Biblio

IoT devices introduce unprecedented threats into home and professional networks. As they fail to adhere to security best practices, they are broadly exploited by malicious actors to build botnets or steal sensitive information. Their adoption challenges established security standard as classic security measures are often inappropriate to secure them. This is even more problematic in sensitive environments where the presence of insecure IoTs can be exploited to bypass strict security policies. In this paper, we demonstrate an attack against a highly secured network using a Bluetooth smart bulb. This attack allows a malicious actor to take advantage of a smart bulb to exfiltrate data from an air gapped network.

Researchers develop bioassays by rigorously experimenting in the lab. This involves significant fiscal and skilled person-hour investment. A competitor can reverse engineer a bioassay implementation by imaging or taking a video of a biochip when in use. Thus, there is a need to protect the intellectual property (IP) rights of the bioassay developer. We introduce a novel 3D multilayer-based obfuscation to protect a biochip against reverse engineering.

The presence of security vulnerabilities in automotive networks has already been shown by various publications in recent years. Due to the specification of the Controller Area Network (CAN) as a broadcast medium without security mechanisms, attackers are able to read transmitted messages without being noticed and to inject malicious messages. In order to detect potential attackers within a network or software system as early as possible, Intrusion Detection Systems (IDSs) are prevalent. Many approaches for vehicles are based on techniques which are able to detect deviations from specified CAN network behaviour regarding protocol or payload properties. However, it is challenging to detect attackers who secretly connect to CAN networks and do not actively participate in bus traffic. In this paper, we present an approach that is capable of successfully detecting unknown CAN devices and determining the distance (cable length) between the attacker device and our sensing unit based on Time Domain Reflectometry (TDR) technique. We evaluated our approach on a real vehicle network.

Internet of things is a network formed between two or more devices through internet which helps in sharing data and resources. IoT is present everywhere and lot of applications in our day-to-day life such as smart homes, smart grid system which helps in reducing energy consumption, smart garbage collection to make cities clean, smart cities etc. It has some limitations too such as concerns of security of the network and the cost of installations of the devices. There have been many researches proposed various method in improving the IoT systems. In this paper, we have discussed about the scope and limitations of IoT in various fields and we have also proposed a technique to secure offline architecture of IoT.

Insider threats are one of the most challenging issues in the world of computer networks. Now a day, most of the companies are relying on cloud services to get scalable data services and to reduce cost. The inclusion of cloud environment has spread the canvas for insider threats because cloud service providers are also there in addition to the organization that outsourced for cloud services. In this paper, multiple existing approaches to handle the insider threats in cloud environment have been investigated and analyzed thoroughly. The comparison of these techniques depicts which better approaches in the paradigm of cloud computing exist.

This paper focuses on research of a provably secure code-based pseudorandom sequence generators whose cryptanalysis problem equals to syndrome decoding (belonging to the NP-complex class). It was found that generated sequences of such well-known Fischer-Stern code-based generator don’t have a maximum period, the actual period is much lower than expected. In our work, we have created a new generator scheme. It retains all advantages of the Fisher-Stern algorithm and provides pseudorandom sequences which are formed with maximum period. Also comparative analysis of proposed generator and popular generators was conducted.

Vehicular Ad-hoc Networks (VANETs) is a traditional mobile ad hoc network (MANET) used on traffic roads and it is a special mobile ad hoc network. As an intelligent transportation system, VANETs can solve driving safety and provide value-added services. Therefore, the application of VANETs can improve the safety and efficiency of road traffic. Location services are in a crucial position for the development of VANETs. VANETs has the characteristics of open access and wireless communication. Malicious node attacks may lead to the leakage of user privacy in VANETs, thus seriously affecting the use of VANETs. Therefore, the location privacy issue of VANETs cannot be ignored. This paper classifies the attack methods in VANETs, and summarizes and compares the location privacy protection techniques proposed in the existing research.

In operation centers, it is important to know the power transfer limit to guarantee the safety operation of the power system. The Voltage Stability Margin (VSM) is a widely used measure and needs to definition of a load growth direction (LGD) to be computed. However, different definitions of LGD can provide different VSMs and then the VSM may not be reliable. Besides, the measure of this power transfer limit usually is related to the Saddle-Node Bifurcation. In dynamic security assessment (DSA) is highly desirable to identify limit regions where the power system can operate safely due to Hopf (HB) and Saddle-Node (SNB) Bifurcations. This paper presents a modeling of the power system incorporating the LGD variation based on participation factors to evaluate the effects on the stability margin estimation due to HB and SNB. A direct method is used to calculate the stability margin of the power system for a given load direction. The analysis was performed in the IEEE 39 bus system.

