2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC)最新文献

dTrust: A Simple Deep Learning Approach for Social Recommendation dTrust:用于社交推荐的简单深度学习方法

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) Pub Date : 2017-10-15 DOI: 10.1109/CIC.2017.00036

Quang-Vinh Dang, C. Ignat

引用次数: 19

VAPTAi: A Threat Model for Vulnerability Assessment and Penetration Testing of Android and iOS Mobile Banking Apps VAPTAi: Android和iOS手机银行应用程序漏洞评估和渗透测试的威胁模型

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) Pub Date : 2017-10-01 DOI: 10.1109/CIC.2017.00022

Sriramulu Bojjagani, V. N. Sastry

{"title":"VAPTAi: A Threat Model for Vulnerability Assessment and Penetration Testing of Android and iOS Mobile Banking Apps","authors":"Sriramulu Bojjagani, V. N. Sastry","doi":"10.1109/CIC.2017.00022","DOIUrl":"https://doi.org/10.1109/CIC.2017.00022","url":null,"abstract":"Mobile devices are becoming targets for hackers and malicious users due to the multifold increase in its capabilities and usage. Security threats are more prominent in mobile payment and mobile banking applications (MBAs). As these MBAs, store, transmit and access sensitive and confidential information, so utmost priority should be given to secure MBAs. In this paper, we have analyzed MBAs of several banks running on two dominant platforms of Android & iOS using both static and dynamic analysis. We have proposed threat model, to detect various vulnerabilities rigorously. We have done a systematic investigation of different unknown vulnerabilities particularly in mobile banking applications and showed how MBAs are vulnerable to MitM attacks. We observe that some MBAs are using simple HTTP protocol to transfer user data without concerning about security requirements. In Most of the cases, MBAs are receiving the fake or self-signed certificates. These are blindly maintaining all certificates as sound and valid, which leads to SSL/TLS Man-in-the-Middle (MitM) attacks. We present a detailed analysis of the security of MBAs which will be useful for application developers, security testers, researchers, bankers and bank customers.","PeriodicalId":156843,"journal":{"name":"2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128763253","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 24

Deep and Broad Learning on Content-Aware POI Recommendation 基于内容感知的POI推荐的深度和广泛学习

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) Pub Date : 2017-10-01 DOI: 10.1109/CIC.2017.00054

Fengjiao Wang, Yongzhi Qu, Lei Zheng, Chun-Ta Lu, Philip S. Yu

{"title":"Deep and Broad Learning on Content-Aware POI Recommendation","authors":"Fengjiao Wang, Yongzhi Qu, Lei Zheng, Chun-Ta Lu, Philip S. Yu","doi":"10.1109/CIC.2017.00054","DOIUrl":"https://doi.org/10.1109/CIC.2017.00054","url":null,"abstract":"POI recommendation has attracted lots of research attentions recently. There are several key factors that need to be modeled towards effective POI recommendation - POI properties, user preference and sequential momentum of check- ins. The challenge lies in how to synergistically learn multi-source heterogeneous data. Previous work tries to model multi-source information in a flat manner, using either embedding based methods or sequential prediction models in a cross-related space, which cannot generate mutually reinforce results. In this paper, a deep and broad learning approach based on a Deep Context- aware POI Recommendation (DCPR) model was proposed to structurally learn POI and user characteristics. The proposed DCPR model includes three collaborative layers, a CNN layer for POI feature mining, an RNN layer for sequential dependency and user preference modeling, and an interactive layer based on matrix factorization to jointly optimize the overall model. Experiments over three data sets demonstrate that DCPR model achieves significant improvement over state-of-the-art POI recommendation algorithms and other deep recommendation models.","PeriodicalId":156843,"journal":{"name":"2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124438408","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 22

Profit Maximization for Bitcoin Pool Mining: A Prospect Theoretic Approach 比特币挖矿利润最大化:一种前景理论方法

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) Pub Date : 2017-10-01 DOI: 10.1109/CIC.2017.00043

