2022 Vol. 59 No. 11
2022, 59(11): 2377-2394.
DOI: 10.7544/issn1000-1239.20220528
Abstract:
With the continuous increase of data assets from enterprises, governments and private individuals, the demand for classification applications such as images in the field of machine learning is also increasing. In order to meet various practical needs, the idea of cloud service deployment in machine learning as a service (MLAAS) has gradually become the mainstream. However, applications based on cloud services often bring serious data privacy and security leakage issues. FPCBC is a federated learning privacy-preserving classification system based on crowdsourcing aggregation. It crowdsources classification tasks to multiple edge participants and uses cloud computing to complete the whole process. However, instead of using the method of jointly training ideal models to obtain high-confidence classification results, we let the participants first train model based on limited local data and use the model to infer, and then we use mature algorithms to aggregate the inference results to obtain classification with higher accuracy. Importantly, users won’t leak any private data, which solves the privacy and security issues of traditional MLAAS. During the system implementation, we use homomorphic encryption to encrypt image data that requires machine learning inference; we also improve a crowdsourced federated learning classification algorithm, and implement the privacy-preserving computation of the entire system by introducing a dual-server mechanism. Experiments and performance analysis show that the system is feasible, the security degree of privacy protection has been significantly improved, and it is more suitable for application scenarios with high privacy and security requirements in real life.
With the continuous increase of data assets from enterprises, governments and private individuals, the demand for classification applications such as images in the field of machine learning is also increasing. In order to meet various practical needs, the idea of cloud service deployment in machine learning as a service (MLAAS) has gradually become the mainstream. However, applications based on cloud services often bring serious data privacy and security leakage issues. FPCBC is a federated learning privacy-preserving classification system based on crowdsourcing aggregation. It crowdsources classification tasks to multiple edge participants and uses cloud computing to complete the whole process. However, instead of using the method of jointly training ideal models to obtain high-confidence classification results, we let the participants first train model based on limited local data and use the model to infer, and then we use mature algorithms to aggregate the inference results to obtain classification with higher accuracy. Importantly, users won’t leak any private data, which solves the privacy and security issues of traditional MLAAS. During the system implementation, we use homomorphic encryption to encrypt image data that requires machine learning inference; we also improve a crowdsourced federated learning classification algorithm, and implement the privacy-preserving computation of the entire system by introducing a dual-server mechanism. Experiments and performance analysis show that the system is feasible, the security degree of privacy protection has been significantly improved, and it is more suitable for application scenarios with high privacy and security requirements in real life.
2022, 59(11): 2395-2407.
DOI: 10.7544/issn1000-1239.20220526
Abstract:
The rapid development of deep learning technology has brought us great convenience, but it also results in the disclosure of a large number of private data. Federated learning (FL) allows clients to jointly train models only by sharing gradients, which seems to solve the privacy information leakage problem, but some research show that gradients transmitted in FL frameworks can still result in privacy information leakage. Moreover, the high communication cost of FL is difficult to apply to resource-constrained environments. Therefore, we put forward two communication-efficient and secure FL algorithms, which use Top-K sparse and compressed sensing to reduce communication overhead caused by the gradient transmission, and further use additive secret sharing in secure multi-party computation (MPC) to encrypt the important gradient parameter measurements in order to simultaneously realize communication overhead reduction and security enhancement. The main difference between the two algorithms is that the client and server communicate with each other by transmitting the gradient measurement value and the quantization result of the gradient measurement value, respectively. Experiments on MNIST and Fashion-MNIST data show that, compared with other algorithms, the proposed algorithms can further increase the security at a lower communication cost and have better performance in model accuracy.
The rapid development of deep learning technology has brought us great convenience, but it also results in the disclosure of a large number of private data. Federated learning (FL) allows clients to jointly train models only by sharing gradients, which seems to solve the privacy information leakage problem, but some research show that gradients transmitted in FL frameworks can still result in privacy information leakage. Moreover, the high communication cost of FL is difficult to apply to resource-constrained environments. Therefore, we put forward two communication-efficient and secure FL algorithms, which use Top-K sparse and compressed sensing to reduce communication overhead caused by the gradient transmission, and further use additive secret sharing in secure multi-party computation (MPC) to encrypt the important gradient parameter measurements in order to simultaneously realize communication overhead reduction and security enhancement. The main difference between the two algorithms is that the client and server communicate with each other by transmitting the gradient measurement value and the quantization result of the gradient measurement value, respectively. Experiments on MNIST and Fashion-MNIST data show that, compared with other algorithms, the proposed algorithms can further increase the security at a lower communication cost and have better performance in model accuracy.
2022, 59(11): 2408-2422.
DOI: 10.7544/issn1000-1239.20220458
Abstract:
Federated learning (FL) has gained applause with great advantages by replacing data transmission with uploading model parameters, effectively avoiding privacy leakage. However, when federated learning is applied to the cloud-edge-end system, for one thing, there are two-level distributed frameworks in cloud-edge-end system, i.e. edge and end, challenging the traditional single-layer federated learning; for another thing, the upper complexity bound of end models is not always the same due to resource heterogeneity, which cannot satisfy the assumption of a unified model for clients in the federated learning framework. To solve the first problem above, based on the traditional single-layer federated learning method, we propose a hierarchically federated learning method for the cloud-edge-end system. For the second problem, we split a deep model into a series of sub-models by inserting early exit branches, where sub-models with different computing complexities match different clients’ resource statuses, thus accomplishing hierarchically heterogeneous federated learning. Additionally, due to factors like human resources, there is a lot of unlabeled data on end devices, which cannot be used for effective model training. Therefore, we propose a semi-supervised learning method for federated learning to effectively utilize unlabeled data. Finally, the methods of this paper are verified by MNIST and FashionMNIST datasets. Experimental results show that compared with other methods, the method proposed in this paper can improve accuracy by up to 22% under the premise of privacy security, and at the same time, the resources overhead in computing, communication, and storage have been significantly reduced.
