You are on page 1of 11

Network-Assisted Mobile Computing with Optimal Uplink Query

Processing
Many mobile applications retrieve content from remote servers
via user generated queries. Processing these queries is often needed
before the desired content can be identified. Processing the request on
the mobile devices can quickly sap the limited battery resources.
Conversely, processing user queries at remote servers can have slow
response

times

due

communication

latency

incurred

during

transmission of the potentially large query. We evaluate a networkassisted mobile computing scenario where mid-network nodes with
leasing capabilities are deployed by a service provider. Leasing
computation power can reduce battery usage on the mobile devices
and improve response times. However, borrowing processing power
from mid-network nodes comes at a leasing cost which must be
accounted for when making the decision of where processing should
occur. We study the tradeoff between battery usage, processing and
transmission latency, and mid-network leasing. We use the dynamic
programming framework to solve for the optimal processing policies
that suggest the amount of processing to be done at each mid-network
node in order to minimize the processing and communication latency
and processing costs. Through numerical studies, we examine the
properties of the optimal processing policy and the core tradeoffs in
such systems

Semisupervised Biased Maximum Margin Analysis for Interactive Image


Retrieval
With many potential practical applications, content-based image
retrieval (CBIR) has attracted substantial attention during the past few
years. A variety of relevance feedback (RF) schemes have been
developed as a powerful tool to bridge the semantic gap between lowlevel visual features and high-level semantic concepts, and thus to
improve the performance of CBIR systems. Among various RF
approaches, support-vector-machine (SVM)-based RF is one of the most
popular techniques in CBIR. Despite the success, directly using SVM as
an RF scheme has two main drawbacks. First, it treats the positive and
negative feedbacks equally, which is not appropriate since the two
groups of training feedbacks have distinct properties. Second, most of
the SVM-based RF techniques do not take into account the unlabeled
samples, although they are very helpful in constructing a good
classifier. To explore solutions to overcome these two drawbacks, in
this paper, we propose a biased maximum margin analysis (BMMA) and
a semisupervised BMMA (SemiBMMA) for integrating the distinct
properties of feedbacks and utilizing the information of unlabeled
samples for SVM-based RF schemes. The BMMA differentiates positive
feedbacks from negative ones based on local analysis, whereas the
SemiBMMA can effectively integrate information of unlabeled samples
by introducing a Laplacian regularizer to the BMMA. We formally
formulate this problem into a general subspace learning task and then
propose an automatic approach of determining the dimensionality of

the embedded subspace for RF. Extensive experiments on a large realworld image database demonstrate that the proposed scheme
combined with the SVM RF can significantly improve the performance
of CBIR systems.
Optimizing Cloud Resources for Delivering IPTV Services Through
Virtualization

Virtualized cloud-based services can take advantage of statistical


multiplexing across applications to yield significant cost savings.
However, achieving similar savings with real-time services can be a
challenge. In this paper, we seek to lower a provider's costs for realtime IPTV services through a virtualized IPTV architecture and through
intelligent time-shifting of selected services. Using Live TV and Videoon-Demand (VoD) as examples, we show that we can take advantage
of the different deadlines associated with each service to effectively
multiplex these services. We provide a generalized framework for
computing the amount of resources needed to support multiple
services, without missing the deadline for any service. We construct
the problem as an optimization formulation that uses a generic cost
function. We consider multiple forms for the cost function (e.g.,
maximum, convex and concave functions) reflecting the cost of
providing the service. The solution to this formulation gives the
number of servers needed at different time instants to support these
services.

We

implement

simple

mechanism

for

time-shifting

scheduled jobs in a simulator and study the reduction in server load


using real traces from an operational IPTV network. Our results show

that we are able to reduce the load by ~24%(compared to a possible


~31.3% as predicted by the optimization framework)

NICE: Network Intrusion Detection and Countermeasure Selection in


Virtual Network Systems
Cloud security is one of most important issues that has attracted
a lot of research and development effort in past few years. Particularly,
attackers

can

explore

vulnerabilities

of

cloud

system

and

compromise virtual machines to deploy further large-scale Distributed


Denial-of-Service (DDoS). DDoS attacks usually involve early stage
actions such as multistep exploitation, low-frequency vulnerability
scanning, and compromising identified vulnerable virtual machines as
zombies, and finally DDoS attacks through the compromised zombies.
Within the cloud system, especially the Infrastructure-as-a-Service
(IaaS) clouds, the detection of zombie exploration attacks is extremely
difficult. This is because cloud users may install vulnerable applications
on their virtual machines. To prevent vulnerable virtual machines from
being compromised in the cloud, we propose a multiphase distributed
vulnerability detection, measurement, and countermeasure selection
mechanism called NICE, which is built on attack graph-based analytical
models and reconfigurable virtual network-based countermeasures.
The proposed framework leverages OpenFlow network programming
APIs

to

build

monitor

and

control

plane

over

distributed

programmable

virtual

switches

to

significantly

improve

attack

detection and mitigate attack consequences. The system and security


evaluations demonstrate the efficiency and effectiveness of the
proposed solution

Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the


Cloud
With the character of low maintenance, cloud computing provides
an economical and efficient solution for sharing group resource among
cloud users. Unfortunately, sharing data in a multi-owner manner while
preserving data and identity privacy from an untrusted cloud is still a
challenging issue, due to the frequent change of the membership. In
this paper, we propose a secure multi-owner data sharing scheme,
named Mona, for dynamic groups in the cloud. By leveraging group
signature and dynamic broadcast encryption techniques, any cloud
user can anonymously share data with others. Meanwhile, the storage
overhead and encryption computation cost of our scheme are
independent with the number of revoked users. In addition, we analyze
the security of our scheme with rigorous proofs, and demonstrate the
efficiency of our scheme in experiments.

