Showing papers presented at "International Workshop on Quality of Service in 2020"

Localizing Failure Root Causes in a Microservice through Causality Inference

Abstract: An increasing number of Internet applications are applying microservice architecture due to its flexibility and clear logic. The stability of microservice is thus vitally important for these applications' quality of service. Accurate failure root cause localization can help operators quickly recover microservice failures and mitigate loss. Although cross-microservice failure root cause localization has been well studied, how to localize failure root causes in a microservice so as to quickly mitigate this microservice has not yet been studied. In this work, we propose a framework, MicroCause, to accurately localize the root cause monitoring indicators in a microservice. MicroCause combines a simple yet effective path condition time series (PCTS) algorithm which accurately captures the sequential relationship of time series data, and a novel temporal cause oriented random walk (TCORW) method integrating the causal relationship, temporal order, and priority information of monitoring data. We evaluate MicroCause based on 86 real-world failure tickets collected from a top tier global online shopping service. Our experiments show that the top 5 accuracy (AC@5) of MicroCause for intra-microservice failure root cause localization is 98.7%, which is greatly higher (by 33.4 %) than the best baseline method.

Finedge: A Dynamic Cost-Efficient Edge Resource Management Platform for NFV Network

Abstract: With the evolution of network function virtualization (NFV) and edge computing, software-based network functions (NFs) can be deployed on closer-to-end-user edge servers to support a broad range of new services with high bandwidth and low latency. However, due to the resource limitation, strict QoS requirements and real-time flow fluctuations in edge network, existing cloud-based resource management strategy in NFV platforms is inefficient to be applied to the edge. Thus, we propose Finedge, $a$ dynamic, fine-grained and cost-efficient edge resource management platform for NFV network. First, we conduct empirical experiments to find out the effect of NFs' resource allocation and their flow-level characteristics on performance. Then, by jointly considering these factors and QoS requirements (e.g., latency and packet loss rate), Finedge can automatically assign the most suitable CPU core and tune the most cost-efficient CPU quota to each NF. Finedge is also implemented with some key strategies including real-time flow monitoring, elastic resource scaling up and down, and also flexible NF migration among cores. Through extensive evaluations, we validate that Finedge can efficiently handle heterogeneous flows with the lowest CPU quota and the highest SLA satisfaction rate as compared with the default OS scheduler and other state-of-the-art resource management schemes.

DeepQoE: Real-time Measurement of Video QoE from Encrypted Traffic with Deep Learning

Abstract: With the dramatic increase of video traffic on the Internet, video quality of experience (QoE) measurement becomes even more important, which provides network operators with an insight into the quality of their video delivery services. The widespread adoption of end-to-end encryption protocols such as SSL/TLS, however, sets a barrier to QoE monitoring as the most valuable indicators in cleartext traffic are no longer available after encryption. Existing studies on video QoE measurement in encrypted traffic support only coarse-grained QoE metrics or suffer from low accuracy. In this paper, we propose DeepQoE, a new approach that enables real-time video QoE measurement from encrypted traffic. We summarize critical fine-grained QoE metrics, including startup delay, rebuffering, and video resolutions. In order to achieve accurate and real-time inference of these metrics, we build DeepQoE by employing Convolutional Neural Networks (CNNs) with a sophisticated input and architecture design. More specifically, DeepQoE only leverages packet Round-Trip Time (RTT) in upstream traffic as its input. Evaluation results with real-world datasets collected from two popular content providers (i.e., YouTube and Bilibili) show that DeepQoE can improve QoE measurement accuracy by up to 22% over the state-of-the-art methods.

PQA-CNN: Towards Perceptual Quality Assured Single-Image Super-Resolution in Remote Sensing

Abstract: Recent advances in remote sensing open up unprecedented opportunities to obtain a rich set of visual features of objects on the earth's surface. In this paper, we focus on a single-image super-resolution (SISR) problem in remote sensing, where the objective is to generate a reconstructed satellite image of high quality (i.e., a high spatial resolution) from a satellite image of relatively low quality. This problem is motivated by the lack of high quality satellite images in many remote sensing applications (e.g., due to the cost of high resolution sensors, communication bandwidth constraints, and historic hardware limitations). Two important challenges exist in solving our problem: i) it is not a trivial task to reconstruct a satellite image of high quality that meets the human perceptual requirement from a single low quality image; ii) it is challenging to rigorously quantify the uncertainty of the results of an SISR scheme in the absence of ground truth data. To address the above challenges, we develop PQA-CNN, a perceptual quality-assured conventional neural network framework, to reconstruct a high quality satellite image from a low quality one by designing novel uncertainty-driven neural network architectures and integrating an uncertainty quantification model with the framework. We evaluate PQA-CNN on a real-world remote sensing application on land usage classifications. The results show that PQA-CNN significantly outperforms the state-of-the-art super-resolution baselines in terms of accurately reconstructing high-resolution satellite images under various evaluation scenarios.

