The growing trend of network virtualization results in a widespread adoption of virtual switches in virtualized environments. However, virtual switching is confronted with great performance challenges regarding packet...The growing trend of network virtualization results in a widespread adoption of virtual switches in virtualized environments. However, virtual switching is confronted with great performance challenges regarding packet classification especially in Open Flow-based software defined networks. This paper first takes an insight into packet classification in virtual Open Flow switching, and points out that its performance bottleneck is dominated by flow table traversals of multiple failed mask probing for each arrived packet. Then we are motivated to propose an efficient packet classification algorithm based on counting bloom filters. In particular, counting bloom filters are applied to predict the failures of flow table lookups with great possibilities, and bypass flow table traversals for failed mask probing. Finally, our proposed packet classification algorithm is evaluated with real network traffic traces by experiments. The experimental results indicate that our proposed algorithm outperforms the classical one in Open v Switch in terms of average search length, and contributes to promote virtual Open Flow switching performance.展开更多
Bloom Filters(BFs)are compact and probabilistic data structures designed for efficient set membership queries.They offer high query and storage efficiency,making them particularly useful in network and distributed sys...Bloom Filters(BFs)are compact and probabilistic data structures designed for efficient set membership queries.They offer high query and storage efficiency,making them particularly useful in network and distributed systems.However,the scalability of BFs in accommodating“big data”is limited by increased false positive rates,inflexible hash functions,and inefficient matching with dynamic datasets.To address these limitations,we introduce the Extensible Bloom Filter(EBF),which incorporates a flexible expansion mechanism and an adaptive hash function generation scheme.The EBF design features a set of BF vectors that expand according to the rate of incoming data,with each vector sized to suit the characteristics of the data.Adaptive hash functions,derived from common base matrices,streamline the process by leveraging strong inter-hash relationships.This reduces overhead and simplifies queries across multiple BF vector sizes.Performance evaluations have shown that the EBF consistently achieves a low false positive rate and minimal query time,even amid dynamic data arrivals and large data sets.With its extensibility and adaptability,the EBF provides a robust solution for applications requiring dynamic set representations with stringent accuracy requirements.It enhances the capabilities of network and distributed systems,making them more efficient in handling complex data scenarios.展开更多
Set reconciliation between two nodes is widely used in network applications. The basic idea is that each member of a node pair has an object set and seeks to deliver its unique objects to the other member. The Standar...Set reconciliation between two nodes is widely used in network applications. The basic idea is that each member of a node pair has an object set and seeks to deliver its unique objects to the other member. The Standard Bloom Filter (SBF) and its variants, such as the Invertible Bloom Filter (IBF), are effective approaches to solving the set reconciliation problem. The SBF-based method requires each node to represent its objects using an SBF, which is exchanged with the other node. A receiving node queries the received SBF against its local objects to identify the unique objects. Finally, each node exchanges its unique objects with the other node in the node pair. For the IBF- based method, each node represents its objects using an IBF, which is then exchanged. A receiving node subtracts the received IBF from its local IBF so as to decode the different objects between the two sets. Intuitively, it would seem that the IBF-based method, with only one round of communication, entails less communication overhead than the SBF-based method, which incurs two rounds of communication. Our research results, however, indicate that neither of these two methods has an absolute advantages over the others. In this paper, we aim to provide an in-depth understanding of the two methods, by evaluating and comparing their communication overhead. We find that the best method depends on parameter settings. We demonstrate that the SBF-based method outperforms the IBF-based method in most cases. But when the number of different objects in the two sets is below a certain threshold, the IBF-based method outperforms the SBF-based method.展开更多
Hot data identification is crucial for many applications though few investigations have examined the subject. All existing studies focus almost exclusively on frequency. However, effectively identifying hot data requi...Hot data identification is crucial for many applications though few investigations have examined the subject. All existing studies focus almost exclusively on frequency. However, effectively identifying hot data requires equally considering recency and frequency. Moreover, previous studies make hot data decisions at the data block level. Such a fine-grained decision fits particularly well for flash-based storage because its random access achieves performance comparable with its sequential access. However, hard disk drives (HDDs) have a significant performance disparity between sequential and random access. Therefore, unlike flash-based storage, exploiting asymmetric HDD access performance requires making a coarse-grained decision. This paper proposes a novel hot data identification scheme adopting multiple bloom filters to efficiently characterize recency as well as frequency. Consequently, it not only consumes 50% less memory and up to 58% less computational overhead, but also lowers false identification rates up to 65% compared with a state-of-the-art scheme. Moreover, we apply the scheme to a next generation HDD technology, i.e., Shingled Magnetic Recording (SMR), to verify its effectiveness. For this, we design a new hot data identification based SMR drive with a coarse-grained decision. The experiments demonstrate the importance and benefits of accurate hot data identification, thereby improving the proposed SMR drive performance by up to 42%.展开更多
