Biblio

Edge detection is the key and difficult point of machine vision and image processing technology. The traditional edge detection algorithm is sensitive to noise and it is difficult to accurately extract the edge of the image, so the effect of image processing is not ideal. To solve this problem, people in the industry use the structural element features of morphological edge detection operator to extract the edge features of the image by carefully designing and combining the structural elements of different sizes and directions, so as to effectively ensure the integrity of edge information in all directions and eliminate large noise at the same time. This paper first introduces the traditional edge detection algorithms, then summarizes the edge detection algorithms based on mathematical morphology in recent years, finds that the selection of multi-scale and multi-directional structural elements is an important research direction, and finally discusses the development trend of mathematical morphology edge detection technology.

With the rapid development of the Internet of Things (IoT), a large amount of data is exchanged between various communicating devices. Since the data should be communicated securely between the communicating devices, the network security is one of the dominant research areas for the 6LoWPAN IoT applications. Meanwhile, 6LoWPAN devices are vulnerable to attacks inherited from both the wireless sensor networks and the Internet protocols. Thus intrusion detection systems have become more and more critical and play a noteworthy role in improving the 6LoWPAN IoT networks. However, most intrusion detection systems focus on the attacked areas in the IoT networks instead of precisely on certain IoT nodes. This may lead more resources to further detect the compromised nodes or waste resources when detaching the whole attacked area. In this paper, we therefore proposed a new precisional detection strategy for 6LoWPAN Networks, named as PDS-6LoWPAN. In order to validate the strategy, we evaluate the performance and applicability of our solution with a thorough simulation by taking into account the detection accuracy and the detection response time.

The spread of the Internet of Things (IoT) and cloud services leads to a request for secure communication between devices, known as zero-trust security. The authors have been developing CYber PHysical Overlay Network over Internet Communication (CYPHONIC) to realize secure end-to-end communication among devices. A device requires installing the client program into the devices to realize secure communication over our overlay network. However, some devices refuse additional installation of external programs due to the limitation of system and hardware resources or the effect on system reliability. We proposed new technology, a CYPHONIC adapter, to support these devices. Currently, the CYPHONIC adapter supports only IPv4 virtual addresses and needs to be compatible with general devices that use IPv6. This paper proposes the dual-stack CYPHONIC adapter supporting IPv4/IPv6 virtual addresses for general devices. The prototype implementation shows that the general device can communicate over our overlay network using both IP versions through the proposed CYPHONIC adapter.

At present, pavement crack detection mainly depends on manual survey and semi-automatic detection. In the process of damage detection, it will inevitably be subject to the subjective influence of inspectors and require a lot of identification time. Therefore, this paper proposes the research and implementation of artificial intelligence real-time recognition method of crack edge based on zynq, which combines edge calculation technology with deep learning, The improved ipd-yolo target detection network is deployed on the zynq zu2cg edge computing development platform. The mobilenetv3 feature extraction network is used to replace the cspdarknet53 feature extraction network in yolov4, and the deep separable convolution is used to replace the conventional convolution. Combined with the advantages of the deep neural network in the cloud and edge computing, the rock fracture detection oriented to the edge computing scene is realized. The experimental results show that the accuracy of the network on the PID data set The recall rate and F1 score have been improved to better meet the requirements of real-time identification of rock fractures.

The Domain Name System (DNS) is critical to Internet communications. EDNS Client Subnet (ECS), a DNS extension, allows recursive resolvers to include client subnet information in DNS queries to improve CDN end-user mapping, extending the visibility of client information to a broader range. Major content delivery network (CDN) vendors, content providers (CP), and public DNS service providers (PDNS) are accelerating their IPv6 infrastructure development. With the increasing deployment of IPv6-enabled services and DNS being the most foundational system of the Internet, it becomes important to analyze the behavioral and privacy status of IPv6 resolvers. However, there is a lack of research on ECS for IPv6 DNS resolvers.In this paper, we study the ECS deployment and compliance status of IPv6 resolvers. Our measurement shows that 11.12% IPv6 open resolvers implement ECS. We discuss abnormal noncompliant scenarios that exist in both IPv6 and IPv4 that raise privacy and performance issues. Additionally, we measured if the sacrifice of clients’ privacy can enhance IPv6 CDN performance. We find that in some cases ECS helps end-user mapping but with an unnecessary privacy loss. And even worse, the exposure of client address information can sometimes backfire, which deserves attention from both Internet users and PDNSes.

