Peidong Zhu

Parallelization of group-based skyline computation for multi-core processors

Skyline computation is particularly useful in multi‐criteria decision‐making applications. However, it is inadequate to answer queries that need to analyze not only individual points but also groups of points. Compared to the traditional skyline computation, computing group‐based skyline is much more complicated and expensive. This computational challenge promotes us to use modern computing platforms to accelerate the computation. In this paper, we introduce a novel multi‐core algorithm to compute group‐based skyline. We first compute the skyline layers of a data set in parallel, which are a critical intermediate result. In the algorithm, we maintain an efficiently updatable data structure for the shared global skyline layers, which is used to minimize dominance tests and maintain high throughput. Then we design an efficient parallel algorithm to find group‐based skyline based on the skyline layers. Extensive experimental results on real and synthetic data sets show that our algorithms achieve 10‐fold speedup with 16 parallel threads over state‐of‐the‐art sequential algorithms on challenging workloads.

Social recommendation using quantified social tie strength

With the development of online social network (OSN), social recommendation approaches have gain more and more momentum. The users OSN interactions which reflect the social tie strength put forward social recommendation approaches. But most of the previous work just classify the social tie strength into strong one and weak one. The coarse-grained social tie strength can not accurately reflect the social relationships between users and naturally affect the recommendation results. To address this problem, this paper presents a recommendation approach based on quantified social tie strength. We propose an unsupervised method to estimate tie strength from user similarity and online social interactions. Then the approach improve the social recommendation with quantified social tie strength. Experiments are made on a large book rating dataset from Douban.com. The experimental results show that this approach can effectively improve the recommendation accuracy.

Unveil the Spams in Weibo

In online social network(OSN), spams refer to the messages deliberately propagated by spammers. Annoyed advertisements, illegal contents, malware and phishing links can all be spread by spams. Some detection approaches have been proposed in previous works. However, on the one hand, some of the assumptions they rely on are still unproven. On the other hand, most of the previous works focus on famous sites such as Twitter and Facebook. The effectiveness of these approaches on other networks is still unknown. In this paper, we study the problem of spam in Weibo, Chinas leading micro-blog service. With a dataset of 375, 430 posts and 2, 370 users crawled from Weibo, we conducted a deep analysis in spammers and spammed posts. The contributions of our work are as follows. First, we work on the unproven assumption of regarding spammers as botnet users, which is relied by many previous works. We find that nowadays spammers perform more like regular users, which indicates that some previous methods are not effective any more. Second, we investigate the burst properties in spammed posts and legitimate posts. We find that therere some useful features can be extracted to separate them. Finally, we provide some helpful features that are suitable for spam detection in Weibo.

Cooperative Detection of Internet Prefix Hijacking

IP prefix hijacking in the Internet remains a threat to the security of routing and network applications. It is difficult for a router or network operator to identify the spoofed announcement of prefix ownership in a timely and accurate way for the lack of complete knowledge or authentication. This paper proposes a method, called CoMonitor, for prefix hijacking detection based on cooperation among Autonomous Systems (ASes). Every participating AS exchanges self-defined prefix-to-origin mapping information with others, and they monitor local BGP updates respectively. Once a participant discovers that the origin information of a BGP route is inconsistent with the learned prefix-to-origin mapping information, it notifies related participants immediately. The self-organized overlay network can help ASes detect prefix hijacks quickly and effectively. The paper describes its architecture, mechanisms and implementation details. Its effectiveness is validated through experiments and analysis.

Degrading Detection Performance of Wireless IDSs Through Poisoning Feature Selection

Machine learning algorithms have been increasingly adopted in Intrusion Detection Systems (IDSs) and achieved demonstrable results, but few studies have considered intrinsic vulnerabilities of these algorithms in adversarial environment. In our work, we adopt poisoning attack to influence the accuracy of wireless IDSs that adopt feature selection algorithms. Specifically, we adopt the gradient poisoning method to generate adversarial examples which induce classifier to select a feature subset to make the classification error rate biggest. We consider the box-constrained problem and use Lagrange multiplier and backtracking line search to find the feasible gradient. To evaluate our method, we experimentally demonstrate that our attack method can influence machine learning, including filter and embedded feature selection algorithms using three benchmark network public datasets and a wireless sensor network dataset, i.e., KDD99, NSL-KDD, Kyoto 2006+ and WSN-DS. Our results manifest that gradient poisoning method causes a significant drop in the classification accuracy of IDSs about 20%.

