Biblio

This study will be focused on efforts to increase the reliability of the Bangka Electricity System by designing the interconnection of the Bangka system with another system that is stronger and has a better energy mix, the Sumatra System. The novelty element in this research is the design of system protection using Special Protection System (SPS) as well as a different assessment method using the Fuzzy Technique This research will analyze the implementation of the SPS event-based and parameter-based as a new defense scheme by taking corrective actions to keep the system stable and reliable. These actions include tripping generators, loads, and reconfiguring the system automatically and quickly. The performance of this SPS will be tested on 10 contingency events with four different load profiles and the system response will be observed in terms of frequency stability, voltage, and rotor angle. From the research results, it can be concluded that the SPS performance on the Bangka-Sumatra Interconnection System has a better and more effective performance than the existing defense scheme, as evidenced by the results of dynamic security assessment (DSA) testing using Fuzzy Techniques.

Intrusion detection for Controller Area Network (CAN) protocol requires modern methods in order to compete with other electrical architectures. Fingerprint Intrusion Detection Systems (IDS) provide a promising new approach to solve this problem. By characterizing network traffic from known ECUs, hazardous messages can be discriminated. In this article, a modified version of Fingerprint IDS is employed utilizing both step response and spectral characterization of network traffic via neural network training. With the addition of feature set reduction and hyperparameter tuning, this method accomplishes a 99.4% detection rate of trusted ECU traffic.

Electrical load forecasting is an essential part of the smart grid to maintain a stable and reliable grid along with helping decisions for economic planning. With the integration of more renewable energy resources, especially solar photovoltaic (PV), and transitioning into a prosumer-based grid, electrical load forecasting is deemed to play a crucial role on both regional and household levels. However, most of the existing forecasting methods can be considered black-box models due to deep digitalization enablers, such as Deep Neural Networks (DNN), where human interpretation remains limited. Additionally, the black box character of many models limits insights and applicability. In order to mitigate this shortcoming, eXplainable Artificial Intelligence (XAI) is introduced as a measure to get transparency into the model’s behavior and human interpretation. By utilizing XAI, experienced power market and system professionals can be integrated into developing the data-driven approach, even without knowing the data science domain. In this study, an electrical load forecasting model utilizing an XAI tool for a Norwegian residential building was developed and presented.

Cloud service uses CAPTCHA to protect itself from malicious programs. With the explosive development of AI technology and the emergency of third-party recognition services, the factors that influence CAPTCHA’s security are going to be more complex. In such a situation, evaluating the security of mainstream CAPTCHAs in cloud services is helpful to guide better CAPTCHA design choices for providers. In this paper, we evaluate and analyze the security of 6 mainstream CAPTCHA image designs in public cloud services. According to the evaluation results, we made some suggestions of CAPTCHA image design choices to cloud service providers. In addition, we particularly discussed the CAPTCHA images adopted by Facebook and Twitter. The evaluations are separated into two stages: (i) using AI techniques alone; (ii) using both AI techniques and third-party services. The former is based on open source models; the latter is conducted under our proposed framework: CAPTCHAMix.

Building occupancy data helps increase energy management systems’ performance, enabling lower energy use while preserving occupant comfort. The focus of this study is employing environmental data (e.g., including but not limited to temperature, humidity, carbon dioxide (CO2), etc.) to infer occupancy information. This will be achieved by exploring the application of information theory metrics with machine learning (ML) approaches to classify occupancy levels for a given dataset. Three datasets and six distinct ML algorithms were used in a comparative study to determine the best strategy for identifying occupancy patterns. It was determined that both k-nearest neighbors (kNN) and random forest (RF) identify occupancy labels with the highest overall level of accuracy, reaching 97.99% and 98.56%, respectively.