As our best knowledge, in the Publish/Subscribe application environment, few research work has been done on the dissemination and routing of compressed XML (extended markup language) data. A high-speed compressed XM...As our best knowledge, in the Publish/Subscribe application environment, few research work has been done on the dissemination and routing of compressed XML (extended markup language) data. A high-speed compressed XML data routing and dissemination framework BloomRouter is proposed. In BloomRouter, a Bloom Filter based prefilte ring mechanism is used to filter out compressed XML elements that users do not care; after that an interval tree dis seminator forwards target elements to the corresponding end users by matching the incomming compressed XML elements with indexed users' query regions. Based on this framework, we can efficiently filter/query the compressed incoming XML data, and then route the query result to the corresponding subseriber.展开更多
A Bloom filter is a space-efficient data structure used for concisely representing a set as well as membership queries at the expense of introducing false positive. In this paper, we propose the L-priorities Bloom fil...A Bloom filter is a space-efficient data structure used for concisely representing a set as well as membership queries at the expense of introducing false positive. In this paper, we propose the L-priorities Bloom filter (LPBF) as a new member of the Bloom filter (BF) family, it uses a limited multidimensional bit space matrix to replace the bit vector of standard bloom filters in order to support different priorities for the elements of a set. We demonstrate the time and space complexity, especially the false positive rate of LPBF. Furthermore, we also present a detailed practical evaluation of the false positive rate achieved by LPBF. The results show that LPBF performs better than standard BFs with respect to false positive rate.展开更多
The Counting Bloom Filter (CBF) is a kind of space-efficient data structure that extends a Bloom filter so as to allow approximate multiplicity queries on a dynamic multi-set. This paper evaluates the performance of...The Counting Bloom Filter (CBF) is a kind of space-efficient data structure that extends a Bloom filter so as to allow approximate multiplicity queries on a dynamic multi-set. This paper evaluates the performance of multiplicity queries of three simple CBF schemes-the Naive Counting Bloom Filter (NCBF), the Space-Code Bloom Filter (SCBF) and the d-left Counting Bloom Filter (dlCBF)-using metrics of space complexity and counting error under both uniform and zipfian multiplicity distributions. We compare their counting error under same space complexity, and their space complexity when similar counting errors are achieved respectively. Our results show that dICBF is the best while SCBF is the worst in terms of both space-efficiency and accuracy. Furthermore, the performance gap between dlCBF and the others has a trend of being enlarged with the increment of space occupation or counting accuracy.展开更多
Bloom filter(BF)is a space-and-time efficient probabilistic technique that helps answermembership queries.However,BF faces several issues.The problems with traditional BF are generally two.Firstly,a large number of fa...Bloom filter(BF)is a space-and-time efficient probabilistic technique that helps answermembership queries.However,BF faces several issues.The problems with traditional BF are generally two.Firstly,a large number of false positives can return wrong content when the data is queried.Secondly,the large size of BF is a bottleneck in the speed of querying and thus uses large memory.In order to solve the above two issues,in this article,we propose the check bits concept.From the implementation perspective,in the check bits approach,before saving the content value in the BF,we obtain the binary representation of the content value.Then,we take some bits of the content value,we call these the check bits.These bits are stored in a separate array such that they point to the same location as the BF.Finally,the content value(data)is stored in the BF based on the hash function values.Before retrieval of data from BF,the reverse process of the steps ensures that even if the same hash functions output has been generated for the content,the check bits make sure that the retrieval does not depend on the hash output alone.This thus helps in the reduction of false positives.In the experimental evaluation,we are able to reduce more than 50%of false positives.In our proposed approach,the false positives can still occur,however,false positives can only occur if the hash functions and check bits generate the same value for a particular content.The chances of such scenarios are less,therefore,we get a reduction of approximately more than 50%false positives in all cases.We believe that the proposed approach adds to the state of the art and opens new directions as such.展开更多
