The Trade-Off Between Performance and Security of Virtualized Trusted Execution Environment on Android

Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for satisfying the inviolable property by taking advantage of hardware security.However,for Android,TEE technologies still contain restrictions and limitations.The first issue is that non-original equipment manufacturer developers have limited access to the functionality of hardware-based TEE.Another issue of hardware-based TEE is the cross-platform problem.Since every mobile device supports different TEE vendors,it becomes an obstacle for developers to migrate their trusted applications to other Android devices.A software-based TEE solution is a potential approach that allows developers to customize,package and deliver the product efficiently.Motivated by that idea,this paper introduces a VTEE model,a software-based TEE solution,on Android devices.This research contributes to the analysis of the feasibility of using a virtualized TEE on Android devices by considering two metrics:computing performance and security.The experiment shows that the VTEE model can host other software-based TEE services and deliver various cryptography TEE functions on theAndroid environment.The security evaluation shows that adding the VTEE model to the existing Android does not addmore security issues to the traditional design.Overall,this paper shows applicable solutions to adjust the balance between computing performance and security.

Availability Importance Measures for Virtualized System with Live Migration

This paper presents component importance analysis for virtualized system with live migration. The component importance analysis is significant to determine the system design of virtualized system from availability and cost points of view. This paper discusses the importance of components with respect to system availability. Specifically, we introduce two different component importance analyses for hybrid model (fault trees and continuous-time Markov chains) and continuous-time Markov chains, and show the analysis for existing probabilistic models for virtualized system. In numerical examples, we illustrate the quantitative component importance analysis for virtualized system with live migration.

Security Challenges of Virtualization Hypervisors in Virtualized Hardware Environment

The concept of virtualization machines is not new, but it is increasing vastly and gaining popularity in the IT world. Hypervisors are also popular for security as a means of isolation. The virtualization of information technology infrastructure creates the enablement of IT resources to be shared and used on several other devices and applications;this increases the growth of business needs. The environment created by virtualization is not restricted to any configuration physically or execution. The resources of a computer are shared logically. Hypervisors help in virtualization of hardware that is a software interact with the physical system, enabling or providing virtualized hardware environment to support multiple running operating system simultaneously utilizing one physical server. This paper explores the benefits, types and security issues of Virtualization Hypervisor in virtualized hardware environment.

A Cloud-Based Virtualized Execution Environment for Mobile Applications

Smartphones and cloud computing technologies have enabled the development of sophisticated mobile applications. Still, many of these applications do not perform well due to limited computation, data storage, network bandwidth, and battery capacity in a mobile phone. While applications can be redesigned with client-server models to benefit from cloud services, users are no longer in full control of the application. This is also a serious concern. We propose an innovative framework for executing mobile applications in a virfualized cloud environment. With encryption and isolation, this environment is controlled by the user and protected against eavesdropping from cloud providers. We have developed efficient schemes for migrating applications and synchronizing data between execution environments. Performance and power issues within a virtualized execution environment are also addressed using power saving and scheduling techniques that enable automatic, seamless application migration.

Virtualized Wireless SDNs:Modelling Delay Through the Use of Stochastic Network Calculus

Software-defined networks （SDN） have attracted much attention recently because of their flexibility in terms of network management. Increasingly, SDN is being introduced into wireless networks to form wireless SDN. One enabling technology for wireless SDN is network virtualization, which logically divides one wireless network element, such as a base station, into multiple slices, and each slice serving as a standalone virtual BS. In this way, one physical mobile wireless network can be partitioned into multiple virtual networks in a software-defined manner. Wireless virtual networks comprising virtual base stations also need to provide QoS to mobile end-user services in the same context as their physical hosting networks. One key QoS parameter is delay. This paper presents a delay model for software-defined wireless virtual networks. Network calculus is used in the modelling. In particular, stochastic network calculus, which describes more realistic models than deterministic network calculus, is used. The model enables theoretical investigation of wireless SDN, which is largely dominated by either algorithms or prototype implementations.

