新的基于鼠标行为的持续身份认证方法

With the rapid development of Internet technologies, security issues have always been the hot topics. Continuous identity authentication based on mouse behavior plays a crucial role in protecting computer systems, but there are still some problems to be solved. Aiming at the problems of low authentication accuracy and long authentication latency in mouse behavior authentication method, a new continuous identity authentication method based on mouse behavior was proposed. The method divided the user’s mouse event sequence into corresponding mouse behaviors according to different types, and mined mouse behavior characteristics from various aspects based on mouse behaviors. Thereby, the differences in mouse behavior of different users can be better represented, and the authentication accuracy can be improved. Besides, the importance of mouse behavior features was obtained by the ReliefF algorithm, and on this basis, the irrelevant or redundant features of mouse behavior were removed by combining the neighborhood rough set to reduce model complexity and modeling time. Moreover binary classification was adopted. The algorithm performed the training of the authentication model. During identity authentication, the authentication model was used to obtain a classification score based on the mouse behavior collected each time, and then the user’s trust value was updated in combination with the trust model. When the user’s trust value fell below the threshold of the trust model, it might be judged as illegal user. The authentication effect of the proposed method was simulated on the Balabit and DFL datasets. The results show that, compared with the methods in other literatures, this method not only improves the authentication accuracy and reduces the authentication latency, but also has a certain robustness to the illegal intrusion of external users. © 2022, Beijing Xintong Media Co., Ltd.. All rights reserved.     

A lightweight authentication scheme with user untraceability

With the rapid growth of electronic commerce and associated demands on variants of Internet based applications,application systems providing network resources and business services are in high demand around the world.To guarantee robust security and computational efficiency for service retrieval,a variety of authentication schemes have been proposed.However,most of these schemes have been found to be lacking when subject to a formal security analysis.Recently,Chang et al.(2014) introduced a formally provable secure authentication protocol with the property of user-untraceability.Unfortunately,based on our analysis,the proposed scheme fails to provide the property of user-untraceability as claimed,and is insecure against user impersonation attack,server counterfeit attack,and man-in-the-middle attack.In this paper,we demonstrate the details of these malicious attacks.A security enhanced authentication scheme is proposed to eliminate all identified weaknesses.     

A Generic Framework for Anonymous Authentication in Mobile Networks

Designing an anonymous user authentication scheme in global mobility networks is a non-trivial task because wireless networks are susceptible to attacks and mobile devices powered by batteries have limited communication, processing and storage capabilities. In this paper, we present a generic construction that converts any existing secure password authen- tication scheme based on a smart card into an anonymous authentication scheme for roaming services. The security proof of our construction can be derived from the underlying password authentication scheme employing the same assumptions. Compared with the original password authentication scheme, the transformed scheme does not sacrifice the authentication effciency, and additionally, an agreed session key can be securely established between an anonymous mobile user and the foreign agent in charge of the network being visited. Furthermore, we present an instantiation of the proposed generic construction. The performance analysis shows that compared with other related anonymous authentication schemes, our instantiation is more effcient.     

Efficiency-aware and fairness-aware joint-layer optimization for downlink data scheduling in OFDM

Efficiency and fairness are two crucial issues to be considered for resource alloca- tion in multi-user wireless networks. Based on the joint optimization of physical layer and data link layer, an optimization model is derived to achieve efficient and fair downlink data scheduling in multi-user OFDM wireless networks by maximizing the total utility function with respect to the average waiting time of user queue. A dynamic sub-carrier allocation algorithm （DSAA） based on the optimization model is proposed in order to obtain the maximization of the total scheduling utility. Effi- ciency is improved by combining DSAA with time scale interference predictor （TSIP） which at large time scales predict ON/OFF period of user data with temporal corre- lation structure across multiple time scales in multi-user interference environment. Simulation results verify the efficiency and fairness of the scheme.     