Application-Layer DDoS Defense with Reinforcement Learning

Abstract: Application-layer distributed denial-of-service (L7 DDoS) attacks, by exploiting application-layer requests to overwhelm functions or components of victim servers, have become a rising major threat to today's Internet. However, because the traffic from an L7 DDoS attack appears legitimate in transport and network layers, it is difficult for traditional DDoS solutions to detect and defend against an L7 DDoS attack. In this paper, we propose a new, reinforcement-learning-based approach to L7 DDoS attack defense. We introduce a multiobjective reward function to guide a reinforcement learning agent to learn the most suitable action in mitigating L7 DDoS attacks. Consequently, while actively monitoring and analyzing the victim server, the agent can apply different strategies under different conditions to protect the victim: When an L7 DDoS attack is overwhelming, the agent will aggressively mitigate as many malicious requests as possible, thereby keeping the victim server functioning (even at the cost of sacrificing a small number of legitimate requests); otherwise, the agent will conservatively mitigate malicious requests instead, with a focus on minimizing collateral damage to legitimate requests. The evaluation shows that our approach can achieve minimal collateral damage when the L7 DDoS attack is tolerable and mitigate 98.73 % of the malicious application messages when the victim is brought to its knees.

LogSayer: Log Pattern-driven Cloud Component Anomaly Diagnosis with Machine Learning

Abstract: Anomaly diagnosis is a critical task for building a reliable cloud system and speeding up the system recovery form failures. With the increase of scales and applications of clouds, they are more vulnerable to various anomalies, and it is more challenging for anomaly troubleshooting. System logs that record significant events at critical time points become excellent sources of information to perform anomaly diagnosis. Never-theless, existing log-based anomaly diagnosis approaches fail to achieve high precision in highly concurrent environments due to interleaved unstructured logs. Besides, transient anomalies that have no obvious features are hard to detect by these approaches. To address this gap, this paper proposes LogSayer, a log pattern-driven anomaly detection model. LogSayer represents the system state by identifying suitable statistical features (e.g. frequency, surge), which are not sensitive to the exact log sequence. It then measures changes in the log pattern when a transient anomaly occurs. LogSayer uses Long Short-Term Memory (LSTM) neural networks to learn the historical correlation of log patterns and applies a BP neural network for adaptive anomaly decisions. Our experimental evaluations over the HDFS and OpenStack data sets show that LogSayer outperforms the state-of-the-art log-based approaches with precision over 98%.

PFcrowd: Privacy-Preserving and Federated Crowdsourcing Framework by Using Blockchain

Abstract: Crowdsourcing is a promising computing paradigm that utilizes collective intelligence to solve complex tasks. While it is valuable, traditional crowdsourcing systems lock computation resources inside each individual system where tasks cannot reach numerous potential workers among the other systems. Therefore, there is a great need to build a federated platform for different crowdsourcing systems to share resources. However, the security issue lies in the center of constructing the federated crowdsourcing platform. Although many studies are focusing on privacy-preserving crowdsourcing, existing solutions require a trusted third party to perform the key management, which is not applicable in our federated platform. The reason is that it is difficult for a third party to be trusted by various systems. In this paper, we present a secure crowdsourcing framework as our initial effort toward this direction, which bridges together the recent advancements of blockchain and cryptographic techniques. Our proposed design, named PFcrowd, allows different crowdsourcing systems to perform encrypted task-worker matching over the blockchain platform without involving any third-party authority. The core idea is to utilize the blockchain to assist the federated crowdsourcing by moving the task recommendation algorithm to the trusted smart contract. To avoid third-party involvement, we first leverage the re-writable deterministic hashing (RDH) technique to convert the problem of federated task-worker matching into the secure query authorization. We then devise a secure scheme based on RDH and searchable encryption (SE) to support privacy-preserving task-worker matching via the smart contract. We formally analyze the security of our proposed scheme and implement the system prototype on Ethereum. Extensive evaluations of real-world datasets demonstrate the efficiency of our design.

