DOCSLIB.ORG

Research Article N-Gram-Based Text Compression

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Research Article N-Gram-Based Text Compression Hindawi Publishing Corporation Computational Intelligence and Neuroscience Volume 2016, Article ID 9483646, 11 pages http://dx.doi.org/10.1155/2016/9483646 Research Article n-Gram-Based Text Compression Vu H. Nguyen,1 Hien T. Nguyen,1 Hieu N. Duong,2 and Vaclav Snasel3 1 Faculty of Information Technology, Ton Duc Thang University, Ho Chi Minh City, Vietnam 2Faculty of Computer Science and Engineering, Ho Chi Minh City University of Technology, Ho Chi Minh City, Vietnam 3Faculty of Electrical Engineering and Computer Science, VSB-Technical University of Ostrava, Ostrava, Czech Republic Correspondence should be addressed to Hien T. Nguyen; [email protected] Received 21 May 2016; Revised 2 August 2016; Accepted 25 September 2016 Academic Editor: Geun S. Jo Copyright © 2016 Vu H. Nguyen et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. We propose an efficient method for compressing Vietnamese text using n-gram dictionaries. It has a significant compression ratio in comparison with those of state-of-the-art methods on the same dataset. Given a text, first, the proposed method splits it into n-grams and then encodes them based on n-gram dictionaries. In the encoding phase, we use a sliding window with a size that ranges from bigram to five grams to obtain the best encoding stream. Each n-gram is encoded by two to four bytes accordingly based on its corresponding n-gram dictionary. We collected 2.5 GB text corpus from some Vietnamese news agencies to build n- gram dictionaries from unigram to five grams and achieve dictionaries with a size of 12 GB in total. In order to evaluate our method, we collected a testing set of 10 different text files with different sizes. The experimental results indicate that our method achieves compression ratio around 90% and outperforms state-of-the-art methods. 1. Introduction by assigning short codes to common parts, that is, characters, syllables, words, or sentences, and long codes to rare parts. According to [1], data compression is a process of converting In recent years, several techniques have been developed an input data stream into another data stream that has a for text compression. These techniques can be further clas- smallersize.Astreamcanbeafile,abufferinmemory,or sified into four major types, that is, substitution, statistical, individual bits sent on a communications channel. The main dictionary, and context-based method. The substitution text objectives of data compression are to reduce the size of input compression techniques replace a certain longer repetition of stream and increase the transfer rate as well as save storage characters with a shorter one. A technique that is a repre- space. Typically, data compression techniques are classified sentative of these techniques is run-length encoding [2]. The into two classes, that is, lossless and lossy, based on the result statistical techniques usually calculate the probability of char- of the decompression phase. acters to generate the shortest average code length, such as Text compression is a field of data compression, which Shannon-Fano coding [3, 4], Huffman coding [5], and arith- uses the lossless compression technique to convert an input metic coding [6, 7]. The next type consists of dictionary tech- filetoanotherformofdatafile.Itcannotusethelossy niques, which involve substitution of a substring of text by an compression technique because it needs to recover the exact index or a pointer code. They relate to a position in the dic- original file from the compressed file. If lossy compression tionary of the substring. Representatives of these techniques technique was used, the meaning of the decompression file are LZW [8], LZ77 [9], and LZ78 [10]. The last type is context- will be different from the original file. Several techniques based techniques, which involve the use of minimal prior have been proposed for text compression in recent years. assumptions about the statistics of the text. Normally, they Most of them are based on the same principle of removing or use the context of the text being encoded and the history of reducing redundancies from the original input text file. The the text to provide more efficient compression. Representa- redundancycanappearatcharacter,syllable,orwordlevels. tivesofthistypearePredictionbyPartialMatching(PPM) This principle proposed a mechanism for text compression [11] and Burrow–Wheeler transform (BWT) [12]. Every 2 Computational Intelligence and Neuroscience method has its own advantages and disadvantages when compression technique which utilizes syllable-based mor- being applied in a specific field. None of the above methods phology of multisyllabic languages. The proposed method is has been able to achieve the best results in terms of compres- designed to partition words into its syllables and then to pro- sion ratio. duce their shorter bit representations for compression. The Normally, users will decide to choose the