Volunteered geographic information(VGI)has entered a phase where there are both a substantial amount of crowdsourced information available and a big interest in using it by organizations.But the issue of deciding the ...Volunteered geographic information(VGI)has entered a phase where there are both a substantial amount of crowdsourced information available and a big interest in using it by organizations.But the issue of deciding the quality of VGI without resorting to a comparison with authoritative data remains an open challenge.This article first formulates the problem of quality assessment of VGI data.Then presents a model to measure trustworthiness of information and reputation of contributors by analyzing geometric,qualitative,and semantic aspects of edits over time.An implementation of the model is running on a small data-set for a preliminary empirical validation.The results indicate that the computed trustworthiness provides a valid approximation of VGI quality.展开更多
The trustworthiness analysis and evaluation are the bases of the trust chain transfer. In this paper the formal method of trustworthiness analysis of a system based on the noninterfer- ence (NI) theory of the inform...The trustworthiness analysis and evaluation are the bases of the trust chain transfer. In this paper the formal method of trustworthiness analysis of a system based on the noninterfer- ence (NI) theory of the information flow is studied. Firstly, existing methods cannot analyze the impact of the system states on the trustworthiness of software during the process of trust chain trans- fer. To solve this problem, the impact of the system state on trust- worthiness of software is investigated, the run-time mutual interfer- ence behavior of software entitles is described and an interference model of the access control automaton of a system is established. Secondly, based on the intransitive noninterference (INI) theory, a formal analytic method of trustworthiness for trust chain transfer is proposed, providing a theoretical basis for the analysis of dynamic trustworthiness of software during the trust chain transfer process. Thirdly, a prototype system with dynamic trustworthiness on a plat- form with dual core architecture is constructed and a verification algorithm of the system trustworthiness is provided. Finally, the monitor hypothesis is extended to the dynamic monitor hypothe- sis, a theorem of static judgment rule of system trustworthiness is provided, which is useful to prove dynamic trustworthiness of a system at the beginning of system construction. Compared with previous work in this field, this research proposes not only a formal analytic method for the determination of system trustworthiness, but also a modeling method and an analysis algorithm that are feasible for practical implementation.展开更多
Weighted factor is given to access eontrol policies to express the importanceof policy and its effect on access control decision. According to this weighted access controlframework, a trustworthiness model for aceess ...Weighted factor is given to access eontrol policies to express the importanceof policy and its effect on access control decision. According to this weighted access controlframework, a trustworthiness model for aceess request is also given. In this model, we give themeasure of trustworthiness factor to access request- by using some idea of uncertainty reasoning ofexpert system, present and prove the parallel propagation formula of request trustworthiness factoramong multiple policies, and get thefinal trustworthiness factor to decide whether authorizing. Inthis model, authorization decision is given according to the calculation of request trustworthinessfactor, which is more understandable, more suitable for real requirement and more powerfulforsecurity enhancement than traditional methods. Meanwhile the finer access control granularity isanother advantage.展开更多
Under the global circumstances where data leakage gets more and more severe, we present a trustworthiness-based distribution model that aims at data leakage prevention (DLP). In our model, first, the distributor cal...Under the global circumstances where data leakage gets more and more severe, we present a trustworthiness-based distribution model that aims at data leakage prevention (DLP). In our model, first, the distributor calculates the user's trustworthiness based on his historical behaviors; second, according to the user's trustworthiness and his obtained file set overlapping leaked file set, the distributor accesses the probability of the user's intentional leak behavior as the subjective risk assessment; third, the distributor evaluates the user's platform vulnerability as an objective element; last, the distributor makes decisions whether to distribute the file based on the integrated risk assessment. The experiments indicate that the model can distinguish users of different types and make the probability of malicious users' requirements being denied much higher than that of honest users' requirements being denied, so that the model is capable of preventing data leakage validly.展开更多
In order to analyze the trustworthiness of complex software systems,we propose a model of evidence-based software trustworthiness called trustworthiness derivation tree(TDT).The basic idea of constructing a TDT is to ...In order to analyze the trustworthiness of complex software systems,we propose a model of evidence-based software trustworthiness called trustworthiness derivation tree(TDT).The basic idea of constructing a TDT is to refine main properties into key ingredients and continue the refinement until basic facts such as evidences are reached.The skeleton of a TDT can be specified by a set of rules,which are convenient for automated reasoning in Prolog.We develop a visualization tool that can construct the skeleton of a TDT by taking the rules as input,and allow a user to edit the TDT in a graphical user interface.In a software development life cycle,TDTs can serve as a communication means for different stakeholders to agree on the properties about a system in the requirement analysis phase,and they can be used for deductive reasoning so as to verify whether the system achieves trustworthiness in the product validation phase.We have piloted the approach of using TDTs in more than a dozen real scenarios of software development.Indeed,using TDTs helped us to discover and then resolve some subtle problems.展开更多