Federated learning (FL) has gained applause with great advantages by replacing data transmission with uploading model parameters, effectively avoiding privacy leakage. However, when federated learning is applied to the cloud-edge-end system, for one thing, there are two-level distributed frameworks in cloud-edge-end system, i.e. edge and end, challenging the traditional single-layer federated learning; for another thing, the upper complexity bound of end models is not always the same due to resource heterogeneity, which cannot satisfy the assumption of a unified model for clients in the federated learning framework. To solve the first problem above, based on the traditional single-layer federated learning method, we propose a hierarchically federated learning method for the cloud-edge-end system. For the second problem, we split a deep model into a series of sub-models by inserting early exit branches, where sub-models with different computing complexities match different clients’ resource statuses, thus accomplishing hierarchically heterogeneous federated learning. Additionally, due to factors like human resources, there is a lot of unlabeled data on end devices, which cannot be used for effective model training. Therefore, we propose a semi-supervised learning method for federated learning to effectively utilize unlabeled data. Finally, the methods of this paper are verified by MNIST and FashionMNIST datasets. Experimental results show that compared with other methods, the method proposed in this paper can improve accuracy by up to 22% under the premise of privacy security, and at the same time, the resources overhead in computing, communication, and storage have been significantly reduced.
2022, 59(11): 2423-2436.
DOI: 10.7544/issn1000-1239.20220470
Abstract:
Traditional federated learning relies on a central server, and the training process is vulnerable to single point of failure and malicious attacks from nodes, and intermediate parameters passed in plaintext may be exploited to infer the private information in data. A decentralized, secure, and fair federated learning model based on the blockchain is proposed, using homomorphic encryption technology to protect the privacy of the intermediate parameters of the collaborative training parties. Model aggregation and collaborative decryption are carried out through the elected federated learning committee. The decryption process achieves secure key management through a secret sharing scheme, using bilinear-map accumulator to provide verification of correctness for the secret share. The model also introduces reputation as an indicator to evaluate the reliability of the participants, and uses the subjective logic model to realize disbelief enhanced reputation calculation as the basis for the election of the federated learning committee. The reputation value can be used as a reference for the incentive mechanism to ensure fairness. Model information and the reputation value realize data tamper-proof and non-repudiation through the blockchain. Experiments show that in the condition of the training, accuracy is slightly lower than that of the centralized learning model, and model can guarantee that it can be trained in a decentralized manner in multi-party collaborative environment, and implement data privacy protection for all participants.
Traditional federated learning relies on a central server, and the training process is vulnerable to single point of failure and malicious attacks from nodes, and intermediate parameters passed in plaintext may be exploited to infer the private information in data. A decentralized, secure, and fair federated learning model based on the blockchain is proposed, using homomorphic encryption technology to protect the privacy of the intermediate parameters of the collaborative training parties. Model aggregation and collaborative decryption are carried out through the elected federated learning committee. The decryption process achieves secure key management through a secret sharing scheme, using bilinear-map accumulator to provide verification of correctness for the secret share. The model also introduces reputation as an indicator to evaluate the reliability of the participants, and uses the subjective logic model to realize disbelief enhanced reputation calculation as the basis for the election of the federated learning committee. The reputation value can be used as a reference for the incentive mechanism to ensure fairness. Model information and the reputation value realize data tamper-proof and non-repudiation through the blockchain. Experiments show that in the condition of the training, accuracy is slightly lower than that of the centralized learning model, and model can guarantee that it can be trained in a decentralized manner in multi-party collaborative environment, and implement data privacy protection for all participants.
2022, 59(11): 2437-2450.
DOI: 10.7544/issn1000-1239.20210280
Abstract:
Non-volatile memory (NVM) is an emerging candidate for the next generation of main memory. Building persistent memory systems with NVM faces two challenges, including ensuring data security and optimizing write operations. Recent studies have proposed encryption and integrity verification techniques to protect in-memory data, and have proposed selective reencryption techniques to reduce write overhead. These techniques introduce various metadata that are stored in persistent memory. However, existing metadata management mechanisms only consider part of the metadata, which still causes significant metadata access overhead. To address the problem, we propose COTANA, a coordinated metadata management method for secure persistent memory. COTANA places the encryption and the selective reencryption metadata in the same metadata blocks, so that fetching the metadata for encryption/decryption needs only one read. COTANA builds an integrity tree on these metadata blocks, and places the message authentication codes (MAC) in an ECC chip to avoid extra access latency. Moreover, we observe that the bytes within a block have different modification frequencies for real-world workloads. Therefore, for selective reencryption, COTANA adopts a dynamic data partition scheme that dynamically chooses the partition methods with lowest bit flips. The methods include an existing successive partition method and a gathered partition method that is designed based on the modification frequencies. The evaluation results show that COTANA improves performance by up to 13.7%, and decreases bit flips by up to 21.3% compared with the state-of-the-art designs.
