Biblio

The manufacturing of integrated circuits (IC) outside of the design houses makes it possible for the adversary to easily perform a reverse engineering attack against intellectual property (IP)/IC. The aim of this attack can be the IP piracy, overproduction, counterfeiting or inserting hardware Trojan (HT) throughout the supply chain of the IC. Preventing hardware Trojan insertion is a significant issue in the context of hardware security (HS) and has not been considered in most of the previous logic encryption methods. To eliminate this problem, in this paper an Anti-Trojan insertion algorithm is presented. The idea is based on the fact that reducing the signals with low-observability (LO) and low-controllability (LC) can prevent HT insertion significantly. The security of logic encryption methods depends on the algorithm and the encryption key. However, the security of these methods has been compromised by SAT attacks over recent years. SAT attacks, can decode the correct key from most logic encryption techniques. In this article, by using the PUF-based encryption, the applied key in the encryption is randomized and SAT attack cannot be performed. Based on the output of PUF, a unique encryption has been made for each chip that preventing from counterfeiting and IP piracy.

Embedded Systems (ES) underlie society's critical cyberinfrastructure and comprise the vast majority of consumer electronics, making them a prized target for dangerous malware and hardware Trojans. Malicious intrusion into these systems present a threat to national security and economic stability as globalized supply chains and tight network integration make ES more susceptible to attack than ever. High-end ES like the Xilinx Zynq-7020 system on a chip are widely used in the field and provide a representative platform for investigating the methods of cybercriminals. This research suggests a novel anomaly detection framework that could be used to detect potential zero-day exploits, undiscovered rootkits, or even maliciously implanted hardware by leveraging the Zynq architecture and real-time device-level measurements of thermal side-channels. The results of an initial investigation showed different processor workloads produce distinct thermal fingerprints that are detectable by out-of-band, digital logic-based thermal sensors.

This paper evaluates two algorithms, BLIP and JLT, for creating differentially private data sketches of user profiles, in terms of their ability to protect a kNN collaborative filtering algorithm from an inference attack by third-parties. The transformed user profiles are employed in a user-based top-N collaborative filtering system. For the first time, a theoretical analysis of the BLIP is carried out, to derive expressions that relate its parameters to its performance. This allows the two techniques to be fairly compared. The impact of deploying these approaches on the utility of the system—its ability to make good recommendations, and on its privacy level—the ability of third-parties to make inferences about the underlying user preferences, is examined. An active inference attack is evaluated, that consists of the injection of a number of tailored sybil profiles into the system database. User profile data of targeted users is then inferred from the recommendations made to the sybils. Although the differentially private sketches are designed to allow the transformed user profiles to be published without compromising privacy, the attack we examine does not use such information and depends only on some pre-existing knowledge of some user preferences as well as the neighbourhood size of the kNN algorithm. Our analysis therefore assesses in practical terms a relatively weak privacy attack, which is extremely simple to apply in systems that allow low-cost generation of sybils. We find that, for a given differential privacy level, the BLIP injects less noise into the system, but for a given level of noise, the JLT offers a more compact representation.

The rapid development of the Internet of Things (IoT) results in generating massive amounts of data. Significant portions of these data are sensitive since they reflect (directly or indirectly) peoples' behaviors, interests, lifestyles, etc. Protecting sensitive IoT data from privacy violations is a challenge since these data need to be communicated, processed, analyzed, and stored by public networks, servers, and clouds; most of them are untrusted parties for data owners. We propose a solution for protecting sensitive IoT data called Policy Enforcement Fog Module (PEFM). The major task of the PEFM solution is mandatory enforcement of privacy policies for sensitive IoT data-wherever these data are accessed throughout their entire lifecycle. The key feature of PEFM is its placement within the fog computing infrastructure, which assures that PEFM operates as closely as possible to data sources within the edge. PEFM enforces policies directly for local IoT applications. In contrast, for remote applications, PEFM provides a self-protecting mechanism based on creating and disseminating Active Data Bundles (ADBs). ADBs are software constructs bundling inseparably sensitive data, their privacy policies, and an execution engine able to enforce privacy policies. To prove effectiveness and efficiency of the proposed module, we developed a smart home proof-of-concept scenario. We investigate privacy threats for sensitive IoT data. We run simulation experiments, based on network calculus, for testing performance of the PEFM controls for different network configurations. The results of the simulation show that-even with using from 1 to 5 additional privacy policies for improved data privacy-penalties in terms of execution time and delay are reasonable (approx. 12-15% and 13-19%, respectively). The results also show that PEFM is scalable regarding the number of the real-time constraints for real-time IoT applications.

