Biblio

Protecting critical infrastructure from cyber threats is one of the most important obligations of governments to ensure the national and social security of the society. Developing national cyber situational awareness platform provides a protection of critical infrastructures. In such a way, each infrastructure, independently, generates its own situational awareness and shares it with other infrastructures through a national sharing and alerting center. The national information sharing and alerting center collects cyber information of infrastructures and draws a picture of national situational awareness by examining the potential effects of received threats on other infrastructures and predicting the national cyber status in near future. This paper represents the conceptual architecture for such national sharing system and suggests some brief description of its implementation.

In this era of rapid network development, Internet of Things (IoT) security considerations receive a lot of attention from both the research and commercial sectors. With limited computation resource, unfriendly interface, and poor software implementation, legacy IoT devices are vulnerable to many infamous mal ware attacks. Moreover, the heterogeneity of IoT platforms and the diversity of IoT malware make the detection and classification of IoT malware even more challenging. In this paper, we propose to use printable strings as an easy-to-get but effective cross-platform feature to identify IoT malware on different IoT platforms. The discriminating capability of these strings are verified using a set of machine learning algorithms on malware family classification across different platforms. The proposed scheme shows a 99% accuracy on a large scale IoT malware dataset consisted of 120K executable fils in executable and linkable format when the training and test are done on the same platform. Meanwhile, it also achieves a 96% accuracy when training is carried out on a few popular IoT platforms but test is done on different platforms. Efficient malware prevention and mitigation solutions can be enabled based on the proposed method to prevent and mitigate IoT malware damages across different platforms.

The drawbacks of traditional methods of cybernetic vulnerability detection relate to the required time to identify new threats, to register them in the Common Vulnerabilities and Exposures (CVE) records, and to score them with the Common Vulnerabilities Scoring System (CVSS). These problems can be mitigated by early vulnerability detection systems relying on social media and open-source data. This paper presents a model that aims to identify emerging cybernetic vulnerabilities in cybersecurity news articles, as part of a system for automatic detection of early cybernetic threats using Open Source Intelligence (OSINT). Three machine learning models were trained on a novel dataset of 1000 labeled news articles to create a strong baseline for classifying cybersecurity articles as relevant (i.e., introducing new security threats), or irrelevant: Support Vector Machines, a Multinomial Naïve Bayes classifier, and a finetuned BERT model. The BERT model obtained the best performance with a mean accuracy of 88.45% on the test dataset. Our experiments support the conclusion that Natural Language Processing (NLP) models are an appropriate choice for early vulnerability detection systems in order to extract relevant information from cybersecurity news articles.

mHealth apps have a vital role in facilitation of human health management. Users have to enter sensitive health related information in these apps to fully utilize their functionality. Unauthorized sharing of sensitive health information is undesirable by the users. mHealth apps also collect data other than that required for their functionality like surfing behavior of a user or hardware details of devices used. mHealth software and their developers also share such data with third parties for reasons other than medical support provision to the user, like advertisements of medicine and health insurance plans. Existence of a comprehensive and easy to understand data privacy policy, on user data acquisition, sharing and management is a salient requirement of modern user privacy protection demands. Readability is one parameter by which ease of understanding of privacy policy is determined. In this research, privacy policies of 27 free Android, medical apps are analyzed. Apps having user rating of 4.0 and downloads of 1 Million or more are included in data set of this research.RGL, Flesch-Kincaid Reading Grade Level, SMOG, Gunning Fox, Word Count, and Flesch Reading Ease of privacy policies are calculated. Average Reading Grade Level of privacy policies is 8.5. It is slightly greater than average adult RGL in the US. Free mHealth apps have a large number of users in other, less educated parts of the World. Privacy policies with an average RGL of 8.5 may be difficult to comprehend in less educated populations.

We propose an autoencoder based approach to anomaly detection in smart grid systems. Data collecting sensors within smart home systems are susceptible to many data corruption issues, such as malicious attacks or physical malfunctions. By applying machine learning to a smart home or grid, sensor anomalies can be detected automatically for secure data collection and sensor-based system functionality. In addition, we tested the effectiveness of this approach on real smart home sensor data collected for multiple years. An early detection of such data corruption issues is essential to the security and functionality of the various sensors and devices within a smart home.