Software trustworthiness includes many attributes.Reasonable weight allocation of trustworthy at-tributes plays a key role in the software trustworthiness measurement.In practical application,attribute weight usually ...Software trustworthiness includes many attributes.Reasonable weight allocation of trustworthy at-tributes plays a key role in the software trustworthiness measurement.In practical application,attribute weight usually comes from experts'evaluation to attributes and hidden information derived from attributes.Therefore,when the weight of attributes is researched,it is necessary to consider weight from subjective and objective as-pects.First,a novel weight allocation method is proposed by combining the fuzzy analytical hierarchy process(FAHP)method and the criteria importance though intercrieria correlation(CRITIC)method.Second,based on the weight allocation method,the trustworthiness measurement models of component-based software are estab-lished according to the seven combination structures of components.Third,the model reasonability is verified via proving some metric criteria.Finally,a case is carried out.According to the comparison with other models,the result shows that the model has the advantage of utilizing hidden information fully and analyzing the com-bination of components effectively.It is an important guide for measuring the trustworthiness measurement of component-based software.展开更多
For a more accurate and comprehensive assessment of the trustworthiness of component-based soft- ware system, the fuzzy analytic hierarchy process is introduced to establish the analysis model. Combine qualitative and...For a more accurate and comprehensive assessment of the trustworthiness of component-based soft- ware system, the fuzzy analytic hierarchy process is introduced to establish the analysis model. Combine qualitative and quantitative analyses, the impacts to overall trustworthiness by the different types of components are distinguished. Considering the coupling relationship between components, dividing the system into several layers from target layer to scheme layer, evaluating the scheme advantages disadvantages by group decision-making, the trustworthiness of a typical J2EE structured component-based software is assessed. The trustworthiness asses model of the software components provides an effective methods of operation.展开更多
The trustworthiness of virtual machines is a big security issue in cloud computing. In this paper, we aimed at designing a practical trustworthiness mechanism in virtual environment. With the assist of a third certifi...The trustworthiness of virtual machines is a big security issue in cloud computing. In this paper, we aimed at designing a practical trustworthiness mechanism in virtual environment. With the assist of a third certificate agent, the cloud user generates a trust base and extends it to its VMs. For each service running on the VM, a hash value is generated from all the necessary modules, and these hash values are organized and maintained with a specially designed hash tree whose root is extended from the user's trust base. Before the VM loads a service, the hash tree is verified from the coordinated hash value to check the trustworthiness of the service.展开更多
The integration of large language models(LLMs)into financial applications has demonstrated remarkable potential for enhancing decision-making processes,automating operations,and delivering personalized services.Howeve...The integration of large language models(LLMs)into financial applications has demonstrated remarkable potential for enhancing decision-making processes,automating operations,and delivering personalized services.However,the high-stakes nature of financial systems demands a very high level of trustworthiness that current LLMs often fail to meet.展开更多
Developing trusted softwares has become an important trend and a natural choice in the development of software technology and applications. At present, the method of measurement and assessment of software trustworthin...Developing trusted softwares has become an important trend and a natural choice in the development of software technology and applications. At present, the method of measurement and assessment of software trustworthiness cannot guarantee safe and reliable operations of software systems completely and effectively. Based on the dynamical system study, this paper interprets the characteristics of be- haviors of software systems and the basic scientific problems of software trustworthiness complexity, analyzes the characteristics of complexity of software trustworthiness, and proposes to study the soft- ware trustworthiness measurement in terms of the complexity of software trustworthiness. Using the dynamical statistical analysis methods, the paper advances an invariant-measure based assessment method of software trustworthiness by statistical indices, and hereby provides a dynamical criterion for the untrustworthiness of software systems. By an example, the feasibility of the proposed dynamical statistical analysis method in software trustworthiness measurement is demonstrated using numerical simulations and theoretical analysis.展开更多
Developing trusted softwares has become an important trend and a natural choice in the development of software technology and applications, and software trustworthiness modeling has become a prerequisite and necessary...Developing trusted softwares has become an important trend and a natural choice in the development of software technology and applications, and software trustworthiness modeling has become a prerequisite and necessary means. To discuss and explain the basic scientific problems in software trustworthiness and to establish theoretical foundations for software trustworthiness measurement, combining the ideas of dynamical system study, this paper studies evolutionary laws of software trustworthiness and the dynamical mechanism under the effect of various internal and external factors, and proposes dynamical models for software trustworthiness, thus, software trustworthiness can be considered as the statistical characteristics of behaviors of software systems in the dynamical and open environment. By analyzing two simple examples, the paper explains the relationship between the limit evolutionary behaviors of software trustworthiness attributes and dynamical system characteristics, and interprets the dynamical characteristics of software trustworthiness and their evolutionary complexity.展开更多