Personally Identifiable Information (PII) is information that can be used on its own or with other information to distinguish or trace an individual's identity. To investigate an application for PII tracking, a reverse engineer has to put considerable effort to reverse engineer an application and discover what an application does with PII. To automate this process and save reverse engineers substantial time and effort, we propose PIITracker which is a new and novel tool that can track PII automatically and capture if any processes are sending PII over the network. This is made possible by 1) whole-system dynamic information flow tracking 2) monitoring specific function and system calls. We analyzed 15 popular chat applications and browsers using PIITracker, and determined that 12 of these applications collect some form of PII.

The Internet of Things (IoT) promises to tackle a range of environmental challenges and deliver large efficiency gains in industry by embedding computational intelligence, sensing and control in our physical environment. Multiple independent parties are increasingly seeking to leverage shared IoT infrastructure, using a similar model to the cloud, and thus require constrained IoT devices to become microservice-hosting platforms that can securely and concurrently execute their code and interoperate. This vision demands that heterogeneous services, peripherals and platforms are provided with an expanded set of security guarantees to prevent third-party services from hijacking the platform, resource-level access control and accounting, and strong isolation between running processes to prevent unauthorized access to third-party services and data. This paper introduces Polyglot CerberOS, a resource-secure operating system for multi-tenant IoT devices that is realised through a reconfigurable virtual machine which can simultaneously execute interoperable services, written in different languages. We evaluate Polyglot CerberOS on IETF Class-1 devices running both Java and C services. The results show that interoperability and strong security guarantees for multilingual services on multi-tenant commodity IoT devices are feasible, in terms of performance and memory overhead, and transparent for developers.

Background Xu et al. used a deep neural network (DNN) technique to classify the degree of relatedness between two knowledge units (question-answer threads) on Stack Overflow. More recently, extending Xu et al.'s work, Fu and Menzies proposed a simpler classification technique based on a fine-tuned support vector machine (SVM) that achieves similar performance but in a much shorter time. Thus, they suggested that researchers need to compare their sophisticated methods against simpler alternatives. Aim The aim of this work is to replicate the previous studies and further investigate the validity of Fu and Menzies' claim by evaluating the DNN- and SVM-based approaches on a larger dataset. We also compare the effectiveness of these two approaches against SimBow, a lightweight SVM-based method that was previously used for general community question-answering. Method We (1) collect a large dataset containing knowledge units from Stack Overflow, (2) show the value of the new dataset addressing shortcomings of the original one, (3) re-evaluate both the DNN-and SVM-based approaches on the new dataset, and (4) compare the performance of the two approaches against that of SimBow. Results We find that: (1) there are several limitations in the original dataset used in the previous studies, (2) effectiveness of both Xu et al.'s and Fu and Menzies' approaches (as measured using F1-score) drop sharply on the new dataset, (3) similar to the previous finding, performance of SVM-based approaches (Fu and Menzies' approach and SimBow) are slightly better than the DNN-based approach, (4) contrary to the previous findings, Fu and Menzies' approach runs much slower than DNN-based approach on the larger dataset - its runtime grows sharply with increase in dataset size, and (5) SimBow outperforms both Xu et al. and Fu and Menzies' approaches in terms of runtime. Conclusion We conclude that, for this task, simpler approaches based on SVM performs adequately well. We also illustrate the challenges brought by the increased size of the dataset and show the benefit of a lightweight SVM-based approach for this task.

