ABSTRACT. Fully Homomorphic Encryption (FHE) is pivotal for secure computation on encrypted data, crucial in privacy-preserving data analysis. However, efficiently processing high-dimensional data in FHE, especially for machine learning and statistical (ML/STAT) algorithms, poses a challenge. In this paper, we present an effective acceleration method using the kernel method for FHE schemes, enhancing time performance in ML/STAT algorithms within encrypted domains. This technique, independent of underlying FHE mechanisms and complementing existing optimizations, notably reduces costly FHE multiplications, offering near-constant time complexity relative to data dimension. Aimed at accessibility, this method is tailored for data scientists and developers with limited cryptography background, facilitating advanced data analysis in secure environments.

ABSTRACT. Few-shot classification categorizes objects with minimal training data, making it valuable when large datasets are impractical. Models are trained on a base set with many samples per class and tested on a novel set, where they classify new samples using only a few examples per class. Since base and novel classes are distinct, models must generalize to unseen classes while training on the base set, making meta-learning more effective than traditional classification methods. State-of-the-art techniques improve generalization by pretraining on large datasets, followed by applying meta-learning to further enhance performance. However, we argue that although meta-learning is effective for few-shot tasks, models often overfit to the base classes, reducing performance on novel classes, even with pretraining. To address this issue, we propose two techniques in the meta-learning phase to reduce overfitting and improve generalization. First, we mask important parts of the sample to prevent the model from over-relying on specific features. Masking is applied using attention scores in ViT-like backbones or class activation maps in CNN-based backbones. Using the masked samples, we apply contrastive loss to prototypical network training, reducing the distance between a sample and its class prototype while increasing the distance to prototypes of other classes. The proposed method is applicable regardless of the backbone, whether a pretrained model is used, or whether the approach is inductive or transductive. We conduct experiments on various benchmark datasets and configurations to demonstrate the effectiveness of our method.

ABSTRACT. Huge spruce forest areas have been damaged by massive bark beetle outbreaks across Europe during the past few years. Therefore, forest health management requires large-scale inventory of bark beetle outbreaks to plan actions for promptly mitigating forest tree dieback. Deep learning techniques have recently achieved amazing results in imagery semantic segmentation tasks by dominating the recent research for mapping bark beetle outbreaks in Sentinel-2 images of forest areas. In addition, due to the impressive performance of large language models (LLMs) in natural language understanding and generation tasks, LLMs have started attracting attention in multiple fields. In this paper, we describe GANDALF: an approach that leverages the potential of LLMs for mapping bark beetle outbreaks in Sentinel-2 images of forest areas. Specifically, we take advantage of the rich context of textual data to transform spectral-spatial information recorded in Sentinel-2 images in smart data ready for boosting accurate semantic segmentation modeling. To this purpose, we use a foundation, pre-trained LLM model to account for the text encoding of the spectral-spatial imagery context information. We fine tune the LLM model to perform the semantic segmentation of forest images hosting bark beetle outbreaks and use the Integrated Gradient (IG) algorithm to explain how each spectral-spatial information has an effect on the bark beetle outbreak detection. We assess the effectiveness of the proposed approach in a case study regarding bark beetle outbreaks in Sentinel -2 images of forest scenes in Czech Republic.

ABSTRACT. Formula One (F1) race strategy takes place in a high-pressure and fast-paced environment where split-second decisions can drastically affect race results. Two of the core decisions of race strategy are when to make pit stops (i.e. replace the cars’ tyres) and which tyre compounds (hard, medium or soft, in normal conditions) to select. The optimal pit stop decisions can be determined by estimating the tyre degradation of these compounds, which in turn can be computed from the energy applied to each tyre, i.e. the tyre energy. In this work, we trained deep learning models, using an F1 team’s historic race data consisting of telemetry, to forecast tyre energies during races. Additionally, we fitted XGBoost, a decision tree-based machine learning algorithm, to the same dataset and compared the results, with both giving impressive performance. Furthermore, we incorporated two different explainable AI methods, namely feature importance and counterfactual explanations, to gain insights into the reasoning behind the forecasts. Our contributions thus result in an explainable, automated method which could assist F1 teams in optimising their race strategy.

ABSTRACT. Preserving the location privacy of drones while allowing Critical Infrastructures (CIs) to identify nearby drones and their violations represents a significant challenge. To allow for improved accountability of drone operations, the current standard by the Federal Aviation Administration (FAA) mandates drones to disclose their location (in cleartext). However, such a strategy provides malicious eavesdroppers with significant possibilities for tracking and profiling, thus jeopardizing users' privacy. A recent proposal suggested using geo-indistinguishability to sanitize drones’ locations while allowing CIs to detect violations. However, due to the statistical nature of the approach, the risk of false violation detection is inversely proportional to the privacy guarantees of drones.

In this paper, we propose Privacy Preserving vIolation Detection (PPID), a novel approach using a private set intersection algorithm to simultaneously protect drones' and CIs' location privacy and allow CIs to detect violations while avoiding the problem of false violation detection. We propose two versions of the protocol: i) PPID, which uses an elliptic curve-based private set intersection inspired by relevant literature to detect the co-presence of drone and CI in a given area in a privacy-preserving fashion, and ii) extended (e)-PPID, which extends the message with an approximation of the future location of the drone, to predict possible future violations. To validate our proposal, we implement our protocols and deployed them on a proof of concept involving resource-constrained devices. We extract performance metrics regarding the security, execution time, communication cost, and memory overhead incurred by our protocols. Our results show that PPID and e-PPID provide accurate results about a violation requiring approx. 52ms and 84ms, respectively, in the worst-case scenario (i.e., the highest possible number of messages exchanged) and for a 256-bit security level.

ABSTRACT. The residential energy sector plays a vital role in global environmental impact. In this domain, Internet of Things (IoT) systems are widely used for energy conservation and management. A key aspect of improving energy efficiency is establishing room occupancy ground truth for further analysis and modeling. Passive infrared (PIR) sensors are favored methods to detect occupancy for their simplicity and non-invasiveness. However, they often exhibit limited accuracy. The lack of reliable occupancy ground truth complicates subsequent work in optimizing building management.

Hence, this research aims to develop a reliable method for mapping PIR sensor data to occupancy status. In this way, we addressed a key challenge by building a non-invasive occupancy detection solution. To this end, our project collected a data set in 10 houses over two months. We also used a public dataset in this paper for comparison and transfer learning. By developing models that combine PIR sensor data with environmental factors such as humidity, CO2 levels, and temperature, this research demonstrates the feasibility of accurately inferring room occupancy without direct observational data. Therefore, this paper contributes by developing methods to map PIR sensor data to occupancy reliably. Based on the modeling approach taken, transformer methods achieve better metrics than other methods and demonstrate transferability. Additionally, a real-world residential dataset will be released. Our code and dataset will be made available upon acceptance at githubXXXXX.

ABSTRACT. Scouting Critical Infrastructure (CI) to gain sensitive information is a task that malicious users can deliver via drones. Although detection and tracking systems can detect the presence and location of drones, identification, i.e., inferring drones’ intentions, is not trivial. As deactivating non-malicious drones incurs significant costs, identification should be accurate and timely to avoid the completion of the drone’s mission.

In this paper, we propose Behavioral Identification of SCoUtIng Drones (BISCUID), the first behavioral-based drone identification system. We prove for the first time that by analyzing the tracking data of flying drones it is possible to infer whether they have malicious intentions. We particularly focus on the scouting/Intelligence, Surveillance, and Reconnaissance (ISR) behavior and design a system to identify ISR drones. BISCUID collects drones’ flight tracks and uses them in two different settings: classification-based identification, and prediction-based identification. We prove the effectiveness of BISCUID on our collected dataset of ISR missions delivered by expert military pilots with different drones, and non-ISR missions flown by both expert and non-expert pilots. Our results show that we can identify ISR drones with 98% accuracy, 98% precision, and 96% recall. We show that via deep learning, we provide higher generalization capabilities however incurring in lack of explainability

ABSTRACT. In modern urban environments, accurate traffic prediction is vital for managing congestion and optimizing infrastructure. A significant challenge lies in predicting traffic for unseen sensors---newly installed or relocated sensors unfamiliar to existing models. This paper presents the Distance-Enhanced Spatial Pre-Training framework to enhance prediction accuracy for these sensors. The framework integrates spatial encoding to capture sensor dependencies based on routing distances and utilizes Contrastive Learning for pretraining the encoder. This enriches input data with historical sensor information and spatial context, enabling the model to generalize effectively to unseen sensors. Extensive experiments on METR-LA, PeMS-BAY, and an exclusive Hague dataset demonstrate the framework’s excellence, showing reductions in Mean Absolute Error by 3.38% on METR-LA, 3.68% on PeMS-BAY, and 9.17% on the Hague dataset.

ABSTRACT. This study introduces a novel simulation-based approach for addressing the stochastic Dynamic Traffic Assignment (DTA) problem, specifically targeting large, congested networks under dynamic conditions which is a characteristic of urban mobility environment. The proposed methodology leverages an underlying random walk model for route selection, drawing inspiration from the concept of \textit{equivalent impedance} in electrical networks. This alternative route choice model iteratively condenses non-overlapping subnetworks into virtual links, allowing for the dynamic estimation of equivalent time-dependent virtual travel costs. Consequently, the downstream link choice probabilities for all destinations are computed, and by employing a random walk model, the route choice decision-making process is shifted to nodes. This approach closely aligns with travelers' real-life behavior, supporting a finer temporal segmentation of evolving traffic conditions and improving the precision of performance assessments. Furthermore, the route choice model addresses the limitations of other Markovian route choice models in handling overlapping routes and scaling issues. The Directed Acyclic Graphs (DAGs) structure is utilized to efficiently find all routes between two nodes to prevent the need for route enumeration, which is intractable in general networks. As a result, all available routes within the network can be chosen with a non-zero probability, thus avoiding the biases linked with limited route sets. The effectiveness of the proposed method is evaluated through experiments on two synthetic network models under congested demand scenarios, utilizing the Simulation of Urban MObility (SUMO) platform. The results demonstrate the method's robustness, faster convergence, and more even trip distribution compared to traditional route assignment methods, making it a viable proposal for real-time or resource-intensive applications such as microscopic demand calibration.

ABSTRACT. Kubernetes is a container orchestration system that employs a declarative configuration management approach. In Kubernetes, each desired and actual state is represented in an “object”, and mul- tiple controllers autonomously monitor related objects and update their objects towards the desired state in the control plane. Because of this design, changes to one object cause changes to other objects in a chain, and the time to complete these cascading changes is an important metric for cluster operators to maintain application service quality on the cluster. However, there is no practical way to observe this kind of cascading change in detail, such as sequence of objects updated and the elapsed time of this update. Distributed tracing techniques, which are used in the microservice architec- ture to monitor application performance, are mainly based on RPC model that clearly identify request and response pairs, thus they are not directly applicable to the control plane of Kubernetes, where controllers just monitor objects and autonomously trigger changes to objects. In this paper, we propose a system that automatically traces changes to objects in the control plane. Our method adds one identifier, a Change Propagation ID (CPID), to the metadata of each object, and the controller that observes an object change propagates CPID in the object to the objects that the controller updates. When multiple changes need to be merged on an object, a new CPID is generated, and a pair of the original CPIDs and the new CPID is sent to the trace server for recording and analysis. Through evaluation, we confirmed that the proposed system can capture change propagation and its time, and the overhead of the proposed system is not significant.

ABSTRACT. The cloud is evolving into a computing continuum by extending its capabilities toward the edge. This continuum better addresses the needs of modern applications, but it also introduces new challenges, particularly in resource management and scheduling. Serverless is a driving force in consolidating the continuum, allowing quick adaptations toward the edge level while keeping the applications' footprints low. Data-centric applications that deal with massive data and require deploying large software environments are becoming a common use-case for the combination of these new technologies. Standard cloud scheduling policies are based on greedy algorithms that do not efficiently handle platforms' heterogeneity nor deal with problems such as cold start delays. In this paper, we address these issues by extending a methodology to investigate serverless platforms on the edge-cloud continuum, and to study new scheduling policies in simulated environments. We also propose a multi-objective algorithm to allocate serverless functions in the continuum while considering heterogeneity to optimize energy consumption, data transfers, makespan, and resource utilization. As a baseline, we are inspired by a standard greedy algorithm from a widely used platform, Kubernetes. Our approach outperforms the baseline regarding energy consumption, data transfers, makespan, and resource utilization by up to three orders of magnitude.

ABSTRACT. The increasing adoption of machine learning (ML) across industries has created a need for machine learning operations (MLOps) to provide robust workflows and reliable tools for ML system development. However, the increasing resource requirements for data and training can hit a scalability ceiling. A solution is to use high-performance computing (HPC) environments, which have been used for ML, but their constraints limit the use of MLOps. This has created a need for MLOps design frameworks that mitigate HPC constraints when integrating cloud and HPC environments for MLOps. We propose an initial concept of design principles for integrating computing environments (ICE) in MLOps, which we apply to implement an open-source cloud-HPC MLOps platform. The implementation selects and designs software for a cloud-HPC bridge and pipeline based on maturity, interoperability, and abstraction by using existing infrastructures, tools, and documentation to create a transparent development environment that reduces required software engineering effort. The resulting implementation enables the creation of cloud-HPC workflows for Python-based ML tasks that require scaling up, using different tools, complex processes, and interoperability. System complexity and unintentional vendor locking create user experience challenges for the implementation. We plan to continue to develop ICE design principles and improve user experience.

ABSTRACT. The widespread adoption of high-performance infrastructures through cloud computing has led to the co-location of various workloads in cloud data centers, including distributed parallel applications. The performance of distributed parallel applications relies heavily on the performance of each computing node. In this study, we investigate the allocation of the CPU Last Level Cache (LLC) to distributed parallel applications, specifically SPMD's (Single Program Multiple Data), the most common type of parallel programming. Contention on the LLC can significantly impact application performance. To mitigate this issue, hardware manufacturers like Intel introduced Cache Allocation Technology (CAT), which enables the partitioning of the LLC and allocation of partitions to processes.

In this paper, we investigate how contention on the LLC among a subset of nodes affects the overall performance of an SPMD application. From this study, we propose a system named CADiA, which harmonizes the allocation of the LLC on all nodes of a distributed application. CADiA builds the profile of the distributed application and allocates the same size on all computing nodes according to the LLC needs, isolating the distributed application from noisy neighbors. We implemented CADiA on the Open MPI library and evaluated it with benchmarks from the SPEChpc suite. The results obtained show that CADiA improves by 13% the performance and also avoids unnecessary use of the LLC by distributed applications.

ABSTRACT. Cloud service providers offer horizontal auto-scaling to prevent wasting resources by overprovisioning containers. However, this approach struggles to respond immediately to unexpected spikes in resource usage and has limitations in optimizing resource utilization. Vertical auto-scaling overcomes these limitations. Vertical elasticity has become increasingly important in recent years to provide instant resource elasticity for stateful and real-time critical applications. Nevertheless, vertical elasticity is not actively researched and implemented due to limitations in achieving it. This paper proposes an Elastic Vertical Memory Management (EVMM) for stateful applications in the Kubernetes environment, which is the de facto standard in the container orchestration space. We compared EVMM to an existing Kubernetes environment without vertical elasticity and found that it reduced the total execution time of container workflows by up to 35% and memory resource utilization on nodes improved by 1.5x.