Web evolution and Web 2.0 social media tools facilitate communication and support the online economy. On the other hand, these tools are actively used by extremist, terrorist and criminal groups. These malicious groups use these new communication channels, such as forums, blogs and social networks, to spread their ideologies, recruit new members, market their malicious goods and raise their funds. They rely on anonymous communication methods that are provided by the new Web. This malicious part of the web is called the “dark web”. Dark web analysis became an active research area in the last few decades, and multiple research studies were conducted in order to understand our enemy and plan for counteract. We have conducted a systematic literature review to identify the state-of-art and open research areas in dark web analysis. We have filtered the available research papers in order to obtain the most relevant work. This filtration yielded 28 studies out of 370. Our systematic review is based on four main factors: the research trends used to analyze dark web, the employed analysis techniques, the analyzed artifacts, and the accuracy and confidence of the available work. Our review results have shown that most of the dark web research relies on content analysis. Also, the results have shown that forum threads are the most analyzed artifacts. Also, the most significant observation is the lack of applying any accuracy metrics or validation techniques by most of the relevant studies. As a result, researchers are advised to consider using acceptance metrics and validation techniques in their future work in order to guarantee the confidence of their study results. In addition, our review has identified some open research areas in dark web analysis which can be considered for future research work.

Internet of Things (IoT) networks consist of small devices that use a wireless communication to monitor and possibly control the physical world. A common threat to such networks are jamming attacks, a particular type of denial of service attack. Current research highlights the need for the design of more effective and efficient anti-jamming techniques that can handle different types of attacks in IoT networks. In this paper, we propose DeMiJA, short for Detection and Mitigation of Jamming Attacks in IoT, a novel approach to deal with different jamming attacks in IoT networks. DeMiJA leverages architecture-based adaptation and the MAPE-K reference model (Monitor-Analyze-Plan-Execute that share Knowledge). We present the general architecture of DeMiJA and instantiate the architecture to deal with jamming attacks in the DeltaIoT exemplar. The evaluation shows that DeMiJA can handle different types of jamming attacks effectively and efficiently, with neglectable overhead.

The selection of distribution network faults is of great significance to accurately identify the fault location, quickly restore power and improve the reliability of power supply. This paper mainly studies the fault phase selection method of distribution network based on wavelet singular entropy and deep belief network (DBN). Firstly, the basic principles of wavelet singular entropy and DBN are analyzed, and on this basis, the DBN model of distribution network fault phase selection is proposed. Firstly, the transient fault current data of the distribution network is processed to obtain the wavelet singular entropy of the three phases, which is used as the input of the fault phase selection model; then the DBN network is improved, and an artificial neural network (ANN) is introduced to make it a fault Select the phase classifier, and specify the output label; finally, use Simulink to build a simulation model of the IEEE33 node distribution network system, obtain a large amount of data of various fault types, generate a training sample library and a test sample library, and analyze the neural network. The adjustment of the structure and the training of the parameters complete the construction of the DBN model for the fault phase selection of the distribution network.

OHODIN is an online extension for data streams of the kNN-based ODIN anomaly detection approach. It provides a detection-threshold heuristic that is based on extreme value theory. In contrast to sophisticated anomaly and novelty detection approaches the decision-making process of ODIN is interpretable by humans, making it interesting for certain applications. However, it is limited in terms of the underlying detection method. In this article, we present an extension of the OHODIN to further detection techniques to reinforce OHODIN capability of online data streams anomaly detection. We introduce the algorithm modifications and an experimental evaluation with competing state-of-the-art anomaly detection approaches.

It is proposed to address existing methodological issues in the educational process with the development of intellectual technologies and knowledge representation systems to improve the efficiency of higher education institutions. For this purpose, the structure of relational database is proposed, it will store the information about defended dissertations in the form of a set of attributes (heuristics), representing the mandatory qualification attributes of theses. An inference algorithm is proposed to process the information. This algorithm represents an artificial intelligence, its work is aimed at generating queries based on the applicant preferences. The result of the algorithm's work will be a set of choices, presented in ranked order. Given technologies will allow applicants to quickly become familiar with known scientific results and serve as a starting point for new research. The demand for co-researcher practice in solving the problem of updating the projective thinking methodology and managing the scientific research process has been justified. This article pays attention to the existing parallels between the concepts of technical and human sciences in the framework of their convergence. The concepts of being (economic good and economic utility) and the concepts of consciousness (humanitarian economic good and humanitarian economic utility) are used to form projective thinking. They form direct and inverse correspondences of technology and humanitarian practice in the techno-humanitarian mathematical space. It is proposed to place processed information from the language of context-free formal grammar dissertation abstracts in this space. The principle of data manipulation based on formal languages with context-free grammar allows to create new structures of subject areas in terms of applicants' preferences.It is believed that the success of applicants’ work depends directly on the cognitive training of applicants, which needs to be practiced psychologically. This practice is based on deepening the objectivity and adequacy qualities of obtaining information on the basis of heuristic methods. It requires increased attention and development of intelligence. The paper studies the use of heuristic methods by applicants to find new research directions leads to several promising results. These results can be perceived as potential options in future research. This contributes to an increase in the level of retention of higher education professionals.

