Showing papers by "Timo Hämäläinen published in 2018"

Low Latency Edge Rendering Scheme for Interactive 360 Degree Virtual Reality Gaming

Abstract: This paper describes the core functionality and a proof-of-concept demonstration setup for remote 360 degree stereo virtual reality (VR) gaming. In this end-to-end scheme, the execution of a VR game is off-loaded from an end user device to a cloud edge server in which the executed game is rendered based on user's field of view (FoV) and control actions. Headset and controller feedback is transmitted over the network to the server from which the rendered views of the game are streamed to a user in real-time as encoded HEVC video frames. This approach saves energy and computation load of the end terminals by making use of the latest advancements in network connection speed and quality. In the showcased demonstration, a VR game is run in Unity on a laptop powered by i7 7820HK processor and GTX 1070 GPU. The 360 degree spherical view of the game is rendered and converted to a rectangular frame using equirectangular projection (ERP). The ERP video is sliced vertically and only the FoV is encoded with Kvazaar HEVC encoder in real time and sent over the network in UDP packets. Another laptop is used for playback with a HTC Vive VR headset. Our system can reach an end-to-end latency of 30 ms and bit rate of 20 Mbps for stereo 1080p30 format.

Requirements for Energy Efficient Edge Computing: A Survey

Abstract: Internet of Things is evolving heavily in these times. One of the major obstacle is energy consumption in the IoT devices (sensor nodes and wireless gateways). The IoT devices are often battery powered wireless devices and thus reducing the energy consumption in these devices is essential to lengthen the lifetime of the device without battery change. It is possible to lengthen battery lifetime by efficient but lightweight sensor data analysis in close proximity of the sensor. Performing part of the sensor data analysis in the end device can reduce the amount of data needed to transmit wirelessly. Transmitting data wirelessly is very energy consuming task. At the same time, the privacy and security should not be compromised. It requires effective but computationally lightweight encryption schemes. This survey goes thru many aspects to consider in edge and fog devices to minimize energy consumption and thus lengthen the device and the network lifetime.

State of the Art Literature Review on Network Anomaly Detection with Deep Learning

Abstract: As network attacks are evolving along with extreme growth in the amount of data that is present in networks, there is a significant need for faster and more effective anomaly detection methods. Even though current systems perform well when identifying known attacks, previously unknown attacks are still difficult to identify under occurrence. To emphasize, attacks that might have more than one ongoing attack vectors in one network at the same time, or also known as APT (Advanced Persistent Threat) attack, may be hardly notable since it masquerades itself as legitimate traffic. Furthermore, with the help of hiding functionality, this type of attack can even hide in a network for years. Additionally, the expected number of connected devices as well as the fast-paced development caused by the Internet of Things, raises huge risks in cyber security that must be dealt with accordingly. When considering all above-mentioned reasons, there is no doubt that there is plenty of room for more advanced methods in network anomaly detection hence Deep Learning based techniques have been proposed recently in detecting anomalies.

FPGA-Powered 4K120p HEVC Intra Encoder

Abstract: This paper presents a hardware-accelerated Kvazaar HEVC intra encoder for 4K real-time video coding at up to 120 fps. The encoder is implemented on a Nokia AirFrame Cloud Server featuring a 2.4 GHz dual 14-core Intel Xeon processor and two Arria 10 PCI Express FPGA accelerator cards. The presented encoder is a speed-optimized version of our 1st generation 4K40p HEVC intra encoder. The proposed speedup techniques include 1) Increasing the number of FPGA cards to two; 2) Remapping the simplest multiplications from DSP blocks to logic for better FPGA utilization; 3) Making task scheduling more flexible to improve utilization rate of hardware accelerators; and 4) Increasing the pipeline depth and duplicating time-sensitive resources in the hardware accelerator. As a result, up to three hardware accelerator instances can be accommodated in a single Arria 10 so the encoder is able to make use of six accelerators. According to our experiments, the proposed encoder obtains threefold speedup over our 1st generation encoder. Our proposal is also shown to outperform all other encountered FPGA and ASIC implementations.