ABSTRACT. In modern software development, the use of external libraries and packages is increasingly prevalent, streamlining the software development process and enabling developers to deploy feature-rich systems with little coding. While this reliance on reusing code offers substantial benefits, it also introduces serious risks for deployed software in the form of malicious packages - harmful and vulnerable code disguised as useful libraries. Popular ecosystems, such PyPI, receive thousands of new package contributions every week, and distinguishing safe contributions from harmful ones presents a significant challenge. There is a dire need for reliable methods to detect and address the presence of malicious packages in these environments. To address these challenges, we propose a data-driven approach that uses machine learning and static analysis to examine the package's metadata, code, files, and textual characteristics to identify malicious packages. In evaluations conducted within the PyPI ecosystem, we achieved an F1-measure of 0.94 for identifying malicious packages using a stacking ensemble classifier. This tool can be seamlessly integrated into package vetting pipelines and has the capability to flag entire packages, not just malicious function calls. This enhancement strengthens security measures and reduces the manual workload for developers and registry maintainers, thereby contributing to the overall integrity of the ecosystem.

ABSTRACT. Background. Automated Program Repair (APR) techniques often face challenges in navigating vast search space of possible patches and often rely on redundancy-based assumptions, which can restrict the diversity of generated patches. Recently, Code Language Models (CLMs) have emerged as a method for dynamically generating patch ingredients, potentially enhancing patch quality.

Aim. This study aims to enhance APR by integrating search-based methods with CLMs to improve both the quality of generated patch ingredients and the efficiency of the search process.

Method. We propose ARJACLM, a novel APR technique that uses a genetic algorithm for search space navigation and dynamically generates patch ingredients with the CodeLLaMA-13B model, combining redundancy-based and CLM-derived patch ingredients.

Results. Testing on 176 bugs across 9 Java projects from Defect4J shows that CLM-generated patch ingredients significantly boost ARJACLM’s performance, though at the cost of increased computation time. ARJACLM outperforms ARJA and GenProg, and CLM-generated patch ingredients are of higher quality than their redundancy-based counterparts. Additionally, ARJACLM performs best when redundancy-based patch ingredients are ignored. The ARJACLM code is available at [1].

ABSTRACT. Background: Generative AI (GAI) tools like GitHub Copilot and ChatGPT are transforming software development by automating code generation and enhancing developers’ productivity. However, since these tools are often trained on open-source repositories, they may inadvertently reproduce vulnerable code, raising concerns about the security of AI-generated outputs. Aims: In this paper, we aim to investigate how developers perceive code security when using GAI tools. Method: We conducted a survey with 105 software developers with diverse experience levels to gather their perceptions regarding the security of generated code and their suggestions for improving it. Results: While developers reported increased development speed when using GAI tools, many spend additional time on security reviews and documentation of the generated code, and they are worried about the overreliance on AI and vulnerabilities in the code. Only about a quarter of the developers expressed confidence in the code generated by AI, and, moreover, experienced developers perceive that their proficiency in secure coding decreases when using GAI tools. Our results provide organizations with a better understanding of the risks associated with GAI tools and help improve their software security programs.

ABSTRACT. Security and privacy are increasingly essential concepts in software engineering. New threats and corresponding measures are continuously discovered. A growing number of publications makes it progressively more time-consuming to identify relevant work. Concurrently, projects are becoming more complex and are exposed to a greater number of threats. This presents a significant challenge for software engineers. As a result, security and privacy are often neglected due to a lack of knowledge, limited time, and financial constraints. While systematic literature reviews exist to address the increasing volume of publications, software engineers still require up-to-date knowledge of current threats and countermeasures. This paper presents an automated, time- and cost-efficient method for discovering knowledge from the state-of-the-art literature and project artifacts. The method is demonstrated through a prototypical implementation and evaluation involving security and privacy in open access scientific publications and project artifacts from research and development projects of the European Union. The extracted knowledge is used to populate a quality model that is specifically designed to provide software engineers with information that helps them apply the findings. This quality model is presented in a way that provides software engineers with valuable, up-to-date insights into security and privacy in both science and practice.

ABSTRACT. A fast and reliable tool to detect structurally-similar cross-language code pairs is crucial when maintaining large projects across different programming languages. In this paper, we present a new tool for detecting such code pairs by adopting a two-stage approach. Our approach first uses models trained on two-level generic ASTs to filter candidates, and uses tree-based editing-distance algorithm for accurate comparison. We create a new cross-language dataset, including Java-Python, Java-C, Python-C structurally-similar method body pairs, and evaluate our approach on this dataset. We manage to obtain a much faster speed and similar detection accuracy in detecting structurally-similar cross-language code pairs compared with the state-of-the-art technique.

ABSTRACT. As one of the most commonly used ordered indexes, the B+-tree offers high access performance with well-bounded tree heights.

One key to the B+-tree's competitiveness in practice lies in its ability to scale its throughput with an increasing number of threads running on different CPU cores. This is especially true for the in-memory B+-tree, where accessing tree nodes is very fast. The bottleneck to this scalability is the use of locks that serialize concurrent access to tree nodes. In this paper, we show that for in-memory B+-trees with write-heavy skewed accesses, the primary source of scalability loss is not the inner nodes but rather the contention at the leaves.

In this paper, we propose an optimized B+-tree named MAPLe (Multi-Access Parallel Leaves) tree to minimize contention by allowing multiple threads to simultaneously insert or delete keys in the same leaf and improving access locality within the leaf. Furthermore, it does not move key-value pairs within the leaf during insertion or deletion, which is advantageous when keys and values are large. The key technique in our design is to introduce a new leaf layout scheme. In a MAPLe leaf, a level of indirection called the Slice is introduced, which makes the leaf resemble a two-level tree, where the "root" points to multiple child slices. In other words, the leaf is partitioned into logically separate slices, each of which can handle lookups, insertions, and deletions concurrently.

We implemented the MAPLe tree in the codebase of the state-of-the-art TLX B+-tree with an optimistic concurrency control scheme. Experimental results show that our MAPLe design can significantly improve scalability for workloads with large values and skewed access patterns. For example, for a balanced 16-thread workload where there are an equal number of lookups, inserts, deletes, and short scans, the MAPLe tree outperforms the B+-tree by up to 158%.

ABSTRACT. Mainstream key-value stores adopt the write-friendly log-structured merge (LSM) tree as the underlying storage engine. However, the LSM tree is suboptimal for read operations as key-value pairs are not allowed to be promoted from a lower level to an upper level in the storage hierarchy. This leads to drops in read QPS when key-value pairs at a low level are frequently accessed due to an increase in file I/Os and CPU cycles for multi-level search operations. To address this problem of slow reads, we propose SkipLSM, an LSM tree-based key-value store augmented with a caching layer for hot keys on a high-performance NVMe SSD. SkipLSM enables fast retrieval of hot key-value pairs by leveraging a DRAM-SSD cache hierarchy. To reduce the I/O overhead of caching, SkipLSM introduces a lightweight storage manager which builds on a user-level NVMe driver. We implement SkipLSM on RocksDB, a widely used LSM tree-based storage engine, as a lightweight plug-in. Our evaluation of SkipLSM with four read-intensive workloads shows that SkipLSM increases the QPS by 42.0%, 81.1%, and 46.4% for YCSB B, C, and D, respectively, and 94.0% for the PreDist workload of Facebook MixGraph benchmark over the vanilla RocksDB.

ABSTRACT. A spatio-temporal model, combining Graph Neural Networks (GNNs) and Recurrent Neural Networks (RNNs), has shown promising results in traffic flow prediction. However, existing models do not sufficiently reflect the spatio-temporal dependencies on a real road network. The observed traffic flow on a particular segment at a specific time point can be attributed to the movement of vehicles from multiple segments at various past time points; therefore, separating spatial and temporal dependencies does not precisely explain Direct Spatio-Temporal dependencies (DST-dependencies). In this paper, we introduce a Direct Spatio-Temporal graph (DST-graph) that models DST-dependencies and a novel traffic flow prediction model, named Spatio-TempoRAl dIrect GrapH aTtention network (STRAIGHT), that predicts traffic flows based on the DST-dependencies. Via extensive experiments using seven real-world datasets, we demonstrated the validity of DST-dependencies for traffic flow prediction and the effectiveness of STRAIGHT which exhibited improvements in accuracy ranging from 2% to 37% compared to state-of-the-art competitors.

ABSTRACT. This paper explores partitioning strategies for vertex-centric historical graph systems within distributed environments, focusing on efficient data management and query execution. Historical graphs, which capture the dynamic evolution of vertices and edges over time, present unique challenges for storage and computation due to their constantly changing nature. We investigate two partitioning approaches for offline and online environments. Both offline and online algorithms aim to minimize an appropriately defined notion of edge cuts within the historical graph setting; the former algorithm is based on BFS, while the latter is based on a greedy partitioning approach. Both algorithms are compared qualitatively and quantitatively to hash-based methods that are mainly used in this setting. They are evaluated on real-world datasets, using metrics such as weighted edge cut score ratio and load balance ratio. Our experiments reveal that our online method consistently reduces edge cuts with minimal overhead, making it suitable for real-time distributed processing systems for historical graphs. Similarly, the offline algorithm achieves much better results for weighted edge cuts, but it requires severely more computational resources to achieve this performance. Additionally, the study highlights how varying the number of workers and partitioning thresholds impacts system performance across different datasets. All our experiments have been carried out in a simulation environment. The results provide valuable insights into optimizing partition strategies for historical graphs, paving the way for more efficient graph analytics in distributed systems.

ABSTRACT. Counting local topological structures, such as triangles, is crucial to analyse large-scale networks and to understand the evolution of graphs. Triangles are fundamental for computing transitivity and for applications such as community detection and link prediction. Despite the importance of triangle counting, traditional algorithms struggle with scalability in networks with millions or billions of vertices, prompting the development of approximation methods and distributed solutions.

In this paper, we present a distributed algorithm that can handle historical graphs in order to count triangles communities in a query time interval. We introduce a pioneering approach to triangle counting in historical graphs, a novel concept that incorporates temporal dimensions into traditional graph models. Our method, which has not been previously explored, uniquely counts triangles within user-defined time intervals, offering new insights into the evolution of network interactions. Experiments with real-world historical datasets validate the effectiveness of our approach in capturing temporal patterns, marking a significant advancement in the field, and setting the stage for future research

ABSTRACT. In Formula One, teams compete to develop their cars to achieve the highest possible finishing position in each race. During a race, however, teams are unable to alter the car, so they must improve their cars’ finishing positions via race strategy, i.e. optimising their selection of which tyre compounds to put on the car and when to do so. In this work, we introduce a reinforcement learning model, RSRL (Race Strategy Reinforcement Learning), to control race strategies in simulations, offering a faster alternative to the industry standard of hard-coded and Monte Carlo-based race strategies. Controlling cars with a pace equating to an expected finishing position of P5.5 (where P1 represents first place and P20 is last place), RSRL achieves an average finishing position of P5.33 on our test race, the 2023 Bahrain Grand Prix, outperforming the best baseline of P5.63. We then demonstrate, in a generalisability study, how performance for one track or multiple tracks can be prioritised via training. Further, we supplement model predictions with feature importance, decision tree-based surrogate models, and decision tree counterfactuals towards improving user trust in the model. Finally, we provide illustrations which exemplify our approach in real-world situations, drawing parallels between simulations and reality.

ABSTRACT. Adaptive containerised systems have been developed using the Time Series Forecasting (TSF) technique. TSF analyses historical data patterns to estimate future trends, assuming they will occur again. Identifying future trends allows anticipating problems (e.g., high latency) and acting (e.g., replicating the service) to fix them before they occur. Depending on the number of features (i.e., metrics) used as input for prediction, TSF can be classified as univariate (single feature) or multivariate (two or more features). Despite the popularity of both TSF strategies, a unique strategy is typically implemented, and there is no comparison with the other. However, it is known that no strategy is the best choice for all possible scenarios. This paper presents a comparative study assessing univariate and multivariate proactive auto-scaling of containerised applications. A custom-made multivariate auto-scaling tool called Multivariate Forecasting Tool (MFT) was developed and compared with a production-grade univariate system called Predict Kube (PK). Both applications were evaluated using four popular open-source benchmark applications (Daytrader, Online Boutique, QuarkusHTTP-Demo and Travels). The results show that the multivariate strategy decreased the response time of the evaluated applications in 75% of the experiments (i.e., 9 out of 12) compared to the univariate, and it was more cost-effective in half of them (i.e., 6 out of 12). Furthermore, they also indicate that the multivariate strategy efficiency is more significant as the number of containers composing the application increases. This comparative study is expected to be a helpful guide for developers who want to choose the most effective proactive approach for their auto-scaling solutions.

ABSTRACT. Chronic diseases (CD), a leading cause of global mortality, present significant challenges in early detection due to their latent and heterogeneous progression. With over 41 million deaths attributed to CDs annually, accurate and timely diagnosis is critical for improving patient outcomes. This study addresses the complexities of chronic disease prediction by developing machine learning models that rely solely on patient data from their initial hospital admission, avoiding dependence on direct diagnostic indicators such as glucose or insulin levels. Our approach emphasizes general clinical features to mimic resource-constrained real-world scenarios. We evaluate the performance of fundamental machine learning algorithms, including Random Forest, Support Vector Machines, and deep learning models like Convolutional Neural Networks. Moreover, ensemble models are constructed to enhance predictive accuracy. The proposed models are validated on extensive real-world datasets (MIMIC-III and MIMIC-IV), demonstrating outstanding performance in early detection tasks for diabetes and chronic kidney disease. This study provides a robust framework for advancing the early prediction of chronic diseases in clinical settings by leveraging first-visit data and eliminating reliance on foreshadowing diagnostic features.

ABSTRACT. Deep learning-based medical image processing plays a significant role in modern computer-aided diagnosis, which facilitates doctors in various disease analysis. However, most researchers focus on the accuracy of medical image classification tasks with ever-increasing model size and the number of parameters but overlook the high diagnostic costs and model efficiency. To reduce such costs and broaden the application scenarios, a low-cost and efficient medical image classification is imperative. To achieve this goal, this paper designs a lightweight model, named Dense Depthwise Separable Network (DDSNet), which combines the merits of Dense Convolution Network and Depthwise Separable Convolution, rendering a lowcost and efficient medical imaging. Moreover, a quantization-based method is invented to deploy the proposed model on real-world IoT devices by converting the original model to an integer-type model while maintaining its classification performance. Extensive experiments are conducted on four cancer image datasets on the IoT device, showing the promising performance of this proposed method against 5 baseline models, including data visualization and interoperability aspects. Notably, compared to DenseNet, the proposed model is about 32× smaller and 5× faster after quantization, with a competitive classification accuracy preserved.

ABSTRACT. The popularity of asynchronous data exchange patterns has recently increased, as evidenced by 23 % of the communication between microservices in an Alibaba trace analysis. Such workloads necessitate methods for reducing dataflow processing and completion time by forecasting the future requirements of their microservices and (re-)scheduling them. Therefore, we investigate a prediction-based scheduling method of asynchronous dataflow processing applications by considering the stochastic changes due to dynamic user requirements. We present a microservice scaling and scheduling method named PreMatch combining a machine learning (ML) prediction strategy based on gradient boosting with ranking and game theory matching scheduling principles. Firstly, PreMatch predicts the number of microservice replicas, and then, the ranking method orders the microservice replicas and devices based on microservice and transmission times. Thereafter, the PreMatch schedules microservice replicas requiring dataflow processing on computing devices. Experimental analysis of the PreMatch method shows lower completion times on average 13% compared to a related prediction-based scheduling method.