In this paper, the architecture of trustworthy and controllable networks is discussed to meet arising application requirements. After reviewing the lessons and experiences of success and failure in the Internet and su...In this paper, the architecture of trustworthy and controllable networks is discussed to meet arising application requirements. After reviewing the lessons and experiences of success and failure in the Internet and summarizing related work, we analyze the basic targets of providing trustworthiness and controllability. Then, the anticipant architecture is introduced. Based on the resulting design, several trustworthy and controllable mechanisms are also discussed.展开更多
Recent years see an increasing concern over the trustworthiness of Internet-based software. By analyzing the trustworthiness of Internet-based software and the nature of the Internet applications, we point out that, o...Recent years see an increasing concern over the trustworthiness of Internet-based software. By analyzing the trustworthiness of Internet-based software and the nature of the Internet applications, we point out that, on the one hand, due to the openness and dynamic nature of the Internet, the identity trustworthiness and the capability trustworthiness of the software are facing serious challenges; on the other hand, in order to ensure the trustworthiness of the whole system, emerging computing paradigms based on the collaboration of autonomous software need some impacts on the behavior of the software. Here we put forward a conceptual model for the trustworthiness of Internet-based software, and propose a trustworthy assurance framework for Internet-based virtual computing environment (iVCE). This framework deals with the trustworthy properties of software on identity, capability and behavior in a combinated way. The authorization management in inter-domain computing environment, assurance on high availability of service and incentive mechanism for autonomic collaboration are taken as three core mechanisms of iVCE trustworthy assurance.展开更多
As trust becomes increasingly important in software domain, software trustworthiness--as a complex high- composite concept, has developed into a big challenge people have to face, especially in the current open, dynam...As trust becomes increasingly important in software domain, software trustworthiness--as a complex high- composite concept, has developed into a big challenge people have to face, especially in the current open, dynamic and ever-changing Internet environment. Furthermore, how to recognize and define trust problem from its nature and how to measure software trustworthiness correctly and effectively play a key role in improving users' trust in choosing software. Based on trust theory in the field of humanities and sociology, this paper proposes a measurable S2S (Social-to-Software) software trustworthiness framework, introduces a generalized indicator loss to unify three parts of trustworthiness result, and presents a whole metric solution for software trustworthiness, including the advanced J-M model based on power function and time-loss rate for ability trustworthiness measurement, the fuzzy comprehensive evaluation advanced-model considering effect of multiple short boards for basic standard trustworthiness, and the identity trustworthiness measurement method based on the code homology detecting tools. Finally, it provides a case study to verify that the solution is applicable and effective.展开更多
The Internet of Things (IoT) integrates diverse devices into the Internet infrastructure, including sensors, meters, and wearable devices. Designing efficient IoT networks with these heterogeneous devices requires the...The Internet of Things (IoT) integrates diverse devices into the Internet infrastructure, including sensors, meters, and wearable devices. Designing efficient IoT networks with these heterogeneous devices requires the selection of appropriate routing protocols, which is crucial for maintaining high Quality of Service (QoS). The Internet Engineering Task Force’s Routing Over Low Power and Lossy Networks (IETF ROLL) working group developed the IPv6 Routing Protocol for Low Power and Lossy Networks (RPL) to meet these needs. While the initial RPL standard focused on single-metric route selection, ongoing research explores enhancing RPL by incorporating multiple routing metrics and developing new Objective Functions (OFs). This paper introduces a novel Objective Function (OF), the Reliable and Secure Objective Function (RSOF), designed to enhance the reliability and trustworthiness of parent selection at both the node and link levels within IoT and RPL routing protocols. The RSOF employs an adaptive parent node selection mechanism that incorporates multiple metrics, including Residual Energy (RE), Expected Transmission Count (ETX), Extended RPL Node Trustworthiness (ERNT), and a novel metric that measures node failure rate (NFR). In this mechanism, nodes with a high NFR are excluded from the parent selection process to improve network reliability and stability. The proposed RSOF was evaluated using random and grid topologies in the Cooja Simulator, with tests conducted across small, medium, and large-scale networks to examine the impact of varying node densities. The simulation results indicate a significant improvement in network performance, particularly in terms of average latency, packet acknowledgment ratio (PAR), packet delivery ratio (PDR), and Control Message Overhead (CMO), compared to the standard Minimum Rank with Hysteresis Objective Function (MRHOF).展开更多
The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate.Federated learning offers a promising solution to exped...The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate.Federated learning offers a promising solution to expedite the training of security assessment models.However,ensuring the trustworthiness and robustness of federated learning under multi-party collaboration scenarios remains a challenge.To address these issues,this study proposes a shard aggregation network structure and a malicious node detection mechanism,along with improvements to the federated learning training process.First,we extract the data features of the participants by using spectral clustering methods combined with a Gaussian kernel function.Then,we introduce a multi-objective decision-making approach that combines data distribution consistency,consensus communication overhead,and consensus result reliability in order to determine the final network sharing scheme.Finally,by integrating the federated learning aggregation process with the malicious node detection mechanism,we improve the traditional decentralized learning process.Our proposed ShardFed algorithm outperforms conventional classification algorithms and state-of-the-art machine learning methods like FedProx and FedCurv in convergence speed,robustness against data interference,and adaptability across multiple scenarios.Experimental results demonstrate that the proposed approach improves model accuracy by up to 2.33%under non-independent and identically distributed data conditions,maintains higher performance with malicious nodes containing poisoned data ratios of 20%–50%,and significantly enhances model resistance to low-quality data.展开更多
