Biblio

Research on Future Internet has gained traction in recent years, with a variety of clean-slate network architectures being proposed. The realization of such proposals may lead to a period of coexistence with the current Internet, creating a heterogeneous Future Internet. In such a vision, mobile nodes (MNs) can move across access networks supporting different network architectures, while being able to maintain the access to content during this movement. In order to support such scenarios, this paper proposes an inter-network architecture mobility framework that allows MNs to move across different network architectures without losing access to the contents being accessed. The usage of the proposed framework is exemplified and evaluated in a mobility scenario targeting IP and NDN network architectures in a content retrieval use case. The obtained results validate the proposed framework while highlighting the impact on the overall communication between the MN and content source.

The accuracy of the image classification by the convolutional neural network is exceeding the ability of human being and contributes to various fields. However, the improvement of the image recognition technology gives a great blow to security system with an image such as CAPTCHA. In particular, since the character string CAPTCHA has already added distortion and noise in order not to be read by the computer, it becomes a problem that the human readability is lowered. Adversarial examples is a technique to produce an image letting an image classification by the machine learning be wrong intentionally. The best feature of this technique is that when human beings compare the original image with the adversarial examples, they cannot understand the difference on appearance. However, Adversarial examples that is created with conventional FGSM cannot completely misclassify strong nonlinear networks like CNN. Osadchy et al. have researched to apply this adversarial examples to CAPTCHA and attempted to let CNN misclassify them. However, they could not let CNN misclassify character images. In this research, we propose a method to apply FGSM to the character string CAPTCHAs and to let CNN misclassified them.

The globalization of the integrated circuit supply chain has given rise to major security concerns ranging from intellectual property piracy to hardware Trojans. Logic encryption is a promising solution to tackle these threats. Recently, a Boolean satisfiability attack capable of unlocking existing logic encryption techniques was introduced. This attack initiated a paradigm shift in the design of logic encryption algorithms. However, recent approaches have been strongly focusing on low-cost countermeasures that unfortunately lead to low functional and structural corruption. In this paper, we show that a simple approach can offer provable security and more than 99% corruption if a higher area overhead is accepted. Our results strongly suggest that future proposals should consider higher overheads or more realistic circuit sizes for the evaluation of modern logic encryption algorithms.

The privacy of people on internet is getting reduced day by day. Data records of many prestigious organizations are getting corrupted due to computer malwares. Computer viruses are becoming more advanced. Hackers are able penetrate into a network and able to manipulate data. In this paper, describes the types of malwares like Trojans, boot sector virus, polymorphic virus, etc., and some of the hacking techniques which include DOS attack, DDoS attack, brute forcing, man in the middle attack, social engineering, information gathering tools, spoofing, sniffing. Counter measures for cyber attacks include VPN, proxy, tor (browser), firewall, antivirus etc., to understand the need of cyber security.

Software defined Network is a network defined by software, which is one of the important feature which makes the legacy old networks to be flexible for dynamic configuration and so can cater to today's dynamic application requirement. It is a programmable network but it is prone to different type of attacks due to its centralized architecture. The author provided a solution to detect and prevent Distributed Denial of service attack in the paper. Mininet [5] which is a popular emulator for Software defined Network is used. We followed the approach in which collection of the traffic statistics from the various switches is done. After collection we calculated the packet rate and bandwidth which shoots up to high values when attack take place. The abrupt increase detects the attack which is then prevented by changing the forwarding logic of the host nodes to drop the packets instead of forwarding. After this, no more packets will be forwarded and then we also delete the forwarding rule in the flow table. Hence, we are finding out the change in packet rate and bandwidth to detect the attack and to prevent the attack we modify the forwarding logic of the switch flow table to drop the packets coming from malicious host instead of forwarding it.

In this paper, a novel method for tomographic microwave imaging based on the Compressive Processing (CP) paradigm is proposed. The retrieval of the dielectric profiles of the scatterers is carried out by efficiently solving both the sampling and the sensing problems suitably formulated under the first order Born approximation. Selected numerical results are presented in order to show the improvements provided by the CP with respect to conventional compressive sensing (CSE) approaches.

