Biblio

Software Defined Networking (SDN) is a promising network architecture that aims at providing high flexibility through the separation between network logic (control plane) and forwarding functions (data plane). This separation provides logical centralization of controllers, global network overview, ease of programmability, and a range of new SDN-compliant services. In recent years, the adoption of SDN in enterprise networks has been constantly increasing. In the meantime, new challenges arise in different levels such as scalability, management, and security. In this paper, we elaborate on complex security issues in the current SDN architecture. Especially, reconnaissance attack where attackers generate traffic for the goal of exploring existing services, assets, and overall network topology. To eliminate reconnaissance attack in SDN environment, we propose SDN-based solution by utilizing distributed firewall application, security policy, and OpenFlow counters. Distributed firewall application is capable of tracking the flow based on pre-defined states that would monitor the connection to sensitive nodes toward malicious activity. We utilize Mininet to simulate the testing environment. We are able to detect and mitigate this type of attack at early stage and in average around 7 second.

In this paper, we are going to verify the possibility to create a ransomware simulation that will use an arbitrary combination of known tactics and techniques to bypass an anti-malware defense. To verify this hypothesis, we conducted an experiment in which an agent was trained with the help of reinforcement learning to run the ransomware simulator in a way that can bypass anti-ransomware solution and encrypt the target files. The novelty of the proposed method lies in applying reinforcement learning to anti-ransomware testing that may help to identify weaknesses in the anti-ransomware defense and fix them before a real attack happens.

Traditional downlink (DL)-uplink (UL) coupled cell association scheme is suboptimal solution for user association as most of the users are associated to a high powered macro base station (MBS) compared to low powered small base station (SBS) in heterogeneous network. This brings challenges like multiple interference issues, imbalanced user traffic load which leads to a degraded throughput in HetNet. In this paper, we investigate DL-UL decoupled cell association scheme to address these challenges and formulate a sum-rate maximization problem in terms of admission control, cell association and power allocation for MBS only, coupled and decoupled HetNet. The formulated optimization problem falls into a class of mixed integer non linear programming (MINLP) problem which is NP-hard and requires an exhaustive search to find the optimal solution. However, computational complexity of the exhaustive search increases exponentially with the increase in number of users. Therefore, an outer approximation algorithm (OAA), with less complexity, is proposed as a solution to find near optimal solution. Extensive simulations work have been done to evaluate proposed algorithm. Results show effectiveness of proposed novel decoupled cell association scheme over traditional coupled cell association scheme in terms of users associated/attached, mitigating interference, traffic offloading to address traffic imbalances and sum-rate maximization.

Mobile Forensics (MF) field uses prescribed scientific approaches with a focus on recovering Potential Digital Evidence (PDE) from mobile devices leveraging forensic techniques. Consequently, increased proliferation, mobile-based services, and the need for new requirements have led to the development of the MF field, which has in the recent past become an area of importance. In this article, the authors take a step to conduct a review on Mobile Forensics Investigation Process Models (MFIPMs) as a step towards uncovering the MF transitions as well as identifying open and future challenges. Based on the study conducted in this article, a review of the literature revealed that there are a few MFIPMs that are designed for solving certain mobile scenarios, with a variety of concepts, investigation processes, activities, and tasks. A total of 100 MFIPMs were reviewed, to present an inclusive and up-to-date background of MFIPMs. Also, this study proposes a Harmonized Mobile Forensic Investigation Process Model (HMFIPM) for the MF field to unify and structure whole redundant investigation processes of the MF field. The paper also goes the extra mile to discuss the state of the art of mobile forensic tools, open and future challenges from a generic standpoint. The results of this study find direct relevance to forensic practitioners and researchers who could leverage the comprehensiveness of the developed processes for investigation.

The chapter presents a review of proactive Moving Target Defense (MTD) paradigm and investigates the feasibility and potential of specific MTD approaches for the resource‐constrained Internet of Things (IoT) applications. The aim is not only to provide taxonomy of various MTD approaches but also to advocate MTD techniques in the dynamic network domain in conjunction with the emerging Software Defined Networking (SDN) for more effective proactive IoT defense. The Internet of Battlefield Things (IoBT) and Industrial IoT (IIoT), which subject to more attacks, are identified as two critical IoT domains that can reap from the SDN‐based MTD approaches. Finally, the chapter also discusses potential future research challenges of the MTD approaches in the IoT domain.

