ACM Computing Surveys (CSUR)

Glabbeek, Rob Van; Höfner, Peter

doi: 10.1145/3329125pmid: N/A

Fairness assumptions are a valuable tool when reasoning about systems. In this article, we classify several fairness properties found in the literature and argue that most of them are too restrictive for many applications. As an alternative, we introduce the concept of justness.

Pawlick, Jeffrey; Colbert, Edward; Zhu, Quanyan

doi: 10.1145/3337772pmid: N/A

Cyberattacks on both databases and critical infrastructure have threatened public and private sectors. Ubiquitous tracking and wearable computing have infringed upon privacy. Advocates and engineers have recently proposed using defensive deception as a means to leverage the information asymmetry typically enjoyed by attackers as a tool for defenders. The term deception, however, has been employed broadly and with a variety of meanings. In this article, we survey 24 articles from 2008 to 2018 that use game theory to model defensive deception for cybersecurity and privacy. Then, we propose a taxonomy that defines six types of deception: perturbation, moving target defense, obfuscation, mixing, honey-x, and attacker engagement. These types are delineated by their information structures, agents, actions, and duration: precisely concepts captured by game theory. Our aims are to rigorously define types of defensive deception, to capture a snapshot of the state of the literature, to provide a menu of models that can be used for applied research, and to identify promising areas for future work. Our taxonomy provides a systematic foundation for understanding different types of defensive deception commonly encountered in cybersecurity and privacy.

Moffat, Alistair

doi: 10.1145/3342555pmid: N/A

Huffman’s algorithm for computing minimum-redundancy prefix-free codes has almost legendary status in the computing disciplines. Its elegant blend of simplicity and applicability has made it a favorite example in algorithms courses, and as a result it is perhaps one of the most commonly implemented algorithmic techniques. This article presents a tutorial on Huffman coding and surveys some of the developments that have flowed as a consequence of Huffman’s original discovery, including details of code calculation and of encoding and decoding operations. We also survey related mechanisms, covering both arithmetic coding and the recently developed asymmetric numeral systems approach and briefly discuss other Huffman-coding variants, including length-limited codes.

Maiorca, Davide; Biggio, Battista; Giacinto, Giorgio

doi: 10.1145/3332184pmid: N/A

Malware still constitutes a major threat in the cybersecurity landscape, also due to the widespread use of infection vectors such as documents. These infection vectors hide embedded malicious code to the victim users, facilitating the use of social engineering techniques to infect their machines. Research showed that machine-learning algorithms provide effective detection mechanisms against such threats, but the existence of an arms race in adversarial settings has recently challenged such systems. In this work, we focus on malware embedded in PDF files as a representative case of such an arms race. We start by providing a comprehensive taxonomy of the different approaches used to generate PDF malware and of the corresponding learning-based detection systems. We then categorize threats specifically targeted against learning-based PDF malware detectors using a well-established framework in the field of adversarial machine learning. This framework allows us to categorize known vulnerabilities of learning-based PDF malware detectors and to identify novel attacks that may threaten such systems, along with the potential defense mechanisms that can mitigate the impact of such threats. We conclude the article by discussing how such findings highlight promising research directions towards tackling the more general challenge of designing robust malware detectors in adversarial settings.

Arias-Cabarcos, Patricia; Krupitzer, Christian; Becker, Christian

doi: 10.1145/3336117pmid: N/A

Adaptive Authentication allows a system to dynamically select the best mechanism(s) for authenticating a user depending on contextual factors, such as location, proximity to devices, and other attributes. Though this technology has the potential to change the current password-dominated authentication landscape, research to date has not led to practical solutions that transcend to our daily lives. Motivated to find out how to improve adaptive authentication design, we provide a structured survey of the existing literature to date and analyze it to identify and discuss current research challenges and future directions.

