mixare Library.
5. A Proxy-Based Approach to Continuous Location-Based
Spatial Queries in Mobile Environments
Abstract:
Caching valid regions of spatial queries at mobile clients is
effective in reducing the number of queries submitted by mobile
clients and query load on the server. However, mobile clients suffer
from longer waiting time for the server to compute valid regions.
We propose in this paper a proxy-based approach to continuous
nearest-neighbor (NN) and window queries. The proxy creates
estimated valid regions (EVRs) for mobile clients by exploiting
spatial and temporal locality of spatial queries. For NN queries, we
devise two new algorithms to accelerate EVR growth, leading the
proxy to build effective EVRs even when the cache size is small.
On the other hand, we propose to represent the EVRs of window
queries in the form of vectors, called estimated window vectors
(EWVs), to achieve larger estimated valid regions. This novel
representation and the associated creation algorithm result in more
effective EVRs of window queries. In addition, due to the distinct
characteristics, we use separate index structures, namely EVR-tree
and grid index, for NN queries and window queries, respectively.
To further increase efficiency, we develop algorithms to exploit the

results of NN queries to aid grid index growth, benefiting EWV
creation of window queries. Similarly, the grid index is utilized to
support NN query answering and EVR updating. We conduct
several experiments for performance evaluation. The experimental
results show that the proposed approach significantly outperforms
the existing proxy-based approaches.
6. PMSE: A Personalized Mobile Search Engine
ABSTRACT:
We propose a personalized mobile search engine (PMSE) that
captures the users preferences in the form of concepts by mining
their click through data. Due to the importance of location
information in mobile search, PMSE classifies these concepts into
content concepts and location concepts. In addition, users
locations (positioned by GPS) are used to supplement the location
concepts in PMSE. The user preferences are organized in an
ontology-based, multifaceted user profile, which are used to adapt
a personalized ranking function for rank adaptation of future search
results. To characterize the diversity of the concepts associated
with a query and their relevance to the users need, four entropies
are introduced to balance the weights between the content and
location facets. Based on the client-server model, we also present a
detailed architecture and design for implementation of PMSE. In
our design, the client collects and stores locally the click through
data to protect privacy, whereas heavy tasks such as concept
extraction, training, and re-ranking are performed at the PMSE
server. Moreover, we address the privacy issue by restricting the
information in the user profile exposed to the PMSE server with
two privacy parameters. We prototype PMSE on the Google
Android platform. Experimental results show that PMSE

significantly improves the precision comparing to the baseline.
7. Crowd sourced Trace Similarity with Smart phones
ABSTRACT:
Smart phones are nowadays equipped with a number of sensors,
such as WiFi, GPS, accelerometers, etc. This capability allows
smart phone users to easily engage in crowd sourced computing
services, which contribute to the solution of complex problems in a
distributed manner. In this work, we leverage such a computing
paradigm to solve efficiently the following problem: comparing a
query trace Q against a crowd of traces generated and stored on
distributed smart phones. Our proposed framework, coined Smart
Trace, provides an effective solution without disclosing any part
of the crowd traces to the query processor. Smart Trace, relies on
an in-situ data storage model and intelligent top-K query
processing algorithms that exploit distributed trajectory similarity
measures, resilient to spatial and temporal noise, in order to derive
the most relevant answers to Q. We evaluate our algorithms on both
synthetic and real workloads. We describe our prototype system
developed on the Android OS. The solution is deployed over our
own Smart Lab test bed of 25 smart phones. Our study reveals that
computations over Smart Trace result in substantial energy
conservation; in addition, results can be computed faster than
competitive approaches.
8. Twitsper: Tweeting Privately
ABSTRACT:
While OSNs today provide some form of privacy controls to
protect a users shared content from other users, these controls are
not sufficiently expressive to provide fine grained protection. In

this article, we introduce Twitsper, to support fine-grained control
over who sees a users messages. Twitsper provides privacy
controls to the users of Twitter today without relying on Twitter to
make changes. This is because it is a wrapper around Twitter that
enables private group communication while preserving Twitters
commercial interests. It preserves privacy both from the Twitsper
server as well as from undesired Twitsper users.
9. Review of Behavior Malware Analysis for Android
ABSTRACT:
Android based Smartphone are now a days getting more
popularity. With the use of Smartphone user must always concern
about the security breaching and malicious attacks. Here we
introduce an approach for proactive malware detection working by
abstraction of program behaviors.
Suspicious behaviors are
detected by comparing trace abstractions to reference malicious

behaviors. The sensitive power of concept allows us to grip
common mistrustful behaviors rather than specific malware
code and then, to distinguish malware transformation. We
present and discuss an implementation validating our approach.
First have to analyze the programs or apps, then represented them
as trace languages, which are abstracted by altering with
respect to elementary behavior patterns, defined as regular string
rephrasing systems. This paper review the state of the art on
threats, vulnerabilities , We aimed at existing
approaches
to
protecting mobile devices against these classes of attacks into

different
categories,
based
upon
the detection
principles,
architectures, collected data and operating systems, especially

focusing on IDS-based models and tools.
10.Research in Progress - Defending Android Smart phones from

