ACM Computing Surveys (CSUR)

Gonçalves, Guilherme; Coelho, Hugo; Monteiro, Pedro; Melo, Miguel; Bessa, Maximino

doi: 10.1145/3533377pmid: N/A

The adoption of immersive virtual experiences (IVEs) opened new research lines where the impact of realism is being studied, allowing developers to focus resources on realism factors proven to improve the user experience the most. We analyzed papers that compared different levels of realism and evaluated their impact on user experience. Exploratorily, we also synthesized the realism terms used by authors. From 1,300 initial documents, 79 met the eligibility criteria. Overall, most of the studies reported that higher realism has a positive impact on user experience. These data allow a better understanding of realism in IVEs, guiding future R&D.

Zehlike, Meike; Yang, Ke; Stoyanovich, Julia

doi: 10.1145/3533380pmid: N/A

In the past few years, there has been much work on incorporating fairness requirements into algorithmic rankers, with contributions coming from the data management, algorithms, information retrieval, and recommender systems communities. In this survey, we give a systematic overview of this work, offering a broad perspective that connects formalizations and algorithmic approaches across subfields. An important contribution of our work is in developing a common narrative around the value frameworks that motivate specific fairness-enhancing interventions in ranking. This allows us to unify the presentation of mitigation objectives and of algorithmic techniques to help meet those objectives or identify trade-offs. In the first part of this survey, we describe four classification frameworks for fairness-enhancing interventions, along which we relate the technical methods surveyed in this article, discuss evaluation datasets, and present technical work on fairness in score-based ranking. In the second part of this survey, we present methods that incorporate fairness in supervised learning, and also give representative examples of recent work on fairness in recommendation and matchmaking systems. We also discuss evaluation frameworks for fair score-based ranking and fair learning-to-rank, and draw a set of recommendations for the evaluation of fair ranking methods.

Benidis, Konstantinos; Rangapuram, Syama Sundar; Flunkert, Valentin; Wang, Yuyang; Maddix, Danielle; Turkmen, Caner; Gasthaus, Jan; Bohlke-Schneider, Michael; Salinas, David; Stella, Lorenzo; Aubet, François-Xavier; Callot, Laurent; Januschowski, Tim

doi: 10.1145/3533382pmid: N/A

Deep learning based forecasting methods have become the methods of choice in many applications of time series prediction or forecasting often outperforming other approaches. Consequently, over the last years, these methods are now ubiquitous in large-scale industrial forecasting applications and have consistently ranked among the best entries in forecasting competitions (e.g., M4 and M5). This practical success has further increased the academic interest to understand and improve deep forecasting methods. In this article we provide an introduction and overview of the field: We present important building blocks for deep forecasting in some depth; using these building blocks, we then survey the breadth of the recent deep forecasting literature.

Xia, Dan; Jiang, Chun; Wan, Jiafu; Jin, Jiong; Leung, Victor C. M.; Martínez-García, Miguel

doi: 10.1145/3530815pmid: N/A

With the continuous expansion of the Industrial Internet of Things (IIoT) and the increasing connectivity among the various intelligent devices or systems, the control of access and fusion in smart factory networks has significantly gained importance. However, the contradiction between the high Quality of Service (QoS) requirements of massive data and the limited network bandwidth and the heterogeneous network is becoming deeper and deeper. The heterogeneity of smart factory networks brings many challenges to unified access and fusion, real-time transmission, and centralized control and management. This article provides a survey on heterogeneous networks in smart factories. We first study and discuss the heterogeneity of smart factory networks, and then discuss the existing mainstream wired and wireless network technologies, as well as promising future technologies, including 5G, OLE for Process Control Unified Architecture (OPC UA), and Time-Sensitive Networking (TSN). In addition, we also analyze current heterogeneous network fusion architecture and discuss the enabling technologies of heterogeneous network fusion in view of the shortcoming of the current solutions. Finally, we conclude with a discussion of open challenges and future research directions towards the effective realization of the smart factory.

Parkinson, Simon; Khan, Saad

doi: 10.1145/3533703pmid: N/A

There any many different access-control systems, yet a commonality is that they provide flexible mechanisms to enforce different access levels. Their importance in organisations to adequately restrict resources, coupled with their use in a dynamic environment, mandates the need to routinely perform policy analysis. The aim of performing analysis is often to identify potential problematic permissions, which have the potential to be exploited and could result in data theft and unintended modification. There is a vast body of published literature on analysing access-control systems, yet as performing analysis has a strong end-user motivation and is grounded in security challenges faced in real-world systems, it is important to understand how research is developing, what are the common themes of interest, and to identify key challenges that should be addressed in future work. To the best of the authors’ knowledge, no survey has been performed to gain an understanding of empirical access-control analysis, focussing on how techniques are evaluated and how they align to the needs of real-world analysis tasks. This article provides a systematic literature review, identifying and summarising key works. Key findings are identified and discussed as areas of future work.