Cross-domain routing in Integrated Heterogeneous Networks(Inte-HetNet)should ensure efficient and secure data transmission across different network domains by satisfying diverse routing requirements.However,current so...Cross-domain routing in Integrated Heterogeneous Networks(Inte-HetNet)should ensure efficient and secure data transmission across different network domains by satisfying diverse routing requirements.However,current solutions face numerous challenges in continuously ensuring trustworthy routing,fulfilling diverse requirements,achieving reasonable resource allocation,and safeguarding against malicious behaviors of network operators.We propose CrowdRouting,a novel cross-domain routing scheme based on crowdsourcing,dedicated to establishing sustained trust in cross-domain routing,comprehensively considering and fulfilling various customized routing requirements,while ensuring reasonable resource allocation and effectively curbing malicious behavior of network operators.Concretely,CrowdRouting employs blockchain technology to verify the trustworthiness of border routers in different network domains,thereby establishing sustainable and trustworthy crossdomain routing based on sustained trust in these routers.In addition,CrowdRouting ingeniously integrates a crowdsourcing mechanism into the auction for routing,achieving fair and impartial allocation of routing rights by flexibly embedding various customized routing requirements into each auction phase.Moreover,CrowdRouting leverages incentive mechanisms and routing settlement to encourage network domains to actively participate in cross-domain routing,thereby promoting optimal resource allocation and efficient utilization.Furthermore,CrowdRouting introduces a supervisory agency(e.g.,undercover agent)to effectively suppress the malicious behavior of network operators through the game and interaction between the agent and the network operators.Through comprehensive experimental evaluations and comparisons with existing works,we demonstrate that CrowdRouting excels in providing trustworthy and fine-grained customized routing services,stimulating active participation in cross-domain routing,inhibiting malicious operator behavior,and maintaining reasonable resource allocation,all of which outperform baseline schemes.展开更多
Feature selection(FS)is a pivotal pre-processing step in developing data-driven models,influencing reliability,performance and optimization.Although existing FS techniques can yield high-performance metrics for certai...Feature selection(FS)is a pivotal pre-processing step in developing data-driven models,influencing reliability,performance and optimization.Although existing FS techniques can yield high-performance metrics for certain models,they do not invariably guarantee the extraction of the most critical or impactful features.Prior literature underscores the significance of equitable FS practices and has proposed diverse methodologies for the identification of appropriate features.However,the challenge of discerning the most relevant and influential features persists,particularly in the context of the exponential growth and heterogeneity of big data—a challenge that is increasingly salient in modern artificial intelligence(AI)applications.In response,this study introduces an innovative,automated statistical method termed Farea Similarity for Feature Selection(FSFS).The FSFS approach computes a similarity metric for each feature by benchmarking it against the record-wise mean,thereby finding feature dependencies and mitigating the influence of outliers that could potentially distort evaluation outcomes.Features are subsequently ranked according to their similarity scores,with the threshold established at the average similarity score.Notably,lower FSFS values indicate higher similarity and stronger data correlations,whereas higher values suggest lower similarity.The FSFS method is designed not only to yield reliable evaluation metrics but also to reduce data complexity without compromising model performance.Comparative analyses were performed against several established techniques,including Chi-squared(CS),Correlation Coefficient(CC),Genetic Algorithm(GA),Exhaustive Approach,Greedy Stepwise Approach,Gain Ratio,and Filtered Subset Eval,using a variety of datasets such as the Experimental Dataset,Breast Cancer Wisconsin(Original),KDD CUP 1999,NSL-KDD,UNSW-NB15,and Edge-IIoT.In the absence of the FSFS method,the highest classifier accuracies observed were 60.00%,95.13%,97.02%,98.17%,95.86%,and 94.62%for the respective datasets.When the FSFS technique was integrated with data normalization,encoding,balancing,and feature importance selection processes,accuracies improved to 100.00%,97.81%,98.63%,98.94%,94.27%,and 98.46%,respectively.The FSFS method,with a computational complexity of O(fn log n),demonstrates robust scalability and is well-suited for datasets of large size,ensuring efficient processing even when the number of features is substantial.By automatically eliminating outliers and redundant data,FSFS reduces computational overhead,resulting in faster training and improved model performance.Overall,the FSFS framework not only optimizes performance but also enhances the interpretability and explainability of data-driven models,thereby facilitating more trustworthy decision-making in AI applications.展开更多
文摘Volunteered geographic information(VGI)has entered a phase where there are both a substantial amount of crowdsourced information available and a big interest in using it by organizations.But the issue of deciding the quality of VGI without resorting to a comparison with authoritative data remains an open challenge.This article first formulates the problem of quality assessment of VGI data.Then presents a model to measure trustworthiness of information and reputation of contributors by analyzing geometric,qualitative,and semantic aspects of edits over time.An implementation of the model is running on a small data-set for a preliminary empirical validation.The results indicate that the computed trustworthiness provides a valid approximation of VGI quality.
