Biblio

Information security is winding up noticeably more vital in information stockpiling and transmission. Images are generally utilised for various purposes. As a result, the protection of image from the unauthorised client is critical. Established encryption techniques are not ready to give a secure framework. To defeat this, image encryption is finished through DNA encoding which is additionally included with confused 1D and 2D logistic maps. The key communication is done through the quantum channel using the BB84 protocol. To recover the encrypted image DNA decoding is performed. Since DNA encryption is invertible, decoding can be effectively done through DNA subtraction. It decreases the complexity and furthermore gives more strength when contrasted with traditional encryption plans. The enhanced strength of the framework is measured utilising measurements like NPCR, UACI, Correlation and Entropy.

Deep learning has undergone tremendous advancements in computer vision studies. The training of deep learning neural networks depends on a considerable amount of ground truth datasets. However, labeling ground truth data is a labor-intensive task, particularly for large-volume video analytics applications such as video surveillance and vehicles detection for autonomous driving. This paper presents a rapid and accurate method for associative searching in big image data obtained from security monitoring systems. We developed a semi-automatic moving object annotation method for improving deep learning models. The proposed method comprises three stages, namely automatic foreground object extraction, object annotation in subsequent video frames, and dataset construction using human-in-the-loop quick selection. Furthermore, the proposed method expedites dataset collection and ground truth annotation processes. In contrast to data augmentation and data generative models, the proposed method produces a large amount of real data, which may facilitate training results and avoid adverse effects engendered by artifactual data. We applied the constructed annotation dataset to train a deep learning you-only-look-once (YOLO) model to perform vehicle detection on street intersection surveillance videos. Experimental results demonstrated that the accurate detection performance was improved from a mean average precision (mAP) of 83.99 to 88.03.

In the modern day and age, credential based authentication systems no longer provide the level of security that many organisations and their services require. The level of trust in passwords has plummeted in recent years, with waves of cyber attacks predicated on compromised and stolen credentials. This method of authentication is also heavily reliant on the individual user's choice of password. There is the potential to build levels of security on top of credential based authentication systems, using a risk based approach, which preserves the seamless authentication experience for the end user. One method of adding this security to a risk based authentication framework, is keystroke dynamics. Monitoring the behaviour of the users and how they type, produces a type of digital signature which is unique to that individual. Learning this behaviour allows dynamic flags to be applied to anomalous typing patterns that are produced by attackers using stolen credentials, as a potential risk of fraud. Methods from statistics and machine learning have been explored to try and implement such solutions. This paper will look at an Autoencoder model for learning the keystroke dynamics of specific users. The results from this paper show an improvement over the traditional tried and tested statistical approaches with an Equal Error Rate of 6.51%, with the additional benefits of relatively low training times and less reliance on feature engineering.

Hardware Trojan Horses and active fault attacks are a threat to the safety and security of electronic systems. By such manipulations, an attacker can extract sensitive information or disturb the functionality of a device. Therefore, several protections against malicious inclusions have been devised in recent years. A prominent technique to detect abnormal behavior in the field is run-time verification. It relies on dedicated monitoring circuits and on verification rules generated from a set of temporal properties. An important question when dealing with such protections is the effectiveness of the protection against unknown attacks. In this paper, we present a methodology based on automatic generation of monitoring and formal verification techniques that can be used to validate and analyze the quality of a set of temporal properties when used as protection against generic attackers of variable strengths.

Modern computer peripherals are diverse in their capabilities and functionality, ranging from keyboards and printers to smartphones and external GPUs. In recent years, peripherals increasingly connect over a small number of standardized communication protocols, including USB, Bluetooth, and NFC. The host operating system is responsible for managing these devices; however, malicious peripherals can request additional functionality from the OS resulting in system compromise, or can craft data packets to exploit vulnerabilities within OS software stacks. Defenses against malicious peripherals to date only partially cover the peripheral attack surface and are limited to specific protocols (e.g., USB). In this paper, we propose Linux (e)BPF Modules (LBM), a general security framework that provides a unified API for enforcing protection against malicious peripherals within the Linux kernel. LBM leverages the eBPF packet filtering mechanism for performance and extensibility and we provide a high-level language to facilitate the development of powerful filtering functionality. We demonstrate how LBM can provide host protection against malicious USB, Bluetooth, and NFC devices; we also instantiate and unify existing defenses under the LBM framework. Our evaluation shows that the overhead introduced by LBM is within 1 μs per packet in most cases, application and system overhead is negligible, and LBM outperforms other state-of-the-art solutions. To our knowledge, LBM is the first security framework designed to provide comprehensive protection against malicious peripherals within the Linux kernel.