Dynamic

Resource

Allocation

Using

Virtual

Machines

for

Cloud

Computing Environment
Cloud computing allows business customers to scale up and down
their resource usage based on needs. Many of the touted gains in the
cloud model come from resource multiplexing through virtualization
technology. In this paper, we present a system that uses virtualization
technology to allocate data center resources dynamically based on
application demands and support green computing by optimizing the
number of servers in use. We introduce the concept of "skewness to
measure the unevenness in the multidimensional resource utilization of
a server. By minimizing skewness, we can combine different types of
workloads nicely and improve the overall utilization of server

resources. We develop a set of heuristics that prevent overload in the


system effectively while saving energy used. Trace driven simulation
and experiment results demonstrate that our algorithm achieves good
performance.

Cooperative Provable Data Possession for Integrity Verification in


Multicloud Storage
Provable data possession (PDP) is a technique for ensuring the
integrity of data in storage outsourcing. In this paper, we address the
construction of an efficient PDP scheme for distributed cloud storage to
support the scalability of service and data migration, in which we
consider

the

existence

of

multiple

cloud

service

providers

to

cooperatively store and maintain the clients' data. We present a


cooperative PDP (CPDP) scheme based on homomorphic verifiable

response and hash index hierarchy. We prove the security of our


scheme based on multiprover zero-knowledge proof system, which can
satisfy completeness, knowledge soundness, and zero-knowledge
properties.

In

addition,

we

articulate

performance

optimization

mechanisms for our scheme, and in particular present an efficient


method for selecting optimal parameter values to minimize the
computation costs of clients and storage service providers. Our
experiments show that our solution introduces lower computation and
communication

overheads

in

comparison

with

noncooperative

approaches.

Flexible Rollback Recovery in Dynamic Heterogeneous Grid Computing


Large applications executing on Grid or cluster architectures
consisting of hundreds or thousands of computational nodes create
problems with respect to reliability. The source of the problems are

node failures and the need for dynamic configuration over extensive
run-time. This paper presents two fault-tolerance mechanisms called
theft induced checkpointing and systematic event logging. These are
transparent protocols capable of overcoming problems associated with
both, benign faults, i.e., crash faults, and node or subnet volatility.
Specifically, the protocols base the state of the execution on a dataflow
graph, allowing for efficient recovery in dynamic heterogeneous
systems as well as multi-threaded applications. By allowing recovery
even under different numbers of processors, the approaches are
especially

suitable

for

applications

with

need

for

adaptive

or

reactionary configuration control. The low-cost protocols offer the


capability of controlling or bounding the overhead. A formal cost model
is presented, followed by an experimental evaluation. It is shown that
the overhead of the protocol is very small and the maximum work lost
by a crashed process is small and bounded.

Metadata Traces and Workload Models for Evaluating Big Storage


Systems

Efficient

namespace

metadata

management

is

increasingly

important as next-generation file systems are designed for peta and


exascales.

New

schemes

have

been

proposed,

however,

their

evaluation has been insufficient due to a lack of appropriate


namespace metadata traces. Specifically, no Big Data storage system
metadata trace is publicly available and existing ones are a poor
replacement. We studied publicly available traces and one Big Data
trace from Yahoo! and note some of the differences and their
implications to metadata management studies. We discuss the
insufficiency of existing evaluation approaches and present a first step
towards a statistical metadata workload model that can capture the
relevant characteristics of a workload and is suitable for synthetic
workload generation. We describe Mimesis, a synthetic workload
generator, and evaluate its usefulness through a case study in a least
recently used metadata cache for the Hadoop Distributed File System.
Simulation results show that the traces generated by Mimesis mimic
the original workload and can be used in place of the real trace
providing accurate results.

Bandwidth Estimation for IEEE 802.11-Based Ad Hoc Networks


Since 2005, IEEE 802.11-based networks have been able to
provide a certain level of quality of service (QoS) by the means of
service differentiation, due to the IEEE 802.11e amendment. However,
no mechanism or method has been standardized to accurately
evaluate the amount of resources remaining on a given channel. Such
an evaluation would, however, be a good asset for bandwidthconstrained applications. In multihop ad hoc networks, such evaluation
becomes even more difficult. Consequently, despite the various
contributions around this research topic, the estimation of the available
bandwidth still represents one of the main issues in this field. In this
paper, we propose an improved mechanism to estimate the available
bandwidth in IEEE 802.11-based ad hoc networks. Through simulations,
we compare the accuracy of the estimation we propose to the
estimation performed by other state-of-the-art CoS protocols, BRulT,
AAC, and CoS-AODV.