基金supported by the Natural Science Foundation of Jiangsu Province(BK2012237)
文摘The trustworthiness analysis and evaluation are the bases of the trust chain transfer. In this paper the formal method of trustworthiness analysis of a system based on the noninterfer- ence (NI) theory of the information flow is studied. Firstly, existing methods cannot analyze the impact of the system states on the trustworthiness of software during the process of trust chain trans- fer. To solve this problem, the impact of the system state on trust- worthiness of software is investigated, the run-time mutual interfer- ence behavior of software entitles is described and an interference model of the access control automaton of a system is established. Secondly, based on the intransitive noninterference (INI) theory, a formal analytic method of trustworthiness for trust chain transfer is proposed, providing a theoretical basis for the analysis of dynamic trustworthiness of software during the trust chain transfer process. Thirdly, a prototype system with dynamic trustworthiness on a plat- form with dual core architecture is constructed and a verification algorithm of the system trustworthiness is provided. Finally, the monitor hypothesis is extended to the dynamic monitor hypothe- sis, a theorem of static judgment rule of system trustworthiness is provided, which is useful to prove dynamic trustworthiness of a system at the beginning of system construction. Compared with previous work in this field, this research proposes not only a formal analytic method for the determination of system trustworthiness, but also a modeling method and an analysis algorithm that are feasible for practical implementation.
文摘Weighted factor is given to access eontrol policies to express the importanceof policy and its effect on access control decision. According to this weighted access controlframework, a trustworthiness model for aceess request is also given. In this model, we give themeasure of trustworthiness factor to access request- by using some idea of uncertainty reasoning ofexpert system, present and prove the parallel propagation formula of request trustworthiness factoramong multiple policies, and get thefinal trustworthiness factor to decide whether authorizing. Inthis model, authorization decision is given according to the calculation of request trustworthinessfactor, which is more understandable, more suitable for real requirement and more powerfulforsecurity enhancement than traditional methods. Meanwhile the finer access control granularity isanother advantage.
基金Supported by the National High Technology Research and Development Program of China (863 Program) (2009AA01Z442, 2008AA01Z404)the National Natural Science Foundation of China (90718006, 60970114)
文摘Under the global circumstances where data leakage gets more and more severe, we present a trustworthiness-based distribution model that aims at data leakage prevention (DLP). In our model, first, the distributor calculates the user's trustworthiness based on his historical behaviors; second, according to the user's trustworthiness and his obtained file set overlapping leaked file set, the distributor accesses the probability of the user's intentional leak behavior as the subjective risk assessment; third, the distributor evaluates the user's platform vulnerability as an objective element; last, the distributor makes decisions whether to distribute the file based on the integrated risk assessment. The experiments indicate that the model can distinguish users of different types and make the probability of malicious users' requirements being denied much higher than that of honest users' requirements being denied, so that the model is capable of preventing data leakage validly.
基金the National Natural Science Foundation of China (Nos.61832015 and 62072176)the Inria-CAS Joint Project Quasar and Shanghai Trusted Industry Internet Software Collaborative Innovation Center。
文摘In order to analyze the trustworthiness of complex software systems,we propose a model of evidence-based software trustworthiness called trustworthiness derivation tree(TDT).The basic idea of constructing a TDT is to refine main properties into key ingredients and continue the refinement until basic facts such as evidences are reached.The skeleton of a TDT can be specified by a set of rules,which are convenient for automated reasoning in Prolog.We develop a visualization tool that can construct the skeleton of a TDT by taking the rules as input,and allow a user to edit the TDT in a graphical user interface.In a software development life cycle,TDTs can serve as a communication means for different stakeholders to agree on the properties about a system in the requirement analysis phase,and they can be used for deductive reasoning so as to verify whether the system achieves trustworthiness in the product validation phase.We have piloted the approach of using TDTs in more than a dozen real scenarios of software development.Indeed,using TDTs helped us to discover and then resolve some subtle problems.