The ubiquitous internetworking of devices in all areas of life is boosted by various trends for instance the Internet of Things. Promising technologies that can be used for such future environments come from Wireless Sensor Networks. It ensures connectivity between distributed, tiny and simple sensor nodes as well as sensor nodes and base stations in order to monitor physical or environmental conditions such as vibrations, temperature or motion. Security plays an increasingly important role in the coming decades in which attacking strategies are becoming more and more sophisticated. Contemporary cryptographic mechanisms face a great threat from quantum computers in the near future and together with Intrusion Detection Systems are hardly applicable on sensors due to strict resource constraints. Thus, in this work a future-proof lightweight and resource-aware security concept for sensor networks with a processing stage permeated filtering mechanism is proposed. A special focus in the concepts evaluation lies on the novel Magic Number filter to mitigate a special kind of Denial-of-Service attack performed on CC1350 LaunchPad ARM Cortex-M3 microcontroller boards.

Monitoring kernel object modification of virtual machine is widely used by virtual-machine-introspection-based security monitors to protect virtual machines in cloud computing, such as monitoring dentry objects to intercept file operations, etc. However, most of the current virtual machine monitors, such as KVM and Xen, only support page-level monitoring, because the Intel EPT technology can only monitor page privilege. If the out-of-virtual-machine security tools want to monitor some kernel objects, they need to intercept the operation of the whole memory page. Since there are some other objects stored in the monitored pages, the modification of them will also trigger the monitor. Therefore, page-level memory monitor usually introduces overhead to related kernel services of the target virtual machine. In this paper, we propose a low-overhead kernel object monitoring approach to reduce the overhead caused by page-level monitor. The core idea is to migrate the target kernel objects to a protected memory area and then to monitor the corresponding new memory pages. Since the new pages only contain the kernel objects to be monitored, other kernel objects will not trigger our monitor. Therefore, our monitor will not introduce runtime overhead to the related kernel service. The experimental results show that our system can monitor target kernel objects effectively only with very low overhead.

The large amounts of synchrophasor data obtained by Phasor Measurement Units (PMUs) provide dynamic visibility into power systems. Extracting reliable information from the data can enhance power system situational awareness. The data quality often suffers from data losses, bad data, and cyber data attacks. Data privacy is also an increasing concern. In this paper, we discuss our recently proposed framework of data recovery, error correction, data privacy enhancement, and event identification methods by exploiting the intrinsic low-dimensional structures in the high-dimensional spatial-temporal blocks of PMU data. Our data-driven approaches are computationally efficient with provable analytical guarantees. The data recovery method can recover the ground-truth data even if simultaneous and consecutive data losses and errors happen across all PMU channels for some time. We can identify PMU channels that are under false data injection attacks by locating abnormal dynamics in the data. The data recovery method for the operator can extract the information accurately by collectively processing the privacy-preserving data from many PMUs. A cyber intruder with access to partial measurements cannot recover the data correctly even using the same approach. A real-time event identification method is also proposed, based on the new idea of characterizing an event by the low-dimensional subspace spanned by the dominant singular vectors of the data matrix.

Global networks like energy grids, transportation networks or financial IT-infrastructure are crucial for the wealth of modern societies. Reliable and resilient control of these infrastructures thus has gained much attention in the last years. Typical approaches to ensure stable operation of these infrastructures follow two contradictory paradigms, i.e. complexity reducing and complexity increasing measures. Whereas the first are supposed to encapsulate interdependencies and decision-making processes and typically reduce transparency as a sideeffect, the latter strengthen the role of the human actor in these systems by increasing transparency to allow for well-informed decision-making. In this paper, we will discuss these two paradigms and show why intra-actor conflicts arise from adding both complexity and reducing transparency at the same time. We will outline a research agenda to model the effect of these conflicts using the example of energy systems and current transparency-enhancing technologies like e.g. distributed ledger technology.