Non-volatile memory (NVM) is an emerging candidate for the next generation of main memory. Building persistent memory systems with NVM faces two challenges, including ensuring data security and optimizing write operations. Recent studies have proposed encryption and integrity verification techniques to protect in-memory data, and have proposed selective reencryption techniques to reduce write overhead. These techniques introduce various metadata that are stored in persistent memory. However, existing metadata management mechanisms only consider part of the metadata, which still causes significant metadata access overhead. To address the problem, we propose COTANA, a coordinated metadata management method for secure persistent memory. COTANA places the encryption and the selective reencryption metadata in the same metadata blocks, so that fetching the metadata for encryption/decryption needs only one read. COTANA builds an integrity tree on these metadata blocks, and places the message authentication codes (MAC) in an ECC chip to avoid extra access latency. Moreover, we observe that the bytes within a block have different modification frequencies for real-world workloads. Therefore, for selective reencryption, COTANA adopts a dynamic data partition scheme that dynamically chooses the partition methods with lowest bit flips. The methods include an existing successive partition method and a gathered partition method that is designed based on the modification frequencies. The evaluation results show that COTANA improves performance by up to 13.7%, and decreases bit flips by up to 21.3% compared with the state-of-the-art designs.
2022, 59(11): 2451-2466.
DOI: 10.7544/issn1000-1239.20210211
Abstract:
Erasure coding is widely deployed in distributed storage clusters to provide data reliability, but the disk I/O overhead becomes a performance bottleneck when data updates are intensive. On the one hand, traditional data update strategies need to read the original data chunk, and then write new data when updating the data chunk. In the case of intensive updates, frequent write-after-read seriously affects the write performance of the storage clusters. On the other hand, the operations of updating the parity chunk include reading the increments randomly distributed in the log file and merging them with the data file, which also introduces additional disk seek overhead. In this paper, a data updating method, named PARD (parity logging with reserved space and data delta), is proposed to solve these problems. The main idea of PARD is to use the linear calculations of erasure coding to reduce write-after-read, and take advantage of the disk characteristics to reduce the disk seek overhead. PARD comprises three key design features: 1) Adopting in-place data updates and log-based parity updates. 2) Taking advantage of the linear calculations of erasure coding to construct the log based on data increments. For a series of write requests to the same data chunk, only the first update needs to read the original data chunk, and the subsequent update executes the pure write, which remarkably reduces the write-after-read. 3) According to the characteristics of disk, reserving space for the log at the end of data file to reduce the disk seek overhead of reading and writing log. Experiments show that when the chunk size is 4 MB, PARD gains at least, 30.4%, 47.0% and 82.0% improvements in update throughput compared with PLR, PARIX, and FO, respectively.
Erasure coding is widely deployed in distributed storage clusters to provide data reliability, but the disk I/O overhead becomes a performance bottleneck when data updates are intensive. On the one hand, traditional data update strategies need to read the original data chunk, and then write new data when updating the data chunk. In the case of intensive updates, frequent write-after-read seriously affects the write performance of the storage clusters. On the other hand, the operations of updating the parity chunk include reading the increments randomly distributed in the log file and merging them with the data file, which also introduces additional disk seek overhead. In this paper, a data updating method, named PARD (parity logging with reserved space and data delta), is proposed to solve these problems. The main idea of PARD is to use the linear calculations of erasure coding to reduce write-after-read, and take advantage of the disk characteristics to reduce the disk seek overhead. PARD comprises three key design features: 1) Adopting in-place data updates and log-based parity updates. 2) Taking advantage of the linear calculations of erasure coding to construct the log based on data increments. For a series of write requests to the same data chunk, only the first update needs to read the original data chunk, and the subsequent update executes the pure write, which remarkably reduces the write-after-read. 3) According to the characteristics of disk, reserving space for the log at the end of data file to reduce the disk seek overhead of reading and writing log. Experiments show that when the chunk size is 4 MB, PARD gains at least, 30.4%, 47.0% and 82.0% improvements in update throughput compared with PLR, PARIX, and FO, respectively.
2022, 59(11): 2467-2496.
DOI: 10.7544/issn1000-1239.20210537
Abstract:
Emotion cause extraction(ECE) is a new research direction of affective computing. As a kind of fine-grained sentiment analysis, its purpose is to find out the part of the given document text that triggers the emotion, which is also called tracing to the source of an emotion. ECE has a high academic research value and a wide range of application scenarios in reality, because of its involvement in the fields of linguistics, psychology and other related domains. Recognizing the emotion cause in a document is more useful than just only identifying the emotion. For example, it can help people understand the source of stress and better control their emotions. Although most of the research in affective computing focuses on emotion recognition, emotion prediction and emotional information extraction, many scholars have turned to analyze the causes behind emotions, and have produced rich results in recent years. We make a comprehensive review and analysis of automatic ECE from texts in multiple perspectives, starting from the problem definition and the classification of ECE. Then we review the main methods for ECE especially based on deep learning. After that, the benchmark datasets and the evaluation metrics for ECE task are detailed summarized. Finally, we discuss the deficiency of the existing works on ECE and forecast the future challenges.