基金the Natural Science Foundation of Anhui Province (No.2108085MF204)the National Natural Science Foundation of China (Nos.62162014 and 62077029)the Program of the Abroad Visiting of Excellent Young Talents of Universities in Anhui Province (No.GXGWFX2019022)。
文摘Software trustworthiness includes many attributes.Reasonable weight allocation of trustworthy at-tributes plays a key role in the software trustworthiness measurement.In practical application,attribute weight usually comes from experts'evaluation to attributes and hidden information derived from attributes.Therefore,when the weight of attributes is researched,it is necessary to consider weight from subjective and objective as-pects.First,a novel weight allocation method is proposed by combining the fuzzy analytical hierarchy process(FAHP)method and the criteria importance though intercrieria correlation(CRITIC)method.Second,based on the weight allocation method,the trustworthiness measurement models of component-based software are estab-lished according to the seven combination structures of components.Third,the model reasonability is verified via proving some metric criteria.Finally,a case is carried out.According to the comparison with other models,the result shows that the model has the advantage of utilizing hidden information fully and analyzing the com-bination of components effectively.It is an important guide for measuring the trustworthiness measurement of component-based software.
基金Sponsored by the National High Technology Research and Development Program of China ("863"Program) (2009AA01Z433)
文摘For a more accurate and comprehensive assessment of the trustworthiness of component-based soft- ware system, the fuzzy analytic hierarchy process is introduced to establish the analysis model. Combine qualitative and quantitative analyses, the impacts to overall trustworthiness by the different types of components are distinguished. Considering the coupling relationship between components, dividing the system into several layers from target layer to scheme layer, evaluating the scheme advantages disadvantages by group decision-making, the trustworthiness of a typical J2EE structured component-based software is assessed. The trustworthiness asses model of the software components provides an effective methods of operation.
基金supported by the National Natural Science Foundation of China(No.6127249261572521)+1 种基金Natural Science Foundation of Shaanxi Provence(No.2013JM8012)Fundamental Research Project of CAPF(No.WJY201520)
文摘The trustworthiness of virtual machines is a big security issue in cloud computing. In this paper, we aimed at designing a practical trustworthiness mechanism in virtual environment. With the assist of a third certificate agent, the cloud user generates a trust base and extends it to its VMs. For each service running on the VM, a hash value is generated from all the necessary modules, and these hash values are organized and maintained with a specially designed hash tree whose root is extended from the user's trust base. Before the VM loads a service, the hash tree is verified from the coordinated hash value to check the trustworthiness of the service.
文摘The integration of large language models(LLMs)into financial applications has demonstrated remarkable potential for enhancing decision-making processes,automating operations,and delivering personalized services.However,the high-stakes nature of financial systems demands a very high level of trustworthiness that current LLMs often fail to meet.
基金the National Basic Research Program of China (Grant No. 2005CB321900)the National Natural Science Foundation of China (Grant No. 60473091)
文摘Developing trusted softwares has become an important trend and a natural choice in the development of software technology and applications. At present, the method of measurement and assessment of software trustworthiness cannot guarantee safe and reliable operations of software systems completely and effectively. Based on the dynamical system study, this paper interprets the characteristics of be- haviors of software systems and the basic scientific problems of software trustworthiness complexity, analyzes the characteristics of complexity of software trustworthiness, and proposes to study the soft- ware trustworthiness measurement in terms of the complexity of software trustworthiness. Using the dynamical statistical analysis methods, the paper advances an invariant-measure based assessment method of software trustworthiness by statistical indices, and hereby provides a dynamical criterion for the untrustworthiness of software systems. By an example, the feasibility of the proposed dynamical statistical analysis method in software trustworthiness measurement is demonstrated using numerical simulations and theoretical analysis.
基金Supported partially by the National Basic Research Program of China (Grant No. 2005CB321900) the National Natural Science Foundation of China (Grant No. 60473091)
文摘Developing trusted softwares has become an important trend and a natural choice in the development of software technology and applications, and software trustworthiness modeling has become a prerequisite and necessary means. To discuss and explain the basic scientific problems in software trustworthiness and to establish theoretical foundations for software trustworthiness measurement, combining the ideas of dynamical system study, this paper studies evolutionary laws of software trustworthiness and the dynamical mechanism under the effect of various internal and external factors, and proposes dynamical models for software trustworthiness, thus, software trustworthiness can be considered as the statistical characteristics of behaviors of software systems in the dynamical and open environment. By analyzing two simple examples, the paper explains the relationship between the limit evolutionary behaviors of software trustworthiness attributes and dynamical system characteristics, and interprets the dynamical characteristics of software trustworthiness and their evolutionary complexity.
基金Supported by the National Natural Science Foundation of China under Grant Nos. 60503052, 60573144, 90412012, and the National Grand Fundamental Research 973 Program of China under Grant No. 2003CB314804.