Jeong, Jongkil Jay; Zolotavkin, Yevhen; Doss, Robin

doi: 10.1145/3533705pmid: N/A

Continuous Authentication (CA) technologies enable users to be authenticated beyond just the point of entry. In this article, we conduct a comprehensive review of over 2,300 articles to (a) identify the main components of CA research to date, and (b) explore the current gaps and future research directions. Through a Citation Network Analysis (CNA), we identified that there are currently three primary focus research areas on CA - Keystroke Dynamics; Mouse Movements; and Mobile Device Touch, as well as identify an emerging trend in more recent studies on multi-modal CA authentication which utilises the numerous sensors that are embedded in modern mobile devices. This study also highlights the current gaps in the literature such as the need for a consensus over how to evaluate the application and utility of CA, and the need to examine the feasibility of CA technologies that currently exist based on more use case studies.

Arcile, Johan; André, Étienne

doi: 10.1145/3534967pmid: N/A

Timed automata are a common formalism for the verification of concurrent systems subject to timing constraints. They extend finite-state automata with clocks, that constrain the system behavior in locations, and to take transitions. While timed automata were originally designed for safety (in the wide sense of correctness w.r.t. a formal property), they were progressively used in a number of works to guarantee security properties. In this work, we review works studying security properties for timed automata over the past two decades. We notably review theoretical works, with a particular focus on opacity, as well as more practical works, with a particular focus on attack trees and their extensions. We derive main conclusions concerning open perspectives, as well as tool support.

Jero, Samuel; Burow, Nathan; Ward, Bryan; Skowyra, Richard; Khazan, Roger; Shrobe, Howard; Okhravi, Hamed

doi: 10.1145/3533704pmid: N/A

Software security defenses are routinely broken by the persistence of both security researchers and attackers. Hardware solutions based on tagging are emerging as a promising technique that provides strong security guarantees (e.g., memory safety) while incurring minimal runtime overheads and maintaining compatibility with existing codebases. Such schemes extend every word in memory with a tag and enforce security policies across them. This paper provides a survey of existing work on tagged architectures and describe the types of attacks such architectures aim to prevent as well as the guarantees they provide. It highlights the main distinguishing factors among tagged architectures and presents the diversity of designs and implementations that have been proposed. The survey reveals several real-world challenges have been neglected relating to both security and practical deployment. The challenges relate to the provisioning and enforcement phases of tagged architectures, and various overheads they incur. This work identifies these challenges as open research problems and provides suggestions for improving their security and practicality.

Guo, Binglei; Yu, Jiong; Yang, Dexian; Leng, Hongyong; Liao, Bin

doi: 10.1145/3538225pmid: N/A

Constructing energy-efficient database systems to reduce economic costs and environmental impact has been studied for 10 years. With the emergence of the big data age, along with the data-centric and data-intensive computing trend, the great amount of energy consumed by database systems has become a major concern in a society that pursues Green IT. However, to the best of our knowledge, despite the importance of this matter in Green IT, there have been few comprehensive or systematic studies conducted in this field. Therefore, the objective of this article is to present a literature survey with breadth and depth on existing energy management techniques for database systems. The existing literature is organized hierarchically with two major branches focusing separately on energy consumption models and energy-saving techniques. Under each branch, we first introduce some basic knowledge, then we classify, discuss, and compare existing research according to their core ideas, basic approaches, and main characteristics. Finally, based on these observations through our study, we identify multiple open issues and challenges, and provide insights for future research. It is our hope that our outcome of this work will help researchers develop more energy-efficient database systems.

Roy, Shanto; Sharmin, Nazia; Acosta, Jaime C.; Kiekintveld, Christopher; Laszka, Aron

doi: 10.1145/3538704pmid: N/A

Adversaries are often able to penetrate networks and compromise systems by exploiting vulnerabilities in people and systems. The key to the success of these attacks is information that adversaries collect throughout the phases of the cyber kill chain. We summarize and analyze the methods, tactics, and tools that adversaries use to conduct reconnaissance activities throughout the attack process. First, we discuss what types of information adversaries seek and how and when they can obtain this information. Then, we provide a taxonomy and detailed overview of adversarial reconnaissance techniques. The taxonomy introduces a categorization of reconnaissance techniques based on the source as third-party and human-, and system-based information gathering. This article provides a comprehensive view of adversarial reconnaissance that can help in understanding and modeling this complex but vital aspect of cyber attacks as well as insights that can improve defensive strategies, such as cyber deception.