Biblio

Privacy-Preserving Data Mining (PPDM) has become an exciting topic to discuss in recent decades due to the growing interest in big data and data mining. A technique of securing data but still preserving the privacy that is in it. This paper provides an alternative perturbation-based PPDM technique which is carried out by modifying the RNP algorithm. The novelty given in this paper are modifications of some steps method with a specific purpose. The modifications made are in the form of first narrowing the selection of the disturbance value. With the aim that the number of attributes that are replaced in each record line is only as many as the attributes in the original data, no more and no need to repeat; secondly, derive the perturbation function from the cumulative distribution function and use it to find the probability distribution function so that the selection of replacement data has a clear basis. The experiment results on twenty-five perturbed data show that the modified RNP algorithm balances data utility and security level by selecting the appropriate disturbance value and perturbation value. The level of security is measured using privacy metrics in the form of value difference, average transformation of data, and percentage of retains. The method presented in this paper is fascinating to be applied to actual data that requires privacy preservation.

Many techniques are available nowadays, for Intellectual Property(IP) protection of Digital circuits. Out of these techniques, the popular one is watermarking. Similar to the watermarking used in case of text, image and video, watermarking of digital circuits also modifies a digital circuit design in such a way, that only the IP owner of design is able to extract the watermark form the design. In this paper, Multi – Feedback configuration of Linear Feedback Shift Register(LFSR) is used to watermark a FSM based design. This watermarking technique improves the watermark strength of already existing LFSR based watermarking technique. In terms of hardware utilization, it is significantly efficient than some popular watermarking techniques. The proposed technique has been implemented using Verilog HDL in Xilinx ISE and the simulation is done using ModelSim.

With the development of quantum computers, classical cryptography for secure communication is in danger of becoming obsolete. Quantum cryptography, however, can exploit the laws of quantum mechanics to guarantee unconditional security independently of the computational power of a potential eavesdropper. An example is quantum key distribution (QKD), which allows two parties to encrypt a message through a random secret key encoded in the degrees of freedom of quantum particles, typically photons.

Recent projects regarding the exploration of the functions of microbiomes within communities brought about a plethora of new data. That specific field of study is called Metagenomics and one of its more advancing approach is the application of network analysis. The paper introduces NAMData which is a web-application tool for the network analysis of microbiome data. The system handles the compositionality and sparsity nature of microbiome data by applying taxa filtration, normalization, and zero treatment. Furthermore, compositionally aware correlation estimators were used to compute for the correlation between taxa and the system divides the network into the positive and negative correlation network. NAMData aims to capitalize on the unique network features namely network visualization, centrality scores, and community detection. The system enables researchers to include network analysis in their analysis pipelines even without any knowledge of programming. Biological concepts can be integrated with the network findings gathered from the system to either support existing facts or form new insights.

Recently, network usage has evolved from resource sharing between hosts to content distribution and retrieval. Some emerging network architectures, like Named Data Networking (NDN), focus on the design of content-oriented network paradigm. However, these clean-slate network architectures are difficult to be deployed progressively and deal with the new communication requirements. Multi-Identifier Network (MIN) is a promising network architecture that contains push and pull communication semantics and supports the resolution, routing and extension of multiple network identifiers. MIN's original design was proposed in 2019, which has been improved over the past two years. In this paper, we present the current design and implementation of MIN. We also propose a fallback-based identifier extension scheme to improve the extensibility of the network. We demonstrate that MIN outperforms NDN in the scenario of progressive deployment via IP tunnel.

Art is the perfect way for people to express their emotions in a way that words are unable to do. By simply looking at art, we can understand a person’s creativity and thoughts. In former times, artists spent a great deal of time creating an image of varied styles. In the current deep learning era, we are able to create images of different styles as we prefer within a short period of time. Neural style transfer is the most popular and widely used deep learning application that applies the desired style to the content image, which in turn generates an output image that is a combination of both style and the content of the original image. In this paper we have implemented the neural style transfer model with two architectures namely Vgg19 and Alexnet. This paper compares the output-styled image and the total loss obtained through VGG19 and Alexnet architectures. In addition, three different activation functions are used to compare quality and total loss of output styled images within Alexnet architectures.