appropriate number of bits in coding syllables depends on the number of methodbasedontheirpurposes.Withsystemsthatallow entries in the dictionary file. In [20], the authors proposed the reconstruction of information from the output not to a genetic algorithm in syllable-based text compression. This be exactly the same as the input, we can use lossy methods, algorithm was used to determine for the characteristic of syl- such as systems to compress images and voice messages. With lables. These characteristics are stored into dictionary, which systems that require the original data to be recovered exactly is part of the compression algorithm and it is not necessary to from the compressed data, we must use lossless methods, place them into compressed data. This leads to reduction of such as text compression systems. used space. In [21, 22], Lansky and his colleagues were the first This paper presents the first attempt at text compression to propose a method for syllable-based text compression using n-gram dictionaries, and the contribution has three techniques. In their papers, they focused on specification of attributes; that is, (1) it is a method for text compression syllables, methods for decomposition of words into syllables, using n-gram dictionaries, (2) it collects the text corpus of and using syllable-based compression in combination of the the Vietnamese language from the Internet and builds five principles of LZW and Huffman coding. In [23], the authors n-gram dictionaries with nearly 500,000,000 n-grams, and first proposed a method for small text file compression based (3) a test set of 10 different text files with different sizes to on the Burrow–Wheeler transformation. This method com- evaluate our new system and compare it with my two previous bines the Burrow–Wheeler transform with the Boolean mini- methods [13, 14] and also with other methods. The rest of mizationatthesametime. this paper is organized as follows. Section 2 presents earlier In our previous papers for Vietnamese text compression work related to this effort. Section 3 presents our proposed [13, 14], we proposed a syllable-based method based on mor- method, and Section 4 presents our experiments and results. phology and syllable dictionaries in [13]. With each morpho- Our conclusions are presented in Section 5. syllable, it is split into a consonant and a syllable, and they are compressed based on their corresponding dictionaries. This method has a compression ratio that converges to around 2. Related Work 73%, and it is suitable for small text files. The method in [14] compressed text based on a trigram model; it splits a In recent years, most text compression techniques have been text file into trigrams and compresses these trigrams using based on dictionary, word, or character levels [15–18]. Refer- a trigrams dictionary. This method achieves an encouraging ence [15] proposed a method to convert the characters in the compression ratio around 83%. source file to a binary code, where the most common charac- tersinthefilehavetheshortestbinarycodesandtheleast common have the longest. The binary codes are generated 3. Proposed Method basedontheestimatedprobabilityofthecharacterwithin the file and are compressed using 8-bit character word length. In this section, we present a method for Vietnamese text In [16], the authors proposed a method that combined word compression using n-gram dictionaries. This model has two with LZW. First, their method splits input text to word and main modules. The first module is used for text compression nonword and then uses them as initial alphabet of LZW. Ref- and the second module performs decompression. Figure 1 erence [17] proposed a technique to compress short text mes- describes our text compression model. In our model, we use sages based on two phases. In the first phase, it converts the n-gram dictionaries for both compression and decompres- input text consisting of letters, numbers, spaces, and punctu- sion. We will describe the model in detail in the following ation marks commonly used in English writing to a format subsections. which can be compressed in the second phase. In the second phase, it proposes a transformation which reduces the size of 3.1. n-Gram Theory and Dictionaries the message by a fixed fraction of its original size. In [18], the 3.1.1. n-Gram Theory. In this paper, we use n-gram theory authors proposed a word-based compression variant based mentioned from [24]: an n-gram is a contiguous sequence of on the LZ77 algorithm and proposed and implemented vari- items from a given sequence of a text or speech. An item can ous ways of sliding windows and various possibilities of out- be a phoneme, a syllable, a letter, a word, or a morphosyllable. put encoding. In a comparison with other word-based meth- In general, an item is considered as an atomic unit. An n- ods, their proposed method is the best. In these research, they gram of one item, two items, or three items is referred to as do not consider the structure of words or morphemes in the a “unigram,” a “bigram,” or a “trigram,” respectively.
