Yu Charlie Hu

Bio: Yu Charlie Hu is an academic researcher from Purdue University. The author has contributed to research in topics: System call & Energy consumption. The author has an hindex of 5, co-authored 6 publications receiving 161 citations.

Smartphone Background Activities in the Wild: Origin, Energy Drain, and Optimization

Abstract: As new iterations of more powerful and better connected smartphones emerge, their limited battery life remains a leading factor adversely affecting the mobile experience of millions of smartphone users. While it is well-known that many apps can drain battery even while running in background, there has not been any study that quantifies the extent and severity of such background energy drain for users in the wild. To extend battery life, various new features are being incorporated within the phone, one of them being preventing applications from running in background, i.e., when the screen is off, but their impact is largely unknown. This paper makes several contributions. First, we present a large-scale measurement study that performs an in-depth analysis of the activities of various apps running in background on thousands of phones in the wild. Second, we quantify the amount of battery drain by all such background activities and possible energy saving. Third, we develop a metric to measure the usefulness of background activities that is personalized to each user. Finally, we present a system called HUSH (screen-off optimizer) that monitors the metric online and automatically identifies and suppresses background activities during screen-off periods that are not useful to the user experience. In doing so, our proposed HUSH saves screen-off energy of smartphones by 15.7% on average while incurring minimal impact on the user experience with the apps.

System and method for energy usage accounting in software applications

Abstract: A method for generating an energy usage profile for a software program executed in a computing device includes generating a call trace of an executed system call, identifying a first power consumption and duration of a first power state due to the first system call using a model, identifying a second power consumption and duration of a second power state based on the model, and generating an energy usage profile for the software program. The energy usage profile includes energy consumption of the computing device for the system call based on the first power consumption level multiplied by the first duration and the second power consumption level multiplied by the second duration associated an identifier for the call trace.

A case for unsupervised-learning-based spam filtering

Abstract: Traditional content-based spam filtering systems rely on supervised machine learning techniques. In the training phase, labeled email instances are used to build a learning model (e.g., a Naive Bayes classifier or support vector machine), which is then applied to future incoming emails in the detection phase. However, the critical reliance on the training data becomes one of the major limitations of supervised spam filters. Preparing labeled training data is often labor-intensive and can delay the learning-detection cycle. Furthermore, any mislabeling of the training corpus (e.g., due to spammers’ obfuscations) can severely affect the detection accuracy. Supervised learning schemes share one common mechanism regardless of their algorithm details: learning is performed on an individual email basis. This is the fundamental reason for requiring training data for supervised spam filters. In other words, in the learning phase these classifiers can never tell whether an email is spam or ham because they examine one email instance at a time. We investigate the feasibility of a completely unsupervised-learningbased spam filtering scheme which requires no training data. Our study is motivated by three key observations of the spam in today’s Internet. (1) The vast majority of emails are spam. (2) A spam email should always belong to some campaign [2, 3]. (3) The spam from the same campaign are generated from templates that obfuscate some parts of the spam, e.g., sensitive terms, leaving the other parts unmodified [3]. These observations suggest that in principle we can achieve unsupervised spam detection by examining emails at the campaign level. In particular, we need robust spam identification algorithms to find common terms shared by spam belonging to the same campaign. These common terms form signatures that can be used to detect future spam of the same campaign. This paper presents SpamCampaignAssassin (SCA), an online unsupervised spam learning and detection scheme. SCA performs accurate spam campaign identification, campaign signature generation, and spam detection using campaign signatures. To our knowledge, SCA is the first unsupervised spam filtering scheme that achieves accuracy comparable to the de-facto supervised spam filters by explicitly exploiting online campaign identification. The full paper describing SCA is available as a technical report [4].

Systems and methods of detecting power bugs

Abstract: Embodiments of the present invention provide a system and methods for detecting power bugs. In one embodiment, a computer-implemented method for analyzing a computer code includes generating a control flow graph for at least a portion of the computer code at a processor. The method further includes identifying power bugs by traversing the control flow graph if the control flow graph exits without performing a function call to deactivate power to any component of a device configured to execute computer executable instructions based on the computer code after performing a function call to activate power.

System and methods for power and energy modeling in computing devices using system call tracing

Abstract: A method for generating a power consumption and energy usage model for a computing device includes monitoring of the power consumption of the computing device with an external power monitor when the computing device is in a base power state, monitoring of the power consumption of the computing device during execution of a system call with a processor that interacts with a component in the computing device, and monitoring the power state of the computing device before the computing device returns to the base power state. The method further includes generating a finite state machine model of the power states and transitions between power states to model the power activities and energy consumption of the computing device in the absence of an external power monitor.