Cross-Site Request Forgery (CSRF) is one of the oldest and simplest attacks on the Web, yet it is still effective on many websites and it can lead to severe consequences, such as economic losses and account takeovers. Unfortunately, tools and techniques proposed so far to identify CSRF vulnerabilities either need manual reviewing by human experts or assume the availability of the source code of the web application. In this paper we present Mitch, the first machine learning solution for the black-box detection of CSRF vulnerabilities. At the core of Mitch there is an automated detector of sensitive HTTP requests, i.e., requests which require protection against CSRF for security reasons. We trained the detector using supervised learning techniques on a dataset of 5,828 HTTP requests collected on popular websites, which we make available to other security researchers. Our solution outperforms existing detection heuristics proposed in the literature, allowing us to identify 35 new CSRF vulnerabilities on 20 major websites and 3 previously undetected CSRF vulnerabilities on production software already analyzed using a state-of-the-art tool.

Mobile crowd sensing (MCS) is a rapidly developing technique for information collection from the users of mobile devices. This technique deals with participants' personal information such as their identities and locations, thus raising significant security and privacy concerns. Accordingly, anonymous authentication schemes have been widely considered for preserving participants' privacy in MCS. However, mobile devices are easy to lose and vulnerable to device capture attacks, which enables an attacker to extract the private authentication key of a mobile application and to further invade the user's privacy by linking sensed data with the user's identity. To address this issue, we have devised a special anonymous authentication scheme where the authentication request algorithm can be obfuscated into an unintelligible form and thus the authentication key is not explicitly used. This scheme not only achieves authenticity and unlinkability for participants, but also resists impersonation, replay, denial-of-service, man-in-the-middle, collusion, and insider attacks. The scheme's obfuscation algorithm is the first obfuscator for anonymous authentication, and it satisfies the average-case secure virtual black-box property. The scheme also supports batch verification of authentication requests for improving efficiency. Performance evaluations on a workstation and smart phones have indicated that our scheme works efficiently on various devices.

Older adults (65+) are becoming primary users of emerging smart systems, especially in health care. However, these technologies are often not designed for older users and can pose serious privacy and security concerns due to their novelty, complexity, and propensity to collect and communicate vast amounts of sensitive information. Efforts to address such concerns must build on an in-depth understanding of older adults' perceptions and preferences about data privacy and security for these technologies, and accounting for variance in physical and cognitive abilities. In semi-structured interviews with 46 older adults, we identified a range of complex privacy and security attitudes and needs specific to this population, along with common threat models, misconceptions, and mitigation strategies. Our work adds depth to current models of how older adults' limited technical knowledge, experience, and age-related declines in ability amplify vulnerability to certain risks; we found that health, living situation, and finances play a notable role as well. We also found that older adults often experience usability issues or technical uncertainties in mitigating those risks -- and that managing privacy and security concerns frequently consists of limiting or avoiding technology use. We recommend educational approaches and usable technical protections that build on seniors' preferences.

This paper presents a novel technique to quantify the operational resilience for power electronic-based components affected by High-Impact Low-Frequency (HILF) weather-related events such as high speed winds. In this study, the resilience quantification is utilized to investigate how prompt the system goes back to the pre-disturbance or another stable operational state. A complexity quantification metric is used to assess the system resilience. The test system is a Solid-State Transformer (SST) representing a complex, nonlinear interconnected system. Results show the effectiveness of the proposed technique for quantifying the operational resilience in systems affected by weather-related disturbances.

In order to study the stress detection method on long-distance oil and gas pipeline, the distribution characteristics of the surface remanence signals in the stress concentration regions must be known. They were studied by using the magnetic domain model in the non-magnetic saturation state. The finite element method was used herein with the aim to analyse the static and mechanical characteristics of a ferromagnetic specimen. The variation law of remanence signal in stress concentration regions was simulated. The results show that a residue signal in the stress concentration region exists. In addition, a one-to-one correspondence in the non-magnetic saturation environment is evident. In the case of magnetic saturation, the remanence signal of the stress concentration region is covered and the signal cannot be recognised.

SSL certificates are a core component of the public key infrastructure that underpins encrypted communication in the Internet. In this paper, we report the results of a longitudinal study of the characteristics of SSL certificate chains presented to clients during secure web (HTTPS) connection setup. Our data set consists of 23B SSL certificate chains collected from a global panel consisting of over 2M residential client machines over a period of 6 months. The data informing our analyses provide perspective on the entire chain of trust, including root certificates, across a wide distribution of client machines. We identify over 35M unique certificate chains with diverse relationships at all levels of the PKI hierarchy. We report on the characteristics of valid certificates, which make up 99.7% of the total corpus. We also examine invalid certificate chains, finding that 93% of them contain an untrusted root certificate and we find they have shorter average chain length than their valid counterparts. Finally, we examine two unintended but prevalent behaviors in our data: the deprecation of root certificates and secure traffic interception. Our results support aspects of prior, scan-based studies on certificate characteristics but contradict other findings, highlighting the importance of the residential client-side perspective.

