Catálogo de publicaciones - revistas

<jats:p>Networking research often relies on simulation in order to test and evaluate new ideas. An important requirement of this process is that results must be reproducible so that other researchers can replicate, validate, and extend existing work. We look at the landscape of simulators for research in peer-to-peer (P2P) networks by conducting a survey of a combined total of over 280 papers from before and after 2007 (the year of the last survey in this area), and comment on the large quantity of research using bespoke, closed-source simulators. We propose a set of criteria that P2P simulators should meet, and poll the P2P research community for their agreement. We aim to drive the community towards performing their experiments on simulators that allow for others to validate their results.</jats:p>

<jats:p>Focus on movement data has increased as a consequence of the larger availability of such data due to current GPS, GSM, RFID, and sensors techniques. In parallel, interest in movement has shifted from raw movement data analysis to more application-oriented ways of analyzing segments of movement suitable for the specific purposes of the application. This trend has promoted semantically rich trajectories, rather than raw movement, as the core object of interest in mobility studies. This survey provides the definitions of the basic concepts about mobility data, an analysis of the issues in mobility data management, and a survey of the approaches and techniques for: (i) constructing trajectories from movement tracks, (ii) enriching trajectories with semantic information to enable the desired interpretations of movements, and (iii) using data mining to analyze semantic trajectories and extract knowledge about their characteristics, in particular the behavioral patterns of the moving objects. Last but not least, the article surveys the new privacy issues that arise due to the semantic aspects of trajectories.</jats:p>

<jats:p>Throughput, flexibility, and security form the design trilogy of reconfigurable crypto engines; they must be carefully considered without reducing the major role of classical design constraints, such as surface, power consumption, dependability, and cost. Applications such as network security, Virtual Private Networks (VPN), Digital Rights Management (DRM), and pay per view have drawn attention to these three constraints. For more than ten years, many studies in the field of cryptographic engineering have focused on the design of optimized high-throughput hardware cryptographic cores (e.g., symmetric and asymmetric key block ciphers, stream ciphers, and hash functions). The flexibility of cryptographic systems plays a very important role in their practical application. Reconfigurable hardware systems can evolve with algorithms, face up to new types of attacks, and guarantee interoperability between countries and institutions. The flexibility of reconfigurable crypto processors and crypto coprocessors has reached new levels with the emergence of dynamically reconfigurable hardware architectures and tools. Last but not least, the security of systems that handle confidential information needs to be thoroughly evaluated at the design stage in order to meet security objectives that depend on the importance of the information to be protected and on the cost of protection. Usually, designers tackle security problems at the same time as other design constraints and in many cases target only one security objective, for example, a side-channel attack countermeasures, fault tolerance capability, or the monitoring of the device environment. Only a few authors have addressed all three design constraints at the same time. In particular, key management security (e.g., secure key generation and transmission, the use of a hierarchical key structure composed of session keys and master keys) has frequently been neglected to the benefit of performance and/or flexibility. Nevertheless, a few authors propose original processor architectures based on multi-crypto-processor structures and reconfigurable cryptographic arrays. In this article, we review published works on symmetric key crypto engines and present current trends and design challenges.</jats:p>

<jats:p>Of all current threats to cybersecurity, botnets are at the top of the list. In consequence, interest in this problem is increasing rapidly among the research community and the number of publications on the question has grown exponentially in recent years. This article proposes a taxonomy of botnet research and presents a survey of the field to provide a comprehensive overview of all these contributions. Furthermore, we hope to provide researchers with a clear perspective of the gaps that remain to be filled in our defenses against botnets. The taxonomy is based upon the botnet's life-cycle, defined as the sequence of stages a botnet needs to pass through in order to reach its goal.</jats:p> <jats:p>This approach allows us to consider the problem of botnets from a global perspective, which constitutes a key difference from other taxonomies that have been proposed. Under this novel taxonomy, we conclude that all attempts to defeat botnets should be focused on one or more stages of this life-cycle. In fact, the sustained hindering of any of the stages makes it possible to thwart a botnet's progress and thus render it useless. We test the potential capabilities of our taxonomy by means of a survey of current botnet research, and find it genuinely useful in understanding the focus of the different contributions in this field.</jats:p>

<jats:p>Web-based social networks have become popular as a medium for disseminating information and connecting like-minded people. The public accessibility of such networks with the ability to share opinions, thoughts, information, and experience offers great promise to enterprises and governments. In addition to individuals using such networks to connect to their friends and families, governments and enterprises have started exploiting these platforms for delivering their services to citizens and customers. However, the success of such attempts relies on the level of trust that members have with each other as well as with the service provider. Therefore, trust becomes an essential and important element of a successful social network. In this article, we present the first comprehensive review of social and computer science literature on trust in social networks. We first review the existing definitions of trust and define<jats:italic>social trust</jats:italic>in the context of social networks. We then discuss recent works addressing three aspects of social trust:<jats:italic>trust information collection</jats:italic>,<jats:italic>trust evaluation</jats:italic>, and<jats:italic>trust dissemination</jats:italic>. Finally, we compare and contrast the literature and identify areas for further research in social trust.</jats:p>

