Biblio

Deep learning has undergone tremendous advancements in computer vision studies. The training of deep learning neural networks depends on a considerable amount of ground truth datasets. However, labeling ground truth data is a labor-intensive task, particularly for large-volume video analytics applications such as video surveillance and vehicles detection for autonomous driving. This paper presents a rapid and accurate method for associative searching in big image data obtained from security monitoring systems. We developed a semi-automatic moving object annotation method for improving deep learning models. The proposed method comprises three stages, namely automatic foreground object extraction, object annotation in subsequent video frames, and dataset construction using human-in-the-loop quick selection. Furthermore, the proposed method expedites dataset collection and ground truth annotation processes. In contrast to data augmentation and data generative models, the proposed method produces a large amount of real data, which may facilitate training results and avoid adverse effects engendered by artifactual data. We applied the constructed annotation dataset to train a deep learning you-only-look-once (YOLO) model to perform vehicle detection on street intersection surveillance videos. Experimental results demonstrated that the accurate detection performance was improved from a mean average precision (mAP) of 83.99 to 88.03.

The paper shows the influence of deactivated agents in social networks: switching between French-De Groot models and Friedkin-Johnsen model.

With the advancements in enterprise-level business development, the demand for new applications and services is overwhelming. For the development and delivery of such applications and services, enterprise businesses rely on Application Programming Interfaces (APIs). API management and classification is a cumbersome task considering the rapid increase in the number of APIs, and API to API calls. API Mashups, domain APIs and API service mesh are a few recommended techniques for ease of API creation, management, and monitoring. API service mesh is considered as one of the techniques in this regard, in which the service plane and the control plane are separated for improving efficiency as well as security. In this paper, we propose and implement a security framework for the creation of a secure API service mesh using Istio and Kubernetes. Afterwards, we propose an smart association model for automatic association of new APIs to already existing categories of service mesh. To the best of our knowledge, this smart association model is the first of its kind.

In this paper, we consider the problem of joint target detection and tracking in compressive sampling and processing (CSP-JDT). CSP can process the compressive samples of sparse signals directly without signal reconstruction, which is suitable for handling high-resolution radar signals. However, in CSP, the radar target detection and tracking problems are usually solved separately or by a two-stage strategy, which cannot obtain a globally optimal solution. To jointly optimize the target detection and tracking performance and inspired by the optimal Bayes joint decision and estimation (JDE) framework, a jointly optimized target detection and tracking algorithm in CSP is proposed. Since detection and tracking are highly correlated, we first develop a measurement matrix construction method to acquire the compressive samples, and then a joint CSP Bayesian approach is developed for target detection and tracking. The experimental results demonstrate that the proposed method outperforms the two-stage algorithms in terms of the joint performance metric.

The readout of large pixellated detectors with good spectroscopic quality represents a challenge for both front-end and back-end electronics. The TRISTAN project for the search of the Sterile neutrino in the keV-scale, envisions the operation of 21 detection modules equipped with a monolithic array of 166 SDDs each, for β-decay spectroscopy in the KATRIN experiment's spectrometer. Since the trace of the sterile neutrino existence would manifest as a kink of \textbackslashtextless; 1ppm in the continuous spectrum, high accuracy in the acquisition is required. Within this framework, we present the design of a multichannel scalable analog processing and DAQ system named Kerberos, aimed to provide a simple and low-cost multichannel readout option in the early phase of the TRISTAN detector development. It is based on three 16-channel integrated programmable analog pulse processors (SFERA ASICs), high linearity ADCs, and an FPGA. The platform is able to acquire data from up to 48 pixels in parallel, providing also different readout and multiplexing strategies. The use of an analog ASIC-based solution instead of a Digital Pulse Processor, represents a viable and scalable processing solution at the price of slightly limited versatility and count rate.