The operation and management of network is facing increasing complexities brought by the evolution of network protocols and the demands of rapid service delivery. In this paper, we propose a programmable network management architecture, which manages network based on NETCONF protocol and provides REST APIs to upper layer so that further programming can be done based on the APIs to implement flexible management. Functions of devices can be modeled based on YANG language, and the models can be translated into REST APIs. We apply it to the management of ADN (Address Driven Network), an innovative network architecture proposed by Tsinghua University to inhibit IP spoofing, improve network security and provide high service quality. We model the functions of ADN based on YANG language, and implement the network management functions based on the REST APIs. We deploy and evaluate it in a laboratory environment. Test result shows that the programmable network management architecture is flexible to implement management for new network services.

Wireless Sensor Networks (WSNs) consist of low-cost, resource-constrained sensor nodes and a designated node called a sink which collects data from the sensor nodes. A WSN can be used in numerous applications such as subject tracking and monitoring, where it is often desirable to keep the location of the subject private. Without location privacy protection, an adversary can locate the subject. In this paper, we propose an algorithm that tries to keep the subject location private from a global adversary, which can see the entire network traffic, in an energy efficient way.

In most crowdsensing systems, the quality of the collected data is varied and difficult to evaluate while the existing crowdsensing quality control methods are mostly based on a central platform, which is not completely trusted in reality and results in fraud and other problems. To solve these questions, a novel crowdsensing quality control model is proposed in this paper. First, the idea of blockchain is introduced into this model. The credit-based verifier selection mechanism and twice consensuses are proposed to realize the non-repudiation and non-tampering of information in crowdsensing. Then, the quality grading evaluation (QGE) is put forward, in which the method of truth discovery and the idea of fuzzy theories are combined to evaluate the quality of sensing data, and the garbled circuit is used to ensure that evaluation criteria can not be leaked. Finally, the Experiments show that our model is feasible in time and effective in quality evaluation.

Cloud computing, cloud security and cloud storage have been gradually introduced into people's life and become hot topicsof research, for which relevant technologies have permeated through the computer industry and relevant industries. With the coming of the modern information society, secure storage of data has been becoming increasingly important. Proceeding from traditional policy storage, this paper includes comparison and improvement of policy storage for the purpose of meeting requirements of storage of cloud security policy. Policy storage technology refers to a technology used to realize storage of policies created by users and relevant policy information. Policy repository can conduct centralized management and processing of multiple policies and their relevant information. At present, popular policy repositories generally include policy storage for relational database or policy storage for directory server or a file in a fixed format, such as XML file format.

Containers have transformed the cluster management into an application oriented endeavor, thus being widely used as the deployment units (i.e., micro-services) of large scale cloud services. As opposed to VMs, containers allow for resource provisioning with fine granularity and their resource usage directly reflects the micro-service behaviors. Container management systems like Kubernetes and Mesos provision resources to containers according to the capacity requested by the developers. Resource usages estimated by the developers are grossly inaccurate. They tend to be risk-averse and over provision resources, as under-provisioning would cause poor runtime performance or failures. Without actually running the workloads, resource provisioning is challenging. However, benchmarking production workloads at scale requires huge manual efforts. In this work, we leverage IBM Monitoring service to profile the resource usage of production IBM Watson services in rolling windows by focusing on both evaluating how developers request resources and characterizing the actual resource usage. Our resource profiling study reveals two important characteristics of the cognitive workloads. 1. Stationarity. According to Augmented Dickey-Fuller test with 95% confidence, more than 95% of the container instances have stationary CPU usage while more than 85% have stationary memory usage, indicating that resource usage statistics do not change over time. We find for the majority of containers that the stationarity can be detected at the early stage of container execution and can hold throughout their lifespans. In addition, containers with non-stationary CPU or memory usage are also observed to implement predictable usage trends and patterns (e.g., trend stationarity or seasonality). 2. Predictability by container image. By clustering the containers based on their images, container resource usages within the same cluster are observed to exhibit strong statistical similarity. This suggests that the history of resource usage for one instance can be used to predict usage for future instances that run the same container image. Based on profiling results of running containers in rolling windows, we propose a resource usage advisory system to refine the requested resource values of the running and arriving containers as illustrated in Fig. 1. Our system continuously retrieves the resource usage metrics of running containers from IBM monitoring service and predicts the resource usage profiles in a container resource usage prediction agent. Upon the arrival of a new pod1, the resource profile advisor, proposed as a module in the web-hooked admission controller in Kubernetes, checks whether the resource profile of each container in the pod has been predicted with confidence. If a container's profile has been predicted and cached in the container resource profile database, the default requested values of containers are refined by the predicted ones; otherwise, containers are forwarded to the scheduler without any change. Similarly, a resource profile auto-scaler is proposed to update the requested resource values of containers for running pods2 as soon as the database is updated. Our study shows that developers request at least 1 core-per-second (cps) CPU and 1 GB memory for ≥ 70% of the containers, while ≥ 80% of the containers actually use less than 1 cps and 1GB. Additionally, \textbackslashtextasciitilde 20% of the containers are significantly under provisioned. We use resource usage data in one day to generate container resource profiles and evaluate our approach based on the actual usage on the following day. Without our system, average CPU (memory) usage for \textbackslashtextgreater90% of containers lies outside of 50% - 100% (70% - 100%) of the requested values. Our evaluation shows that our system can advise request values appropriately so that average and 95th percentile CPU (memory) usage for \textbackslashtextgreater90% of the containers are within 50% - 100% (70% - 100%) of the requested values. Furthermore, average CPU (memory) utilization across all pods is raised from 10% (26%) to 54% (88%).