Railroad trespassing is a dangerous activity with significant security and safety risks. However, regular patrolling of potential trespassing sites is infeasible due to exceedingly high resource demands and personnel costs. This raises the need to design automated trespass detection and early warning prediction techniques leveraging state-of-the-art machine learning. To meet this need, we propose a novel framework for Automated Railroad Trespassing detection System using video surveillance data called ARTS. As the core of our solution, we adopt a CNN-based deep learning architecture capable of video processing. However, these deep learning-based methods, while effective, are known to be computationally expensive and time consuming, especially when applied to a large volume of surveillance data. Leveraging the sparsity of railroad trespassing activity, ARTS corresponds to a dual-stage deep learning architecture composed of an inexpensive pre-filtering stage for activity detection, followed by a high fidelity trespass classification stage employing deep neural network. The resulting dual-stage ARTS architecture represents a flexible solution capable of trading-off accuracy with computational time. We demonstrate the efficacy of our approach on public domain surveillance data achieving 0.87 f1 score while keeping up with the enormous video volume, achieving a practical time and accuracy trade-off.

Recent advances in visual media technology have led to new tools for processing and, above all, generating multimedia contents. In particular, modern AI-based technologies have provided easy-to-use tools to create extremely realistic manipulated videos. Such synthetic videos, named Deep Fakes, may constitute a serious threat to attack the reputation of public subjects or to address the general opinion on a certain event. According to this, being able to individuate this kind of fake information becomes fundamental. In this work, a new forensic technique able to discern between fake and original video sequences is given; unlike other state-of-the-art methods which resorts at single video frames, we propose the adoption of optical flow fields to exploit possible inter-frame dissimilarities. Such a clue is then used as feature to be learned by CNN classifiers. Preliminary results obtained on FaceForensics++ dataset highlight very promising performances.

Named Data Networking (NDN) is a new network architecture that has been projected as the future of internet architecture. Unlike the traditional internet approach which currently relies on client-server communication models to communicate each other, NDN relies on data as an entity. Hence the users only need the content and applications based on data naming, as there is no IP addresses needed. NDN is different than TCP/IP technology as NDN signs the data with Digital Signature to secure each data authenticity. Regarding huge number of uses on IP-based network, and the minimum number of NDN-based network implementation, the NDN-IP gateway are needed to map and forward the data from IP-based network to NDN-based network, and vice versa. These gateways are called Custom-Router Gateway in this study. The Custom-Router Gateway requires a new mechanism in conducting Digital Signature so that authenticity the data can be verified when it passes through the NDN-IP Custom-Router Gateway. This study propose a method to process the Digital Signature for the packet flows from IP-based network through NDN-based network. Future studies are needed to determine the impact of Digital Signature processing on the performance in forwarding the data from IP-based to NDN-based network and vice versa.

Electronic Medical Record (EMR) is a medical record management system. EMR contains personal data of patients that is critical. The critical nature of medical records is the reason for the necessity to develop security policies as guidelines for EMR in SIMRS in XZY Hospital. In this study, analysis and risk assessment conducted to EMR management at SIMRS in XZY Hospital. Based on this study, the security of SIMRS in XZY Hospital is categorized as high. Security and Privacy Control mapping based on NIST SP800-53 rev 5 obtained 57 security controls related to privacy aspects as control options to protect EMR in SIMRS in XZY Hospital. The policy designing was done using The Triangle framework for Policy Analysis. The analysis obtained from the policy decisions of the head of XYZ Hospital. The contents of the security policy are provisions on the implementation of security policies of EMR, outlined of 17 controls were selected.

The threats posed by botnets in the cyber-space continues to grow each day and it has become very hard to detect or infiltrate bots given that the botnet developers each day keep changing the propagation and attack techniques. Currently, most of these attacks have been centered on stealing computing energy, theft of personal information and Distributed Denial of Service (DDoS attacks). In this paper, the authors propose a novel technique that uses the Non-Deterministic Polynomial-Time Hardness (NP-Hard Problem) based on the Traveling Salesperson Person (TSP) that depicts that a given bot, bj, is able to visit each host on a network environment, NE, and then it returns to the botmaster in form of instruction(command) through optimal minimization of the hosts that are or may be attacked. Given that bj represents a piece of malicious code and based on TSP-NP Hard Problem which forms part of combinatorial optimization, the authors present an effective approach for the detection of the botnet. It is worth noting that the concentration of this study is basically on the centralized botnet architecture. This holistic approach shows that botnet detection accuracy can be increased with a degree of certainty and potentially decrease the chances of false positives. Nevertheless, a discussion on the possible applicability and implementation has also been given in this paper.

The popularity of Web-based computing has given increase to browser-based cyberattacks. These cyberattacks use websites that exploit various web browser vulnerabilities. To help regular users avoid exploit websites and engage in safe online activities, we propose a methodology of building a machine learning-powered predictive analytical model that will measure the risk of attacks and privacy breaches associated with visiting different websites and performing online activities using web browsers. The model will learn risk levels from historical data and metadata scraped from web browsers.