文摘In this paper, the architecture of trustworthy and controllable networks is discussed to meet arising application requirements. After reviewing the lessons and experiences of success and failure in the Internet and summarizing related work, we analyze the basic targets of providing trustworthiness and controllability. Then, the anticipant architecture is introduced. Based on the resulting design, several trustworthy and controllable mechanisms are also discussed.
文摘Recent years see an increasing concern over the trustworthiness of Internet-based software. By analyzing the trustworthiness of Internet-based software and the nature of the Internet applications, we point out that, on the one hand, due to the openness and dynamic nature of the Internet, the identity trustworthiness and the capability trustworthiness of the software are facing serious challenges; on the other hand, in order to ensure the trustworthiness of the whole system, emerging computing paradigms based on the collaboration of autonomous software need some impacts on the behavior of the software. Here we put forward a conceptual model for the trustworthiness of Internet-based software, and propose a trustworthy assurance framework for Internet-based virtual computing environment (iVCE). This framework deals with the trustworthy properties of software on identity, capability and behavior in a combinated way. The authorization management in inter-domain computing environment, assurance on high availability of service and incentive mechanism for autonomic collaboration are taken as three core mechanisms of iVCE trustworthy assurance.
基金This work was supported by the National Natural Science Foundation of China under Grant No. 90818021, the HeGaoJi Program of China under Grant No. 2012zx01039-004-46, and the Information Security Program of National Development and Reform Commission of China under Grant No. 2012-1424.
文摘As trust becomes increasingly important in software domain, software trustworthiness--as a complex high- composite concept, has developed into a big challenge people have to face, especially in the current open, dynamic and ever-changing Internet environment. Furthermore, how to recognize and define trust problem from its nature and how to measure software trustworthiness correctly and effectively play a key role in improving users' trust in choosing software. Based on trust theory in the field of humanities and sociology, this paper proposes a measurable S2S (Social-to-Software) software trustworthiness framework, introduces a generalized indicator loss to unify three parts of trustworthiness result, and presents a whole metric solution for software trustworthiness, including the advanced J-M model based on power function and time-loss rate for ability trustworthiness measurement, the fuzzy comprehensive evaluation advanced-model considering effect of multiple short boards for basic standard trustworthiness, and the identity trustworthiness measurement method based on the code homology detecting tools. Finally, it provides a case study to verify that the solution is applicable and effective.
文摘The Internet of Things (IoT) integrates diverse devices into the Internet infrastructure, including sensors, meters, and wearable devices. Designing efficient IoT networks with these heterogeneous devices requires the selection of appropriate routing protocols, which is crucial for maintaining high Quality of Service (QoS). The Internet Engineering Task Force’s Routing Over Low Power and Lossy Networks (IETF ROLL) working group developed the IPv6 Routing Protocol for Low Power and Lossy Networks (RPL) to meet these needs. While the initial RPL standard focused on single-metric route selection, ongoing research explores enhancing RPL by incorporating multiple routing metrics and developing new Objective Functions (OFs). This paper introduces a novel Objective Function (OF), the Reliable and Secure Objective Function (RSOF), designed to enhance the reliability and trustworthiness of parent selection at both the node and link levels within IoT and RPL routing protocols. The RSOF employs an adaptive parent node selection mechanism that incorporates multiple metrics, including Residual Energy (RE), Expected Transmission Count (ETX), Extended RPL Node Trustworthiness (ERNT), and a novel metric that measures node failure rate (NFR). In this mechanism, nodes with a high NFR are excluded from the parent selection process to improve network reliability and stability. The proposed RSOF was evaluated using random and grid topologies in the Cooja Simulator, with tests conducted across small, medium, and large-scale networks to examine the impact of varying node densities. The simulation results indicate a significant improvement in network performance, particularly in terms of average latency, packet acknowledgment ratio (PAR), packet delivery ratio (PDR), and Control Message Overhead (CMO), compared to the standard Minimum Rank with Hysteresis Objective Function (MRHOF).
基金supported by State Grid Hebei Electric Power Co.,Ltd.Science and Technology Project,Research on Security Protection of Power Services Carried by 4G/5G Networks(Grant No.KJ2024-127).
文摘The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate.Federated learning offers a promising solution to expedite the training of security assessment models.However,ensuring the trustworthiness and robustness of federated learning under multi-party collaboration scenarios remains a challenge.To address these issues,this study proposes a shard aggregation network structure and a malicious node detection mechanism,along with improvements to the federated learning training process.First,we extract the data features of the participants by using spectral clustering methods combined with a Gaussian kernel function.Then,we introduce a multi-objective decision-making approach that combines data distribution consistency,consensus communication overhead,and consensus result reliability in order to determine the final network sharing scheme.Finally,by integrating the federated learning aggregation process with the malicious node detection mechanism,we improve the traditional decentralized learning process.Our proposed ShardFed algorithm outperforms conventional classification algorithms and state-of-the-art machine learning methods like FedProx and FedCurv in convergence speed,robustness against data interference,and adaptability across multiple scenarios.Experimental results demonstrate that the proposed approach improves model accuracy by up to 2.33%under non-independent and identically distributed data conditions,maintains higher performance with malicious nodes containing poisoned data ratios of 20%–50%,and significantly enhances model resistance to low-quality data.