Load more

Recommended publications
  • Scalable Speculative Parallelization on Commodity Clusters
    Scalable Speculative Parallelization on Commodity Clusters Hanjun Kim Arun Raman Feng Liu Jae W. Leey David I. August Departments of Electrical Engineering and Computer Science y Parakinetics Inc. Princeton University Princeton, USA Princeton, USA [email protected] {hanjunk, rarun, fengliu, august}@princeton.edu Abstract by the cluster is difficult. For these reasons, such programs have been deemed unsuitable for execution on clusters. While clusters of commodity servers and switches are the most popular form of large-scale parallel computers, many programs are Recent research has demonstrated that a combination of not easily parallelized for execution upon them. In particular, high pipeline parallelism (DSWP), thread-level speculation (TLS), inter-node communication cost and lack of globally shared memory and speculative pipeline parallelism (Spec-DSWP) can un- appear to make clusters suitable only for server applications with lock significant amounts of parallelism in general-purpose abundant task-level parallelism and scientific applications with regu- programs on shared memory systems [6, 24, 27, 29, 30, 32, lar and independent units of work. Clever use of pipeline parallelism (DSWP), thread-level speculation (TLS), and speculative pipeline 36, 37]. Pipeline parallelization techniques such as DSWP parallelism (Spec-DSWP) can mitigate the costs of inter-thread partition a loop in such a way that the critical path is executed communication on shared memory multicore machines. This paper in a thread-local fashion, with off-critical path data flowing presents Distributed Software Multi-threaded Transactional memory unidirectionally through the pipeline. The combination of these (DSMTX), a runtime system which makes these techniques applicable two factors makes the program execution highly insensitive to non-shared memory clusters, allowing them to efficiently address inter-node communication costs.
    [Show full text]
  • Symantec Web Security Service Policy Guide
    Web Security Service Policy Guide Revision: NOV.07.2020 Symantec Web Security Service/Page 2 Policy Guide/Page 3 Copyrights Broadcom, the pulse logo, Connecting everything, and Symantec are among the trademarks of Broadcom. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. Copyright © 2020 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. For more information, please visit www.broadcom.com. Broadcom reserves the right to make changes without further notice to any products or data herein to improve reliability, function, or design. Information furnished by Broadcom is believed to be accurate and reliable. However, Broadcom does not assume any liability arising out of the application or use of this information, nor the application or use of any product or circuit described herein, neither does it convey any license under its patent rights nor the rights of others. Policy Guide/Page 4 Symantec WSS Policy Guide The Symantec Web Security Service solutions provide real-time protection against web-borne threats. As a cloud-based product, the Web Security Service leverages Symantec's proven security technology, including the WebPulse™ cloud community. With extensive web application controls and detailed reporting features, IT administrators can use the Web Security Service to create and enforce granular policies that are applied to all covered users, including fixed locations and roaming users. If the WSS is the body, then the policy engine is the brain. While the WSS by default provides malware protection (blocks four categories: Phishing, Proxy Avoidance, Spyware Effects/Privacy Concerns, and Spyware/Malware Sources), the additional policy rules and options you create dictate exactly what content your employees can and cannot access—from global allows/denials to individual users at specific times from specific locations.
    [Show full text]
  • IDOL Connector Framework Server 12.0 Administration Guide
    Connector Framework Server Software Version 12.0 Administration Guide Document Release Date: June 2018 Software Release Date: June 2018 Administration Guide Legal notices Copyright notice © Copyright 2018 Micro Focus or one of its affiliates. The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice. Trademark notices Adobe™ is a trademark of Adobe Systems Incorporated. Microsoft® and Windows® are U.S. registered trademarks of Microsoft Corporation. UNIX® is a registered trademark of The Open Group. Documentation updates The title page of this document contains the following identifying information: l Software Version number, which indicates the software version. l Document Release Date, which changes each time the document is updated. l Software Release Date, which indicates the release date of this version of the software. To verify you are using the most recent edition of a document, go to https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result?doctype=online help. You will also receive new or updated editions of documentation if you subscribe to the appropriate product support service. Contact your Micro Focus sales representative for details. To check for new versions of software, go to https://www.hpe.com/software/entitlements. To check for recent software patches, go to https://softwaresupport.softwaregrp.com/patches. The sites listed in this section require you to sign in with a Software Passport.
