Erasure coding provides high fault-tolerant storage with significantly low redundancy overhead, at the expense of high repair bandwidth. While there exist access-optimal codes that theoretically minimize both the repair bandwidth and the amount of disk reads, they also incur a high sub-packetization level, thereby leading to non-sequential I/Os and degrading repair performance. We propose elastic transformation, a framework that transforms any base code into a new code with smaller repair bandwidth for all or a subset of nodes, such that it can be configured with a wide range of sub-packetization levels to limit the non-sequential I/O overhead. We prove the fault tolerance of elastic transformation and model numerically the repair performance with respect to a sub-packetization level. We further prototype and evaluate elastic transformation atop HDFS, and show how it reduces the single-block repair time of the base codes and access-optimal codes in a real network setting.

The cold startup of the container is regarded as a crucial problem to the performance of serverless computing, especially to the resource-capacitated edge clouds. Pre-warming hot containers has been proved as an efficient solution but is at the expense of high memory consumption. Instead of pre-warming a complete container for a function, recent studies advocate Zygote container, which pre-imports some packages and is able to import the other dependent packages at runtime, so as to avoid the cold startup problem. However, as different functions have different package dependencies, how to plan the Zygote generation and pre-warming in a resource-capacitated edge cloud becomes a critical challenge. In this paper, aiming to minimize the overall function startup time and subjective to the resource capacity constraints, we formulate this problem into a Quadratic Integer Programming (QIP) form with NP-hardness. We further propose a Randomized Rounding based Zygote Planning (RRZP) algorithm. The performance efficiency of our algorithm is proved via both theoretical analysis and trace-driven simulations. The results show that our algorithm can significantly reduce the startup time by 25.6%.

Although the containers are featured by lightweightness, it is still resource-consuming to pull and startup a large container image, especially in relatively resource-constrained edge
cloud. Fortunately, Docker, as the most widely used container, provides a unique layered architecture that allows the same layer to be shared between microservices so as to lower the deployment cost. Meanwhile, it is highly desirable to deploy dependent microservices of an application together to lower the operation cost. Therefore, the balancing of microservice deployment cost and the operation cost should be considered comprehensively to achieve minimal overall cost of an on-demand application. In this paper, we first formulate this problem into a Quadratic Integer Programming form (QIP) and prove it as a NP-hard problem. We further propose a Randomized Rounding-based Microservice Deployment and Layer Pulling (RR-MDLP) algorithm with low computation complexity and guaranteed approximation ratio. Through extensive experiments, we verify the high efficiency of our algorithm by the fact that it significantly outperforms existing state-of-the-art microservice deployment strategies.

The delay and service-blocking experienced by users are critical measures of quality of service in real-time distributed systems. Attacks directed at such facilities aim at disrupting the service and hurting these metrics. Our goal is to characterize worst-case attacks on such systems. We use queueing models to study attackers who wish to maximize damage while constrained by attack-resources. A key question pertaining to systems design is whether a damage-maximizing attack should focus on heavily affecting a small number of facilities or spread its efforts over many facilities. We analyze attacks which damage the system resources, and show that optimal attacks are concentrated. We further use a Max-Min (attacker-defender) analysis where the defender can migrate requests in response to the attack: An intriguing result is that under certain conditions an optimal attack will spread its efforts over many sites. This is in contrast to the attack-concentration predictions of (queueing-delay agnostic) prior studies. We also address DDoS attacks where attackers create loads of dummy requests and send them to the system. We prove that concentrating the attack efforts is always the optimal strategy, regardless of whether the system reacts by migrating requests, in contrast to the resource-damage attacks.