Multi-layer Coordination for High-Performance Energy-Efficient Federated Learning

Abstract: Federated Learning is designed for multiple mobile devices to collaboratively train an artificial intelligence model while preserving data privacy. Instead of collecting the raw training data from mobile devices to the cloud, Federated Learning coordinates a group of devices to train a shared model in a distributed manner with the training data located on the devices. However, in order to effectively deploy Federated Learning on resource-constrained mobile devices, several critical issues including convergence rate, scalability and energy efficiency should be well addressed. In this paper, we propose MCFL, a multi-layer online coordination framework for high-performance energy efficient federated learning. MCFL consists of two layers: a macro-layer on the central server and a micro-layer on each participating device. In each training round, the macro coordinator performs two tasks, namely, selecting the right devices to participate, and estimating a time limit, such that the overall training time is significantly reduced while still guaranteeing the model accuracy. Unlike existing systems, MCFL removes the restriction that participating devices must be connected to power sources, thus allowing more timely and ubiquitous training. This clearly requires on-device training to be highly energy-efficient. To this end, the micro coordinator determines optimal schedules for hardware resources in order to meet the time limit set by the macro coordinator with the least amount of energy consumption. Tested on real devices as well as simulation testbed, MCFL has shown to be able to effectively balance the convergence rate, model accuracy and energy efficiency. Compared with existing systems, MCFL can achieve a speedup up to 8.66× and reduce energy consumption by up to 76.5% during the training process.

GuardRider: Reliable WiFi Backscatter Using Reed-Solomon Codes With QoS Guarantee

Abstract: The WiFi backscatter communications offer ultralow power and ubiquitous connections for IoT systems. Caused by the intermittent-nature of the WiFi traffics, state-of-the-art WiFi backscatter communications are not reliable for backscatter link or simple for the tag to do the adaptive transmission. In order to build reliable WiFi backscatter communications, we present GuardRider, a WiFi backscatter system that enables backscatter communications to improve the quality of service (QoS). The key contribution of GuardRider is an optimization algorithm of designing RS codes to follow the statistical knowledge of WiFi traffics and adjust backscatter transmission. With GuardRider, the reliable baskscatter link is guaranteed and a backscatter tag is able to adaptively transmit information without heavily listening to the excitation channel, by taking QoS into account. We built a hardware prototype of GuardRider using a customized tag with FPGA implementation. Both the simulations and field experiments verify that GuardRider could achieve notably gains in bit error rate and frame error rate, which are a hundredfold reduction in simulations and around 99% in filed experiments. Our system is able to achieve around 700 kbps throughput.

Taming the Wildcards: Towards Dependency-free Rule Caching with FreeCache

Abstract: Wildcard rules are implemented in various important networking scenarios, including QoS, firewall, access control, and network traffic monitoring and analysis. However, there are cross-rule dependencies between wildcard rules, which both increase significant overhead and affect the semantic correctness of packet classification when caching rules. Considerable efforts have been made to mitigate the impacts of the dependency issue in rule caching, but it is still a bottleneck for cache systems. In this paper, we show how to give applications the flexibility of completely dependency-free wildcard rule caching by decoupling the cached rules and their dependent rules. Our FreeCache scheme has wide applicability to packet classification devices with wildcard rule caching. We validate the effectiveness of FreeCache through two respects: (1) Implementing various cache algorithms (e.g., LSTM) and cache replacement algorithms (e.g., ARC, LIRS) that are difficult to use in dependency-bound situations in the cache system with FreeCache. (2) Developing a prototype in a Software-Defined Network (SDN), where hybrid OpenFlow switches use TCAM as cache and RAM as auxiliary memory. Our experimental results reveal that FreeCache improves the cache performance by up to 60.88% in the offline scenario. FreeCache also offers the promise of applying any existing caching algorithms to wildcard rule caching while guaranteeing the properties of semantic correctness and equivalence.

