Biblio

Supervisor synthesis enables the design of supervisory controllers for large cyber-physical systems, with high guarantees for functionality and safety. The complexity of the synthesis problem, however, increases exponentially with the number of system components in the cyber-physical system and the number of models of this system, often resulting in lengthy or even unsolvable synthesis procedures. In this paper, a new method is proposed for reducing the model of the system before synthesis to decrease the required computational time and effort. The method consists of three steps for model reduction, that are mainly based on symmetry in dependency graphs of the system. Dependency graphs visualize the components in the system and the relations between these components. The proposed method is applied in a case study on the design of a supervisory controller for a road tunnel. In this case study, the model reduction steps are described, and results are shown on the effectiveness of model reduction in terms of model size and synthesis time.

Dynamic security assessment (DSA) is to ensure the power system being operated under a secure condition that can withstand potential contingencies. DSA normally proceeds periodically on a 5 to 15 minutes basis, where the system security condition over a complete time interval is merely determined upon the system snapshot captured at the beginning of the interval. With high wind power penetration, the minute-to-minute variations of wind power can lead to more volatile power system states within a single DSA time interval. This paper investigates the intra-interval variation (IIV) phenomenon in power system online DSA and analyze whether the IIV problem is deserved attention in future DSA research and applications. An IIV-contaminated testing environment based on hierarchical Monte-Carlo simulation is developed to evaluate the practical IIV impacts on power system security and DSA performance. The testing results show increase in system insecurity risk and significant degradation in DSA accuracy in presence of IIV. This result draws attention to the IIV phenomenon in DSA of wind-energy power systems and calls for more robust DSA approach to mitigate the IIV impacts.

Style transfer produces a transferred image which is a rendering of a content image in the manner of a style image. We seek to understand how to improve style transfer.To do so requires quantitative evaluation procedures, but current evaluation is qualitative, mostly involving user studies. We describe a novel quantitative evaluation procedure. Our procedure relies on two statistics: the Effectiveness (E) statistic measures the extent that a given style has been transferred to the target, and the Coherence (C) statistic measures the extent to which the original image's content is preserved. Our statistics are calibrated to human preference: targets with larger values of E and C will reliably be preferred by human subjects in comparisons of style and content, respectively.We use these statistics to investigate relative performance of a number of Neural Style Transfer (NST) methods, revealing a number of intriguing properties. Admissible methods lie on a Pareto frontier (i.e. improving E reduces C, or vice versa). Three methods are admissible: Universal style transfer produces very good C but weak E; modifying the optimization used for Gatys' loss produces a method with strong E and strong C; and a modified cross-layer method has slightly better E at strong cost in C. While the histogram loss improves the E statistics of Gatys' method, it does not make the method admissible. Surprisingly, style weights have relatively little effect in improving EC scores, and most variability in transfer is explained by the style itself (meaning experimenters can be misguided by selecting styles). Our GitHub Link is available1.

Microservice architectures adoption is growing expeditiously in market size and adoption, including in business-critical systems. This is due to agility in development and deployment further increased by containers and their characteristics. Ensuring security is still a major concern due to challenges faced such as resource separation and isolation, as improper access to one service might compromise complete systems. This doctoral work intends to advance the security of microservice systems through research and improvement of methodologies for detection, tolerance and mitigation of security intrusions, while overcoming challenges related to multi-tenancy, heterogeneity, dynamicity of systems and environments. Our preliminary research shows that host-based IDSes are applicable in container environments. This will be extended to dynamic scenarios, serving as a steppingstone to research intrusion tolerance techniques suited to these environments. These methodologies will be demonstrated in realistic microservice systems: complex, dynamic, scalable and elastic.

In a Smart City, new technologies such as big data analytics, data fusion and artificial intelligence will increase awareness by measuring many phenomena and storing a huge amount of data. 5G will allow communication of these data among different infrastructures instantaneously. In a Smart City, security aspects are going to be a major concern. Some drawbacks, such as vulnerabilities of a highly integrated system and information overload, must be considered. To overcome these downsides, an innovative predictive model for Smart City security risk assessment has been developed. Risk metrics and indicators are defined by considering data coming from a wide range of sensors. An innovative ``what if'' algorithm is introduced to identify critical infrastructures functional relationship. Therefore, it is possible to evaluate the effects of an incident that involves one infrastructure over the others.

