Biblio

As the major factors affecting the safety of deep learning models, corner cases and related detection are crucial in AI quality assurance for constructing safety- and security-critical systems. The generic corner case researches involve two interesting topics. One is to enhance DL models' robustness to corner case data via the adjustment on parameters/structure. The other is to generate new corner cases for model retraining and improvement. However, the complex architecture and the huge amount of parameters make the robust adjustment of DL models not easy, meanwhile it is not possible to generate all real-world corner cases for DL training. Therefore, this paper proposes a simple and novel approach aiming at corner case data detection via a specific metric. This metric is developed on surprise adequacy (SA) which has advantages on capture data behaviors. Furthermore, targeting at characteristics of corner case data, three modifications on distanced-based SA are developed for classification applications in this paper. Consequently, through the experiment analysis on MNIST data and industrial data, the feasibility and usefulness of the proposed method on corner case data detection are verified.

Nowadays, cyber physical systems are playing an important role in human life in which they provide features that make interactions between human and machine easier. To design and analysis such systems, the main problem is their complexity. In this paper, we propose a description language for cyber physical systems based on stochastic processes. The proposed language is called SPDL (Stochastic Description Process Language). For designing SPDL, two main parts are considered for Cyber Physical Systems (CSP): embedded systems and physical environment. Then these parts are defined as stochastic processes and CPS is defined as a tuple. Syntax and semantics of SPDL are stated based on the proposed definition. Also, the semantics are defined as by set theory. For implementation of SPDL, dependencies between words of a requirements are extracted as a tree data structure. Based on the dependencies, SPDL is used for describing the CPS. Also, a lexical analyzer and a parser based on a defined BNF grammar for SPDL is designed and implemented. Finally, SPDL of CPS is transformed to NuSMV which is a symbolic model checker. The Experimental results show that SPDL is capable of describing cyber physical systems by natural language.

The Industrial Internet of Things (IIoT) also referred as Cyber Physical Systems (CPS) as critical elements, expected to play a key role in Industry 4.0 and always been vulnerable to cyber-attacks and vulnerabilities. Terrorists use cyber vulnerability as weapons for mass destruction. The dark web's strong transparency and hard-to-track systems offer a safe haven for criminal activity. On the dark web (DW), there is a wide variety of illicit material that is posted regularly. For supervised training, large-scale web pages are used in traditional DW categorization. However, new study is being hampered by the impossibility of gathering sufficiently illicit DW material and the time spent manually tagging web pages. We suggest a system for accurately classifying criminal activity on the DW in this article. Rather than depending on the vast DW training package, we used authorized regulatory to various types of illicit activity for training Machine Learning (ML) classifiers and get appreciable categorization results. Espionage, Sabotage, Electrical power grid, Propaganda and Economic disruption are the cyber warfare motivations and We choose appropriate data from the open source links for supervised Learning and run a categorization experiment on the illicit material obtained from the actual DW. The results shows that in the experimental setting, using TF-IDF function extraction and a AdaBoost classifier, we were able to achieve an accuracy of 0.942. Our method enables the researchers and System authoritarian agency to verify if their DW corpus includes such illicit activity depending on the applicable rules of the illicit categories they are interested in, allowing them to identify and track possible illicit websites in real time. Because broad training set and expert-supplied seed keywords are not required, this categorization approach offers another option for defining illicit activities on the DW.

Machine learning is implemented extensively in various applications. The machine learning algorithms teach computers to do what comes naturally to humans. The objective of this study is to do comparison on the predictive models in cyberbullying detection between the basic machine learning system and the proposed system with the involvement of feature selection technique, resampling and hyperparameter optimization by using two classifiers; Support Vector Classification Linear and Decision Tree. Corpus from ASKfm used to extract word n-grams features before implemented into eight different experiments setup. Evaluation on performance metric shows that Decision Tree gives the best performance when tested using feature selection without resampling and hyperparameter optimization involvement. This shows that the proposed system is better than the basic setting in machine learning.