Unauthorized access or intrusion is a massive threatening issue in the modern era. This study focuses on designing a model for an ideal intrusion detection system capable of defending a network by alerting the admins upon detecting any sorts of malicious activities. The study proposes a two layered anomaly-based detection model that uses filter co-relation method for dimensionality reduction along with Random forest and Support Vector Machine as its classifiers. It achieved a very good detection rate against all sorts of attacks including a low rate of false alarms as well. The contribution of this study is that it could be of a major help to the computer scientists designing good intrusion detection systems to keep an industry or organization safe from the cyber threats as it has achieved the desired qualities of a functional IDS model.

The increased reliance on the Internet and the corresponding surge in connectivity demand has led to a significant growth in Internet-of-Things (IoT) devices. The continued deployment of IoT devices has in turn led to an increase in network attacks due to the larger number of potential attack surfaces as illustrated by the recent reports that IoT malware attacks increased by 215.7% from 10.3 million in 2017 to 32.7 million in 2018. This illustrates the increased vulnerability and susceptibility of IoT devices and networks. Therefore, there is a need for proper effective and efficient attack detection and mitigation techniques in such environments. Machine learning (ML) has emerged as one potential solution due to the abundance of data generated and available for IoT devices and networks. Hence, they have significant potential to be adopted for intrusion detection for IoT environments. To that end, this paper proposes an optimized ML-based framework consisting of a combination of Bayesian optimization Gaussian Process (BO-GP) algorithm and decision tree (DT) classification model to detect attacks on IoT devices in an effective and efficient manner. The performance of the proposed framework is evaluated using the Bot-IoT-2018 dataset. Experimental results show that the proposed optimized framework has a high detection accuracy, precision, recall, and F-score, highlighting its effectiveness and robustness for the detection of botnet attacks in IoT environments.

Jamming attacks target a wireless network creating an unwanted denial of service. 5G is vulnerable to these attacks despite its resilience prompted by the use of millimeter wave bands. Over the last decade, several types of jamming detection techniques have been proposed, including fuzzy logic, game theory, channel surfing, and time series. Most of these techniques are inefficient in detecting smart jammers. Thus, there is a great need for efficient and fast jamming detection techniques with high accuracy. In this paper, we compare the efficiency of several machine learning models in detecting jamming signals. We investigated the types of signal features that identify jamming signals, and generated a large dataset using these parameters. Using this dataset, the machine learning algorithms were trained, evaluated, and tested. These algorithms are random forest, support vector machine, and neural network. The performance of these algorithms was evaluated and compared using the probability of detection, probability of false alarm, probability of miss detection, and accuracy. The simulation results show that jamming detection based random forest algorithm can detect jammers with a high accuracy, high detection probability and low probability of false alarm.

Expressing Keystroke Dynamics (KD) in form of sound opens new avenues to apply sound analysis techniques on KD. However this mapping is not straight-forward as varied feature space, differences in magnitudes of features and human interpretability of the music bring in complexities. We present a musical interface to KD by mapping keystroke features to music features. Music elements like melody, harmony, rhythm, pitch and tempo are varied with respect to the magnitude of their corresponding keystroke features. A pitch embedding technique makes the music discernible among users. Using the data from 30 users, who typed fixed strings multiple times on a desktop, shows that these auditory signals are distinguishable between users by both standard classifiers (SVM, Random Forests and Naive Bayes) and humans alike.

VANET plays a vital role to optimize the journey between source and destination in the growth of smart cities worldwide. The crucial information shared between vehicles is concerned primarily with safety. VANET is a MANET sub-class network that provides a free movement and communication between the RSU and vehicles. The self organized with high mobility in VANET makes any vehicle can transmit malicious messages to some other vehicle in the network. In the defense horizon of VANETs this is a matter of concern. It is the duty of RSU to ensure the safe transmission of sensitive information across the Network to each node. For this, network access exists as the key safety prerequisite, and several risks or attacks can be experienced. The VANETs is vulnerable to a range of security attacks including masquerading, selfish node attack, Sybil attack etc. One of the main threats to network access is this Denial of Service attack. The most important research in the literature on the prevention of Denial of Service Attack in VANETs was explored in this paper. The limitations of each reviewed paper are also presented and Game theory based security model is defined in this paper.