In the recent years, sustainability has becoming an important topic in agro-food supply chain. Moreover, these supply chains are more vulnerable due to different interrelated risks from man-made and natural disasters. However, most of the previous studies consider less about interrelation in assessing sustainability risks. The purpose of this research is to develop a framework to assess supply chain sustainability risks by rnking environmental risks, economic risks, social risks and operational risks. To solve this problem, the proposed methodology is an integrated rough decision- making and trial evaluation laboratory (DEMA℡) method that consider the interrelationship between different risks and the group preference diversity. In order to evaluate the applicability of the proposed method, a real-world case study of Tunisian agro-food company is presented. The results show that the most important risks are corruption, inflation and uncertainty in supply and demand.

Accurate traffic classification is fundamentally important for various network activities such as fine-grained network management and resource utilisation. Port-based approaches, deep packet inspection and machine learning are widely used techniques to classify and analyze network traffic flows. However, over the past several years, the growth of Internet traffic has been explosive due to the greatly increased number of Internet users. Therefore, both port-based and deep packet inspection approaches have become inefficient due to the exponential growth of the Internet applications that incurs high computational cost. The emerging paradigm of software-defined networking has reshaped the network architecture by detaching the control plane from the data plane to result in a centralised network controller that maintains a global view over the whole network on its domain. In this paper, we propose a new deep learning model for software-defined networks that can accurately identify a wide range of traffic applications in a short time, called Deep-SDN. The performance of the proposed model was compared against the state-of-the-art and better results were reported in terms of accuracy, precision, recall, and f-measure. It has been found that 96% as an overall accuracy can be achieved with the proposed model. Based on the obtained results, some further directions are suggested towards achieving further advances in this research area.

Recent advances in resistive synaptic devices have enabled the emergence of brain-inspired smart chips. These chips can execute complex cognitive tasks in digital signal processing precisely and efficiently using an efficient neuromorphic system. The neuromorphic synapses used in such chips, however, are different from the traditional integrated circuit architectures, thereby weakening their resistance to malicious transformation and intellectual property (IP) counterfeiting. Accordingly, in this paper, we propose an effective hybrid encryption methodology for IP core protection in neuromorphic computing systems, in-corporating elliptic curve cryptography and SM4 simultaneously. Experimental results confirm that the proposed method can implement real-time encryption of any number of crossbar arrays in neuromorphic systems accurately, while reducing the time overhead by 14.40%-26.08%.

Peer review is a widely utilized pedagogical feedback mechanism for engaging students, which has been shown to improve educational outcomes. However, we find limited discussion and empirical measurement of peer review in visualization coursework. In addition to engagement, peer review provides direct and diverse feedback and reinforces recently-learned course concepts through critical evaluation of others’ work. In this paper, we discuss the construction and application of peer review in a computer science visualization course, including: projects that reuse code and visualizations in a feedback-guided, continual improvement process and a peer review rubric to reinforce key course concepts. To measure the effectiveness of the approach, we evaluate student projects, peer review text, and a post-course questionnaire from 3 semesters of mixed undergraduate and graduate courses. The results indicate that course concepts are reinforced with peer review—82% reported learning more because of peer review, and 75% of students recommended continuing it. Finally, we provide a road-map for adapting peer review to other visualization courses to produce more highly engaged students.

The industrial Internet has built a new industrial manufacturing and service system with all elements, all industrial chains and all value chains connected through the interconnection of people, machines and things. It breaks the relatively closed and credible production environment of traditional industry. But at the same time, the full interconnection of cross-device, cross-system, and cross-region in the industrial Internet also brings a certain network trust crisis. The method proposed in this paper breaking the relatively closed manufacturing environment of traditional industries, extends the network connection object from human to machine equipment, industrial products and industrial services. It provides a safe and credible environment for the development of industrial Internet, and a trust guarantee for the across enterprises entities and data sharing.