This paper investigates the robustness of the received signal strength (RSS)-based physical layer authentication (PLA) for wireless mesh networks, through experimental results. Specifically, we develop a secure wireless mesh networking framework and apply the RSS-based PLA scheme, with the aim to perform continuous authentication. The mesh setup comprises three Raspberry-PI4 computing nodes (acting as Alice, Bob, and Eve) and a server. The server role is to perform the initial authentication when a new node joins the mesh network. After that, the legitimate nodes in the mesh network perform continuous authentication, by leveraging the RSS feature of wireless signals. In particular, Bob tries to authenticate Alice in the presence of Eve. The performance of the presented framework is quantified through extensive experimental results in an outdoor environment, where various nodes' positions, relative distances, and pedestrian speeds scenarios are considered. The obtained results demonstrate the robustness of the underlying model, where an authentication rate of 99% for the static case can be achieved. Meanwhile, at the pedestrian speed, the authentication rate can drop to 85%. On the other hand, the detection rate improves when the distance between the legitimate and wiretap links is large (exceeds 20 meters) or when Alice and Eve are moving in different mobility patterns.

Early detection of conflict potentials around the community is vital for the Central Java Regional Police Department, especially in the Analyst section of the Directorate of Security Intelligence. Performance in carrying out early detection will affect the peace and security of the community. The performance of potential conflict detection activities can be improved using an integrated early detection information system by shortening the time after observation, report preparation, information processing, and analysis. Developed using Unified Process as a software life cycle, the obtained result shows the time-based performance variables of the officers are significantly improved, including observation time, report production, data finding, and document formatting.

The service mesh is a dedicated infrastructure layer in a microservice architecture. It manages service-to-service communication within an application between decoupled or loosely coupled microservices (called services) without modifying their implementations. The service mesh includes APIs for security, traffic and policy management, and observability features. These features are enabled using a pre-defined configuration, which can be changed at runtime with human intervention. However, it has no autonomy to self-manage changes to the microservice application’s operational environment. A better configuration is one that can be customized according to environmental conditions during execution to protect the application from potential threats. This customization requires enabling self-protection mechanisms within the service mesh that evaluate the risk of environmental condition changes and enable appropriate configurations to defend the application from impending threats. In this paper, we design an assessment component into a service mesh that includes a security assurance case to define the threat model and dynamically assess the application given environment changes. We experiment with a demo application, Bookinfo, using an open-source service mesh platform, Istio, to enable self-protection. We consider certain parameters extracted from the service request as environmental conditions. We evaluate those parameters against the threat model and determine the risk of violating a security requirement for controlled and authorized information flow.

Machine Learning (ML) models are now commonly used as components in systems. As any other component, ML components can produce erroneous outputs that may penalize system utility. In this context, self-adaptive systems emerge as a natural approach to cope with ML mispredictions, through the execution of adaptation tactics such as model retraining. To synthesize an adaptation strategy, the self-adaptation manager needs to reason about the cost-benefit tradeoffs of the applicable tactics, which is a non-trivial task for tactics such as model retraining, whose benefits are both context- and data-dependent.To address this challenge, this paper proposes a probabilistic modeling framework that supports automated reasoning about the cost/benefit tradeoffs associated with improving ML components of ML-based systems. The key idea of the proposed approach is to decouple the problems of (i) estimating the expected performance improvement after retrain and (ii) estimating the impact of ML improved predictions on overall system utility.We demonstrate the application of the proposed framework by using it to self-adapt a state-of-the-art ML-based fraud-detection system, which we evaluate using a publicly-available, real fraud detection dataset. We show that by predicting system utility stemming from retraining a ML component, the probabilistic model checker can generate adaptation strategies that are significantly closer to the optimal, as compared against baselines such as periodic retraining, or reactive retraining.