The technology advance and convergence of cyber physical systems, smart sensors, short-range wireless communications, cloud computing, and smartphone apps have driven the proliferation of Internet of things (IoT) devices in smart homes and smart industry. In light of the high heterogeneity of IoT system, the prevalence of system vulnerabilities in IoT devices and applications, and the broad attack surface across the entire IoT protocol stack, a fundamental and urgent research problem of IoT security is how to effectively collect, analyze, extract, model, and visualize the massive network traffic of IoT devices for understanding what is happening to IoT devices. Towards this end, this paper develops and demonstrates an end-to-end system with three key components, i.e., the IoT network traffic monitoring system via programmable home routers, the backend IoT traffic behavior analysis system in the cloud, and the frontend IoT visualization system via smartphone apps, for monitoring, analyzing and virtualizing network traffic behavior of heterogeneous IoT devices in smart homes. The main contributions of this demonstration paper is to present a novel system with an end-to-end process of collecting, analyzing and visualizing IoT network traffic in smart homes.

To verify the integrity and confidentiality of data communicated through the web is a very big issue worldwide because every person wants very fast computing and secure electronic data communication via the web. The authentication of electronic data is done by hashing algorithms. Presently researchers are using one-time padding to convert variable-length input messages into a block of fixed length and also using constant initial values that are constant for any input message. So this reason we are proposing the autonomous initial value proposed secure hash algorithm-256 (AIVPSHA256) and we are enhancing the performance of the hash function by designing and compuiting its experimental results in python 3.9.5 programming language.

With the continuous development of the Internet, artificial intelligence, 5G and other technologies, various issues have started to receive attention, among which the network security issue is now one of the key research directions for relevant research scholars at home and abroad. This paper researches on the basis of traditional Internet technology to establish a security identification system on top of the network physical layer of the Internet, which can effectively identify some security problems on top of the network infrastructure equipment and solve the identified security problems on the physical layer. This experiment is to develop a security identification system, research and development in the network physical level of the Internet, compared with the traditional development of the relevant security identification system in the network layer, the development in the physical layer, can be based on the physical origin of the protection, from the root to solve part of the network security problems, can effectively carry out the identification and solution of network security problems. The experimental results show that the security identification system can identify some basic network security problems very effectively, and the system is developed based on the physical layer of the Internet network, and the protection is carried out from the physical device, and the retransmission symbol error rates of CQ-PNC algorithm and ML algorithm in the experiment are 110 and 102, respectively. The latter has a lower error rate and better protection.

Obfuscation refers to changing the structure of code in a way that original semantics can be hidden. These techniques are often used by application developers for code hardening but it has been found that obfuscation techniques are widely used by malware developers in order to hide the work flow and semantics of malicious code. Class Encryption, Code Re-Ordering, Junk Code insertion and Control Flow modifications are Code Obfuscation techniques. In these techniques, code of the application is changed. These techniques change the signature of the application and also affect the systems that use sequence of instructions in order to detect maliciousness of an application. In this paper an ’Opcode sequence’ based detection system is designed and tested against obfuscated samples. It has been found that the system works efficiently for the detection of non obfuscated samples but the performance is effected significantly against obfuscated samples. The study tests different code obfuscation schemes and reports the effect of each on sequential opcode based analytic system.

Bitcoin is a famously decentralized cryptocurrency. Bitcoin is excellent because it is a digital currency that provides convenience and security in transactions. Transaction security in Bitcoin uses a consensus involving a distributed system, the security of this system generates a hash sequence with a Proof of Work (PoW) mechanism. However, in its implementation, various attacks appear that are used to generate profits from the existing system. Attackers can use various types of methods to get an unfair portion of the mining income. Such attacks are commonly referred to as Mining attacks. Among which the famous is the Selfish Mining attack. In this study, we simulate the effect of changing decision matrix, attacker region, attacker hash rate on selfish miner attacks by using the opensource NS3 platform. The experiment aims to see the effect of using 1%, 10%, and 20% decision matrices with different attacker regions and different attacker hash rates on Bitcoin selfish mining income. The result of this study shows that regional North America and Europe have the advantage in doing selfish mining attacks. This advantage is also supported by increasing the decision matrix from 1%, 10%, 20%. The highest attacker income, when using decision matrix 20% in North America using 16 nodes on 0.3 hash rate with income 129 BTC. For the hash rate, the best result for a selfish mining attack is between 27% to 30% hash rate.

