Retour au site du LAAS-CNRS

Laboratoire d’analyse et d’architecture des systèmes

Publications de l'équipe TSF

Choisir la langue : FR | EN

1410documents trouvés

16018
01/03/2017

Quantifying interdependent privacy risks with location data

A.M.OLTEANU, K.HUGUENIN, R.SHOKRI, M.HUMBERT, J.P.HUBAUX

EPFL, TSF, University of Texas, Max Planck

Revue Scientifique : IEEE Transactions on Mobile Computing, Vol.16, N°3, pp.829-842, Mars 2017 , N° 16018

Lien : https://hal.archives-ouvertes.fr/hal-01266229

Diffusable

Plus d'informations

Abstract

Co-location information about users is increasingly available online. For instance, mobile users more and more frequently report their co-locations with other users in the messages and in the pictures they post on social networking websites by tagging the names of the friends they are with. The users' IP addresses also constitute a source of co-location information. Combined with (possibly obfuscated) location information, such co-locations can be used to improve the inference of the users' locations, thus further threatening their location privacy: As co-location information is taken into account, not only a user's reported locations and mobility patterns can be used to localize her, but also those of her friends (and the friends of their friends and so on). In this paper, we study this problem by quantifying the effect of co-location information on location privacy, considering an adversary such as a social network operator that has access to such information. We formalize the problem and derive an optimal inference algorithm that incorporates such co-location information, yet at the cost of high complexity. We propose some approximate inference algorithms, including a solution that relies on the belief propagation algorithm executed on a general Bayesian network model, and we extensively evaluate their performance. Our experimental results show that, even in the case where the adversary considers co-locations of the targeted user with a single friend, the median location privacy of the user is decreased by up to 62% in a typical setting. We also study the effect of the different parameters (e.g., the settings of the location-privacy protection mechanisms) in different scenarios.

138855
17013
31/01/2017

SMOF - A Safety MOnitoring Framework for Autonomous Systems

M.MACHIN, J.GUIOCHET, H.WAESELYNCK, J.P.BLANQUART, M.ROY, L.MASSON

TSF, ASTRIUM

Rapport LAAS N°17013, doi 10.1109/TSMC.2016.2633291, Janvier 2017

Lien : https://hal.archives-ouvertes.fr/hal-01394139

Diffusable

Plus d'informations

Abstract

Safety critical systems with decisional abilities, such as autonomous robots, are about to enter our everyday life. Nevertheless, confidence in their behavior is still limited, particularly regarding safety. Considering the variety of hazards that can affect these systems, many techniques might be used to increase their safety. Among them, active safety monitors are a means to maintain the system safety in spite of faults or adverse situations. The specification of the safety rules implemented in such devices is of crucial importance, but has been hardly explored so far. In this paper, we propose a complete framework for the generation of these safety rules based on the concept of safety margin. The approach starts from a hazard analysis, and uses formal verification techniques to automatically synthesize the safety rules. It has been successfully applied to an industrial use case, a mobile manipulator robot for co-working.

138729
16462
13/12/2016

Monitoring et détection d'anomalie par apprentissage dans des infrastructures virtualisées

C.SAUVANAUD

TSF

Doctorat : INSA de Toulouse, 13 Décembre 2016, 174p., Président: E.EXPOSITO, Rapporteurs: S.BOUCHENAK, P.SENS, Examinateurs: K.LAZRI, Directeurs de thèse: M.KAANICHE, K.KANOUN , N° 16462