Haptic communications and 5G networks in conjunction with AI and robotics will augment the human user experience by enabling real-time task performance via the control of objects remotely. This represents a paradigm shift from content delivery-based networks to task-oriented networks for remote skill set delivery. The transmission of user skill sets in remote task performance marks the advent of a haptic-enabled Internet of Skills (IoS), through which the transmission of touch and actuation sensations will be possible. In this proposed research, a conceptual Task-Technology Fit (TTF) model of a haptic-enabled IoS is developed to link human users and haptic-enabled technologies to technology use and task performance between master (control) and remote (controlled) domains to provide a Quality of Experience (QoE) and Quality of Task (QoT) oriented perspective of a Haptic Internet. Future 5G-enabled applications promise the high availability, security, fast reaction speeds, and reliability characteristics required for the transmission of human user skills over large geographical distances. The 5G network and haptic-enabled IoS considered in this research will support a number of critical applications. One such novel scenario in which a TTF of a Haptic Internet can be modelled is the use case of remote-controlled Unmanned Aerial Vehicles (UAVs). This paper is a contribution towards the realization of a 5G network and haptic-enabled QoE-QoT-centric IoS for augmented user task performance. Future empirical results of this research will be useful to understanding the role that varying degrees of a fit between context-specific task and technology characteristics play in influencing the impact of haptic-enabled technology use for real-time immersive remote UAV (drone) control task performance.

The construction of a strong and smart grid is inseparable from the advancement of the power system, and the effective application of modern communication technologies allows the traditional grid to better transform into the energy Internet. With the advent of 5G, people pay close attention to the application of network slicing, not only as an emerging technology, but also as a new business model. In this article, we consider the delay requirements of certain services in the power grid. First, we analyze the security issues in network slicing and model the 5G core network slicing supply as a mixed integer linear programming problem. On this basis, a heuristic algorithm is proposed. According to the topological properties, resource utilization and delay of the slice nodes, the importance of them is sorted using the VIKOR method. In the slice link configuration stage, the shortest path algorithm is used to obtain the slice link physical path. Considering the delay of the slice link, a strategy for selecting the physical path is proposed. Simulations show that the scheme and algorithm proposed in this paper can achieve a high slice configuration success rate while ensuring the end-to-end delay requirements of the business, and meet the 5G core network slice security requirements.

In this paper, an acoustic resonator with frequency \textbackslashtextgreater 5 GHz is designed, implemented, and measured with electromechanical coupling exceeding 15% and low temperature dependence compared to conventional Lamb-wave resonators. The acoustic resonator is optimized for the S4 mode Lamb waves in a bi-morph composed of Lithium Niobate and Silicon Dioxide. The resonator optimization is based on adjusting the thickness of different materials in the bimorph to maximize the coupling and minimize temperature dependence simultaneously. The achieved specifications are adequate for 5G sub-6 GHz frequency band n46 in addition to Wi-Fi new bands between 5 and 6 GHz.

Wireless relay network is a solution for transmitting information from a source node to a sink node far away by installing a relay in between. The broadcasting nature of wireless communication allows the sink node to receive part of the data sent by the source node. In this way, the relay does not need to receive the whole piece of data from the source node and it does not need to forward everything it received. In this paper, we consider the application of batched network coding, a practical form of random linear network coding, for a better utilization of such a network. The amount of innovative information at the relay which is not yet received by the sink node, called the innovative rank, plays a crucial role in various applications including the design of the transmission scheme and the analysis of the throughput. We present a visualization of the innovative rank which allows us to understand and derive formulae related to the innovative rank with ease.

Vulnerability detection and exploitation serves as a milestone for secure development and identifying major threats in software applications. Automated exploit generation helps in easier identification of bugs, the attack vectors and the various possibilities of generation of the exploit payload. Thus, we introduce AngErza which uses dynamic and symbolic execution to identify hot-spots in the code, formulate constraints and generate a payload based on those constraints. Our tool is entirely based on angr which is an open-sourced offensive binary analysis framework. The work around AngErza focuses on exploit and vulnerability detection in CTF-style C binaries compiled on 64-bit Intel architecture for the early-phase of this project.

A service-based system (SBS) dynamically composes third-party services to deliver comprehensive functionality. As adaptive systems, SBSs can substitute equivalent services within the composition if service operations or workflow requirements change. Substituted services must maintain the original SBS quality of service (QoS) constraints. In this paper, we add security as a QoS constraint. Using a model problem of a SBS system created for self-adaptive system technology evaluation, we demonstrate the applicability of security assurance cases and service security profile exchange to build in security awareness for more informed SBS adaptation.