False Data Injection Attack Based on Hyperplane Migration of Support Vector Machine in Transmission Network of the Smart Grid

The smart grid is a key piece of infrastructure and its security has attracted widespread attention. The false data injection (FDI) attack is one of the important research issues in the field of smart grid security. Because this kind of attack has a great impact on the safe and stable operation of the smart grid, many effective detection methods have been proposed, such as an FDI detector based on the support vector machine (SVM). In this paper, we first analyze the problem existing in the detector based on SVM. Then, we propose a new attack method to reduce the detection effect of the FDI detector based on SVM and give a proof. The core of the method is that the FDI detector based on SVM cannot detect the attack vectors which are specially constructed and can replace the attack vectors into the training set when it is updated. Therefore, the training set is changed and then the next training result will be affected. With the increase of the number of the attack vectors which are injected into the positive space, the hyperplane moves to the side of the negative space, and the detection effect of the FDI detector based on SVM is reduced. Finally, we analyze the impact of different data injection modes for training results. Simulation experiments show that this attack method can impact the effectiveness of the FDI detector based on SVM.

An Interweaved Time Series Locally Connected Recurrent Neural Network Model on Crime Forecasting

Forecasting events like crimes and terrorist activities is a vital important and challenging problem. Researches in recent years focused on qualitative forecasting of a single type event, such as protests or gun crimes. However, events like crimes usually have complicated correlations with each other, and a single type event forecasting cannot meet actual demands. In reality, a quantitative forecasting is more practical for policy making, decision making and police resources allocating. In this paper, we propose an interweaved time series and an interpretative locally connected Recurrent Neural Network model, which forecasts not only whether an event would happen but also how many it would be by each type. Using open source data from Crimes in Chicago provided by Chicago Police Department, we demonstrate our approach more accurately in forecasting the crime events than the existing methods.

Enhance the robustness of cyber-physical systems by adding interdependency

In this paper, we propose two dependence link addition strategies to enhance the robustness of interdependent Cyber-Physical Systems. One is based on intra-degree and receiving capability difference and the other is based on intra-degree and receiving capability ratio. Numerical simulations demonstrate that the two strategies are better than adding dependence links randomly.

Parallelization of skyline probability computation over uncertain preferences

Query processing over uncertain preferences is very common in real‐life situations, because many times, we cannot model users preferences as strict partial orders. In this paper, we investigate skyline queries over uncertain preferences. The latest state‐of‐the‐art algorithm, called Usky‐base algorithm, makes significant advances. However, it still needs to be perfected in 2 aspects. (1) Theoretic analysis: The correctness of the algorithm is not fully verified. (2) Efficiency: Due to the heavy calculation introduced by adopting inclusion‐exclusion principle to express the skyline probability, it needs massive time when computing skyline probabilities for large data sets. To address the above 2 concerns, we first review the Usky‐base algorithm and lemmas it based on. Then we propose a novel parallel algorithm, called Parallel‐sky, to compute skyline probability of a given object. Moreover, we propose an adding algorithm and a deleting algorithm to deal with dynamic scenarios where new objects are added in and outdated objects are deleted out. Furthermore, we extend our algorithm from computing skyline probability of a given object to all objects in a data set. We conduct extensive experiments on real and synthetic data sets to validate the effectiveness and efficiency of our proposals.

Discovering Multi-type Correlated Events with Time Series for Exception Detection of Complex Systems

With the increase of systems complexity, exception detection becomes more important and difficult. For most complex systems, like cloud platform, exception detection is mainly conducted by analyzing a large amount of telemetry data collected from systems at runtime. Time series data and events data are two major types of telemetry data. Techniques of correlation analysis are important tools that are widely used by engineers for data-driven exception detection. Despite their importance, there has been little previous work addressing the correlations between two types of heterogeneous data for exception detection: continuous time series data and temporal events data. In this paper, we propose an approach to discovery the correlation between multi-type time series data and multi-type events data. Correlations between multi-type events data and multi-type time series data are used to detect systems exceptions. Our experimental results on real data sets demonstrate the effectiveness of our method for exception detection.