Modeling and H_∞ Robust Control of a Smart Structure with Rate-dependent Hysteresis Nonlinearity

The performance of smart structures in trajectory tracking under sub-micron level is hindered by the rate-dependent hysteresis nonlinearity.In this paper,a Hammerstein-like model based on the support vector machines(SVM)is proposed to capture the rate-dependent hysteresis nonlinearity.We show that it is possible to construct a unique dynamic model in a given frequency range for a rate-dependent hysteresis system using the sinusoidal scanning signals as the training set of signals for the linear dynamic subsystem of the Hammerstein-like model.Subsequently,a two-degree-of-freedom(2DOF)H∞robust control scheme for the ratedependent hysteresis nonlinearity is implemented on a smart structure with a piezoelectric actuator(PEA)for real-time precision trajectory tracking.Simulations and experiments on the structure verify both the efectiveness and the practicality of the proposed modeling and control methods.     

NeuroBiometric: An Eye Blink Based Biometric Authentication System Using an Event-Based Neuromorphic Vision Sensor

The rise of the Internet and identity authentication systems has brought convenience to people's lives but has also introduced the potential risk of privacy leaks.Existing biometric authentication systems based on explicit and static features bear the risk of being attacked by mimicked data.This work proposes a highly efficient biometric authentication system based on transient eye blink signals that are precisely captured by a neuromorphic vision sensor with microsecond-level temporal resolution.The neuromorphic vision sensor only transmits the local pixel-level changes induced by the eye blinks when they occur,which leads to advantageous characteristics such as an ultra-low latency response.We first propose a set of effective biometric features describing the motion,speed,energy and frequency signal of eye blinks based on the microsecond temporal resolution of event densities.We then train the ensemble model and non-ensemble model with our Neuro Biometric dataset for biometrics authentication.The experiments show that our system is able to identify and verify the subjects with the ensemble model at an accuracy of 0.948 and with the non-ensemble model at an accuracy of 0.925.The low false positive rates(about 0.002)and the highly dynamic features are not only hard to reproduce but also avoid recording visible characteristics of a user's appearance.The proposed system sheds light on a new path towards safer authentication using neuromorphic vision sensors.     

Frequency-domain generelaized singular peruturbation method for relative error model order reduction

A new mixed method for relative error model order reduction is proposed. In the proposed method the frequency domain balanced stochastic truncation method is improved by applying the generalized singular perturbation method to the frequency domain balanced system in the reduction procedure. The frequency domain balanced stochastic truncation method, which was proposed in [15] and [17] by the author, is based on two recently developed methods, namely frequency domain balanced truncation within a desired frequency bound and inner-outer factorization techniques. The proposed method in ttiis paper is a carry over of the frequency-domain balanced stochastic truncation and is of interest for practical model order reduction because in this context it shows to keep the accuracy of the approximation as high as possible without sacrificing the computational efficiency and important system properties. It is shown that some important properties of the frequency domain stochastic balanced reduction technique are extended to the proposed reduction method by using the concept and properties of the reciprocal systems. Numerical results show the accuracy, simplicity and flexibility enhancement of the method.     

A correlative denoising autoencoder to model social influence for top-N recommender system

In recent years,there are numerous works been proposed to leverage the techniques of deep learning to improve social-aware recommendation performance.In most cases,it requires a larger number of data to train a robust deep learning model,which contains a lot of parameters to fit training data.However,both data of user ratings and social networks are facing critical sparse problem,which makes it not easy to train a robust deep neural network model.Towards this problem,we propose a novel correlative denoising autoencoder(CoDAE)method by taking correlations between users with multiple roles into account to learn robust representations from sparse inputs of ratings and social networks for recommendation.We develop the CoDAE model by utilizing three separated autoencoders to learn user features with roles of rater,truster and trustee,respectively.Especially,on account of that each input unit of user vectors with roles of truster and trustee is corresponding to a particular user,we propose to utilize shared parameters to learn common information of the units that corresponding to same users.Moreover,we propose a related regularization term to learn correlations between user features that learnt by the three subnetworks of CoDAE model.We further conduct a series of experiments to evaluate the proposed method on two public datasets for Top-N recommendation task.The experimental results demonstrate that the proposed model outperforms state-of-the-art algorithms on rank-sensitive metrics of MAP and NDCG.     

