Guest Editors Introduction: Artificial Intelligence for Security and Privacy
Kleinberg proposed a family of small-world networks to explain the navigability of social networks. However, the underlying mechanism driving real networks to be navigable is not yet well understood. In this paper, we model the network formation as a game in which people seek for both high reciprocity and long-distance relationships. We show that the navigable small-world network is a Nash Equilibrium of the game. Moreover, we prove that the navigable small-world equilibrium tolerates collusions of any size and arbitrary deviations of a large random set of nodes, while non-navigable equilibria do not tolerate small group collusions or random perturbations.
Programming community-based question-answering websites such as Stack Overflow encounter frequently created duplicate questions. To tackle this problem, Stack Overflow provides a mechanism for reputable users to manually mark duplicate questions. This is laborious and leads to many duplicate questions remain undetected. To tackle this issue, we model the duplicate detection as a two-stage ranking-classification" problem over question pairs, in which we leverage ranking algorithms and develop novel features for discriminative classification. Experiments on real-world questions about multiple programming languages demonstrate that our method works very well; in some cases over 25% improvement compared to the state-of-the-art benchmarks.
Public awareness of and concerns about companies' social and environmental impacts have seen a marked increase over recent decades. The quantity of relevant information has increased in parallel, as states pass laws requiring certain forms of reporting. However, this information is typically dispersed and non-standardized, making it complicated to collect and analyse. WikiRate.org platform aims to collect this information and store it in a standardised format within a centralised public repository. This paper introduces easIE, an easy-to-use information extraction framework that leverages general Web information extraction principles for building datasets with Environmental-Social-Governance (ESG) information from the Web.
We study the risk investors face from Bitcoin exchanges, which convert between Bitcoins and hard currency. We examine the track record of 79 Bitcoin exchanges established between 2010 and 2015. We find that nearly half (38) have since closed. 26 exchanges suffered security breaches, 15 of which subsequently closed. Using a proportional hazards model, we find that the availability of two-factor authentication, and to a lesser extent an exchange's transaction volume, influence whether or not an exchange is likely to close. Those exchanges that support two-factor authentication have 80% lower odds of closing than those which do not support it.
Introduction to the Special Issue on Emerging Software Technologies for Internet-Based Systems: Internetware and DevOps
Adaptive Case Management (ACM) has emerged as a key BPM technology for supporting unstructured business process. A key problem in ACM is that case schemas need to be changed to best fit the case at hand. Such changes are ad-hoc, and may result in schemas that do not reflect the intended properties. This paper presents a formal approach, based on the Guard-Stage-Milestone model, for reasoning about which properties of a case schema are preserved after a modification, and describes change operations that are guaranteed to preserve certain properties. The approach supports reasoning about rollbacks. A real-life example illustrates applicability.
Third-party networks collect vast amounts of data about users via web sites and mobile applications. Consolidations among tracker companies can notably increase their individual tracking capabilities, prompting scrutiny by competition regulators. Traditional measures of market share, based on revenue or sales, fail to represent the actual reach of a tracker, especially if it spans both web and mobile. This paper proposes a new approach to measure the concentration of tracking capability, based on the reach of a tracker on popular websites and apps. Our results reveal that tracker prominence and parent-subsidiary relationships have significant impact on accurately measuring concentration.
We develop a adversarial-theoretic foundation for how malicious person will explore an enterprise network and how they will attack it, based on the concept of a system vulnerability dependency graph. Based on such a model of the adversary, we develop a mechanism by which the network can be modified by the defender so as to induce deception by placing honey nodes and apparent vulnerabilities into the network so as to minimize the expected impact of the adversarys attacks (according to multiple measures of impact).
In online social networks, user can share a content that may violate the privacy of others. Recent approaches use agreement technologies to enable stakeholders of a post to discuss its privacy configurations. However, agreement should be established over multiple posts. A user can tolerate slight breaches of privacy in return of sharing posts themselves. Therefore, users can help each other preserve their privacy, viewing this as social responsibility. We develop a reciprocity-based negotiation that combines semantic privacy rules with utility functions. We evaluate our approach over multi-agent simulations where agents mimic users based on a user study that was conducted.
This paper develops a method to detect visual differences introduced into web pages when they are rendered in different browsers. To achieve this, we propose an empirical visual similarity metric by mimicking human mechanisms of perception. The Gestalt laws of grouping are translated into a rule set. A block tree is parsed by the rules for similarity calculation. During this translation process, experiments are performed to obtain metrics for a variety of Gestalt features. After a validation experiment, the empirical metric is employed to detect cross-browser differences. Experiments on the popular web pages provide positive results for this methodology.
Fog computing has drawn significant research interest as it focuses on bringing Cloud-based services closer to IoT users. To fully leverage the capabilities of distributed, resource-constrained and heterogeneous Fog nodes, applications that are decomposed into inter-dependent modules, can be deployed orderly over the nodes based on their latency-sensitivity. Here, we propose a latency-aware Application Module management policy for Fog to meet the diverse latency-driven issues of different applications. It aims to ensure QoS in terms of meeting the deadline and optimizes energy usage in Fog. Simulation experiments of the proposed policy, demonstrate meaningful improvement in performance over alternative latency-aware strategies.
With the increasing popularity and rapid development of Online Social Networks (OSNs), OSNs not only bring fundamental changes to information and communication technologies, but also make extensive and profound impact on all aspects of our social life. Efficient resource discovery is a fundamental challenge for large-scale distributed OSNs. In this paper, we propose an interest-aware social-like peer-to-peer (IASLP) model for social resource discovery in OSNs by mimicking ten different social theories and strategies. The experimental results show that IASLP can generate higher flexibility and adaptability and achieves better performance than the existing methods.