Lien : https://hal.laas.fr/tel-01445648

Diffusable

Plus d'informations

Abstract

Nowadays, the development of virtualization technologies as well as the development of the Internet contributed to the rise of the cloud computing model. A cloud computing enables the delivery of configurable computing resources while enabling convenient, on-demand network access to these resources. Resources hosted by a provider can be applications, development platforms or infrastructures. Over the past few years, computing systems are characterized by high development speed, parallelism, and the diversity of task to be handled by applications and services. In order to satisfy their Service Level Agreements (SLA) drawn up with users, cloud providers have to handle stringent dependability demands. Ensuring these demands while delivering various services makes clouds dependability a challenging task, especially because providers need to make their services available on demand. This task is all the more challenging that users expect cloud services to be at least as dependable as traditional computing systems. In this manuscript, we address the problem of anomaly detection in cloud services. A detection strategy for clouds should rely on several principal criteria. In particular it should adapt to workload changes and reconfigurations, and at the same time require short configurations durations and adapt to several types of services. Also, it should be performed online and automatic. Finally, such a strategy needs to tackle the detection of different types of anomalies namely errors, preliminary symptoms of SLA violation and SLA violations. We propose a new detection strategy based on system monitoring data. The data is collected online either from the service, or the underlying hypervisor(s) hosting the service. The strategy makes use of machine learning algorithms to classify anomalous behaviors of the service. Three techniques are used, using respectively algorithms with supervised learning, unsupervised learning or using a technique exploiting both types of learning. A new anomaly detection technique is developed based on online clustering, and allowing to handle possible changes in a service behavior. A cloud platform was deployed so as to evaluate the detection performances of our strategy. Moreover a fault injection tool was developed for the sake of two goals : the collection of service observations with anomalies so as to train detection models, and the evaluation of the strategy in presence of anomalies. The evaluation was applied to two case studies : a database management system and a virtual network function. Sensitivity analyzes show that detection performances of our strategy are high for the three anomaly types. The context for the generalization of the results is also discussed.

Résumé

Le cloud computing est un modèle de délivrance à la demande d’un ensemble de ressources informatiques distantes, partagées et configurables. Ces ressources, détenues par un fournisseur de service cloud, sont mutualisées grâce à la virtualisation de serveurs qu’elles composent et sont mises à disposition d’utilisateurs sous forme de services disponibles à la demande. Ces services peuvent être aussi variés que des applications, des plateformes de développement ou bien des infrastructures. Afin de répondre à leurs engagements de niveau de service auprès des utilisateurs, les fournisseurs de cloud se doivent de prendre en compte des exigences différentes de sûreté de fonctionnement. Assurer ces exigences pour des services différents et pour des utilisateurs aux demandes hétérogènes représente un défi pour les fournisseurs, notamment de part leur engagement de service à la demande. Ce défi est d’autant plus important que les utilisateurs demandent à ce que les services rendus soient au moins aussi sûrs de fonctionnement que ceux d’applications traditionnelles. Nos travaux traitent particulièrement de la détection d’anomalies dans les services cloud de type SaaS et PaaS. Les différents types d’anomalie qu’il est possible de détecter sont les erreurs, les symptômes préliminaires de violations de service et les violations de service. Nous nous sommes fixé quatre critères principaux pour la détection d’anomalies dans ces services : i) elle doit s’adapter aux changements de charge de travail et reconfiguration de services ; ii) elle doit se faire en ligne, iii) de manière automatique, iv) et avec un effort de configuration minimum en utilisant possiblement la même technique quel que soit le type de service. Dans nos travaux, nous avons proposé une stratégie de détection qui repose sur le traitement de compteurs de performance et sur des techniques d’apprentissage automatique. La détection utilise les données de performance système collectées en ligne à partir du système d’exploitation hôte ou bien via les hyperviseurs déployés dans le cloud. Concernant le traitement des ces données, nous avons étudié trois types de technique d’apprentissage : supervisé, non supervisé et hybride. Une nouvelle technique de détection reposant sur un algorithme de clustering est de plus proposée. Elle permet de prendre en compte l’évolution de comportement d’un système aussi dynamique qu’un service cloud. Une plateforme de type cloud a été déployée afin d’évaluer les performances de détection de notre stratégie. Un outil d’injection de faute a également été développé dans le but de cette évaluation ainsi que dans le but de collecter des jeux de données pour l’entrainement des modèles d’apprentissage. L’évaluation a été appliquée à deux cas d’étude : un système de gestion de base de données (MongoDB) et une fonction réseau virtualisée. Les résultats obtenus à partir d’analyses de sensibilité, montrent qu’il est possible d’obtenir de très bonnes performances de détection pour les trois types d’anomalies, tout en donnant les contextes adéquats pour la généralisation de ces résultats.