    [Show full text]
  • Migratory Compression
    Migratory Compression: Coarse-grained Data Reordering to Improve Compressibility Xing Lin, University of Utah; Guanlin Lu, Fred Douglis, Philip Shilane, and Grant Wallace, EMC Corporation— Data Protection and Availability Division https://www.usenix.org/conference/fast14/technical-sessions/presentation/lin This paper is included in the Proceedings of the 12th USENIX Conference on File and Storage Technologies (FAST ’14). February 17–20, 2014 • Santa Clara, CA USA ISBN 978-1-931971-08-9 Open access to the Proceedings of the 12th USENIX Conference on File and Storage Technologies (FAST ’14) is sponsored by Migratory Compression: Coarse-grained Data Reordering to Improve Compressibility Xing Lin1, Guanlin Lu2, Fred Douglis2, Philip Shilane2, Grant Wallace2 1University of Utah, 2EMC Corporation – Data Protection and Availability Division Abstract data; the larger the window size, the greater the opportu- nity to find redundant strings, leading to better compres- We propose Migratory Compression (MC), a coarse- sion. However, to limit the overhead in finding redun- grained data transformation, to improve the effectiveness dancy, most real-world implementations use small win- of traditional compressors in modern storage systems. dow sizes. For example, DEFLATE, used by gzip, has a In MC, similar data chunks are re-located together, to 64 KB sliding window [6] and the maximum window for improve compression factors. After decompression, bzip2 is 900 KB [8]. The only compression algorithm migrated chunks return to their previous locations. We we are aware of that uses larger window sizes is LZMA evaluate the compression effectiveness and overhead in 7z [1], which supports history up to 1 GB.1 It usually of MC, explore reorganization approaches on a variety compresses better than gzip and bzip2 but takes sig- of datasets, and present a prototype implementation of nificantly longer.
    [Show full text]
  • Oracle Universal Installer and Opatch User's Guide for Windows and UNIX
    Oracle® Universal Installer and OPatch User’s Guide 10g Release 2 (10.2) for Windows and UNIX B16227-12 August 2010 Oracle Universal Installer and OPatch User's Guide, 10g Release 2 (10.2) for Windows and UNIX B16227-12 Copyright © 1996, 2010, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007).
    [Show full text]
  • Digital Forensics Formats: Seeking a Digital Preservation Storage Container Format for Web Archiving
    doi:10.2218/ijdc.v7i2.227 Digital Forensics Formats 21 The International Journal of Digital Curation Volume 7, Issue 2 | 2012 Digital Forensics Formats: Seeking a Digital Preservation Storage Container Format for Web Archiving Yunhyong Kim, Humanities Advanced Technology and Information Institute, University of Glasgow Seamus Ross, Faculty of Information, University of Toronto, Canada and Humanities Advanced Technology and Information Institute, University of Glasgow Abstract In this paper we discuss archival storage container formats from the point of view of digital curation and preservation, an aspect of preservation overlooked by most other studies. Considering established approaches to data management as our jumping off point, we selected seven container format attributes that are core to the long term accessibility of digital materials. We have labeled these core preservation attributes. These attributes are then used as evaluation criteria to compare storage container formats belonging to five common categories: formats for archiving selected content (e.g. tar, WARC), disk image formats that capture data for recovery or installation (partimage, dd raw image), these two types combined with a selected compression algorithm (e.g. tar+gzip), formats that combine packing and compression (e.g. 7-zip), and forensic file formats for data analysis in criminal investigations (e.g. aff – Advanced Forensic File format). We present a general discussion of the storage container format landscape in terms of the attributes we discuss, and make a direct comparison between the three most promising archival formats: tar, WARC, and aff. We conclude by suggesting the next steps to take the research forward and to validate the observations we have made.
    [Show full text]
  • Economic Value of Instream Flows in Montana: a Travel Cost Model Approach
    University of Montana ScholarWorks at University of Montana Graduate Student Theses, Dissertations, & Professional Papers Graduate School 1989 Economic value of instream flows in Montana: A travel cost model approach Christopher J. Neher The University of Montana Follow this and additional works at: https://scholarworks.umt.edu/etd Let us know how access to this document benefits ou.y Recommended Citation Neher, Christopher J., "Economic value of instream flows in Montana: A travel cost model approach" (1989). Graduate Student Theses, Dissertations, & Professional Papers. 8515. https://scholarworks.umt.edu/etd/8515 This Thesis is brought to you for free and open access by the Graduate School at ScholarWorks at University of Montana. It has been accepted for inclusion in Graduate Student Theses, Dissertations, & Professional Papers by an authorized administrator of ScholarWorks at University of Montana. For more information, please contact [email protected]. COPYRIGHT ACT OF 1976 Th is is an unpublished manuscript in which copyright SUBSISTS. Any further reprinting of its contents must be APPROVED BY THE AUTHOR. Mansfield Library Un iv e r s ity of Montana Date :____1989 __ Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. THE ECONOMIC VALUE OF INSTREAM FLOWS IN MONTANA: A TRAVEL COST MODEL APPROACH By Christopher J. Neher B.S. University of Idaho, 1979. Presented in partial fulfillment of the requirements for the degree of Master of Arts University of Montana 1989 Approved by Chairman, Board of Examiners Dean, Graduate School Date 7/ Reproduced with permission of the copyright owner.