In this paper, we propose a functional model for the implementation of devices that use the Internet of Things (IoT). In recent years, the number of devices connected to the internet per person has increased from 0.08 in 2003 to a total of 6.58 in 2020, suggesting an increase of 8,225% in 7 years. The proposal includes a functional IoT model of a cybersecurity architecture by including components to ensure compliance with the proposed controls within a cybersecurity framework to detect cyber threats in IoT-based wearable devices. The proposal focuses on reducing the number of vulnerabilities present in IoT devices since, on average, 57% of these devices are vulnerable to attacks. The model has a 3-layer structure: business, applications, and technology, where components such as policies, services and nodes are described accordingly. The validation was done through a simulated environment of a system for the control and monitoring of pregnant women using wearable devices. The results show reductions of the probability index and the impact of risks by 14.95% and 6.81% respectively.

Cyber-attacks toward cyber-physical systems are one of the main concerns of smart grid's operators. However, many of these cyber-attacks, are toward unmanned substations where the cyber-attackers needs to be close enough to substation to malfunction protection and control systems in substations, using Electromagnetic signals. Therefore, in this paper, a new threat detection algorithm is proposed to prevent possible cyber-attacks toward unmanned substations. Using surveillance camera's streams and based on You Only Look Once (YOLO) V3, suspicious objects in the image are detected. Then, using Intersection over Union (IOU) and Generalized Intersection Over Union (GIOU), threat distance is estimated. Finally, the estimated threats are categorized into three categories using color codes red, orange and green. The deep network used for detection consists of 106 convolutional layers and three output prediction with different resolutions for different distances. The pre-trained network is transferred from Darknet-53 weights trained on 80 classes.

DDoS attacks have grown in popularity as a tactic for potential hackers, cyber blackmailers, and cyberpunks. These attacks have the potential to put a person unconscious in a matter of seconds, resulting in severe economic losses. Despite the vast range of conventional mitigation techniques available today, DDoS assaults are still happening to grow in frequency, volume, and intensity. A new network paradigm is necessary to meet the requirements of today's tough security issues. We examine the available detection and mitigation of DDoS attacks techniques in depth. We classify solutions based on detection of DDoS attacks methodologies and define the prerequisites for a feasible solution. We present a novel methodology named D3 for detecting and mitigating DDoS attacks using cuckoo filter.

Network traffic detection is closely related to network security, and it is also a hot research topic now. With the development of encryption technology, traffic detection has become more and more difficult, and many crimes have occurred on the dark web, so how to detect dark web traffic is the subject of this study. In this paper, we proposed a dark web traffic(Tor traffic) detection scheme based on deep learning and conducted experiments on public data sets. By analyzing the results of the experiment, our detection precision rate reached 95.47%.

This paper proposes a method of encrypting data stored in the blockchain network by applying ciphertext-policy attribute-based encryption (CP-ABE) and symmetric key algorithm. This method protects the confidentiality and privacy of data that is not protected in blockchain networks, and stores data in a more efficient way than before. The proposed model has the same characteristics of CP-ABE and has a faster processing speed than when only CP-ABE is used.

The recent technological advances and changes in the daily human activities increased the production and sharing of data. In the ecosystem of interconnected systems, data can be circulated among systems for various reasons. This could lead to exchange of private or sensitive information between entities. Data Sanitisation involves processes and practices that remove sensitive and private information from documents before sharing them with entities that should not have access to this information. This paper presents the design and development of a data sanitisation and redaction solution for a Cyber Threat Intelligence sharing platform. The Data Sanitisation and Redaction Plugin has been designed with the purpose of operating as a plugin for the ECHO Project’s Early Warning System platform and enhancing its operative capabilities during information sharing. This plugin aims to provide automated security and privacy-based controls to the concept of CTI sharing over a ticketing system. The plugin has been successfully tested and the results are presented in this paper.

