http://ieeexplore.ieee.org TOC Alert for Publication# 10206 2009 November 06 4 3 C1 C4 47 4 3 C2 C2 35 4 3 273 283 574 4 3 284 292 859 4 3 293 301 439 4 3 302 317 1316 N be the length of the host vector and M les N + 1 the number of users. The focused detector performs a correlation test in order to decide whether a user of interest is among the colluders. Both the fingerprint embedder and the colluders are subject to squared-error distortion constraints. We show that simplex fingerprints maximize a geometric figure of merit for this detector. In that sense they outperform orthogonal fingerprints but the advantage vanishes as M rarr infin. They are also optimal in terms of minimizing the probability of error of the focused detector when the attack is a uniform averaging of the marked copies followed by the addition of white Gaussian noise. Reliable detection is guaranteed provided that the number of colluders K Lt radic(N). Moreover, we study the probability of error performance of simplex fingerprints for the focused correlation detector when the colluders use nonuniform averaging plus white Gaussian noise attacks.]]> 4 3 318 329 544 4 3 330 345 2890 4 3 346 358 1735 4 3 359 368 1434 4 3 369 382 806 4 3 383 396 9932 4 3 397 409 4304 directionlets) and they are compared in terms of a weighted Hamming distance. The feature extraction and comparison are shift-, size-, and rotation-invariant to the location of iris in the acquired image. The generated iris code is binary, whose length is fixed (and therefore commensurable), independent of the iris image, and comparatively short. The novel method shows a good performance when applied to a large database of irises and provides reliable identification and verification. At the same time, it preserves conceptual and computational simplicity and allows for a quick analysis and comparison of iris samples.]]> 4 3 410 417 1446 4 3 418 427 574 4 3 428 440 1041 simple-but-effective fast subspace learning and image projection methods, fast Haar transform (FHT) based principal component analysis and FHT based spectral regression discriminant analysis. The advantages of these two methods result from employing both the FHT for subspace learning and the integral vector for feature extraction. Experimental results on three face databases demonstrated their effectiveness and efficiency.]]> 4 3 441 450 1733 4 3 451 459 1240 4 3 460 475 2248 4 3 476 491 1382 spoofing attack detection. The performance of our Sybil detector is verified, via both a propagation modeling software and field measurements using a vector network analyzer, for typical indoor environments. Our evaluation examines numerous combinations of system parameters, including bandwidth, signal power, number of channel estimates, number of total clients, number of Sybil clients, and number of access points. For instance, both the false alarm rate and the miss rate of Sybil attacks are usually below 0.01, with three tones, pilot power of 10 mW, and a system bandwidth of 20 MHz.]]> 4 3 492 503 1072 4 3 504 518 2171 4 3 519 529 796 network vulnerability as the nonuniform vulnerable-host distribution, 2) threats, i.e., intelligent malwares that exploit such a vulnerability, and 3) defense, i.e., challenges for fighting the threats. We first study five large data sets and observe consistent clustered vulnerable-host distributions. We then present a new metric, referred to as the nonuniformity factor, that quantifies the unevenness of a vulnerable-host distribution. This metric is essentially the Renyi information entropy that unifies the nonuniformity of a vulnerable-host distribution with different malware-scanning methods. Next, we draw a relationship between Renyi entropies and randomized epidemic scanning algorithms. We find that the infection rates of malware-scanning methods are characterized by the Renyi entropies that relate to the information bits in a nonunform vulnerable-host distribution extracted by a randomized scanning algorithm. Meanwhile, we show that a representative network-aware malware can increase the spreading speed by exactly or nearly a nonuniformity factor when compared to a random-scanning malware at an early stage of malware propagation. This quantifies that how much more rapidly the Internet can be infected at the early stage when a malware exploits an uneven vulnerable-host distribution as a network-wide vulnerability. Furthermore, we analyze the effectiveness of defense strategies on the spread of network-aware malwares. Our results demonstrate that counteracting network-aware malwares is a significant challenge for the strategies that include host-based defenses and IPv6.]]> 4 3 530 541 820 4 3 542 551 395 4 3 552 563 908 4 3 564 569 242 4 3 570 577 387 4 3 578 578 30 4 3 579 579 21 4 3 580 581 44 4 3 582 582 122 4 3 583 583 156 4 3 584 584 145 4 3 585 585 683 4 3 586 586 766 4 3 587 587 553 4 3 588 588 146 4 3 589 589 136 4 3 590 590 223 4 3 591 591 205 4 3 592 592 345 4 3 C3 C3 32