Human Gait Recognition Based on Kernel PCA Using Projections

This paper presents a novel approach for human identification at a distance using gait recognition. Recognition of a person from their gait is a biometric of increasing interest. The proposed work introduces a nonlinear machine learning method, kernel Principal Component Analysis （PCA）, to extract gait features from silhouettes for individual recognition. Binarized silhouette of a motion object is first represented by four 1-D signals which are the basic image features called the distance vectors. Fourier transform is performed to achieve translation invariant for the gait patterns accumulated from silhouette sequences which are extracted from different circumstances. Kernel PCA is then used to extract higher order relations among the gait patterns for future recognition. A fusion strategy is finally executed to produce a final decision. The experiments are carried out on the CMU and the USF gait databases and presented based on the different training gait cycles.     

CUDA-Zero:a framework for porting shared memory GPU applications to multi-GPUs

As the prevalence of general purpose computations on GPU, shared memory programming models were proposed to ease the pain of GPU programming. However, with the demanding needs of more intensive workloads, it’s desirable to port GPU programs to more scalable distributed memory environment, such as multi-GPUs. To achieve this, programs need to be re-written with mixed programming models (e.g. CUDA and message passing). Programmers not only need to work carefully on workload distribution, but also on scheduling mechanisms to ensure the efficiency of the execution. In this paper, we studied the possibilities of automating the process of parallelization to multi-GPUs. Starting from a GPU program written in shared memory model, our framework analyzes the access patterns of arrays in kernel functions to derive the data partition schemes. To acquire the access pattern, we proposed a 3-tiers approach: static analysis, profile based analysis and user annotation. Experiments show that most access patterns can be derived correctly by the first two tiers, which means that zero efforts are needed to port an existing application to distributed memory environment. We use our framework to parallelize several applications, and show that for certain kinds of applications, CUDA-Zero can achieve efficient parallelization in multi-GPU environment.     

Enhancing touch behavioral authentication via cost-based intelligent mechanism on smartphones

Due to the popularity of smartphones, there is a great need to deploy appropriate authentication mechanisms to safeguard users’ sensitive data. Touch dynamics-based authentication has been developed to verify smartphone users and detect imposters. These schemes usually employ machine learning techniques to detect behavioral anomalies by comparing current behavioral actions with the stored normal model. However, we notice that machine learning classifiers often have an unstable performance, which would greatly reduce the system usability, i.e., causing a high false rejection. In this work, we are motivated by this challenge and design a cost-based intelligent mechanism that can choose a less costly algorithm for user authentication. In the evaluation, we conduct a user study with a total of 60 users to investigate the performance of our mechanism with a lightweight touch gesture-based scheme on smartphones. Experimental results demonstrate that our approach can help achieve a relatively higher and more stable authentication accuracy, as compared to the use of a sole classifier.     

An Adaptive Location Detection scheme for energy-efficiency of smartphones

Global Positioning System (GPS) is widely used for the Location-Based Service (LBS) of smartphones. However, GPS dramatically increases the power consumption of a smartphone due to heavy computation overhead. Cell-tower Based Localization (CBL) can be an alternative solution to perform LBS in an energy-efficient way; but its adoption is limited due to the low positioning accuracy. This paper presents a new location estimation scheme for smartphones called Adaptive Location Detection (ALD). ALD adaptively detects the location of a smartphone considering the category of applications executed, movement pattern of a user, and the battery level. Specifically, ALD categorizes applications according to the required level of positioning accuracy, and then adaptively utilizes GPS and CBL. ALD also takes different actions according to the movement pattern of a user and the remaining battery level of the smartphone. To assess the effectiveness of the proposed scheme, we perform simulations under five location based applications and six scenarios. The evaluation results show that ALD reduces the energy consumption of GPS by 49.5% on average. Nevertheless, it satisfies the accuracy requirement of each situation.     