Nowadays due to economic reasons most of the semiconductor companies prefer to outsource the manufacturing part of their designs to third fabrication foundries, the so-called fabs. Untrustworthy fabs can extract circuit blocks, the called intellectual properties (IPs), from the layouts and then pirate them. Such fabs are suspected of hardware Trojan (HT) threat in which malicious circuits are added to the layouts for sabotage objectives. HTs lead up to increase power consumption in HT-infected circuits. However, due to process variations, the power of HTs including few gates in million-gate circuits is not detectable in power consumption analysis (PCA). Thus, such circuits should be considered as a collection of small sub-circuits, and PCA must be individually performed for each one of them. In this article, we introduce an approach facilitating PCA-based HT detection methods. Concerning this approach, we propose a new logic locking method and algorithm. Logic locking methods and algorithm are usually employed against IP piracy. They modify circuits such that they do not correctly work without applying a correct key to. Our experiments at the gate level and post-synthesis show that the proposed locking method and algorithm increase the proportion of HT activity and consequently HT power to circuit power.

Currently, the complexity of software quality and testing is increasing exponentially with a huge number of challenges knocking doors, especially when testing a mission-critical application in banking and other critical domains, or the new technology trends with decentralized and nonintegrated testing tools. From practical experience, software testing has become costly and more effort-intensive with unlimited scope. This thesis promotes the Scalable Quality and Testing Lab (SQTL), it's a centralized quality and testing platform, which integrates a powerful manual, automation and business intelligence tools. SQTL helps quality engineers (QE) effectively organize, manage and control all testing activities in one centralized lab, starting from creating test cases, then executing different testing types such as web, security and others. And finally, ending with analyzing and displaying all testing activities result in an interactive dashboard, which allows QE to forecast new bugs especially those related to security. The centralized SQTL is to empower QE during the testing cycle, help them to achieve a greater level of software quality in minimum time, effort and cost, and decrease defect density metric.

Emerging industrial platforms such as the Internet of Things (IoT), Industrial Internet (II) in the US and Industrie 4.0 in Europe have tremendously accelerated the development of new generations of Cyber-Physical Systems (CPS) that integrate humans and human organizations (H-CPS) with physical and computation processes and extend to societal-scale systems such as traffic networks, electric grids, or networks of autonomous systems where control is dynamically shifted between humans and machines. Although such societal-scale CPS can potentially affect many aspect of our lives, significant societal strains have emerged about the new technology trends and their impact on how we live. Emerging tensions extend to regulations, certification, insurance, and other societal constructs that are necessary for the widespread adoption of new technologies. If these systems evolve independently in different parts of the world, they will ‘hard-wire’ the social context in which they are created, making interoperation hard or impossible, decreasing reusability, and narrowing markets for products and services. While impacts of new technology trends on social policies have received attention, the other side of the coin – to make systems adaptable to social policies – is nearly absent from engineering and computer science design practice. This paper focuses on technologies that can be adapted to varying public policies and presents (1) hard problems and technical challenges and (2) some recent research approaches and opportunities. The central goal of this paper is to discuss the challenges and opportunities for constructing H-CPS that can be parameterized by social context. The focus in on three major application domains: connected vehicles, transactive energy systems, and unmanned aerial vehicles.Abbreviations: CPS: Cyber-physical systems; H-CPS: Human-cyber-physical systems; CV: Connected vehicle; II: Industrial Internet; IoT: Internet of Things

The widespread adoption of social networking and cloud computing has transformed today's Internet to a trove of personal information. As a consequence, data breaches are expected to increase in gravity and occurrence. To counteract unintended data disclosure, a great deal of effort has been dedicated in devising methods for uncovering privacy leaks. Existing solutions, however, have not addressed the time- and data-intensive nature of leak detection. The shift from hardware-specific implementation to software-based solutions is the core idea behind the concept of Network Function Virtualization (NFV). On the other hand, the Software Defined Networking (SDN) paradigm is characterized by the decoupling of the forwarding and control planes. In this paper, an SDN/NFV-enabled architecture is proposed for improving the efficiency of leak detection systems. Employing a previously developed identification strategy, Personally Identifiable Information detector (PIID) and load balancer VNFs are packaged and deployed in OpenStack through an NFV MANO. Meanwhile, SDN controllers permit the load balancer to dynamically redistribute traffic among the PIID instances. In a physical testbed, tests are conducted to evaluate the proposed architecture. Experimental results indicate that the proportions of forwarding and parsing on total overhead is influenced by the traffic intensity. Furthermore, an NFV-enabled system with scalability features was found to outperform a non-virtualized implementation in terms of latency (85.1%), packet loss (98.3%) and throughput (8.41%).