Mesh networks based on the wireless local area network (WLAN) technology, as specified by the standards amendment IEEE 802.11s, provide for a flexible and low-cost interconnection of devices and embedded systems for various use cases. To assess the real-world performance of WLAN mesh networks and potential optimization strategies, suitable testbeds and measurement tools are required. Designed for highly automated transport-layer throughput and latency measurements, the software FLExible Network Tester (Flent) is a promising candidate. However, so far Flent does not integrate information specific to IEEE 802.11s networks, such as peer link status data or mesh routing metrics. Consequently, we propose Flent extensions that allow to additionally capture IEEE 802.11s information as part of the automated performance tests. For the functional validation of our extensions, we conduct Flent measurements in a mesh mobility scenario using the network emulation framework Mininet-WiFi.

Intelligent connected vehicle platoon technology can reduce traffic congestion and vehicle fuel. However, attacks on the data transmitted by the platoon are one of the primary challenges encountered by the platoon during its travels. The false data injection (FDI) attack can lead to road congestion and even vehicle collisions, which can impact the platoon. However, the complexity of the cellular - vehicle to everything (C-V2X) environment, the single source of the message and the poor data processing capability of the on board unit (OBU) make the traditional detection methods’ success rate and response time poor. This study proposes a platoon state information fusion method using the communication characteristics of the platoon in C-V2X and proposes a novel platoon intrusion detection model based on this fusion method combined with sequential importance sampling (SIS). The SIS is a measured strategy of Monte Carlo integration sampling. Specifically, the method takes the status information of the platoon members as the predicted value input. It uses the leader vehicle status information as the posterior probability of the observed value to the current moment of the platoon members. The posterior probabilities of the platoon members and the weights of the platoon members at the last moment are used as input to update the weights of the platoon members at the current moment and obtain the desired platoon status information at the present moment. Moreover, it compares the status information of the platoon members with the desired status information to detect attacks on the platoon. Finally, the effectiveness of the method is demonstrated by simulation.

While acquiring precise and intelligent state sensing and control capabilities, the cyber physical power system is constantly exposed to the potential cyber-attack threat. False data injection (FDI) attack attempts to disrupt the normal operation of the power system through the coupling of cyber side and physical side. To deal with the situation that stealthy FDI attack can bypass the bad data detection and thus trigger false commands, a system feature extraction method in state estimation is proposed, and the corresponding FDI attack detection method is presented. Based on the principles of state estimation and stealthy FDI attack, we analyze the impacts of FDI attack on measurement residual. Gaussian fitting method is used to extract the characteristic parameters of residual distribution as the system feature, and attack detection is implemented in a sliding time window by comparison. Simulation results prove that the proposed attack detection method is effectiveness and efficiency.

Historically, energy resources are of strategic importance for the social welfare and economic growth. So, predicting crude oil price fluctuations is an important issue. Since crude oil price changes are affected by many risk factors in markets, this price shows more complicated nonlinear behavior and creates more risk levels for investors than in the past. We propose a new method of prediction of crude oil price to model nonlinear dynamics. The results of the experiments show that the superior performance of the model based on the proposed method against statistical previous works is statistically significant. In general, we found that the combination of the IDBN or LSTM model lowered the MSE value to 4.65, which is 0.81 lower than the related work (Chen et al. protocol), indicating an improvement in prediction accuracy.

The popularity of portable web browsers is increasing due to its convenient and compact nature along with the benefit of the data being stored and transferred easily using a USB drive. As technology gets updated frequently, developers are working on web browsers that can be portable in nature with additional security features like private mode browsing, built in ad blockers etc. The increased probability of using portable web browsers for carrying out nefarious activities is a result of cybercriminals with the thought that if they use portable web browsers in private mode it won't leave a digital footprint. Hence, the research paper aims at performing a comparative study of four portable web browsers namely Brave, TOR, Vivaldi, and Maxthon along with various memory acquisition tools to understand the quantity and quality of the data that can be recovered from the memory dump in two different conditions that is when the browser tabs were open and when the browser tabs were closed in a system to aid the forensic investigators.