System safety and cyber security have a great effect on the availability of devices that are interconnected. With the rising interconnection of critical infrastructures new risks occur, which have to be detected and warded. Therefore, attack vectors are defined to determine deviations to the nominal values of a cyber-physical system in this paper. Through an elaborated cyber security concept, the tasks of a simple motor protecting switch and additional tasks to detect cyber-attacks can be implemented. The simulative result of an exemplary overvoltage shows the impact on the RMS and phase voltages of a monitored drive.

This paper proposes a method that offers much higher security for Iseki's fully homomorphic encryption (FHE), a recently proposed secure computation scheme. The key idea is re-encrypting already encrypted data. This second encryption is executed using new common keys, whereby two or more encryptions offer much stronger security.

The Controller Area Network (CAN) bus system works inside connected cars as a central system for communication between electronic control units (ECUs). Despite its central importance, the CAN does not support an authentication mechanism, i.e., CAN messages are broadcast without basic security features. As a result, it is easy for attackers to launch attacks at the CAN bus network system. Attackers can compromise the CAN bus system in several ways: denial of service, fuzzing, spoofing, etc. It is imperative to devise methodologies to protect modern cars against the aforementioned attacks. In this paper, we propose a Long Short-Term Memory (LSTM)-based Intrusion Detection System (IDS) to detect and mitigate the CAN bus network attacks. We first inject attacks at the CAN bus system in a car that we have at our disposal to generate the attack dataset, which we use to test and train our model. Our results demonstrate that our classifier is efficient in detecting the CAN attacks. We achieved a detection accuracy of 99.9949%.

The IPv6 over Low-power Wireless Personal Area Network (6LoWPAN) has been standardized to support IP over lossy networks. RPL (Routing Protocol for Low-Power and Lossy Networks) is the common routing protocol for 6LoWPAN. Among various attacks on RPL-based networks, the wormhole attack may cause severe network disruption and is one of the hardest to detect. We have designed and implemented in ContikiOS a wormhole detection technique for 6LoWPAN, that uses round-trip times and hop counts. In addition, the performance of this technique has been evaluated in terms of power, CPU, memory, and communication overhead.

In the present scenario, security is the biggest concern in any domain of applications. The latest and widely used system for user authentication is a biometric system. This includes fingerprint recognition, retina recognition, and voice recognition. But these systems can be bypassed by masqueraders. To avoid this, a combination of these systems is used which becomes very costly. To overcome these two drawbacks keystroke dynamics were introduced in this field. Keystroke dynamics is a biometric authentication-based system on behavior, which is an automated method in which the identity of an individual is identified and confirmed based on the way and the rhythm of passwords typed on a keyboard by the individual. The work in this paper focuses on identifying the best algorithm for implementing an authentication system with the help of machine learning for user identification based on keystroke dynamics. Our proposed model which uses XGBoost gives a comparatively higher accuracy of 93.59% than the other algorithms for the dataset used.

Embedded Systems (ES) development has been historically focused on functionality rather than security, and today it still applies in many sectors and applications. However, there is an increasing number of security threats over ES, and a successful attack could have economical, physical or even human consequences, since many of them are used to control critical applications. A standardized and general accepted security testing framework is needed to provide guidance, common reporting forms and the possibility to compare the results along the time. This can be achieved by introducing security metrics into the evaluation or assessment process. If carefully designed and chosen, metrics could provide a quantitative, repeatable and reproducible value that would reflect the level of security protection of the ES. This paper analyzes the features that a good security metric should exhibit, introduces a taxonomy for classifying them, and finally, it carries out a literature survey on security metrics for the security evaluation of ES. In this review, more than 500 metrics were collected and analyzed. Then, they were reduced to 169 metrics that have the potential to be applied to ES security evaluation. As expected, the 77.5% of them is related exclusively to software, and only the 0.6% of them addresses exclusively hardware security. This work aims to lay the foundations for constructing a security evaluation methodology that uses metrics so as to quantify the security level of an ES.

