Biblio

Underwater Wireless Sensor Networks (UWSNs) are liable to malicious attacks due to limited bandwidth, limited power, high propagation delay, path loss, and variable speed. The major differences between UWSNs and Terrestrial Wireless Sensor Networks (TWSNs) necessitate a new mechanism to secure UWSNs. The existing Media Access Control (MAC) and routing protocols have addressed the network performance of UWSNs, but are vulnerable to several attacks. The secure MAC and routing protocols must exist to detect Sybil, Blackhole, Wormhole, Hello Flooding, Acknowledgment Spoofing, Selective Forwarding, Sinkhole, and Exhaustion attacks. These attacks can disrupt or disable the network connection. Hence, these attacks can degrade the network performance and total loss can be catastrophic in some applications, like monitoring oil/gas spills. Several researchers have studied the security of UWSNs, but most of the works detect malicious attacks solely based on a certain predefined threshold. It is not optimal to detect malicious attacks after the threshold value is met. In this paper, we propose a multi-factor authentication model that is based on zero-knowledge proof to detect malicious activities and secure UWSNs from several attacks.

Negative curvature hollow core fibers (NC-HCFs) realize great research attention due to their comparatively low losses with simplified design and fabrication simplicity. Recently, revolver type fibers that combine the NC-HCF and conventional lattice structured photonic crystal fiber (PCF) have opened up a new era in communications due to their low loss, power confinement capacity, and multi-bandwidth applications. In this study, we present a customized optical fiber design that comprises the PCF with the NC-HCF to get lowest confinement loss. Extensive numerical simulations are performed and a noteworthy low loss of 4.47×10-05dB/m at a wavelength of 0.85 μm has been recorded for the designed fiber, which is almost 4600 times lower than annular revolver type fibers. In addition, a conspicuous low loss transmission bandwidth ranging from 0.6 μm to 1.8 μm has found in this study. This may have potential applications in spectroscopy, material processing, chemical and bio-molecular sensing, security, and industry applications.

Reliable communication over the wireless network with high throughput is a major target for the next generation communication technologies. Network coding can significantly improve the throughput efficiency of the network in a cooperative environment. The small cell technology and device to device communication make network coding an ideal candidate for improved performance in the fifth generation of communication networks. However, the security concerns associated with network coding needs to be addressed before any practical implementations. Pollution attacks are considered one of the most threatening attacks in the network coding environment. Although there are different integrity schemes to detect polluted packets, identifying the exact adversary in a network coding environment is a less addressed challenge. This paper proposes a scheme for identifying and locating adversaries in a dense, network coding enabled environment of mobile nodes. It also discusses a non-repudiation protocol that will prevent adversaries from deceiving the network.

In today's world, the word malware is synonymous with mysterious programs that spread havoc and sow destruction upon the computing system it infects. These malware are analyzed and understood by malware analysts who reverse engineer the program in an effort to understand it and provide appropriate identifications or signatures that enable anti-malware programs to effectively combat and resolve threats. Malware authors develop ways to circumvent or prevent this analysis of their code thus rendering preventive measures ineffective. This paper discusses existing analysis subverting techniques and how they are overcome by modern analysis techniques. Further, this paper proposes a new method to resist traditional malware analysis techniques by creating a split-personality malware variant that uses a technique known as shadow attack. The proposal is validated by creating a malware dropper and testing this dropper in controlled laboratory conditions as a part of the concept of proactive defense.

Research into the explanation of machine learning models, i.e., explainable AI (XAI), has seen a commensurate exponential growth alongside deep artificial neural networks throughout the past decade. For historical reasons, explanation and trust have been intertwined. However, the focus on trust is too narrow, and has led the research community astray from tried and true empirical methods that produced more defensible scientific knowledge about people and explanations. To address this, we contribute a practical path forward for researchers in the XAI field. We recommend researchers focus on the utility of machine learning explanations instead of trust. We outline five broad use cases where explanations are useful and, for each, we describe pseudo-experiments that rely on objective empirical measurements and falsifiable hypotheses. We believe that this experimental rigor is necessary to contribute to scientific knowledge in the field of XAI.

The following topics are dealt with: cloud computing; software defined networking; cryptography; telecommunication traffic; Internet of Things; authorisation; software radio; cryptocurrencies; data privacy; learning (artificial intelligence).