计算机技术和通信技术的共同发展,使得数据呈现指数大爆炸式的增长。数据中蕴含的巨大价值是有目共睹的。但是对数据集的肆意收集与分析,使用户的隐私数据处在被泄露的风险中。为保护用户的敏感数据的同时实现对基数查询的有效响应,提...计算机技术和通信技术的共同发展,使得数据呈现指数大爆炸式的增长。数据中蕴含的巨大价值是有目共睹的。但是对数据集的肆意收集与分析,使用户的隐私数据处在被泄露的风险中。为保护用户的敏感数据的同时实现对基数查询的有效响应,提出一种基于差分隐私的隐私保护算法BFRRCE(Bloom Filter Random Response for Cardinality Estimation)。首先对用户的数据利用Bloom Filter数据结构进行数据预处理,然后利用本地差分隐私的扰动算法对数据进行扰动,达到保护用户敏感数据的目的。展开更多
AI applications have become ubiquitous,bringing significant convenience to various industries.In e-commerce,AI can enhance product recommendations for individuals and provide businesses with more accurate predictions ...AI applications have become ubiquitous,bringing significant convenience to various industries.In e-commerce,AI can enhance product recommendations for individuals and provide businesses with more accurate predictions for market strategy development.However,if the data used for AI applications is damaged or lost,it will inevitably affect the effectiveness of these AI applications.Therefore,it is essential to verify the integrity of e-commerce data.Although existing Provable Data Possession(PDP)protocols can verify the integrity of cloud data,they are not suitable for e-commerce scenarios due to the limited computational capabilities of edge servers,which cannot handle the high computational overhead of generating homomorphic verification tags in PDP.To address this issue,we propose PDP with Outsourced Tag Generation for AI-driven e-commerce,which outsources the computation of homomorphic verification tags to cloud servers while introducing a lightweight verification method to ensure that the tags match the uploaded data.Additionally,the proposed scheme supports dynamic operations such as adding,deleting,and modifying data,enhancing its practicality.Finally,experiments show that the additional computational overhead introduced by outsourcing homomorphic verification tags is acceptable compared to the original PDP.展开更多
Cloud computing technology is the culmination of technical advancements in computer networks,hardware and software capabilities that collectively gave rise to computing as a utility.It offers a plethora of utilities t...Cloud computing technology is the culmination of technical advancements in computer networks,hardware and software capabilities that collectively gave rise to computing as a utility.It offers a plethora of utilities to its clients worldwide in a very cost-effective way and this feature is enticing users/companies to migrate their infrastructure to cloud platform.Swayed by its gigantic capacity and easy access clients are uploading replicated data on cloud resulting in an unnecessary crunch of storage in datacenters.Many data compression techniques came to rescue but none could serve the purpose for the capacity as large as a cloud,hence,researches were made to de-duplicate the data and harvest the space from exiting storage capacity which was going in vain due to duplicacy of data.For providing better cloud services through scalable provisioning of resources,interoperability has brought many Cloud Service Providers(CSPs)under one umbrella and termed it as Cloud Federation.Many policies have been devised for private and public cloud deployment models for searching/eradicating replicated copies using hashing techniques.Whereas the exploration for duplicate copies is not restricted to any one type of CSP but to a set of public or private CSPs contributing to the federation.It was found that even in advanced deduplication techniques for federated clouds,due to the different nature of CSPs,a single file is stored at private as well as public group in the same cloud federation which can be handled if an optimized deduplication strategy be rendered for addressing this issue.Therefore,this study has been aimed to further optimize a deduplication strategy for federated cloud environment and suggested a central management agent for the federation.It was perceived that work relevant to this is not existing,hence,in this paper,the concept of federation agent has been implemented and deduplication technique following file level has been used for the accomplishment of this approach.展开更多
To meet the future internet traffic challenges, enhancement of hardware architectures related to network security has vital role where software security algorithms are incompatible with high speed in terms of Giga bit...To meet the future internet traffic challenges, enhancement of hardware architectures related to network security has vital role where software security algorithms are incompatible with high speed in terms of Giga bits per second (Gbps). In this paper, we discuss signature detection technique (SDT) used in network intrusion detection system (NIDS). Design of most commonly used hardware based techniques for signature detection such as finite automata, discrete comparators, Knuth-Morris-Pratt (KMP) algorithm, content addressable memory (CAM) and Bloom filter are discussed. Two novel architectures, XOR based pre computation CAM (XPCAM) and multi stage look up technique (MSLT) Bloom filter architectures are proposed and implemented in third party field programmable gate array (FPGA), and area and power consumptions are compared. 10Gbps network traffic generator (TNTG) is used to test the functionality and ensure the reliability of the proposed architectures. Our approach involves a unique combination of algorithmic and architectural techniques that outperform some of the current techniques in terms of performance, speed and powerefficiency.展开更多