Incorporating Intra-flow Dependencies and Inter-flow Correlations for Traffic Matrix Prediction

Abstract: Traffic matrix (TM) prediction is essential for effective traffic engineering and network management. Based on our analysis of real traffic traces from Wide Area Network, the traffic flows in TM are both time-varying (i.e. with intra-flow dependencies) and correlated with each other (i.e. with inter-flow correlations). However, most existing works in TM prediction ignore inter-flow correlations. In this paper, we propose a novel Attention-based Convolutional Recurrent Neural Network (ACRNN) model to capture both intra-flow dependencies and inter-flow correlations. ACRNN mainly contains two components: 1) Correlational Modeling employs attention-based convolutional structures to capture the correlation of any two flows in TMs; 2) Temporal Modeling uses attention-based recurrent structures to model the long-term temporal dependencies of each flow, and then predicts TMs according inter-flow correlations and intra-flow dependencies. Experiments on two real-world datasets show that, when predicting the next TM, ACRNN model reduces the Mean Squared Error by up to 44.8% and reduces the Mean Absolute Error by up to 30.6%, compared to state-of-the-art method; and the gap is even larger when predicting the next multiple TMs. Besides, simulation results demonstrate that ACRNN's accurate prediction can help traffic engineering to mitigate traffic congestion.

Improving the Path Programmability for Software-Defined WANs under Multiple Controller Failures

Abstract: Enabling path programmability is an essential feature of Software-Defined Networking (SDN). During controller failures in Software-Defined Wide Area Networks (SD-WANs), a resilient design should maintain path programmability for offline flows, which were controlled by the failed controllers. Existing solutions can only partially recover the path programmability rooted in two problems: (1) the implicit preferable recovering flows with long paths and (2) the sub-optimal remapping strategy in the coarse-grained switch level. In this paper, we propose Programmability Guardian to improve the path programmability of offline flows while maintaining low communication overhead. These goals are achieved through the fine-grained flow-level mappings enabled by existing SDN techniques. Programmabil-ityGuardian configures the flow-controller mappings to recover offline flows with a similar path programmability, maximize the total programmability of the offline flows, and minimize the total communication overhead for controlling these recovered flows. Simulation results of different controller failure scenarios show that ProgrammabilityGuardian recovers all offline flows with a balanced path programmability, improves the total programmability of the recovered flows up to 68%, and reduces the communication overhead up to 83%, compared with the baseline algorithm.

A Deep Reinforcement Learning Approach for Online Computation Offloading in Mobile Edge Computing

Abstract: With the explosion of mobile smart devices, many computation intensive applications have emerged, such as interactive gaming and augmented reality. Mobile edge computing is put forward, as an extension of cloud computing, to meet the low-latency requirements of the applications. In this paper, we consider an edge computing system built in an ultra-dense network with numerous base stations, and heterogeneous computation tasks are successively generated on a smart device moving in the network. An optimal task offloading strategy, as well as optimal CPU frequency and transmit power scheduling, is desired by the device user, to minimize both task completion latency and energy consumption in a long-term. However, due to the stochastic computation tasks and dynamic network conditions, the problem is particularly difficult to solve. Inspired by reinforcement learning, we transform the problem into a Markov decision process. Then, we propose an online offloading approach based on a double deep Q network, in which a specific neural network model is also provided to estimate the cumulative reward achieved by each action. We also conduct extensive simulations to compare the performance of our proposed approach with baselines.

RLLL: Accurate Relative Localization of RFID Tags with Low Latency

Abstract: Radio frequency identification (RFID) has been widely used in many smart applications. In many scenarios, it is essential to know the ordering of a set of RFID tags. For example, to quickly detect misplaced books in smart libraries, we need to know the relative ordering of the tags attached to the books. Although several relative RFID localization algorithms have been proposed, they usually suffer from large localization latency and cannot support applications that require real-time detection of tag (product) positions like automatic manufacturing on an assembly line. Moreover, existing approaches face significant degradation in ordering accuracy when the tags are close to each other. In this paper, we propose RLLL, an accurate Relative Localization algorithm for RFID tags with Low Latency. RLLL reduces localization latency by proposing a novel geometry-based approach to identifying the V-zone in the phase reading sequence of each tag. Moreover, RLLL uses only the data in the V-zone to calculate relative positions of tags and thus avoids the negative effects of low-quality data collected when the tag is far from the antenna. Experimental results with commercial RFID devices show that RLLL achieves an ordering accuracy of higher than 0.986 with latency less than 0.8 seconds even when the tags are spaced only 7 mm from adjacent tags, in which case the state-of-the-art solutions only achieve ordering accuracy of lower than 0.8 with localization latency larger than 3 seconds.