Nearest neighbor search (NNS) is one of the current popular research directions, which widely used in machine learning, pattern recognition, image detection and so on. In the low dimension data, based on tree search method can get good results. But when the data dimension goes up, that will produce a curse of dimensional. The proposed Locality-Sensitive Hashing algorithm (LSH) greatly improves the efficiency of nearest neighbor query for high dimensional data. But the algorithm relies on the building a large number of hash table, which makes the space complexity very high. C2LSH based on dynamic collision improves the disadvantage of LSH, but its disadvantage is that it needs to detect the collision times of a large number of data points which Increased query time. Therefore, Based on LSH algorithm, later researchers put forward many improved algorithms, but still not ideal.In this paper, we put forward Locality-Sensitive Hashing Scheme Based on Heap Sort of Hash Bucket (HSLSH) algorithm aiming at the shortcomings of LSH and C2LSH. Its main idea is to take advantage of the efficiency of heapsort in massive data sorting to improve the efficiency of nearest neighbor query. It only needs to rely on a small number of hash functions can not only overcome the shortcoming of LSH need to build a large number of hash table, and avoids defects of C2LSH. Experiments show that our algorithm is more than 20% better than C2LSH in query accuracy and 40% percent lower in query time.

There is a need for new tools and techniques to aid automotive engineers performing cybersecurity testing on connected car systems. This is in order to support the principle of secure-by-design. Our research has produced a method to construct useful automotive security tooling and tests. It has been used to implement Controller Area Network (CAN) fuzz testing (a dynamic security test) via a prototype CAN fuzzer. The black-box fuzz testing of a laboratory vehicle's display ECU demonstrates the value of a fuzzer in the automotive field, revealing bugs in the ECU software, and weaknesses in the vehicle's systems design.

This paper presents a general model to assess the mixed-degradation profiles of critical components in a Cyber-Physical System (CPS) based on the reliability of its critical physical and software components. In the proposed assessment, the cyber aspect of a CPS was approached from a software reliability perspective. Although extensive research has been done on physical components degradation and software reliability separately, research for the combined physical-software systems is still scarce. The non-homogeneous Poisson Processes (NHPP) software reliability models are deemed to fit well with the real data and have descriptive and predictive abilities, which could make them appropriate to estimate software components reliability. To show the feasibility of the proposed approach, a case study for mixed-degradation profiles assessment is presented with n physical components and one major software component forming a critical subsystem in CPS. Two physical components were assumed to have different degradation paths with the dependency between them. Series and parallel structures were investigated for physical components. The software component failure data was taken from a wireless network switching center and fitted into a Weibull software reliability model. The case study results revealed that mix-degradation profiles of physical components, combined with software component profile, produced a different CPS reliability profile.

At the present time, there has been a rapid increase in the variety and popularity of messaging systems such as social network messaging, text messages, email and Twitter, with users frequently exchanging messages across various platforms. Unfortunately, in amongst the legitimate messages, there is a host of illegitimate and inappropriate content - with cyber stalking, trolling and computerassisted crime all taking place. Therefore, there is a need to identify individuals using messaging systems. Stylometry is the study of linguistic features in a text which consists of verifying an author based on his writing style that consists of checking whether a target text was written or not by a specific individual author. Whilst much research has taken place within authorship verification, studies have focused upon singular platforms, often had limited datasets and restricted methodologies that have meant it is difficult to appreciate the real-world value of the approach. This paper seeks to overcome these limitations through providing an analysis of authorship verification across four common messaging systems. This approach enables a direct comparison of recognition performance and provides a basis for analyzing the feature vectors across platforms to better understand what aspects each capitalize upon in order to achieve good classification. The experiments also include an investigation into the feature vector creation, utilizing population and user-based techniques to compare and contrast performance. The experiment involved 50 participants across four common platforms with a total 13,617; 106,359; 4,539; and 6,540 samples for Twitter, SMS, Facebook, and Email achieving an Equal Error Rate (EER) of 20.16%, 7.97%, 25% and 13.11% respectively.

NeuronUnityIntgration2.0 (demo video is avilable at http://tiny.cc/u1lz6y) is a plugin for Unity which provides gesture recognition functionalities through the Perception Neuron motion capture suit. The system offers a recording mode, which guides the user through the collection of a dataset of gestures, and a recognition mode, capable of detecting the recorded actions in real time. Gestures are recognized by training Support Vector Machines directly within our plugin. We demonstrate the effectiveness of our application through an experimental evaluation on a newly collected dataset. Furthermore, external applications can exploit NeuronUnityIntgration2.0's recognition capabilities thanks to a set of exposed API.