Deep learning models have been successful and shown to perform better in terms of accuracy and efficiency for facial recognition applications. However, they require huge amount of data samples that were well annotated to be successful. Their data requirements have led to some complications which include increased processing demands of the systems where such systems were to be deployed. Reducing the training sample sizes of deep learning models is still an open problem. This paper proposes the reduction of the number of samples required by the convolutional neutral network used in training a facial recognition system using a new Facial Image Deviation Estimation and Image Selection Algorithm (FIDE-ISA). The algorithm was used to select appropriate facial image training samples incrementally based on their facial deviation. This will reduce the need for huge dataset in training deep learning models. Preliminary results indicated a 100% accuracy for models trained with 54 images (at least 3 images per individual) and above.

With the rapid development of power Internet of Things (IoT), the ubiquitous edge agents are frequently exposed in a risky environment, where the white-box attacker could steal all the internal information by full observation of dynamic execution of the cryptographic software. In this situation, a new table-based white-box cryptography implementation of SM4 algorithm is proposed to prevent the attacker from extracting the secret key, which hides the encryption and decryption process in obfuscated lookup tables. Aiming to improve the diversity and ambiguity of the lookup tables as well as resist different types of white-box attacks, the random bijective nonlinear mappings are applied as scrambling encodings of the lookup tables. Moreover, in order to make our implementation more practical in the resource-constrained edge IoT agent, elaborate design is proposed to make some tables reusability, leading to less memory occupation while guaranteeing the security. The validity and security of the proposed implementation will be illustrated through several evaluation indicators.

Internet always remains the target for the cyberattacks, and attackers are getting equipped with more potent tools due to the advancement of technology to preach the security of the Internet. Industries and organizations are sponsoring many projects to avoid these kinds of problems. As a result, SDN (Software Defined Network) architecture is becoming an acceptable alternative for the traditional IP based networks which seems a better approach to defend the Internet. However, SDN is also vulnerable to many new threats because of its architectural concept. SDN might be a primary target for DoS (Denial of Service) and DDoS (Distributed Denial of Service) attacks due to centralized control and linking of data plane and control plane. In this paper, the we propose a novel technique for detection of DDoS attacks using information theory metric. We compared our approach with widely used Intrusion Detection Systems (IDSs) based on Shannon entropy and Renyi entropy, and proved that our proposed methodology has more power to detect malicious flows in SDN based networks. We have used precision, detection rate and FPR (False Positive Rate) as performance parameters for comparison, and validated the methodology using a topology implemented in Mininet network emulator.

State estimation algorithm ensures an effective realtime monitoring of the modern smart grid leading to an accurate determination of the current operating states. Recently, a new genre of data integrity attacks namely false data injection attack (FDIA) has shown its deleterious effects by bypassing the traditional bad data detection technique. Modern grid operators must detect the presence of such attacks in the raw field measurements to guarantee a safe and reliable operation of the grid. State forecasting based FDIA identification schemes have recently shown its efficacy by determining the deviation of the estimated states due to an attack. This work emphasizes on a scalable deep learning state forecasting model which can accurately determine the presence of FDIA in real-time. An optimal set of hyper-parameters of the proposed architecture leads to an effective forecasting of the operating states with minimal error. A diligent comparison between other state of the art forecasting strategies have promoted the effectiveness of the proposed neural network. A comprehensive analysis on the IEEE 14 bus test bench effectively promotes the proposed real-time attack identification strategy.

This paper reports high frequency surface acoustic wave (SAW) devices developed on Sc doped (30%) AlN on high resistivity Si for demonstrating surface acoustic wave – spin wave coupling. Enhanced Q-factors were found for both propagation modes – Rayleigh (4.7 GHz) and Sezawa (8 GHz). SAW/SW (spin wave) coupling is proven for two-ports SAW structures having a magnetostrictive layer of Ni between the two interdigitated transducers (IDTs). A decrease of 3.42 dB was observed in the amplitude of the transmission parameter, at resonance, when the magnetic field was applied. The angle between the applied magnetic field and the SAW propagation direction is π/4.