Towards the Construction of Global IPv6 Hitlist and Efficient Probing of IPv6 Address Space

Abstract: Fast IPv4 scanning has made sufficient progress in network measurement and security research. However, it is infeasible to perform brute-force scanning of the IPv6 address space. We can find active IPv6 addresses through scanning candidate addresses generated by the state-of-the-art algorithms, whose probing efficiency of active IPv6 addresses, however, is still very low. In this paper, we aim to improve the probing efficiency of IPv6 addresses in two ways. Firstly, we perform a longitudinal active measurement study over four months, building a high-quality dataset called hitlist with more than 1.3 billion IPv6 addresses distributed in 45.2k BGP prefixes. Different from previous work, we probe the announced BGP prefixes using a pattern-based algorithm, which makes our dataset overcome the problems of uneven address distribution and low active rate. Secondly, we propose an efficient address generation algorithm DET, which builds a density space tree to learn high-density address regions of the seed addresses in linear time and improves the probing efficiency of active addresses. On the public hitlist and our hitlist, we compare our algorithm DET against state-of-the-art algorithms and find that DET increases the de-aliased active address ratio by 10%, and active address (including aliased addresses) ratio by 14%, by scanning 50 million addresses.

Towards Lightweight Serverless Computing via Unikernel as a Function

Abstract: Serverless computing, also known as “Function as a Service (FaaS)”, is emerging as an event-driven paradigm of cloud computing. In the FaaS model, applications are programmed in the form of functions that are executed and managed separately. Functions are triggered by cloud users and are provisioned dynamically through containers or virtual machines (VMs). The startup delays of containers or VMs usually lead to rather high latency of response to cloud users. Moreover, the communication between different functions generally relies on virtual net devices or shared memory, and may cause extremely high performance overhead. In this paper, we propose Unikernel-as-a-Function (UaaF), a much more lightweight approach to serverless computing. Applications are abstracted as a combination of different functions, and each function are built as an unikernel in which the function is linked with a specified minimum-sized library operating system (LibOS). UaaF offers extremely low startup latency to execute functions, and an efficient communication model to speed up inter-functions interactions. We exploit an new hardware technique (namely VMFUNC) to invoke functions in other unikernels seamlessly (mostly like inter-process communications), without suffering performance penalty of VM Exits. We implement our proof-of-concept prototype based on KVM and deploy UaaF in three unikernels (MirageOS, IncludeOS, and Solo5). Experimental results show that U aaF can significantly reduce the startup latency and memory usage of serverless cloud applications. Moreover, the VMFUNC-based communication model can also significantly improve the performance of function invocations between different unikernels.

Incentive Assignment in PoW and PoS Hybrid Blockchain in Pervasive Edge Environments

Abstract: Edge computing is becoming pervasive in our daily lives with emerging smart devices and the development of communication technology. Resource-rich smart devices and high-density supportive networks make data transactions prevalent over edge environments. To ensure such transactions are unmodifiable and undeniable, blockchain technology is introduced into edge environments. In this paper, we propose a hybrid blockchain system in edge environments to enhance the security for transactions and determine the incentive for miners. We propose a Proof of Work (PoW) and Proof of Stake (PoS) hybrid consensus blockchain system utilizing the heterogeneity of devices to adapt to the characteristic of edge environments. We raise the incentive assignment problem that gives the corresponding PoW miner when a new block generates. We further formulate it into a two-stage Stackelberg game. We propose an algorithm and prove that it can obtain the global optimal results for the incentive that the miner will receive for a new block. Numerical simulation results show that our proposed algorithm can give reasonable incentive to miners under different system parameters in edge blockchain systems.

I Know If the Journey Changes: Flexible Source and Path Validation

Abstract: No matter from the perspective of detection or defense, source and path validations are fundamentally primitive in constructing security mechanisms to greatly enhance network immunity in the face of malicious attacks, such as injection, traffic hijacking and hidden threats. However, existing works for source and path verification still impose a non-trivial operational overhead and lack adjustment capability for path dynamic changes. In this paper, we propose a flexible and convenient source and path validation protocol called PSVM, which uses an authentication structure PIC composed of ordered pieces to carry out packet verification. Specifically, in the basic PSVM protocol, PIC (related to cryptographic computation) in the packet header does not require any update during packet verification, which thus enables a lower processing overhead in routers. To cope with the challenge of path policy changes in the running protocol, the dynamic PSVM protocol supports controllable adjustment and migration, especially in the case of avoiding a malicious node or region. Our evaluation of a prototype experiment on Click demonstrates that the verification efficiency of PSVM is barely influenced by payload size or path length. Compared to the baseline of normal IP routing, the throughput reduction ratio of the basic PSVM is about 13%, which is much better than 28% of existing best solution Origin and Path Trace (OPT). In addition, for a 35-hop path with 30 pieces of PIC needed to be adjusted in dynamic PSVM, the throughput reduction ratio of routing cross node performing the adjustment operation after normal verification is only 2.4 %.