    [Show full text]
  • Bogog00000000000000
    US 20190236273A1 ( 19) United States (12 ) Patent Application Publication (10 ) Pub. No. : US 2019 /0236273 A1 SAXE et al. (43 ) Pub. Date : Aug. 1 , 2019 ( 54 ) METHODS AND APPARATUS FOR GO6N 3 /04 (2006 .01 ) DETECTION OF MALICIOUS DOCUMENTS G06K 9 /62 (2006 .01 ) USING MACHINE LEARNING (52 ) U .S . CI. CPC .. G06F 21/ 563 ( 2013 .01 ) ; GO6N 20 / 20 (71 ) Applicant: Sophos Limited , Abingdon (GB ) (2019 .01 ) ; G06K 9 /6256 ( 2013 .01 ) ; G06K ( 72 ) Inventors: Joshua Daniel SAXE , Los Angeles, 9 /6267 ( 2013 .01 ) ; G06N 3 / 04 ( 2013 .01 ) CA (US ) ; Ethan M . RUDD , Colorado Springs , CO (US ) ; Richard HARANG , (57 ) ABSTRACT Alexandria , VA (US ) An apparatus for detecting malicious files includes a memory and a processor communicatively coupled to the ( 73 ) Assignee : Sophos Limited , Abingdon (GB ) memory. The processor receives multiple potentially mali cious files. A first potentially malicious file has a first file ( 21) Appl . No. : 16 /257 , 749 format , and a second potentially malicious file has a second file format different than the first file format. The processor ( 22 ) Filed : Jan . 25 , 2019 extracts a first set of strings from the first potentially malicious file , and extracts a second set of strings from the Related U . S . Application Data second potentially malicious file . First and second feature (60 ) Provisional application No . 62/ 622 ,440 , filed on Jan . vectors are defined based on lengths of each string from the 26 , 2018 . associated set of strings . The processor provides the first feature vector as an input to a machine learning model to Publication Classification produce a maliciousness classification of the first potentially (51 ) Int.
    [Show full text]
  • Using Data Compression for Energy-Efficient Reprogramming Of
    Using Data Compression for Energy-Efficient Reprogramming of Wireless Sensor Networks Nicolas Tsiftes <[email protected]> Swedish Institute of Computer Science Box 1263, SE-164 29 Kista, Sweden SICS Technical Report T2007:13 ISSN 1100-3154 ISRN:SICS-T–2007/13-SE December 18, 2007 Keywords: wireless sensor networks, data compression, reprogramming, experimental eval- uation, energy efficiency Abstract Software used in sensor networks to perform tasks such as sensing, network routing, and operating system services can be subject to changes or replacements during the long lifetimes of many sensor networks. The task of reprogramming the network nodes consumes a significant amount of energy and increases the network congestion because the software is sent over radio in an epidemic manner to all the nodes. In this thesis, I show that the use of data compression of dynamically link- able modules makes the reprogramming more energy-efficient and reduces the time needed for the software to propagate. The cost for using data compression is that the decompression algorithm must execute for a relatively long time, and that the software takes five to ten kilobytes to store on the sensor nodes. Contents 1 Introduction 5 1.1 Problem Statement . 5 1.2 Method ................................ 6 1.3 Limitations . 6 1.4 Alternative Approaches . 6 1.5 Scientific Contributions . 7 1.6 ReportStructure............................ 7 2 Background 8 2.1 WirelessSensorNetworks ...................... 8 2.1.1 Software Updates in Wireless Sensor Networks . 8 2.1.2 The Contiki Operating System . 10 2.2 Data Compression Algorithms . 12 2.2.1 Lossless and Lossy Algorithms . 12 2.2.2 Statistical Algorithms .
    [Show full text]
  • Data Description and Usage
    HEALTH AND RETIREMENT STUDY Respondent Cross-Year Benefits Restricted Data Data Description and Usage Version 5.2 October 2020 To the Restricted Data Investigator: This restricted data set is intended for exclusive use by you and the persons specified in the Agreement for Use of Restricted Data from the Health and Retirement Study and/or the Supplemental Agreement with Research Staff for Use of Restricted Data from the Health and Retirement Study. If there are any questions about this data set and its use, refer to the HRS Restricted Data page (https://hrs.isr.umich.edu/data-products/restricted-data) or contact the HRS Help Desk ([email protected]). This document may not be reproduced without the written consent of the staff of the Health and Retirement Study, The Institute for Social Research, The University of Michigan. Table of Contents 1. Overview and Acknowledgments ............................................................................................... 3 2. Obtaining the Data ........................................................................................................................... 3 2c. Publications Based on Restricted Data ............................................................................................. 3 3. Cross-Year Benefit Data Set Content ......................................................................................... 4 3a. File Structure .............................................................................................................................................