ABSTRACT. Petri Nets (PN) are commonly utilized as a robust formalism for modeling concurrent and distributed systems; however, they encounter difficulties in effectively modeling reconfigurable systems, such as adaptive fault-tolerant (FT) systems. To mitigate this, a formalization for 'rewritable' PT nets (RwPT) has been recently developed using \texttt{Maude}, a declarative language that upholds consistent rewriting logic semantics. A modular approach is proposed that employs algebraic operators to build extensive RwPT models. This method uses composite node labeling to maintain hierarchical structure through net rewrites and has demonstrated its effectiveness. After incorporating stochastic parameters into the formalism, we present an automated process to derive a \emph{lumped} Continuous Time Markov Chain (CTMC) from the quotient graph generated by a modular RwPT model. To demonstrate the efficacy of our methodology, we utilize a gracefully degrading manufacturing system as a case study.

ABSTRACT. Developers of data intensive georeplicated applications face a difficult decision when picking a database system. As captured by the CAP theorem, CP systems such as Spanner provide strong consistency that greatly simplifies application development. AP systems such as AntidoteDB providing Transactional Causal Consistency (TCC), ensure availability in face of network partitions and isolate performance from wide-area round-trip times, but avoid lost-update anomalies only when values can be merged. Ideally, a application should be able to adapt to current data and network conditions by selecting which transactional consistency to use for each transaction.

In this paper we test the hypothesis that a georeplicated database system can be built at its core providing only TCC, hence, being AP, but allow an application to execute some transactions under Snapshot Isolation (SI), hence CP. Our main result is showing that this can be achieved even when all interaction happens through the TCC database system, without additional communication channels between participants. A preliminary experimental evaluation with a proof-of-concept implementation using AntidoteDB shows that this approach is feasible.

ABSTRACT. Message brokers are widely used in distributed systems to facilitate asynchronous communication through the publisher/subscriber model. In these systems, components operate independently, often in diverse environments with varying configurations. This fact can lead to inefficiencies or bottlenecks when subscriber components process messages too quickly or slowly. Previous studies have explored classic control theory to adjust messaging systems dynamically. However, they often require manual tuning whenever the environment changes and assume a linear relation between the system´s configurable parameters and system output. This paper utilises Fuzzy Controllers to dynamically configure messaging systems without requiring a manual training phase by using genetic algorithms. The performance of these controllers was evaluated using various metrics and compared against traditional controllers. The primary contribution of this paper is to take the initial steps toward effectively managing messaging systems in non-linear environments with fuzzy controllers.

ABSTRACT. Accurate electricity price forecasting is crucial for efficient energy market operations and decision-making. In this paper, a dual-stream model that combines Convolutional Neural Networks (Conv1D) with skip connection and a modified Gated Recurrent Units (GRU) to predict electricity prices. Our model integrates Spatial Attention with Conv1D and Soft Attention mechanisms with GRU to enhance feature extraction and improve prediction accuracy. In this study, the spatial attention module significantly extracts the spatial dependencies from the historical data, while the Soft Attention module aims to focus on temporal information. Additionally, we evaluate the proposed model using real-world electricity market data, as collected from different regions (New South Wales, Queensland, Tasmania) and compare the experimental results of the proposed network with various traditional algorithms in terms of several evaluation metrics including Mean Absolute Error (MAE), Root Mean Squared Error (RMSE), and Normalized Mean Squared Error (NMSE). Whereas the proposed network outperformed all competitive approaches for electricity market price prediction. Hence, this study demonstrates the potential of dual stream network, capturing the complex dynamics of electricity prices, offering a robust tool for market participants.

ABSTRACT. Model compression techniques such as Knowledge Distillation, Pruning, and Quantization are well documented in the Computer Vision literature for image classification and localization tasks. On the other hand, and possibly due to its higher computational cost, semantic segmentation at small footprint devices has significantly less references.

We present a case study of knowledge distillation for semantic segmentation, from relatively large pre-trained networks (a ResNet-50 and a U-Net with ResNet-50 backbone) to a compact flavor of the U-Net. The distillation is performed at several levels of the student U-Net, and then compared.

ABSTRACT. In a complex IoT system with thousands of data streams, it can be difficult to comprehend the overall dynamic state of the system while also being able to quickly detect and pinpoint problems that occur in individual devices and streams. Over the years, we have experimented with a variety of techniques for visualizing large-scale streaming data systems to enable viewing of their behavior in a quick, "at-a-glance" fashion. In this paper we summarize the lessons that we have learned over the years, as well as provide an overview of the Haywire system that we have developed in response to the visualization challenges that arise in the context of industrial scale IoT systems.

ABSTRACT. Deploying scalable Vision Transformer (ViT) applications on mobile and edge devices is constrained by limited memory and computational resources. Existing model development and deployment strategies include distributed computing and inference methods such as federated learning, split computing, collaborative inference and edge-cloud offloading mechanisms. While these strategies have deployment advantages, they lack optimized memory usage, processing and computational practices, resulting in increased energy consumption. This paper addresses memory and compute limitations by exploring adaptive model partitioning mechanisms and dynamic scaling methods for ViTs such as EfficientViT and TinyViT, enabling complexity adjustment based on the varying computational resources and operating conditions. Additionally, we focus on energy-efficient strategies that minimize inter-layer communication for distributed machine learning across edge devices, aiming to minimize energy consumption associated with data flow and computation in distributed applications. Our test and evaluations on the benchmark models show improvements, including a mean average latency reduction of up to 32.6% and energy savings of 16.6\% while maintaining mean average precision within 4.5 to 2.5% compared to the baseline models. These results show a practical approach for improving Edge AI sustainability and efficiency.

ABSTRACT. This paper presents the translation of regulatory smart contracts written in RegLang into MedTiny, a component-based modeling language tailored for the development and verification of reliable systems. RegLang, a domain-specific language for embedding regulatory requirements in smart contracts, is limited by its users’expertise in smart contract development and formal verification. To address this, we propose an automated code generation method that translates RegLang contracts into MedTiny, enabling domain experts to utilize MedTiny’s verification capabilities and modular system architecture. By leveraging MedTiny’s toolchain and SMT solvers, we detect redundancies and potential conflicts in regulations early in the development cycle, helping domain experts avoid introducing unintended behaviors into the contract. This approach not only preserves the original specifications of RegLang contracts but also improves overall system reliability by integrating comprehensive verification capabilities. A case study illustrates the practical benefits of this translation, supporting complex rule-based contract management and mitigating the risks associated with regulatory changes.

ABSTRACT. Fog Computing consists in decentralizing the Cloud by geographically distributing computation, storage, network resources, and related services. Among other benefits, it allows reducing bandwidth usage, limiting latency, or minimizing data transfers. However, Fog systems engineering remains challenging and quite often error-prone. Following best practices in software engineering, verification tasks can be performed before such systems are concretely deployed. Works already exist on verifying non-functional properties of Fog systems at different previous steps of the life cycle. This paper goes one step further and presents the VeriFogOps approach. This approach allows to automatically select deployment tools, based on expressed Quality of Service (QoS) requirements, and then generate relevant CI/CD pipelines supporting the deployment of Fog systems. We implemented and validated our approach via two realistic use cases, considering different QoS solutions and deployment tools. This work, developed in direct collaboration with our industrial partner Smile, goes towards the direction of a more comprehensive support for the entire life cycle of Fog systems, from design to actual deployment and execution.

ABSTRACT. Third-party software libraries reuse is becoming a common practice in software engineering. With the exponentially growing number of available and competing libraries in software ecosystems, migrating from one library to another is widely acknowledged to be a complex, time consuming and error prone activity. In this paper, we introduce MigrationMapper, an automated tool that detects code migrations and recommends method mapping that is performed between Java third-party libraries. Given a list of open-source projects, the tool detects potential library migration code changes and collects the specific code fragments in which the developer replaces methods from the retired library with methods from the new library. To support the migration process, MigrationMapper detects method-level mapping between added/removed libraries using state-of-the-art Substitution Algorithm. We evaluate our approach on a benchmark of manually validated library migrations. Results show that MigrationMapper achieves high accuracy in detecting migration code and detecting method mapping.

ABSTRACT. Model constraints (e.g. in the Object Constraint Language -- OCL) are commonly defined in Model-Driven Engineering (MDE) and used to validate models. Several problems require a way to automatically enforce such constraints, e.g. to complete models or repair them. Because of its combinatorial nature, the problem of enforcing constraints can be computationally hard even for small models. Part of the constraint programming community focuses on developing efficient algorithms for specific but common constraint problems. Such algorithms are made available in constraint solvers in the form of global constraints. Leveraging such global constraints is necessary to efficiently enforce constraints on models.

OCL is the most common constraint language in MDE. However, mapping OCL constraints to global constraints is not trivial, especially for constraints that predicate on the graph structure of the model. In this paper we propose a methodology in two steps. We first require user annotations of OCL expressions to select model properties to solve for. Then we translate the annotated OCL expressions to a composable Constraint Satisfaction Problem (CSP) that uses global constraints on integer variables to model OCL structural constraints. We illustrate the method on a use case based on reconfigurable manufacturing systems, and provide an assessment of its performance.

ABSTRACT. This paper deals with the problem of reengineering a legacy monolithic Java web application (app) into a microservice architecture. For this migration, it is necessary to identify the essential components constituting the architecture of a monolithic web app and the relationships between these components. The functionally related components then need to be collected and grouped into multiple clusters, which are implemented as microservices. The legacy web app considered in this paper interacts with users through views (e.g., JSPs). Databases are typically accessed to handle user requests. An accurate understanding of the functionality of a legacy web app requires an analysis of how databases and views collaborate with other components within the app. In existing studies, databases and views are rarely considered essential components for this migration. However, when analyzing and representing a web app as a graph, this paper considers the substantial components of the app, including its database tables, views, and their relationships. We then propose a two-step embedding and clustering to identify the microservices based on an analysis of this graph. Compared to existing methods, the microservice apps identified by our approach from open-source web apps produce better accuracy and F1-score.

ABSTRACT. To witness the correctness of unsatisfiablility results of SAT solvers, the powerful resolution asymmetric tautology (RAT) proof system has been introduced, for which efficient proof checkers are available. To harness the power of recent SAT technology for solving quantified Boolean formulas (QBFs), the extension of SAT with quantifiers over the Boolean variables, we introduce the proof system ∀-Exp+RAT. With this proof system, it becomes possible to use modern SAT solvers for expansion-based QBF solving, one of the most successful QBF solving paradigms. So far, expansion-based QBF solving relied on the resolution-based ∀-Exp+Res proof system which is less powerfull than ∀-Exp+RAT.

Based on the ∀-Exp+RAT proof system, we present the new certification framework FERAT for generating and checking ∀-Exp+RAT certificates. In a detailed evaluation, we show that with the FERAT pipeline, more formula instances can be certified than with the previous FERP pipeline which relies on the ∀-Exp+Res proof system.

ABSTRACT. In contrast to models of propositional formulas, which are simply Boolean variable assignments, solutions of quantified Boolean formulas (QBFs) have a tree structure reflecting the dependencies between universal and existential variables. The study of counting QBF solutions has gained momentum in recent years, but it is practically limited by the absence of benchmark sets consisting of formulas for which the number of solutions is known. In this paper, we analyse several crafted QBF formula families which are widely used in the field of proof complexity. Hence, we provide scalable benchmark sets consisting of true and false formulas that are essential for verifying the correctness of QBF solution counters.

ABSTRACT. In the realm of abstract argumentation, Incomplete Argumentation Frameworks (IAFs), i.e. argumentation frameworks such that some arguments and attacks can be uncertain, have received much attention in the last decade. The most classical reasoning approach consists in using completions, which are argumentation frameworks representing all the possible ways to decide about the actual existence of the uncertain elements. Standard decision problems (like verifying whether a set of arguments is acceptable) can be adapted in two variants: verifying whether the property of interest holds for some completion, or for each completion. In this setting, all completions represent equally plausible scenarios for the agent, which is not always a realistic hypothesis in real world situations. In this paper, we propose IAFs with Plausibility (pIAFs), a generalization of the IAF model where the agent is able to reason about the relative plausibility of completions. We study the complexity of the usual decision problems of IAFs, adapted to this new model. We also introduce new decision problems concerning the relative plausibility of extensions and provide complexity upper bounds for these new problems as well.

ABSTRACT. We propose an interactive repair method for the description logic EL that is based on the optimal-repair framework. The obtained repair might not be optimal in the theoretical sense, i.e. more than a minimal amount of consequences might have been removed---but from a practical perspective it is superior to a theoretically optimal repair as the interaction strategy enables the users to identify further faulty consequences connected to the initially reported errors.

ABSTRACT. In an increasingly information-driven society, the volume of digital footprints left by individuals has surged significantly. Safeguarding the anonymity of data generated by computing devices is becoming more challenging as these offer deep insights into personal preferences and behaviours. We propose a user-centric and privacy-preserving data space for unlinkable data sharing based on a central intermediary. By combining differential privacy techniques with fine-grained access control mechanisms, our system enables data providers to store their data confidentially and unlinkably at an intermediary. Subsequently, data consumers can locate and request data through this intermediary, while data providers remain informed without revealing the data's origin. Further, the intermediary supports continuous data sharing by requiring the data to be uploaded only once. We have evaluated our approach via theoretical analysis and simulations. Our findings indicate that we can achieve ɛ-privacy and protect data providers against external and internal attackers, as well as an honest-but-curious intermediary, while reducing the message load for localizing data compared to traditional differential privacy methods.

ABSTRACT. Neural networks struggle with image classification when biases are learned and misleads correlations, affecting their generalization and performance. Previous methods require attribute labels (e.g. background, color) or utilizes Generative Adversarial Networks (GANs) to mitigate biases. We introduce DiffuBias, a novel pipeline for text-to-image generation that enhances classifier robustness by generating bias-conflict samples, without requiring training during the generation phase. Utilizing pretrained diffusion and image captioning models, DiffuBias generates images that challenge the biases of classifiers, using the top-$K$ losses from a biased classifier ($f_B$) to create more representative data samples. This method not only debiases effectively but also boosts classifier generalization capabilities. To the best of our knowledge, DiffuBias is the first approach leveraging a stable diffusion model to generate bias-conflict samples in debiasing tasks. Our comprehensive experimental evaluations demonstrate that DiffuBias achieves state-of-the-art performance on benchmark datasets. We also conduct a comparative analysis of various generative models in terms of carbon emissions and energy consumption to highlight the significance of computational efficiency.

ABSTRACT. Regulatory compliance in the pharmaceutical industry involves navigating complex and voluminous guidelines, often requiring significant amounts of human resources. Recent advancements in Large Language Models (LLMs) and Retrieval-Augmented Generation (RAG) methods provide promising enhancements to data processing and knowledge management, potentially easing these burdens. However, despite these advancements, conventional Retrieval-Augmented Generation (RAG) methods fall short in this domain due to inherent structural problems. To address these challenges, we introduce the Question and Answer Retrieval Augmented Generation (QA-RAG) framework. This framework enhances the conventional RAG framework. It integrates a dual-track retrieval mechanism tailored to the specific and dynamic nature of pharmaceutical regulations. It utilizes not only the original query but also the answers generated by a fine-tuned LLM, thus providing a more robust foundation for document retrieval. Our experiments demonstrate that QA-RAG outperforms conventional methods in various evaluation metrics including precision, recall, and F1-score. These results underscore QA-RAG's capability to enhance both the accuracy and efficiency of regulatory compliance processes in the pharmaceutical industry. This paper details the structure and efficacy of QA-RAG, emphasizing its potential to revolutionize the regulatory compliance process in the pharmaceutical industry and beyond.