For name-based routing/switching in NDN, the key challenges are to manage large-scale forwarding Tables, to lookup long names of variable lengths, and to deal with frequent updates. Hashing associated with proper leng...For name-based routing/switching in NDN, the key challenges are to manage large-scale forwarding Tables, to lookup long names of variable lengths, and to deal with frequent updates. Hashing associated with proper length-detecting is a straightforward yet efficient solution. Binary search strategy can reduce the number of required hash detecting in the worst case. However, to assure the searching path correct in such a schema, either backtrack searching or redundantly storing some prefixes is required, leading to performance or memory issues as a result. In this paper, we make a deep study on the binary search, and propose a novel mechanism to ensure correct searching path without neither additional backtrack costs nor redundant memory consumptions. Along any binary search path, a bloom filter is employed at each branching point to verify whether a said prefix is present, instead of storing that prefix here. By this means, we can gain significantly optimization on memory efficiency, at the cost of bloom checking before each detecting. Our evaluation experiments on both real-world and randomly synthesized data sets demonstrate our superiorities clearly展开更多
With the application and development of blockchain technology,many problems faced by blockchain traceability are gradually exposed.Such as cross-chain information collaboration,data separation and storage,multisystem,...With the application and development of blockchain technology,many problems faced by blockchain traceability are gradually exposed.Such as cross-chain information collaboration,data separation and storage,multisystem,multi-security domain collaboration,etc.To solve these problems,it is proposed to construct trust domains based on federated chains.The public chain is used as the authorization chain to build a cross-domain data traceability mechanism applicable to multi-domain collaboration.First,the architecture of the blockchain cross-domain model is designed.Combined with the data access strategy and the decision mechanism,the open and transparent judgment of cross-domain permission and cross-domain identity authentication is realized.And the public chain consensus node election mechanism is realized based on PageRank.Then,according to the characteristics of a nonsingle chain structure in the process of data flow,a data retrievalmechanism based on a Bloom filter is designed,and the cross-domain traceability algorithm is given.Finally,the safety and effectiveness of the traceability mechanism are verified by security evaluation and performance analysis.展开更多
With the rapid development of intelligent transportation, carpooling with the help of Vehicular Networks plays an important role in improving transportati<span>on efficiency and solving environmental problems. H...With the rapid development of intelligent transportation, carpooling with the help of Vehicular Networks plays an important role in improving transportati<span>on efficiency and solving environmental problems. However, attackers us</span>ually launch attacks and cause privacy leakage of carpooling users. In addition, the trust issue between unfamiliar vehicles and passengers reduces the efficiency of carpooling. To address these issues, this paper introduced a trusted and pr<span>ivacy-preserving carpooling matching scheme in Vehicular Networks (T</span>PCM). TPC<span>M scheme introduced travel preferences during carpooling matching, according to the passengers’ individual travel preferences needs, which adopt</span>ed th<span>e privacy set intersection technology based on the Bloom filter to match t</span>he passengers with the vehicles to achieve the purpose of protecting privacy an<span>d meeting the individual needs of passengers simultaneously. TPCM sch</span>eme adopted a multi-faceted trust management model, which calculated the trust val<span>ue of different travel preferences of vehicle based on passengers’ carp</span>ooling feedback to evaluate the vehicle’s trustworthiness from multi-faceted when carpooling matching. Moreover, a series of experiments were conducted to verify the effectiveness and robustness of the proposed scheme. The results show that the proposed scheme has high accuracy, lower computational and communication costs when compared with the existing carpooling schemes.展开更多
基金supported in part by National Natural Science Foundation of China(61272148,61572525,61502056,and 61602525)Hunan Provincial Natural Science Foundation of China(2015JJ3010)Scientific Research Fund of Hunan Provincial Education Department(15B009,14C0285)
文摘The growing trend of network virtualization results in a widespread adoption of virtual switches in virtualized environments. However, virtual switching is confronted with great performance challenges regarding packet classification especially in Open Flow-based software defined networks. This paper first takes an insight into packet classification in virtual Open Flow switching, and points out that its performance bottleneck is dominated by flow table traversals of multiple failed mask probing for each arrived packet. Then we are motivated to propose an efficient packet classification algorithm based on counting bloom filters. In particular, counting bloom filters are applied to predict the failures of flow table lookups with great possibilities, and bypass flow table traversals for failed mask probing. Finally, our proposed packet classification algorithm is evaluated with real network traffic traces by experiments. The experimental results indicate that our proposed algorithm outperforms the classical one in Open v Switch in terms of average search length, and contributes to promote virtual Open Flow switching performance.