Wireless technology is growing at a fast rate to accommodate the expanding user demands. Currently the radio frequency (RF) spectrum is highly congested and more susceptible to signal fratricide and interference. Therefore, full duplexing techniques are required to enhance the access to the spectrum. Simultaneous Transmit and receive systems (STAR), also known as in-band full duplex systems, are gaining higher attention due to their capability to double spectral efficiency. However, successful implementation of STAR systems requires significant isolation between the transmit and receive signals to reduce self-interference (SI) signal. To minimize this self-interference, front-end coupling cancellation circuits are employed in STAR system. In this paper, an RF coupling suppression circuit is presented based on a hybrid finite impulse response filter (FIR) and resonator architecture. Notably, this newly developed FIR-resonator circuit achieves \textbackslashtextgreater30dB cancellation across a \textbackslashtextgreater1.5:1 bandwidth.

Fault effect simulation is a well-established technique for the qualification of robust embedded software and hardware as required by different safety standards. Our article introduces a Virtual Prototype based approach for the fault analysis and fast simulation of a set of automatically generated and target compiled software programs. The approach scales to different RISC-V ISA standard subset configurations and is based on an instruction and hardware register coverage for automatic fault injections of permanent and transient bitflips. The analysis of each software binary evaluates its opcode type and register access coverage including the addressed memory space. Based on this information dedicated sets of fault injected hardware models, i.e., mutants, are generated. The simulation of all mutants conducted with the different binaries finally identifies the cases with a normal termination though executed on a faulty hardware model. They are identified as a subject for further investigations and improvements by the implementation of additional hardware or software safety countermeasures. Our final evaluation results with automatic C code generation, compilation, analysis, and simulation show that QEMU provides an adequate efficient platform, which also scales to more complex scenarios.

Trust along digitalized supply chains is challenged by the aspect that monitoring equipment may not be trustworthy or unreliable as respective measurements originate from potentially untrusted parties. To allow for dynamic relationships along supply chains, we propose a blockchain-backed supply chain monitoring architecture relying on trusted hardware. Our design provides a notion of secure end-to-end sensing of interactions even when originating from untrusted surroundings. Due to attested checkpointing, we can identify misinformation early on and reliably pinpoint the origin. A blockchain enables long-term verifiability for all (now trustworthy) IoT data within our system even if issues are detected only after the fact. Our feasibility study and cost analysis further show that our design is indeed deployable in and applicable to today’s supply chain settings.

Bring Your Own Device (BYOD) is a new trend where employees use their personal devices to connect to their organization networks to access sensitive information and work-related systems. One of the primary challenges in BYOD is to securely delete company data when an employee leaves an organization. In common BYOD programs, the personal device in use is completely wiped out. This may lead to the deletion of personal data during exit procedures. Due to performance and deletion latency, erasure of data in most file systems today results in unlinking the file location and marking data blocks as unused. This may suffice the need of a normal user trying to delete unwanted files but the file content is not erased from the data blocks and can be retrieved with the help of various data recovery and forensic tools. In this paper, we discuss: (1) existing work related to secure deletion, and (2) secure and selective deletion methods that delete only the required files or directories without tampering personal data. We present two per-file deletion methods: Overwriting data and Encryption based deletion which erase specific files securely. Our proposed per-file deletion methods reduce latency and performance overheads caused by overwriting an entire disk.

Now a day’s most of the services are related to cloud and becoming more popular in using the services to tenants. Most importantly and famous service of cloud is Database as a Service (DaaS). This cloud service provides various resources as managing, using and administration such as software, hardware and tenants’ networks. The data and executing of queries in database are managed by the administrator from cloud service provider (CSP). Due to lack of trust on third party service provider the security and authentication issues are always facing by the tenants which is motivated us to write this paper. This paper shows the brief description about cryptographic algorithms, various types and query authentication on data. In the end the conclusion of the paper by proposing a new scheme that carry through the security and authentication of querying results of outsourcing cloud data.

This paper proposes a proximity-aware extensions to the current Bitcoin protocol, named Master Node Based Clustering (MNBC). The ultimate purpose of the proposed protocol is to evaluate the security and performance of grouping nodes based on physical proximity. In MNBC protocol, physical internet connectivity increases as well as the number of hops between nodes decreases through assigning nodes to be responsible for propagating based on physical internet proximity.