ABSTRACT. The paper proposes a method for visual servo control of nonholonomic robots with unknown dynamics using images captured by uncalibrated cameras. The method learns the transition dynamics of the robot directly in visual feature space and linearizes it successively in order to compute controls. Experiments both in simulation and on a real testbed using a unicycle-type mobile robot demonstrate that the use of planning and trajectory stabilization algorithms based on differential dynamic programming is much more effective in handling nonholonomic constraints in executing difficult maneuvers, such as parallel parking, than more traditional visual servoing schemes that linearize the learned dynamics around a single point. Learning of the transition dynamics of the robot can be performed in a self-supervised manner and is easy to parallelize over a swarm of multiple robots. The ability of the proposed method to control nonholonomic robots without manually calibrating cameras and identifying robot dynamics could potentially significantly lower the cost of deployment of autonomous mobile robots at scale.

ABSTRACT. In this paper, we address the problem of exploration and object detection strategy computation by an autonomous robot navigating in a stochastic and partially observable environment. Our goal is to compute a strategy for the robot to not only map the environment but also to detect and recognize objects placed in this environment. Classical approaches fail in producing good strategies because exploration and recognition require heterogeneous sensor and thus their coordination is not well considered. To overcome this limitation, we propose a novel approach based on a meta-policy dictating if the robot should explore or recognize the explored environment. This strategy consists in deciding which sensor the robot should use at a given situation. To do so, we propose a Meta-MDP approach to optimally decide which policy (exploration or recognition) the robot should follow (i.e. use laser sensor to map or camera sensor to detect object). We evaluated this approach in a simulated environment and developed experiments with different number of objects randomly placed in the environment. We show that our approach outperforms classical approaches and scales well with an increasing number of recognized objects and a full exploration of the environment in a reasonable amount of time.

ABSTRACT. Large Language Models (LLMs) have shown strong in-context learning (ICL) abilities with a few demonstrations. However, one critical challenge is how to select demonstrations to elicit the full potential of LLMs. In this paper, we propose Curriculum Demonstration Selection (CDS), a novel demonstration selection method for ICL. Instead of merely using similarity, CDS additionally partitions samples by their complexity measurements. Following curriculum learning, CDS then selects demonstrations from easy to difficult. Thus the selected demonstrations cover a wide range of difficulty levels, enabling LLMs to learn from varied complexities within the training set. Experiments demonstrate that our CDS consistently outperforms baseline methods, achieving notable improvements across nine LLMs on three benchmarks. Moreover, CDS proves especially effective in enhancing LLM performance in solving challenging problems.

ABSTRACT. Natural language explanations are attracting increasing attention in the eXplainable AI context given their ability to elucidate human and artificial decision making processes. These kinds of explanations are particularly relevant in sensitive scenarios like medicine, law and defence. However, these explanations may be constructed in different ways, depending on the overall purpose they are employed for. In this paper, we propose a novel approach to characterize natural language explanations from an argumentation perspective. The proposed architecture is composed of a first module addressing an end-to-end argument mining pipeline to identify argument components and relations, then, a second module analyzing the resulting argumentation graphs to identify patterns which caracterize explanations from an argumentation viewpoint. The experimental setting relies on the Casimedicos dataset of clinical cases. Obtained results show that the proposed approach is a promising solution towards AI \& education with the aim to demonstrate to medical residents how to improve their explanations for a given diagnosis so as to increase patients' understanding of clinical deliberations they are concerned with.

ABSTRACT. LLMs (Large Language Models) are trained on large corpora written by humans and demonstrate high performance on various tasks. However, as humans are susceptible to cognitive biases, which can result in irrational judgments, LLMs can also be influenced by these biases, leading to irrational decision-making. For example, changing the order of options in multiple-choice questions affects the performance of LLMs due to order bias. In our research, we first conducted an extensive survey of existing studies examining LLMs' cognitive biases and their mitigation. The mitigation techniques in LLMs have the disadvantage that they are limited in the type of biases they can apply or require lengthy inputs or outputs. We then examined the effectiveness of two mitigation methods for humans, SoPro and AwaRe, when applied to LLMs, inspired by studies in crowdsourcing. To test the effectiveness of these methods, we conducted experiments on GPT-3.5 and GPT-4 to evaluate the influence of six biases on the outputs before and after applying these methods. The results demonstrate that while SoPro has little effect, AwaRe enables LLMs to mitigate the effect of these biases and make more rational responses.

ABSTRACT. Many studies on AI in education compare model performance and fairness, but few focus on explainability. To address this gap, we evaluate two machine learning models—Artificial Neural Network (ANN) and Decision Tree (DT)—focusing on performance and explainability in predicting student performance using the OULA dataset. The DT, being inherently explainable, struggles with complex data relationships and misclassification, while ANN, although more accurate and stable, lacks transparency. Using the LIME method, the ANN outperforms the DT in accuracy and stability, but enhancing the interpretability of ANN models remains a key challenge for future research.

ABSTRACT. Argumentative reasoning under various forms of uncertainty was shown to be highly involved in terms of complexity of reasoning. In this paper we extend a recently proposed dynamic programming algorithm based on tree-decompositions for probabilistic reasoning to the setting including bipolar relations on arguments. Bipolarity introduces further challenges in probabilistic reasoning. We provide algorithms and a prototype implementation for the problems of computing the probability of a set being an admissible, complete, or stable extension, and an experimental evaluation showing promise of the approach.

ABSTRACT. There has been a notable increase in the intellectuality of humankind about their privacy in recent years. This naturally pushes the modern cryptography out of its boundaries to explore general-purpose programmable cryptography where a privacy-preserving arbitrary computation can be built on top of it. In this work, we address the evolutionary computation in programmable cryptography using the blockchain technologies for the first time in the literature. For this conceptualization, we propose a novel cryptographic, privacy-preserving and decentralized protocol (i.e. zkEC@0.0.1) where evolutionary computation model is public while the user inputs (i.e. the current population) and outputs (i.e. the next population) are fully private. The protocol relies on the transitions between the public-domain (i.e. contract-domain) and the private-domain (i.e. evolutionary-domain) to be secure. We analyze the protocol with respect to the security and computational complexity aspects. We perform an extensive experimental study using two popular benchmark problems (i.e. Sphere and Rosenbrock functions) to measure the blockchain gas consumption, zero-knowledge proof generation/verification times, zero-knowledge proof size and the best fitness changes over generations. Finally, we identify several promising research directions to be potentially explored in future.

ABSTRACT. Green software engineering is good software engineering, since trying to design systems in such a way that they consume a minimal amount of energy is simply an efficient way of consuming resources. Scientific software is no exception; in this case we will put our focus on evolutionary algorithms, and the patterns of energy consumption for two different, low-level, languages: The mature C++ and the emerging {\sf zig}. By setting up a methodology that gives us a precise measure of the energy spent by key evolutionary algorithm functions, we can give the scientific software engineer some actionable insights on how to write energy-conscious evolutionary algorithms. Our experiments show that, even having very low energy consumption in both cases, C++ using the well-known GNU compiler can can achieve a 50\% reduction in energy consumption for some integer-based fitness functions, as well as very good performance on classical genetic operators. Besides, the experimental results have a low variability, as compared to {\sf zig}, making it in the short and medium run the best of the two languages for evolutionary algorithms.

ABSTRACT. With advancements in Generative AI, particularly large language models (LLMs), there is significant potential for developing domain-specific AI chatbots. However, training on sensitive data, such as healthcare information, poses risks of unauthorized data leakage. Access control is essential to ensure only authorized personnel can access sensitive training documents. This study proposes integrating fine-grained access control with Retrieval-Augmented Generation (RAG), a promising architecture that enables models to retrieve external data and generate contextually accurate responses. By combining RAG with access control, we ensure model outputs are based only on authorized data. Using the design science research methodology, we developed a proof-of-concept system and evaluated it with patient profiles and varying access permissions. Key metrics like answer relevancy, context relevancy, and context recall demonstrated the system's effectiveness in securely managing access. While not solving all data management challenges, this approach offers a promising solution for secure, domain-specific knowledge applications within LLMs.

ABSTRACT. This study is a step in exploring how LLMs' knowledge and reasoning in linguistic tasks relates to human behavior. It presents a large language model, GPT-4o, with a task that has frequently been explored by linguists: the interpretation of novel compounds. In linguistics, the semantic relation between compound constituents is often categorized with interpretation patterns (e.g. metal table --> 'table made from metal' --> pattern `material'). We create a dataset of artificial German noun-noun compounds that consist of two simplex noun constituents, each associated with a typical interpretation pattern. The compounds are presented to GPT-4o with the instruction to derive plausible interpretations. We then study the model’s behavior in the task and evaluate the results with regard to a preference towards typical interpretation patterns. We find that GPT-4o performed very well in the task, displaying stable compositional reasoning strategies. As expected from linguistic literature, typical patterns of the constituents were clearly preferred, with a tendency to favor patterns typical for the head constituent. Determining whether this is the effect of particular lexical items or of more abstract relational patterns would require a larger and more balanced dataset.

ABSTRACT. Exhaustive methods of pattern extraction in a database pose real obstacles to speed and output control: a large number of (potentially redundant) patterns are extracted. Pattern extraction methods through sampling, which allow controlling the size of the output while ensuring fast response times, provide a solution to these two problems. However these methods may still extract redundant patterns if a huge number is needed. For a preference learning task, we need to extract a set of patterns with low redundancy. Furthermore, some may extract infrequent patterns and can take a long time with some databases. To ensure a more diversified output, we propose integrating compression methods into sampling to select the most representative patterns from the sampled transactions and to guide the sampling process. We demonstrate that our approach improves the state of the art in terms of diversity of output patterns.

ABSTRACT. Text classification is a fundamental task in Artificial Intelligence, with applications including spam detection, sentiment analysis, and topic categorization. Methods based on Graph Neural Networks (GNNs) have shown remarkable success in this domain through diverse graph types for representing a corpus and strategies to enrich their structure. Among the options for corpus modeling, bipartite graphs are particularly effective due to their ability to naturally represent dyadic interactions (e.g., documents and words). However, when the focus is on analyzing a single entity type, one-mode projection becomes a prominent technique. Specifically, it transforms bipartite graphs into unipartite ones consisting of a single node type, linking them based on shared neighbors from the other type. This approach not only facilitates the analysis of the target entity but also allows for the use of well-established unipartite graph algorithms. While one-mode projection has been utilized in tasks like coarsening, similarity analysis, and text clustering, its potential for text classification using GNNs remains unexplored. Therefore, to address this gap, we propose a novel method called One-mode Projection of Bipartite Graphs for Text Classification (OPTIC). Concretely, OPTIC projects the document partition of a bipartite graph modeled for a corpus, capturing similarities between different pairs of documents. Furthermore, OPTIC leverages different weighing strategies for the projection to better quantify relationships between documents. Then, the resulting unipartite graph is fed to a GNN for text classification. Extensive experiments on eight diverse datasets demonstrate that our method achieves on-par accuracy on all datasets when compared to GNN and Transformer-based baselines.

ABSTRACT. Deep neural networks (DNNs) have remarkably succeeded in various image processing tasks. However, their large size and computational complexity present significant challenges for deploying them in resource-constrained environments. This paper presents an innovative approach for integrating Mamba Architecture within a Progressive Knowledge Distillation (PKD) process to address the challenge of reducing model complexity while maintaining accuracy in image classification tasks. The proposed framework distills a large teacher model into progressively smaller student models, designed using Mamba blocks. Each student model is trained using Selective-State-Space Models (S-SSM) within the Mamba blocks, focusing on important input aspects while reducing computational complexity. The work's preliminary experiments use MNIST and CIFAR-10 as datasets to demonstrate the effectiveness of this approach. For MNIST, the teacher model achieves 98\% accuracy. A set of seven student models as a group retained 63\% of the teacher’s FLOPs, approximating the teacher's performance with 98\% accuracy. The weak student used only 1\% of the teacher’s FLOPs and maintained 72\% accuracy. Similarly, for CIFAR-10, the students achieved 1\% less accuracy compared to the teacher, with the small student retaining 5\% of the teacher's FLOPs to achieve 50\% accuracy. These results confirm the flexibility and scalability of Mamba Architecture, which can be integrated into PKD, succeeding in the process of finding students as weak learners. The framework provides a solution for deploying complex neural networks in real-time applications with a reduction in computational cost.

ABSTRACT. The increasing complexity and high dimensionality of single-cell RNA sequencing (scRNA-seq) data present significant challenges in extracting meaningful biological insights. To address these challenges, researchers often turn to gene set analysis methods, which aim to identify biological or functionally related sets of genes collectively associated with samples across various experimental conditions. Traditional gene set analysis methods, based on linear statistical approaches, often fail to capture complex relationships and do not provide sample-specific insights, limiting their effectiveness with scRNA-seq data. To address these limitations, we introduce GSHAPA, a novel method combining Random Forest with SHapley Additive exPlanations for gene set analysis. GSHAPA captures non-linear relationships, effectively handles high-dimensional sparse datasets, and enables sample-specific analysis. Evaluated on simulated and biomedical datasets, GSHAPA demonstrates superior precision, F1 score, and computational efficiency compared to the widely-used GSEA method, with reduced false positive rates. GSHAPA has broad potential for set-based feature analysis analysis in high-dimensional data.

ABSTRACT. Education has been impacted by generative AI chatbots based on large language models in recent years, and we all need to find good ways to teach in this new paradigm. In this study, we present a comparative study of two courses conducted in the fall of 2023 on introductory and advanced programming courses. We found that while advanced students showed improved project outcomes, the performance of introductory students remained unchanged or declined. This calls for a focus not only on the AI techniques that support learning, but also on tailored AI integration strategies in the classroom and on exams based on students' skill levels.

ABSTRACT. Accessibility is a fundamental right for all citizens, as recognized by national and international regulations. In particular, web accessibility is crucial for people with disabilities to participate fully in society and the workforce. Unfortunately, imposing accessibility by law is insufficient, considering the number of websites still presenting relevant accessibility issues. On the other hand, there is a lack of culture about accessibility, even among designers and developers. In this context, we evaluate the capabilities of Large Language Models (LLMs) in accessibility auditing and HTML validation. We also discuss how these tools can support developers in building correct and accessible websites and their limitations.

ABSTRACT. Likert scales are widely used tools in psychology, employed to quantify individuals' feelings, attitudes, and perceptions through structured questionnaires. These scales provide valuable insights into subjective experiences, enabling a deeper understanding of human emotions and beliefs. However, administering these questionnaires can be time-consuming and resource-intensive, limiting their practicality in fast-paced mental health screening scenarios. This study presents a novel approach to predict individual Beck Depression Inventory (BDI-II) scores using social media posts. Our method introduces two key innovations: an adaptive strategy for identifying relevant social media content corresponding to each survey item and a probabilistic extension of BERT to predict item-specific scores. The results show that our implemented approach is particularly accurate in correctly predicting responses to BDI-II questionnaire items compared to the considered state-of-the-art baselines. This methodology can also potentially be used as a rapid screening approach to identify high-risk users, aligning the evaluation of depressive states with established psychological practices.