Most blockchain-based identity authentication systems focus on using blockchain to establish the public key infrastructure (PKI). It can solve the problem of single point of failure and certificate transparency faced by traditional PKI systems, but there are still some problems such as complex certificate management and complex certificate usage process. In this paper, we propose an identity authentication scheme based on blockchain and identity-based cryptography (IBC). The scheme implements a decentralized private key generator (PKG) by deploying the smart contract in Ethereum blockchain, and uses the IBC signature algorithm and challenge-response protocol during the authentication process. Compared with other blockchain-based identity authentication systems, the scheme not only prevents the single point of failure, but also avoids the complex certificate management, has lower system complexity, and resists impersonation attack, man-in-the-middle attack and replay attack.

Mobile Ad hoc Network (MANET for short) is a new art of wireless technology that connect a group of mobile nodes in a dynamically decentralized fashion without the need of a base station, or a centralized administration, whereas each mobile node can work as a router. MANET topology changes frequently, because of the MANET dynamically formation nature, and freely to move randomly. MANET can function as standalone or can be connected to external networks. Mobile nodes are characterized with minimal human interaction, weight, less memory, and power. Despite all the pros of MANET and the widely spreading in many and critical industries, MANET has some cons and suffers from severe security issues. In this survey we emphasize on the different types of attacks at MANET protocol stack, and show how MANET is vulnerable to those attacks.

In this paper, we show how practical the little theorem of witness functions is in detecting security flaws in some categories of cryptographic protocols. We convey a formal analysis of the Needham-Schroeder symmetric-key protocol in the theory of witness functions. We show how it helps to warn about a security vulnerability in a given step of this protocol where the value of security of a sensitive ticket in a sent message unexpectedly decreases compared with its value when received. This vulnerability may be exploited by an intruder to mount a replay attack as described by Denning and Sacco.

As an extension of cloud computing, fog computing environment as well as fog node plays an increasingly important role in internet of things (IoT). This technology provides IoT with more distributed and efficient applications and services. However, IoT nodes have so much variety and perform poorly, which leads to more security issues. For this situation, we initially design a security scheme for the IoT fog environment. Based on the combination of Blockchain and Trusted Execution Environment (TEE) technologies, the security of data storage and transmission from fog nodes to the cloud are ensured, thus ensuring the trustworthiness of the data source in the fog environment.

In recent years, secret key generation based on physical layer security has gradually attracted high attentions. The wireless channel reciprocity and eavesdropping attack are critical problems in secret key generation studies. In this paper, we carry out a simulation and experimental study of channel reciprocity in terms of measuring channel state information (CSI) in both time division duplexing (TDD) and frequency division duplexing (FDD) modes. In simulation study, a close eavesdropping wiretap channel model is introduced to evaluate the security of the CSI by using Pearson correlation coefficient. In experimental study, an indoor wireless CSI measurement system is built with N210 and X310 universal software radio peripheral (USRP) platforms. In TDD mode, theoretical analysis and most of experimental results show that the closer eavesdropping distance, the higher CSI correlation coefficient between eavesdropping channel and legitimate channel. However, in actual environment, when eavesdropping distance is too close (less than 1/4 wavelength), this CSI correlation seriously dropped. In FDD mode, both theoretical analysis and experimental results show that the wireless channel still owns some reciprocity. When frequency interval increases, the FDD channel reciprocity in actual environment is better than that in theoretical analysis.

CPS is generally complex to study, analyze, and design, as an important means to ensure the correctness of design and implementation of CPS system, simulation test is difficult to fully test, verify and evaluate the components or subsystems in the CPS system due to the inconsistent development progress of the com-ponents or subsystems in the CPS system. To address this prob-lem, we designed a hybrid P2P based collaborative simulation test framework composed of full physical nodes, hardware in the loop(HIL) nodes and full digital nodes to simulate the compo-nents or subsystems in the CPS system of different development progress, based on the framework, we then proposed collabora-tive simulation control strategy comprising sliding window based clock synchronization, dynamic adaptive time advancement and multi-priority task scheduling with preemptive time threshold. Experiments showed that the hybrid collaborative simulation testing method proposed in this paper can fully test CPS more effectively.