The Internet of Things is progressively turning into a pervasive computing service, needing enormous volumes of data storage and processing. However, due to the distinctive properties of resource constraints, self-organization, and short-range communication in Internet of Things (IoT), it always adopts to cloud for outsourced storage and computation. This integration of IoT with cloud has a row of unfamiliar security challenges for the data at rest. Cloud computing delivers highly scalable and flexible computing and storage resources on pay-per-use policy. Cloud computing services for computation and storage are getting increasingly popular and many organizations are now moving their data from in-house data centers to the Cloud Storage Providers (CSPs). Time varying workload and data intensive IoT applications are vulnerable to encounter challenges while using cloud computing services. Additionally, the encryption techniques and third-party auditors to maintain data integrity are still in their developing stage and therefore the data at rest is still a concern for IoT applications. In this paper, we perform an analysis study to investigate the challenges and strategies adapted by Cloud Computing to facilitate a safe transition of IoT applications to the Cloud.

The aim of the study was to investigate the privacy and security of the user data on Twitter. For gathering the essential information, more than two million relevant tweets through the span of two years were used to conduct the study. In addition, we are classifying sentiment of Twitter data by exhibiting results of a machine learning by using the Naive Bayes algorithm. Although this algorithm is time consuming compared to the listing method yet can lead to effective estimation relatively. The tweets are extracted and pre-processed and then categorized them in neutral, negative and positive sentiments. By applying the chosen methodology, the study would end up in identifying the most effective mobile operating systems according to the sentiments of social media users. Additionally, the application of the algorithm needs to meet the privacy and security needs of Twitter users in order to optimize the use of social media intelligence. The approach will help in assessing the competitive intelligence of the Twitter data and the challenges in the form of privacy and- security of the user content and their contextual information simultaneously. The findings of the empirical research show that users are more concerned about the privacy and security of iOS compared to Android and Windows phone.

Existing logic-locking attacks are known to successfully decrypt functionally correct key of a locked combinational circuit. It is possible to extend these attacks to real-world Silicon-based Intellectual Properties (IPs, which are sequential circuits) through scan-chains by selectively initializing the combinational logic and analyzing the responses. In this paper, we propose SeqL, which achieves functional isolation and locks selective flip-flop functional-input/scan-output pairs, thus rendering the decrypted key functionally incorrect. We conduct a formal study of the scan-locking problem and demonstrate automating our proposed defense on any given IP. We show that SeqL hides functionally correct keys from the attacker, thereby increasing the likelihood of the decrypted key being functionally incorrect. When tested on pipelined combinational benchmarks (ISCAS, MCNC), sequential benchmarks (ITC) and a fully-fledged RISC-V CPU, SeqL gave 100% resilience to a broad range of state-of-the-art attacks including SAT [1], Double-DIP [2], HackTest [3], SMT [4], FALL [5], Shift-and-Leak [6] and Multi-cycle attacks [7].

An effective way for building secure software is to embed security into software in the early stages of software development. Thus, we aim to study several evidences of code anomalies introduced during the software development phase, that may be indicators of security issues in software, such as code smells, structural complexity represented by diverse software metrics, the issues detected by static code analysers, and finally missing security best practices. To use such evidences for vulnerability prediction and removal, we first need to understand how they are correlated with security issues. Then, we need to discover how these imperfect raw data can be integrated to achieve a reliable, accurate and valuable decision about a portion of code. Finally, we need to construct a security actuator providing suggestions to the developers to remove or fix the detected issues from the code. All of these will lead to the construction of a framework, including security monitoring, security analyzer, and security actuator platforms, that are necessary for a security-aware integrated development environment (SIDE).

Intentional interference such as spoofing is an emerging threat to GPS receivers used in both civilian and defense applications. With the majority of smartphones relying on GPS for positioning and navigation, the vulnerability of these phones to spoofing attacks is an issue of security concern. In this paper, it is demonstrated that is easy to successfully spoof a smartphone using a simplistic spoofing technique. A spoofing signal is generated using open-source signal simulator and transmitted using a low-cost SDR. In view of the tremendously increasing usage of GPS enabled smartphones, it is necessary to develop suitable countermeasures for spoofing. This work carries significance as it would help in understanding the effects of spoofing at various levels of signal processing in the receiver and develop advanced spoofing detection and mitigation techniques.