Malware Attacks
ABSTRACT:
Smart phones are becoming enriched with confidential information
due to their powerful computational capabilities and attractive
communications features. The Android smart phone is one of the
most widely used platforms by businesses and users alike. This is
partially because Android smart phones use the free, open-source
Linux as the underlying operating system, which allows
development of applications by any software developer. This
research study aims to explore security risks associated with the
use of Android smart phones and the sensitive information they
contain; the researcher devised a survey questionnaire to
investigate and further understand security threats targeting
Android smart phones. The survey also intended to study the scope
of malware attacks targeting Android phones and the effectiveness
of existing defense measures. The study surveyed the average
Android users as the target population to understand how they
perceive security and what security controls they use to protect
their smart phones.
11.Secure
Encounter-based
Mobile
Social
Networks:
Requirements, Designs, and Tradeoffs
ABSTRACT:
Encounter-based social networks and encounter-based systems link
users who share a location at the same time, as opposed to the
traditional social network paradigm of linking users who have an
offline friendship. This new approach presents challenges that are
fundamentally different from those tackled by previous social
network designs. In this paper, we explore the functional and

security requirements for these new systems, such as availability,
security, and privacy, and present several design options for
building secure encounter-based social networks. To highlight these
challenges we examine one recently proposed encounter-based
social network design and compare it to a set of idealized security
and functionality requirements. We show that it is vulnerable to
several attacks, including impersonation, collusion, and privacy
breaching, even though it was designed specifically for security.
Mindful of the possible pitfalls, we construct a flexible framework
for secure encounter-based social networks, which can be used to
construct networks that offer different security, privacy, and
availability guarantees. We describe two example constructions
derived from this framework, and consider each in terms of the
ideal requirements. Some of our new designs fulfill more
requirements in terms of system security, reliability, and privacy
than previous work. We also evaluate real-world performance of
one of our designs by implementing a proof-of-concept iPhone
application called Meet Up. Experiments highlight the potential of
our system and hint at the deploy ability of our designs on a large
scale.
12.Cloud
FTP: A Case
Study
of
Migrating
Traditional
Applications to the Cloud
ABSTRACT:
The cloud computing is growing rapidly for it offers on-demand
computing power and capacity. The power of cloud enables
dynamic scalability of applications facing various business
requirements. However, challenges arise when considering the
large amount of existing applications. In this work we propose to

move the traditional FTP service to the cloud. We implement FTP
service on Windows Azure Platform along with the auto-scaling
cloud feature. Based on this, we implement a benchmark to
measure the performance of our Cloud FTP. This case study
illustrates the potential benefits and technical issues associated
with the migration of the traditional applications to the clouds.
13.Collaborative Policy Administration
ABSTRACT:
Policy based management is a very effective method to protect
sensitive information. However, the over claim of privileges is
widespread in emerging applications, including mobile applications
and social network services, because the applications users
involved in policy administration have little knowledge of policy
based management. The over claim can be leveraged by malicious
applications, then lead to serious privacy leakages and financial
loss. To resolve this issue, this paper proposes a novel policy
administration mechanism, referred to as Collaborative Policy
Administration
(CPA for
short),
to
simplify
the
policy
administration. In CPA, a policy administrator can refer to other

similar policies to set up their own policies to protect privacy and
other sensitive information. This paper formally defines CPA, and
proposes its enforcement framework. Furthermore, in order to
obtain similar policies more effectively, which is the key step of
CPA, a text mining based similarity measure method is presented.
We evaluate CPA with the data of Android applications, and
demonstrate that the text mining based similarity measure method
is more effective in obtaining similar policies than the previous
category based method
14.SPOC: A Secure and Privacy-Preserving Opportunistic

Computing Framework for Mobile-Healthcare Emergency
ABSTRACT:
With the pervasiveness of smart phones and the advance of
wireless body sensor networks (BSNs), mobile Healthcare (mHealthcare), which extends the operation of Healthcare provider
into a pervasive environment for better health monitoring, has
attracted considerable interest recently. However, the flourish of mHealthcare still faces many challenges including information
security and privacy preservation. In this paper, we propose a
secure and privacy-preserving opportunistic computing framework,
called SPOC, for m-Healthcare emergency. With SPOC, smart
phone resources including computing power and energy can be
opportunistically gathered to process the computing-intensive
personal health information (PHI) during m-Healthcare emergency
with minimal privacy disclosure. In specific, to leverage the PHI
privacy disclosure and the high reliability of PHI process and
transmission in m-Healthcare emergency, we introduce an efficient
user-centric privacy access control in SPOC framework, which is
based on an attribute-based access control and a new privacypreserving scalar product computation (PPSPC) technique, and
allows a medical user to decide who can participate in the
opportunistic computing to assist in processing his overwhelming
PHI data. Detailed security analysis shows that the proposed SPOC
framework can efficiently achieve user-centric privacy access
control in m-Healthcare emergency. In addition, performance
evaluations via extensive simulations demonstrate the SPOCs
effectiveness in term of providing high reliable PHI process and
transmission while minimizing the privacy disclosure during mHealthcare emergency.