To guarantee the quality of software, specifying security requirements (SRs) is essential for developing systems, especially for security-critical software systems. However, using security threat to determine detailed SR is quite difficult according to Common Criteria (CC), which is too confusing and technical for non-security specialists. In this paper, we propose a Co-occurrence Recommend Model (CoRM) to automatically recommend software SRs. In this model, the security threats of product are extracted from security target documents of software, in which the related security requirements are tagged. In order to establish relationships between software security threat and security requirement, semantic similarities between different security threat is calculated by Skip-thoughts Model. To evaluate our CoRM model, over 1000 security target documents of 9 types software products are exploited. The results suggest that building a CoRM model via semantic similarity is feasible and reliable.

On each cryptocurrency transaction, a high-level security is needed to protect user data as well as data on the transaction. At this stage, it takes the appropriate algorithm in securing transactions with more efficient processing time. The Elliptic Curve Cryptography (ECC) is one of the cryptography algorithms which has high-level security, and ECC is often compared with the Rivest, Shamir, and Adleman (RSA) algorithm because it has a security level that is almost the same but has some differences that make ECC is superior compared to the RSA algorithm, so that the ECC algorithm can optimize cryptocurrency security in the transaction process. The purpose of this study is to simulate the bitcoin transactions using cryptography algorithms. This study uses the ECC algorithm as the algorithm ECDH and ECDSA key exchange as the algorithm for signing and verifying. The comparison results of ECC and RSA processing time is 1:25, so the ECC is more efficient. The total processing time of ECC is 0,006 seconds and RSA is 0,152 seconds. The researcher succeeded to implement the ECC algorithm as securing algorithms in mining process of 3 scenarios, normal, failed, and fake bitcoin transactions.

This paper presents a data-driven and physics-based method for detection of false data injection (FDI) in Smart Grids (SG). As the power grid transitions to the use of SG technology, it becomes more vulnerable to cyber-attacks like FDI. Current strategies for the detection of bad data in the grid rely on the physics based State Estimation (SE) process and statistical tests. This strategy is naturally vulnerable to undetected bad data as well as false positive scenarios, which means it can be exploited by an intelligent FDI attack. In order to enhance the robustness of bad data detection, the paper proposes the use of data-driven Machine Intelligence (MI) working together with current bad data detection via a combined Chi-squared test. Since MI learns over time and uses past data, it provides a different perspective on the data than the SE, which analyzes only the current data and relies on the physics based model of the system. This combined bad data detection strategy is tested on the IEEE 118 bus system.

Since Bitcoin, the first cryptocurrency that applied blockchain technology was developed by Satoshi Nakamoto, the cryptocurrency market has grown rapidly. Along with this growth, many vulnerabilities and attacks are threatening the Bitcoin ecosystem, which is not only at the bitcoin network-level but also at the service level that applied it, according to the survey. We intend to analyze and detect DDoS attacks on the premise that bitcoin's network-level data and service-level DDoS attacks with bitcoin are associated. We evaluate the results of the experiment according to the proposed metrics, resulting in an association between network-level data and service-level DDoS attacks of bitcoin. In conclusion, we suggest the possibility that the proposed method could be applied to other blockchain systems.

The evolution of the Internet of Vehicles (IoV) paradigm has recently attracted a lot of researchers and industries. Vehicular Ad Hoc Networks (VANET) is the networking model that lies at the heart of this technology. It enables the vehicles to exchange relevant information concerning road conditions and safety. However, ensuring communication security has been and still is one of the main challenges to vehicles' interconnection. To secure the interconnected vehicular system, many cryptography techniques, communication protocols, and certification and reputation-based security approaches were proposed. Nonetheless, some limitations are still present, preventing the practical implementation of such approaches. In this paper, we first define a set of locally-perceived behavioral reputation parameters that enable a distributed evaluation of vehicles' reputation. Then, we integrate these parameters into the design of a reputation management system to exclude malicious or faulty vehicles from the IoV network. Our system can help in the prevention of several attacks on the VANET environment such as Sybil and Denial of Service attacks, and can be implemented in a fully decentralized fashion.