The transmission of various facilities and services via the network is known as cloud computing. They involve data storage, data centers, networks, internet, and software applications, among other systems and features. Cryptography is a technique in which plain text is converted into cipher-text to preserve information security. It basically consists of encryption and decryption. The level of safety is determined by the category of encryption and decryption technique employed. The key plays an important part in the encryption method. If the key is leaked, anyone can intrude into the data and there is no use of this encryption. When the data is lost and the server fails to deliver it to the user, then it is to be recovered from any of the backup server using a recovery technique. The main objective is to develop an advanced method to increase the scope for data protection in cloud. Elliptic Curve Cryptography is a relatively new approach in the area of cryptography. The degree of security provides higher as compared to other Cryptographic techniques. The raw data and it’s accompanying as CII characters are combined and sent into the Elliptic Curve Cryptography as a source. This method eliminates the need for the transmitter and recipient to have a similar search database. Finally, a plain text is converted into cipher-text using Elliptic Curve Cryptography. The results are oat aimed by implementing a C program for Elliptic Curve Cryptography. Encryption, decryption and recovery using suitable algorithms are done.

Data and veracious information are an important feature of any organization; it takes special care as a like asset of the organization. Cloud computing system main target to provide service to the user like high-speed access user data for storage and retrieval. Now, big concern is data protection in cloud computing technology as because data leaking and various malicious attacks happened in cloud computing technology. This study provides user data protection in the cloud storage device. The article presents the architecture of a data security hybrid infrastructure that protects and stores the user data from the unauthenticated user. In this hybrid model, we use a different type of security model.

Nowadays, Denial of Service (DOS) is a significant cyberattack that can happen on the Internet. This attack can be taken place with more than one attacker that in this case called Distributed Denial of Service (DDOS). The attackers endeavour to make the resources (server & bandwidth) unavailable to legitimate traffic by overwhelming resources with malicious traffic. An appropriate security module is needed to discriminate the malicious flows with high accuracy to prevent the failure resulting from a DDOS attack. In this paper, a DDoS attack discriminator will be designed for Software Defined Network (SDN) architecture so that it can be deployed in the POX controller. The simulation results present that the proposed model can achieve an accuracy of about 99.4%which shows an outstanding percentage of improvement compared with Decision Tree (DT), K-Nearest Neighbour (KNN), Support Vector Machine (SVM) approaches.

Distributed Denial of Service Attacks (DDoS) are most widely used cyber-attacks. Thus, design of DDoS detection mechanisms has attracted attention of researchers. Design of these mechanisms involves building statistical and machine learning models. Most of the work in design of mechanisms is focussed on improving the accuracy of the model. However, due to large volume of network traffic, scalability and performance of these techniques is an important research issue. In this work, we use Apache Spark framework for detection of DDoS attacks. We use NSL-KDD Cup as a benchmark dataset for experimental analysis. The results reveal that random forest performs better than decision trees and distributed processing improves the performance in terms of pre-processing and training time.

CAPTCHA or Completely Automated Public Turing test to Tell Computers and Humans Apart is a technique to distinguish between humans and computers by generating and evaluating tests that can be passed by humans but not computer bots. However, captchas are not foolproof, and they can be bypassed which raises security concerns. Hence, sites over the internet remain open to such vulnerabilities. This research paper identifies the vulnerabilities found in some of the commonly used captcha schemes by cracking them using Deep Learning techniques. It also aims to provide solutions to safeguard against these vulnerabilities and provides recommendations for the generation of secure captchas.

Magnetized Liner Inertial Fusion (MagLIF) is a magneto-inertial fusion (MIF) concept being studied on the Z-machine at Sandia National Laboratories. MagLIF relies on quasi-adiabatic heating of a gaseous deuterium (DD) fuel and flux compression of a background axially oriented magnetic field to achieve fusion relevant plasma conditions. The magnetic flux per fuel radial extent determines the confinement of charged fusion products and is thus of fundamental interest in understanding MagLIF performance. It was recently shown that secondary DT neutron spectra and yields are sensitive to the magnetic field conditions within the fuel, and thus provide a means by which to characterize the magnetic confinement properties of the fuel. 1 , 2 , 3 We utilize an artificial neural network to surrogate the physics model of Refs. [1] , [2] , enabling Bayesian inference of the magnetic confinement parameter for a series of MagLIF experiments that systematically vary the laser preheat energy deposited in the target. This constitutes the first ever systematic experimental study of the magnetic confinement properties as a function of fundamental inputs on any neutron-producing MIF platform. We demonstrate that the fuel magnetization decreases with deposited preheat energy in a fashion consistent with Nernst advection of the magnetic field out of the hot fuel and diffusion into the target liner.