Mehrdad Salimitari, M. Chatterjee, M. Yuksel, E. Pasiliao

{"title":"Profit Maximization for Bitcoin Pool Mining: A Prospect Theoretic Approach","authors":"Mehrdad Salimitari, M. Chatterjee, M. Yuksel, E. Pasiliao","doi":"10.1109/CIC.2017.00043","DOIUrl":"https://doi.org/10.1109/CIC.2017.00043","url":null,"abstract":"It is predicted that cryptocurrencies will play an important role in the global economy. Therefore, it is prudent for us to understand the importance and monetary value of such cryptocurrencies, and strategize our investments accordingly. One of the ways to obtain cryptocurrency is via mining. As solo mining is not possible because of the computational requirements, pool mining has gained popularity. In this paper, we focus on Bitcoin and its pools. With more than 20 pools in the network of Bitcoin and other cryptocurrencies, it becomes challenging for a new miner to decide the pool he must join such that the profit is maximized. We use prospect theory to predict the profit that a specific miner, given his hash rate power and electricity costs, is expected to make from each pool. A utility value is calculated for each pool based on its recent performance, hash rate power, total number of the pool members, reward distribution policy of the pool, electricity fee in the new miner's region, pool fee, and the current Bitcoin value. Then, based on these parameters during a certain time duration, the most profitable pool is found for that miner. We show how the utility values from a pool varies with electricity fee and dollar equivalent of a Bitcoin. To find the accuracy of our predictions, we mine Bitcoin by joining 5 different pools- AntPool, F2Pool, BTC.com, Slushl'ool, and BatPool. Using an Antminer 55 for each pool, we mine Bitcoin for 40 consecutive days. Results reveal that our prospect theoretic predictions are consistent with what we actually mine; however predictions using expected utility theory are not as close.","PeriodicalId":156843,"journal":{"name":"2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125936744","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 46

When Do Changes Induce Software Vulnerabilities? 什么时候改变会导致软件漏洞?

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) Pub Date : 2017-10-01 DOI: 10.1109/CIC.2017.00020

Manar Alohaly, Hassan Takabi

{"title":"When Do Changes Induce Software Vulnerabilities?","authors":"Manar Alohaly, Hassan Takabi","doi":"10.1109/CIC.2017.00020","DOIUrl":"https://doi.org/10.1109/CIC.2017.00020","url":null,"abstract":"Version control systems (VCSs) have almost become the de facto standard for the management of open-source projects and the development of their source code. In VCSs, source code which can potentially be vulnerable is introduced to a system through what are so called commits. Vulnerable commits force the system into an insecure state. The farreaching impact of vulnerabilities attests to the importance of identifying and understanding the characteristics of prior vulnerable changes (or commits), in order to detect future similar ones. The concept of change classification was previously studied in the literature of bug detection to identify commits with defects. In this paper, we borrow the notion of change classification from the literature of defect detection to further investigate its applicability to vulnerability detection problem using semi-supervised learning. In addition, we also experiment with new vulnerability predictors, and compare the predictive power of our proposed features with vulnerability prediction techniques based on text mining. The experimental results show that our semi-supervised approach holds promise in improving change classification effectiveness by leveraging unlabeled data.","PeriodicalId":156843,"journal":{"name":"2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131732052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 5

An Elliptic Curve Cryptography Based Encryption Scheme for Securing the Cloud against Eavesdropping Attacks 一种基于椭圆曲线密码学的云防窃听加密方案

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) Pub Date : 2017-10-01 DOI: 10.1109/CIC.2017.00040

Anshuman Chhabra, Shivam Arora

{"title":"An Elliptic Curve Cryptography Based Encryption Scheme for Securing the Cloud against Eavesdropping Attacks","authors":"Anshuman Chhabra, Shivam Arora","doi":"10.1109/CIC.2017.00040","DOIUrl":"https://doi.org/10.1109/CIC.2017.00040","url":null,"abstract":"Cloud computing has recently become an extremely useful facet of modern distributed systems. Some of its many applications lie in the development of web services, its federation with the Internet of Things (IoT) and services for users in the form of storage, computing and networking facilities. However, as more services start utilizing the Cloud as a viable option, security concerns regarding user data and privacy also need to be tackled. In this paper, a security scheme for preventing eavesdropping attacks in Cloud environments is proposed. The encryption scheme is based on Elliptic Curve Cryptography and is specifically tailored for securing Cloud services providing storage facilities. As it is based on Elliptic Curve Cryptography, subsequent results obtained show that it reduces the computational overhead incurred in the encryption of data. The performances of other traditional security schemes such as RSA are also compared with the proposed encryption scheme. It is observed that the proposed scheme outperforms the other schemes in terms of the chosen performance characteristics.","PeriodicalId":156843,"journal":{"name":"2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125407891","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 10