Near Field Communication (NFC) is a short- range wireless communication technology that supports several features, one of which is an electronic payment. NFC works at a limited distance to exchange information. In terms of security, NFC technology has a gap for attackers to carry out attacks by forwarding information illegally using the target NFC network. A relay attack that occurs due to the theft of some data by an attacker by utilizing close communication from NFC is one of them. Relay attacks can cause a lot of loss in terms of material sacrifice. It takes countermeasures to overcome the problem of electronic payments with NFC technology. Detection of anomalous data is one way that can be done. In an attack, several abnormalities can be detected which can be used to prevent an attack. Markov Chain is one method that can be used to detect relay attacks that occur in electronic payments using NFC. The result shows Markov chain can detect anomalies in relay attacks in the case of electronic payment.

Two-factor authentication (2FA) defends against password compromise by a remote attacker. We surveyed 4,275 students, faculty, and staff at Brigham Young University to measure user sentiment about Duo 2FA one year after the university adopted it. The results were mixed. A majority of the participants felt more secure using Duo and felt it was easy to use. About half of all participants reported at least one instance of being locked out of their university account because of an inability to authenticate with Duo. We found that students and faculty generally had more negative perceptions of Duo than staff. The survey responses reveal some pain points for Duo users. In response, we offer recommendations that reduce the frequency of 2FA for users. We also suggest UI changes that draw more attention to 2FA methods that do not require WiFi, the "Remember Me" setting, and the help utility.

This paper explains how the commonly occurring DOS and Brute Force attacks on computer networks can be efficiently detected and network performance improved, which reduces costs and time. Therefore, network administrators attempt to instantly diagnose any network issues. The experimental work used the SNMP-MIB parameter datasets, which are collected via a specialised MIB dataset consisting of seven types of attack as noted in section three. To resolves such issues, this researched carried out several important contributions which are related to fault management concerns in computer network systems. A central task in the detection of the attacks relies on MIB feature behaviours using the suggested SFCM method. It was concluded that the DOS and Brute Force fault detection results for three different clustering methods demonstrated that the proposed SFCM detected every data point in the related group. Consequently, the FPC approached 1.0, its highest record, and an improved performance solution better than the EM methods and K-means are based on SNMP-MIB variables.

Safety and security of complex critical infrastructures are very important for economic, environmental and social reasons. The complexity of these systems introduces difficulties in the identification of safety and security risks that emerge from interdisciplinary interactions and dependencies. The discovery of safety and security design weaknesses late in the design process and during system operation can lead to increased costs, additional system complexity, delays and possibly undesirable compromises to address safety and security weaknesses.

Most of the security algorithms proposed for the sensor networks such as secure routing, data encryption and authentication, and intrusion detection target protecting the content of the collected data from being exposed to different types of attacks. However, the context of the collected data, such as event occurrence, event time, and event location, is not addressed by these security mechanisms and can still be leaked to the adversaries. Therefore, we propose in this paper a novel and efficient unobservability scheme for source/sink location privacy for wireless multimedia sensor networks. The proposed privacy scheme is based on a cross-layer design between the application and routing layers in order to exploit the multimedia processing technique with multipath routing to hide the event occurrences and locations of important nodes without degrading the network performance. Simulation analysis shows that our proposed scheme satisfies the privacy requirements and has better performance compared to other existing techniques.

Mobile Ad hoc Network (MANET) routing is basic and route selection ought to be made faster before the node leaves the system. MANET routing Methods are intended to work in a friendly and satisfying condition which makes them helpless against different attacks. MANET is one of the most encouraging fields for innovative work of remote system. MANET has now turned out to be one of the most lively and dynamic field of communication among systems. A MANET is a self-sufficient gathering of mobile nodes that speak with one another over remote connections and coordinate in an appropriated way so as to give the fundamental system convenience without a fixed framework. MANET has transfer speed limitations yet it permits self-ruling communication of versatile clients over it. Because of regular node mobility, and along these lines change in route topology, the architecture of the system goes unpredicted after some time. In such a decentralized situation, secured route identification is a key task for communication among nodes. Trust calculation among nodes is done for involving trusted nodes in route discovery process. In this manuscript, a novel secure routing method is proposed which identifies route among trusted nodes and update the routing table info frequently because of dynamic topology of the network. The outcomes demonstrate that the proposed method takes better routing technique when compared with existing methods.