The vast majority of nowadays remote code execution attacks target virtual function tables (vtables). Attackers hijack vtable pointers to change the control flow of a vulnerable program to their will, resulting in full control over the underlying system. In this paper, we present NoVT, a compiler-based defense against vtable hijacking. Instead of protecting vtables for virtual dispatch, our solution replaces them with switch-case constructs that are inherently control-flow safe, thus preserving control flow integrity of C++ virtual dispatch. NoVT extends Clang to perform a class hierarchy analysis on C++ source code. Instead of a vtable, each class gets unique identifier numbers which are used to dispatch the correct method implementation. Thereby, NoVT inherently protects all usages of a vtable, not just virtual dispatch. We evaluate NoVT on common benchmark applications and real-world programs including Chromium. Despite its strong security guarantees, NoVT improves runtime performance of most programs (mean overhead −0.5%, −3.7% min, 2% max). In addition, protected binaries are slightly smaller than unprotected ones. NoVT works on different CPU architectures and protects complex C++ programs against strong attacks like COOP and ShrinkWrap.

The use of gamified learning platforms as a method of introducing cyber security education, training and awareness has risen greatly. With this rise, the availability of platforms to create, host or otherwise provide the challenges that make up the foundation of this education has also increased. In order to identify the best of these platforms, we need a method to compare their feature sets. In this paper, we compare related work on identifying the best platforms for a gamified cyber security learning platform as well as contemporary literature that describes the most needed feature sets for an ideal platform. We then use this to develop a metric for comparing these platforms, before then applying this metric to popular current platforms.

In this paper, we propose a new provably secure cryptosystem for two party communication that provides security in the face of new technological breakthroughs. Most of the practical cryptosystems in use today can be breached in the future with new sophisticated methods. This jeopardizes the security of older but highly confidential messages. Our protocol is based on the bounded storage model first introduced in [1]. The protocol is secure as long as there is bound on the storage, however large it may be. We also suggest methods to extend the protocol to unbounded storage models where access to adversary is limited. Our protocol is a substantial improvement over previously known protocols and uses short key and optimal number of public random bits size of which is independent of message length. The smaller and constant length of key and public random string makes the scheme more practical. The protocol generates key using elements of the additive group \$\textbackslashtextbackslashmathbbZ\_\textbackslashtextbackslashmathrmn\$. Our protocol is very generalized and the protocol in [1] is a special case of our protocol. Our protocol is a step forward in making provably secure cryptosystems practical. An important open problem raised in [2] was designing an algorithm with short key and size of public random string \$O(\textbackslashtextbackslashmathcalB)\$ where \$\textbackslashtextbackslashmathcalB\$ bounds the storage of adversary. Our protocol satisfies the conditions and is easy to implement.

The Multivariate Polynomial Public Key (MPPK) algorithm, over a prime Galois field, takes a multiplier multivariate polynomial and two multiplicand univariate solvable polynomials to create two product multivariate polynomials. One of variables is for secret message and all others are for noises. The public key consists of all coefficients of the product multivariate polynomials, except the two constant terms for the message variable. The private key is made of both multiplicands. Encryption takes a list of random numbers, over the prime Galois field. The first number is the secret to exchange. The other random numbers generate noise automatically cancelled by decryption. The secret is easily extracted from the evaluation of a solvable equation. The level of security provided by MPPK is adaptable. The algorithm can be used in several different ways. In this paper, we review the performance achieved by MPPK for several combinations of polynomial configurations and Galois field sizes. For every combination, we calculated key generation time, encryption time and decryption time. We also compare the effectiveness of MPPK with the performance of all four NIST PQC finalists. For MPPK, the data has been collected from the execution of an implementation in Java. In comparison to the NIST PQC finalists, MPPK key generation, encryption and decryption performance is excellent.