Greening Reliability of Virtual Network Functions via Online Optimization

Abstract: The fast development of virtual network functions (VNFs) brings new challenges to providing reliability. The widely adopted approach of deploying backups incurs financial costs and environmental impacts. On the other hand, the recent trend of incorporating renewable energy into computing systems provides great potentials, yet the volatility of renewable energy generation presents significant operational challenges. In this paper, we optimize availability of VNFs under a limited backup budget and renewable energy using a dynamic strategy GVB. GVB applies a novel online algorithm to solve the VNF reliability optimization problem with non-stationary energy generation and VNF failures. Both theoretical bound and extensive simulation results highlight that GVB provides higher reliability compared with existing baselines.

Age-aware Fairness in Blockchain Transaction Ordering

Abstract: In blockchain applications, transaction latency is crucial for determining the quality of service (QoS). Transaction latency is measured as the time between its issuance and its inclusion in a block in the chain. When different applications use the same blockchain network, a block proposer often prioritizes its own application transactions over other applications transactions to minimize its own latency. To maintain fairness, a block proposer is typically supposed to select the included transactions randomly providing each transaction similar chances to be included. The random selection might cause some transactions to experience high latency since this selection implies a high variance in the time a transaction waits until it is selected. We suggest an alternative, age-aware approach towards fairness so that transaction priority is increased upon observing a large waiting time. The challenge with this approach is that the age of a transaction is not absolute due to transaction propagation. Moreover, a node might present its transactions as older to obtain priority. We consider three network restrictions on transaction propagation and explain how to enhance fairness in each one of them. We describe three declaration schemes in which a node declares its pending transactions providing the ability to validate transaction age. We demonstrate the advantages of the solutions on Ethereum and synthetic data in reducing tail latency. Stand up in the presence of the aged Leviticus 19:32

GeoClone: Online Task Replication and Scheduling for Geo-Distributed Analytics under Uncertainties

Abstract: The execution and completion of analytics jobs can be significantly inflated by the slowest tasks contained. Despite task replication is well-adopted to reduce such straggler latency, existing replication strategies are unsuitable for geo-distributed analytics environments that are highly dynamic, uncertain, and heterogeneous. In this paper, we firstly model the task replication and scheduling problem over time, capturing the geo-analytics features. Afterwards, we design an online algorithm, GeoClone, to select tasks to replicate and select sites to execute the task replicas in an irrevocably online manner, through jointly considering the execution progress of each job and the resource performance in each site. We rigorously prove the competitive ratio to exhibit the theoretical performance guarantee of GeoClone, compared against the offline optimal algorithm which knows all the inputs at once beforehand. Finally, we implement GeoClone with Spark and Yarn for experiments and also conduct extensive large-scale simulations, which confirms GeoClone's practical superiority over multiple state-of-the-art replication strategies.

Leveraging Stragglers in Coded Computing with Heterogeneous Servers

Abstract: With the increasing sizes of models and datasets, it has become a common practice to split machine learning jobs as multiple tasks. However, stragglers are inevitable when running a job on multiple servers. Compared to replicating each task on multiple servers, running coded tasks can tolerate the same number of stragglers with much fewer servers. However, additional results of tasks running on stragglers are typically disregarded in existing schemes of coded computing, incurring a waste of the resources on such servers. In this paper, we leverage the results of partially finished tasks. In existing designs that utilize partially finished tasks, they have only considered servers with homogeneous performance. However, in a typical distributed infrastructure, e.g., a cloud, servers with heterogeneous configurations are common. Therefore, we propose Spinner which can efficiently utilize the results of partially finished tasks even on heterogeneous servers. Spinner works with existing coding schemes for matrix multiplication, a fundamental operation in various machine learning algorithms, and can efficiently assign the workload based on the performance of the corresponding server. Furthermore, Spinner can equivalently adapt the coding scheme for heterogeneous servers, aligned with the expected workload assigned to each server, and thus save the complexity of decoding. Combining the two strategies together, we demonstrate in our experiments that Spinner can improve the time of matrix multiplication by up to 84.0% and thus improve the time of linear regression by 40.7%.