Modern web applications are getting more sophisticated by using frameworks that make development easy, but pose challenges for security analysis tools. New analysis techniques are needed to handle such frameworks that grow in number and popularity. In this paper, we describe Gelato that addresses the most crucial challenges for a security-aware client-side analysis of highly dynamic web applications. In particular, we use a feedback-driven and state-aware crawler that is able to analyze complex framework-based applications automatically, and is guided to maximize coverage of security-sensitive parts of the program. Moreover, we propose a new lightweight client-side taint analysis that outperforms the state-of-the-art tools, requires no modification to browsers, and reports non-trivial taint flows on modern JavaScript applications. Gelato reports vulnerabilities with higher accuracy than existing tools and achieves significantly better coverage on 12 applications of which three are used in production.

By broadcasting false Global Navigation Satellite System (GNSS) signals, spoofing attacks will induce false position and time fixes within the victim receiver. In this article, we propose a Sparse Decomposition (SD)-based spoofing detection algorithm in the acquisition process, which can be applied in a single-antenna receiver. In the first step, we map the Fast Fourier transform (FFT)-based acquisition result in a two-dimensional matrix, which is a distorted autocorrelation function when the receiver is under spoof attack. In the second step, the distorted function is decomposed into two main autocorrelation function components of different code phases. The corresponding elements of the result vector of the SD are the code-phase values of the spoofed and the authentic signals. Numerical simulation results show that the proposed method can not only outcome spoofing detection result, but provide reliable estimations of the code phase delay of the spoof attack.

With the development of embedded systems towards networking and intelligence, the security threats they face are becoming more difficult to prevent. Existing protection methods make it difficult to monitor jump instructions and their target addresses for tampering by attackers at the low hardware implementation overhead and performance overhead. In this paper, a hardware-assisted security monitoring module is designed to monitor the integrity of jump instructions and jump addresses when executing programs. The proposed method has been implemented on the Xilinx Kintex-7 FPGA platform. Experiments show that this method is able to effectively monitor tampering attacks on jump instructions as well as target addresses while the embedded system is executing programs.

Supervisory Control and Data Acquisition (SCADA) systems are utilized extensively in critical power grid infrastructures. Modern SCADA systems have been proven to be susceptible to cyber-security attacks and require improved security primitives in order to prevent unwanted influence from an adversarial party. One section of weakness in the SCADA system is the integrity of field level sensors providing essential data for control decisions at a master station. In this paper we propose a lightweight hardware scheme providing inferred authentication for SCADA sensors by combining an analog to digital converter and a permutation generator as a single integrated circuit. Through this method we encode critical sensor data at the time of sensing, so that unencoded data is never stored in memory, increasing the difficulty of software attacks. We show through experimentation how our design stops both software and hardware false data injection attacks occurring at the field level of SCADA systems.

Recently exposed vulnerabilities reveal the necessity to improve the security of branch predictors. Branch predictors record history about the execution of different processes, and such information from different processes are stored in the same structure and thus accessible to each other. This leaves the attackers with the opportunities for malicious training and malicious perception. Physical or logical isolation mechanisms such as using dedicated tables and flushing during context-switch can provide security but incur non-trivial costs in space and/or execution time. Randomization mechanisms incurs the performance cost in a different way: those with higher securities add latency to the critical path of the pipeline, while the simpler alternatives leave vulnerabilities to more sophisticated attacks.This paper proposes HyBP, a practical hybrid protection and effective mechanism for building secure branch predictors. The design applies the physical isolation and randomization in the right component to achieve the best of both worlds. We propose to protect the smaller tables with physically isolation based on (thread, privilege) combination; and protect the large tables with randomization. Surprisingly, the physical isolation also significantly enhances the security of the last-level tables by naturally filtering out accesses, reducing the information flow to these bigger tables. As a result, key changes can happen less frequently and be performed conveniently at context switches. Moreover, we propose a latency hiding design for a strong cipher by precomputing the "code book" with a validated, cryptographically strong cipher. Overall, our design incurs a performance penalty of 0.5% compared to 5.1% of physical isolation under the default context switching interval in Linux.