Railroad trespassing is a dangerous activity with significant security and safety risks. However, regular patrolling of potential trespassing sites is infeasible due to exceedingly high resource demands and personnel costs. This raises the need to design automated trespass detection and early warning prediction techniques leveraging state-of-the-art machine learning. To meet this need, we propose a novel framework for Automated Railroad Trespassing detection System using video surveillance data called ARTS. As the core of our solution, we adopt a CNN-based deep learning architecture capable of video processing. However, these deep learning-based methods, while effective, are known to be computationally expensive and time consuming, especially when applied to a large volume of surveillance data. Leveraging the sparsity of railroad trespassing activity, ARTS corresponds to a dual-stage deep learning architecture composed of an inexpensive pre-filtering stage for activity detection, followed by a high fidelity trespass classification stage employing deep neural network. The resulting dual-stage ARTS architecture represents a flexible solution capable of trading-off accuracy with computational time. We demonstrate the efficacy of our approach on public domain surveillance data achieving 0.87 f1 score while keeping up with the enormous video volume, achieving a practical time and accuracy trade-off.

Recent advances in visual media technology have led to new tools for processing and, above all, generating multimedia contents. In particular, modern AI-based technologies have provided easy-to-use tools to create extremely realistic manipulated videos. Such synthetic videos, named Deep Fakes, may constitute a serious threat to attack the reputation of public subjects or to address the general opinion on a certain event. According to this, being able to individuate this kind of fake information becomes fundamental. In this work, a new forensic technique able to discern between fake and original video sequences is given; unlike other state-of-the-art methods which resorts at single video frames, we propose the adoption of optical flow fields to exploit possible inter-frame dissimilarities. Such a clue is then used as feature to be learned by CNN classifiers. Preliminary results obtained on FaceForensics++ dataset highlight very promising performances.

The metallic interface for between core messages expends wealth influence and lesser throughput which are huge in Network-on Chip (NoC) structures. We proposed a remote Network-on-Chip (NoC) building Wireless Network-on Chip that uses power and imperatives gainful remote handsets to improve higherenergy and throughput by altering channels as indicated by traffic plans. Our proposed computations uses interface use bits of knowledge to redispensreal platforms, and a vitality funds of 29-35%. Wireless channels and a token sharing arrangement to totally use the remote information transmission successfully. Remote/electrical topological with results demonstrates a through-put advancement of 69%, a speedup between 1.7-2.9X on real platform, and an power savings of 25-38%.

In service-oriented computing environment (e.g. cloud computing), Cloud Customers (CCs) and Cloud Service Providers (CSPs) require to calculate the trust ranks of impending partner prior to appealing in communications. Determining trustworthiness dynamically is a demanding dilemma in an open and dynamic environment (such as cloud computing) because of many CSPs providing same types of services. Presently, there are very less number of dynamic trust evaluation scheme that permits CCs to evaluate CSPs trustworthiness from multi-dimensional perspectives. Similarly, there is no scheme that permits CSPs to evaluate trustworthiness of CCs. This paper proposes a Multidimensional Dynamic Trust Evaluation Scheme (MDTES) that facilitates CCs to evaluate the trustworthiness of CSPs from various viewpoints. Similar approach can be employed by CSPs to evaluate the trustworthiness of CCs. The proposed MDTES helps CCs to choose trustworthy CSP and to have desired QoS requirements and CSPs to choose desired and legal CCs. The simulation results illustrate the MDTES is dynamic and steady in distinguishing trustworthy and untrustworthy CSPs and CCs.

We introduce a novel distributed derivative-free optimization framework that is resilient to stragglers. The proposed method employs coded search directions at which the objective function is evaluated, and a decoding step to find the next iterate. Our framework can be seen as an extension of evolution strategies and structured exploration methods where structured search directions were utilized. As an application, we consider black-box adversarial attacks on deep convolutional neural networks. Our numerical experiments demonstrate a significant improvement in the computation times.

A DDoS attack is a spiteful attempt to disrupt legitimate traffic to a server by overwhelming the target with a flood of requests from geographically dispersed systems. Today attackers prefer DDoS attack methods to disrupt target services as they generate GBs to TBs of random data to flood the target. In existing mitigation strategies, because of lack of resources and not having the flexibility to cope with attacks by themselves, they are not considered to be that effective. So effective DDoS mitigation techniques can be provided using emerging technologies such as blockchain and SDN(Software-Defined Networking). We propose an architecture where a smart contract is deployed in a private blockchain, which facilitates a collaborative DDoS mitigation architecture across multiple network domains. Blockchain application is used as an additional security service. With Blockchain, shared protection is enabled among all hosts. With help of smart contracts, rules are distributed among all hosts. In addition, SDN can effectively enable services and security policies dynamically. This mechanism provides ASes(Autonomous Systems) the possibility to deploy their own DPS(DDoS Prevention Service) and there is no need to transfer control of the network to the third party. This paper focuses on the challenges of protecting a hybridized enterprise from the ravages of rapidly evolving Distributed Denial of Service(DDoS) attack.