基金supported in part by the National Natural Science Foundation of China(Nos.62025201 and 62472167)in part by the Hunan Provincial Natural Science Foundation of China(Nos.2024JJ3014 and 2024JJ5165)in part by the Key Research and Development Program of Hunan Province(No.2023GK2001).
文摘Bloom Filters(BFs)are compact and probabilistic data structures designed for efficient set membership queries.They offer high query and storage efficiency,making them particularly useful in network and distributed systems.However,the scalability of BFs in accommodating“big data”is limited by increased false positive rates,inflexible hash functions,and inefficient matching with dynamic datasets.To address these limitations,we introduce the Extensible Bloom Filter(EBF),which incorporates a flexible expansion mechanism and an adaptive hash function generation scheme.The EBF design features a set of BF vectors that expand according to the rate of incoming data,with each vector sized to suit the characteristics of the data.Adaptive hash functions,derived from common base matrices,streamline the process by leveraging strong inter-hash relationships.This reduces overhead and simplifies queries across multiple BF vector sizes.Performance evaluations have shown that the EBF consistently achieves a low false positive rate and minimal query time,even amid dynamic data arrivals and large data sets.With its extensibility and adaptability,the EBF provides a robust solution for applications requiring dynamic set representations with stringent accuracy requirements.It enhances the capabilities of network and distributed systems,making them more efficient in handling complex data scenarios.
基金supported in part by the National Natural Science Foundation of China(Nos.61422214 and 61402513)the National Key Basic Research and Development(973)Program of China(No.2014CB347800)+1 种基金the Program for New Century Excellent Talents in University and Distinguished Young Scholars of National University of Defense Technology(No.JQ14-05-02)the Preliminary Research Funding of National University of Defense Technology(No.ZDYYJCYJ20140601)
文摘Set reconciliation between two nodes is widely used in network applications. The basic idea is that each member of a node pair has an object set and seeks to deliver its unique objects to the other member. The Standard Bloom Filter (SBF) and its variants, such as the Invertible Bloom Filter (IBF), are effective approaches to solving the set reconciliation problem. The SBF-based method requires each node to represent its objects using an SBF, which is exchanged with the other node. A receiving node queries the received SBF against its local objects to identify the unique objects. Finally, each node exchanges its unique objects with the other node in the node pair. For the IBF- based method, each node represents its objects using an IBF, which is then exchanged. A receiving node subtracts the received IBF from its local IBF so as to decode the different objects between the two sets. Intuitively, it would seem that the IBF-based method, with only one round of communication, entails less communication overhead than the SBF-based method, which incurs two rounds of communication. Our research results, however, indicate that neither of these two methods has an absolute advantages over the others. In this paper, we aim to provide an in-depth understanding of the two methods, by evaluating and comparing their communication overhead. We find that the best method depends on parameter settings. We demonstrate that the SBF-based method outperforms the IBF-based method in most cases. But when the number of different objects in the two sets is below a certain threshold, the IBF-based method outperforms the SBF-based method.
基金This work was supported by Hankuk University of Foreign Studies Research Fund of Korea, and also partially supported by the National Science Foundation (NSF) Awards of USA under Grant Nos. 1053533, 1439622, 1217569, 1305237, and 1421913. Acknowledgment We would like to thank David Schwaderer (Samsung Semiconductor Inc., USA) for his valuable comments and proofreading.