Fault injection is a major threat to embedded system security since it can lead to modified control flows and leakage of critical security parameters, such as secret keys. However, injecting physical faults into devices is cumbersome and difficult since it requires a lot of preparation and manual inspection of the assembly instructions. Furthermore, a single fault injection method cannot cover all possible fault types. Simulating fault injection in comparison, is, in general, less costly, more time-efficient, and can cover a large amount of possible fault combinations. Hence, many different fault injection tools have been developed for this purpose. However, previous tools have several drawbacks since they target only individual architectures or cover merely a limited amount of the possible fault types for only specific memory types. In this paper, we present ARCHIE, a QEMU-based architecture-independent fault evaluation tool, that is able to simulate transient and permanent instruction and data faults in RAM, flash, and processor registers. ARCHIE supports dynamic code analysis and parallelized execution. It makes use of the Tiny Code Generator (TCG) plugin, which we extended with our fault plugin to enable read and write operations from and to guest memory. We demonstrate ARCHIE’s capabilities through automatic binary analysis of two exemplary applications, TinyAES and a secure bootloader, and validate our tool’s results in a laser fault injection experiment. We show that ARCHIE can be run both on a server with extensive resources and on a common laptop. ARCHIE can be applied to a wide range of use cases for analyzing and enhancing open source and proprietary firmware in white, grey, or black box tests.

The Internet of Vehicles (IoV) can offer safe and comfortable driving experiences with the cooperation communications between central servers and cache-enabled road side units (RSUs) as edge severs, which also can provide high-speed, high-quality and high-stability communication access for vehicle users (VUs). However, due to the huge popular traffic volume, the burden of backhaul link will be seriously enlarged, which will greatly degrade the service experience of the IoV. In order to alleviate the backhaul load of IoV network, in this paper, we propose an asynchronous coded caching strategy composed of two phases, i.e., content placement and asynchronous coded transmission. The asynchronous request and request deadline are closely considered to design our asynchronous coded transmission algorithm. Also, we derive the close-form expression of average backhaul load under the nonuniform demands of IoV users. Finally, we formulate an optimization problem of minimizing average backhaul load and obtain the optimized content placement vector. Simulation results verify the feasibility of our proposed strategy under the asynchronous situation.

Nowadays, many data owners choose to outsource their data to public cloud servers while allowing authorized users to retrieve them. To protect data confidentiality from an untrusted cloud, many studies on searchable encryption (SE) are proposed for privacy-preserving search over encrypted data. However, most of the existing SE schemes only focus on the single-owner model. Users need to search one-by-one among data owners to retrieve relevant results even if data are from the same cloud server, which inevitably incurs unnecessary bandwidth and computation cost to users. Thus, how to enable efficient authorized search over multi-owner datasets remains to be fully explored. In this paper, we propose a new privacy-preserving search scheme for the multi-owner and multi-user model. Our proposed scheme has two main advantages: 1) We achieve an attribute-based keyword search for multi-owner model, where users can only search datasets from specific authorized owners. 2) Each data owner can enforce its own fine-grained access policy for users while an authorized user only needs to generate one trapdoor (i.e., encrypted search keyword) to search over multi-owner encrypted data. Through rigorous security analysis and performance evaluation, we demonstrate that our scheme is secure and feasible.

Unforeseen situations on the shopfloor cause the assembly process to divert from its expected progress. To be able to overcome these deviations in a timely manner, assembly process monitoring and early deviation detection are necessary. However, legal regulations and union policies often limit the direct monitoring of human-intensive assembly processes. Grounded in an industry use case, this paper outlines a novel approach that, based on indirect privacy-respecting monitored data from the shopfloor, enables the near real-time detection of multiple types of process deviations. In doing so, this paper specifically addresses uncertainties stemming from indirect shopfloor observations and how to reason in their presence.

Elliptic curve is a major area of research due to its application in elliptic curve cryptography. Due to their small key sizes, they offer the twofold advantage of reduced storage and transmission requirements. This also results in faster execution times. The authors propose an architecture to automatically generate test cases, for verification of elliptic curve operational circuits, based on user-defined prime field and the parameters used in the circuit to be tested. The ECC test case generations are based on the Galois field arithmetic operations which were the subject of previous work by the authors. One of the strengths of elliptic curve mathematics is its simplicity, which involves just three points (P, Q, and R), which pass through a line on the curve. The test cases generate points for a user-defined prime field which sequentially selects the input vector points (P and/or Q), to calculate the resultant output vector (R) easily. The testbench proposed here targets field programmable gate array (FPGAs) platforms and experimental results for ECC test case generation on different prime fields are presented, while ModelSim is used to validate the correctness of the ECC operations.