The work we present is a comparative study based on an experimental approach to the mechanical and thermal properties of different local clay-based building materials with the incorporation of agricultural waste in Chad. These local building materials have been used since ancient times by the low-income population. They were the subject of a detailed characterization of their mechanical and thermal parameters. The objective is to obtain lightweight materials with good thermomechanical performance and which can contribute to improving thermal comfort, energy-saving, and security in social housing in Chad while reducing the cost of investment. Several clay-based samples with increasing incorporation of 0 to 8% of agricultural waste (cow dung or millet pod) were made. We used appropriate experimental methods for porous materials (the hydraulic press for mechanical tests and the box method for thermal tests). In this article, we have highlighted the values and variations of the mechanical compressive resistances, thermal conductivities, and thermal resistances of test pieces made with these materials. Knowing the mechanical and thermal characteristics, we also carried out a thermomechanical study. The thermal data made it possible to make Dynamic Thermal Simulations (STD) of the buildings thanks to the Pléiades + COMFIE software. The results obtained show that the use of these materials in a building presents good mechanical and thermal performance with low consumption of electrical energy for better thermal comfort of the occupants. Thus agricultural waste can be recovered thanks to its integration into building materials based on clay.

Mobile browsers have become one of the main mediators of our online activities. However, as web pages continue to increase in size and streaming media on-the-go has become commonplace, mobile data plan constraints remain a significant concern for users. As a result, data-saving features can be a differentiating factor when selecting a mobile browser. In this paper, we present a comprehensive exploration of the security and privacy threat that data-saving functionality presents to users. We conduct the first analysis of Android's data-saving browser (DSB) ecosystem across multiple dimensions, including the characteristics of the various browsers' infrastructure, their application and protocol-level behavior, and their effect on users' browsing experience. Our research unequivocally demonstrates that enabling data-saving functionality in major browsers results in significant degradation of the user's security posture by introducing severe vulnerabilities that are not otherwise present in the browser during normal operation. In summary, our experiments show that enabling data savings exposes users to (i) proxy servers running outdated software, (ii) man-in-the-middle attacks due to problematic validation of TLS certificates, (iii) weakened TLS cipher suite selection, (iv) lack of support of security headers like HSTS, and (v) a higher likelihood of being labelled as bots. While the discovered issues can be addressed, we argue that data-saving functionality presents inherent risks in an increasingly-encrypted Web, and users should be alerted of the critical savings-vs-security trade-off that they implicitly accept every time they enable such functionality.

In digital communication, the transmission of medical images over communication network is very explosive. We need a communication system to transmit the medical information rapidly and securely. In this manuscript, we propose a cryptosystem with novel encoding strategy and lossless compression technique. The chaos based DNA cryptography is used to enrich security of medical images. The lossless Discrete Haar Wavelet Transform is used to reduce space and time efficiency during transmission. The cryptanalysis proves that proposed cryptosystem is secure against different types of attacks. The compression ratio and pixel comparison is performed to verify the similarity of retained medical image.

In order to erase data including confidential in-formation stored in storage devices, an unrelated and random sequence is usually overwritten, which prevents the data from being restored. The problem of minimizing the cost for information erasure when the amount of information leakage of the confidential information should be less than or equal to a constant asymptotically has been introduced by T. Matsuta and T. Uyematsu. Whereas the minimum cost for overwriting has been given for general sources, a single-letter characterization for stationary memoryless sources is not easily derived. In this paper, we give single-letter characterizations for stationary memoryless sources under two types of restrictions: one requires the output distribution of the encoder to be independent and identically distributed (i.i.d.) and the other requires it to be memoryless but not necessarily i.i.d. asymptotically. The characterizations indicate the relation among the amount of information leakage, the minimum cost for information erasure and the rate of the size of uniformly distributed sequences. The obtained results show that the minimum costs are different between these restrictions.