Model Selection Based on Kalman Temporal Differences Learning 基于卡尔曼时间差异学习的模型选择

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) Pub Date : 2017-10-01 DOI: 10.1109/CIC.2017.00017

Takehiro Kitao, Masato Shirai, T. Miura

引用次数: 7

Multi-Owner Multi-Stakeholder Access Control Model for a Healthcare Environment 医疗保健环境中的多所有者多利益相关者访问控制模型

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) Pub Date : 2017-10-01 DOI: 10.1109/CIC.2017.00053

Leila Karimi, J. Joshi

{"title":"Multi-Owner Multi-Stakeholder Access Control Model for a Healthcare Environment","authors":"Leila Karimi, J. Joshi","doi":"10.1109/CIC.2017.00053","DOIUrl":"https://doi.org/10.1109/CIC.2017.00053","url":null,"abstract":"Pervasive usage and wide-spread sharing of Electronic Health Records (EHRs) in modern healthcare environments has resulted in high availability of patients' medical history from any location and at any time, which has potential to make health care services both cheaper and of higher quality. However, EHRs contain huge amounts of sensitive information which should be protected from unauthorized accesses, otherwise allowing these records to be accessed by multiple parties may put patient privacy at high risk. Access control solutions must assure to reflect access control policies of all healthcare providers who are involved in generating such critical records as well as authorization policies of the patient as the primary stakeholder. In this paper, we propose a fine-grained semantic-based access control model that supports multi-owner multi-stakeholder policy specification and enforcement. In the proposed scheme, a trusted Policy Server is responsible for evaluating access requests to patients' health information. We also handle the policy conflicts that might arise at the time of access control policy enforcement. A proof-of-concept prototype is also implemented to demonstrate the feasibility of our model.","PeriodicalId":156843,"journal":{"name":"2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117075356","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 4

DeepFood: Automatic Multi-Class Classification of Food Ingredients Using Deep Learning DeepFood:使用深度学习对食品成分进行自动多类分类

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) Pub Date : 2017-10-01 DOI: 10.1109/CIC.2017.00033

Lili Pan, Samira Pouyanfar, Hao Chen, Jiaohua Qin, Shu‐Ching Chen

{"title":"DeepFood: Automatic Multi-Class Classification of Food Ingredients Using Deep Learning","authors":"Lili Pan, Samira Pouyanfar, Hao Chen, Jiaohua Qin, Shu‐Ching Chen","doi":"10.1109/CIC.2017.00033","DOIUrl":"https://doi.org/10.1109/CIC.2017.00033","url":null,"abstract":"Deep learning has brought a series of breakthroughs in image processing. Specifically, there are significant improvements in the application of food image classification using deep learning techniques. However, very little work has been studied for the classification of food ingredients. Therefore, this paper proposes a new framework, called DeepFood which not only extracts rich and effective features from a dataset of food ingredient images using deep learning but also improves the average accuracy of multi-class classification by applying advanced machine learning techniques. First, a set of transfer learning algorithms based on Convolutional Neural Networks (CNNs) are leveraged for deep feature extraction. Then, a multi-class classification algorithm is exploited based on the performance of the classifiers on each deep feature set. The DeepFood framework is evaluated on a multi-class dataset that includes 41 classes of food ingredients and 100 images for each class. Experimental results illustrate the effectiveness of the DeepFood framework for multi-class classification of food ingredients. This model that integrates ResNet deep feature sets, Information Gain (IG) feature selection, and the SMO classifier has shown its supremacy for foodingredients recognition compared to several existing work in this area.","PeriodicalId":156843,"journal":{"name":"2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122702848","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 37

A Method for Storage Node Allocation in Erasure Code Based Storage Systems 基于Erasure Code的存储系统中存储节点分配方法

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) Pub Date : 2017-10-01 DOI: 10.1109/CIC.2017.00064

Ojus Thomas Lee, G. Akash, S. D. M. Kumar, P. Chandran

引用次数: 3