Intentional attacks1 that cause country wide blackouts, gas and water systems malfunction are actions that can be carried out by a nation to impact on another nation in a mean of war. Supervisory control and data acquisition (SCADA) networks that allow for communication for the utilities companies were designed with no security in mind causing the systems that a nation relies on to fall vulnerable to exploitation. Since SCADA networks are static in nature with pre-defined signatures of network traffic, we propose to design an anomaly-based intrusion detection system to detect abnormality in SCADA network traffic and protocols. We gather normal SCADA network traffic via tapping on the network for 30 days and then attack the network using Denial of Service (DoS) attack, message spoofing attack and man-in-the middle attack. We then train a classifier with two classes, normal and abnormal and report the classifier accuracy in detecting abnormal SCADA network traffic.

Database outsourcing introduces a new paradigm, called Database as a Service (DBaaS). Database Service Providers (DSPs) have the ability to host outsourced databases and provide efficient facilities for their users. However, the data and the execution of database queries are under the control of the DSP, which is not always a trusted authority. Therefore, our problem is to ensure the outsourced database security. To address this problem, we propose a Secure scheme to provide Confidentiality and Integrity of Query results for Cloud Databases (SCIQ-CD). The performance analysis shows that our proposed scheme is secure and efficient for practical deployment.

Protection of security-critical services, such as access-control reference monitors, is an important requirement in the modern era of distributed systems and services. The threat arises from hosting the service on a single server for a lengthy period of time, which allows the attacker to periodically enumerate the vulnerabilities of the service with respect to the server's configuration and launch targeted attacks on the service. In our work, we design and implement an efficient solution based on the moving "target" defense strategy, to protect security-critical services against such active adversaries. Specifically, we focus on implementing our solution for protecting the reference monitor service that enforces access control for users requesting access to sensitive resources. The key intuition of our approach is to increase the level of difficulty faced by the attacker to compromise a service by periodically moving the security-critical service among a group of heterogeneous servers. For this approach to be practically feasible, the movement of the service should be efficient and random, i.e., the attacker should not have a-priori information about the choice of the next server hosting the service. Towards this, we describe an efficient Byzantine fault-tolerant leader election protocol that achieves the desired security and performance objectives. We built a prototype implementation that moves the access control service randomly among a group of fifty servers within a time range of 250-440 ms. We show that our approach tolerates Byzantine behavior of servers, which ensures that a server under adversarial control has no additional advantage of being selected as the next active server.