On Artificial Intelligent Malware Tolerant Networking for IoT

Abstract: With the recent progress in development of low-budget sensors and machine-to-machine communication, the Internet of Things (IoT) has attracted considerable attention. Unfortunately, many of today’s IoT devices are rushed to market with little consideration for basic security and privacy protection making them easy targets for various attacks. As a result, number of malware and their variants designed for IoT devices has been constantly increasing. Traditional intrusion detection approaches are unsuitable for IoT networks due to limited computational capacity of smart devices and diversity in their technology. In this paper, we propose a defense system for IoT networks based on software-defined networking and network function virtualization. The defense system core component is a reinforcement machine learning agent that evaluates risks of potential attack and takes the most optimal action in order to mitigate it.

A Novel Method for Detecting APT Attacks by Using OODA Loop and Black Swan Theory

Abstract: Advanced Persistent Threat (APT) attacks are a major concern for the modern societal digital infrastructures due to their highly sophisticated nature. The purpose of these attacks varies from long period espionage in high level environment to causing maximal destruction for targeted cyber environment. Attackers are skilful and well funded by governments in many cases. Due to sophisticated methods it is highly important to study proper countermeasures to detect these attacks as early as possible. Current detection methods under-performs causing situations where an attack can continue months or even years in a targeted environment. We propose a novel method for analysing APT attacks through OODA loop and Black Swan theory by defining them as a multi-vector multi-stage attacks with continuous strategical ongoing campaign. Additionally it is important to notice that for developing better performing detection methods, we have to find the most common factor within these attacks. We can state that the most common factor of APT attacks is communication, thus environment has to be developed in a way that we are able to capture complete network flow and analyse it.

A contract-based resource allocation mechanism in wireless virtualized network

Abstract: The rapidly increasing mobile traffic demand poses both new communication requirements and challenges on existing communication networks in terms of technologies and business models. Wireless network virtualization is a promising technology to provide service-based architecture and contract theory is a powerful framework from microeconomics for providing tools to model incentive mechanisms. In this work, a novel contract theoretic incentive mechanism is proposed to study how to provide services to multiple users in the wireless virtualized networks. Infrastructure providers (InPs) is considered to own the physical networks and mobile virtual network operator (MVNO) has the information of the users and needs to lease the physical radio resources for providing services to subscribed users. In particular, a contract theoretic approach is utilized to model the trading process between the MVNO and multiple InPs. Subsequently, the corresponding optimal contract is derived respectively to maximize the payoff of the MVNOs while maintaining the benefits of the InPs in the trading process. With numerical results, it can be observed that the proposed contract theoretic approach can effectively stimulate InPs' participation, improve the payoff of the MVNO and outperform other schemes.

MLSPD - Machine Learning Based Spam and Phishing Detection

Abstract: Spam emails have become a global menace since the rise of the Internet era. In fact, according to an estimate, around 50% of the emails are spam emails. Spam emails as part of a phishing scam can be sent to the masses with the motive to perform information stealing, identity theft, and other malicious actions. The previous studies showed that 91% of the cyber attacks start with the phishing emails, which contain Uniform Resource Locator (URLs). Although these URLs have several characteristics which make them distinguishable from the usual website links, yet a human eye cannot easily notice these URLs. Previous research also showed that traditional systems such as blacklisting/whitelisting of IPs and spam filters could not efficiently detect phishing and spam emails. However, Machine Learning (ML) approaches have shown promising results in combating spamming and phishing attacks. To identify these threats, we used several ML algorithms to train spam and phishing detector. The proposed framework is based on several linguistic and URL based features. Our proposed model can detect the spam and phishing emails with the accuracy of 89.2% and 97.7%, respectively.