As the automotive industry shifts towards enabling self-driving vehicles, real-time situational awareness is becoming a crucial requirement. This paper introduces a novel information-sharing mechanism to opportunistically improve the vehicles' local environment estimates via infrastructure-assisted collaborative sensing, while still allowing them to operate autonomously when no assistance is available.
As vehicles might have different sensing capabilities, combining and sharing information from a judiciously selected subset is often sufficient to considerably improve all the vehicles' estimation errors.
We develop an opportunistic framework for vehicular collaborative sensing determining (1) which nodes require assistance, (2) which ones are best suited to provide it, and (3) the corresponding information-sharing rates, so as to minimize the communication overheads while meeting the vehicles' target estimation error. We leverage the supermodularity of the problem to devise an efficient vehicle information sharing algorithm with suboptimality guarantees to solve this problem and make it suitable to deploy in dynamic environments where network conditions might fluctuate rapidly. We support our analysis with simulations showing evidence that vehicles can considerably benefit from the proposed opportunistic collaborative sensing framework compared to operating autonomously. Finally, we explore the value of information-sharing in vehicular collaborative sensing networks by evaluating the associated safe driving velocity gains.

Existing solutions to network scheduling typically assume that the instantaneous link rates are completely known before a scheduling decision is made or consider a bandit setting where the accurate link quality is discovered only after it has been used for data transmission. In practice, the decision maker can obtain (relatively accurate) channel information, e.g., through beamforming in mmWave networks, right before data transmission. However, frequent beamforming incurs a formidable overhead in densely deployed mmWave WLANs. In this paper, we consider the important problem of throughput optimization with joint link probing and scheduling. The problem is challenging even when the link rate distributions are pre-known (the offline setting) due to the necessity of balancing the information gains from probing and the cost of reducing the data transmission opportunity. We develop an approximation algorithm with guaranteed performance when the probing decision is non-adaptive, and a dynamic programming based solution for the more challenging adaptive setting. We further extend our solutions to the online setting with unknown link rate distributions and develop a contextual-bandit based algorithm and derive its regret bound. Numerical results using data traces collected from real-world mmWave deployments demonstrate the efficiency of our solutions.

Predicting the throughput of WLAN deployments is a classic problem that occurs in the design of robust and high performance WLAN systems. However, due to the more and more complex communication protocols and the increase in interference between devices in denser and denser WLAN deployments, traditional methods either have substantial runtime or enormous prediction error and hence cannot be applied in downstream tasks. In this work, we propose HTNet, a specialized Heterogeneous Temporal Graph Neural Network that extracts features from dynamic WLAN deployments. Analyzing the unique graph structure of WLAN deployment graphs, we show that HTNet achieves the maximum expressive power on each snapshot. To evaluate the performance of HTNet, we prepare six different setups with more than five thousands dense dynamic WLAN deployments that cover a wide range of real-world scenarios. HTNet achieves the lowest prediction error on all six setups with an average improvement of 25.3% over the state-of-the-art methods. To the best of our knowledge, we are the first to use Heterogeneous Temporal Graph Neural Network to capture all the contextual, structural, and temporal information in WLAN deployments for throughput prediction.

Mobile edge computing (MEC) has been proposed to provide mobile devices with both satisfactory computing resources and latency. Key issues in MEC include task offloading and power allocation (TOPA), for which deep reinforcement learning (DRL) is becoming a popular methodology. However, most DRL-based TOPA approaches are typically developed in a certain environment, lacking the adaptability to unseen environments. Motivated by this, this paper proposes a Fast Environment-Adaptive TOPA (FEAT) approach that could adapt to unseen environments with little fine-tuning. Specifically, we first split MEC states into the internal state and environmental state. Then, based on these two types of states, we develop two main components of FEAT - a group of internal state-dependent TOPA meta-policies and an environmental state-embedded steerer. Meta-policies learn TOPA skills within the internal state space (allowing reusing meta-policies in different environments), while the steerer learns to choose appropriate meta-policies according to embedded environmental states. When encountering an unseen environment with the same internal state space, FEAT only needs to fine-tune the steerer using the newly embedded environmental state with few internal state explorations. Extensive experimental results on simulation and testbed demonstrate that FEAT outperforms the state-of-the-art by more than 16.4% in terms of fine-tuning speeds.