ABSTRACT. The rise of social media platforms like Reddit has profoundly impacted various sectors, particularly financial markets, where online communities increasingly influence individual behaviors and investment decisions. Identifying users whose actions can sway others has become essential in this context. However, challenges arise in defining and measuring influence, especially within social networks characterized by vast amounts of generated data. This paper proposes a novel methodology to address these challenges, integrating social network metrics and sentiment analysis to quantify user influence effectively. We introduce the Content-based Centrality score (CbC) that combines engagement and sentiment derived from user posts with traditional centrality measures. We apply this new metric to real data from Reddit and its most relevant financial community, compare our metric to well-known social media centrality measures, and validate our findings through a human evaluation process. This evaluation assesses the relevance of posts to financial markets and their perceived trustworthiness and interest. The results demonstrate that our integrated methodology provides a more nuanced understanding of user influence, contributing to deeper insights into how social media shapes financial market behavior.

ABSTRACT. Current legislation mandates that contracts be written clearly and concisely. However, in practice, many contracts remain ambiguous and challenging for readers to understand. Advancements in natural language analysis using statistical and Large Language Models (LLMs) are improving the process of clarity verification by reducing the time needed for the overall process. In this paper, we investigate the potential of LLMs, such as ChatGPT, and Giuri-Matrix, against existing statistical tools for natural language clarity checks. Results suggest the adaptability of traditional LLMs in verifying contractual clarity as well as providing suggestions for improvement of submitted contracts.

ABSTRACT. The common understanding among deep learning practitioners is that the lower layers of a convolutional neural network (CNN) are more class-agnostic while the middle layers would begin to show class-specificity. However, we lack strong empirical evidence to support precisely how this information transformation occurs. We use the two-class classification task and measure the self- and cross-entropies at each feature node of the deep learning network. From these entropy values we derive the Jensen-Shannon Divergence at each feature node. The Interquartile Range of these divergence values at a layer then serves as an indicator of the divergence of the representations of the two classes. Our experiments reveal that class representations become increasingly distinct as we progress through a network's layers. This supports the idea that deeper layers learn more complex and discriminative features, crucial for accurate classification.

ABSTRACT. The detection of left ventricular systolic dysfunction (LVSD) typically requires echocardiography, which is costly and requires specialized expertise. To date, few studies have specifically identified LVSD while accounting for the ventricular-paced rhythm of patients with pacemakers using electrocardiograms (ECG) data. There is a growing need for faster and more accessible methods of LVSD detection, particularly in patients with pacemakers. This study proposes an AI-based model that utilizes ECG signals to predict LVSD in patients with pacemakers, providing an alternative to traditional echocardiography. We developed a 1 dimension convolutional neural network (1D CNN) combined with large language models (LLMs) to process both sequential ECG signal data and non-sequential clinical metadata. The model was tested on both a general ECG dataset and a pacemaker-specific dataset. The model achieved an AUROC of 0.97 on the general ECG dataset and 0.97 on the pacemaker dataset after adjusting only two hyperparameters (batch size and learning rate). Our model demonstrates that ECG-based AI can effectively predict LVSD in pacemaker patients, offering a fast and cost-effective alternative to echocardiography.

ABSTRACT. The principles of data spaces for sovereign data exchange across trusted organizations have so far mainly been adopted in business-to-business settings, and recently scaled to cloud environments. Meanwhile, research organizations have established distributed research data infrastructures, respecting the principle that data must be FAIR, i.e., findable, accessible, interoperable and reusable. For mutual benefit of these two communities, the FAIR Data Spaces project aims to connect them towards the vision of a common, cloud-based data space for industry and research. Thus, the project establishes a common legal and ethical framework, common technical building blocks, and it demonstrates the orchestration of multiple building blocks in self-contained settings addressing a diverse range of use cases in domains including health, biodiversity, and engineering. This paper gives a summary of all demonstrators, ranging from research data infrastructures scaled to industry-ready cloud environments to work in progress on building bridges between operational business-to-business data spaces and research data infrastructures.

ABSTRACT. Recent diffusion-based models have achieved significant success in vision domains such as image generation, and text-guided image manipulation. Text-guided image editing aims for users to modify specific objects and their attributes based on textual descriptions. However, current image editing approaches are susceptible to unintended modifications to non-target regions or other target regions in images when altering multiple objects. Some studies depend on detailed masks that are challenging to obtain for fine-grained image editing. To address these issues, we propose Bounded Editing, which allows for precise manipulation of specific areas. First, our approach separates the target and non-target regions from the image using bounding boxes. Second, we propose a guidance loss that enhances editing capabilities, enabling precise modifications to target objects while preventing undesired changes to background. By integrating our method with an existing image editing framework, we achieve significant improvements over state-of-the-art methods. Extensive experiments demonstrate the effectiveness of our proposed approach in changing objects, and modifying attributes such as colors and materials, especially on multi-object editing scenarios.

ABSTRACT. Time series data are utilized across various fields, including finance, healthcare, and manufacturing, where system reliability is crucial. Accordingly, extensive research on time series anomaly detection has been conducted. However, this task presents significant challenges due to high dimensionality, temporal dependencies, and noise in data. These challenges highlight the importance of effective feature extraction to capture meaningful data representations. In this study, we propose a novel Feature Extraction and Fusion Module (FEFM) specifically designed to enhance anomaly detection performance by extracting and fusing dimensional and temporal features of data. FEFM consists of three parts: Multi-Dimensional Feature Extractor (MDFE), Temporal Feature Extractor (TFE), and Feature Fusion Layers (FFL). MDFE and TFE extract dimensionally-driven and temporally-driven features from complex time series data. FFL then fuses these features with the original input, enabling the model to comprehensively understand the complex patterns. We evaluate the effectiveness of our method using seven benchmark datasets and two evaluation strategies, comparing its performance with other state-of-the-art methods. Experimental results demonstrate that our method outperforms others on various datasets, especially in reducing false positives. These results indicate that our method effectively extracts and fuses meaningful features from data, improving the reliability of anomaly detection systems.

ABSTRACT. Face age transformation is a task that aims to age or rejuvenate faces while preserving identity. Balancing realistic transformations with identity preservation is challenging due to the difficulty in determining which facial features to modify or retain. We introduce a novel GAN-based face age transformation framework utilizing Hierarchical Encoding and Contrastive Learning (HECL). Specifically, we incorporate a multi-level encoder that extracts and analyzes age-related features at different levels of detail, such as facial texture, structure, and skin tone. We also combined a contrastive learning approach in the discriminator to finetune the differentiation between age groups. These modifications enhance identity preservation and provide better control over aging through strategic loss functions, addressing shortcomings in existing models, which often struggle with modifying subtle face and hair texture, color, or volume during age progression. HECL outperforms SOTA models in realism and versatility, generating high-quality face images. We demonstrate superior identity preservation performance in metrics, also receiving better qualitative approval from human evaluators. Our codes and models are available here: https://anonymous.4open.science/r/HECL-819A

ABSTRACT. Point cloud data frames are critical, if not indispensable, for precise robot navigation and localization, but training the object detection models for them remains challenging. Many models require labeled 3D objects to train the model. However, the sparse and occluded 3D point cloud data make it difficult, if not impossible, to automate the labeling process. This work proposes a training framework to generate 3D labels on point clouds to tackle the aforementioned challenges. The proposed method takes advantage of the consecutive presence of the same object on different frames to automate the la- beling process. The experimental results show that the unsupervised framework trains a robust model for 3D object detection. On the roadside data, the model archives 90.27% AP for scooters and 91.33% AP for cars. On nuScenes dataset, the framework demonstrates the detection precision doubles on IoU 0.25 and IoU 0.5 when the re- calls remain similar, compared to the model trained by the MODEST framework.

ABSTRACT. Underground mining presents a perilous working environment, with numerous accidents each year resulting in significant loss of life. Sensor nodes enhance safety by monitoring environmental factors like temperature and toxic gases, disseminating location information, and transmitting important messages to miners. Min- ers interact with the sensors attached on pillars that track their movements, which helps to locate them without GPS signals. Thus, predicting the battery life of the sensors is crucial for (a) rerout- ing miners during emergencies, (b) ensuring timely maintenance of the sensors, and (c) most importantly, identifying sensors that require “energy harvesting” to maintain essential communication within mine. In this work, we propose a deep reinforcement learning (DRL) approach called Proximal Policy Optimization-Long Short term memory (PPO-LSTM) tailored to the mining environment, considering miners’ movements and communication dynamics to predict sensor battery levels. This enables timely energy harvesting for sensors nearing depletion at the important locations inside the mine. Furthermore, we integrate a long short-term memory (LSTM) network with the PPO approach to build a PPO-LSTM framework, leveraging temporal data correlations to capture patterns over time, thereby improving decision-making for energy management in the mining environment. Our comprehensive simulations demonstrate that the proposed PPO-LSTM framework achieves a lower mean absolute percentage error (MAPE) by ∼ 4% when compared to the existing state-of-the-art methods, Deep deterministic policy gradi- ent (DDPG) and Soft Actor-Critic (SAC) algorithms. Furthermore, when compared in terms of mean absolute error (MAE), PPO-LSTM outperforms other approaches by (2-3). Likewise, comparing on root mean squred error (RMSE), the proposed approach outperforms DDPG and SAC approach by (5-10).

ABSTRACT. Network slicing in 5G-Advanced networks allows the creation of virtualized slices to support diverse services like IoT, autonomous driving, and entertainment. However, mobility management poses significant challenges, particularly as User Equipment (UE) moves across Tracking Areas (TAs) with non-uniform slice availability. Current systems restrict UEs from re-registering for slices within the same Registration Area (RA) if a slice is unavailable in just one TA, leading to service disruptions and inefficient resource utilization. To address this, we propose an LSTM-based prediction model that anticipates slice availability in different TAs. The model analyzes historical slice availability, UE mobility patterns, and current network conditions to predict future slice availability, allowing UEs to optimize their mobility and reduce the need for frequent Mobility Registration Updates (MRUs). Our simulation results show that the proposed model achieves high prediction accuracy, significantly reducing signaling overhead and improving both resource efficiency and service continuity.

ABSTRACT. Ensuring the security of a network infrastructure necessitates the precise detection and categorization of malware. While existing methodologies have demonstrated higher accuracy, their effectiveness has predominantly been validated on a limited subset of malware families or samples. These analyses often focus on malware families with a higher number of samples, potentially leading to biased and unrepresentative classification results. To address this gap, our study aims to enhance the accuracy and robustness of malware detection and categorization systems by investigating the impact of dataset size, class balance, and data augmentation techniques on classifier performance. We demonstrate the efficacy of our approach on a comparatively larger dataset titled Blue Hexagon Open Dataset for Malware AnalysiS, comprising of 134k samples. Our analysis, exploiting 85 malware families with at least 50 samples each, results in the highest accuracy of 92.28% using Random Forest as the classifier on the original imbalanced dataset. However, by employing Generative Adversarial Networks to generate synthetic samples and achieve balanced class distributions (resulted in balanced datasets), our approach demonstrates the improvement in the classifier's accuracy to 99.35%.

ABSTRACT. The proliferation of IoV technologies has revolutionized the use of transport systems to a great level of improvement in safety and efficiency, and convenience to users. On the other hand, increased connectivity has also brought new vulnerabilities, making IoV networks susceptible to a wide range of cyber-attacks. The contribution of this paper will be the in-depth study on development and evaluation of advanced machine learning models that detect and classify network anomalies in IoV ecosystems. Several classification models, such as Random Forest, XGBoost, and Support Vector Classifiers, have been studied in our research in order to achieve high accuracy with respect to discriminating between benign and malicious traffic. This work further harnesses Explainable AI methodologies through the LIME framework for enhanced interpretability of models' decision-making processes. Experimental results strongly advocate the strength of Random Forest and XGBoost, proving to be better on the binary and multi-class classification tasks, respectively. These models are resilient, precise, and scalable; hence, they are a practical choice in real-world IoV security frameworks. Explainability integrated not only strengthens model reliability but also closes the gap between performance and interpretability, therefore driving trust in high-stake environments such as vehicular networks.

ABSTRACT. The Internet of Things and Blockchain are considered two major technologies. They face numerous challenges, including poor interoperability, security flaws, privacy concerns, and a lack of industry standards. Most IoT devices require a constant Internet connection, making them vulnerable to various attack vectors. Blockchain technology provides authentication and a decentralized environment, preventing malicious third parties from accessing the network. However, traditional consensus schemes like Proof of Work (PoW), PBFT, etc., restrict performance, processing time, and energy efficiency. In these systems, a miner must devote substantial time and money to obtaining the reward-based structure of the consensus mechanism. Recent research on blockchains has focused on accelerating the speed and scalability and enhancing the security level to overcome these limitations. In this paper, we propose a new hybrid consensus scheme, HyPoPE. In this model, the consensus algorithm has a more straightforward form while maintaining higher energy efficiency, faster throughput time, and higher security than traditional algorithms like PoW, PBFT, etc.

ABSTRACT. Many~IoT applications rely on the timely collection and processing of data. Although the technology that allows data collection is readily available, its deployment on a large scale raises many practical issues, the main one probably being: who pays for the infrastructure? IoT deployment could significantly benefit from crowdsourcing, leveraging a widespread community's collective intelligence and resources to enhance efficiency and innovation. To ensure the successful deployment of a data collection infrastructure, it is crucial to motivate end users, as their active participation and engagement are key to the system's effectiveness and reach.

This paper addresses these issues in a practical use case that deals with collecting environmental data. We propose a decentralized crowdsensing architecture where vehicles act as data collectors and transfer data from sources (e.g.,~sensing devices) to networked access points. The system provides economic incentives to individuals willing to act as data collectors or to operate gateways in the form of micropayments enabled by a blockchain. The proposed architecture is evaluated using a multilevel simulation model that combines existing communication, mobility, and behavioral sub-models. This reduces the time required to build a full simulator and potentially increases the accuracy of the results.

ABSTRACT. We introduce AKT (Advanced Knowledge Transfer), a novel method to enhance the training ability of low-bit quantized (Q) models in the field of zero-shot quantization (ZSQ). Existing research in ZSQ has focused on generating high-quality data from full-precision (FP) models. However, these approaches struggle with reduced learning ability in low-bit quantization due to its limited information capacity. To overcome this limitation, we propose an effective training strategy compared to data generation. Particularly, we analyzed that refining feature maps in the feature distillation process is an effective way to transfer knowledge to the Q model. Based on this analysis, AKT efficiently transfers core information from the FP model to the Q model. AKT is the first approach to utilize both spatial and channel attention information in feature distillation in ZSQ. Our method addresses the fundamental gradient exploding problem in low-bit Q models. Experiments on CIFAR-10 and CIFAR-100 datasets demonstrated the effectiveness of the AKT. Our method led to significant performance enhancement in existing generative models. Notably, AKT achieved significant accuracy improvements in low-bit Q models, achieving state-of-the-art in the 3-bit and 5-bit scenarios on CIFAR-10. The code is available at https://github.com/Inpyo-Hong/AKT-Advanced-knowledge-Transfer.

ABSTRACT. The extensive integration of Internet of Things (IoT) devices within various critical industrial and non-industrial environments accentuates the indispensable significance of authentication mechanisms in safeguarding applications against misuse and breaches. Authentication protocols that do not rely on storing keys, which are susceptible to theft, leverage mechanisms based on Physical Unclonable Function (PUF), exploiting the unique characteristics of the device to generate keys. Modern implementations of PUFs employ cryptographic tools known as Fuzzy Extractors to mitigate inherent variability and noise. However, the adoption of this component presents various challenges and constraints, including the potential extraction of sensitive data and vulnerabilities in implementation. In addition, the computational overhead associated with this approach can be significant. This study introduces a novel framework for devising authentication mechanisms utilizing any kind of PUFs for resource-constrained devices without necessitating a Fuzzy Extractor. The effectiveness of these security mechanisms depends on the attacker's uncertainty in guessing the correct response to each challenge compared to that of the authentic device. Additionally, we propose an implementation of the framework using SRAM-PUF, which achieves a security level comparable to guessing a 128-bit key. By avoiding the use of a fuzzy extractor, the proposed authentication framework aims to mitigate data leakage issues, modelling attacks and achieve a lighter scheme compared to the state of the art.