The agricultural sector and other Micro, Small, and Medium Enterprises in India operate with more than 90% migrant workers searching for better employment opportunities far away from their native places. However, inherent challenges are far more for the migrant workers, most prominently their Identity. To the best of our knowledge, available literature lacks a comprehensive study on identity management components for user privacy and data protection mechanisms in identity management architecture. Self-Sovereign Identity is regarded as a new evolution in digital identity management systems. Blockchain technology and distributed ledgers bring us closer to realizing an ideal Self-Sovereign Identity system. This paper proposes a novel solution to address identity issues being faced by migrant workers. It also gives a holistic, coherent, and mutually beneficial Identity Management Solution for the migrant workforce in the Indian perspective towards e-Governance and Digital India.

Chaos is an interesting phenomenon for nonlinear systems that emerges due to its complex and unpredictable behavior. With the escalated use of low-powered edge-compute devices, data security at the edge develops the need for security in communication. The characteristic that Chaos synchronizes over time for two different chaotic systems with their own unique initial conditions, is the base for chaos implementation in communication. This paper proposes an encryption architecture suitable for communication of on-chip sensors to provide a POC (proof of concept) with security encrypted on the same chip using different chaotic equations. In communication, encryption is achieved with the help of microcontrollers or software implementations that use more power and have complex hardware implementation. The small IoT devices are expected to be operated on low power and constrained with size. At the same time, these devices are highly vulnerable to security threats, which elevates the need to have low power/size hardware-based security. Since the discovery of chaotic equations, they have been used in various encryption applications. The goal of this research is to take the chaotic implementation to the CMOS level with the sensors on the same chip. The hardware co-simulation is demonstrated on an FPGA board for Chua encryption/decryption architecture. The hardware utilization for Lorenz, SprottD, and Chua on FPGA is achieved with Xilinx System Generation (XSG) toolbox which reveals that Lorenz’s utilization is 9% lesser than Chua’s.

Web-based technologies are evolving day by day and becoming more interactive and secure. Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is one of the security features that help detect automated bots on the Web. Earlier captcha was complex designed text-based, but some optical recognition-based algorithms can be used to crack it. That is why now the captcha system is image-based. But after the arrival of strong image recognition algorithms, image-based captchas can also be cracked nowadays. In this paper, we propose a new captcha system that can be used to differentiate real humans and bots on the Web. We use advanced deep layers with pre-trained machine learning models for captchas authentication using a facial recognition system.

DDoS attacks are usually accompanied by IP spoofing, but the availability of existing DDoS defense systems for high-speed networks decreases when facing DDoS attacks with IP spoofing. Although IP traceback technologies are proposed to focus on IP spoofing in DDoS attacks, there are problems in practical application such as the need to change existing protocols and extensive infrastructure support. To defend against DDoS attacks under IP spoofing in high-speed networks, we propose a novel DDoS defense system, IM-Shield. IM-Shield uses the address pair consisting of the upper router interface MAC address and the destination IP address for DDoS attack detection. IM-Shield implements fine-grained defense against DDoS attacks under IP spoofing by filtering the address pairs of attack traffic without requiring protocol and infrastructure extensions to be applied on the Internet. Detection experiments using the public dataset show that in a 10Gbps high-speed network, the detection precision of IM-Shield for DDoS attacks under IP spoofing is higher than 99.9%; and defense experiments simulating real-time processing in a 10Gbps high-speed network show that IM-Shield can effectively defend against DDoS attacks under IP spoofing.

From an information-theoretic standpoint, the intrusion detection process can be examined. Given the IDS output(alarm data), we should have less uncertainty regarding the input (event data). We propose the Capability of Intrusion Detection (CID) measure, which is simply the ratio of mutual information between IDS input and output, and the input of entropy. CID has the desirable properties of (1) naturally accounting for all important aspects of detection capability, such as true positive rate, false positive rate, positive predictive value, negative predictive value, and base rate, (2) objectively providing an intrinsic measure of intrusion detection capability, and (3) being sensitive to IDS operation parameters. When finetuning an IDS, we believe that CID is the best performance metric to use. In terms of the IDS’ inherent ability to classify input data, the so obtained operation point is the best that it can achieve.