Emotion cause extraction(ECE) is a new research direction of affective computing. As a kind of fine-grained sentiment analysis, its purpose is to find out the part of the given document text that triggers the emotion, which is also called tracing to the source of an emotion. ECE has a high academic research value and a wide range of application scenarios in reality, because of its involvement in the fields of linguistics, psychology and other related domains. Recognizing the emotion cause in a document is more useful than just only identifying the emotion. For example, it can help people understand the source of stress and better control their emotions. Although most of the research in affective computing focuses on emotion recognition, emotion prediction and emotional information extraction, many scholars have turned to analyze the causes behind emotions, and have produced rich results in recent years. We make a comprehensive review and analysis of automatic ECE from texts in multiple perspectives, starting from the problem definition and the classification of ECE. Then we review the main methods for ECE especially based on deep learning. After that, the benchmark datasets and the evaluation metrics for ECE task are detailed summarized. Finally, we discuss the deficiency of the existing works on ECE and forecast the future challenges.
2022, 59(11): 2497-2506.
DOI: 10.7544/issn1000-1239.20210599
Abstract:
Vehicle re-identification (ReID), as a critical component for intelligent transportation systems, aims to identify the same vehicle across different cameras with large variations in viewpoints, lighting, and resolution. As the rapid development of surveillance networks, a tremendous amount of data is collected, making it expensive or even impossible to retrieve the same vehicle across multiple cameras via human labor. With the breakthrough in computer vision, a variety of vehicle ReID methods based on convolutional neural networks are recently developed and perform well in real-world scenes. One of the main challenges of ReID task is the variation of viewpoints, under which circumstance the identical vehicle from different viewpoints usually has low intra-instance similarity while different vehicles from similar viewpoints may have relatively small inter-instance discrepancy. To address this challenge and improve vehicle ReID performance, a novel parsing-based vehicle part multi-attention adaptive fusion network (PPAAF) is proposed. First, in order to gain a fine-grained representation of vehicle parts and meanwhile eliminate the effects of viewpoints, we modify the existing deep residual network named ResNet and introduce a parsing network to segment a vehicle image into image background and four different vehicle parts (including front, back, top, and side) respectively. Then vehicle part features are aligned through masked average pooling. Second, a novel part attention module (PAM) is developed to integrate multiple attention mechanism adaptively, providing diverse measurements of vehicle part importance in vehicle ReID task. Compared with previous methods, the additional attention not only enlarges the distance between different vehicles but also strengthens the validity of vehicle part feature extraction. Finally, we optimize the proposed network with Triplet loss and Focal loss in multi-task framework. Extensive experiments and ablation studies conducted on two major vehicle re-identification datasets provide competitive results against state-of-the-art vehicle ReID methods and prove the effectiveness of our method.
Vehicle re-identification (ReID), as a critical component for intelligent transportation systems, aims to identify the same vehicle across different cameras with large variations in viewpoints, lighting, and resolution. As the rapid development of surveillance networks, a tremendous amount of data is collected, making it expensive or even impossible to retrieve the same vehicle across multiple cameras via human labor. With the breakthrough in computer vision, a variety of vehicle ReID methods based on convolutional neural networks are recently developed and perform well in real-world scenes. One of the main challenges of ReID task is the variation of viewpoints, under which circumstance the identical vehicle from different viewpoints usually has low intra-instance similarity while different vehicles from similar viewpoints may have relatively small inter-instance discrepancy. To address this challenge and improve vehicle ReID performance, a novel parsing-based vehicle part multi-attention adaptive fusion network (PPAAF) is proposed. First, in order to gain a fine-grained representation of vehicle parts and meanwhile eliminate the effects of viewpoints, we modify the existing deep residual network named ResNet and introduce a parsing network to segment a vehicle image into image background and four different vehicle parts (including front, back, top, and side) respectively. Then vehicle part features are aligned through masked average pooling. Second, a novel part attention module (PAM) is developed to integrate multiple attention mechanism adaptively, providing diverse measurements of vehicle part importance in vehicle ReID task. Compared with previous methods, the additional attention not only enlarges the distance between different vehicles but also strengthens the validity of vehicle part feature extraction. Finally, we optimize the proposed network with Triplet loss and Focal loss in multi-task framework. Extensive experiments and ablation studies conducted on two major vehicle re-identification datasets provide competitive results against state-of-the-art vehicle ReID methods and prove the effectiveness of our method.
2022, 59(11): 2507-2519.
DOI: 10.7544/issn1000-1239.20210466
Abstract:
Crowdsourcing usually involves multiple parties of participants with their objectives. One of the fundamental challenges for crowdsourcing is to design effective mechanisms to make all the parties obtain their benefits besides competing. Even though fruitful previous studies have been conducted on this topic, they are usually based on the two-party crowdsourcing models under which one or more requesters and a crowd of workers are involved. However, in real-world applications, the requesters usually interact with the workers through the crowdsourcing platforms, making up the three-party crowdsourcing markets, under which the mechanism design for the requester-platform interaction doesn’t receive previous study. In this work, we model the three-party crowdsourcing market as a game with incomplete information. We show that the Nash Equilibrium of this game can be found via regret minimization with proper online learning strategies. Under the single-requester setting, we show that the classical EXP3 algorithm is optimal for the requester, meanwhile, we propose a stronger strategy for the platform based on the counterfactual regret minimization technique. We also propose effective strategies for both platform and requesters in multiple requesters setting by generalizing the single-requester strategies. The performance of the proposed strategies is verified from experiments with both synthetic and real-world datasets.
