Biblio

Strecth Processing (SP) is a radar signal processing technique that provides high-range resolution with processing large bandwidth signals with lower rate Analog to Digital Converter(ADC)s. The range resolution of the large bandwidth signal is obtained through looking into a limited range window and low rate ADC samples. The target space in the observed range window is sparse and Compressive sensing(CS) is an important tool to further decrease the number of measurements and sparsely reconstruct the target space for sparse scenes with a known basis which is the Fourier basis in the general application of SP. Although classical CS techniques might be directly applied to SP, due to off-grid targets reconstruction performance degrades. In this paper, applicability of compressive sensing framework and its sparse signal recovery techniques to stretch processing is studied considering off-grid cases. For sparsity based robust SP, Perturbed Parameter Orthogonal Matching Pursuit(PPOMP) algorithm is proposed. PPOMP is an iterative technique that estimates off-grid target parameters through a gradient descent. To compute the error between actual and reconstructed parameters, Earth Movers Distance(EMD) is used. Performance of proposed algorithm are compared with classical CS and SP techniques.

With the advancement of technology, the world has not only become a better place to live in but have also lost the privacy and security of shared data. Information in any form is never safe from the hands of unauthorized accessing individuals. Here, in our paper we propose an approach by which we can preserve data using visual cryptography. In this paper, two sixteen segment displayed text is broken into two shares that does not reveal any information about the original images. By this process we have obtained satisfactory results in statistical and structural testes.

The number of wearable and smart devices which are connecting every day in the Internet of Things (IoT) is continuously growing. We have a great opportunity though to improve the quality of life (QoL) standards by adding medical value to these devices. Especially, by exploiting IoT technology, we have the potential to create useful tools which utilize the sensors to provide biometric data. This novel study aims to use a smartwatch, independent from other hardware, to predict the Blood Pressure (BP) drop caused by postural changes. In cases that the drop is due to orthostatic hypotension (OH) can cause dizziness or even faint factors, which increase the risk of fall in the elderly but, as well as, in younger groups of people. A mathematical prediction model is proposed here which can reduce the risk of fall due to OH by sensing heart rate variability (data and drops in systolic BP after standing in a healthy group of 10 subjects. The experimental results justify the efficiency of the model, as it can perform correct prediction in 86.7% of the cases, and are encouraging enough for extending the proposed approach to pathological cases, such as patients with Parkinson's disease, involving large scale experiments.

The expanding penetration of non-dispatchable renewable resources within power system generation portfolios is motivating the development of demand-side strategies for balancing generation and load. Commercial heating, ventilation, and air conditioning (HVAC) loads are potential candidates for providing such demand-response (DR) services as they consume significant energy and because of the temporal flexibility offered by their inherent thermal inertia. Several ancillary services markets have recently opened up to participation by DR resources, provided they can satisfy certain performance metrics. We discuss different control strategies for providing frequency regulation DR from commercial HVAC systems and components, and compare performance results from experiments and simulation. We also present experimental results from a single  30,000-m2 office building and quantify the DR control performance using standardized performance criteria. Additionally, we evaluate the cost of delivering this service by comparing the energy consumed while providing DR against a counterfactual baseline.

Facebook's response to a altered video of Nancy Pelosi has sparked a debate as to whether social media platforms should take down videos that are considered to be "fake". The definition of "fake" is also discussed.

We typically only consider running programs that are completely written. Programmers end up inserting ad hoc dummy values into their incomplete programs to receive feedback about dynamic behavior. In this work we suggest an evaluation mechanism for incomplete programs, represented as terms with holes. Rather than immediately failing when a hole is encountered, evaluation propagates holes as far as possible. The result is a substantially tighter development loop. 

The industry of telecommunications is being transformed towards 5G technology, because it has to deal with the emerging and existing use cases. Because, 5G wireless networks need rather large data rates and much higher coverage of the dense base station deployment with the bigger capacity, much better Quality of Service - QoS, and the need very low latency [1–3]. The provision of the needed services which are envisioned by 5G technologies need the new service models of deployment, networking architectures, processing technologies and storage to be defined. These technologies will cause the new problems for the cybersecurity of 5G systems and the security of their functionality. The developers and researchers working in this field make their best to secure 5G systems. The researchers showed that 5G systems have the security challenges. The researchers found the vulnerabilities in 5G systems which allow attackers to integrate malicious code into the system and make the different types of the illegitimate actions. MNmap, Battery drain attacks and MiTM can be successfully implemented on 5G. The paper makes the analysis of the existing cyber security problems in 5G technology. Based on the analysis, we suggest the novel Intrusion Detection System - IDS by means of the machine-learning algorithms. In the related papers the scientists offer to use NSL-KDD in order to train IDS. In our paper we offer to train IDS using the big datasets of DOS/DDOS attacks, besides of training using NSL-KDD. The research also offers the methodology of integration of the offered intrusion detection systems into an standard architecture of 5G. The paper also offers the pseudo code of the designed system.