ABSTRACT. Process mining is moving beyond mining traditional event logs and nowadays includes, for example, data sourced from sensors in the Internet of Things (IoT). The volume and velocity of data generated by such sensors makes it increasingly challenging to efficiently process the data by traditional process discovery algorithms, which operate on a centralized event log. This paper presents EdgeMiner, an algorithm for distributed process mining operating directly on sensor nodes on a stream of real-time event data. In contrast to centralized algorithms, EdgeMiner tracks each event and its predecessor and successor events directly on the sensor node where the event is sensed and recorded. As EdgeMiner aggregates direct successions on the individual nodes, the raw data does not need to be stored centrally, thus improving both scalability and privacy. We analytically and experimentally show the correctness of EdgeMiner. In addition, our evaluation results show that EdgeMiner determines predecessors for each event efficiently, reducing the communication overhead by up to 96% compared to querying all nodes. Further, we show that the number of queried nodes stabilizes after relatively few events, and batching predecessor queries in groups reduces the average queried nodes per event to less than 2.5%.

ABSTRACT. As software supply chains grow increasingly complex with the extensive use of third-party components, the automatic generation of accurate Software Bills of Materials (SBOMs) becomes critical for managing security risks. In this study, we evaluate the effectiveness of seven SBOM generation tools that claim to produce accurate SBOMs from Rust projects. Specifically, we examine whether these tools can correctly identify component names, versions, and dependencies among components within 50 popular open-source Rust projects. Additionally, we assess whether any significant differences exist among the tools' automatic SBOM generation in the two popular formats, CycloneDX and SPDX. The findings from this study inform both practitioners and researchers about the current capabilities and limitations of existing SBOM tools and help in the selection of appropriate tools for better management of software dependencies and security risks.

ABSTRACT. Security protocols, protocols to achieve consensus, those for maintaining memory consistency and coherence, distributed ledgers, multi-party computation, and many similar software systems are examples of distributed message-passing based computation. Ensuring correctness of such distributed systems is a challenging problem for many automatic verification approaches. The deductive verification approach for reasoning about such systems involves computing a program invariant, i.e., an expression evaluates to true for every reachable program state. Several approaches for synthesizing invariants are dynamic, i.e., runs of the program and ancillary information such as target safety properties are used to learn an invariant expression. However, most existing approaches invoke a model checker (or a theorem prover) within the synthesis loop, which makes these approaches depend on the scalability of the verification tools. In this paper, we propose a counterexample-guided inductive synthesis approach called $\RunVS$ which learns invariant expressions from program runs, but without information such as target safety properties, and without invoking a model checker/theorem prover for validation. The synthesis approach pairs a decision-tree (DT) based method with a data augmentation technique: DT-learning provides an expression that classifies observed states from augmented states that are speculated to be unreachable. Validation of the learned invariant is performed by sampling program runs and states; any run that invalidates the invariant results in counterexamples used to revises the invariant. As there is no formal proof that the learned artifact is a true invariant, we call such an expression a likely invariant. An important user input to synthesis is often the set of predicates that comprise the invariant expression; we use a novel integration with a large language model (LLM) and prompt it to provide likely predicates to be used. We show empirical results of our approach on several distributed protocols implemented in the Promela modeling language.

ABSTRACT. When building a machine-learning-enabled system, quality objectives are achieved through architectural and non-architectural tactics, including general ones as as well as specific ones that address machine learning specifics, such as the focus on data. However, implementing these tactics typically compromises other quality attributes that are not the primary focus of the tactic at hand. Previous research has investigated quality aspects and tactics for machinelearning-enabled systems, but there is a lack of detailed insights on quality trade-offs observed in industrial practice, and how companies address them. A study in this direction could especially help start-ups and SMEs to benefit from the insights of other companies, and academics to develop improved tactics addressing these trade-offs in alternative, potentially more effective ways. In this paper, to fill this gap, we present a multiple-case study of four companies in the AI sphere. As AI solution providers, all companies are faced with a variety of quality priorities, tactics, and trade-offs in their addressed application domains. We find that our subject companies consistently address a common set of core quality priorities, encompassing reliability, functional suitability, and resource efficiency, which they address with recurring architectural tactics such as use of cloud-based components for resource efficiency, and non-architectural ones such as SCRUM practices for functionality suitability. Finally, we find a variety of trade-offs appearing in different companies with several recurring ones, two of them–efficiency vs. reliability, and system accuracy vs. explainability–manifesting themselves in three out of the four companies.

ABSTRACT. The new distributed paradigm Edge-Cloud Continuum (ECC) is fundamental to provide a continuum of computing from Edge to Cloud and create more dependable Cloud-powered IoT applications. In line with this computing paradigm, this paper presents a self-managing IoT-Edge-Cloud computing architecture for enhancing robustness in environmental monitoring. In addition to the sensor data transmission to a cloud server node for late processing, a semi-decentralized self-adaptation architecture with feedback control components running on edge nodes (gateways) is adopted to monitor the end devices and make decisions in the edge. The proposed control architecture was implemented as part of SEIROB, an IoT-Edge-Cloud exemplar for air quality monitoring, using the Python programming language and the open-source ChirpStack LoRaWAN network server stack. In this paper, we share the architecture design of SEIROB, report our experiments about its effectiveness in achieving some robustness scenarios, and discuss faced challenges and lessons learned in using a ready-to-use IoT infrastructure (like the ChirpStack platform) for ECC.

ABSTRACT. The rapid expansion of data volumes across various scientific and technical fields, along with the development of exascale computing in the high performance computing (HPC) domain, continually challenge existing storage systems. These systems typically consist of heterogeneous multi-tier storage architectures, ranging from high-speed solid-state drives (SSDs) tier with limited storage capacity to slower magnetic tapes tier with larger storage capacity. A significant challenge in HPC storage systems is the effective placement and migration of data across different storage levels. Current strategies, such as those implemented in parallel file systems like Lustre, utilize hierarchical storage management (HSM) solutions such as the Robinhood Policy Engine, which operate at the file granularity level for data eviction policies. In contrast, traditional caching policies work at the block level. This mismatch of granularity makes it difficult to adopt traditional eviction policies to those HSM. This study introduces a new multi-criteria file-level eviction policy incorporating frequency and recency of access, file lifetime, and a fairness criterion. Our policy reduces I/O processing times by average of 61.96\% for tested workloads and improves the hit ratio by 60.13\% on average, outperforming block-based cache replacement policies such as LRU, LFU, and ARC.

ABSTRACT. Zoned Namespace (ZNS) SSDs are the latest flash-based SSDs that maintain several zones in storage. Each zone has its own write pointer to prevent any write requests from occurring in front of or behind it. While ZNS SSDs achieve improved write performance with the write pointer, they also face limitations as in-place updates are not allowed. This limitation poses a challenge in building a Redundant Array of ZNS SSDs as metadata and partial parity logs can be done more efficiently with overwrites. In this paper, we advocate for the use of a conventional namespace in ZNS RAID, that is, RAID that uses ZNS SSDs, and to support this, we design and implement CRAZNS, a ZNS RAID-5 that makes use of a conventional namespace. Compared to RAIZN, the state-of-the-art ZNS RAID, CRAZNS used 4 GB extra storage space for the conventional namespace, but is able to use the maximum number of zoned namespaces that are possible and saves almost 26 GiB of storage space by eliminating the need for Metadata zones. Performance evaluations show that for individual applications performance between RAIZN and CRAZNS were similar, but in terms of small write throughput, CRAZNS is 1.2X higher than RAIZN. Also, CRAZNS enhances 1.1X of overall throughput as more zones can be kept open.

ABSTRACT. As the costs of maintaining servers in cloud and large-scale data centers rise, the demand for efficient remote monitoring and management systems becomes increasingly urgent. The Baseboard Management Controller (BMC) plays a crucial role by providing real-time, remote oversight of server conditions, enabling early issue detection and prompt intervention to minimize downtime. By enhancing service reliability and optimizing resource utilization, BMCs are essential to the smooth operation of data centers with large server infrastructures. Additionally, when server failures occur, BMCs facilitate rapid reboots, ensuring swift recovery, preventing data loss, and maintaining business continuity. To further enhance BMC performance and achieve faster boot times, effective optimization strategies are necessary. Profiling during the boot process is central to this optimization, and various tools have been developed for this purpose. Current full-stack profiling tools offer the capability to measure and visualize CPU and memory usage during and after the boot process. However, these tools face challenges, such as the transmission of large kernel source code and inefficiencies in the transmission process. To overcome these limitations, this paper proposes an optimized directory structure and a method for transmitting only modified content. In this approach, the paths and hash values of changed files are recorded, enabling efficient tracking and comparison when needed. Experimental results demonstrate that the proposed methodology improves data transmission efficiency and reduces system resource overhead.

ABSTRACT. The existing filesystem check and repair process (FSCK) requires tens of minutes or even hours with hundreds GByte memory to complete on petabyte-scale filesystems. To address this issue, we propose lwFSCK, a light-weight FSCK tool that can minimize the FSCK execution time and memory footprint. Our approach, called lwFSCK consists of two key technical ingredients: Per-Thread Data Processing and TwinTree. First, Per-Thread Data Processing partitions the set of metadata that needs to be examined into multiple partitions and allocates each of them to a separate thread which has its own per-thread data structure without lock contention. Second, lwFSCK introduces an adaptive data structure called TwinTree. TwinTree reduces the memory footprint that is required to hold the temporary information for filesystem check. lwFSCK reduces execution time by up to 1.4× compared to the state-of-the-art FSCK, pFSCK. lwFSCK reduces memory consumption by 6.8× in file-intensive filesystems that use only 1% of inodes.

ABSTRACT. This paper discusses the concept of quantum computing and its impact on business strategies and decision-making. Through an open-ended questionnaire with ten quantum computing professionals, we pinpointed crucial areas essential for companies: employing (1) entanglement and superposition, (2) comprehending uncertainty and unpredictability, (3) adapting to new technology, (4) tackling quantum computing challenges, (5) fostering a culture of innovation and experimentation, (6) addressing scalability issues, (7) overcoming regulatory challenges, (8) managing high costs, (9) addressing the lack of quantum resources, and (10) addressing the lack of knowledge and training. We have also proposed a model with probable propositions. These findings establish a knowledge base for researchers and practitioners to formulate tools and strategies for integrating quantum computing into social business.

ABSTRACT. We are connected to The Internet of Things (IoT) and access more information by accessing a vast network of objects and systems. Still, secure connectivity in IoT environments plays a huge role to guard against the possible security threats and vulnerabilities. The Message Queuing Telemetry Transport (MQTT) protocol has emerged as one of the top choices among IoT protocols due to its simplicity and effectiveness. Here, we propose a novel secure mechanism for MQTT communication in IoT using password authenticated key exchange (PAKE) protocols along with one-time pad (OTP) and pseudo random number generation algorithm. Our methodology targets a variety of security issues such as authentication, confidentiality, authorization and performance enhancement while considering the constraints on IoT resources.

ABSTRACT. Enforcing a delay between deposits and withdrawals within decentralized finance protocols may make them more secure but less composable. A delay makes flash loan attacks more expensive, but restricts interactions between protocols. In this work, we analyse public blockchain data to determine if this concern is warranted in practice. We measure the duration between corresponding direct deposit and withdrawal function calls across several decentralized finance protocols on Ethereum. We show that direct callers of DeFi protocols typically leave assets locked in these protocols for many blocks, meaning that artificial withdrawal delays are not likely to have a negative impact on user experience.

ABSTRACT. Domain-Specific Languages (DSLs) enable software engineers to implement business requirements using programming constructs that closely resemble the language used to describe these requirements. The benefits of using DSLs include smaller and easily comprehensible source code for experts in a given domain, as well as various domain-centric optimizations that reduce the size of the generated code and improve its runtime performance. Unfortunately, designing DSLs from scratch is laborious, difficult, and requires significant effort to maintain and create debugging environments and porting code to various execution platforms.

We propose a framework for creating Scala-based deep embedded DSL (EDSL) programs with generic mechanisms to translate these EDSL programs into computation graphs. We show how to use Scala dynamic types to avoid encoding identifiers in an EDSL as string variables, and we demonstrate how unique features of Scala can be used to create EDSL programs that allow programmers to encode plain English requirements into Scala programs while preserving the structure of the natural language sentences. We give the grammar and formal semantics of this framework and demonstrate its use to create a finite-state machine EDSL program, to emulate key/value data interchange languages, and to create a distributed application with processes organized in a ring.

ABSTRACT. The need for low-latency, bandwidth efficiency, and privacy has driven the deployment of distributed applications to the network edge. Edge deployments present unique challenges due to heterogeneous, uncontrolled and untrustworthy networks and devices. This paper introduces a software-defined overlay networking (SDON) middleware that simplifies the development and deployment of edge applications through centralized control while also solving the aforementioned challenges. SDON allows applications to define high-level requirements, such as a network topology, node and link characteristics. These requirements are translated into device-specific configurations and enforced across suitable edge devices. We implemented our SDON middleware as a fully functional software and evaluated it in two edge computing use cases: i) routing for video streaming across middleboxed edge devices and ii) computation offloading on heterogeneous edge devices. Our results show that deployments via SDON, with centrally enforced optimizations, improve applications’ performance by reducing mean streaming latency by 20% and computation times by 22%.

ABSTRACT. Fuzz testing has become the de facto standard for vulnerability discovery. State-of-the-art fuzzers employ a so-called gray-box approach, where coverage information is fed back to the fuzzer after each generated test case, thereby allowing it to effectivize its generation strategy over time to find bugs deep within the code. Despite research efforts in recent years, networked applications have proven to be notoriously difficult to fuzz efficiently and thoroughly. Modern fuzzers struggle with the complex environmental interactions and statefulness associated with networked systems and subsequently, shortcuts are taken to ensure at least some degree of hardening.

In this paper we study 32 prominent protocol implementations that have been continuously fuzzed by OSS-Fuzz. We define metrics to measure fuzzing activity within a project and correlate our measurements with registered CVEs for discovered vulnerabilities. Our analysis show a strong correlation between fuzzing activity and registered CVEs within a project. However, by using the CWE-1000 analys framework, we show that the correlation is only strong for certain classes of vulnerabilities. From those observations, we are able to draw conclusions about what current fuzzing practices are lacking and where fuzzing research efforts need to be spent in the future.

ABSTRACT. The minimum vertex cover is a classical optimization problem whose objective, given a graph, is to identify the smallest subset of vertices that covers all edges. The problem is NP-hard and often requires approximation strategies, particularly for large-scale graphs. This paper introduces a decentralized, iterative, and message-passing algorithm that leverages the local knowledge of nodes to resolve the minimum vertex cover. The algorithm is designed for multi-agent and peer-to-peer networks, such that any entity of the network can autonomously determine their inclusion in the vertex cover. Due to its convergence speed and minimal computational footprint, it also performed well as an in-memory sequential solver, achieving results comparable to those obtained from a state-of-the-art centralized approach.