We study the problem of developing efficient approaches for proving worst-case bounds of non-deterministic recursive programs. Ranking functions are sound and complete for proving termination and worst-case bounds of non-recursive programs. First, we apply ranking functions to recursion, resulting in measure functions. We show that measure functions provide a sound and complete approach to prove worst-case bounds of non-deterministic recursive programs. Our second contribution is the synthesis of measure functions in non-polynomial forms. We show that non-polynomial measure functions with logarithm and exponentiation can be synthesized through abstraction of logarithmic or exponentiation terms, Farkas Lemma, and Handelman's Theorem using linear programming. While previous methods obtain polynomial worst-case bounds, our approach can synthesize bounds of various forms including O(n log n) and O(nr), where r is not an integer. We present experimental results to demonstrate that our approach can efficiently obtain worst-case bounds of classical recursive algorithms such as (i) Merge sort, Heap sort, and the divide-and-conquer algorithm for the Closest Pair problem, where we obtain O(n log n) worst-case bound, and (ii) Karatsuba's algorithm for polynomial multiplication and Strassen's algorithm for matrix multiplication, for which we obtain O(nr) bounds such that r is not an integer and is close to the best-known bound for the respective algorithm. Besides the ability to synthesize non-polynomial bounds, we also show that our approach is equally capable of obtaining polynomial worst-case bounds for classical programs such as Quick sort and the dynamic programming algorithm for computing Fibonacci numbers.

This paper presents a novel logic locking security assessment method based on linear regression, by means of modeling between the distribution probabilities of key-inputs and observable outputs. The algorithm reveals a weakness of the encrypted circuit since the assessment can revoke the key-inputs within several iterations. The experiment result shows that the proposed assessment can be applied to varies of encrypted combinational benchmark circuits, which exceeds 85% of correctness after revoking the encrypted key-inputs.

Currently, the guidelines for business entities to collect and use consumer information from online sources is guided by the Fair Information Practice Principles set forth by the Federal Trade Commission in the United States. These guidelines are inadequate, outdated, and provide little protection for consumers. Moreover, there are many techniques to anonymize the stored data that was collected by large companies and governments. However, what does not exist is a framework that is capable of evaluating and scoring the effects of this information in the event of a data breach. In this work, a framework for scoring and evaluating the vulnerability of private data is presented. This framework is created to be used in parallel with currently adopted frameworks that are used to score and evaluate other areas of deficiencies within the software, including CVSS and CWSS. It is dubbed the Privacy Assessment Vulnerability Scoring System (PAVSS) and quantifies the privacy-breach vulnerability an individual takes on when using an online platform. This framework is based on a set of hypotheses about user behavior, inherent properties of an online platform, and the usefulness of available data in performing a cyber attack. The weight each of these metrics has within our model is determined by surveying cybersecurity experts. Finally, we test the validity of our user-behavior based hypotheses, and indirectly our model by analyzing user posts from a large twitter data set.

Secret key generation from wireless channel is an emerging technique of physical layer security. At present, most of the secret key generation schemes use information reconciliation to obtain symmetric keys. This paper introduces a non-interactive information reconciliation scheme based on channel coding and stream encryption, and considering the error correction capability, we design a concatenated code of BCH and RS codes as channel coding. The performance of concatenated error correction code has been analyzed in this scheme. Then, we compare the concatenated code with first-level error correction code in different test environments. Extensive numerical simulations and experiments demonstrate that the decoding performance of this second-level concatenated code is better than the first-level error correction code, and it can also effectively eliminate third-party eavesdropping.