SCADA systems are being constantly migrated to modern information and communication technologies (ICT) -based systems named cyber-physical systems. Unfortunately, this allows attackers to execute exploitation techniques into these architectures. In addition, ransomware insertion is nowadays the most popular attacking vector because it denies the availability of critical files and systems until attackers receive the demanded ransom. In this paper, it is analysed the risk impact of ransomware insertion into SCADA systems and it is suggested countermeasures addressed to the protection of SCADA systems and its components to reduce the impact of ransomware insertion.

Software Defined Networks (SDNs) is a new networking paradigm that has gained a lot of attention in recent years especially in implementing data center networks and in providing efficient security solutions. The popularity of SDN and its attractive security features suggest that it can be used in the context of smart grid systems to address many of the vulnerabilities and security problems facing such critical infrastructure systems. This paper studies the impact of different cyber attacks that can target smart grid communication network which is implemented as a software defined network on the operation of the smart grid system in general. In particular, we perform different attack scenarios including DDoS attacks, location highjacking and link overloading against SDN networks of different controller types that include POX, Floodlight and RYU. Our experiments were carried out using the mininet simulator. The experiments show that SDN-enabled smartgrid systems are vulnerable to different types of attacks.

New generations of industrial control systems offer higher performance, they are distributed, and it is very likely that they are internet connected in one way or another. These trends raise new challenges in the contexts of reliability and security. We propose a novel approach that tackles the complexity of industrial control systems at design time and run time. At design time our target is to ease the configuration and verification of controller configurations through model-driven engineering techniques together with the contract-based design paradigm. At run time the information from design time is reused in order to support a modular and distributed self-adaptive software system that aims to increase reliability and security. The industrial setting of the presented approach are control devices for hydropower plant units.

In this study, we investigate the performance of FSO communication systems under more realistic channel model considering atmospheric turbulence, pointing errors and channel estimation errors together. For this aim, we first derived the composite probability density function (PDF) of imperfect Málaga turbulence channel with pointing errors. Then using this PDF, we obtained bit-error-rate (BER) and ergodic channel capacity (ECC) expressions in closed forms. Additionally, we present the BER and ECC metrics of imperfect Gamma-Gamma and K turbulence channels with pointing errors as special cases of Málaga channel. We further verified our analytic results through Monte-Carlo simulations.

In this paper, a novel Dynamic Chaotic Biometric Identity Isomorphic Elliptic Curve (DCBI-IEC) has been introduced for Image Encryption. The biometric digital identity is extracted from the user fingerprint image as fingerprint minutia data incorporated with the chaotic logistic map and hence, a new DCBDI-IEC has been suggested. DCBI-IEC is used to control the key schedule for all encryption and decryption processing. Statistical analysis, differential analysis and key sensitivity test are performed to estimate the security strengths of the proposed DCBI-IEC system. The experimental results show that the proposed algorithm is robust against common signal processing attacks and provides a high security level for image encryption application.

As embedded devices (under the guise of "smart-whatever") rapidly proliferate into many domains, they become attractive targets for malware. Protecting them from software and physical attacks becomes both important and challenging. Remote attestation is a basic tool for mitigating such attacks. It allows a trusted party (verifier) to remotely assess software integrity of a remote, untrusted, and possibly compromised, embedded device (prover). Prior remote attestation methods focus on software (malware) attacks in a one-verifier/one-prover setting. Physical attacks on provers are generally ruled out as being either unrealistic or impossible to mitigate. In this paper, we argue that physical attacks must be considered, particularly, in the context of many provers, e.g., a network, of devices. As- suming that physical attacks require capture and subsequent temporary disablement of the victim device(s), we propose DARPA, a light-weight protocol that takes advantage of absence detection to identify suspected devices. DARPA is resilient against a very strong adversary and imposes minimal additional hardware requirements. We justify and identify DARPA's design goals and evaluate its security and costs.

The presence of software vulnerabilities is a serious threat to any software project. Exploiting them can compromise system availability, data integrity, and confidentiality. Unfortunately, many open source projects go for years with undetected ready-to-exploit critical vulnerabilities. In this study, we investigate the presence of software vulnerabilities in open source projects and the factors that influence this presence. We analyzed the top 100 open source PHP applications in GitHub using a static analysis vulnerability scanner to examine how common software vulnerabilities are. We also discussed which vulnerabilities are most present and what factors contribute to their presence. We found that 27% of these projects are insecure, with a median number of 3 vulnerabilities per vulnerable project. We found that the most common type is injection vulnerabilities, which made 58% of all detected vulnerabilities. Out of these, cross-site scripting (XSS) was the most common and made 43.5% of all vulnerabilities found. Statistical analysis revealed that project activities like branching, pulling, and committing have a moderate positive correlation with the number of vulnerabilities in the project. Other factors like project popularity, number of releases, and number of issues had almost no influence on the number of vulnerabilities. We recommend that open source project owners should set secure code development guidelines for their project members and establish secure code reviews as part of the project's development process.