Feasibility of FPGA Accelerated IPsec on Cloud

Abstract: Line-rate speed requirements for performance hungry network applications like IPsec are getting problematic due to the virtualization trend. A single virtual network application hardly can provide 40 Gbps operation. This research considers the IPsec packet processing without IKE to be offloaded on an FPGA in a network. We propose an IPsec accelerator in an FPGA and explain the details that need to be considered for a production ready design. Based on our evaluation, Intel Arria 10 FPGA can provide 10 Gbps line-rate operation for the IPsec accelerator and to be responsible for 1000 IPsec tunnels. The research points out that for future data centers it is beneficial to rely on HW acceleration in terms of speed and energy efficiency for applications like IPsec.

A Network-Based Framework for Mobile Threat Detection

Abstract: Mobile malware attacks increased three folds in the past few years and continued to expand with the growing number of mobile users. Adversary uses a variety of evasion techniques to avoid detection by traditional systems, which increase the diversity of malicious applications. Thus, there is a need for an intelligent system that copes with this issue. This paper proposes a machine learning (ML) based framework to counter rapid evolution of mobile threats. This model is based on flow-based features, that will work on the network side. This model is designed with adversarial input in mind. The model uses 40 time-based network flow features, extracted from the real-time traffic of malicious and benign applications. The proposed model not only to detects the known and unknown mobile threats but also deals with the changing behavior of the attackers by triggering the retraining phase. The proposed framework can be used by the mobile operators to protect their subscribers. We used several supervised ML algorithms to build the model and got an average accuracy of up to 99.8.

Eye-Controlled Region of Interest HEVC Encoding

Abstract: This paper presents a demonstrator setup for real-time HEVC encoding with gaze-based region of interest (ROI) detection. This proof-of-concept system is built on Kvazaar open-source HEVC encoder and Pupil eye tracking glasses. The gaze data is used to extract the ROI from live video and the ROI is encoded with higher quality than non-ROI regions. This demonstration illustrates that performing HEVC encoding with non-uniform quality reduces bit rate by 40-90% and complexity by 10-35% over that of the conventional approaches with negligible to minor deterioration in subjective quality.

State of the Art Literature Review on Network Anomaly Detection

Abstract: As network attacks are evolving along with extreme growth in the amount of data that is present in networks, there is a significant need for faster and more effective anomaly detection methods. Even though current systems perform well when identifying known attacks, previously unknown attacks are still difficult to identify under occurrence. To emphasize, attacks that might have more than one ongoing attack vectors in one network at the same time, or also known as APT (Advanced Persistent Threat) attack, may be hardly notable since it masquerades itself as legitimate traffic. Furthermore, with the help of hiding functionality, this type of attack can even hide in a network for years. Additionally, the expected number of connected devices as well as the fast-paced development caused by the Internet of Things, raises huge risks in cyber security that must be dealt with accordingly. When considering all above-mentioned reasons, there is no doubt that there is plenty of room for more advanced methods in network anomaly detection hence more advanced statistical methods and machine learning based techniques have been proposed recently in detecting anomalies. The papers reviewed showed that different methods vary greatly in their performance to detect anomalies. Every method had its advantages and disadvantages, however most of the presented methods cannot detect previously unknown attacks but on the contrary, for example, detects DDoS attacks extremely well.

Open framework for error-compensated gaze data collection with eye tracking glasses

Abstract: Eye tracking is nowadays the primary method for collecting training data for neural networks in the Human Visual System modelling. Our recommendation is to collect eye tracking data from videos with eye tracking glasses that are more affordable and applicable to diverse test conditions than conventionally used screen based eye trackers. Eye tracking glasses are prone to moving during the gaze data collection but our experiments show that the observed displacement error accumulates fairly linearly and can be compensated automatically by the proposed framework. This paper describes how our framework can be used in practice with videos up to 4K resolution. The proposed framework and the data collected during our sample experiment are made publicly available.