15.Scalable and Secure Sharing of Personal Health Records in
Cloud Computing Using Attribute-Based Encryption
ABSTRACT:
Personal health record (PHR) is an emerging patient-centric model
of health information exchange, which is often outsourced to be
stored at a third party, such as cloud providers. However, there
have been wide privacy concerns as personal health information
could be exposed to those third party servers and to unauthorized
parties. To assure the patients control over access to their own
PHRs, it is a promising method to encrypt the PHRs before
outsourcing. Yet, issues such as risks of privacy exposure,
scalability in key management, flexible access and efficient user
revocation, have remained the most important challenges toward
achieving fine-grained, cryptographically enforced data access
control. In this paper, we propose a novel patient-centric
framework and a suite of mechanisms for data access control to
PHRs stored in semi-trusted servers. To achieve fine-grained and
scalable data access control for PHRs, we leverage attribute based
encryption (ABE) techniques to encrypt each patients PHR file.
Different from previous works in secure data outsourcing, we focus
on the multiple data owner scenario, and divide the users in the
PHR system into multiple security domains that greatly reduces the
key management complexity for owners and users. A high degree
of patient privacy is guaranteed simultaneously by exploiting
multi-authority
ABE.
Our
scheme
also
enables
dynamic
modification of access policies or file attributes, supports efficient

on-demand user/attribute revocation and break-glass access under
emergency scenarios. Extensive analytical and experimental results

are presented which show the security, scalability and efficiency of
our proposed scheme.
16.Collaborative Learning Assistant for Android
ABSTRACT:
The quantitative and qualitative increase in mobile devices that
reach the average user opens more and more topics for research. In
education, m-Learning has been an interesting topic for several
years. However, the smart phones, that today display an
unprecedented mix of computing capability, connectivity and
interactivity,
leverage
new
possibilities
for
m-Learning
applications. Such applications can seamlessly connect remote

individuals, but can also provide access to various resources, such
as media, or interactive quizzes. We focus on collaborative learning
and peer-review learning, two closely related concepts, promoting
methods such as sharing educational resources, organizing study
sessions and giving feedback to fellow students. We propose a
client-server system to provide all these features and we study it
under performance considerations such as scalability and mobility.


2013-2014 IEEE JAVA Project List With Abstract

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

2013-2014 IEEE JAVA Project List With Abstract

Hochgeladen von

Copyright:

Verfügbare Formate

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.

IEEE 2012-13 JAVA/ J2EE TITLES

2.CloudMoV: Cloud-based Mobile Social TV

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

(Infrastructure-as-a- Service) cloud services to offer the living-room

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

transcoding capabilities, battery efficiency of mobile devices and

technology. In this paper, we present a system that uses virtualization

4.Error-Tolerant Resource Allocation and Payment Minimization for

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

5.Harnessing the Cloud for Securely Outsourcing Large-Scale Systems

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

6.Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

chunks to identify previously received chunk chains, which in turn can be

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

9.Scalable and Secure Sharing of Personal Health Records in Cloud

Mindsoft: 2nd Floor, 2nd Main, Service Road, Vijayanagara, Bangalore-40.

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

which show the security, scalability, and efficiency of our proposed

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

Load balancing in the cloud computing environment has an important

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

algorithm is compared against a centralized approach in a production

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

mechanism for time-shifting scheduled jobs in a simulator and study the

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

Attribute-based encryption (ABE) is a public-keybased one-to-many

Mindsoft: 2nd Floor, 2nd Main, Service Road, Vijayanagara, Bangalore-40.

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

16.A Secure Erasure Code-Based Cloud Storage System with Secure

confidentiality. General encryption schemes protect data confidentiality,

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

The use of cloud computing has increased rapidly in many organizations.

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

efficient user revocation, have remained the most important challenges

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

decentralized information accountability framework to keep track of the

Mindsoft: 2nd Floor, 2nd Main, Service Road, Vijayanagara, Bangalore-40.

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

experiments show that our solution introduces lower computation and

21.HASBE: A Hierarchical Attribute-Based Solution for Flexible and

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

control for outsourced data in cloud computing with comprehensive

23.Toward Secure and Dependable Storage Services in Cloud

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

based feature selection algorithm (FAST) is proposed and experimentally

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

engine query logs. First, we propose a framework to discover different

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

monotonicity of privacy constraints for efficiently checking m-privacy

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

we can detect an earthquake with high probability (93 percent of

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

(e.g., epidemiology study) and investigation (e.g., case review) by drug

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

Generating models from large data setsand determining which subsets

Sanjeev Kumar. P # 9844641410, 9902752525 Email: if.sanjeev@gmail.com

does not contain any instances of the targeted structured information. We