Heuristic Scheduling Algorithms for Allocation of Virtualized Network and Computing Resources

Cloud computing technology facilitates computing-intensive applications by providing virtualized resources which can be dynamically provisioned. However, user’s requests are varied according to different applications’ computation ability needs. These applications can be presented as meta-job of user’s demand. The total processing time of these jobs may need data transmission time over the Internet as well as the completed time of jobs to execute on the virtual machine must be taken into account. In this paper, we presented V-heuristics scheduling algorithm for allocation of virtualized network and computing resources under user’s constraint which applied into a service-oriented resource broker for jobs scheduling. This scheduling algorithm takes into account both data transmission time and computation time that related to virtualized network and virtual machine. The simulation results are compared with three different types of heuristic algorithms under conventional network or virtual network conditions such as MCT, Min-Min and Max-Min. e evaluate these algorithms within a simulated cloud environment via an abilenenetwork topology which is real physical core network topology. These experimental results show that V-heuristic scheduling algorithm achieved significant performance gain for a variety of applications in terms of load balance, Makespan, average resource utilization and total processing time.

NDFuzz:a non-intrusive coverage-guided fuzzing framework for virtualized network devices

Network function virtualization provides programmable in-network middlewares by leveraging virtualization tech-nologies and commodity hardware and has gained popularity among all mainstream network device manufacturers.Yet it is challenging to apply coverage-guided fuzzing,one of the state-of-the-art vulnerability discovery approaches,to those virtualized network devices,due to inevitable integrity protection adopted by those devices.In this paper,we propose a coverage-guided fuzzing framework NDFuzz for virtualized network devices with a novel integrity protec-tion bypassing method,which is able to distinguish processes of virtualized network devices from hypervisors with a carefully designed non-intrusive page global directory inference technique.We implement NDFuzz atop of two black-box fuzzers and evaluate NDFuzz with three representative network protocols,SNMP,DHCP and NTP,on nine popular virtualized network devices.NDFuzz obtains an average 36%coverage improvement in comparison with its black-box counterparts.NDFuzz discovers 2 O-Day vulnerabilities and 11-Day vulnerability with coverage guidance while the black-box fuzzer can find only one of them.All discovered vulnerabilities are confirmed by corresponding vendors.

Spatial Heterogeneity of Embedded Water Consumption from the Perspective of Virtual Water Surplus and Deficit in the Yellow River Basin,China

Virtual water trade(VWT)provides a new perspective for alleviating water crisis and has thus attracted widespread attention.However,the heterogeneity of virtual water trade inside and outside the river basin and its influencing factors remains further study.In this study,for better investigating the pattern and heterogeneity of virtual water trade inside and outside provincial regions along the Yellow River Basin in 2015 using the input-output model(MRIO),we proposed two new concepts,i.e.,virtual water surplus and virtual water deficit,and then used the Logarithmic Mean Divisia Index(LMDI)model to identify the inherent mechanism of the imbalance of virtual water trade between provincial regions along the Yellow River Basin and the other four regions in China.The results show that:1)in provincial regions along the Yellow River Basin,the less developed the economy was,the larger the contribution of the agricultural sector in virtual water trade,while the smaller the contribution of the industrial sector.2)Due to the large output of agricultural products,the upstream and midstream provincial regions of the Yellow River Basin had a virtual water surplus,with a net outflow of virtual water of 2.7×10^(8) m^(3) and 0.9×10^(8) m^(3),respectively.3)provincial regions along the Yellow River Basin were in a virtual water deficit with the rest of China,and the decisive factor was the active degree of trade with the outside.This study would be beneficial to illuminate the trade-related water use issues in provincial regions along the Yellow River Basin,which has farreaching practical signific-ance for alleviating water scarcity.

Wear dependent virtual flow rate sensor for progressing cavity pumps with deformable stator

This contribution presents a novel wear dependent virtual flow rate sensor for single stage single lobe progressing cavity pumps. We study the wear-induced material loss of the pump components and the impact of this material loss on the volumetric efficiency. The results are combined with an established backflow model to implement a backflow calculation procedure that is adaptive to wear. We use a laboratory test setup with a highly abrasive fluid and operate a pump from new to worn condition to validate our approach. The obtained measurement data show that the presented virtual sensor is capable of calculating the flow rate of a pump being subject to wear during its regular operation.