Mots-Clés / Keywords
Apprentissage automatique; Cloud computing; Détection d'anomalie; Injection de fautes; Monitoring; Virtualisation;

138473
16431
12/12/2016

Dependable advanced robots: a survey

J.GUIOCHET, M.MACHIN, H.WAESELYNCK

TSF

Rapport LAAS N°16431, Décembre 2016

Lien : https://hal.archives-ouvertes.fr/hal-01394136

Diffusable

Plus d'informations

Abstract

Developing advanced robotics applications is now facing the confidence issue for users, which is a main limitation for their deployment in real life. This confidence could be justified by the use of dependability techniques as it is done in other safety critical applications. However, due to specific robotic properties (such as continuous human-robot physical interaction or non deterministic deliberative layer), many techniques need to be adapted or revised. This paper reviews the main issues and research work in the field of dependable robots, making the link between the dependability and robotics concepts. It also presents main challenges for increasing robot dependability.

138341
16433
12/12/2016

XPIR : Private information retrieval for everyone

C.AGUILAR-MELCHOR, J.BARRIER, L.FOUSSE, M.O.KILLIJIAN

IRIT-ENSEEIHT, TSF, LJK

Revue Scientifique : Proceedings on Privacy Enhancing Technologies, Vol.2016, pp.155-174, Décembre 2016 , N° 16433

Lien : https://hal.archives-ouvertes.fr/hal-01396142

Diffusable

Plus d'informations

Abstract

A Private Information Retrieval (PIR) scheme is a protocol in which a user retrieves a record from a database while hiding which from the database administrators. PIR can be achieved using mutually-distrustful replicated databases, trusted hardware, or cryptography. In this paper we focus on the later setting which is known as single-database computationally-Private Information Retrieval (cPIR). Classic cPIR protocols require that the database server executes an algorithm over all the database content at very low speeds which impairs their usage. In [1], given certain assumptions , realistic at the time, Sion and Carbunar showed that cPIR schemes were not practical and most likely would never be. To this day, this conclusion is widely accepted by researchers and practitioners. Using the paradigm shift introduced by lattice-based cryptography , we show that the conclusion of Sion and Carbunar is not valid anymore: cPIR is of practical value. This is achieved without compromising security, using standard crytosystems, and conservative parameter choices.

138345
16090
01/12/2016

Meeting points in ridesharing: a privacy-preserving approach

U.M.AIVODJI, S.GAMBS, M.J.HUGUET, M.O.KILLIJIAN

TSF, UQAM, ROC

Revue Scientifique : Transportation Research Part C: Emerging Technologies, Vol.72, pp.239-253, Décembre 2016 , N° 16090

Lien : https://hal.archives-ouvertes.fr/hal-01380170

Diffusable

Plus d'informations

Abstract

Nowadays, problems of congestion in urban areas due to the massive usage of cars, last-minute travel needs and progress in information and communication technologies have fostered the rise of new transportation modes such as ridesharing. In a ridesharing service, a car owner shares empty seats of his car with other travelers. Recent ridesharing approaches help to identify interesting meeting points to improve the efficiency of the ridesharing service (i.e., the best pickup and drop-off points so that the travel cost is competitive for both driver and rider). In particular, ridesharing services, such as Blablacar or Carma, have become a good mobility alternative for users in their daily life. However, this success has come at the cost of user privacy. Indeed in current's ridesharing services, users are not in control of their own data and have to trust the ridesharing operators with the management of their data. In this paper, we aim at developing a privacy-preserving service to compute meeting points in ridesharing, such that each user remains in control of his location data. More precisely, we propose a decentralized architecture that provides strong security and privacy guarantees without sacrificing the usability of ridesharing services. In particular, our approach protects the privacy of location data of users. Following the privacy-by-design principle, we have integrated existing privacy enhancing technologies and multimodal shortest path algorithms to privately compute mutually interesting meeting points for both drivers and riders in ridesharing. In addition, we have built a prototype implementation of the proposed approach. The experiments, conducted on a real transportation network, have demonstrated that it is possible to reach a trade-off in which both the privacy and utility levels are satisfactory.