Traffic Characterization, Application Identification, Per Application Classification, and VPN/Non-VPN Traffic Characterization have been some of the most notable research topics over the past few years. Deep Packet Inspection (DPI) promises an increase in Quality of Service (QoS) for Internet Service Providers (ISPs), simplifies network management and plays a vital role in content censoring. DPI has been used to help ease the flow of network traffic. For instance, if there is a high priority message, DPI could be used to enable high-priority information to pass through immediately, ahead of other lower priority messages. It can be used to prioritize packets that are mission-critical, ahead of ordinary browsing packets. Throttling or slowing down the rate of data transfer can be achieved using DPI for certain traffic types like peer-to-peer downloads. It can also be used to enhance the capabilities of ISPs to prevent the exploitation of Internet of Things (IoT) devices in Distributed Denial-Of-Service (DDOS) attacks by blocking malicious requests from devices. In this paper, we introduce a novel architecture for DPI using neural networks utilizing layers of word embedding, convolutional neural networks and bidirectional recurrent neural networks which proved to have promising results in this task. The proposed architecture introduces a new mix of layers which outperforms the proposed approaches before.

We focus on policy-aware data centers (PADCs), wherein virtual machine (VM) traffic traverses a sequence of middleboxes (MBs) for security and performance purposes, and propose two new VM placement and migration problems. We first study PAL: policy-aware virtual machine placement. Given a PADC with a data center policy that communicating VM pairs must satisfy, the goal of PAL is to place the VMs into the PADC to minimize their total communication cost. Due to dynamic traffic loads in PADCs, however, above VM placement may no longer be optimal after some time. We thus study PAM: policy-aware virtual machine migration. Given an existing VM placement in the PADC and dynamic traffic rates among communicating VMs, PAM migrates VMs in order to minimize the total cost of migration and communication of the VM pairs. We design optimal, approximation, and heuristic policyaware VM placement and migration algorithms. Our experiments show that i) VM migration is an effective technique, reducing total communication cost of VM pairs by 25%, ii) our PAL algorithms outperform state-of-the-art VM placement algorithm that is oblivious to data center policies by 40-50%, and iii) our PAM algorithms outperform the only existing policy-aware VM migration scheme by 30%.

On C-ITS (Cooperative Intelligent Transport Systems) vehicles send and receive sensitive messages informing about events on roads (accidents, traffic jams, etc,..). The authentication of these messages is highly recommended in order to increase the users confidence about this system. This authentication ensures that only messages coming from trusted vehicles are accepted by receivers. An adapted PKI (Public Key Infrastructure) for C-ITS provides certificates for each vehicle. The certificate will be used to sign messages. This principle is used within deployed C-ITS solutions over the world. This solution is easy to implement but has one major flaw: each message needs to be sent with its signature and its certificate. The size of the message to send becomes high. In the meantime, for many C-ITS use cases, each message is sent many times for robustness reasons. The communication channel could be overloaded. In this paper, we propose to split the signature into some equal parts. When a message has to be sent, it will be sent with one of these parts. A receiver will save the received message with its actual part. For each reception, it will collect the remaining signature parts until all the signature parts are received. Our solution is implemented in a C-ITS architecture working through Bluetooth protocol using the advertising model. The solution is applicable for vehicle speeds reaching 130 km/h. We have proved, through a set of real experimentations, that our solution is possible.

Distributed optimization algorithms are proposed to, potentially, reduce the computational time of large-scale optimization problems, such as security-constrained economic dispatch (SCED). While various geographical decomposition strategies have been presented in the literature, we proposed a temporal decomposition strategy to divide the SCED problem over the considered scheduling horizon. The proposed algorithm breaks SCED over the scheduling time and takes advantage of parallel computing using multi-core machines. In this paper, we investigate how to partition the overall time horizon. We study the effect of the number of partitions (i.e., SCED subproblems) on the overall performance of the distributed coordination algorithm and the effect of partitioning time interval on the optimal solution. In addition, the impact of system loading condition and ramp limits of the generating units on the number of iterations and solution time are analyzed. The results show that by increasing the number of subproblems, the computational burden of each subproblem is reduced, but more shared variables and constraints need to be modeled between the subproblems. This can result in increasing the total number of iterations and consequently the solution time. Moreover, since the load behavior affects the active ramping between the subproblems, the breaking hour determines the difference between shared variables. Hence, the optimal number of subproblems is problem dependent. A 3-bus and the IEEE 118-bus system are selected to analyze the effect of the number of partitions.