    [Show full text]
  • Pentest-Report Chubaofs Pentest 08.-09.2020 Cure53, Dr.-Ing
    Dr.-Ing. Mario Heiderich, Cure53 Bielefelder Str. 14 D 10709 Berlin cure53.de · [email protected] Pentest-Report ChubaoFS Pentest 08.-09.2020 Cure53, Dr.-Ing. M. Heiderich, M. Wege, MSc. D. Weißer, MSc. F. Fäßler, MSc. R. Peraglie Index Introduction Scope Identified Vulnerabilities CFS-01-003 WP1: Insecure SHA1 password-hashing (Low) CFS-01-004 WP1: Linux file permissions ineffective for ACL (High) CFS-01-005 WP1: Missing HMAC leads to CBC padding oracle (Medium) CFS-01-007 WP1: No brute-force protection on time-unsafe comparisons (Low) CFS-01-008 WP1: Unencrypted raw TCP traffic to Meta- and DataNode (High) CFS-01-009 WP1: Unauthenticated raw TCP traffic to Meta- and DataNode (High) CFS-01-010 WP1: Lack of TCP traffic message replay protection (Medium) CFS-01-011 WP1: Rogue Meta- and DataNodes possible due to lack of ACL (High) CFS-01-015 WP1: API freely discloses all user-secrets (Critical) CFS-01-016 WP2: Default Docker deployment insecure on public hosts (High) CFS-01-022 WP1: HTTP clear-text ObjectNode REST API exposed (High) CFS-01-024 WP2: Bypassing Skip-Owner-Validation header authentication (Medium) Miscellaneous Issues CFS-01-001 WP1: Usage of math/rand within crypto-utils and utils (Info) CFS-01-002 WP1: TLS version not enforced for AuthNode HTTP server (Low) CFS-01-006 WP1: Password hashes can be used to authenticate (Low) CFS-01-012 WP1: HTTP parameter pollution in HTTP clients (Medium) CFS-01-013 WP1: Unsalted MD5 authKey-Computation in ObjectNode (Low) CFS-01-014 WP2: Lack of password complexity in MasterNode (Low) CFS-01-017 WP2: Docker deployment stores client.json as world-readable (Medium) CFS-01-018 WP1: Docker deployment logs credentials as world-readable (Medium) CFS-01-019 WP1: Folders can be moved into their own child folders (Low) CFS-01-020 WP1: Missing filename-validation allows folder corruption (Low) CFS-01-021 WP1: Debugging endpoint /debug/pprof exposed (Info) CFS-01-023 WP1: Build system lacks stack canaries, PIE and FORTIFY (Medium) Cure53, Berlin · 09/08/20 1/37 Dr.-Ing.
    [Show full text]
  • IDOL Connector Framework Server 11.3 Administration Guide
    HPE Connector Framework Server Software Version: 11.3 Administration Guide Document Release Date: February 2017 Software Release Date: February 2017 Administration Guide Legal Notices Warranty The only warranties for Hewlett Packard Enterprise Development LP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HPE shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice. Restricted Rights Legend Confidential computer software. Valid license from HPE required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. Copyright Notice © Copyright 2017 Hewlett Packard Enterprise Development LP Trademark Notices Adobe™ is a trademark of Adobe Systems Incorporated. Microsoft® and Windows® are U.S. registered trademarks of Microsoft Corporation. UNIX® is a registered trademark of The Open Group. This product includes an interface of the 'zlib' general purpose compression library, which is Copyright © 1995-2002 Jean-loup Gailly and Mark Adler. Documentation updates The title page of this document contains the following identifying information: l Software Version number, which indicates the software version. l Document Release Date, which changes each time the document is updated. l Software Release Date, which indicates the release date of this version of the software. To check for recent software updates, go to https://downloads.autonomy.com/productDownloads.jsp. To verify that you are using the most recent edition of a document, go to https://softwaresupport.hpe.com/group/softwaresupport/search-result?doctype=online help.
    [Show full text]