文摘Hot data identification is crucial for many applications though few investigations have examined the subject. All existing studies focus almost exclusively on frequency. However, effectively identifying hot data requires equally considering recency and frequency. Moreover, previous studies make hot data decisions at the data block level. Such a fine-grained decision fits particularly well for flash-based storage because its random access achieves performance comparable with its sequential access. However, hard disk drives (HDDs) have a significant performance disparity between sequential and random access. Therefore, unlike flash-based storage, exploiting asymmetric HDD access performance requires making a coarse-grained decision. This paper proposes a novel hot data identification scheme adopting multiple bloom filters to efficiently characterize recency as well as frequency. Consequently, it not only consumes 50% less memory and up to 58% less computational overhead, but also lowers false identification rates up to 65% compared with a state-of-the-art scheme. Moreover, we apply the scheme to a next generation HDD technology, i.e., Shingled Magnetic Recording (SMR), to verify its effectiveness. For this, we design a new hot data identification based SMR drive with a coarse-grained decision. The experiments demonstrate the importance and benefits of accurate hot data identification, thereby improving the proposed SMR drive performance by up to 42%.
基金Supported by the National High Technology De-velopment of China (2005AA4Z3070) ,the National Grand Funda-mental Research 973 Programof China under Grant (G1999032705)
文摘As our best knowledge, in the Publish/Subscribe application environment, few research work has been done on the dissemination and routing of compressed XML (extended markup language) data. A high-speed compressed XML data routing and dissemination framework BloomRouter is proposed. In BloomRouter, a Bloom Filter based prefilte ring mechanism is used to filter out compressed XML elements that users do not care; after that an interval tree dis seminator forwards target elements to the corresponding end users by matching the incomming compressed XML elements with indexed users' query regions. Based on this framework, we can efficiently filter/query the compressed incoming XML data, and then route the query result to the corresponding subseriber.
基金supported by Project of Plan for Science and Technology Development of Jilin Province (No. 20101504)Project of Research of Science and Technology for the 11th Five-year Plan of Jilin Education Department (No. 2009604)
文摘A Bloom filter is a space-efficient data structure used for concisely representing a set as well as membership queries at the expense of introducing false positive. In this paper, we propose the L-priorities Bloom filter (LPBF) as a new member of the Bloom filter (BF) family, it uses a limited multidimensional bit space matrix to replace the bit vector of standard bloom filters in order to support different priorities for the elements of a set. We demonstrate the time and space complexity, especially the false positive rate of LPBF. Furthermore, we also present a detailed practical evaluation of the false positive rate achieved by LPBF. The results show that LPBF performs better than standard BFs with respect to false positive rate.
基金Supported by the National Grand Fundamental Research 973 Program of China (No.2007CB307100, No.2007CB 307102)
文摘The Counting Bloom Filter (CBF) is a kind of space-efficient data structure that extends a Bloom filter so as to allow approximate multiplicity queries on a dynamic multi-set. This paper evaluates the performance of multiplicity queries of three simple CBF schemes-the Naive Counting Bloom Filter (NCBF), the Space-Code Bloom Filter (SCBF) and the d-left Counting Bloom Filter (dlCBF)-using metrics of space complexity and counting error under both uniform and zipfian multiplicity distributions. We compare their counting error under same space complexity, and their space complexity when similar counting errors are achieved respectively. Our results show that dICBF is the best while SCBF is the worst in terms of both space-efficiency and accuracy. Furthermore, the performance gap between dlCBF and the others has a trend of being enlarged with the increment of space occupation or counting accuracy.
基金The authors would like to thank the chair of Prince Faisal binMishaal Al Saud for Artificial Intelligent research for funding this research work through the project number QU-CPFAI-2-7-4Also would like to extend their appreciation to the Deputyship for Research&Innovation,Ministry of Education,and the Deanship of Scientific Research,Qassim University,for their support of this research.