基于CM-DTW算法的智能手机动态手势身份认证

针对DTW算法在手势身份认证中存在的问题，提出了一种基于约束多维DTW算法（Constraints Multi-dimension Dynamic Time Wrapping，CM-DTW）的智能手机动态手势身份认证方法.该方法利用手机内置传感器获取代表用户生物行为特征的手势数据，通过Sakoe-Chiba窗约束下的DTW算法选择合法用户的候选模板集，采用线性升降采样归一化候选模板得到一个标准模板.该方法与DTW算法相比，不仅提高了身份认证的时间效率，并且保证了用户身份认证的准确率.     

Android平台说话人认证系统的并行计算与设计

智能手机技术的快速进步催生了移动商务的蓬勃发展,智能手机移动商务平台的安全性和身份认证问题已经成为移动商务能否进一步发展的关键。说话人识别技术作为一种生物识别认证技术应用到现有的智能手机中非常便利,而且有其他安全认证技术所无法比拟的优势。因此,将说话人识别相关技术应用于Android系统的安全认证中,设计了基于Android平台的说话人认证系统。同时由于智能手机多核性和特征参数提取工作的独立性,为了提高认证系统的效率,提出了基于Android平台的并行算法,并在不同机型上做了相关的实验,通过实验结果可以发现在Android平台采用并行算法能够较大幅度地提高认证系统的效率,从而提高认证系统的用户体验。     

Active authentication with reinforcement learning based on ambient radio signals

Active authentication of mobile devices such as smartphones and ipads is promising to enhance security to access confidential data or systems. In this paper, we propose an active authentication scheme, which exploits the physical-layer properties of ambient radio signals to identify mobile devices in indoor environments. More specifically, we discriminate mobile devices in different locations by analyzing the ambient radio sources, because the received signal strength indicator set of the ambient signals measured by a smartphone is usually different from that observed by its spoofer located in another area. We formulate the interactions between the legitimate mobile device and its spoofer as an active authentication game, in which the receiver chooses its test threshold in the hypothesis test in the spoofing detection, while the spoofer chooses its attack strength. In a dynamic radio environment with unknown attack parameters, we propose a learning-based authentication algorithm based on the physical-layer properties of the ambient radio environments. Simulation results show that the proposed scheme accurately detects spoofers in typical indoor environments.

     

Secure Encrypted Steganography Graphical Password scheme for Near Field Communication smartphone access control system

The revolutionary development of smartphone which offers compelling computing and storage capabilities has radically changed the digital lifestyles of users. The integration of Near Field Communication (NFC) into smartphone has further opened up opportunities for new applications and business models such as in industry for payment, electronic ticketing and access control systems. NFC and graphical password scheme are two imperative technologies that can be used to achieve secure and convenient access control system. One of the potential uses of such technologies is the integration of steganography graphical password scheme into NFC-enabled smartphone to transcend conventional digital key/tokens access control systems into a more secure and convenient environment. Smartphone users would have more freedom in customizing the security level and how they interact with the access control system. As such, this paper presents a secure two-factor authentication NFC smartphone access control system using digital key and the proposed Encrypted Steganography Graphical Password (ESGP). This paper also validates the user perception and behavioral intention to use NFC ESGP smartphone access control system through an experiment and user evaluation survey. Results indicated that users weigh security as a dominant attribute for their behavioral intention to use NFC ESGP smartphone access control system. Our findings offer a new insight for security scholars, mobile device service providers and expert systems to leverage on the two-factor authentication with the use of NFC-enabled smartphone.     