In protocol verification we observe a wide spectrum from fully automated methods to interactive theorem proving with proof assistants like Isabelle/HOL. The latter provide overwhelmingly high assurance of the correctness, which automated methods often cannot: due to their complexity, bugs in such automated verification tools are likely and thus the risk of erroneously verifying a flawed protocol is non-negligible. There are a few works that try to combine advantages from both ends of the spectrum: a high degree of automation and assurance. We present here a first step towards achieving this for a more challenging class of protocols, namely those that work with a mutable long-term state. To our knowledge this is the first approach that achieves fully automated verification of stateful protocols in an LCF-style theorem prover. The approach also includes a simple user-friendly transaction-based protocol specification language embedded into Isabelle, and can also leverage a number of existing results such as soundness of a typed model

The integration of advanced information, communication and data analytic technologies has transformed the traditional grid into an intelligent bidirectional system that can automatically adapt its services for utilities or consumers' needs. However, this change raises new privacy-related challenges. Privacy leakage has become a severe issue in the grid paradigm as adversaries run malicious analytics to identify the system's internal insight or use it to interrupt grids' operation by identifying real-time demand-based supply patterns. As a result, current grid authorities require an integrated mechanism to improve the system's sensitive data's privacy preservation. To this end, we present a multilayered smart grid architecture by characterizing the privacy issues that occur during data sharing, aggregation, and publishing by individual grid end nodes. Based on it, we quantify the nodes preferred privacy requirements. We further introduce personalized differential privacy (PDP) scheme based on trust distance in our proposed framework to provide the system with the added benefit of a user-specific privacy guarantee to eliminate differential privacy's limitation that allows the same level of privacy for all data providers. Lastly, we conduct extensive experimental analysis on a real-world grid dataset to illustrate that our proposed method is efficient enough to provide privacy preservation on sensitive smart grid data.

A code smells detection rule is a combination of metrics with their corresponding crisp thresholds and labels. The goal of this paper is to deal with metrics' thresholds uncertainty; as usually such thresholds could not be exactly determined to judge the smelliness of a particular software class. To deal with this issue, we first propose to encode each metric value into a binary possibility distribution with respect to a threshold computed from a discretization technique; using the Possibilistic C-means classifier. Then, we propose ADIPOK-UMT as an evolutionary algorithm that evolves a population of PK-NN classifiers for the detection of smells under thresholds' uncertainty. The experimental results reveal that the possibility distribution-based encoding allows the implicit weighting of software metrics (features) with respect to their computed discretization thresholds. Moreover, ADIPOK-UMT is shown to outperform four relevant state-of-art approaches on a set of commonly adopted benchmark software systems.

The impending threat of large-scale quantum computers to classical RSA and ECC-based public-key cryptographic schemes prompted NIST to initiate a global level standardization process for post-quantum cryptography. This process which started in 2017 with 69 submissions is currently in its third and final round with seven main candidates and eight alternate candidates, out of which seven (7) out of the fifteen (15) candidates are schemes based on hard problems over structured lattices, known as lattice-based cryptographic schemes. Among the various parameters such as theoretical post-quantum (PQ) security guarantees, implementation cost and performance, resistance against physical attacks such as Side-Channel Analysis (SCA) and Fault Injection Analysis (FIA) has also emerged as an important criterion for standardization in the final round [1]. This is especially relevant for adoption of PQC in embedded devices, which are most likely used in environments where an attacker can have unimpeded physical access to the device.

The fourth industrial revolution envisions industry manufacturing systems to be software driven where mundane manufacturing tasks can be automated. As software is perceived as an integral part of this vision, discovering vulnerabilities is of paramount of importance so that manufacturing systems are secure. A categorization of vulnerability discovery strategies can inform practitioners on how to identify undiscovered vulnerabilities in software. Recently researchers have investigated and identified vulnerability discovery strategies used in open source software (OSS) projects. The efficacy of the derived strategy needs to be validated by obtaining feedback from practitioners. Such feedback can be helpful to assess if identified strategies are useful for practitioners and possible directions the derived vulnerability discovery strategies can be improvised. We survey 51 practitioners to assess if four vulnerability discovery strategies: diagnostics, malicious payload construction, misconfiguration, and pernicious execution can be used to identify undiscovered vulnerabilities. Practitioners perceive the strategies to be useful: for example, we observe 88% of the surveyed practitioners to agree that diagnostics could be used to discover vulnerabilities. Our work provides evidence of usefulness for the identified strategies.