Wireless technology is widely used today and is growing rapidly. One of the wireless technologies is VANET where the network can communicate with vehicles (V2V) which can prevent accidents on the road. Energy is also a problem in VANET so it needs to be used efficiently. The presence of malicious nodes or nodes can eliminate and disrupt the process of data communication. The routing protocol used in this study is AODV. The purpose of this study is to analyze the comparison of blackhole attack and flooding attack against energy-efficient AODV on VANET. This research uses simulation methods and several supporting programs such as OpenStreetMap, SUMO, NS2, NAM, and AWK to test the AODV routing protocol. Quality of service (QOS) parameters used in this study are throughput, packet loss, and end to end delay. Energy parameters are also used to examine the energy efficiency used. This study uses the number of variations of nodes consisting of 20 nodes, 40 nodes, 60 nodes, and different network conditions, namely normal network conditions, network conditions with black hole attacks, and network conditions with flooding attacks. The results obtained can be concluded that the highest value of throughput when network conditions are normal, the greatest value of packet loss when there is a black hole attack, the highest end to end delay value and the largest remaining energy when there is a flooding attack.

The rapid development of technology makes it possible for a physical machine to be converted into a virtual machine, which can operate multiple operating systems that are running simultaneously and connected to the internet. DoS/DDoS attacks are cyber-attacks that can threaten the telecommunications sector because these attacks cause services to be disrupted and be difficult to access. There are several software tools for monitoring abnormal activities on the network, such as IDS Snort and IDS Suricata. From previous studies, IDS Suricata is superior to IDS Snort version 2 because IDS Suricata already supports multi-threading, while IDS Snort version 2 still only supports single-threading. This paper aims to conduct tests on IDS Snort version 3.0 which already supports multi-threading and IDS Suricata. This research was carried out on a virtual machine with 1 core, 2 core, and 4 core processor settings for CPU, memory, and capture packet attacks on IDS Snort version 3.0 and IDS Suricata. The attack scenario is divided into 2 parts: DoS attack scenario using 1 physical computer, and DDoS attack scenario using 5 physical computers. Based on overall testing, the results are: In general, IDS Snort version 3.0 is better than IDS Suricata. This is based on the results when using a maximum of 4 core processor, in which IDS Snort version 3.0 CPU usage is stable at 55% - 58%, a maximum memory of 3,000 MB, can detect DoS attacks with 27,034,751 packets, and DDoS attacks with 36,919,395 packets. Meanwhile, different results were obtained by IDS Suricata, in which CPU usage is better compared to IDS Snort version 3.0 with only 10% - 40% usage, and a maximum memory of 1,800 MB. However, the capabilities of detecting DoS attacks are smaller with 3,671,305 packets, and DDoS attacks with a total of 7,619,317 packets on a TCP Flood attack test.

The ever-growing advances in science and technology have led to a rapid increase in the complexity of most engineered systems. Cyber-physical Systems (CPSs) are the result of this technology advancement that involves new paradigms, architectures and functionalities derived from different engineering domains. Due to the nature of CPSs, which are composed of many heterogeneous components that constantly interact one another and with the environment, it is difficult to study, explain hypothesis and evaluate design alternatives without using Modeling and Simulation (M&S) approaches. M&S is increasingly used in the CPS domain with different objectives; however, its adoption is not easy and straightforward but can lead to pitfalls that need to be recognized and addressed. This paper identifies some important pitfalls deriving from the application of M&S approaches to the CPS study and presents remedies, which are already available in the literature, to prevent and face them.

With the wild applications of machine learning (ML) technology, automatic speech recognition (ASR) has made great progress in recent years. Despite its great potential, there are various evasion attacks of ML-based ASR, which could affect the security of applications built upon ASR. Up to now, most studies focus on white-box attacks in ASR, and there is almost no attention paid to black-box attacks where attackers can only query the target model to get output labels rather than probability vectors in audio domain. In this paper, we propose an evasion attack against ASR in the above-mentioned situation, which is more feasible in realistic scenarios. Specifically, we first train a substitute model by using data augmentation, which ensures that we have enough samples to train with a small number of times to query the target model. Then, based on the substitute model, we apply Differential Evolution (DE) algorithm to craft adversarial examples and implement black-box attack against ASR models from the Speech Commands dataset. Extensive experiments are conducted, and the results illustrate that our approach achieves untargeted attacks with over 70% success rate while still maintaining the authenticity of the original data well.