138174
16391
17/11/2016

Inférence et modèles de données personnelles : mobilité sociale, proximité spatiale

R.PASQUA

TSF

Doctorat : Université de Toulouse III - Paul Sabatier, 17 Novembre 2016, 96p., Président: J.MOTHE, Rapporteurs: C.MAGNIEN, R.BALDONI, Examinateurs: S.BEN MOKHTAR, Directeurs de thèse: M.KAANICHE, G.TREDAN , N° 16391

Lien : https://hal.laas.fr/tel-01416982

Diffusable

Plus d'informations

Abstract

The wide diffusion of smart portable devices allows the collection of a big amount of data concerning the activities of users from mobile apps. We focus our attention on location data, i.e. mobility traces, of a set of users in a crowd. Data collected from these mobile systems are studied following two axies : – Mobility models are used to simulate the behavior of users to develop opportunistic forwarding algorithms. We compare real and synthetic mobility traces to show the distance between the reality and the models. – Information on mobility may endanger the privacy of users. We analyze the impact of such information on privacy of users. The main contributions are : – We analyze the spatial and social properties of human motion from real traces collected by a highly accurate experimental localization system. – We compare the real traces with synthetic mobility traces generated from seven popular mobility models – We provide an inference algorithm based on co-location of users and we show its efficiency on different datasets. – We quantify the effect of probabilistic co-location information by means of a novel colocation attack.

Résumé

La diffusion massive de dispositifs portables, de plus en plus utilisés pour le traitement et la communication de l’information, permet la collecte d’importantes masses de données liées à l’activité des utilisateurs sur des applications mobiles. Nous nous intéressons aux données de localisation (les traces de mobilité) qui sont issues de systèmes mobiles formés par un groupe d’utilisateurs. Les données de mobilité produites dans un système mobile sont étudiées suivant deux axes : – L’utilisation des modèles de mobilité est à la base du développement d’algorithmes de communication dédiés au systèmes mobiles. Les données de mobilité réelles concernant les utilisateurs vont nous permettre de comparer les données de mobilité synthétiques utilisées dans la simulation avec la réalité qu’ils sont censés décrire. – La manipulation des données de mobilité réelles implique une réflexion sur les conséquences que les informations extraites de ces données ont relativement à la protection de la vie privée des utilisateurs. Les contributions sur ces deux fronts sont les suivantes : – Une analyse fine des propriétés spatiales et sociales d’un ensemble de traces de mobilité réelles collecté expérimentalement à l’aide d’une plateforme à haute precision. – Une comparaison exploratoire entre des traces de mobilité réelles et des traces de mobilité synthétiques générées à partir de sept différents modèle de mobilité. – La conception et l’analyse d’un algorithme d’inférence par co-localisation décorrélée des informations sur la localisation des utilisateurs ciblés. – La quantification du potentiel des données de co-localisation non-déterministes sur la perte de protection de la vie privée d’un ensemble d’utilisateurs.

