Biblio

Can quantum entanglement increase the capacity of (classical) covert channels? To one familiar with Holevo's Theorem it is tempting to think that the answer is obviously no. However, in this work we show: quantum entanglement can in fact increase the capacity of a classical covert channel, in the presence of an active adversary; on the other hand, a zero-capacity channel is not improved by entanglement, so entanglement cannot create ‘purely quantum’ covert channels; the problem of determining the capacity of a given channel in the presence of entanglement is undecidable; but there is an algorithm to bound the entangled capacity of a channel from above, adapted from the semi-definite hierarchy from the theory of non-local games, whose close connection to channel capacity is at the core of all of our results.

Counterfeit drugs are an immense threat for the pharmaceutical industry worldwide due to limitations of supply chain. Our proposed solution can overcome many challenges as it will trace and track the drugs while in transit, give transparency along with robust security and will ensure legitimacy across the supply chain. It provides a reliable certification process as well. Fabric architecture is permissioned and private. Hyperledger is a preferred framework over Ethereum because it makes use of features like modular design, high efficiency, quality code and open-source which makes it more suitable for B2B applications with no requirement of cryptocurrency in Hyperledger Fabric. QR generation and scanning are provided as a functionality in the application instead of bar code for its easy accessibility to make it more secure and reliable. The objective of our solution is to provide substantial solutions to the supply chain stakeholders in record maintenance, drug transit monitoring and vendor side verification.

Audit trails are critical components in enterprise business applications, typically used for storing, tracking, and auditing data. Entities in the audit trail applications have weak trust boundaries, which expose them to various security risks and attacks. To harden the security and develop secure by design applications, blockchain technology has been recently introduced in the audit trails. Blockchains take a consensus-driven clean slate approach to equip audit trails with secure and transparent data processing, without a trusted intermediary. On a downside, blockchains significantly increase the space-time complexity of the audit trails, leading to high storage costs and low transaction throughput. In this article, we introduce BlockTrail, a novel blockchain architecture that fragments the legacy blockchain systems into layers of codependent hierarchies, thereby reducing the space-time complexity and increasing the throughput. BlockTrail is prototyped on the “practical Byzantine fault tolerance” protocol with a custom-built blockchain. Experiments with BlockTrail show that compared to the conventional schemes, BlockTrail is secure and efficient, with low storage footprint.

We show that a new type of dielectric cavity featuring deep sub-wavelength light confinement allows a significant speedup of all-optical signal processing functionalities, without compromising the energy efficiency. The effect is due to enhanced diffusion dynamics in an unconventional geometry.

This paper presents a case study for designing and implementing a secure communication protocol over a Controller Area Network (CAN). The CAN based protocol uses a hybrid encryption method on a relatively simple hardware / software environment. Moreover, the blockchain technology is proposed as a working solution to provide an extra secure level of the proposed system.

FPGA bitstream protection schemes are often the first line of defense for secure hardware designs. In general, breaking the bitstream encryption would enable attackers to subvert the confidentiality and infringe on the IP. Or breaking the authenticity enables manipulating the design, e.g., inserting hardware Trojans. Since FPGAs see widespread use in our interconnected world, such attacks can lead to severe damages, including physical harm. Recently we [1] presented a surprising attack — Starbleed — on Xilinx 7-Series FPGAs, tricking an FPGA into acting as a decryption oracle. For their UltraScale(+) series, Xilinx independently upgraded the security features to AES-GCM, RSA signatures, and a periodic GHASH-based checksum to validate the bitstream during decryption. Hence, UltraScale(+) devices were considered not affected by Starbleed-like attacks [2], [1].We identified novel security weaknesses in Xilinx UltraScale(+) FPGAs if configured outside recommended settings. In particular, we present four attacks in this situation: two attacks on the AES encryption and novel GHASH-based checksum and two authentication downgrade attacks. As a major contribution, we show that the Starbleed attack is still possible within the UltraScale(+) series by developing an attack against the GHASH-based checksum. After describing and analyzing the attacks, we list the subtle configuration changes which can lead to security vulnerabilities and secure configurations not affected by our attacks. As Xilinx only recommends configurations not affected by our attacks, users should be largely secure. However, it is not unlikely that users employ settings outside the recommendations, given the rather large number of configuration options and the fact that Security Misconfiguration is among the leading top 10 OWASP security issues. We note that these security weaknesses shown in this paper had been unknown before.