Homomorphic Encryption is one of the most promising techniques to deal with privacy concerns, which is raised by remote deep learning paradigm, and maintain high classification accuracy. However, homomorphic encryption-based solutions are characterized by high overhead in terms of both computation and communication, which limits their adoption in pervasive health monitoring applications with constrained client-side devices. In this paper, we propose PReDIHERO, an improved privacy-preserving solution for remote deep learning inferences based on homomorphic encryption. The proposed solution applies a reversible obfuscation technique that successfully protects sensitive information, and enhances the client-side overhead compared to the conventional homomorphic encryption approach. The solution tackles three main heavyweight client-side tasks, namely, encryption and transmission of private data, refreshing encrypted data, and outsourcing computation of activation functions. The efficiency of the client-side is evaluated on a healthcare dataset and compared to a conventional homomorphic encryption approach. The evaluation results show that PReDIHERO requires increasingly less time and storage in comparison to conventional solutions when inferences are requested. At two hundreds inferences, the improvement ratio could reach more than 30 times in terms of computation overhead, and more than 8 times in terms of communication overhead. The same behavior is observed in sequential data and batch inferences, as we record an improvement ratio of more than 100 times in terms of computation overhead, and more than 20 times in terms of communication overhead.

In this paper, we address the problem of privacy-preserving of the consumer's energy measurements in the context of the SG. To this end, we present a blockchain-based approach to preserve the privacy for smart grid users and to detect data forgery, replay attacks, and data injection attacks.

Background: Researchers and practitioners have been using code complexity metrics for decades to predict how developers comprehend a program. While it is plausible and tempting to use code metrics for this purpose, their validity is debated, since they rely on simple code properties and rarely consider particularities of human cognition. Aims: We investigate whether and how code complexity metrics reflect difficulty of program comprehension. Method: We have conducted a functional magnetic resonance imaging (fMRI) study with 19 participants observing program comprehension of short code snippets at varying complexity levels. We dissected four classes of code complexity metrics and their relationship to neuronal, behavioral, and subjective correlates of program comprehension, overall analyzing more than 41 metrics. Results: While our data corroborate that complexity metrics can-to a limited degree-explain programmers' cognition in program comprehension, fMRI allowed us to gain insights into why some code properties are difficult to process. In particular, a code's textual size drives programmers' attention, and vocabulary size burdens programmers' working memory. Conclusion: Our results provide neuro-scientific evidence supporting warnings of prior research questioning the validity of code complexity metrics and pin down factors relevant to program comprehension. Future Work: We outline several follow-up experiments investigating fine-grained effects of code complexity and describe possible refinements to code complexity metrics.

A standard requirement for a signature scheme is that it is existentially unforgeable under chosen message attacks (EUF-CMA), alongside other properties of interest such as strong unforgeability (SUF-CMA), and resilience against key substitution attacks.Remarkably, no detailed proofs have ever been given for these security properties for EdDSA, and in particular its Ed25519 instantiations. Ed25519 is one of the most efficient and widely used signature schemes, and different instantiations of Ed25519 are used in protocols such as TLS 1.3, SSH, Tor, ZCash, and WhatsApp/Signal. The differences between these instantiations are subtle, and only supported by informal arguments, with many works assuming results can be directly transferred from Schnorr signatures. Similarly, several proofs of protocol security simply assume that Ed25519 satisfies properties such as EUF-CMA or SUF-CMA.In this work we provide the first detailed analysis and security proofs of Ed25519 signature schemes. While the design of the schemes follows the well-established Fiat-Shamir paradigm, which should guarantee existential unforgeability, there are many side cases and encoding details that complicate the proofs, and all other security properties needed to be proven independently.Our work provides scientific rationale for choosing among several Ed25519 variants and understanding their properties, fills a much needed proof gap in modern protocol proofs that use these signatures, and supports further standardisation efforts.

In Cloud Computing, a wide range of virtual platforms are integrated and offer users a flexible pay-as-you-need service. Compared to conventional computing systems, the provision of an acceptable degree of resilience to cloud services is a daunting challenge due to the complexities of the cloud environment and the need for efficient technology that could sustain cloud advantages over other technologies. For a cloud guest resilience service solution, we provide architectural design, installation specifics, and performance outcomes throughout this article. Virtual Machine Manager (VMM) enables execution statistical test of the virtual machine states to be monitored and avoids to reach faulty states.