The recent advancements in ubiquitous sensing powered by Wireless Computing Technologies (WCT) and Cloud Computing Services (CCS) have introduced a new thinking ability amongst researchers and healthcare professionals for building secure and connected healthcare systems. The integration of Internet of Things (IoT) in healthcare services further brings in several challenges with it, mainly including encrypted communication through vulnerable wireless medium, authentication and access control algorithms and ownership transfer schemes (important patient information). Major concern of such giant connected systems lies in creating the data handling strategies which is collected from the billions of heterogeneous devices distributed across the hospital network. Besides, the resource constrained nature of IoT would make these goals difficult to achieve. Motivated by aforementioned deliberations, this paper introduces a novel approach in designing a security framework for edge-computing based connected healthcare systems. An efficient, multi-factor access control and ownership transfer mechanism for edge-computing based futuristic healthcare applications is the core of proposed framework. Data scalability is achieved by employing distributed approach for clustering techniques that analyze and aggregate voluminous data acquired from heterogeneous devices individually before it transits the to the cloud. Moreover, data/device ownership transfer scheme is considered to be the first time in its kind. During ownership transfer phase, medical server facilitates user to transfer the patient information/ device ownership rights to the other registered users. In order to avoid the existing mistakes, we propose a formal and informal security analysis, that ensures the resistance towards most common IoT attacks such as insider attack, denial of distributed service (DDoS) attack and traceability attacks.

This work presents the results of the Multi-Robot System designing that works on the basis of Swarm Intelligence models and is used to search for optimal solutions. The process of searching for optimal solutions is performed based on a field of gradient vectors that can be generated by ionizing radiation sources, radio-electro-magnetic devices, temperature generating sources, etc. The concept of the operation System is based on the distribution in the search space of a multitude of Mobile Robots that form a Mesh network between them. Each Mobile Robot has a set of ultrasonic sensors for excluding the collisions with obstacles, two sensors for identifying the gradient vector of the analyzed field, resources for wireless storage, processing and communication. The direction of the Mobile Robot movement is determined by the rotational speed of two DC motors which is calculated based on the models of Artificial Neural Networks. Gradient vectors generated by all Mobile Robots in the system structure are used to calculate the movement direction.

The rapid growth of the Internet is, in part, powered by the broad participation of numerous vendors building network components. All these network devices require that they be properly configured and maintained, which creates a challenge for system administrators of complex networks with a growing variety of heterogeneous devices. This challenge is true for today's networks, as well as for the networking architectures of the future, such as Named Data Networking (NDN). This paper gives a preliminary design of an NDNconf framework, an adaptation of a recently developed NETCONF protocol, to realize unified configuration and management for NDN. The presented design is built leveraging the benefits provided by NDN, including the structured naming shared among network and application layers, stateful data retrieval with name-based interest forwarding, in-network caching, data-centric security model, and others. Specifically, the configuration data models, the heart of NDNconf, the elements of the models and models themselves are represented as secured NDN data, allowing fetching models, fetching configuration data that correspond to elements of the model, and issuing commands using the standard Interest-Data exchanges. On top of that, the security of models, data, and commands are realized through native data-centric NDN mechanisms, providing highly secure systems with high granularity of control.

Data encryption techniques are important for answering the question: How secure is the Internet for sending sensitive data. Keeping data secure while they are sent through the global network is a difficult task. This is because many hackers are fishing these data in order to get some benefits. The researchers have developed various types of encryption algorithms to protect data from attackers. These algorithms are mainly classified into two categories namely symmetric and asymmetric encryption algorithms. This survey sheds light on the recent work carried out on encrypting a text into an image based on the RGB color value and held a comparison between them based on various factors evolved from the literature.

Traffic Characterization, Application Identification, Per Application Classification, and VPN/Non-VPN Traffic Characterization have been some of the most notable research topics over the past few years. Deep Packet Inspection (DPI) promises an increase in Quality of Service (QoS) for Internet Service Providers (ISPs), simplifies network management and plays a vital role in content censoring. DPI has been used to help ease the flow of network traffic. For instance, if there is a high priority message, DPI could be used to enable high-priority information to pass through immediately, ahead of other lower priority messages. It can be used to prioritize packets that are mission-critical, ahead of ordinary browsing packets. Throttling or slowing down the rate of data transfer can be achieved using DPI for certain traffic types like peer-to-peer downloads. It can also be used to enhance the capabilities of ISPs to prevent the exploitation of Internet of Things (IoT) devices in Distributed Denial-Of-Service (DDOS) attacks by blocking malicious requests from devices. In this paper, we introduce a novel architecture for DPI using neural networks utilizing layers of word embedding, convolutional neural networks and bidirectional recurrent neural networks which proved to have promising results in this task. The proposed architecture introduces a new mix of layers which outperforms the proposed approaches before.