There exists a need for sharing user health data, especially with institutes for research purposes, in a secure fashion. This is especially true in the case of a system that includes a third party storage service, such as cloud computing, which limits the control of the data owner. The use of encryption for secure data storage continues to evolve to meet the need for flexible and fine-grained access control. This evolution has led to the development of Attribute Based Encryption (ABE). The use of ABE to ensure the security and privacy of health data has been explored. This paper presents an ABE based framework which allows for the secure outsourcing of the more computationally intensive processes for data decryption to the cloud servers. This reduces the time needed for decryption to occur at the user end and reduces the amount of computational power needed by users to access data.

This paper examines the influence of quantization on the compressive sensing theory applied to the nonuniformly sampled nonsparse signals with reduced set of randomly positioned measurements. The error of the reconstruction will be generalized to exact expected squared error expression. The aim is to connect the generalized random sampling strategy with the quantization effect, finding the resulting error of the reconstruction. Small sampling deviations correspond to the imprecisions of the sampling strategy, while completely random sampling schemes causes large sampling deviations. Numerical examples provide an agreement between the statistical results and theoretical values.

Advertisement sharing in vehicular network through vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication is a fascinating in-vehicle service for advertisers and the users due to multiple reasons. It enable advertisers to promote their product or services in the region of their interest. Also the users get to receive more relevant ads. Usually, users tend to contribute in dissemination of ads if their privacy is preserved and if some incentive is provided. Recent researches have focused on enabling both of the parameters for the users by developing fair incentive mechanism which preserves privacy by using Zero-Knowledge Proof of Knowledge (ZKPoK) (Ming et al., 2019). However, the anonymity provided by ZKPoK can introduce internal attacker scenarios in the network due to which authenticated users can disseminate fake ads in the network without payment. As the existing scheme uses certificate-less cryptography, due to which malicious users cannot be removed from the network. In order to resolve these challenges, we employed conditional anonymity and introduced Monitoring Authority (MA) in the system. In our proposed scheme, the pseudonyms are assigned to the vehicles while their real identities are stored in Certification Authority (CA) in encrypted form. The pseudonyms are updated after a pre-defined time threshold to prevent behavioural privacy leakage. We performed security and performance analysis to show the efficiency of our proposed system.

Lately mining of information from online life is pulling in more consideration because of the blast in the development of Big Data. In security, Big Data manages an assortment of immense advanced data for investigating, envisioning and to draw the bits of knowledge for the expectation and anticipation of digital assaults. Big Data Analytics (BDA) is the term composed by experts to portray the art of dealing with, taking care of and gathering a great deal of data for future evaluation. Data is being made at an upsetting rate. The quick improvement of the Internet, Internet of Things (IoT) and other creative advances are the rule liable gatherings behind this proceeded with advancement. The data made is an impression of the earth, it is conveyed out of, along these lines can use the data got away from structures to understand the internal exercises of that system. This has become a significant element in cyber security where the objective is to secure resources. Moreover, the developing estimation of information has made large information a high worth objective. Right now, investigate ongoing exploration works in cyber security comparable to huge information and feature how Big information is secured and how huge information can likewise be utilized as a device for cyber security. Simultaneously, a Big Data based concentrated log investigation framework is actualized to distinguish the system traffic happened with assailants through DDOS, SQL Injection and Bruce Force assault. The log record is naturally transmitted to the brought together cloud server and big information is started in the investigation process.