The cryptology science has gradually gained importance with our digitalized lives. Ensuring the security of data transmitted, processed and stored across digital channels is a major challenge. One of the frequently used components in cryptographic algorithms to ensure security is substitution-box structures. Random selection-based substitution-box structures have become increasingly important lately, especially because of their advantages to prevent side channel attacks. However, the low nonlinearity value of these designs is a problem. In this study, a dataset consisting of twenty different substitution-box structures have been publicly presented to the researchers. The fact that the proposed dataset has high nonlinearity values will allow it to be used in many practical applications in the future studies. The proposed dataset provides a contribution to the literature as it can be used both as an input dataset for the new post-processing algorithm and as a countermeasure to prevent the success of side-channel analyzes.

Ad Hoc Network is wireless networks that get more attention from past to present. Mobile ad hoc network (MANET) is one of the types of ad hoc networks, it deployed rapidly because it infrastructure-less. A node in a mobile ad hoc network communicates through wireless links without wired channels. When source nodes want to communicate with the destination outside its transmission range it uses multi-hop mechanisms. The intermediate node forwards the data packet to the next node until the data packet reaches its destination. Due wireless links and lack of centralized administration device, mobile ad hoc network is more vulnerable for security attacks. The rushing attack is one of the most dangerous attacks in the on-demand routing protocol of mobile ad hoc networks. Rushing attack highly transmits route request with higher transmission power than the genuine nodes and become participate between source and destination nodes, after that, it delays or drop actual data pass through it. In this study, the researcher incorporates rushing attack in one of the most commonly used mobile ad hoc network routing protocols namely Ad hoc on-demand multipath distance vector and provides a rushing attack prevention method based on the time threshold value and random route selection. Based on the time RREQ arrives a node takes a decision, if the RREQ packet arrives before threshold value, the RREQ packet consider as came from an attacker and discarded else RREQ packet received then randomly select RREQ to forward. In this study performance metrics like packet delivery ratio, end-to-end delay and throughput have been evaluated using Network simulation (NS-2.35). As a result of simulation shows newly proposed prevention mechanism improves network performance in all cases than the network under attacker. For example, the average packet delivery ratio enhanced from 54.37% to 97.69%, throughput increased from 20.84bps to 33.06bpsand the average delay decreased from 1147.22ms to 908.04ms. It is concluded that the new proposed techniques show improvement in all evaluated performance metrics.

Cyber-Physical-Systems are subject to cyber-attacks due to existing vulnerabilities in the various components constituting them. System Resiliency is concerned with the extent the system is able to bounce back to a normal state under attacks. In this paper, two communication Networks are analyzed, formally described, and modeled using Architecture Analysis & Design Language (AADL), identifying their architecture, connections, vulnerabilities, resources, possible attack instances as well as their pre-and post-conditions. The generated network models are then verified against a security property using JKind model checker integrated tool. The union of the generated attack sequences/scenarios resulting in overall network compromise (given by its loss of stability) is the Attack graph. The generated Attack graph is visualized graphically using Unity software, and then used to assess the worst Level of Resilience for both networks.

In this work, security analysis of a Smart Home System (SHS) is inspected. The paper focuses on describing common and likely cyber security threats against SHS. This includes both their influence on human privacy and safety. The SHS is properly presented and formed applying Architecture Analysis and Design Language (AADL), exhibiting the system layout, weaknesses, attack practices, besides their requirements and post settings. The obtained model is later inspected along with a security requirement with JKind model tester software for security endangerment. The overall attack graph causing system compromise is graphically given using Graphviz.

With the wide popularity of Cloud Computing, Service-oriented Computing is becoming the de-facto approach for the development of distributed systems. This has introduced the issue of trustworthiness with respect to the services being provided. Service Requesters are provided with a wide range of services that they can select from. Usually the service requester compare between these services according to their cost and quality. One essential part of the quality of a service is the trustworthiness properties of such services. Traditional service models focuses on service functionalities and cost when defining services. This paper introduces a new service model that extends traditional service models to support trustworthiness properties.

The battlefield environment differs from the natural environment in terms of irregular communications and the possibility of destroying communication and medical units by enemy forces. Information that can be collected in a war environment by soldiers is important information and must reach top-level commanders in time for timely decisions making. Also, ambulance staff in the battlefield need to enter the data of injured soldiers after the first aid, so that the information is available for the field hospital staff to prepare the needs for incoming injured soldiers.In this research, we propose two transaction techniques to handle these issues and use different concurrency control protocols, depending on the nature of the transaction and not a one concurrency control protocol for all types of transactions. Message transaction technique is used to collect valuable data from the battlefield by soldiers and allows top-level commanders to view it according to their permissions by logging into the system, to help them make timely decisions. In addition, use the capabilities of DBMS tools to organize data and generate reports, as well as for future analysis. Medical service unit transactional workflow technique is used to provides medical information to the medical authorities about the injured soldiers and their status, which helps them to prepare the required needs before the wounded soldiers arrive at the hospitals. Both techniques handle the disconnection problem during transaction processing.In our approach, the transaction consists of four phases, reading, editing, validation, and writing phases, and its processing is based on the optimistic concurrency control protocol, and the rules of actionability that describe how a transaction behaves if a value-change is occurred on one or more of its attributes during its processing time by other transactions.