文摘Bloom filter(BF)is a space-and-time efficient probabilistic technique that helps answermembership queries.However,BF faces several issues.The problems with traditional BF are generally two.Firstly,a large number of false positives can return wrong content when the data is queried.Secondly,the large size of BF is a bottleneck in the speed of querying and thus uses large memory.In order to solve the above two issues,in this article,we propose the check bits concept.From the implementation perspective,in the check bits approach,before saving the content value in the BF,we obtain the binary representation of the content value.Then,we take some bits of the content value,we call these the check bits.These bits are stored in a separate array such that they point to the same location as the BF.Finally,the content value(data)is stored in the BF based on the hash function values.Before retrieval of data from BF,the reverse process of the steps ensures that even if the same hash functions output has been generated for the content,the check bits make sure that the retrieval does not depend on the hash output alone.This thus helps in the reduction of false positives.In the experimental evaluation,we are able to reduce more than 50%of false positives.In our proposed approach,the false positives can still occur,however,false positives can only occur if the hash functions and check bits generate the same value for a particular content.The chances of such scenarios are less,therefore,we get a reduction of approximately more than 50%false positives in all cases.We believe that the proposed approach adds to the state of the art and opens new directions as such.
文摘计算机技术和通信技术的共同发展,使得数据呈现指数大爆炸式的增长。数据中蕴含的巨大价值是有目共睹的。但是对数据集的肆意收集与分析,使用户的隐私数据处在被泄露的风险中。为保护用户的敏感数据的同时实现对基数查询的有效响应,提出一种基于差分隐私的隐私保护算法BFRRCE(Bloom Filter Random Response for Cardinality Estimation)。首先对用户的数据利用Bloom Filter数据结构进行数据预处理,然后利用本地差分隐私的扰动算法对数据进行扰动,达到保护用户敏感数据的目的。
基金funded by the Taiwan Comprehensive University System and the National Science and Technology Council of Taiwan under grant number NSTC 111-2410-H-019-006-MY3Additionally,this work was financially/partially supported by the Advanced Institute of Manufacturing with High-tech Innovations(AIM-HI)from the Featured Areas Research Center Program within the framework of the Higher Education Sprout Project by the Ministry of Education(MOE)in Taiwan+1 种基金the National Natural Science Foundation of China,No.62402444the Zhejiang Provincial Natural Science Foundation of China,No.LQ24F020012.
文摘AI applications have become ubiquitous,bringing significant convenience to various industries.In e-commerce,AI can enhance product recommendations for individuals and provide businesses with more accurate predictions for market strategy development.However,if the data used for AI applications is damaged or lost,it will inevitably affect the effectiveness of these AI applications.Therefore,it is essential to verify the integrity of e-commerce data.Although existing Provable Data Possession(PDP)protocols can verify the integrity of cloud data,they are not suitable for e-commerce scenarios due to the limited computational capabilities of edge servers,which cannot handle the high computational overhead of generating homomorphic verification tags in PDP.To address this issue,we propose PDP with Outsourced Tag Generation for AI-driven e-commerce,which outsources the computation of homomorphic verification tags to cloud servers while introducing a lightweight verification method to ensure that the tags match the uploaded data.Additionally,the proposed scheme supports dynamic operations such as adding,deleting,and modifying data,enhancing its practicality.Finally,experiments show that the additional computational overhead introduced by outsourcing homomorphic verification tags is acceptable compared to the original PDP.
文摘Cloud computing technology is the culmination of technical advancements in computer networks,hardware and software capabilities that collectively gave rise to computing as a utility.It offers a plethora of utilities to its clients worldwide in a very cost-effective way and this feature is enticing users/companies to migrate their infrastructure to cloud platform.Swayed by its gigantic capacity and easy access clients are uploading replicated data on cloud resulting in an unnecessary crunch of storage in datacenters.Many data compression techniques came to rescue but none could serve the purpose for the capacity as large as a cloud,hence,researches were made to de-duplicate the data and harvest the space from exiting storage capacity which was going in vain due to duplicacy of data.For providing better cloud services through scalable provisioning of resources,interoperability has brought many Cloud Service Providers(CSPs)under one umbrella and termed it as Cloud Federation.Many policies have been devised for private and public cloud deployment models for searching/eradicating replicated copies using hashing techniques.Whereas the exploration for duplicate copies is not restricted to any one type of CSP but to a set of public or private CSPs contributing to the federation.It was found that even in advanced deduplication techniques for federated clouds,due to the different nature of CSPs,a single file is stored at private as well as public group in the same cloud federation which can be handled if an optimized deduplication strategy be rendered for addressing this issue.Therefore,this study has been aimed to further optimize a deduplication strategy for federated cloud environment and suggested a central management agent for the federation.It was perceived that work relevant to this is not existing,hence,in this paper,the concept of federation agent has been implemented and deduplication technique following file level has been used for the accomplishment of this approach.