With the emergence of the Internet of Things (IoT) and the increasing number of resource-constrained interconnected smart devices, there is a noticeable increase in the number of cyber security crimes. In the face of the possible attacks on IoT networks such as network intrusion, denial of service, spoofing and so on, there is a need to develop efficient methods to locate vulnerabilities and mitigate attacks in IoT networks. Without loss of generality, we consider only intrusion-related threats to IoT. A honeypot is a system used to understand the potential dynamic threats and act as a proactive measure to detect any intrusion into the network. It is used as a trap for intruders to control unauthorized access to the network by analyzing malicious traffic. However, a sophisticated attacker can detect the presence of a honeypot and abort the intrusion mission. Therefore it is essential for honeypots to be undetectable. In this paper, we study and analyze possible techniques for SSH and telnet honeypot detection. Moreover, we propose a new methodology for probabilistic estimation of honeypot detection and an automated software implemented this methodology.

Measures and methods used in financial sector to quantify risk, have been recently applied to cyber world. The aim is to help organizations to improve risk management strategies and to wisely plan investments in cyber security. On the other hand, they are useful instruments for insurance companies in pricing cyber insurance contracts and setting the minimum capital requirements defined by the regulators. In this paper we propose an estimation of Value at Risk (VaR), referred to as Cyber Value at Risk in cyber security domain, and Tail Value at risk (TVaR). The data breach information we use is obtained from the “Chronology of data breaches” compiled by the Privacy Rights Clearinghouse.

Nowadays, the detection of acoustical emission is widely used for fault diagnosis of gas insulated substations (GIS) in normal operation and factory tests, which is called 'non-conventional' method recommended in the standard IEC TS 62478-2016 and GIGRE D1.33 444. In this paper, to develop a data analyzer for acoustic detection (AD) system to make an assistant diagnosis for technical personnel or equipment operation and maintenance personnel, based on the previous research on the experimental research, pattern identification with phase compensation and the software development, the algorithm model design and its application is given in detail. For the acoustical emission signals (n, ti, qi), the BP artificial neural network optimized by genetic algorithm (GA-BP) is used as a classifier based on the fingerprint consisting of several statistic operators, which are derivate form typical 2D histograms of PRPD with identification with phase compensation (IPC). Experimental results show that the comprehensive algorithm model designed for identification is practical and effective.

Partitioning security components of IoT devices to enable the use of Trusted Execution Environments adds resilience against side-channel attacks. Devices are hardened against extraction of sensitive information, but at the same time additional effort must be spent for the integration of the TEE and software partitioning. To perform partitioning, the developer typically inserts Remote Procedure Calls into the software. Existing RPC-based solutions require the developer to write Interface Definition Language files to generate RPC stubs. In this work, we present an RPC-based framework that supports software partitioning via a graphical user interface. The framework extracts required information about the interfaces from source-code header files to eliminate the need for IDL files. With this approach the TEE integration time is reduced and reuse of existing libraries is supported. We evaluate a Proof-of-Concept by partitioning a TLS library for IoT devices and compare our approach to other RPC-based solutions.

Responding to network security incidents requires interference with ongoing attacks to restore the security of services running on production systems. This approach prevents damage, but drastically impedes the collection of threat intelligence and the analysis of vulnerabilities, exploits, and attack strategies. We propose the live confinement of suspicious microservices into a sandbox network that allows to monitor and analyze ongoing attacks under quarantine and that retains an image of the vulnerable and open production network. A successful sandboxing requires that it happens completely transparent to and cannot be detected by an attacker. Therefore, we introduce a novel metric to measure the Quality of Deception (QoD) and use it to evaluate three proposed network deception mechanisms. Our evaluation results indicate that in our evaluation scenario in best case, an optimal QoD is achieved. In worst case, only a small downtime of approx. 3s per microservice (MS) occurs and thus a momentary drop in QoD to 70.26% before it converges back to optimum as the quarantined services are restored.

With the ever-increasing number of smart home devices, the issues related to these environments are also growing. With an ever-growing attack surface, there is no standard way to protect homes and their inhabitants from new threats. The inhabitants are rarely aware of the increased security threats that they are exposed to and how to manage them. To tackle this problem, we propose a solution based on segmented architectures similar to the ones used in industrial systems. In this approach, the smart home is segmented into various levels, which can broadly be categorised into an inner level and external level. The external level is protected by a firewall that checks the communication from/to the Internet to/from the external devices. The internal level is protected by an additional firewall that filters the information and the communications between the external and the internal devices. This segmentation guarantees a trusted environment among the entities of the internal network. In this paper, we propose an adaptive trust model that checks the behaviour of the entities and in case the entities violate trust rules they can be put in quarantine or banned from the network.