Optical Microsphere Nano-Imaging:Progress and Challenges

The optical diffraction effect imposes a radical obstacle preventing conventional optical microscopes from achieving an imaging resolution beyond the Abbe diffraction limit and thereby restricting their usage in a multitude of nanoscale applications.Over the past decade,the optical microsphere nanoimaging technique has been demonstrated to be a cost-effective solution for overcoming the diffraction limit and has achieved an imaging resolution of up to about k6k8 in a real-time and label-free manner,making it highly competitive among numerous super-resolution imaging technologies.In this review,we summarize the underlying nano-imaging mechanisms of the microsphere nanoscope and key advancements aimed at imaging performance enhancement:first,to change the working environment or modify the peripheral hardware of a single microsphere nanoscope at the system level;second,to compose the microsphere compound lens;and third,to engineer the geometry or ingredients of microspheres.We also analyze challenges yet to be overcome in optical microsphere nano-imaging,followed by an outlook of this technique.

Security Monitoring and Management for the Network Services in the Orchestration of SDN-NFV Environment Using Machine Learning Techniques

Software Defined Network(SDN)and Network Function Virtualization(NFV)technology promote several benefits to network operators,including reduced maintenance costs,increased network operational performance,simplified network lifecycle,and policies management.Network vulnerabilities try to modify services provided by Network Function Virtualization MANagement and Orchestration(NFV MANO),and malicious attacks in different scenarios disrupt the NFV Orchestrator(NFVO)and Virtualized Infrastructure Manager(VIM)lifecycle management related to network services or individual Virtualized Network Function(VNF).This paper proposes an anomaly detection mechanism that monitors threats in NFV MANO and manages promptly and adaptively to implement and handle security functions in order to enhance the quality of experience for end users.An anomaly detector investigates these identified risks and provides secure network services.It enables virtual network security functions and identifies anomalies in Kubernetes(a cloud-based platform).For training and testing purpose of the proposed approach,an intrusion-containing dataset is used that hold multiple malicious activities like a Smurf,Neptune,Teardrop,Pod,Land,IPsweep,etc.,categorized as Probing(Prob),Denial of Service(DoS),User to Root(U2R),and Remote to User(R2L)attacks.An anomaly detector is anticipated with the capabilities of a Machine Learning(ML)technique,making use of supervised learning techniques like Logistic Regression(LR),Support Vector Machine(SVM),Random Forest(RF),Naïve Bayes(NB),and Extreme Gradient Boosting(XGBoost).The proposed framework has been evaluated by deploying the identified ML algorithm on a Jupyter notebook in Kubeflow to simulate Kubernetes for validation purposes.RF classifier has shown better outcomes(99.90%accuracy)than other classifiers in detecting anomalies/intrusions in the containerized environment.

Bipartite consensus problems of Lurie multi-agent systems over signed graphs: A contraction approach

This paper examines the bipartite consensus problems for the nonlinear multi-agent systems in Lurie dynamics form with cooperative and competitive communication between different agents. Based on the contraction theory, some new conditions for the nonlinear Lurie multi-agent systems reaching bipartite leaderless consensus and bipartite tracking consensus are presented. Compared with the traditional methods, this approach degrades the dimensions of the conditions, eliminates some restrictions of the system matrix, and extends the range of the nonlinear function. Finally, two numerical examples are provided to illustrate the efficiency of our results.

Performance Comparison of Hyper-V and KVM for Cryptographic Tasks in Cloud Computing

As the extensive use of cloud computing raises questions about the security of any personal data stored there,cryptography is being used more frequently as a security tool to protect data confidentiality and privacy in the cloud environment.A hypervisor is a virtualization software used in cloud hosting to divide and allocate resources on various pieces of hardware.The choice of hypervisor can significantly impact the performance of cryptographic operations in the cloud environment.An important issue that must be carefully examined is that no hypervisor is completely superior in terms of performance;Each hypervisor should be examined to meet specific needs.The main objective of this study is to provide accurate results to compare the performance of Hyper-V and Kernel-based Virtual Machine(KVM)while implementing different cryptographic algorithms to guide cloud service providers and end users in choosing the most suitable hypervisor for their cryptographic needs.This study evaluated the efficiency of two hypervisors,Hyper-V and KVM,in implementing six cryptographic algorithms:Rivest,Shamir,Adleman(RSA),Advanced Encryption Standard(AES),Triple Data Encryption Standard(TripleDES),Carlisle Adams and Stafford Tavares(CAST-128),BLOWFISH,and TwoFish.The study’s findings show that KVM outperforms Hyper-V,with 12.2%less Central Processing Unit(CPU)use and 12.95%less time overall for encryption and decryption operations with various file sizes.The study’s findings emphasize how crucial it is to pick a hypervisor that is appropriate for cryptographic needs in a cloud environment,which could assist both cloud service providers and end users.Future research may focus more on how various hypervisors perform while handling cryptographic workloads.