Secret Sharing (SS) is widely adopted in secure Multi-Party Computation (MPC) with its simplicity and computational efficiency. However, SS-based MPC protocol introduces significant communication overhead due to interactive operations on secret sharings over the network. For instance, training a neural network model with SS-based MPC may incur tens of thousands of communication rounds among parties, making it extremely hard for real-world deployment.

To reduce the communication overhead of SS, prior works statically convert interactive operations to equivalent non-interactive operations with extra computation cost. However, we show that such static conversion misses chances for optimization, and further present SOLAR, a SS-based MPC framework that aims to reduce the communication overhead through dynamic communication-computation conversion. At its heart, SOLAR converts interactive operations that involve communication among parties to equivalent non-interactive operations within each party with extra computations and introduces a speculative strategy to perform opportunistic conversion when CPU is idle for network transmission. We have implemented and evaluated SOLAR on several popular MPC applications, and achieved 1.6-8.1x speedup in multi-thread setting compared to the basic SS and 1.2-8.6x speedup over static conversion.

Time series data have numerous applications in big data analytics. However, they often cause privacy issues when collected from individuals. To address this problem, most existing works perturb the values in the time series while retaining their temporal order, which may lead to significant distortion of the values. Recently, a TLDP model is proposed in [42] that perturbs temporal perturbation to ensure privacy guarantee while retaining original values. It has shown great promise to achieve significantly higher utility than value perturbation mechanisms in many time series analysis. However, its practicability is still undermined by two factors, namely, utility cost of extra missing or empty values, and inflexibility of privacy budget settings. To address them, in this paper we propose switch as a new two-way operation for temporal perturbation, as opposed to the one-way dispatch operation. The former inherently eliminates the cost of missing, empty or repeated values. Optimizing switch operation in a stateful manner, we then propose StaSwitch mechanism for time series release under TLDP. Through both analytical and empirical studies, we show that StaSwitch has significantly higher utility for the published time series than any state-of-the-art temporal- or value-perturbation mechanism, while allowing any combination of privacy budget settings.

As a new paradigm of data trading, Crowdsensing Data Trading (CDT) has attracted widespread attention in recent years, where data collection tasks of buyers are crowdsourced to a group of mobile users as sellers through a platform as a broker for long-term data trading. The stability of the matching between buyers and sellers in the data trading market is one of the most important CDT issues. In this paper, we focus on the privacy-preserving stable CDT issue with unknown preference sequences of buyers. Our goal is to maximize the accumulative data quality for each task while protecting the data qualities of sellers and ensuring the stability of the CDT market. We model such privacy-preserving stable CDT issue with unknown preference sequences as a differentially private competing multi-player multi-armed bandit problem. We define a novel metric \(\delta\)-stability and propose a privacy-preserving stable CDT mechanism based on differential privacy, stable matching theory, and competing bandit strategy, called DPS-CB, to solve this problem. Finally, we prove the security and the stability of the CDT market under the effect of privacy concerns and analyze the regret performance of DPS-CB. Also, the performance is demonstrated on a real-world dataset.

Differential privacy (DP) enables model training with a guaranteed bound on privacy leakage, therefore is widely adopted in federated learning (FL) to protect the model update. However, each DP-enhanced FL job accumulates the privacy leakage, which necessitates a unified platform to enforce a global privacy budget for each dataset owned by users. In this work, we present a novel DP-enhanced FL platform that treats privacy as a resource and schedules multiple FL jobs across sensitive data. It first introduces a novel notion of device-time blocks for distributed data streams. Such data abstraction enables fine-grained privacy consumption composition across multiple FL jobs. Regarding the non-replenishable nature of privacy resource (that differs it from traditional hardware resources like CPU and memory), it further employs an allocation-then-recycle scheduling algorithm. Its key idea is to first allocate an estimated upper-bound privacy budget for each arrived FL job, and then progressively recycle the unused budget as training goes on to serve further FL jobs. Extensive experiments show that our platform is able to deliver up to 2.1× as many completed jobs while reducing the violation rate by up to 55.2% under limited privacy budget constraint.