Exploiting Rateless Codes and Cross-Layer Optimization for Low-Power Wide-Area Networks

Abstract: Long communication range and low energy consumption are two most important design goals of Low-Power Wide-Area Networks (LPWAN), however, many prior works have revealed that the performance of LPWAN in practical scenarios is not satisfactory. Although there are PHY-layer and link layer approaches proposed to improve the performance of LPWAN, they either rely heavily on the hardware modifications or suffer from low data recovery capability especially with bursty packet loss pattern. In this paper, we propose a practical system, eLoRa, for COTS devices. eLoRa utilizes rateless codes and jointly decoding with multiple gateways to extend the communication range and lifetime of LoRaWAN. To further improve the performance of LoRaWAN, eLoRa optimizes parameters of the PHY-layer (e.g., spreading factor) and the link layer (e.g, block length). We implement eLoRa on COTS LoRa devices, and conduct extensive experiments on outdoor testbed to evaluate the effectiveness of eLoRa. Results show that eLoRa can effectively improve the communication range of DaRe and LoRaWAN by 43.2% and 55.7% with packet reception ratio higher than 60%, and increase the expected lifetime of DaRe and LoRaWAN by 18.3% and 46.6%.

Uncontrolled Randomness in Blockchains: Covert Bulletin Board for Illicit Activity

Abstract: Public blockchains can be abused to covertly store and disseminate potentially harmful digital content which poses a serious regulatory issue. In this work, we show the severity of the problem by demonstrating that blockchains can be exploited to surreptitiously distribute arbitrary content. More specifically, all major blockchain systems use randomized cryptographic primitives, such as digital signatures and non-interactive zero-knowledge proofs; we illustrate how the uncontrolled randomness in such primitives can be maliciously manipulated to enable covert communication and hidden persistent storage. To clarify the potential risk, we design, implement and evaluate our technique against the widely-used ECDSA signature scheme, the CryptoNote's ring signature scheme, and Monero's ring confidential transactions. Importantly, the significance of the demonstrated attacks stems from their undetectability, their adverse effect on the future of decentralized blockchains, and their serious repercussions on users' privacy and crypto funds. Finally, we present a generic framework to immunize blockchains against these attacks.

Delay-Sensitive Computation Partitioning for Mobile Augmented Reality Applications

Abstract: Good user experiences in Mobile Augmented Reality (MAR) applications require timely processing and rendering of virtual objects on user devices. Today's wearable AR devices are limited in computation, storage, and battery lifetime. Edge computing, where edge devices are employed to offload part or all computation tasks, allows an acceleration of computation without incurring excessive network latency. In this paper, we use acyclic data flow graphs to model the computation and data flow in MAR applications and aim to minimize the makespan of processing input frames. Due to task dependencies and variable resource availability, makespan minimization is proven to be NP-hard in general. We design DPA, a polynomial-time heuristic algorithm for this problem. For special data flow graphs including chain or star, the algorithm can provide optimal solutions or solutions with a constant approximation ratio. The effectiveness of DPA has been evaluated using extensive simulations with realistic workloads and resource availability measured from a prototype implementation.

Online Distributed Edge Caching for Mobile Data Offloading in 5G Networks

Abstract: Edge caching is an effective approach to improve the quality of service for mobile users and therefore a critical component for 5G networks. Despite the importance, it is not clear how to determine which contents to cache and how to the serve requests in 5G networks to minimize the total operational cost in a distributed and online manner, especially when some mobile users can be served by multiple small base stations. In this paper, we formulate an optimization problem to jointly decide the caching policy and the routing decision. There are two challenges: the need for distributed control and the lack of future information. We therefore develop an online distributed algorithm with provable performance guarantees in terms of convergence and competitive ratio compared to the offline optimal solution. Numerical simulations based on real-world traces highlight the significant performance improvement compared to existing baselines.