In cellular network systems, it is commonly found that many errors or failures are caused by non-functioning components or human errors. Most failures are detected by a centralized Operation and Maintenance (OAM) software which will trigger an alarm as a form of warning. In fact, there are conditions when a failure or error occurs, but it cannot be detected by OAM software, which in turn will result in many complaints coming from customers. An event like this is called a sleeping cell, which is a condition where the network has a poor performance but does not generate alarm notifications in the Operation and Maintenance Center. In this paper, sleeping cell analysis was carried out on the LTE network using a self-healing approach to speed up the cell outage detection process. The process of sleeping cell analysis was based on the database of cell performance daily for all eNodeB located in West Java, referring the uplink and downlink values as the main parameters. The acquired database would then be processed and analyzed by the measurement method based on inference statistics, where this method would process a portion of the research data (sample), to draw the conclusions regarding the characteristics of the overall data population. Furthermore, data analysis was performed with signaling ladder diagram (SLD) approach to observe the signaling flow on the network, specifically in the uplink and downlink process, which is the initial indication of a sleeping cell.

The design methods and the detection methods for Hardware Trojan develop rapidly. Existing trustiness verification methods are effective to obviously malicious HT but no effect on Stealthy Trojan. Stealthy Trojan is an advanced attack form and hard to be detected. In this paper, we analyze the characteristic of stealthy Trojan and propose a static detection method based on feature analysis. The results on ISCAS benchmarks show that the proposed method can detect the Stealthy Trojan node and is convenient to be implanted into other scalable verification framework.

Mobile AdHoc Networks (MANET) can be fast implemented, and it is very popular in many specific network requirements, such as UAV (Unmanned Aerial Unit), Disaster Recovery and IoT (Internet of Things) etc. However, MANET is also vulnerable. AODV (Ad hoc On-Demand Distance Vector Routing) protocol is one type of MANET routing protocol and many attacks can be implemented to break the connections on AODV based AdHoc networks. In this article, aim of protecting the MANET security, we modeled the AODV protocol with one type of Automata and analyzed the security vulnerabilities of it; then based on the analyzing results, we proposed an enhancement to AODV protocol to against the Black Hole Attacks. We also implemented the proposed enhancement in NS3 simulator and verified the correctness, usability and efficiency.

Clustering analysis is an important computational task that has applications in many domains. One of the most popular algorithms to solve the clustering problem is fuzzy c-means, which exploits notions from fuzzy logic to provide a smooth partitioning of the data into classes, allowing the possibility of multiple membership for each data sample. The fuzzy c-means algorithm is based on the optimization of a partitioning function, which minimizes inter-cluster similarity. This optimization problem is known to be NP-hard and it is generally tackled using a hill climbing method, a local optimizer that provides acceptable but sub-optimal solutions, since it is sensitive to initialization and tends to get stuck in local optima. In this work we propose an alternative approach based on the swarm intelligence global optimization method Fuzzy Self-Tuning Particle Swarm Optimization (FST-PSO). We solve the fuzzy clustering task by optimizing fuzzy c-means' partitioning function using FST-PSO. We show that this population-based metaheuristics is more effective than hill climbing, providing high quality solutions with the cost of an additional computational complexity. It is noteworthy that, since this particle swarm optimization algorithm is self-tuning, the user does not have to specify additional hyperparameters for the optimization process.

In recent decades, data protection (PPDM), which not only hides information, but also provides information that is useful to make decisions, has become a critical concern. We present a sanitization algorithm with the consideration of four side effects based on multi-objective PSO and hierarchical clustering methods to find optimized solutions for PPDM. Experiments showed that compared to existing approaches, the designed sanitization algorithm based on the hierarchical clustering method achieves satisfactory performance in terms of hiding failure, missing cost, and artificial cost.