Despite the strict measures taken by authorities for children safety, crime against children is increasing. To curb this crime, it is important to improve the safety of children. School authorities can be severely penalized for these incidents, hence monitoring the school bus is significantly important in limiting these incidents. The developing worry of families for the security and insurance of their kids has started incredible interest in creating strong frameworks that give successful following and oversight of kids driving among home and school. Coordinated transport following permits youngsters to partake more in their normal schoolwork longer than trusting that a transport will be late with the assistance of notice and guarantees the security of every understudy. These days, reacting to the necessities existing apart from everything else, numerous instructive foundations have begun to push more towards a compelling global positioning framework of their vehicles that ensures the wellbeing of their understudies. Effective transport following is accomplished by procuring the geographic directions utilizing the GPS module and communicating the informationto a distant server. The framework depends on prepared to-utilize inactive RFID peruses. Make a message pop-up from the server script subsequent to checking the understudy's RFID tag be. The RFID examine exhibiting that the understudy boarded the vehicle to the specific trained professionals and the parent. Successful transport following permits school specialists, guardians, and drivers to precisely design their schedules while protecting kids from the second they get on until they get off the transport. The framework overall makes it conceivable to educate the administration regarding crises or protests. A variety of reports can be generated for different school-wide real-time bus and vehicle activities. This paper reviews the various smart security transport systems proposed for providing security features.

Phishing has become a prominent method of data theft among hackers, and it continues to develop. In recent years, many strategies have been developed to identify phishing website attempts using machine learning particularly. However, the algorithms and classification criteria that have been used are highly different from the real issues and need to be compared. This paper provides a detailed comparison and evaluation of the performance of several machine learning algorithms across multiple datasets. Two phishing website datasets were used for the experiments: the Phishing Websites Dataset from UCI (2016) and the Phishing Websites Dataset from Mendeley (2018). Because these datasets include different types of class labels, the comparison algorithms can be applied in a variety of situations. The tests showed that Random Forest was better than other classification methods, with an accuracy of 88.92% for the UCI dataset and 97.50% for the Mendeley dataset.

Due to the rapid development of cyber-physical systems, there are more and more security problems. The purpose of this work is to develop the concept of a knowledge base in the field of security of cyber-physical systems based on an ontological approach. To create the concept of a knowledge base, it was necessary to consider the system of a cyber-physical system and highlight its structural parts. As a result, the main concepts of the security of a cyber-physical system were identified and the concept of a knowledge base was drawn up, which in the future will help to analyze potential threats to cyber-physical systems.

Metaverse is becoming the new standard for social networks and 3D virtual worlds when Facebook officially rebranded to Metaverse in October 2021. Many relevant technologies are used in the metaverse to offer 3D immersive and customized experiences at the user’s fingertips. Despite the fact that the metaverse receives a lot of attention and advantages, one of the most pressing concerns for its users is the safety of their digital material and data. As a result of its decentralization, immutability, and transparency, blockchain is a possible alternative. Our goal is to conduct a comprehensive assessment of blockchain systems in the metaverse to properly appreciate its function in the metaverse. To begin with, the paper introduces blockchain and the metaverse and explains why it’s necessary for the metaverse to adopt blockchain technology. Aside from these technological considerations, this article focuses on how blockchain-based approaches for the metaverse may be used from a privacy and security standpoint. There are several technological challenegs that need to be addressed for making the metaverse a reality. The influence of blockchain on important key technologies with in metaverse, such as Artifical Intelligence, big data and the Internet-of-Things (IoT) is also examined. Several prominent initiatives are also shown to demonstrate the importance of blockchain technology in the development of metaverse apps and services. There are many possible possibilities for future development and research in the application of blockchain technology in the metaverse.