Crowdsourcing usually involves multiple parties of participants with their objectives. One of the fundamental challenges for crowdsourcing is to design effective mechanisms to make all the parties obtain their benefits besides competing. Even though fruitful previous studies have been conducted on this topic, they are usually based on the two-party crowdsourcing models under which one or more requesters and a crowd of workers are involved. However, in real-world applications, the requesters usually interact with the workers through the crowdsourcing platforms, making up the three-party crowdsourcing markets, under which the mechanism design for the requester-platform interaction doesn’t receive previous study. In this work, we model the three-party crowdsourcing market as a game with incomplete information. We show that the Nash Equilibrium of this game can be found via regret minimization with proper online learning strategies. Under the single-requester setting, we show that the classical EXP3 algorithm is optimal for the requester, meanwhile, we propose a stronger strategy for the platform based on the counterfactual regret minimization technique. We also propose effective strategies for both platform and requesters in multiple requesters setting by generalizing the single-requester strategies. The performance of the proposed strategies is verified from experiments with both synthetic and real-world datasets.
2022, 59(11): 2520-2533.
DOI: S10.7544/issn1000-1239.20210348
Abstract:
Online learning has become more and more popular for its convenience without time and space restrictions. How to choose a suitable course from thousands of online courses is a great challenge for online learners, so online course recommendations have emerged. But the existing course recommendation system still faces two main problems: 1)Different users have different learning abilities and needs. Therefore, the suitability of different courses for the target user should be carefully considered;otherwise, it may recommend too difficult courses for users. 2)Existing methods usually ignore the collocation relationship between the recommended course and the courses that the user has learned, which may lead to inappropriate recommendation. To address the above problems, in this paper the user’s learning characteristics, types and their study suitability for different courses are analyzed firstly; meanwhile, it explores the common selection frequency of courses to study the collocation relationship between different courses. Based on the above two aspects, the user-suitability and course-matching aware course recommendation model (SMCR for short) is proposed. The results of comparative experiments on the Canvas Network(CN for short) dataset and the China university MOOC(MOOC for short) dataset show that this method can achieve higher recommendation accuracy. Moreover, the SMCR model can recommend courses that are suitable for users’ learning ability as well as matching with the courses they have learned.
Online learning has become more and more popular for its convenience without time and space restrictions. How to choose a suitable course from thousands of online courses is a great challenge for online learners, so online course recommendations have emerged. But the existing course recommendation system still faces two main problems: 1)Different users have different learning abilities and needs. Therefore, the suitability of different courses for the target user should be carefully considered;otherwise, it may recommend too difficult courses for users. 2)Existing methods usually ignore the collocation relationship between the recommended course and the courses that the user has learned, which may lead to inappropriate recommendation. To address the above problems, in this paper the user’s learning characteristics, types and their study suitability for different courses are analyzed firstly; meanwhile, it explores the common selection frequency of courses to study the collocation relationship between different courses. Based on the above two aspects, the user-suitability and course-matching aware course recommendation model (SMCR for short) is proposed. The results of comparative experiments on the Canvas Network(CN for short) dataset and the China university MOOC(MOOC for short) dataset show that this method can achieve higher recommendation accuracy. Moreover, the SMCR model can recommend courses that are suitable for users’ learning ability as well as matching with the courses they have learned.
2022, 59(11): 2534-2548.
DOI: 10.7544/issn1000-1239.20210658
Abstract:
Object detectors have been widely applied in various intelligent systems, and mainly used to classify and locate objects in images. However, recent studies show that object detectors are as susceptible to digital adversarial examples and physical adversarial examples as DNNs classifiers. YOLOv3 is a mainstream object detector used in real-time detection tasks. Most of the existing physical adversarial examples for attacking YOLOv3 are constructed by printing out the large adversarial perturbations and pasting them on the surface of a specific class of object. The false positive adversarial example(FPAE) that appeared in recent research can be directly generated by the target model, which are unrecognizable to humans but can cause the object detectors to recognize them as the target class specified by the attacker with high confidence. The existing method to generate FPAE with YOLOv3 as the target model is only the AA(appearing attack) method. In the process of generating FPAE through the AA method, in order to improve the robustness of FPAE, EOT(expectation over transformation) image transformation will be added in the iterative optimization process to simulate various physical conditions, but motion blur that may occur during shooting is not considered, which in turn affects the attack effect of adversarial examples. In addition, the generated FPAE has a low attack success rate when it performs black-box attack on object detectors other than YOLOv3. In order to generate a better performance FPAE to reveal the weaknesses of existing object detectors and test the security of existing object detectors, we take the YOLOv3 object detector as the target model, and propose the RTFP(robust and transferable false positive) adversarial attack method. In the iterative optimization process of this method, in addition to using typical image transformation, motion blur transformation is added. At the same time, in the design of the loss function, this method draws on the design idea of the loss function in the C&W attack, and takes the IOU(intersection over union) between the bounding boxes predicted by the target model in the grid cell where the center of the FPAE is located and the real bounding box where the FPAE is located as the weight item of the classification loss of the predicted bounding boxes. In the experiment of the multiple distance-angle combinations shooting tests and the driving shooting tests in the real world, the FPAE generated by RTFP method can maintain good robustness, and its transferability is better than the FPAE generated by the existing methods.