Situation awareness consists of "the perception of the elements in the environment within a volume of time and space, the comprehension of their meaning, and the projection of their status in the near future". Being aware of the security situation is then mandatory to launch proper security reactions in response to cybersecurity attacks. Security Incident and Event Management solutions are deployed within Security Operation Centers. Some vendors propose machine learning based approaches to detect intrusions by analysing networks behaviours. But cyberattacks like Wannacry and NotPetya, which shut down hundreds of thousands of computers, demonstrated that networks monitoring and surveillance solutions remain insufficient. Detecting these complex attacks (a.k.a. Advanced Persistent Threats) requires security administrators to retain a large number of logs just in case problems are detected and involve the investigation of past security events. This approach generates massive data that have to be analysed at the right time in order to detect any accidental or caused incident. In the same time, security administrators are not yet seasoned to such a task and lack the desired skills in data science. As a consequence, a large amount of data is available and still remains unexplored which leaves number of indicators of compromise under the radar. Building on the concept of situation awareness, we developed a situation-driven framework, called dynSMAUG, for dynamic security management. This approach simplifies the security management of dynamic systems and allows the specification of security policies at a high-level of abstraction (close to security requirements). This invited paper aims at exposing real security situations elicitation, coming from networks security experts, and showing the results of exploratory analysis techniques using complex event processing techniques to identify and extract security situations from a large volume of logs. The results contributed to the extension of the dynSMAUG solution.

Database outsourcing is one of the important utilities in cloud computing in which the Information Proprietor (IP) transfers the database administration to the Cloud Service Provider (CSP) in order to minimize the administration cost and preservation expenses of the database. Inspite of its immense profit, it undergoes few security issues such as privacy of deployed database and provability of search results. In the recent past, few of the studies have been carried out on provability of search results of Outsourced Database (ODB) that affords correctness and completeness of search results. But in the existing schemes, since there is flow of data between the Information Proprietor and the clients frequently, huge communication cost prevails at the Information Proprietor side. To address this challenge, in this paper we propose Efficient Auditing for Outsourced Database with Token Enforced Cloud Storage (EAODBT). The proposed scheme reduces the large communication cost prevailing at the Information Proprietor side and achieves correctness and completeness of search results even if the mischievous CSP knowingly sends a null set. Experimental analysis show that the proposed scheme has totally reduced the huge communication cost prevailing between Information Proprietor and clients, and simultaneously achieves the correctness and completeness of search results.

Safety and security of complex critical infrastructures are very important for economic, environmental and social reasons. The complexity of these systems introduces difficulties in the identification of safety and security risks that emerge from interdisciplinary interactions and dependencies. The discovery of safety and security design weaknesses late in the design process and during system operation can lead to increased costs, additional system complexity, delays and possibly undesirable compromises to address safety and security weaknesses.

Tor's anonymity network is one of the most widely used anonymity networks online, it consists of thousands of routers run by volunteers. Tor preserves the anonymity of its users by relaying the traffic through a number of routers (called onion routers) forming a circuit. The current design of Tor's transport layer suffers from a number of problems affecting the performance of the network. Several researches proposed changes in the transport design in order to eliminate the effect of these problems and improve the performance of Tor's network. In this paper. we propose "QuicTor", an improvement to the transport layer of Tor's network by using Google's protocol "QUIC" instead of TCP. QUIC was mainly developed to eliminate TCP's latency introduced from the handshaking delays and the head-of-line blocking problem. We provide an empirical evaluation of our proposed design and compare it to two other proposed designs, IMUX and PCTCP. We show that QuicTor significantly enhances the performance of Tor's network.

Benchmarking is an important measure for companies to investigate their performance and to increase efficiency. As companies usually are reluctant to provide their key performance indicators (KPIs) for public benchmarks, privacy-preserving benchmarking systems are required. In this paper, we present an enhanced privacy-preserving benchmarking protocol, which we implemented and evaluated based on the real-world scenario of product cost optimisation. It is based on homomorphic encryption and enables cloud-based KPI comparison, providing a variety of statistical measures. The theoretical and empirical evaluation of our benchmarking system underlines its practicability.

A distributed energy resource prototype is used to show cybersecurity best practices. These best practices include straightforward security techniques, such as encrypted serial communication. The best practices include more sophisticated security techniques, such as a method to evaluate and respond to firmware integrity at run-time. The prototype uses embedded Linux, a hardware-assisted monitor, one or more digital signal processors, and grid-connected power electronics. Security features to protect communication, firmware, power flow, and hardware are developed. The firmware run-time integrity security is presently evaluated, and shown to maintain power electronics uptime during firmware updating. The firmware run-time security feature can be extended to allow software rejuvenation, multi-mission controls, and greater flexibility and security in controls.