Undamped power system oscillations are detrimental to stable and security of the electric grid. Historically, poorly damped low frequency rotor oscillations have caused system blackouts or brownouts. It is required to monitor the oscillation damping controllers such as power system stabilizers' (PSS) performance at energy control centers as well as at power plant control centers. Phasor measurement units (PMUs) based time response and frequency response information on PSS performance is collected. A fuzzy logic system is developed to combine the time and frequency response information to derive the situational awareness on PSS performance on synchronous generator's oscillation(s). A two-area four-machine benchmark power system is simulated on a real-time digital simulator platform. Fuzzy logic system developed is evaluated for different system disturbances. Situational awareness on PSS performance on synchronous generator's oscillation(s) allows the control center operator to enhance the power system operation more stable and secure.

A significant challenge in modern computer security is the growing skill gap as intruder capabilities increase, making it necessary to begin automating elements of penetration testing so analysts can contend with the growing number of cyber threats. In this paper, we attempt to assist human analysts by automating a single host penetration attack. To do so, a smart agent performs different attack sequences to find vulnerabilities in a target system. As it does so, it accumulates knowledge, learns new attack sequences and improves its own internal penetration testing logic. As a result, this agent (AgentPen for simplicity) is able to successfully penetrate hosts it has never interacted with before. A computer security administrator using this tool would receive a comprehensive, automated sequence of actions leading to a security breach, highlighting potential vulnerabilities, and reducing the amount of menial tasks a typical penetration tester would need to execute. To achieve autonomy, we apply an unsupervised machine learning algorithm, Q-learning, with an approximator that incorporates a deep neural network architecture. The security audit itself is modelled as a Markov Decision Process in order to test a number of decision-making strategies and compare their convergence to optimality. A series of experimental results is presented to show how this approach can be effectively used to automate penetration testing using a scalable, i.e. not exhaustive, and adaptive approach.

The identification of spectrum opportunities is a pivotal requirement for efficient spectrum utilization in cognitive radio systems. Spectrum prediction offers a convenient means for revealing such opportunities based on the previously obtained occupancies. As spectrum occupancy states are correlated over time, spectrum prediction is often cast as a predictable time-series process using classical or deep learning-based models. However, this variety of methods exploits time-domain correlation and overlooks the existing correlation over frequency. In this paper, differently from previous works, we investigate a more realistic scenario by exploiting correlation over time and frequency through a 2D-long short-term memory (LSTM) model. Extensive experimental results show a performance improvement over conventional spectrum prediction methods in terms of accuracy and computational complexity. These observations are validated over the real-world spectrum measurements, assuming a frequency range between 832-862 MHz where most of the telecom operators in Turkey have private uplink bands.

To avoid the spam message, malicious and cyber bullies activities which are mostly done by the fake profile. These activities challenge the privacy policies of the social network communities. These fake profiles are responsible for spread false information on social communities. To identify the fake profile, duplicate, spam and bots account there is much research work done in this area. By using a machine-learning algorithm, most of the fake accounts detected successfully. This paper represents the review of Fake Profile Detection on Social Site by Using Machine Learning.

Image Encryption is a technique where an algorithm along with a set of characters called key encrypts the data into cipher text. The cipher text can be converted back into plaintext by decryption. This technique is employed for the security of data such that confidentiality, integrity and authenticity of data is maintained. In today's era security of information has become a crucial task, unauthorized access and use of data has become a noticeable issue. To provide the security required, there are several algorithms to suit the purposes. While the use and transferring of images has become easy and faster due to technological advancements especially wireless sensor network, image destruction and illegitimate use has become a potential threat. Different transfer mediums and various uses of images require different and appropriately suiting encryption approaches. Hence, in this paper we discuss the types of image encryption techniques. We have also discussed several encryption algorithms, their advantages and suitability.