In Production System Engineering (PSE), domain experts from different disciplines reuse assets such as products, production processes, and resources. Therefore, PSE organizations aim at establishing reuse across engineering disciplines. However, the coordination of multi-disciplinary reuse tasks, e.g., the re-validation of related assets after changes, is hampered by the coarse-grained representation of tasks and by scattered, heterogeneous domain knowledge. This paper introduces the Multi-disciplinary Reuse Coordination (MRC) artifact to improve task management for multi-disciplinary reuse. For assets and their properties, the MRC artifact describes sub-tasks with progress and result states to provide references for detailed reuse task management across engineering disciplines. In a feasibility study on a typical robot cell in automotive manufacturing, we investigate the effectiveness of task management with the MRC artifact compared to traditional approaches. Results indicate that the MRC artifact is feasible and provides effective capabilities for coordinating multi-disciplinary re-validation after changes.

Critical infrastructure is a key area in cybersecurity. In the U.S., it was front and center in 1997 with the report from the President’s Commission on Critical Infrastructure Protection (PCCIP), and now affects countries worldwide. Critical Infrastructure Protection must address all types of cybersecurity threats - insider threat, ransomware, supply chain risk management issues, and so on. Unsurprisingly, in the past 25 years, the risks and incidents have increased rather than decreased and appear in the news daily. As an important component of critical infrastructure protection, secure supply chain risk management must be integrated into development projects. Both areas have important implications for security requirements engineering.

Security of Internet of Things (IoT) is one of the most prevalent crucial challenges ever since. The diversified devices and their specification along with resource constrained protocols made it more complex to address over all security need of IoT. Denial of Service attacks, being the most powerful and frequent attacks on IoT have been considered so forth. However, the attack happens on multiple layers and thus a single detection technique for each layer is not sufficient and effective to combat these attacks. Current study focuses on cross layer intrusion detection system (IDS) for detection of multiple Denial of Service (DoS) attacks. Presently, two attacks at Transmission Control Protocol (TCP) and Routing Protocol are considered for Low power and Lossy Networks (RPL) and a neural network-based IDS approach has been proposed for the detection of such attacks. The attacks are simulated on NetSim and detection and the performance shows up to 80% detection probabilities.

In the Smart Grid paradigm, this critical infrastructure operation is increasingly exposed to cyber-threats due to the increased dependency on communication networks. An adversary can launch an attack on a power grid operation through False Data Injection into system measurements and/or through attacks on the communication network, such as flooding the communication channels with unnecessary data or intercepting messages. A cross-layered strategy that combines power grid data, communication grid monitoring and Machine Learning-based processing is a promising solution for detecting cyber-threats. In this paper, an implementation of an integrated solution of a cross-layer framework is presented. The advantage of such a framework is the augmentation of valuable data that enhances the detection of anomalies in the operation of power grid. IEEE 118-bus system is built in Simulink to provide a power grid testing environment and communication network data is emulated using SimComponents. The performance of the framework is investigated under various FDI and communication attacks.

Critical infrastructures such as the electricity grid can be severely impacted by cyber-attacks on its supply chain. Hence, having a robust cybersecurity infrastructure and management system for the electricity grid is a high priority. This paper proposes a cyber-security protocol for defense against man-in-the-middle (MiTM) attacks to the supply chain, which uses encryption and cryptographic multi-party authentication. A cyber-physical simulator is utilized to simulate the power system, control system, and security layers. The correctness of the attack modeling and the cryptographic security protocol against this MiTM attack is demonstrated in four different attack scenarios.