<jats:p>Reactive programming has recently gained popularity as a paradigm that is well-suited for developing event-driven and interactive applications. It facilitates the development of such applications by providing abstractions to express time-varying values and automatically managing dependencies between such values. A number of approaches have been recently proposed embedded in various languages such as Haskell, Scheme, JavaScript, Java, .NET, etc. This survey describes and provides a taxonomy of existing reactive programming approaches along six axes: representation of time-varying values, evaluation model, lifting operations, multidirectionality, glitch avoidance, and support for distribution. From this taxonomy, we observe that there are still open challenges in the field of reactive programming. For instance, multidirectionality is supported only by a small number of languages, which do not automatically track dependencies between time-varying values. Similarly, glitch avoidance, which is subtle in reactive programs, cannot be ensured in distributed reactive programs using the current techniques.</jats:p>

<jats:p> Reliability is quickly becoming a primary design constraint for high-end processors because of the inherent limits of manufacturability, extreme miniaturization of transistors, and the growing complexity of large multicore chips. To achieve a high degree of fault tolerance, we need to detect faults quickly and try to rectify them. In this article, we focus on the former aspect. We present a survey of different kinds of fault detection mechanisms for processors at circuit, architecture, and software level. We collectively refer to such mechanisms as <jats:italic>checker architectures</jats:italic> . First, we propose a novel two-level taxonomy for different classes of checkers based on their structure and functionality. Subsequently, for each class we present the ideas in some of the seminal papers that have defined the direction of the area along with important extensions published in later work. </jats:p>

<jats:p>Web-based malware is a growing threat to today's Internet security. Attacks of this type are prevalent and lead to serious security consequences. Millions of malicious URLs are used as distribution channels to propagate malware all over the Web. After being infected, victim systems fall in the control of attackers, who can utilize them for various cyber crimes such as stealing credentials, spamming, and distributed denial-of-service attacks. Moreover, it has been observed that traditional security technologies such as firewalls and intrusion detection systems have only limited capability to mitigate this new problem.</jats:p> <jats:p>In this article, we survey the state-of-the-art research regarding the analysis of—and defense against—Web-based malware attacks. First, we study the attack model, the root cause, and the vulnerabilities that enable these attacks. Second, we analyze the status quo of the Web-based malware problem. Third, three categories of defense mechanisms are discussed in detail: (1) building honeypots with virtual machines or signature-based detection system to discover existing threats; (2) using code analysis and testing techniques to identify the vulnerabilities of Web applications; and (3) constructing reputation-based blacklists or smart sandbox systems to protect end-users from attacks. We show that these three categories of approaches form an extensive solution space to the Web-based malware problem. Finally, we compare the surveyed approaches and discuss possible future research directions.</jats:p>

<jats:p> This article reviews the state-of-the-art in <jats:italic>overlapping</jats:italic> community detection algorithms, quality measures, and benchmarks. A thorough comparison of different algorithms (a total of fourteen) is provided. In addition to community-level evaluation, we propose a framework for evaluating algorithms' ability to detect overlapping nodes, which helps to assess overdetection and underdetection. After considering community-level detection performance measured by normalized mutual information, the Omega index, and node-level detection performance measured by F-score, we reached the following conclusions. For low overlapping density networks, SLPA, OSLOM, Game, and COPRA offer better performance than the other tested algorithms. For networks with high overlapping density and high overlapping diversity, both SLPA and Game provide relatively stable performance. However, test results also suggest that the detection in such networks is still not yet fully resolved. A common feature observed by various algorithms in real-world networks is the relatively small fraction of overlapping nodes (typically less than 30%), each of which belongs to only 2 or 3 communities. </jats:p>

<jats:p>Slicing is a technique, traditionally applied to programs, for extracting the parts of a program that affect the values computed at a statement of interest. In recent years authors have begun to consider slicing at model level. We present a detailed review of existing work on slicing at the level of finite-state-machine-based models. We focus on state-based modeling notations because these have received sufficient attention from the slicing community that there is now a coherent body of hitherto unsurveyed work. We also identify the challenges that state-based slicing presents and how the existing literature has addressed these. We conclude by identifying problems that remain open either because of the challenges involved in addressing them or because the community simply has yet to turn its attention to solving them.</jats:p>