Object detectors have been widely applied in various intelligent systems, and mainly used to classify and locate objects in images. However, recent studies show that object detectors are as susceptible to digital adversarial examples and physical adversarial examples as DNNs classifiers. YOLOv3 is a mainstream object detector used in real-time detection tasks. Most of the existing physical adversarial examples for attacking YOLOv3 are constructed by printing out the large adversarial perturbations and pasting them on the surface of a specific class of object. The false positive adversarial example(FPAE) that appeared in recent research can be directly generated by the target model, which are unrecognizable to humans but can cause the object detectors to recognize them as the target class specified by the attacker with high confidence. The existing method to generate FPAE with YOLOv3 as the target model is only the AA(appearing attack) method. In the process of generating FPAE through the AA method, in order to improve the robustness of FPAE, EOT(expectation over transformation) image transformation will be added in the iterative optimization process to simulate various physical conditions, but motion blur that may occur during shooting is not considered, which in turn affects the attack effect of adversarial examples. In addition, the generated FPAE has a low attack success rate when it performs black-box attack on object detectors other than YOLOv3. In order to generate a better performance FPAE to reveal the weaknesses of existing object detectors and test the security of existing object detectors, we take the YOLOv3 object detector as the target model, and propose the RTFP(robust and transferable false positive) adversarial attack method. In the iterative optimization process of this method, in addition to using typical image transformation, motion blur transformation is added. At the same time, in the design of the loss function, this method draws on the design idea of the loss function in the C&W attack, and takes the IOU(intersection over union) between the bounding boxes predicted by the target model in the grid cell where the center of the FPAE is located and the real bounding box where the FPAE is located as the weight item of the classification loss of the predicted bounding boxes. In the experiment of the multiple distance-angle combinations shooting tests and the driving shooting tests in the real world, the FPAE generated by RTFP method can maintain good robustness, and its transferability is better than the FPAE generated by the existing methods.
2022, 59(11): 2549-2568.
DOI: 10.7544/issn1000-1239.20210221
Abstract:
Self-adaptation has always been a hot topic in the interdisciplinary field of software engineering and service computing. By perceiving the changes of themselves and the environment, applications dynamically adjust their behaviors and processes to continue achieving service goals efficiently under the circumstances of the non-deterministic changes of environment and requirements. With the recent development of big data and artificial intelligence(AI), traditional model-based control methods in software engineering are no longer suitable for dynamic and complex service computing environments nowadays. In contrast, the data-driven approach does not rely on mathematical models and expert knowledge but is based on probability and mathematical statistics. By applying the feedback data of service operation, the approach gradually learns and understands the complex and changeable environmental feedback, and then learns the model of the adaptive system. Therefore, the data-driven self-adaptive service computing has the characteristics of perceptibility, adaptability, autonomy and collaboration, etc. It is suitable for more complex application scenarios, such as the Internet of things, intelligent transportation and distributed computing. Based on the self-adaptive framework and the related characteristics of cognitive computing, a data-driven intelligent adaptive framework is proposed. And then, we have reviewed the application of representation learning, pattern recognition, decision planning and rule evolution in data-driven adaptive technology in recent years, respectively. It mainly explores the application of machine learning, deep learning and reinforcement learning in these technologies. And finally, it concludes the development of self-adaption and looks forward to the future trends.
Self-adaptation has always been a hot topic in the interdisciplinary field of software engineering and service computing. By perceiving the changes of themselves and the environment, applications dynamically adjust their behaviors and processes to continue achieving service goals efficiently under the circumstances of the non-deterministic changes of environment and requirements. With the recent development of big data and artificial intelligence(AI), traditional model-based control methods in software engineering are no longer suitable for dynamic and complex service computing environments nowadays. In contrast, the data-driven approach does not rely on mathematical models and expert knowledge but is based on probability and mathematical statistics. By applying the feedback data of service operation, the approach gradually learns and understands the complex and changeable environmental feedback, and then learns the model of the adaptive system. Therefore, the data-driven self-adaptive service computing has the characteristics of perceptibility, adaptability, autonomy and collaboration, etc. It is suitable for more complex application scenarios, such as the Internet of things, intelligent transportation and distributed computing. Based on the self-adaptive framework and the related characteristics of cognitive computing, a data-driven intelligent adaptive framework is proposed. And then, we have reviewed the application of representation learning, pattern recognition, decision planning and rule evolution in data-driven adaptive technology in recent years, respectively. It mainly explores the application of machine learning, deep learning and reinforcement learning in these technologies. And finally, it concludes the development of self-adaption and looks forward to the future trends.
2022, 59(11): 2569-2580.