An essential ingredient of the smart grid is software-based services. Increasingly, software is used to support control strategies and services that are critical to the grid's operation. Therefore, its correct operation is essential. For various reasons, software and its configuration needs to be updated. This update process represents a significant overhead for smart grid operators and failures can result in financial losses and grid instabilities. In this paper, we present a framework for determining the root causes of software rollout failures in the smart grid. It uses distributed sensors that indicate potential issues, such as anomalous grid states and cyber-attacks, and a causal inference engine based on a formalism called evidential networks. The aim of the framework is to support an adaptive approach to software rollouts, ensuring that a campaign completes in a timely and secure manner. The framework is evaluated for a software rollout use-case in a low voltage distribution grid. Experimental results indicate it can successfully discriminate between different root causes of failure, supporting an adaptive rollout strategy.

Image watermarking is very important phenomenon in modern society where intellectual property right of information is necessary. Considering this impending problem, there are many image watermarking methods exist in the literature each of having some key advantages and disadvantages. After summarising state-of-the-art literature survey, an optimum digital watermark technique using singular value decomposition with principle component analysis (PCA) is proposed and verified. Basically, the host image is compressed using PCA which reduces multi-dimensional data to effective low-dimensional information. In this scheme, the watermark is embedded using the discrete wavelet transformation-singular value decomposition approach. Simulation results show that the proposed method improves the system performance compared with the existing method in terms of the watermark embedding, and extraction time. Therefore, this work is valuable for image watermarking in modern life such as tracing copyright infringements and banknote authentication.

In this study, we investigate the performance of FSO communication systems under more realistic channel model considering atmospheric turbulence, pointing errors and channel estimation errors together. For this aim, we first derived the composite probability density function (PDF) of imperfect Málaga turbulence channel with pointing errors. Then using this PDF, we obtained bit-error-rate (BER) and ergodic channel capacity (ECC) expressions in closed forms. Additionally, we present the BER and ECC metrics of imperfect Gamma-Gamma and K turbulence channels with pointing errors as special cases of Málaga channel. We further verified our analytic results through Monte-Carlo simulations.

Today's blockchain designs suffer from a trilemma claiming that no blockchain system can simultaneously achieve decentralization, security, and performance scalability. For current blockchain systems, as more nodes join the network, the efficiency of the system (computation, communication, and storage) stays constant at best. A leading idea for enabling blockchains to scale efficiency is the notion of sharding: different subsets of nodes handle different portions of the blockchain, thereby reducing the load for each individual node. However, existing sharding proposals achieve efficiency scaling by compromising on trust - corrupting the nodes in a given shard will lead to the permanent loss of the corresponding portion of data. In this paper, we settle the trilemma by demonstrating a new protocol for coded storage and computation in blockchains. In particular, we propose PolyShard: "polynomially coded sharding" scheme that achieves information-theoretic upper bounds on the efficiency of the storage, system throughput, as well as on trust, thus enabling a truly scalable system.

In recent days the attention of the researchers has been grabbed by the advent of fog computing which is found to be a conservatory of cloud computing. The fog computing is found to be more advantageous and it solves mighty issues of the cloud namely higher delay and also no proper mobility awareness and location related awareness are found in the cloud environment. The IoT devices are connected to the fog nodes which support the cloud services to accumulate and process a component of data. The presence of Fog nodes not only reduces the demands of processing data, but it had improved the quality of service in real time scenarios. Nevertheless the fog node endures from challenges of false data injection, privacy violation in IoT devices and violating integrity of data. This paper is going to address the key issues related to homomorphic encryption algorithms which is used by various researchers for providing data integrity and authenticity of the devices with their merits and demerits.