Serpens: A High-Performance Serverless Platform for NFV

Abstract: Many enterprises run Network Function Virtualization (NFV) services on public clouds to relieve management burdens and reduce costs. However, NFV operators still face the burden of choosing the right types of virtual machines (VMs) for various network functions (NFs), as well as the cost of renting VMs at a granularity of months or years while many VMs remain idle during valley hours. A recent computing model named serverless computing automatically executes user-defined functions on requests arrival, and charges users based on the number of processed requests. For NFV operators, serverless computing has the potential of completely relieving NF management burden and significantly reducing costs. Nevertheless, naively exploring existing serverless platforms for NFV introduces significant performance overheads in three aspects, including high remote state access latency, long NF launching time, and high packet delivery latency between NFs. To address these problems, we propose Serpens, a high-performance serverless platform for NFV. Firstly, Serpens designs a novel state management mechanism to support local state access. Secondly, Serpens proposes an efficient NF execution model to provide fast NF launching and avoid extra packet delivery. We have implemented a prototype of Serpens. Evaluation results demonstrate that Serpens could significantly improve performance for NFs and service function chains (SFCs) comparing to existing serverless platforms.

Mag-Barcode: Magnet Barcode Scanning for Indoor Pedestrian Tracking

Abstract: In typical scenarios for indoor localization and tracking, it is essential to accurately track the pedestrians when they are crossing the connections of different spaces. In this paper, we propose a magnet barcode scanning-based solution for indoor pedestrian tracking. We assemble multiple magnet bars into magnet arrays as a unique magnet barcode, and deploy different magnet barcodes at different connections to label them. We embed an inertial measurement unit (IMU) into the pedes-trian‘s shoes. When the pedestrian crosses these connections, the magnetometer from the IMU scans the magnet barcode and recognize its corresponding ID. In this way, indoor pedestrian tracking can be regarded as a process of continuously scanning different magnet barcodes. By performing correlation analysis on these barcodes, the trace of pedestrian can be effectively depicted in the indoor map. To build a unique magnet barcode based on the magnet bar arrays, we provide an optimized structure for building the magnet barcode. To tackle the diversities of the pedestrian's gait traces in identifying the magnet barcode, we provide a generalized model based on the space axis for magnet barcode identification. As far as we know, this is the first work to use the magnet bar array to construct the magnet barcode for indoor pedestrian tracking. The real experiment results show that our system can achieve an average accuracy of 88.9% in identifying the magnet barcodes and an average accuracy of 93.1 % for indoor pedestrian tracking.

PE-HEALTH: Enabling Fully Encrypted CNN for Health Monitor with Optimized Communication

Abstract: Cloud-based Convolutional neural network (CNN) is a powerful tool for the healthcare center to provide health condition monitor service. Although the new service has future prospects in the medical, patient's privacy concerns arise because of the sensitivity of medical data. Prior works to address the concern have the following unresolved problems: 1) focus on data privacy but neglect to protect the privacy of the machine learning model itself; 2) introduce considerable communication costs for the CNN inference, which lowers the service quality of the cloud server. To push forward this area, we propose PE-HEALTH, a privacy-preserving health monitor framework that supports fully-encrypted CNN (both input data and model). In PE-HEALTH, the medical Internet of Things (IoT) sensor serves as the health condition data collector. For protecting patient privacy, the IoT sensor additively shares the collected data and uploads the shared data to the cloud server, which is efficient and suited to the energy-limited IoT sensor. To keep model privacy, PE-HEALTH allows the healthcare center to previously deploy, and then, use an encrypted CNN on the cloud server. During the CNN inference process, PE-HEALTH does not need the cloud servers to exchange any extra messages for operating the convolutional operation, which can greatly reduce the communication cost.

Network-based Malware Detection with a Two-tier Architecture for Online Incremental Update

Abstract: As smartphones carry more and more private information, it has become the main target of malware attacks. Threats on mobile devices have become increasingly sophisticated, making it imperative to develop effective tools that are able to detect and counter such threats. Unfortunately, existing malware detection tools based on machine learning techniques struggle to keep up due to the difficulty in performing online incremental update on the detection models. In this paper, a Two-tier Architecture Malware Detection (TAMD) method is proposed, which can learn from the statistical features of network traffic to detect malware. The first layer of TAMD identifies uncertain samples in the training set through a preliminary classification, whereas the second layer builds an improved classifier by filtering out such samples. We enhance TAMD with an incremental leaning based technique (TAMD-IL), which allows to incrementally update the detection models without retraining it from scratch by removing and adding sub-models in TAMD. We experimentally demonstrate that TAMD outperforms the existing methods with up to 98.72% on precision and 96.57% on recall. We also evaluate TAMD-IL on four concept drift datasets and compare it with classical machine learning algorithms, two state-of-the-art malware detection technologies, and three incremental learning technologies. Experimental results show that TAMD-IL is efficient in terms of both update time and memory usage.