In this work, we novelly leverage the existing social network in YouTube, where a user subscribes to another users channel to track all his/her uploaded videos. We propose SocialTube that builds the subscribers of one channel into a P2P overlay and also clusters common-interest nodes in a higher level. It also incorporates a prefetching algorithm that prefetches higher-popularity videos. Extensive trace-driven simulation results and PlanetLab real-world experimental results verify the effectiveness of SocialTube at reducing server load and overlay maintenance overhead and at improving QoS for users.
Access control management is one of the issues still hindering the development of decentralized online social networks (DOSNs). In a previous work, we proposed an initial audit based model for access control in DOSNs. In this paper, we focus on optimizing the audit process, and on the privacy issues emerging from records kept for audit purposes. We propose an enhanced audit selection, for which experimental results, on a real OSN dataset, show an improvement of more than 50% compared to the basic model. We also provide an analysis of the related privacy issues, and discuss possible privacy preserving alternatives.
The intrusiveness of Web tracking and the increasing invasiveness of digital advertising have raised serious concerns regarding user privacy and Web usability, leading a substantial chunk of the populace to adopt ad-blocking technologies over the last years. The problem with these technologies, however, is that they disregard the underlying economic model of the Web, which is nowadays in danger. In this paper, we investigate an Internet technology that targets users who are not in general against advertising, accept the trade-off that comes with the "free" content, but ---for privacy concerns--- they wish to exert fine-grained control over tracking.
As citizens are demanding to participate directly on governance questions, social networking platforms are increasingly providing podia for the spread of unfundamented and/or harmful ideas. Participatory deliberation is a form of democratic policy-making which may lead to socially accepted results, rather than ensuring the moral acceptability of the result. This paper proposes Massive Open Online Deliberation (MOOD) as an open-participatory model that can be used to solve some of the current policy authority deficits. MOOD is based on the concept of Ethics by Participation, a formalized and guided process of moral deliberation that enhances critical thinking and reflection among participants.
Distributed cloud platforms are well suited for serving a geographically diverse user base. However traditional cloud provisioning mechanisms that make local scaling decisions are not well suited for temporal and spatial workload fluctuations seen by modern web applications. In this paper, we propose GeoScale, a system that provides geo-elasticity by combining model-driven proactive and agile reactive provisioning approaches. GeoScale can dynamically provision server capacity at any location based on workload dynamics. We conduct a detailed evaluation of GeoScale on Amazon's distributed cloud, and show up to 40% improvement in the 95th percentile response time when compared to traditional elasticity techniques.
In this paper, we deal with the complexity of the system to manage the context changeability at runtime. Consequently, we proposed four maturity levels associated to a set of design patterns that diminish the system design complexity through selecting the combination of the management processes based on the system requirements. We detailed the autonomic cognitive management pattern which represents the most mature level able to coordinate the system processes based on context changeability and dynamically discover new processes to deal with new requirements. We applied the proposed pattern with a use case from the healthcare domain.
Online rating systems are often target of manipulation attacks based on posted unfair ratings. In this paper we propose an iterative algorithm to assess rating scores which leverages information about users and score provenance and takes into account the distances between rating options. We prove convergence of our iterative ranking algorithm. We have implemented and tested our rating method on simulated data and world datasets. The experimental results demonstrate that our model provides realistic rating scores even in the presence of massive amount of unfair ratings and outperforms existing ranking algorithms.
Internet-based Indoor Navigation Service-Oriented Architectures (IIN-SOA) organize signals collected by IoT-based devices to enable a wide range of novel applications indoors, where people spend 80-90% of their time. In this paper, we study the problem of prefetching the most important IoT data blocks from an IIN-SOA to a mobile user u, without knowing us target during navigation. Our proposed Grap (Graph Prefetching) framework, structurally analyzes building topologies to identify important areas that become virtual targets to an online heuristic search algorithm we developed. We have tested Grap with datasets from a real IIN-SOA and found it to be impressively accurate.
We exploit Decision Networks (DN) for the analysis of attack scenarios. DN can naturally address uncertainty at every level, including the interaction level of attacks and countermeasures, making possible the modeling of more real-world situations which are not limited to Boolean combinations of events; furthermore, inference algorithms can be directly exploited for implementing a probabilistic analysis of both the risk and the importance of the attacks (with respect to specific sets of countermeasures), as well as a sound decision theoretic analysis having the goal of selecting the optimal (with respect to a specific objective function) set of countermeasures.
In a network, the risk of security compromises depends not only on each node's security, but also on the network structure. Understanding the likelihood of catastrophic security events is necessary for the success of diverse risk-management approaches, including cyber-insurance. However, previous network-security research has not considered features of these distributions beyond their first central moments, while previous cyber-insurance research has not considered the effect of topologies on the supply side. To bridge this gap, we provide a mathematical basis for the assessment of systematic risk in networks, and we perform a numerical study of scale-free networks that model real-world networks.
In this paper, we propose a software framework, called SARIoT for scalable and real-time provisioning of cloud-based IoT services and their data, driven by their contextual properties. The main idea behind the proposed framework is to structure the description of data-centric IoT services and their real-time and historical data in a hierarchical form in accordance with the end-user application's context model.
Social Commitments (SCs) provide a flexible, norm-based, governance structure for sharing and receiving data. However, users of data sharing applications can subscribe to multiple SCs, possibly producing opposing sharing and receiving requirements. We propose resolving such conflicts automatically through a conflict resolution model based on relevant user values such as privacy and safety. The model predicts a user's preferred resolution by choosing the commitment that best supports the user's values. We show through an empirical user study (n=396) that values, as well as recency and norm type, significantly improve a system's ability to predict user preference in location-sharing conflicts.