Online privacy policies are lengthy and hard to comprehend. To address this problem, researchers have utilized machine learning (ML) to devise tools that automatically summarize online privacy policies for web users. One such tool is our free and publicly available browser extension, PrivacyCheck. In this paper, we enhance PrivacyCheck by adding a competitor analysis component-a part of PrivacyCheck that recommends other organizations in the same market sector with better privacy policies. We also monitored the usage patterns of about a thousand actual PrivacyCheck users, the first work to track the usage and traffic of an ML-based privacy analysis tool. Results show: (1) there is a good number of privacy policy URLs checked repeatedly by the user base; (2) the users are particularly interested in privacy policies of software services; and (3) PrivacyCheck increased the number of times a user consults privacy policies by 80%. Our work demonstrates the potential of ML-based privacy analysis tools and also sheds light on how these tools are used in practice to give users actionable knowledge they can use to pro-actively protect their privacy.

A cyber-physical system (CPS) is a term that implements mainly three parts, Physical elements, communication networks, and control systems. Currently, CPS includes the Internet of Things (IoT), Internet of Vehicles (IoV), and many other systems. These systems face many security challenges and different types of attacks, such as Jamming, DDoS.CPS attacks tend to be much smarter and more dynamic; thus, it needs defending strategies that can handle this level of intelligence and dynamicity. Last few years, many researchers use machine learning as a base solution to many CPS security issues. This paper provides a survey of the recent works that utilized the Q-Learning algorithm in terms of security enabling and privacy-preserving. Different adoption of Q-Learning for security and defending strategies are studied. The state-of-the-art of Q-learning and CPS systems are classified and analyzed according to their attacks, domain, supported techniques, and details of the Q-Learning algorithm. Finally, this work highlight The future research trends toward efficient utilization of Q-learning and deep Q-learning on CPS security.

Advanced Persistent Threats (APTs) are stealthy, sophisticated, long-term, multi-stage attacks that threaten the security of sensitive information. Dynamic Information Flow Tracking (DIFT) has been proposed as a promising mechanism to detect and prevent various cyber attacks in computer systems. DIFT tracks suspicious information flows in the system and generates security analysis when anomalous behavior is detected. The number of information flows in a system is typically large and the amount of resources (such as memory, processing power and storage) required for analyzing different flows at different system locations varies. Hence, efficient use of resources is essential to maintain an acceptable level of system performance when using DIFT. On the other hand, the quickest detection of APTs is crucial as APTs are persistent and the damage caused to the system is more when the attacker spends more time in the system. We address the problem of detecting APTs and model the trade-off between resource efficiency and quickest detection of APTs. We propose a game model that captures the interaction of APT and a DIFT-based defender as a two-player, multi-stage, zero-sum, Stackelberg semi-Markov game. Our game considers the performance parameters such as false-negatives generated by DIFT and the time required for executing various operations in the system. We propose a two-time scale Q-learning algorithm that converges to a Stackelberg equilibrium under infinite horizon, limiting average payoff criteria. We validate our model and algorithm on a real-word attack dataset obtained using Refinable Attack INvestigation (RAIN) framework.

Dynamic random growth technique and a hybrid chaotic map which is proposed in this paper are used to perform block-based image encryption. The plaintext attack can easily crack the cat map, as it is periodic, and therefore cat map securely used in which it can eliminate the cyclical occurrence and withstand the plaintext attack's effect. The diffusion process calculates the intermediate parameters according to the image block. For the generation of the random data stream in the chaotic map, we use an intermediate parameter as an initial parameter. In this way, the generated data stream depends on the plain text image that can withstand the attack on plain text. The experimental results of this process prove that the proposed dynamic random growth technique and a hybrid chaotic map for image encryption is a secured one in which it can be used in secured image transmission systems.

To accommodate the rapidly changing Internet requirements, Information-Centric Networking (ICN) was recently introduced as a promising architecture for the future Internet. One of the ICN primary features is `in-network caching'; due to its ability to minimize network traffic and respond faster to users' requests. Therefore, various caching algorithms have been presented that aim to enhance the network performance using different measures, such as cache hit ratio and cache hit distance. Choosing a caching strategy is critical, and an adequate replacement strategy is also required to decide which content should be dropped. Thus, in this paper, we propose a content replacement scheme for ICN, called Randomized LFU that is implemented with respect to content popularity taking the time complexity into account. We use Abilene and Tree network topologies in our simulation models. The proposed replacement achieves encouraging results in terms of the cache hit ratio, inner hit, and hit distance and it outperforms FIFO, LRU, and Random replacement strategies.