Digital forensics is essential when performing in-depth crime investigations and evidence extraction, especially in the field of the Internet of Things, where there is a ton of information every second boosted with latest and smartest technological devices. However, the enormous growth of data and the nature of its complexity could constrain the data examination process since traditional data acquisition techniques are not applicable nowadays. Therefore, if the knowledge gap between digital forensics and the Internet of Things is not bridged, investigators will jeopardize the loss of a possible rich source of evidence that otherwise could act as a lead in solving open cases. The work aims to introduce examples of employing the latest Internet of Things forensics approaches as a panacea in this regard. The paper covers a variety of articles presenting the new Blockchain, fog, and video-based applications that can aid in easing the process of digital forensics investigation with a focus on the Internet of Things. The results of the review indicated that the above current trends are very promising procedures in the field of Internet of Things digital forensics and need to be explored and applied more actively.

This paper proposes a cybersecurity maturity model to assess the capabilities of medical organizations to identify their level of maturity, prioritizing privacy and personal data protection. There are problems such as data breaches, the lack of security measures in health information, and the poor capacity of organizations to handle cybersecurity threats that generate concern in the health sector as they seek to mitigate risks in cyberspace. The proposal, based upon C2M2 (Cybersecurity Capability Maturity Model), incorporates practices and controls which allow organizations to identify security gaps generated through cyberattacks on sensitive health patient data. This model seeks to integrate the best practices related to privacy and protection of personal data in the Peruvian legal framework through the Administrative Directive No. 294-MINSA and the personal data protection Act No. 29733. The model consists of 3 evaluation phases. 1. Assessment planning; 2. Execution of the evaluation; 3. Implementation of improvements. The model was validated and tested in a public sector medical organization in Lima, Peru. The preliminary results showed that the organization is at Level 1 with 14% of compliance with established controls, 34% in risk, threat and vulnerability management practices and 19% in supply chain management. These the 3 highest percentages of the 10 evaluated domains.

Cyber physical system (CPS) Critical infrastructures (CIs) like the power and energy systems are increasingly becoming vulnerable to cyber attacks. Mitigating cyber risks in CIs is one of the key objectives of the design and maintenance of these systems. These CPS CIs commonly use legacy devices for remote monitoring and control where complete upgrades are uneconomical and infeasible. Therefore, risk assessment plays an important role in systematically enumerating and selectively securing vulnerable or high-risk assets through optimal investments in the cybersecurity of the CPS CIs. In this paper, we propose a CPS CI security framework and software tool, CySec Game, to be used by the CI industry and academic researchers to assess cyber risks and to optimally allocate cybersecurity investments to mitigate the risks. This framework uses attack tree, attack-defense tree, and game theory algorithms to identify high-risk targets and suggest optimal investments to mitigate the identified risks. We evaluate the efficacy of the framework using the tool by implementing a smart grid case study that shows accurate analysis and feasible implementation of the framework and the tool in this CPS CI environment.

Forensic Science comprises a set of technical-scientific knowledge used to solve illicit acts. The increasing use of mobile devices as the main computing platform, in particular smartphones, makes existing information valuable for forensics. However, the blocking mechanisms imposed by the manufacturers and the variety of models and technologies make the task of reconstructing the data for analysis challenging. It is worth mentioning that the conclusion of a case requires more than the simple identification of evidence, as it is extremely important to correlate all the data and sources obtained, to confirm a suspicion or to seek new evidence. This work carries out a systematic review of the literature, identifying the different types of existing image acquisition and the main extraction and encryption methods used in smartphones with the Android operating system.

Data is a collection of information from the activities of the real world. The file in which such data is stored after transforming into a form that machines can process is generally known as data set. In the real world, many data sets are not complete, and they contain various types of noise. Missing values is of one such kind. Thus, imputing data of these missing values is one of the significant task of data pre-processing. This paper deals with two real time health care data sets namely life expectancy (LE) dataset and chronic kidney disease (CKD) dataset, which are very different in their nature. This paper provides insights on various data imputation techniques to fill missing values by analyzing them. When coming to Data imputation, it is very common to impute the missing values with measure of central tendencies like mean, median, mode Which can represent the central value of distribution but choosing the apt choice is real challenge. In accordance with best of our knowledge this is the first and foremost paper which provides the complete analysis of impact of basic data imputation techniques on various data distributions which can be classified based on the size of data set, number of missing values, type of data (categorical/numerical), etc. This paper compared and analyzed the original data distribution with the data distribution after each imputation in terms of their skewness, outliers and by various descriptive statistic parameters.