Since GDPR was introduced, there is a reinforcement of the fact that users must give their consent before their personal data can be managed by any website. However, many studies have demonstrated that users often skip these policies and click the "I agree" button to continue browsing, being unaware of what the consent they gave was about, hence defeating the purpose of GDPR. This paper investigates if different ways of presenting users the privacy policy can change this behaviour and can lead to an increased awareness of the user in relation to what the user agrees with. Three different types of policies were used in the study: a full-text policy, a so-called usable policy, and a video-based policy. Results demonstrated that the type of policy has a direct influence on the user awareness and user satisfaction. The two alternatives to the text-based policy lead to a significant increase of user awareness in relation to the content of the policy and to a significant increase in the user satisfaction in relation to the usability of the policy.

Distributed denial of service (DDoS) attacks can bring tremendous damage to online services and ISPs. Existing adopted mitigation methods either require the victim to have a sufficient number of resources for traffic filtering or to pay a third party cloud service to filter the traffic. In our previous work we proposed CoFence, a collaborative network that allows member domains to help each other in terms of DDoS traffic handling. In that network, victim servers facing a DDoS attack can redirect excessive connection requests to other helping servers in different domains for filtering. Only filtered traffic will continue to interact with the victim server. However, sending traffic to third party servers brings up the issue of privacy: specifically leaked client source IP addresses. In this work we propose a privacy protection mechanism for defense so that the helping servers will not be able to see the IP address of the client traffic while it has minimum impact to the data filtering function. We implemented the design through a test bed to demonstrated the feasibility of the proposed design.

With the continuous popularization of smart terminals, Android and IOS systems are the most mainstream mobile operating systems in the market, and their application types and application numbers are constantly increasing. As an open system, the security issues of Android application emerge in endlessly, such as the reverse decompilation of installation package, malicious code injection, application piracy, interface hijacking, SMS hijacking and input monitoring. These security issues will also appear on mobile applications in the power industry, which will not only result in the embezzlement of applied knowledge copyrights but also lead to serious leakage of users' information and even economic losses. It may even result in the remote malicious control of key facilities, which will cause serious social issues. Under the background of the development of smart grid information construction, also with the application and promotion of power services in mobile terminals, information security protection for mobile terminal applications and interactions with the internal system of the power grid has also become an important research direction. While analyzing the risks faced by mobile applications, this article also enumerates and analyzes the necessary measures for risk resolution.

Securing the supply chain of information and communications technology (ICT) has recently emerged as a critical concern for national security and integrity. With the proliferation of Internet of Things (IoT) devices and their increasing role in controlling real world infrastructure, there is a need to analyze risks in networked systems beyond established security analyses. Existing methods in literature typically leverage attack and fault trees to analyze malicious activity and its impact. In this paper, we develop RIoTS, a security risk assessment framework borrowing from system reliability theory to incorporate the supply chain. We also analyze the impact of grouping within suppliers that may pose hidden risks to the systems from malicious supply chain actors. The results show that the proposed analysis is able to reveal hidden threats posed to the IoT ecosystem from potential supplier collusion.

The paper proposes a method for image content recovery based on digital watermarking. Existing image watermarking systems detect the tampering and can identify the exact positions of tampered regions, but only a few systems can recover the original image content. In this paper, we suggest a method for recovering the regions of interest (ROIs). It embeds the semi-fragile watermark resistant to JPEG compression (for the quality parameter values greater than or equal to the predefined threshold) and such local tamperings as splicing, copy-move, and retouching, whereas is destroyed by any other image modifications. In the experimental part, the performance of the method is shown on the road traffic JPEG images where the ROIs correspond to car license plates. The method is proven to be an efficient tool for recovering the original ROIs and can be integrated into any JPEG semi-fragile watermarking system.

To support secure and reliable operation of optical networks, we propose a framework for autonomous anomaly detection, root cause analysis and visualization of the anomaly impact on optical signal parameters. Verification on experimental physical layer security data reveals important properties of different attack profiles.

With the increasing deployment of enterprise-scale distributed systems, effective and practical defenses for such systems against various security vulnerabilities such as sensitive data leaks are urgently needed. However, most existing solutions are limited to centralized programs. For real-world distributed systems which are of large scales, current solutions commonly face one or more of scalability, applicability, and portability challenges. To overcome these challenges, we develop a novel dynamic taint analysis for enterprise-scale distributed systems. To achieve scalability, we use a multi-phase analysis strategy to reduce the overall cost. We infer implicit dependencies via partial-ordering method events in distributed programs to address the applicability challenge. To achieve greater portability, the analysis is designed to work at an application level without customizing platforms. Empirical results have shown promising scalability and capabilities of our approach.