Modeling RISC-V Processor in IP-XACT

Abstract: IP-XACT is the most used standard in IP (Intellectual Property) integration. It is intended as a language neutral golden reference, from which RTL and HW dependent SW is automatically generated. Despite its wide popularity in the industry, there are practically no public and open design examples for any part of the design flow from IP-XACT to synthesis. One reason is the difficulty of creating IP-XACT models for existing RTL projects. In this paper, we address the issues by modeling the PULPino RISC-V microprocessor that is written in SystemVerilog (SV) and the project distributed over several repositories. We propose how to solve the mismatching concepts between SV project and IP-XACT, and based on the findings propose improvements for the Kactus2 IP-XACT tool. In addition, the final PULPino model contributes to the rare public non-trivial examples for better adoption of the IP-XACT methodology.

Rate-Distortion-Complexity Optimized Coding Scheme for Kvazaar HEVC Intra Encoder

Abstract: This paper summarizes a low-complexity rate-distortion optimization (RDO) scheme for Kvazaar HEVC intra encoder (github.com/ultravideo/kvazaar). Our work particularly addresses RDO quantization (RDOQ) since it is the most complex intra coding tool taking almost 60% of the Kvazaar complexity.

Live Demonstration: 4K100p HEVC Intra Encoder

Abstract: This paper describes a demonstration setup for real-time 4K HEVC intra coding. The system is built on Kvazaar open-source HEVC encoder partitioned between 22-core Xeon processor and two Arria 10 FPGAs. The demonstrator supports 1) live streaming of up to three 4K30p videos; or 2) offline video streaming up to 4K100p format. Live feeds are shot by three cameras whereas offline video is accessed from a local hard drive. In both cases, encoded bit stream is sent over a wired connection and played back by laptop(s). The demonstrated HEVC coding speed is over three times as fast as that of a pure software solution.

Data Stream Clustering for Application-Layer DDoS Detection in Encrypted Traffic

Abstract: Application-layer distributed denial-of-service attacks have become a serious threat to modern high-speed computer networks and systems. Unlike network-layer attacks, application-layer attacks can be performed using legitimate requests from legitimately connected network machines that make these attacks undetectable by signature-based intrusion detection systems. Moreover, the attacks may utilize protocols that encrypt the data of network connections in the application layer, making it even harder to detect an attacker’s activity without decrypting users’ network traffic, and therefore violating their privacy. In this paper, we present a method that allows us to detect various application-layer denial-of-service attacks against a computer network in a timely fashion. We focus on detection of the attacks that utilize encrypted protocols by applying an anomaly-detection-based approach to statistics extracted from network packets. Since network traffic decryption can violate ethical norms and regulations on privacy, the detection method proposed analyzes network traffic without its decryption. The method involves construction of a model of normal user behavior by analyzing conversations between a web server and its clients. The construction algorithm is self-adaptive and allows one to update the model every time a new portion of network traffic data becomes available for analysis. Once the model has been built, it can be applied to detect various application-layer types of denial-of-service attacks, including slow attacks, computational attacks, and more advanced attacks imitating normal web user behavior. The proposed technique is evaluated with realistic end user network traffic generated in our virtual network environment. Evaluation results show that these attacks can be properly detected, while the number of false alarms remains very low.

Live Demonstration: Kvazzup 4K HEVC Video Call

Abstract: This paper describes a demonstration setup for an end-to-end 4K video call with Kvazzup open-source HEVC video call application. The Kvazzup clients are installed on a desktop and a laptop computer powered by Intel 22-core Xeon and Intel 4-core i7 processors, respectively. The proposed two-way peer-to-peer video call setup is shown to support 2160p30 video stream from the desktop to the laptop and 720p30 stream in the reverse direction.

Visualization of Memory Map Information in Embedded System Design

Abstract: Data compression is a common requirement for displaying large amounts of information. The goal is to reduce visual clutter. The approach given in this paper uses an analysis of a data set to construct a visual representation. The visualization is compressed using the address ranges of the memory structure. This method produces a compressed version of the initial visualization, retaining the same information as the original. The presented method has been implemented as a Memory Designer tool for ASIC, FPGA and embedded systems using IP-XACT. The Memory Designer is a user-friendly tool for model based embedded system design, providing access and adjustment of the memory layout from a single view, complementing the "programmer's view" to the system.