文摘To meet the future internet traffic challenges, enhancement of hardware architectures related to network security has vital role where software security algorithms are incompatible with high speed in terms of Giga bits per second (Gbps). In this paper, we discuss signature detection technique (SDT) used in network intrusion detection system (NIDS). Design of most commonly used hardware based techniques for signature detection such as finite automata, discrete comparators, Knuth-Morris-Pratt (KMP) algorithm, content addressable memory (CAM) and Bloom filter are discussed. Two novel architectures, XOR based pre computation CAM (XPCAM) and multi stage look up technique (MSLT) Bloom filter architectures are proposed and implemented in third party field programmable gate array (FPGA), and area and power consumptions are compared. 10Gbps network traffic generator (TNTG) is used to test the functionality and ensure the reliability of the proposed architectures. Our approach involves a unique combination of algorithmic and architectural techniques that outperform some of the current techniques in terms of performance, speed and powerefficiency.
基金supported by the National Natural Science Foundation of China (Grant No. 61472130 and 61702174)the China Postdoctoral Science Foundation funded project
文摘For name-based routing/switching in NDN, the key challenges are to manage large-scale forwarding Tables, to lookup long names of variable lengths, and to deal with frequent updates. Hashing associated with proper length-detecting is a straightforward yet efficient solution. Binary search strategy can reduce the number of required hash detecting in the worst case. However, to assure the searching path correct in such a schema, either backtrack searching or redundantly storing some prefixes is required, leading to performance or memory issues as a result. In this paper, we make a deep study on the binary search, and propose a novel mechanism to ensure correct searching path without neither additional backtrack costs nor redundant memory consumptions. Along any binary search path, a bloom filter is employed at each branching point to verify whether a said prefix is present, instead of storing that prefix here. By this means, we can gain significantly optimization on memory efficiency, at the cost of bloom checking before each detecting. Our evaluation experiments on both real-world and randomly synthesized data sets demonstrate our superiorities clearly
文摘With the application and development of blockchain technology,many problems faced by blockchain traceability are gradually exposed.Such as cross-chain information collaboration,data separation and storage,multisystem,multi-security domain collaboration,etc.To solve these problems,it is proposed to construct trust domains based on federated chains.The public chain is used as the authorization chain to build a cross-domain data traceability mechanism applicable to multi-domain collaboration.First,the architecture of the blockchain cross-domain model is designed.Combined with the data access strategy and the decision mechanism,the open and transparent judgment of cross-domain permission and cross-domain identity authentication is realized.And the public chain consensus node election mechanism is realized based on PageRank.Then,according to the characteristics of a nonsingle chain structure in the process of data flow,a data retrievalmechanism based on a Bloom filter is designed,and the cross-domain traceability algorithm is given.Finally,the safety and effectiveness of the traceability mechanism are verified by security evaluation and performance analysis.
文摘With the rapid development of intelligent transportation, carpooling with the help of Vehicular Networks plays an important role in improving transportati<span>on efficiency and solving environmental problems. However, attackers us</span>ually launch attacks and cause privacy leakage of carpooling users. In addition, the trust issue between unfamiliar vehicles and passengers reduces the efficiency of carpooling. To address these issues, this paper introduced a trusted and pr<span>ivacy-preserving carpooling matching scheme in Vehicular Networks (T</span>PCM). TPC<span>M scheme introduced travel preferences during carpooling matching, according to the passengers’ individual travel preferences needs, which adopt</span>ed th<span>e privacy set intersection technology based on the Bloom filter to match t</span>he passengers with the vehicles to achieve the purpose of protecting privacy an<span>d meeting the individual needs of passengers simultaneously. TPCM sch</span>eme adopted a multi-faceted trust management model, which calculated the trust val<span>ue of different travel preferences of vehicle based on passengers’ carp</span>ooling feedback to evaluate the vehicle’s trustworthiness from multi-faceted when carpooling matching. Moreover, a series of experiments were conducted to verify the effectiveness and robustness of the proposed scheme. The results show that the proposed scheme has high accuracy, lower computational and communication costs when compared with the existing carpooling schemes.