Mots-Clés / Keywords
Systèmes mobiles; Systèmes distribués; Modèles de mobilité; Exploration des données; Réseaux sociaux; Protection de la vie privée; Mobile systems; Distributed systems; Mobility models; Data mining; Social network; Privacy;

138215
16400
19/10/2016

Two convergence problems for robots on graphs

A.CASTANEDA, S.RAJSBAUM, M.ROY

UNAM, TSF

Manifestation avec acte : Latin-American Symposium on Dependable Computing ( LADC ) 2016 du 19 octobre au 21 octobre 2016, Cali (Colombie), Octobre 2016, 10p. , N° 16400

Lien : https://hal.archives-ouvertes.fr/hal-01386628

Diffusable

Plus d'informations

Abstract

The class of robot convergence tasks has been shown to capture fundamental aspects of fault-tolerant computability. A set of asynchronous robots that may fail by crashing, start from unknown places in some given space, and have to move towards positions close to each other. In this article, we study the case where the space is uni-dimensional, modeled as a graph G. In graph convergence, robots have to end up on one or two vertices of the same edge. We consider also a variant of robot convergence on graphs, edge covering, where additionally it is required that not all robots end up on the same vertex. Remarkably, these two similar problems have very different computability properties, related to orthogonal fundamental issues of distributed computations: agreement and symmetry breaking. We characterize the graphs on which each of these problems is solvable, and give optimal time algorithms for the solvable cases. Although the results can be derived from known general topology theorems, the presentation serves as a self-contained introduction to the topology approach to distributed computing, and yields concrete algorithms and impossibility results.

138248
16323
18/10/2016

Algorithme de détection de chute

P.ACCO, G.AURIOL

S4M, TSF

Rapport LAAS N°16323, Octobre 2016, 126p.

Non diffusable

137732
16312
05/10/2016

Souk: Spatial Observation of hUman Kinetics

M.O.KILLIJIAN, R.PASQUA, M.ROY, G.TREDAN, C.ZANON

TSF, IDEA

Rapport LAAS N°16312, Octobre 2016, 19p.

Lien : https://hal.archives-ouvertes.fr/hal-01372329

Diffusable

Plus d'informations

Abstract

Simulating human-centered pervasive systems requires accurate assumptions on the behavior of human groups. Recent models consider this behavior as a combination of both social and spatial factors. Yet, establishing accurate traces of human groups is difficult: current techniques capture either positions, or contacts, with a limited accuracy. In this paper, we introduce a new technique to capture such behaviors. The interest of this approach lies in the unprecedented accuracy at which both positions and orientations of humans, even gathered in a crowd, are captured. The open-source software pipeline we developed to exploit captured data allows extraction of several metrics on movement and social contacts, and permits study of their respective interrelationship. From the mobility to the topological connectivity, this framework offers a layered approach that can be tailored, allowing to compare and reason about models and traces. We demonstrate the accuracy and validity of our approach on social events and calibration runs in which we captured the motions of humans. In particular, we introduce an open-access trace of 50 individuals and compare it against random waypoint models that have the same global characteristics. Our fine-grain analyses, that take into account social interactions between users, show that the random way point model does not provide accurate predictions for socially-induced motion; to model human kinetics, new group-and interaction-based models should be developed. From the computer science point of view, these models are required to fully exploit the power of human-centered mobile computing, crucial for ubiquitous computing, and referred to as Short Range Communication Systems, Mobile Opportunistic Networking, or Mobile Networking in Proximity.

137640
Les informations recueillies font l’objet d’un traitement informatique destiné à des statistiques d'utilisation du formulaire de recherche dans la base de données des publications scientifiques. Les destinataires des données sont : le service de documentation du LAAS.Conformément à la loi « informatique et libertés » du 6 janvier 1978 modifiée en 2004, vous bénéficiez d’un droit d’accès et de rectification aux informations qui vous concernent, que vous pouvez exercer en vous adressant à
Pour recevoir une copie des documents, contacter doc@laas.fr en mentionnant le n° de rapport LAAS et votre adresse postale. Signalez tout problème de dysfonctionnement à sysadmin@laas.fr. http://www.laas.fr/pulman/pulman-isens/web/app.php/