LEAP: A Lightweight Encryption and Authentication Protocol for In-Vehicle Communications

The Controller Area Network (CAN) is considered as the de-facto standard for the in-vehicle communications due to its real-time performance and high reliability. Unfortunately, the lack of security protection on the CAN bus gives attackers the opportunity to remotely compromise a vehicle. In this paper, we propose a Lightweight Encryption and Authentication Protocol (LEAP) with low cost and high efficiency to address the security issue of the CAN bus. LEAP exploits the security-enhanced stream cipher primitive to provide encryption and authentication for the CAN messages. Compared with the state-of-the-art Message Authentication Code (MAC) based approaches, LEAP requires less memory, is 8X faster, and thwarts the most recently proposed attacks.Comment: 7 pages, 9 figures, 3 table

Heterogeneous Anomaly Detection for Software Systems via Semi-supervised Cross-modal Attention

Prompt and accurate detection of system anomalies is essential to ensure the reliability of software systems. Unlike manual efforts that exploit all available run-time information, existing approaches usually leverage only a single type of monitoring data (often logs or metrics) or fail to make effective use of the joint information among different types of data. Consequently, many false predictions occur. To better understand the manifestations of system anomalies, we conduct a systematical study on a large amount of heterogeneous data, i.e., logs and metrics. Our study demonstrates that logs and metrics can manifest system anomalies collaboratively and complementarily, and neither of them only is sufficient. Thus, integrating heterogeneous data can help recover the complete picture of a system's health status. In this context, we propose Hades, the first end-to-end semi-supervised approach to effectively identify system anomalies based on heterogeneous data. Our approach employs a hierarchical architecture to learn a global representation of the system status by fusing log semantics and metric patterns. It captures discriminative features and meaningful interactions from heterogeneous data via a cross-modal attention module, trained in a semi-supervised manner. We evaluate Hades extensively on large-scale simulated data and datasets from Huawei Cloud. The experimental results present the effectiveness of our model in detecting system anomalies. We also release the code and the annotated dataset for replication and future research.Comment: In Proceedings of the 2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE). arXiv admin note: substantial text overlap with arXiv:2207.0291

An Adaptive Resilience Testing Framework for Microservice Systems

Resilience testing, which measures the ability to minimize service degradation caused by unexpected failures, is crucial for microservice systems. The current practice for resilience testing relies on manually defining rules for different microservice systems. Due to the diverse business logic of microservices, there are no one-size-fits-all microservice resilience testing rules. As the quantity and dynamic of microservices and failures largely increase, manual configuration exhibits its scalability and adaptivity issues. To overcome the two issues, we empirically compare the impacts of common failures in the resilient and unresilient deployments of a benchmark microservice system. Our study demonstrates that the resilient deployment can block the propagation of degradation from system performance metrics (e.g., memory usage) to business metrics (e.g., response latency). In this paper, we propose AVERT, the first AdaptiVE Resilience Testing framework for microservice systems. AVERT first injects failures into microservices and collects available monitoring metrics. Then AVERT ranks all the monitoring metrics according to their contributions to the overall service degradation caused by the injected failures. Lastly, AVERT produces a resilience index by how much the degradation in system performance metrics propagates to the degradation in business metrics. The higher the degradation propagation, the lower the resilience of the microservice system. We evaluate AVERT on two open-source benchmark microservice systems. The experimental results show that AVERT can accurately and efficiently test the resilience of microservice systems

DynaComm: Accelerating Distributed CNN Training between Edges and Clouds through Dynamic Communication Scheduling

To reduce uploading bandwidth and address privacy concerns, deep learning at the network edge has been an emerging topic. Typically, edge devices collaboratively train a shared model using real-time generated data through the Parameter Server framework. Although all the edge devices can share the computing workloads, the distributed training processes over edge networks are still time-consuming due to the parameters and gradients transmission procedures between parameter servers and edge devices. Focusing on accelerating distributed Convolutional Neural Networks (CNNs) training at the network edge, we present DynaComm, a novel scheduler that dynamically decomposes each transmission procedure into several segments to achieve optimal layer-wise communications and computations overlapping during run-time. Through experiments, we verify that DynaComm manages to achieve optimal layer-wise scheduling for all cases compared to competing strategies while the model accuracy remains untouched.Comment: 16 pages, 12 figures. IEEE Journal on Selected Areas in Communication