ABSTRACT. Dynamic pricing is a promising strategy to address the challenges of smart charging, as traditional time-of-use (ToU) rates and stationary pricing (SP) do not dynamically react to changes in operating conditions, reducing revenue for charging station (CS) vendors and affecting grid stability. Previous studies evaluated single objectives or linear combinations of objectives for EV CS pricing solutions, simplifying trade-offs and preferences among objectives. We develop a novel formulation for the dynamic pricing problem by addressing multiple conflicting objectives efficiently instead of solely focusing on one objective or metric, as in earlier works. We find optimal trade-offs or Pareto solutions efficiently using Non-dominated Sorting Genetic Algorithms (NSGA) II and NSGA III. A dynamic pricing model quantifies the relationship between demand and price while simultaneously solving multiple conflicting objectives, such as revenue, quality of service (QoS), and peak-to-average ratios (PAR). A single method can only address some of the above aspects of dynamic pricing comprehensively. We present a three-part dynamic pricing approach using a Bayesian model, multi-objective optimization, and multi-criteria decision-making (MCDM) using pseudo-weight vectors. To address the research gap in CS pricing, our method selects solutions using revenue, QoS, and PAR metrics simultaneously. Two California charging sites’ real-world data validates our approach.

ABSTRACT. The increasing prevalence of audio deepfakes has raised serious concerns due to their potential misuse in identity theft, disinformation, and the compromise of voice authentication systems. Detecting these manipulations requires models capable of handling a wide range of audio features and attack strategies. In this paper, we introduce HCN-TA (Hierarchical Capsule Network with Temporal Attention), a novel architecture specifically designed for scalable and generalizable audio deepfake detection. The hierarchical capsule networks capture local and global audio patterns, while the multi-resolution temporal attention focuses on key segments with likely deepfake artifacts. Temporal locality awareness ensures prioritization of critical, rapidly changing regions. We validate the effectiveness of HCN-TA on the ASVspoof 2019 (LA) and FoR datasets, achieving low equal error rates (EER%) of 0.42% and 0.11% respectively.

ABSTRACT. With the majority of home appliances now equipped with motors, efficient motor control has become increasingly important. While there has been many research into adaptive motor control methods to enhance motor efficiency, these efforts are still in their early stages. In this paper, we introduce the Adaptive Speed and Sensorless Control (A2SC) system for motor, a novel approach leveraging LSTM-TD3 reinforcement learning to optimize motor efficiency. A2SC dynamically adjusts gain values for both speed and sensorless control, demonstrating superior performance in various motor controller types without requiring extensive motor expertise. Our experiments with two sensorless controllers exhibit a marked improvement in reaching reference speeds and reducing sensorless errors, including a 1.6-fold increase in speed and a twofold reduction in sensorless error. These advancements signify a substantial leap in motor control technology, offering a versatile and more reliable solution for the home appliance industry. The A2SC system's ability to learn and adapt in real-time presents a significant step towards more efficient and robust motor control mechanisms.

ABSTRACT. Knowledge Graph Matching is a challenging task in which expressiveness has not been fully addressed. Despite the increasing use of embeddings and large language models (LLMs) for this task, approaches for generating expressive correspondences still do not take full advantage of these models. This paper integrates LLMs into an approach for generating expressive correspondences based on alignment needs and ABox-based relation discovery. The generation of correspondences is performed by matching similar surroundings of instance sub-graphs. The integration of LLMs results in novel architectural settings, including label similarity, sub-graph matching, and entity matching. The performance of word embeddings, sentence embeddings, and LLM-based embeddings are compared. The results demonstrate that integrating LLMs surpasses all other models, enhancing the baseline version of the approach from 0.47 to 0.68, with a 45\% increase in F-measure.

ABSTRACT. The C++ language is widely favored in software development. Nonetheless, the C++ standard IO library (iostream) grapples with notable security and performance limitations. Consequently, two main issues arise: (a) the iostream library falls short of satisfying contemporary software development needs, and (b) developers at major software companies are advised against (and sometimes prohibited from) utilizing iostream. In response, we introduce a novel IO library dubbed fast_io, aimed at supplanting cstdio and iostream for C++. This alternative demonstrates enhanced user-friendliness and security and exhibits a remarkable speed increase, often ex- ceeding 10 times that of iostream. A pivotal advancement that sets fast_io apart from iostream is its utilization of a C++20 feature: Concepts. The fast_io library provides thread and exception safety while eliminating the use of format strings—a feature frequently exploited to compromise programs. Additionally, fast_io offers extensive features encompassing filesystem, networking, IO control, memory mapping, and process functionalities. It is backward compatible and demonstrates a 10x speed increase compared to cstdio and iostream for most formatted IO tasks. Regarding community impact, fast_io has garnered substantial downloads since its initial release.

ABSTRACT. Online learning from data streams with varying feature spaces has received extensive attention recently. Among them, capricious data streams make no assumptions on feature space dynamics and are mainly handled based on feature correlation, linear classifier or ensemble of trees. There exist deficiencies such as limited learning capacity, high time cost and low interpretability. To enhance effectiveness and efficiency, capricious data streams are handled through a single tree in this paper, and the proposed algorithm is named OCFHT (Online learning from Capricious data streams with Flexible Hoeffding Tree). OCFHT reuses and continuously restructures a Hoeffding tree. The reusable information includes the tree structure and the information stored in each node. The restructuring process ensures the Hoeffding tree dynamically aligns with the latest universal feature space. OCFHT does not rely on the correlation pattern among features and can achieve non-linear modeling. Its performance is verified by various experiments on 18 public datasets, showing that it is not only more accurate than state-of-the-art algorithms, but also runs faster.

ABSTRACT. Interconnects play a central role in the contention real-time tasks suffer in modern MPSoCs. Several works have been proposed to predictably arbitrate interconnects, regulate their bandwidth, and manage their buffering resources. However, the impact of point-to-point (P2P) communication protocols, e.g., AXI, on time predictability has been largely unexplored. In this work, we first show that AXI, particularly AXI4, is non-time predictable and instead only focuses on ensuring correct functional behavior and providing high-average performance. Hence, connected components can incur unbounded latencies while fully adhering to AXI4 specification, effectively preventing its by-design safe use in real-time systems. As a second contribution, we propose an extension of AXI4 called AXI4RT that defines the set of timing parameters that must be included in the specification to provide time-predictable P2P communication. We then perform a worst-case latency analysis to show that, unlike AXI4, AXI4RT allows deriving tight bounds to P2P communications. Experiments on a cycle-accurate simulator with representative benchmarks support the benefits AIX4RT provides in terms of time predictability.

ABSTRACT. This paper presents an AI-augmented framework for automated and intelligent process monitoring, addressing the inaccuracies and time-consuming of manual progress reporting in Process Management Systems (PMS). Our research proposes a novel solution pMage that bridges users’ workspaces and PMS, enabling automatic progress reporting based on users’ actions within their preferred tools. We employ AI techniques to analyze and interpret sequences of user actions, translating them into accurate task progress updates, making the integration of a PMS smoother and more effective. We demonstrate our framework’s applicability through a case study that uses pMage to monitor a brake system manufacturing process with our prototype. pMage provides a no-code solution to connect a wide range of user applications to various PMS via their respective APIs. pMage offers a more reliable, efficient, and user-friendly approach than existing monitoring methods

ABSTRACT. We propose a novel, automated risk management framework (RMF) specifically designed to manage security risks within cloud computing environments under growing complexity of assets and dynamic nature of the cloud computing platform. The proposed framework consists of four stages: (1)Cloud Twin; (2)Risk Assessment; (3)Risk Control; and (4)Control Assessment. These stages support the comprehensive risk management throughout a cloud service lifecycle, with key features such as cloud system visualization, automated assessment processes, and control policy verification via penetration testing. The proposed framework significantly improves upon existing manual risk assessments by enabling automatic risk management in cloud computing environments changing dynamic. The proposed framework enhances organizations' understanding of security posture of cloud system and integrates risk management in practice effectively.

ABSTRACT. The Android ecosystem is vulnerable to issues such as app repackaging, counterfeiting, and piracy, threatening both developers and users. To mitigate these risks, developers often employ code obfuscation techniques. However, while effective in protecting legitimate applications, obfuscation also hinders security investigations as it is often exploited for malicious purposes. As such, it is important to understand code obfuscation practices in Android apps. In this paper, we analyze over 500,000 Android APKs from Google Play, spanning an eight-year period, to investigate the evolution and prevalence of code obfuscation techniques. First, we propose a set of classifiers to detect obfuscated code, tools, and techniques and then conduct a longitudinal analysis to identify trends. Our results show a 13% increase in obfuscation from 2016 to 2023, with ProGuard and Allatori as the most commonly used tools. We also show that obfuscation is more prevalent in top-ranked apps and gaming genres such as Casino apps. To our knowledge, this is the first large-scale study of obfuscation adoption in the Google Play Store, providing insights for developers and security analysts.

ABSTRACT. Blockchain has become increasingly relevant in creating novel distributed software architectures due to its ability to establish trustworthy and accountable environments. This is particularly true in inter-organisational business processes, where blockchain, combined with model-driven approaches primarily based on BPMN choreography diagrams, plays a fundamental role. However, some inter-organisational interactions only emerge at runtime, making it difficult to represent them accurately during design time. This introduces the need for looseness, which provides strategies to represent dynamic and emerging behaviours during design time while allowing them to be managed at runtime. Despite its critical importance, support for looseness is still limited, especially in a blockchain setting. This work proposes an approach to support looseness in choreography-based software architectures that rely on blockchain technology. We identify various perspectives of loosely specified choreographies and demonstrate how to accommodate their design and runtime phases within a blockchain environment. Our approach ensures flexible interactions between participants while maintaining the security and trust inherent in blockchain systems. We assess the feasibility of the proposed approach implementing the LooseChain prototype that we experimented on an emergency response plan scenario on the Polygon blockchain.

ABSTRACT. Computing continuum systems are emerging as a solution for organizations to move and process data across different infrastructures, such as edge, fog, and cloud devices. However, managing I/O operations in these distributed and diverse infrastructures is still an open research challenge. In this paper, we present Xook-Flow, a model for constructing input/output systems for managing the data exchange in computing continuum environments. These systems are based on data distribution patterns created by structures called abstract communication channels (ACCs). These channels are established between processing stages through connections to memory, filesystem, and network resources. These connections create several options for the input/output operations. To prevent resource overload during execution, Xook-Flow automatically selects the appropriate communication channel based on user-defined criteria (e.g., throughput or resource utilization). We implemented this model in a prototype evaluated in a case study focused on managing medical data in HDF5 format across different environments. The evaluation demonstrated that Xook-Flow’s ACCs can be integrated into traditional stage-based systems available in state-of-the-art. The evaluation revealed the efficiency and efficacy of Xook-Flow in creating dataflows across diverse infrastructures to address various challenges in continuum computing.

ABSTRACT. Mobile applications have been developing at an extraordinary pace with high quality apps being required for meeting user expectations while remaining competitive in the market. In this research, we proposed an approach to assess mobile app quality by leveraging large language models (LLMs) for classifying user reviews according to the ISO/IEC 25010 quality standard. To enhance the performance of the classification model in cases of limited or imbalanced datasets. We utilized OpenAI's GPT-4o model for performing data augmentation (DA) on labeled user reviews according to the quality model. Then, we compared our approach against two different fine-tuned advanced LLMs (GPT-4o and Gemini 1.0 Pro) in two scenarios without and with DA (non-DA and DA). The finding has shown a clear boost in the performance when using DA compared to non-DA, GPT-4o, and Gemini 1.0 Pro. Lastly, we incorporated Local Interpretable Model-agnostic Explanations (LIME) to interpret the output of our optimized approach and provide clearer insights into the model decisions.

ABSTRACT. Localization of anatomical landmarks is a fundamental step in numerous medical image analysis applications. Recently, convolutional neural network (CNN)-based SpatialConfiguration-Net (SCN) has gained prominence for landmark localization tasks. However, the sub-process design in SCN demands considerable computational and memory resources, hindering its deployment on low-spec hardware frequently encountered in clinical settings. In this work, we propose a lightweight SCN utilizing depth-wise separable convolutions to enhance computational efficiency. Depth-wise separable convolutions reduce the computational cost by decoupling the channel and spatial dimensions of convolutional operations. Compared to the baseline SCN and U-Net, our model achieves notably reduced inference time and a markedly smaller model size. Despite these gains in efficiency, the model's accuracy remained comparable to that of the baseline SCN, demonstrating only minor differences. These results suggest that our lightweight SCN provides an efficient yet effective solution for anatomical landmark localization, making it well-suited for real-time medical applications.

ABSTRACT. Given the software’s critical role in society, it is essential to align systems developed in academia and industry with sustainability guidelines and ensure the construction of sustainable software that addresses potential long-term effects rather than immediate returns. This research aims to propose a sustainability requirements catalog entitled NFR4SUSTAIN, which addresses the dimensions of economic, social, and technical sustainability. The catalog will help software developers incorporate non-functional requirements related to sustainability into their projects, as well as enable stakeholders to select appropriate systems based on sustainability requirements. A research method was used to develop the catalog; it includes the steps of Information Collection, Catalog Development, and its Evaluation/Validation. The catalog was evaluated through an illustration of its use, interviews with experts from related areas, and the collection of opinions from requirements engineering students. To illustrate the use of the NFR4SUSTAIN, the catalog was applied to develop a service that aims to encourage healthy and sustainable habits. According to the preliminary evaluation, the catalog was well received, rated as useful and easy to understand.

ABSTRACT. This paper presents a configurable approximate quantum multiplier that integrates approximate and exact controlled adders with a truncation scheme to balance accuracy and circuit complexity in noisy quantum environments. It achieves significant enhancements in error metrics over an exact multiplier, demonstrating its potential for noise-resilient quantum computing in noisy quantum devices.

ABSTRACT. Software-Defined Infrastructure (SDI) offers flexibility and scalability by dynamically managing resources such as computing, networking, and storage in future mobility systems. However, in mixed-criticality systems where tasks with varying levels of importance and time constraints coexist real-time tasks must prioritize meeting their timing constraints, while non-real-time tasks need to utilize resources efficiently. This makes dynamic task scheduling and management essential. This paper presents a scalable orchestration design for effectively scheduling mixed-criticality tasks in SDI-based mobility systems. The proposed approach optimizes resource management and improves performance in complex mobility environments, including autonomous driving, traffic control, and applications involving robots, drones, and aircraft.

ABSTRACT. Changing software artifacts to insert new functionalities or correct errors is inherent to the software life cycle because only through it can a software system continue to meet the users' needs. When a piece of software is changed, the developers need to analyze the impact the change will have on other pieces of software. To do that, they may explore the change history of a software system to identify co-change patterns and, hence, aid software engineers in their change impact analysis tasks. A co-change occurs when pieces of software are changed together in a maintenance task. Some studies have proposed methods to identify co-change. However, these works do not consider the intrinsic characteristics of the commits to lead to more accurate results. This work presents a new heuristic for co-change detection based on the characterization of commits. We use data from 32 open-source Java systems hosted at GitHub to evaluate the heuristic. The results showed that our heuristic can capture more actual static relations among classes than the heuristics that do not consider commits characteristics.