Exploiting write-only-once characteristics of file data in smartphone buffer cache management

In this article, we analyze file access characteristics of smartphone applications and find out that a large portion of file data in smartphones are written only once. This specific phenomenon appears due to the behavior of SQLite, a lightweight database library used in most smartphone applications. Based on this observation, we present a new buffer cache management scheme for smartphone systems that considers non-reusability of write-only-once data that we observe. Buffer cache improves file access performances by maintaining hot data in memory thereby servicing subsequent requests without storage accesses. The proposed scheme classifies write-only-once data and aggressively evicts them from the buffer cache to improve cache space utilization. Experimental results with various real smartphone applications show that the proposed buffer cache management scheme improves the performance of smartphone buffer cache by 5%–33%. We also show that our scheme can reduce the buffer cache size to 1/4 of the original system without performance degradation, which allows the reduction of energy consumption in a smartphone memory system by 27%–92%.     

基于细粒度数据的智能手机续航时间预测模型

如今,智能手机已成为人们日常生活中重要的组成部分.然而,在智能手机软硬件能力高速发展的同时,智能手机的电池能力却未能取得突破性的进展.这导致电池的续航能力经常会成为用户使用智能手机时的体验瓶颈.为了提高用户使用体验的优良感受,一种可行的方法是为用户提供电池续航时间预测.准确的电池续航时间预测能够帮助用户更加高效地规划其使用,从而能够改善其使用体验.由于缺乏高质量数据的支持,现有的电池续航时间预测方法通常比较简单,较难在真实场景下发挥实际用途.为了解决这一问题,基于一组细粒度大规模真实用户数据集,提出了一个智能手机电池续航时间预测模型.为了验证模型的效果,基于51名用户21个月内的细粒度使用数据进行了实验验证.结果显示：用户在发起查询时的使用行为、在当前会话内的使用行为以及其历史使用习惯上,均能够不同程度地帮助电池续航时间预测.总体来说,所提出的模型能够显著提升预测准确度.     

What a smartphone is to me: understanding user values in using smartphones

The objective of this study is twofold. First, it aims to investigate the various values users achieve with smartphones, which is a form of user‐empowering information technology (IT). The other objective is to introduce a means‐end chain approach into IT‐user studies. An important attraction of smartphones is their personalized environment, which is mainly provided by varied applications. The user personalization ability implies that users achieve diverse benefits with smartphones; that is, users decide what a smartphone is to them rather than adopt a given product. Thus, investigating what values users pursue with a smartphone (i.e. a value‐oriented approach) will give insights into understanding the users. To investigate user values in using smartphones, we conducted a laddering interview with 54 smartphone users and analyzed the data by using a means‐end chain approach to understand consumers' hierarchical value structure. This study contributes to value‐oriented research on user‐empowering IT by revelling how users benefit from smartphones. Furthermore, the study advances value‐oriented research by showing what users actually do with smartphones, from concrete activities to abstract values. In addition, a means‐end chain approach introduced in the study can be another angle for the investigation of user adoption of technology, in that it can describe IT use contexts and practices, which become an important object of analysis in the information systems research.     

基于无线体域网的在线人体活动识别

基于智能手机传感器的人体活动识别是普适计算领域的研究热点.为扩展可识别的活动种类,并提高准确率和实时性,提出了由智能手环和智能手机组建无线体域网通过深度神经网络在线识别人体活动的方法.首先,设计由智能手环和智能手机组成的无线体域网的总体框架;然后,对预处理后的传感信号,构造带有Inception结构的卷积神经网络和长短时记忆递归神经网络来分别提取时空域特征,并结合两类网络结构来融合多模态传感数据,离线进行神经网络模型训练;最后,对训练好的神经网络模型进行优化,并部署到智能手机上,在线实时识别人体活动.实验结果表明,本文方法无需手工设计特征,可自动融合各类异构传感数据,更加准确、高效地识别了更多种类的活动.