Prism: Revealing Hidden Functional Clusters from Massive Instances in Cloud Systems

Ensuring the reliability of cloud systems is critical for both cloud vendors and customers. Cloud systems often rely on virtualization techniques to create instances of hardware resources, such as virtual machines. However, virtualization hinders the observability of cloud systems, making it challenging to diagnose platform-level issues. To improve system observability, we propose to infer functional clusters of instances, i.e., groups of instances having similar functionalities. We first conduct a pilot study on a large-scale cloud system, i.e., Huawei Cloud, demonstrating that instances having similar functionalities share similar communication and resource usage patterns. Motivated by these findings, we formulate the identification of functional clusters as a clustering problem and propose a non-intrusive solution called Prism. Prism adopts a coarse-to-fine clustering strategy. It first partitions instances into coarse-grained chunks based on communication patterns. Within each chunk, Prism further groups instances with similar resource usage patterns to produce fine-grained functional clusters. Such a design reduces noises in the data and allows Prism to process massive instances efficiently. We evaluate Prism on two datasets collected from the real-world production environment of Huawei Cloud. Our experiments show that Prism achieves a v-measure of ~0.95, surpassing existing state-of-the-art solutions. Additionally, we illustrate the integration of Prism within monitoring systems for enhanced cloud reliability through two real-world use cases.Comment: The paper was accepted by the 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2023

Internet of light: Technologies and applications

Intelligent lighting has attracted lots of research interests to investigate all the possible schemes to support this need as human has spent more and more time indoor. Semiconductor-based illumination network is an ideal bearer to carry on this mission. In this paper, we propose the concept of Internet of Light (IoL) and define its key functionalities by introducing the information and communication technologies to the illumination networks. Our latest research progress on high-speed transmission, resource optimization, and light stroboscopic irradiation experiment based on IoL platform show that IoL can not only provide value-added services such as positioning and information transmission but also act like a sensor network as part of Internet of Things infrastructure. It confirms that with sensors for different purposes integrated into the lamp, IoL helps people be aware of the environmental changes and make the adjustment accordingly, can provide cost-effective information service for Internet of Things applications, and supports the non-intrusive optical therapy in the future

Video delivery networks : challenges, solutions and future directions

Internet video ecosystems are faced with the increasing requirements in versatile applications, ubiquitous consumption and freedom of creation and sharing, in which the user experience for high-quality services has become more and more important. Internet is also under tremendous pressure due to the exponential growth in video consumption. Video providers have been using content delivery networks (CDNs) to deliver high-quality video services. However, the new features in video generation and consumption require CDN to address the scalability, quality of service and flexibility challenges. As a result, we need to rethink future CDN for sustainable video delivery. To this end, we give an overview for the Internet video ecosystem evolution. We survey the existing video delivery solutions from the perspective of economic relationships, algorithms, mechanisms and architectures. At the end of the article, we propose a data-driven information plane for video delivery network as the future direction and discuss two case studies to demonstrate its necessity

Non-Invasive Measurement of Cognitive Load and Stress Based on the Reflected Stress-Induced Vascular Response Index

Measuring cognitive load and stress is crucial for ubiquitous human computer interaction applications to dynamically understand and respond to the mental status of users, such as in smart healthcare, smart driving, and robotics. Various quantitative methods have been employed for this purpose, such as physiological and behavioral methods. However, the sensitivity, reliability, and usability are not satisfactory in many of the current methods, so they are not ideal for ubiquitous applications. In this study, we employed a reflected photoplethysmogram-based stress-induced vascular response index, i.e., the reflected sVRI (sVRI-r), to non-invasively measure the cognitive load and stress. This method has high usability as well as good sensitivity and reliability compared with the previously proposed transmitted sVRI (sVRI-t). We developed the basic methodology and detailed algorithm framework to validate the sVRI-r measurements, and it was implemented by employing two light sources, i.e., infrared light and green light. Compared with the simultaneously recorded blood pressure, heart rate variation, and sVRI-t, our findings demonstrated the greater potential of the sVRI-r for use as a sensitive, reliable, and usable parameter, as well as suggesting its potential integration with ubiquitous touch interactions for dynamic cognition and stress-sensing scenarios