Tor's anonymity network is one of the most widely used anonymity networks online, it consists of thousands of routers run by volunteers. Tor preserves the anonymity of its users by relaying the traffic through a number of routers (called onion routers) forming a circuit. The current design of Tor's transport layer suffers from a number of problems affecting the performance of the network. Several researches proposed changes in the transport design in order to eliminate the effect of these problems and improve the performance of Tor's network. In this paper. we propose "QuicTor", an improvement to the transport layer of Tor's network by using Google's protocol "QUIC" instead of TCP. QUIC was mainly developed to eliminate TCP's latency introduced from the handshaking delays and the head-of-line blocking problem. We provide an empirical evaluation of our proposed design and compare it to two other proposed designs, IMUX and PCTCP. We show that QuicTor significantly enhances the performance of Tor's network.

Security down to hardware (HW) has become a fundamental requirement in highly-connected and ubiquitously deployed systems, as a result of the recent discovery of a wide range of vulnerabilities in commercial devices, as well as the affordability of several attacks that were traditionally considered unlikely. HW security is now a fundamental requirement in view of the massive attack surface that they expose, and the substantial power penalty entailed by solutions at higher levels of abstraction.In large-scale networks of connected devices, attacks need to be counteracted at low cost down to individual nodes, which need to be identified or authenticated securely, and protect confidentiality and integrity of the data that is sensed, stored, processed and wirelessly exchanged. In many security-sensitive applications, physical attacks against individual chips need to be counteracted to truly enable an end-to-end chain of trust from nodes to cloud and actuation (i.e., always-on security). These requirements have motivated the on-going global research and development effort to assure hardware security at low cost and power penalty down to low-end devices (i.e., ubiquitous security).This paper provides a fresh overview of the fundamentals, the design requirements and the state of the art in primitives for HW security. Challenges and future directions are discussed using recent silicon demonstrations as case studies.

We consider the problem of implementing a Linear Quadratic Gaussian (LQG) controller on a distributed system, while maintaining the privacy of the measurements, state estimates, control inputs and system model. The component sub-systems and actuator outsource the LQG computation to a cloud controller and encrypt their signals and matrices. The encryption scheme used is Labeled Homomorphic Encryption, which supports the evaluation of degree-2 polynomials on encrypted data, by attaching a unique label to each piece of data and using the fact that the outsourced computation is known by the actuator. We write the state estimate update and control computation as multivariate polynomials in the encrypted data and propose an extension to the Labeled Homomorphic Encryption scheme that achieves the evaluation of low-degree polynomials on encrypted data, with degree larger than two. We showcase the numerical results of the proposed protocol for a temperature control application that indicates competitive online times.

Security is one of the most important needs in network communication. Cryptography is a science which involves two techniques encryption and decryption and it basically enables to send sensitive and confidential data over the unsecure network. The basic idea of cryptography is concealing of the data from unauthenticated users as they can misuse the data. In this paper we use auto associative neural network concept of soft computing in combination with encryption technique to send data securely on communication network.

Cryptography is one of the most important sciences today because of the importance of data and the possibility of sharing data via the Internet. Therefore, data must be preserved when stored or transmitted over the Internet. Encryption is used as a solution to protect information during the transmission via an open channel. If the information is obtained illegally, the opponent/ enemy will not be able to understand the information due to encryption. In this paper we have developed a cryptosystem for testing the concepts of multi security level. The information is encrypted using more than one encryption algorithm based on the security level. The proposed cryptosystem concerns of Encryption Based on Multilevel Security (MLS) Model for DBMS. The cryptosystem is designed for both encryption and decryption.

To increase security and to offer user experiences according to the requirements of a hyper-connected world, modern vehicles are integrating complex electronic systems, being transformed into systems of Cyber-Physical Systems (CPS). While a great diversity of heterogeneous hardware and software components must work together and control in real-time crucial functionalities, cybersecurity for the automotive sector is still in its infancy. This paper provides an analysis of the most common vulnerabilities and risks of connected vehicles, using a real example based on industrial and market-ready technologies. Several components have been implemented to inject and simulate multiple attacks, which enable security services and mitigation actions to be developed and validated.

Smart Grid (SG) is regarded as complex electrical power system due to massive penetration of Renewable Energy Resources and Distribution Generations. The implementation of adjustable speed drives, advance power electronic devices, and electric arc furnaces are incorporated in SG (the transition from conventional power system). Moreover, SG is an advance, automated, controlled, efficient, digital, and intelligent system that ensures pertinent benefits, such as: (a) consumer empowerment, (b) advanced communication infrastructure, (c) user-friendly system, and (d) supports bi-directional power flow. Digital Signal Processing (DSP) is key tool for SG deployment and provides key solutions to a vast array of complex SG challenges. This research provides a comprehensive study on DSP interactions within SG. The prominent challenges posed by conventional grid, such as: (a) monitoring and control, (b) Electric Vehicles infrastructure, (c) cyber data injection attack, (d) Demand Response management and (e) cyber data injection attack are thoroughly investigated in this research.