We consider the secure search problem of retrieving from an unsorted data cost=(x\_1,...,xm) an item (i,xi) matching a given lookup value l (for a generic matching criterion either hardcoded or given as part of the query), where both input and output are encrypted by a Fully Homomorphic Encryption (FHE). The secure search problem is central in applications of secure outsourcing to an untrusted party ("the cloud"). Prior secure search algorithms on FHE encrypted data are realized by polynomials of degree Ømega(m), evaluated in Ømega(log m) sequential homomorphic multiplication steps (ie., multiplicative depth) even using an unbounded number of parallel processors. This is too slow with current FHE implementations, especially as the size of the array grows. We present the first secure search algorithm that is realized by a polynomial of logarithmic degree, log3 m, evaluated in O(log log m) sequential homomorphic multiplication steps (ie., multiplicative depth) using m parallel processors. We implemented our algorithm in an open source library based on HElib and ran experiments on Amazon's EC2 cloud with up to 100 processors. Our experiments show that we can securely search in m= millions of entries in less than an hour on a standard EC2 64-cores machine. We achieve our result by: (1) Employing modern data summarization techniques known as sketching for returning as output (the encryption of) a short sketch C from which the matching item (i,xi) can be decoded in time polynomial in log m. (2) Designing for this purpose a novel sketch that returns the first strictly-positive entry in a (not necessarily sparse) array of non-negative integers; this sketch may be of independent interest. (3) Suggesting a multi-ring evaluation of FHE for degree reduction from linear to logarithmic.

As a result of increasing the interest in developing the communication systems that use public channels for transmitting information, many channel problems are raised up. Among these problems, the important one should be addressed is the information security. This paper presents a proposed communication system with high security uses two encryption levels based on chaotic systems. The first level is chaotic scrambling, while the second one is chaotic masking. This configuration increases the information security since the key space becomes too large. The MATLAB simulation results showed that the Segmental Spectral Signal to Noise Ratio (SSSNR) of the first level (chaotic scrambling) is reduced by -5.195 dB comparing to time domain scrambling. Furthermore, in the second level (chaotic masking), the SSSNR is reduced by -20.679 dB. It is also showed that when the two levels are combined, the overall reduction obtained is -21.755 dB.

Cyber Physical System (CPS) is one of the emerging technologies of the day due to its large number of applications. Its applications extends to automotive, commercial, medical, home appliances and manufacturing industries. Mass research is being conducted in this area including design models, signal processing, control system models, communication models and security. One of the most important aspects of these is security and privacy of CPS. There are a number of vulnerabilities and threats that can be used by an attacker to exploit a cyber physical system. This paper provides a brief review of current security threats, vulnerabilities and its solutions for CPS. For the sake of simplicity the security threats have been divided into two classes i.e. control security and information security. Based on this division various attack methods and their possible solutions have been discussed.

Multiple-input multiple-output (MIMO) techniques are currently the de facto approach for increasing the capacity and reliability of communication systems. Spatial modulation (SM) is presently one of the most eminent MIMO techniques. As, it combines the advantages of having higher spectral efficiency than repetition coding (RC) while overcoming the inter-channel interference (ICI) faced by spatial multiplexing (SMP). Moreover, SM reduces system complexity. In this paper, for the first time in literature, the use of MIMO techniques is explored in Internet-of-Things(IoT) deployments by introducing a novel technique called security aware spatial modulation (SA-SM).SA-SM provides a low complexity, secure and spectrally efficient technique that harvests the advantages of SM, while facing the arising security concerns of IoT systems. Using an undemanding modification at the receiver, SA-SM gives an extra degree of technology independent physical layer security. Our results show that SA-SM forces the bit-error-rate (BER) of an eavesdropper to not exceed the range of 10-2, which is below the forward-error-correction (FEC) threshold. Hence, it eradicates the ability of an eavesdropper to properly decode the transmitted signal. Additionally, the efficiency of SA-SM is verified in both the radio and visible light ranges. Furthermore, SA-SM is capable of reducing the peak-to-average-power-ratio (PAPR) by 26.2%.