Mobileinsight: extracting and analyzing cellular network information on smartphones

Abstract: We design and implement MobileInsight, a software tool that collects, analyzes and exploits runtime network information from operational cellular networks. MobileInsight runs on commercial off-the-shelf phones without extra hardware or additional support from operators. It exposes protocol messages on both control plane and (below IP) data plane from the 3G/4G chipset. It provides in-device protocol analysis and operation logic inference. It further offers a simple API, through which developers and researchers obtain access to low-level network information for their mobile applications. We have built three showcases to illustrate how MobileInsight is applied to cellular network research.

Software analysis framework

Abstract: Presently described is a decompilation method of operation and system for parsing executable code, identifying and recursively modeling data flows, identifying and recursively modeling control flow, and iteratively refining these models to provide a complete model at the nanocode level. The nanocode decompiler may be used to determine if flaws, security vulnerabilities, or general quality issues exist in the code. The nanocode decompiler outputs in a standardized, human-readable intermediate representation (IR) designed for automated or scripted analysis and reporting. Reports may take the form of a computer annotated and/or partially human annotated nanocode listing in the above-described IR. Annotations may include plain English statements regarding flaws and pointers to badly constructed data structures, unchecked buffers, malicious embedded code or “trap doors,” and the like. Annotations may be generated through a scripted analysis process or by means of an expert-enhanced, quasi-autonomous system.

UNIK: unsupervised social network spam detection

Abstract: Social network spam increases explosively with the rapid development and wide usage of various social networks on the Internet. To timely detect spam in large social network sites, it is desirable to discover unsupervised schemes that can save the training cost of supervised schemes. In this work, we first show several limitations of existing unsupervised detection schemes. The main reason behind the limitations is that existing schemes heavily rely on spamming patterns that are constantly changing to avoid detection. Motivated by our observations, we first propose a sybil defense based spam detection scheme SD2 that remarkably outperforms existing schemes by taking the social network relationship into consideration. In order to make it highly robust in facing an increased level of spam attacks, we further design an unsupervised spam detection scheme, called UNIK. Instead of detecting spammers directly, UNIK works by deliberately removing non-spammers from the network, leveraging both the social graph and the user-link graph. The underpinning of UNIK is that while spammers constantly change their patterns to evade detection, non-spammers do not have to do so and thus have a relatively non-volatile pattern. UNIK has comparable performance to SD2 when it is applied to a large social network site, and outperforms SD2 significantly when the level of spam attacks increases. Based on detection results of UNIK, we further analyze several identified spam campaigns in this social network site. The result shows that different spammer clusters demonstrate distinct characteristics, implying the volatility of spamming patterns and the ability of UNIK to automatically extract spam signatures.

An In-depth Study of Mobile Browser Performance

Abstract: Mobile page load times are an order of magnitude slower compared to non-mobile pages. It is not clear what causes the poor performance: the slower network, the slower computational speeds, or other reasons. Further, most Web optimizations are designed for non-mobile browsers and do not translate well to the mobile browser. Towards understanding mobile Web page load times, in this paper we: (1) perform an in-depth pairwise comparison of loading a page on a mobile versus a non-mobile browser, and (2) characterize the bottlenecks in the mobile browser {\em vis-a-vis} non-mobile browsers. To this end, we build a testbed that allows us to directly compare the low-level page load activities and bottlenecks when loading a page on a mobile versus a non-mobile browser. We find that computation is the main bottleneck when loading a page on mobile browsers. This is in contrast to non-mobile browsers where networking is the main bottleneck. We also find that the composition of the critical path during page load is different when loading pages on the mobile versus the non-mobile browser. A key takeaway of our work is that we need to fundamentally rethink optimizations for mobile browsers.

Characterizing Smartwatch Usage in the Wild

Abstract: Smartwatch has become one of the most popular wearable computers on the market. We conduct an IRB-approved measurement study involving 27 Android smartwatch users. Using a 106-day dataset collected from our participants, we perform in-depth characterization of three key aspects of smartwatch usage "in the wild": usage patterns, energy consumption, and network traffic. Based on our findings, we identify key aspects of the smartwatch ecosystem that can be further improved, propose recommendations, and point out future research directions.