Fan, Ching-Ling; Lo, Wen-Chih; Pai, Yu-Tung; Hsu, Cheng-Hsin

doi: 10.1145/3329119pmid: N/A

Head-mounted displays and 360 videos have become increasingly more popular, delivering a more immersive viewing experience to end users. Streaming 360 videos over the best-effort Internet, however, faces tremendous challenges, because of the high resolution and the short response time requirements. This survey presents the current literature related to 360 video streaming. We start with 360 video streaming systems built for real experiments to investigate the practicality and efficiency of 360 video streaming. We then present the video and viewer datasets, which may be used to drive large-scale simulations and experiments. Different optimization tools in various stages of the 360 video streaming pipeline are discussed in detail. We also present various applications enabled by 360 video streaming. In the appendices, we review the off-the-shelf hardware available at the time of writing and the open research problems.

Georgiou, Stefanos; Rizou, Stamatia; Spinellis, Diomidis

doi: 10.1145/3337773pmid: N/A

Motivation: In modern it systems, the increasing demand for computational power is tightly coupled with ever higher energy consumption. Traditionally, energy efficiency research has focused on reducing energy consumption at the hardware level. Nevertheless, the software itself provides numerous opportunities for improving energy efficiency. Goal: Given that energy efficiency for it systems is a rising concern, we investigate existing work in the area of energy-aware software development and identify open research challenges. Our goal is to reveal limitations, features, and tradeoffs regarding energy-performance for software development and provide insights on existing approaches, tools, and techniques for energy-efficient programming. Method: We analyze and categorize research work mostly extracted from top-tier conferences and journals concerning energy efficiency across the software development lifecycle phases. Results: Our analysis shows that related work in this area has focused mainly on the implementation and verification phases of the software development lifecycle. Existing work shows that the use of parallel and approximate programming, source code analyzers, efficient data structures, coding practices, and specific programming languages can significantly increase energy efficiency. Moreover, the utilization of energy monitoring tools and benchmarks can provide insights for the software practitioners and raise energy-awareness during the development phase.

Bergström, Joanna; Hornbæk, Kasper

doi: 10.1145/3332166pmid: N/A

The skin offers exciting possibilities for human--computer interaction by enabling new types of input and feedback. We survey 42 research papers on interfaces that allow users to give input on their skin. Skin-based interfaces have developed rapidly over the past 8 years but most work consists of individual prototypes, with limited overview of possibilities or identification of research directions. The purpose of this article is to synthesize what skin input is, which technologies can sense input on the skin, and how to give feedback to the user. We discuss challenges for research in each of these areas.

Ben-Nun, Tal; Hoefler, Torsten

doi: 10.1145/3320060pmid: N/A

Deep Neural Networks (DNNs) are becoming an important tool in modern computing applications. Accelerating their training is a major challenge and techniques range from distributed algorithms to low-level circuit design. In this survey, we describe the problem from a theoretical perspective, followed by approaches for its parallelization. We present trends in DNN architectures and the resulting implications on parallelization strategies. We then review and model the different types of concurrency in DNNs: from the single operator, through parallelism in network inference and training, to distributed deep learning. We discuss asynchronous stochastic optimization, distributed system architectures, communication schemes, and neural architecture search. Based on those approaches, we extrapolate potential directions for parallelism in deep learning.

Adhikari, Mainak; Amgoth, Tarachand; Srirama, Satish Narayana

doi: 10.1145/3325097pmid: N/A

Workflow scheduling is one of the challenging issues in emerging trends of the distributed environment that focuses on satisfying various quality of service (QoS) constraints. The cloud receives the applications as a form of a workflow, consisting of a set of interdependent tasks, to solve the large-scale scientific or enterprise problems. Workflow scheduling in the cloud environment has been studied extensively over the years, and this article provides a comprehensive review of the approaches. This article analyses the characteristics of various workflow scheduling techniques and classifies them based on their objectives and execution model. In addition, the recent technological developments and paradigms such as serverless computing and Fog computing are creating new requirements/opportunities for workflow scheduling in a distributed environment. The serverless infrastructures are mainly designed for processing background tasks such as Internet-of-Things (IoT), web applications, or event-driven applications. To address the ever-increasing demands of resources and to overcome the drawbacks of the cloud-centric IoT, the Fog computing paradigm has been developed. This article also discusses workflow scheduling in the context of these emerging trends of cloud computing.