用于重建物理和虚拟抓取的可重构数据手套

In this work,we present a reconfigurable data glove design to capture different modes of human hand-object interactions,which are critical in training embodied artificial intelligence(AI)agents for fine manipulation tasks.To achieve various downstream tasks with distinct features,our reconfigurable data glove operates in three modes sharing a unified backbone design that reconstructs hand gestures in real time.In the tactile-sensing mode,the glove system aggregates manipulation force via customized force sensors made from a soft and thin piezoresistive material;this design minimizes interference during complex hand movements.The virtual reality(VR)mode enables real-time interaction in a physically plausible fashion:A caging-based approach is devised to determine stable grasps by detecting collision events.Leveraging a state-of-the-art finite element method,the simulation mode collects data on fine-grained four-dimensionalmanipulation events comprising hand and object motions in three-dimensional space and how the object's physical properties(e.g.,stress and energy)change in accordance with manipulation over time.Notably,the glove system presented here is the first to use high-fidelity simulation to investigate the unobservable physical and causal factors behind manipulation actions.In a series of experiments,we characterize our data glove in terms of individual sensors and the overall system.More specifically,we evaluate the system's three modes by①recording hand gestures and associated forces,②improving manipulation fluency in VR,and③producing realistic simulation effects of various tool uses,respectively.Based on these three modes,our reconfigurable data glove collects and reconstructs fine-grained human grasp data in both physical and virtual environments,thereby opening up new avenues for the learning of manipulation skills for embodied AI agents.

Abnormal State Detection in Lithium-ion Battery Using Dynamic Frequency Memory and Correlation Attention LSTM Autoencoder

This paper addresses the challenge of identifying abnormal states in Lithium-ion Battery(LiB)time series data.As the energy sector increasingly focuses on integrating distributed energy resources,Virtual Power Plants(VPP)have become a vital new framework for energy management.LiBs are key in this context,owing to their high-efficiency energy storage capabilities essential for VPP operations.However,LiBs are prone to various abnormal states like overcharging,over-discharging,and internal short circuits,which impede power transmission efficiency.Traditional methods for detecting such abnormalities in LiB are too broad and lack precision for the dynamic and irregular nature of LiB data.In response,we introduce an innovative method:a Long Short-Term Memory(LSTM)autoencoder based on Dynamic Frequency Memory and Correlation Attention(DFMCA-LSTM-AE).This unsupervised,end-to-end approach is specifically designed for dynamically monitoring abnormal states in LiB data.The method starts with a Dynamic Frequency Fourier Transform module,which dynamically captures the frequency characteristics of time series data across three scales,incorporating a memory mechanism to reduce overgeneralization of abnormal frequencies.This is followed by integrating LSTM into both the encoder and decoder,enabling the model to effectively encode and decode the temporal relationships in the time series.Empirical tests on a real-world LiB dataset demonstrate that DFMCA-LSTM-AE outperforms existing models,achieving an average Area Under the Curve(AUC)of 90.73%and an F1 score of 83.83%.These results mark significant improvements over existing models,ranging from 2.4%–45.3%for AUC and 1.6%–28.9%for F1 score,showcasing the model’s enhanced accuracy and reliability in detecting abnormal states in LiB data.

Proposal for a realtime Einstein-synchronization-defined satellite virtual clock

Realization of high performance satellite onboard clock is vital for various positioning, navigation, and timing applications. For further improvement of the synchronization-based satellite time and frequency references, we propose a geosynchronous(GEO) satellite virtual clock concept based on ground–satellite synchronization and present a beacon transponder structure for its implementation(scheduled for launch in 2025), which does not require atomic clocks to be mounted on the satellite. Its high performance relies only on minor modifications to the existing transponder structure of GEO satellites. We carefully model the carrier phase link and analyze the factors causing link asymmetry within the special relativity. Considering that performance of such synchronization-based satellite clocks is primarily limited by the link's random phase noise, which cannot be adequately modeled, we design a closed-loop experiment based on commercial GEO satellites for pre-evaluation. This experiment aims at extracting the zero-means random part of the ground-satellite Ku-band carrier phase via a feedback loop. Ultimately, we obtain a 1σ value of 0.633 ps(two-way link), following the Gaussian distribution. From this result, we conclude that the proposed real-time Einstein-synchronization-defined satellite virtual clock can achieve picosecond-level replication of onboard time and frequency.

