Time filter

Source Type

Hong Kong, Hong Kong

Chen T.Y.,Swinburne University of Technology | Hu P.,China Merchants Bank | Li H.,University of Hong Kong | Tse T.H.,University of Hong Kong
Information Sciences | Year: 2012

We present a flow analysis technique for detecting unreachable states and actions in concurrent systems. It is an enhancement of the approach by Cheung and Kramer. Each process of a concurrent system is modeled as a finite state machine, whose states represent process execution states and whose transitions are labeled by actions. We construct dependency sets incrementally and eliminate spurious paths by checking the execution sequences of actions. We prove mathematically that our algorithm can detect more unreachability faults than the well-known Reif/Smolka and Cheung/Kramer algorithms. The algorithm is easy to manage and its complexity is still polynomial to the system size. Case studies on two commonly used communication protocols show that the technique is effective. © 2012 Elsevier Inc. All rights reserved. Source

Xi C.,China Merchants Bank | Xi C.,Xidian University | Liang S.,Smart Energy | Jianfeng M.,Xidian University | Zhuo M.,Xidian University
China Communications | Year: 2015

In the harsh environment where node density is sparse, the slow-moving nodes cannot effectively utilize the encountering opportunities to realize the self-organized identity authentications, and do not have the chance to join the network routing. However, considering most of the communications in opportunistic networks are caused by forwarding operations, there is no need to establish the complete mutual authentications for each conversation. Accordingly, a novel trust management scheme is presented based on the information of behavior feedback, in order to complement the insufficiency of identity authentications. By utilizing the certificate chains based on social attributes, the mobile nodes build the local certificate graphs gradually to realize the web of Identity Trust relationship. Meanwhile, the successors generate Verified Feedback Packets for each positive behavior, and consequently the Behavior Trust relationship is formed for slow-moving nodes. Simulation result shows that, by implementing our trust scheme, the delivery probability and trust reconstruction ratio can be effectively improved when there are large numbers of compromised nodes, and it means that our trust management scheme can efficiently explore and filter the trust nodes for secure forwarding in opportunistic networks. © 2013 IEEE. Source

Zhang Z.,CAS Institute of Software | Chan W.K.,City University of Hong Kong | Tse T.H.,University of Hong Kong | Yu Y.T.,City University of Hong Kong | Hu P.,China Merchants Bank
Journal of Systems and Software | Year: 2011

Fault localization is a major activity in program debugging. To automate this time-consuming task, many existing fault-localization techniques compare passed executions and failed executions, and suggest suspicious program elements, such as predicates or statements, to facilitate the identification of faults. To do that, these techniques propose statistical models and use hypothesis testing methods to test the similarity or dissimilarity of proposed program features between passed and failed executions. Furthermore, when applying their models, these techniques presume that the feature spectra come from populations with specific distributions. The accuracy of using a model to describe feature spectra is related to and may be affected by the underlying distribution of the feature spectra, and the use of a (sound) model on inapplicable circumstances to describe real-life feature spectra may lower the effectiveness of these fault-localization techniques. In this paper, we make use of hypothesis testing methods as the core concept in developing a predicate-based fault-localization framework. We report a controlled experiment to compare, within our framework, the efficacy, scalability, and efficiency of applying three categories of hypothesis testing methods, namely, standard non-parametric hypothesis testing methods, standard parametric hypothesis testing methods, and debugging-specific parametric testing methods. We also conduct a case study to compare the effectiveness of the winner of these three categories with the effectiveness of 33 existing statement-level fault-localization techniques. The experimental results show that the use of non-parametric hypothesis testing methods in our proposed predicate-based fault-localization model is the most promising. © 2011 Elsevier Inc. All rights reserved. Source

Chen X.,China Merchants Bank
Ruan Jian Xue Bao/Journal of Software | Year: 2013

Due to the defects caused by design principle and mechanism, Trusted Computing Platform can't effectively protect the system security from physical attacks. A novel design method based on signal integrity analysis was introduced to solve this problem. Based on the work stated above, this paper proposes a revised logical hierarchical design of TPM-APM (TPM-analog parameter measurement) sub-module. Furthermore, engineering implementation method of TPM-APM sub-module is provided by measuring the analog parameters of delay. Through comparing eye patterns, the practicability of implementing the TPM-APM sub-module is verified. Detailed analysis and experiment reveal that the revised TPM-APM sub-module can effectively enhance the ability of protecting Trusted Computing Platform against physical attacks. © Institute of Software Chinese Academy of Sciences. Source

Chen X.,China Merchants Bank | Tian Y.-L.,Guizhou University | Ma Z.,Xidian University | Ma J.-F.,Xidian University
Tongxin Xuebao/Journal on Communications | Year: 2014

There is no doubt that mobile payment is the spotlight in Internet finance now. Although users can enjoy quick and convenient services, they have to face with more severe security problems at the same time: the attack incidents, such as cellphone Trojan and privacy leaks emerge endlessly. Lots of viruses which are designed for attacking financial payments can steal users' personal information including account, password and verification code in the proceedings of remote payment and near field communication. Security issues have already seriously impeded the further development of the mobile payment market. To solve the above problems, discusses the security issues in mobile terminals, payments, network and interactive logic of banking business from financial institutions' perspective was discussed systematically. In addition, current status of relevant security key technologies are summarized from academic research community and industry fields. Finally, based on related research achievements, the design of system architecture and suggestions for mobile payment security are proposed, which can guide the future development of commercial bank. ©, 2014, Editorial Board of Journal on Communications. All right reserved. Source

Discover hidden collaborations