An Internet of Things (IoT) architecture comprised of cloud, fog and resource constrained IoT end devices. The exponential development of IoT has increased the processing and footprint overhead in IoT end devices. All the components of IoT end devices that establish Chain of Trust (CoT) to ensure security are termed as Trusted Computing Base (TCB). The increased overhead in the IoT end device has increased the demand to increase the size of TCB surface area hence increases complexity of TCB surface area and also the increased the visibility of TCB surface area to the external world made the IoT end devices architecture over-architectured and unsecured. The TCB surface area minimization that has been remained unfocused reduces the complexity of TCB surface area and visibility of TCB components to the external un-trusted world hence ensures security in terms of confidentiality, integrity, authenticity (CIA) at the IoT end devices. The TCB minimization thus will convert the over-architectured IoT end device into lightweight and secured architecture highly desired for resource constrained IoT end devices. In this paper we review the IoT end device architectures proposed in the recent past and concluded that these architectures of resource constrained IoT end devices are over-architectured due to larger TCB and ignored bugs and vulnerabilities in TCB hence un-secured. We propose the Novel levelled architecture with TCB minimization by replacing oversized hypervisor with lightweight Micro(μ)-hypervisor i.e. μ-visor and transferring μ-hypervisor based virtualization over fog node for light weight and secured IoT End device architecture. The bug free TCB components confirm stable CoT for guaranteed CIA resulting into robust Trusted Execution Environment (TEE) hence secured IoT end device architecture. Thus the proposed resulting architecture is secured with minimized SRAM and flash memory combined footprint 39.05% of the total available memory per device. In this paper we review the IoT end device architectures proposed in the recent past and concluded that these architectures of resource constrained IoT end devices are over-architectured due to larger TCB and ignored bugs and vulnerabilities in TCB hence un-secured. We propose the Novel levelled architecture with TCB minimization by replacing oversized hypervisor with lightweight Micro(μ)-hypervisor i.e. μ-visor and transferring μ-hypervisor based virtualization over fog node for light weight and secured IoT End device architecture. The bug free TCB components confirm stable CoT for guaranteed CIA resulting into robust Trusted Execution Environment (TEE) hence secured IoT end device architecture. Thus the proposed resulting architecture is secured with minimized SRAM and flash memory combined footprint 39.05% of the total available memory per device.

Despite the surging development and utilization of IoT devices, the security of IoT devices is still in infancy. The security pitfalls of IoT devices have made it easy for hackers to take over IoT devices and use them for malicious activities like botnet attacks. With the rampant emergence of IoT devices, botnet attacks are surging. The botnet attacks are not only catastrophic for IoT device users but also for the rest of the world. Therefore, there is a crucial need to identify and mitigate the possible threats in IoT devices during the design phase. Threat modelling is a technique that is used to identify the threats in the earlier stages of the system design activity. In this paper, we propose a threat modelling approach to analyze and mitigate the botnet attacks in an IoT smart home use case. The proposed methodology identifies the development-level and application-level threats in smart home use case using STRIDE and VAST threat modelling methods. Moreover, we reticulate the identified threats with botnet attacks. Finally, we propose the mitigation techniques for all identified threats including the botnet threats.

The number of organizations adopting the Data Warehouse (DW) technology along with data analytics in order to improve the effectiveness of their decision-making processes is permanently increasing. Despite the efforts invested, the DW design remains a great challenge research domain. More accurately, the design quality of the DW depends on several aspects; among them, the requirement-gathering phase is a critical and complex task. In this context, we propose a Natural language (NL) NL-template based design approach, which is twofold; firstly, it facilitates the involvement of decision-makers in the early step of the DW design; indeed, using NL is a good and natural means to encourage the decision-makers to express their requirements as query-like English sentences. Secondly, our approach aims to generate a DW multidimensional schema from a set of gathered requirements (as OLAP: On-Line-Analytical-Processing queries, written according to the NL suggested templates). This approach articulates around: (i) two NL-templates for specifying multidimensional components, and (ii) a set of five heuristic rules for extracting the multidimensional concepts from requirements. Really, we are developing a software prototype that accepts the decision-makers' requirements then automatically identifies the multidimensional components of the DW model.

Amount and variety of training data drastically affect the performance of CNNs. Thus, annotation methods are becoming more and more critical to collect data efficiently. In this paper, we propose a simple yet efficient Interactive Self-Annotation framework to cut down both time and human labor cost for video object bounding box annotation. Our method is based on recurrent self-supervised learning and consists of two processes: automatic process and interactive process, where the automatic process aims to build a supported detector to speed up the interactive process. In the Automatic Recurrent Annotation, we let an off-the-shelf detector watch unlabeled videos repeatedly to reinforce itself automatically. At each iteration, we utilize the trained model from the previous iteration to generate better pseudo ground-truth bounding boxes than those at the previous iteration, recurrently improving self-supervised training the detector. In the Interactive Recurrent Annotation, we tackle the human-in-the-loop annotation scenario where the detector receives feedback from the human annotator. To this end, we propose a novel Hierarchical Correction module, where the annotated frame-distance binarizedly decreases at each time step, to utilize the strength of CNN for neighbor frames. Experimental results on various video datasets demonstrate the advantages of the proposed framework in generating high-quality annotations while reducing annotation time and human labor costs.