DOI: 10.7544/issn1000-1239.20210762
Abstract:
Extensive location aware applications produce a large number of spatial text data, which contains both location information and spatial text attributes. In order to use this rich information to describe users’ preference for routes, a region of interests oriented route query (ROIR) is proposed. Given a set of spatial keywords and the constraint in length, ROIR retrieves a route composed of spatial interest regions, which satisfies the distance constraints with the highest profit. Compared with the traditional spatial keyword route queries, the aim of ROIR is expanded from spatial interest points to interest regions, which increases the user’s choice and makes the query results more applicable. Aiming at various types of POI and related text information, a two-layer data organization model is designed, which integrates the spatial location of POI objects, keywords and the transfer relationship between POI objects. Based on the two-tier data organization model, an index structure is proposed, which integrates three kinds of information: spatial object location, transfer graph and keywords. At the same time, the profits of keywords are pre-calculated and stored on the transfer node as signatures. The exact algorithm of ROIR is designed. Aiming at various types of massive POI and related text information, this paper designs a two-tier data organization model, proposes the corresponding index structure, and designs an accurate algorithm for ROIR route query. ROIR is a NP hard problem. In order to implement ROIR effectively, an approximate algorithm with approximate rate 1/ε is proposed. A detailed experimental analysis is carried out on real data sets to evaluate the effectiveness of the proposed algorithm.
Extensive location aware applications produce a large number of spatial text data, which contains both location information and spatial text attributes. In order to use this rich information to describe users’ preference for routes, a region of interests oriented route query (ROIR) is proposed. Given a set of spatial keywords and the constraint in length, ROIR retrieves a route composed of spatial interest regions, which satisfies the distance constraints with the highest profit. Compared with the traditional spatial keyword route queries, the aim of ROIR is expanded from spatial interest points to interest regions, which increases the user’s choice and makes the query results more applicable. Aiming at various types of POI and related text information, a two-layer data organization model is designed, which integrates the spatial location of POI objects, keywords and the transfer relationship between POI objects. Based on the two-tier data organization model, an index structure is proposed, which integrates three kinds of information: spatial object location, transfer graph and keywords. At the same time, the profits of keywords are pre-calculated and stored on the transfer node as signatures. The exact algorithm of ROIR is designed. Aiming at various types of massive POI and related text information, this paper designs a two-tier data organization model, proposes the corresponding index structure, and designs an accurate algorithm for ROIR route query. ROIR is a NP hard problem. In order to implement ROIR effectively, an approximate algorithm with approximate rate 1/ε is proposed. A detailed experimental analysis is carried out on real data sets to evaluate the effectiveness of the proposed algorithm.
2022, 59(11): 2581-2605.
DOI: 10.7544/issn1000-1239.20210121
Abstract:
Domain name system is one of the most critical components of the global Internet infrastructure in the network and information age. But it is also being abused by various types of cyber attacks, such as botnet command and control, spam delivery, and phishing, which are emerging as the most serious threat against cyber-security. The existing domain name abuse detection technologies are comprehensively reviewed from the perspective of typical detection scenarios. First, the background knowledge of domain name abuse detection is introduced. By investigating the existing domain name abuse detection schemes, a taxonomy of detection scenarios is put forward. Moreover, the typical features and detection methods are also summarized. Second, the evolution process of attack and defense technologies for domain name abuse in five typical detection scenarios, including malware, phishing, cybersquatting, spam, and unrestricted abuse behavior, are respectively elaborated. Furthermore, an comprehensive summary of domain name abuse detection methods is given from multiple dimensions such as technical solutions, typical features, and detection algorithms. And a systematic overview of existing domain name abuse detection methods is conducted. Finally, the challenges faced by domain name abuse detection technology and future research directions are discussed, with a view to further improve the ecological environment of domain name system.
Domain name system is one of the most critical components of the global Internet infrastructure in the network and information age. But it is also being abused by various types of cyber attacks, such as botnet command and control, spam delivery, and phishing, which are emerging as the most serious threat against cyber-security. The existing domain name abuse detection technologies are comprehensively reviewed from the perspective of typical detection scenarios. First, the background knowledge of domain name abuse detection is introduced. By investigating the existing domain name abuse detection schemes, a taxonomy of detection scenarios is put forward. Moreover, the typical features and detection methods are also summarized. Second, the evolution process of attack and defense technologies for domain name abuse in five typical detection scenarios, including malware, phishing, cybersquatting, spam, and unrestricted abuse behavior, are respectively elaborated. Furthermore, an comprehensive summary of domain name abuse detection methods is given from multiple dimensions such as technical solutions, typical features, and detection algorithms. And a systematic overview of existing domain name abuse detection methods is conducted. Finally, the challenges faced by domain name abuse detection technology and future research directions are discussed, with a view to further improve the ecological environment of domain name system.
2022, 59(11): 2606-2617.
DOI: 10.7544/issn1000-1239.20210558
Abstract:
A encryption algorithm named redundant transfer based on high-capacity reversible data hiding in encrypted images scheme was proposed by Qin et al, which effectively improved the ability to resist existing known-plaintext and cipher-only attacks. Based on the analysis of the redundant transfer image encryption characteristics, a known-plaintext attack method is proposed based on the non-zero-bit number (NZBN). Firstly, the NZBN feature of the image block is defined, and the analysis points out the constant invariance of the NZBN feature of image block before and after the redundant transfer image encryption. And then, the block scrambling key and the bit-plane scrambling key of each image block are estimated in turn by using the invariance of the NZBN feature. Next, the block scrambling key estimation method under the condition of multiple pairs of plain-ciphertext images is given to further improve the estimation accuracy of the block scrambling key. Finally, the key estimation accuracy and time complexity of the proposed method are discussed under different block sizes. Experimental results demonstrate that the key estimation accuracy and time complexity of the algorithm depend on the block size. When the block size is not less than 4×4 pixels, the correct rate of block scrambling key obtained from a pair of plain-ciphertext images exceeds 89%. Even if the block size is reduced to 2×2 pixels, two pairs of plain-ciphertext images may cause information leakage.