基金supported in part by the National Natural Science Foundation of China under Grant U23A20300 and 62072351in part by the Key Research Project of Shaanxi Natural Science Foundation under Grant 2023-JC-ZD-35+1 种基金in part by the Concept Verification Funding of Hangzhou Institute of Technology of Xidian University under Grant GNYZ2024XX007in part by the 111 Project under Grant B16037.
文摘Cross-domain routing in Integrated Heterogeneous Networks(Inte-HetNet)should ensure efficient and secure data transmission across different network domains by satisfying diverse routing requirements.However,current solutions face numerous challenges in continuously ensuring trustworthy routing,fulfilling diverse requirements,achieving reasonable resource allocation,and safeguarding against malicious behaviors of network operators.We propose CrowdRouting,a novel cross-domain routing scheme based on crowdsourcing,dedicated to establishing sustained trust in cross-domain routing,comprehensively considering and fulfilling various customized routing requirements,while ensuring reasonable resource allocation and effectively curbing malicious behavior of network operators.Concretely,CrowdRouting employs blockchain technology to verify the trustworthiness of border routers in different network domains,thereby establishing sustainable and trustworthy crossdomain routing based on sustained trust in these routers.In addition,CrowdRouting ingeniously integrates a crowdsourcing mechanism into the auction for routing,achieving fair and impartial allocation of routing rights by flexibly embedding various customized routing requirements into each auction phase.Moreover,CrowdRouting leverages incentive mechanisms and routing settlement to encourage network domains to actively participate in cross-domain routing,thereby promoting optimal resource allocation and efficient utilization.Furthermore,CrowdRouting introduces a supervisory agency(e.g.,undercover agent)to effectively suppress the malicious behavior of network operators through the game and interaction between the agent and the network operators.Through comprehensive experimental evaluations and comparisons with existing works,we demonstrate that CrowdRouting excels in providing trustworthy and fine-grained customized routing services,stimulating active participation in cross-domain routing,inhibiting malicious operator behavior,and maintaining reasonable resource allocation,all of which outperform baseline schemes.
文摘Feature selection(FS)is a pivotal pre-processing step in developing data-driven models,influencing reliability,performance and optimization.Although existing FS techniques can yield high-performance metrics for certain models,they do not invariably guarantee the extraction of the most critical or impactful features.Prior literature underscores the significance of equitable FS practices and has proposed diverse methodologies for the identification of appropriate features.However,the challenge of discerning the most relevant and influential features persists,particularly in the context of the exponential growth and heterogeneity of big data—a challenge that is increasingly salient in modern artificial intelligence(AI)applications.In response,this study introduces an innovative,automated statistical method termed Farea Similarity for Feature Selection(FSFS).The FSFS approach computes a similarity metric for each feature by benchmarking it against the record-wise mean,thereby finding feature dependencies and mitigating the influence of outliers that could potentially distort evaluation outcomes.Features are subsequently ranked according to their similarity scores,with the threshold established at the average similarity score.Notably,lower FSFS values indicate higher similarity and stronger data correlations,whereas higher values suggest lower similarity.The FSFS method is designed not only to yield reliable evaluation metrics but also to reduce data complexity without compromising model performance.Comparative analyses were performed against several established techniques,including Chi-squared(CS),Correlation Coefficient(CC),Genetic Algorithm(GA),Exhaustive Approach,Greedy Stepwise Approach,Gain Ratio,and Filtered Subset Eval,using a variety of datasets such as the Experimental Dataset,Breast Cancer Wisconsin(Original),KDD CUP 1999,NSL-KDD,UNSW-NB15,and Edge-IIoT.In the absence of the FSFS method,the highest classifier accuracies observed were 60.00%,95.13%,97.02%,98.17%,95.86%,and 94.62%for the respective datasets.When the FSFS technique was integrated with data normalization,encoding,balancing,and feature importance selection processes,accuracies improved to 100.00%,97.81%,98.63%,98.94%,94.27%,and 98.46%,respectively.The FSFS method,with a computational complexity of O(fn log n),demonstrates robust scalability and is well-suited for datasets of large size,ensuring efficient processing even when the number of features is substantial.By automatically eliminating outliers and redundant data,FSFS reduces computational overhead,resulting in faster training and improved model performance.Overall,the FSFS framework not only optimizes performance but also enhances the interpretability and explainability of data-driven models,thereby facilitating more trustworthy decision-making in AI applications.