Mental health in the virtual world:Challenges and opportunities in the metaverse era

Current rates of mental illness are worrisome.Mental illness mainly affects females and younger age groups.The use of the internet to deliver mental health care has been growing since 2020 and includes the implementation of novel mental health treatments using virtual reality,augmented reality,and artificial intelligence.A new three dimensional digital environment,known as the metaverse,has emerged as the next version of the Internet.Artificial intelligence,augmented reality,and virtual reality will create fully immersive,experiential,and interactive online environments in the metaverse.People will use a unique avatar to do anything they do in their“real”lives,including seeking and receiving mental health care.In this opinion review,we reflect on how the metaverse could reshape how we deliver mental health treatment,its opportunities,and its challenges.

An intelligent control method based on artificial neural network for numerical flight simulation of the basic finner projectile with pitching maneuver

In this paper,an intelligent control method applying on numerical virtual flight is proposed.The proposed algorithm is verified and evaluated by combining with the case of the basic finner projectile model and shows a good application prospect.Firstly,a numerical virtual flight simulation model based on overlapping dynamic mesh technology is constructed.In order to verify the accuracy of the dynamic grid technology and the calculation of unsteady flow,a numerical simulation of the basic finner projectile without control is carried out.The simulation results are in good agreement with the experiment data which shows that the algorithm used in this paper can also be used in the design and evaluation of the intelligent controller in the numerical virtual flight simulation.Secondly,combined with the real-time control requirements of aerodynamic,attitude and displacement parameters of the projectile during the flight process,the numerical simulations of the basic finner projectile’s pitch channel are carried out under the traditional PID(Proportional-Integral-Derivative)control strategy and the intelligent PID control strategy respectively.The intelligent PID controller based on BP(Back Propagation)neural network can realize online learning and self-optimization of control parameters according to the acquired real-time flight parameters.Compared with the traditional PID controller,the concerned control variable overshoot,rise time,transition time and steady state error and other performance indicators have been greatly improved,and the higher the learning efficiency or the inertia coefficient,the faster the system,the larger the overshoot,and the smaller the stability error.The intelligent control method applying on numerical virtual flight is capable of solving the complicated unsteady motion and flow with the intelligent PID control strategy and has a strong promotion to engineering application.

A Tri-mode of Mock-Walker Cells

This work uses cloud-resolving simulations to study mock-Walker cells driven by a specified sea surface temperature(SST).The associated precipitation in the mock-Walker cells exhibits three different modes,including a single peak of precipitation over the SST maximum(mode 1),symmetric double peaks of precipitation straddling the SST maximum(mode 2),and a single peak of precipitation on one side of the SST maximum(mode 3).The three modes are caused by three distinct convective activity center migration traits.Analyses indicate that the virtual effect of water vapor plays an important role in differentiating the three modes.When the SST gradient is large,the virtual effect may be strong enough to overcome the temperature effect,generating a low-level low-pressure anomaly below the ascending branch of the Walker cell off the center.The results here highlight the importance of the virtual effect of water vapor and its interaction with convection and large-scale circulation in the Walker circulation.

Simplified prediction models for acoustic installation effects of train-mounted equipment

Acoustic models of railway vehicles in standstill and pass-by conditions can be used as part of a virtual certification process for new trains.For each piece of auxiliary equipment,the sound power measured on a test bench is combined with meas-ured or predicted transfer functions.It is important,however,to allow for installation effects due to shielding by fairings or the train body.In the current work,fast-running analytical models are developed to determine these installation effects.The model for roof-mounted sources takes account of diffraction at the corner of the train body or fairing,using a barrier model.For equipment mounted under the train,the acoustic propagation from the sides of the source is based on free-field Green’s functions.The bottom surfaces are assumed to radiate initially into a cavity under the train,which is modelled with a simple diffuse field approach.The sound emitted from the gaps at the side of the cavity is then assumed to propagate to the receivers according to free-field Green’s functions.Results show good agreement with a 2.5D boundary element model and with measurements.Modelling uncertainty and parametric uncertainty are evaluated.The largest variability occurs due to the height and impedance of the ground,especially for a low receiver.This leads to standard deviations of up to 4 dB at low frequencies.For the roof-mounted sources,uncertainty over the location of the corner used in the equivalent barrier model can also lead to large standard deviations.