The limited output of various drives means a challenge in controller design whenever the acceleration need of the "nominal trajectory to be tracked" temporarily exceeds the abilities of the saturated control system. The prevailing control design methods can tackle this problem either in a single theoretical step or in two consecutive steps. In this latter case in the first step the design happens without taking into account the actuator constraints, then apply a saturation compensator if the phenomenon of windup is observed. In the Fixed Point Iteration- based Adaptive Control (FPIAC) that has been developed as an alternative of the Lyapunov function-based approach the actuator saturation causes problems in its both elementary levels: in the kinematic/kinetic level where the desired acceleration is calculated, and in the iterative process that compensates the effects of modeling errors of the dynamic system under control and that of the external disturbances. The here presented approach tackles this problem in both levels by relatively simple considerations. To illustrate the method's efficiency simulation investigations were done in the FPIAC control of a modification of the van der Pol oscillator to which an additional strongly nonlinear term was added.

By analogy to nature, sight is the main integral component of robotic complexes, including unmanned vehicles. In this connection, one of the urgent tasks in the modern development of unmanned vehicles is the solution to the problem of providing security for new advanced systems, algorithms, methods, and principles of space navigation of robots. In the paper, we present an approach to the protection of machine vision systems based on technologies of deep learning. At the heart of the approach lies the “Feature Squeezing” method that works on the phase of model operation. It allows us to detect “adversarial” examples. Considering the urgency and importance of the target process, the features of unmanned vehicle hardware platforms and also the necessity of execution of tasks on detecting of the objects in real-time mode, it was offered to carry out an additional simple computational procedure of localization and classification of required objects in case of crossing a defined in advance threshold of “adversarial” object testing.

In this paper, an Intrusion Detection System (IDS) in the Controller Area Network (CAN) bus of modern vehicles has been proposed. NESLIDS is an anomaly detection algorithm based on the supervised Deep Neural Network (DNN) architecture that is designed to counter three critical attack categories: Denial-of-service (DoS), fuzzy, and impersonation attacks. Our research scope included modifying DNN parameters, e.g. number of hidden layer neurons, batch size, and activation functions according to how well it maximized detection accuracy and minimized the false positive rate (FPR) for these attacks. Our methodology consisted of collecting CAN Bus data from online and in real-time, injecting attack data after data collection, preprocessing in Python, training the DNN, and testing the model with different datasets. Results show that the proposed IDS effectively detects all attack types for both types of datasets. NESLIDS outperforms existing approaches in terms of accuracy, scalability, and low false alarm rates.

In this paper, we examine algebraic attacks on the O'zDSt 1105:2009. We begin with a brief review of the meaning of algebraic cryptanalysis, followed by an algebraic cryptanalysis of O'zDSt 1105:2009. Primarily O'zDSt 1105:2009 encryption algorithm is decomposed and each transformation in it is algebraic described separately. Then input and output of each transformation are expressed with other transformation, encryption key, plaintext and cipher text. Created equations, unknowns on it and degree of unknowns are analyzed, and then overall result is given. Based on experimental results, it is impossible to save all system of equations that describes all transformations in O'zDSt 1105:2009 standard. Because, this task requires 273 bytes for the second round. For this reason, it is advisable to evaluate the parameters of the system of algebraic equations, representing the O'zDSt 1105:2009 standard, theoretically.

Chemical sensing is an important issue in food, water, environment, biomedical, and pharmaceutical field. Conventional methods used in laboratory for sensing the chemical are costly, time consuming, and sometimes wastes significant amount of sample. Photonic Crystal Fiber (PCF) offers high compactness and design flexibility and it can be used as biosensor, chemical sensor, liquid sensor, temperature sensor, mechanical sensor, gas sensor, and so on. In this work, we designed PCF to sense different concentrations of different liquids by one PCF structure. We designed different structure for silica cladding hexagonal PCF to sense different concentrations of benzene-toluene and ethanol-water mixer. Core diameter, air hole diameter, and air hole diameter to lattice pitch ratio are varied to get the optimal result as well to explore the effect of core size, air hole size and the pitch on liquid chemical sensing. Performance of the chemical sensors was examined based on confinement loss and sensitivity. The performance of the sensor varied a lot and basically it depends not only on refractive index of the liquid but also on sensing wavelengths. Our designed sensor can provide comparatively high sensitivity and low confinement loss.