ABSTRACT. Software developers employ requirements traceability to ensure that each requirement is tracked throughout the software development life cycle, providing a clear link between requirements and the final product. Inadequate implementation of requirements traceability can lead to poor quality and maintainability of the product and negatively affect the success of a project. Despite its importance in software development, studies show that there are a number of challenges facing requirements traceability. In light of the increasing complexity of modern software systems and emerging technologies, a comprehensive analysis of the frameworks, techniques and tools, together with information on the state of their empirical evaluation, would be helpful in providing the necessary evidence for software developers so that they can understand the strengths and shortcomings of the various approaches. In this paper, we provide a systematic review of requirements traceability frameworks, technologies, techniques and tool support covering 2013 – 2024 from the major databases. The findings show that frameworks, techniques and tools covering the software development life cycle are missing, and evaluations based on industrial case studies are meagre, which may lower the confidence in applying the the proposed approaches in practice. A discussion of the challenges in requirements traceability, such as the need for adaptable, scalable, and fully automated frameworks and tool support, is provided. Moreover, the paper highlights the the need for developing requirements traceability methods supporting agile and DevOps practices.

ABSTRACT. Cross-chain interoperability is one of the most pressing challenges in blockchain, especially as the number of decentralized networks continues to grow. With each chain operating independently, there is a growing need for solutions that enable seamless interaction across these networks. The following paper proposes a Proof of Concept (PoC) solution for bridging interoperability between Polkadot and Cosmos multichain networks. Currently, no solution allows for safe cross-chain interaction between the mentioned chains. Using the hashed timelock approach, our solution solves this gap and introduces a decently modular and reusable framework that can be implemented in fully operable networks. The solution is built on top of smart contracts and the Substrate framework. Relayers handle communication and proof exchange between chains. Relayers represent incentivized, fairly chosen, and trusted API servers responsible for handling the exchange of the proofs. This framework provides a foundation for future cross-chain solutions aiming to add cross-chain interoperability with Polkadot or Cosmos.

ABSTRACT. This paper investigates the role of terms of use within the Self-Sovereign Identity (SSI) system, aiming to establish a model for managing verifiable credentials (VCs) in specific contexts. To this end, we use the termsOfUse field within VCs to formulate an access control policy based on the Attribute-Based Access Control (ABAC) framework, implemented via smart contracts. Furthermore, the paper introduces the concept of a self-generated VC to attest to users' acceptance of terms of use, offering verifiable proof to support users in the event of legal disputes.

ABSTRACT. Open-Radio Access Network (O-RAN) brings an innovative approach to address the issues of controller placement in large-scale 6G networks. In this work, we introduce a Reinforcement Learning (RL) algorithm for decentralized RAN Intelligent Controller Orchestration in 6G Networks, which leverages the online learning capabilities of a multi-agent RL system. Our method achieves around 42-66% lower user latency and 9-14% higher user packet delivery ratio compared to state-of-the-art baselines in a broad range of simulated scenarios.

ABSTRACT. Data quality monitoring is essential in ensuring the reliability of environmental monitoring systems, such as air quality monitoring networks. In this work, we automate the detection and classification of data quality issues using our comprehensive Internet of Data Fault Taxonomy (IoDFT), which includes several interconnected aspects such as fault duration, type, and pitfalls. Integrating those aspects with the data quality dimensions, such as completeness, timeliness, and consistency, we can classify the anomalies raised in the data in more detail instead of missing faults; it would be contextual missing faults. The framework has been evaluated to identify the type of data faults with more information, helping to distinguish normal behaviour and false-positive events.

ABSTRACT. One significant challenge in Knowledge Graph (KG) Embedding is the generation of negative triples. Negative triples are essential as they enable a training model to distinguish between relationships that exist within the KG and those that do not. In this paper, we propose TransHySeCo approach: a Hybrid and Self-Correcting ap- proach for embedding knowledge graphs. TransHySeCo is based on a hybrid training using both the domain semantics provided in the ontology related to the KG and the topology underlying the graph structure. Moreover, it is self-correcting. It generates new negative triples by leveraging the embeddings from previous training iterations and the (quasi-)true negatives obtained with the ontology-based negative generation method proposed in this paper. The self-correction terminates when no new (quasi-)true negative triple is generated. To evaluate TransHySeCo, we conducted exper- iments on different benchmark datasets and assessed the embed- dings’ effectiveness for the link prediction task. The results show that TransHySeCo provides KG embeddings of promising quality for link prediction.

ABSTRACT. Document layout understanding is a field of study that analyzes the spatial arrangement of information in a document hoping to understand its structure and layout. Models such as LayoutLM (and its subsequent iterations) can understand semi-structured documents with SotA results; however, the lack of open semi-structured data is a limitation in itself. While semi-structured data is common in everyday life (balance sheets, purchase orders, receipts), there is a lack of public datasets for training machine learning models for this type of document. In this investigation we propose a method to generate new, synthetic, layout information that can help overcoming this data shortage. According to our results, the proposed method performs better than LayoutTransformer, another popular layout generation method. We also show that, in some scenarios, text classification can improve when supported by bounding box information.

ABSTRACT. Diffusion models are capable of generating high-quality synthesis images with intricate identity features, but this raises privacy concerns as personal identities may be used without consent. What if we need to remove a specific identity from an already trained model without retraining it from scratch? Inspired by the success of concept removal from generative models, we propose an approach to address the under-explored challenge of identity removal in pretrained diffusion models. Our method achieves this by aligning the image distribution of the identity to be removed with that of a target identity, effectively preventing the model from generating the specified identity. Extensive experiments, including quantitative and qualitative analyses, demonstrate that our approach successfully prevents the generation of the unwanted identity while preserving other identities in the model, achieving a low Acc_U = 1.50% and FID_R = 15.8. Additionally, we introduce a new metric Selective Removal and Keep (SRK) based on facial recognition (FR) models, incorporating the accuracy on unlearned and retained identities, for evaluating identity unlearning in generative models, providing a comprehensive assessment of the unlearning process and its impact on model performance.

ABSTRACT. The text-to-image diffusion model has advanced, enabling the gen- eration of complex images from text as well as sketches, key poses, and segmentation maps. However, these models struggle to accu- rately capture detailed representations or real-world scenes. This study addresses these challenges by proposing a method to enhance image generation based on both text and sketch. The method incorporates a text editing technique and uses an adapter that takes sketch images as input to integrate structural information into a pre-trained text-to-image (T2I) model, ensuring the image structure is reflected during generation. In addition, the method uses a large language model (LLM) to enrich textual descriptions with detailed color expressions. This combination of structural in- formation and enhanced text leads to more realistic and visually appealing images. Notably, our approach enhances the model ability to render complex, fine-grained details, accurately capturing intri- cate visual elements. It also improves semantic alignment between generated images and prompts, enabling better capture of intended visual concepts. Experiments show our model outperforms other conditional T2I models in visual quality. Overall, this study advances image generation technology by improving color representation using LLMs. The proposed approach has broad applicability, offering a significant contribution to image generation techniques.

ABSTRACT. The Cloud Continuum Framework (CCF) logically integrates distributed extreme edge, far edge, near edge, and cloud data centers in 6G networks. Deploying VNFs over the CCF can enhance network performance and Quality of Service (QoS) for modern delay-sensitive applications and use cases in 6G networks. Deep Reinforcement Learning (DRL) has shown potential to automate Virtual Network Function (VNF) migrations by learning optimal policies through continuous monitoring of the network environment. In this work, we leverage Deep Reinforcement Learning to optimize network control policies that continuously update VNF placement for optimal Service Function Chain (SFC) deployment in time-varying user traffic scenarios. By leveraging dynamic VNF relocation, this approach seeks to improve network performance in terms of latency, operational costs, scalability, and flexibility. This study addresses the gap in existing solutions by jointly considering network performance requirements and migration costs, providing a more comprehensive strategy for efficient VNF deployment and management. We show that our proposed DRL-based VNF deployment method achieves a 28.8% lower delay and a 34% lower migration overhead compared to state-of-the-art baselines in a broad range of large-scale simulated scenarios, showing the proposed method’s scalability features.

ABSTRACT. As demand for low-latency, high-capacity data transmission continues to grow across urban and industrial infrastructures, traditional optical networks are facing increasing pressure. This strain is further exacerbated by the rapid proliferation of IoT devices and the rise of cloud and fog computing, which require fast and efficient data exchange between distributed data centers. Space Division Multiplexing Elastic Optical Networks (SDM-EONs) have emerged as a promising solution, offering enhanced capacity and transmission rates through flexible and granular resource allocation. In this paper, we propose two novel core and spectrum allocation policies to address key challenges in SDM-EONs, including bandwidth blocking, fragmentation, and inter-core crosstalk. The proposed policies, Core Activation Delay Bidirectional Allocation (CAD-BA) and Precise Adjacent-core Parallel Allocation Avoidance (PAPAA), introduce mechanisms such as core activation delay, bidirectional slot allocation, and avoidance of shadowed spectrum regions. Our evaluation demonstrates that these policies reduce blocked bandwidth by up to 24%, inter-core crosstalk by 9%, and fragmentation by 3%. Additionally, during high-traffic periods, they outperform existing methods by reducing blocking rates by up to 45%.

ABSTRACT. This paper addresses privacy challenges inherent in Distributed Hash Tables (DHTs). While DHTs facilitate efficient content lookup, privacy concerns arise due to query mechanisms revealing user interests. In the paper, we focus on Kademlia-based DHTs and propose to obfuscate the lookup item by presenting three obfuscation methods: double hashing, private set intersection, and prefix fetching. Based on our privacy improvements, we present a protocol specification for the libp2p kad-dht, a popular Kademlia implementation. The methods are analyzed in the context of measurement values derived from the public IPFS network, which uses kad-dht.

ABSTRACT. Deep Neural Networks (DNN) are currently state-of-the-art in intrusion detection literature, where authors typically escalate the network parameters to pave the way for accuracy improvements. However, in addition to increasing the inference computational costs, this can also render them unsuitable for resource-constrained devices, given their limited memory and processing capabilities. This paper introduces a new early exit neural network for fast inference intrusion detection. Our proposal partitions the utilized DNN for intrusion detection into branches, with the objective of classifying the majority of samples on the earlier branches, thereby reducing inference costs. Challenging samples that reach the final DNN branch are subsequently classified using a reject option, improving system reliability. Experiments on a new dataset with over 8TB of data and a year-long real network traffic showed the proposal’s feasibility. Our scheme reduces the average inference computational costs by up to 82% while decreasing the average error rates by up to 3.3.

ABSTRACT. Loneliness is a critical public health issue, linked to increased mor- bidity and cognitive decline. While previous studies have explored loneliness detection using smartphones and wearables, they often rely on phone calls, SMS, and app usage, which may not fully cap- ture loneliness’s complexity. Others focus on limited physiological signals, but both approaches raise privacy concerns. In this paper, we introduce LonelyTracker, a privacy-aware device designed to detect loneliness through continuous monitoring of physiological signals and daily activity patterns. Our system integrates wearable data, such as heart rate variability (HRV), electrodermal activity (EDA), and mobility data from IMU sensors, to develop a compre- hensive loneliness detection model. We use a deep neural network (DNN) with a split computing framework to ensure data privacy, processing sensor data locally and sending anonymized feature representations to the cloud for model training. Our 10-week study with 20 participants shows that combining multimodal data im- proves accuracy, achieving results between 81.1% and 96.5%. Fur- thermore, LonelyTracker outperforms smartphone-based solutions in energy efficiency and real-time performance, demonstrating its potential for improved mental health monitoring.

ABSTRACT. Wind energy is expanding globally as an eco-friendly and sustainable energy source. However, the variability of wind power generation poses potential risks to grid stability, making accurate power forecasting crucial for effective management. In this paper, we propose a variety of short-term and ultra-short-term power forecasting models, along with a wind farm adaptive power forecasting system that utilizes Dynamic Time Warping (DTW) to select models optimized for the specific characteristics of individual wind farms. For short-term forecasting, we introduce inverse distance weighting models and transfer learning models, while ultra-short-term forecasting is addressed using wind speed change rate models, wind speed correction models, and turbine characteristic models. The DTW-based model selection method consistently improves forecasting accuracy by applying the model that has performed best under past weather conditions similar to those being forecasted. Experimental results demonstrate that, compared to existing models, the proposed models reduce short-term forecasting errors by up to 0.99% and ultra-short-term forecasting errors by up to 1.38%, as measured by nMAPE.

ABSTRACT. Efficient data replica placement at the network edge is crucial for minimizing data access latency and enhancing user experience. Current solutions are mostly popularity oriented, assuming that users in close proximity share similar interests. While this strategy is effective for widely accessed data, it overlooks the specificity of user interests and their affinities, especially in diverse environments managed by different edge servers: data popular in region A may not be relevant in region B but be highly valuable in region C.

In this work, we introduce Paprika, an online heuristic-based hybrid algorithm that combines the strengths of Genetic Algorithm and Tabu Search to address the replica selection and placement problem in edge computing environments. Paprika takes into account data popularity, pair-wise affinity between regions, and server storage constraints. Performance evaluations demonstrate that Paprika’s hybrid approach outperforms traditional heuristic methods by yielding better results in balancing user interests across regions and favoring regions with stronger affinities.

ABSTRACT. The pervasiveness of mobile devices has fostered a multitude of services and applications, but also raised serious privacy concerns. In order to avoid users' tracking and/or users' fingerprinting, smartphones have been tightening the access to unique identifiers. Nevertheless, smartphone applications can still collect diverse data from available sensors and smartphone resources. Using real-world data, this paper demonstrates the possibility of fingerprinting users from Wi-Fi data in mobile devices and the consequent privacy impact. From the performed analysis, we concluded that a single snapshot of a set of scanned Wi-Fi BSSIDs (MAC addresses) per user is enough to uniquely identify about 99% of the users. In addition, the most frequent Wi-Fi BSSID is sufficient to re-identify more than 90% of the users, a percentage that goes up to 97% of the users with the top-2 scanned BSSIDs. The Wi-Fi SSID (network name) also leads to a re-identification risk of about 83% and 97% with 1 and 2 of the strongest Wi-Fi Access Points (APs), respectively.

ABSTRACT. Traditionally, mobile systems avoid virtual memory swapping to flash memory due to wear-out and latency issues. Instead, mobile systems kill background applications to secure free memory but this leads to long-latency cold startup of applications, thereby resulting in degraded user experience. With the advance of mobile network technologies, network-based memory expansion can offer a solution, allowing users to leverage large back-end memory on edge servers. However, traditional memory expansion methods still suffer from high latency due to on-demand page faults and difficulty in identifying numerous cold pages. We propose a novel memory expansion scheme tailored for fast networks in mobile systems. Our scheme minimizes the on-demand network latency of remote I/O by bulk-prefetching pages based on access sequences during an application launches. Our system also effectively identifies and exports cold pages to the edge, freeing up local memory. Our evaluations show a 41% reduction in displayed time and 62% memory expansion with 42% faster launch times, outperforming both traditional swapping and app-killing mechanisms of conventional systems.

ABSTRACT. Localization technologies are prevalent in use through our daily lives ranging from map-based navigation, location-based automation, or locating friends. However, while these technologies are well-suited for outdoor applications, transferring them to granular indoor applications lacks the same level of precision. Indoor localization enables useful applications such as object and person tracking, or room-to-room navigation. As part of these applications, an underpinning concept, known as room identification, is understanding exactly which room people or objects are in. While existing techniques use single modalities to achieve this kind of task, they can lack the depth necessary to understand the context available from multiple devices and signals in the area that makes each room unique. In this work, we study room identification using embeddings from sensor fusion via deep learning methods. In addition, we use a vector database for embedding storage and flexibility to perform large-scale similarity searches for the task. Experimenting with different fusions from three modalities (3D meshes, altitude, and link layer RSSI), we demonstrate the possibility of performing room identification with the highest overall F1-Score reaching 89%.