A encryption algorithm named redundant transfer based on high-capacity reversible data hiding in encrypted images scheme was proposed by Qin et al, which effectively improved the ability to resist existing known-plaintext and cipher-only attacks. Based on the analysis of the redundant transfer image encryption characteristics, a known-plaintext attack method is proposed based on the non-zero-bit number (NZBN). Firstly, the NZBN feature of the image block is defined, and the analysis points out the constant invariance of the NZBN feature of image block before and after the redundant transfer image encryption. And then, the block scrambling key and the bit-plane scrambling key of each image block are estimated in turn by using the invariance of the NZBN feature. Next, the block scrambling key estimation method under the condition of multiple pairs of plain-ciphertext images is given to further improve the estimation accuracy of the block scrambling key. Finally, the key estimation accuracy and time complexity of the proposed method are discussed under different block sizes. Experimental results demonstrate that the key estimation accuracy and time complexity of the algorithm depend on the block size. When the block size is not less than 4×4 pixels, the correct rate of block scrambling key obtained from a pair of plain-ciphertext images exceeds 89%. Even if the block size is reduced to 2×2 pixels, two pairs of plain-ciphertext images may cause information leakage.
2022, 59(11): 2618-2634.
DOI: 10.7544/issn1000-1239.20210538
Abstract:
The recorded behavior in information system is constantly changing, so the deviation occurs between the event log and the given process model. Two kinds of deviations are produced by the event log, and the percentage of each deviation is uncertain in the total number of deviations. The iterative deviation generated by self-cycling and the non-iterative deviation in the event log is repaired by the same form in existing method. Furthermore, different repair form is alternatively executed under the ideal fitness of 1.Therefore, it is difficult to always ensure the fitness and precision in a reasonable range. To solve this problem, a new repair method is proposed to predict the configured fitness based on the total cost of the iterative observable deviations. Moreover, all the deviations are wholly configured when the predictable fitness meets a given threshold. The variant between the event log and the process model is found by optimal alignment when the predictable fitness does not meet the given threshold. Configuration optimization or form of self-loop insert is used to repair iterative observable deviation in the each variant based on actual condition. Simulation experiment is used to verify different data sets. The results show that the proposed method is beneficial to maximally improve the precision under ensuring reasonable fitness.
The recorded behavior in information system is constantly changing, so the deviation occurs between the event log and the given process model. Two kinds of deviations are produced by the event log, and the percentage of each deviation is uncertain in the total number of deviations. The iterative deviation generated by self-cycling and the non-iterative deviation in the event log is repaired by the same form in existing method. Furthermore, different repair form is alternatively executed under the ideal fitness of 1.Therefore, it is difficult to always ensure the fitness and precision in a reasonable range. To solve this problem, a new repair method is proposed to predict the configured fitness based on the total cost of the iterative observable deviations. Moreover, all the deviations are wholly configured when the predictable fitness meets a given threshold. The variant between the event log and the process model is found by optimal alignment when the predictable fitness does not meet the given threshold. Configuration optimization or form of self-loop insert is used to repair iterative observable deviation in the each variant based on actual condition. Simulation experiment is used to verify different data sets. The results show that the proposed method is beneficial to maximally improve the precision under ensuring reasonable fitness.
2022, 59(11): 2635-2647.
DOI: 10.7544/issn1000-1239.20210153
Abstract:
The dynamic searchable encryption technology realizes the dynamic update of data, which can cope with more flexible application challenges, but the problem of privacy leakage and the dishonesty between users and cloud servers during data update have not been solved. In order to solve the above problem, a dynamic ciphertext retrieval scheme with two-way verification is proposed to achieve two-way verification between users and cloud servers. First, the introduction of bitmap index and homomorphic addition symmetric encryption technology, the use of bitmap index can represent all document identifiers involved in each update of a single keyword, reduce the number of cloud server searches and local index encryption times, thereby improve search and update efficiency, and the use of homomorphic addition symmetric encryption to encrypt the bitmap index can effectively protect the safe update of data. Secondly, the clients upload the aggregate MACs to the blockchain, and use the blockchain to verify the correctness of the results returned by the cloud server to prevent fraudulent behaviors between users and the cloud servers. Finally, the experimental results and security analysis show that the solution meets forward security and backward security, and improves efficiency in index building, search, update, and verification.
The dynamic searchable encryption technology realizes the dynamic update of data, which can cope with more flexible application challenges, but the problem of privacy leakage and the dishonesty between users and cloud servers during data update have not been solved. In order to solve the above problem, a dynamic ciphertext retrieval scheme with two-way verification is proposed to achieve two-way verification between users and cloud servers. First, the introduction of bitmap index and homomorphic addition symmetric encryption technology, the use of bitmap index can represent all document identifiers involved in each update of a single keyword, reduce the number of cloud server searches and local index encryption times, thereby improve search and update efficiency, and the use of homomorphic addition symmetric encryption to encrypt the bitmap index can effectively protect the safe update of data. Secondly, the clients upload the aggregate MACs to the blockchain, and use the blockchain to verify the correctness of the results returned by the cloud server to prevent fraudulent behaviors between users and the cloud servers. Finally, the experimental results and security analysis show that the solution meets forward security and backward security, and improves efficiency in index building, search, update, and verification.