Any Big Data scenario eventually reaches scalability concerns for several factors, often storage or computing power related. Modern solutions have been proven to be effective in multiple domains and have automated many aspects of the Big Data pipeline. In this paper, we aim to present a solution for deploying event-based automated data processing tools for low code environments that aim to minimize the need for user input and can effectively handle common data processing jobs, as an alternative to distributed solutions which require language specific libraries and code. Our architecture uses a combination of a network exposed service with a cluster of “Data Workers” that handle data processing jobs effectively without requiring manual input from the user. This system proves to be effective at handling most data processing scenarios and allows for easy expandability by following simple patterns when declaring any additional jobs.

Cloud computing provides a great platform for the users to utilize the various computational services in order accomplish their requests. However it is difficult to utilize the computational storage services for the file handling due to the increased protection issues. Here Distributed Denial of Service (DDoS) attacks are the most commonly found attack which will prevent from cloud service utilization. Thus it is confirmed that the DDoS attack detection and load balancing in cloud are most extreme issues which needs to be concerned more for the improved performance. This attained in this research work by measuring up the trust factors of virtual machines in order to predict the most trustable VMs which will be combined together to form the trustable source vector. After trust evaluation, in this work Bat algorithm is utilized for the optimal load distribution which will predict the optimal VM resource for the task allocation with the concern of budget. This method is most useful in the process of detecting the DDoS attacks happening on the VM resources. Finally prevention of DDOS attacks are performed by introducing the Fuzzy Extreme Learning Machine Classifier which will learn the cloud resource setup details based on which DDoS attack detection can be prevented. The overall performance of the suggested study design is performed in a Java simulation model to demonstrate the superiority of the proposed algorithm over the current research method.

Undoubtedly, technology has not only transformed our world of work and lifestyle, but it also carries with it a lot of security challenges. The Distributed Denial-of-Service (DDoS) attack is one of the most prominent attacks witnessed by cyberspace of the current era. This paper outlines several DDoS attacks, their mitigation stages, propagation of attacks, malicious codes, and finally provides redemptions of exhibiting normal and DDoS attacked scenarios. A case study of a SYN flooding attack has been exploited by using Metasploit. The utilization of CPU frame length and rate have been observed in normal and attacked phases. Preliminary results clearly show that in a normal scenario, CPU usage is about 20%. However, in attacked phases with the same CPU load, CPU execution overhead is nearly 90% or 100%. Thus, through this research, the major difference was found in CPU usage, frame length, and degree of data flow. Wireshark tool has been used for network traffic analyzer.

We propose DecCert, a decentralized public key infrastructure designed as a smart contract that solves the problem of identity attestation on public blockchains. Our system allows an individual to bind an identity to a public blockchain address. Once a claim of identity is made by an individual, other users can choose to verify the attested identity based on the evidence presented by an identity claim maker by staking cryptocurrency in the DecCert smart contract. Increasing levels of trust are naturally built based upon the amount staked and the duration the collateral is staked for. This mechanism replaces the usual utilization of digital signatures in a traditional hierarchical certificate authority model or the web of trust model to form a publicly verifiable decentralized stake of trust model. We also present a novel solution to the certificate revocation problem and implement our solution on the Ethereum blockchain. Further, we show that our design solves Zooko’s triangle as defined for public key infrastructure deployments.

The suggested IsoQuadratic Exponentiation Randomized isocryptosystem design is the unique approach for public key encipher algorithm using IsoPartial Discrete Logarithm Problem and preservation of the recommended IsoQuadratic Exponentiation Randomized isocryptosystem be established against hardness of IsoPartial Discrete Logarithm Problem. Therewith, we demonstrated the possibility of an additional secured algorithm. The offered unique IsoQuadratic Exponentiation Randomized isocryptosystem is suitable for low bandwidth transmission, low storage and low numeration in cyberspace.