When clustering unlabeled data, categorical attributes are usually treated differently from numerical attributes because of their unique characteristics, which introduces difficulties in clustering data with both types of attributes. In this paper, we propose a strategy to map categorical attributes to high dimensional vectors based on the Simplex Theory, hence categorical attributes could be handled the same as numeral attributes. To achieve identical distances between any two values under Euclidean distance, we theoretically prove a categorical attribute with n types of values should be mapped to at least n–1 dimensional vectors. Furthermore, numerical vector mapping solutions are provided on condition of 0 normalized constraint. Experimentally, we show that integrating our vector mapping strategy with K-means algorithm achieves better accuracy than integrating similarities for categorical attributes with K-modes algorithm on four datasets.

Schools in the developing world frequently do not have high bandwidth or reliable connections, limiting their access to web content. As a result, schools are increasingly turning to Offline Educational Resources (OERs), employing purpose-built local hardware to serve content. These approaches can be expensive and difficult to maintain in resource-constrained settings. We present Siskin, an alternative approach that leverages the ubiquity of web browsers to provide a distributed content access cache between user devices on the local network. We demonstrate that this system allows access to web pages offline by identifying the browser as a ubiquitous platform. We build and evaluate a prototype, showing that existing web protocols and infrastructure can be leveraged to create a powerful content cache over a local network.

In the Tor anonymity network, the distribution of topology information relies on the correct behavior of five out of the nine trusted directory authority servers. This centralization is concerning since a powerful adversary might compromise these servers and conceal information about honest nodes, leading to the full de-anonymization of all Tor users. Our work aims at distributing the work of these trusted authorities, such increasing resilience against attacks on core infrastructure components of the Tor network. In particular, we leverage several emerging technologies, such as blockchains, smart contracts, and trusted execution environments to design and prototype a system called SmarTor. This system replaces the directory authorities with a smart contract and a distributed network of untrusted entities responsible for bandwidth measurements. We prototyped SmarTor using Ethereum smart contracts and Intel SGX secure hardware. In our evaluation, we show that SmarTor produces significantly more reliable and precise measurements compared to the current measurement system. Overall, our solution improves the decentralization of the Tor network, reduces trust assumptions and increases resilience against powerful adversaries like law enforcement and intelligence services.

We developed SNS Door Phone by making an interphone system an IoT device. We integrated SNS and QR-code recognition function with an interphone system. Thanks to connection with SNS, we can know the visit of the parcel delivery service anytime through SNS even if during going out. Thanks to introduction of QR-code recognition function, if a parcel deliveryman only showed the QR-code of the parcel in front of SNS Door Phone, the re-delivery operation information would be sent to a user automatically through SNS. Then, the user can call or ask re-delivery arrangement using smart phone without inputting any additional data. We can consider this kind of seamless re-delivery operation to be a good example of Robotic Process Automation.

The rapid development of the Cloud Computing Technologies (CCTs) has amended the conventional design of resource-constrained Network Control System (NCS) to the powerful and flexible design of Cloud-Based Networked Control System (CB-NCS) by relocating the processing part to the cloud server. This arrangement has produced many internets based exquisite applications. However, this new arrangement has also raised many network security challenges for the cloud-based control system related to cyber-physical part of the system. In the absence of robust verification methodology, an attacker can launch the modification attack in order to destabilize or take control of NCS. It is desirable that there shall be a solution authentication methodology used to verify whether the incoming solutions are coming from the cloud or not. This paper proposes a methodology used for the verification of the receiving solution to the local control system from the cloud using Karush-Kuhn-Tucker (KKT) conditions, which is then applied to actuator after verification and thus ensure the stability in case of modification attack.

The issues of trust in the area of supply chain management are an immense concern among the stakeholders cooperating in the supply chain. For a sustainable process of transportation, efficient information sharing is considered crucial. The models that serve as a base for the current operations have several drawbacks in terms of data security and trust among stakeholders, who share information as part of their cooperation. Information is shared in a paper-based or semi-digitalized way due to the lack of trust or risk of competitive disadvantages in the current systems. This paper aims to analyze the trust issues in supply chain management and propose new ways of improving trust by considering these issues at the design level.