The deployment of DER with smart-inverter functionality is increasing the controllable assets on power distribution networks and, consequently, the cyber-physical attack surface. Within this work, we consider the use of reinforcement learning as an online controller that adjusts DER Volt/Var and Volt/Watt control logic to mitigate network voltage unbalance. We specifically focus on the case where a network-aware cyber-physical attack has compromised a subset of single-phase DER, causing a large voltage unbalance. We show how deep reinforcement learning successfully learns a policy minimizing the unbalance, both during normal operation and during a cyber-physical attack. In mitigating the attack, the learned stochastic policy operates alongside legacy equipment on the network, i.e. tap-changing transformers, adjusting optimally predefined DER control-logic.

This paper proposes a novel model to detect Deep-Fakes, which are hyper-realistic fake videos generated by advanced AI algorithms involving facial superimposition. With a growing number of DeepFakes involving prominent political figures that hold a lot of social capital, their misuse can lead to drastic repercussions. These videos can not only be used to circulate false information causing harm to reputations of individuals, companies and countries, but also has the potential to cause civil unrest through mass hysteria. Hence it is of utmost importance to detect these DeepFakes and promptly curb their spread. We therefore propose a CNN-based model that learns inherently distinct patterns that change between a DeepFake and a real video. These distinct features include pixel distortion, inconsistencies with facial superimposition, skin colour differences, blurring and other visual artifacts. The proposed model has trained a CNN (Convolutional Neural Network), to effectively distinguish DeepFake videos using a frame-based approach based on aforementioned distinct features. Herein, the proposed work demonstrates the viability of our model in effectively identifying Deepfake faces in a given video source, so as to aid security applications employed by social-media platforms in credibly tackling the ever growing threat of Deepfakes, by effectively gauging the authenticity of videos, so that they may be flagged or ousted before they can cause irreparable harm.

In recent years web applications that are hacked every day estimated to be 30 000, and in most cases, web developers or website owners do not even have enough knowledge about what is happening on their sites. Web hackers can use many attacks to gain entry or compromise legitimate web applications, they can also deceive people by using phishing sites to collect their sensitive and private information. In response to this, the need is raised to take proper measures to understand the risks and be aware of the vulnerabilities that may affect the website and hence the normal business flow. In the scope of this study, mitigations against the most common web application attacks are set, and the web administrator is provided with ways to detect phishing links which is a social engineering attack, the study also demonstrates the generation of web application logs that simplifies the process of analyzing the actions of abnormal users to show when behavior is out of bounds, out of scope, or against the rules. The methods of mitigation are accomplished by secure coding techniques and the methods for phishing link detection are performed by various machine learning algorithms and deep learning techniques. The developed application has been tested and evaluated against various attack scenarios, the outcomes obtained from the test process showed that the website had successfully mitigated these dangerous web application attacks, and for the detection of phishing links part, a comparison is made between different algorithms to find the best one, and the outcome of the best model gave 98% accuracy.

In order to solve the problem of data analysis and application caused by the inefficient integration of hardware and software compatibility of hardware in the Internet of things, this paper proposes and designs a C/S framework communication system based on task driven and multi-user authority. By redefining the relationship between users and hardware and adopting the matching framework for different modules, the system realizes the high concurrent and complex data efficient collaborative processing between software and hardware. Finally, by testing and verifying the functions of the system, the communication system effectively realizes the functions of data processing between software and hardware, and achieves the expected results.

Recently, vehicular communications have been the focus of industry, research and development fields. There are many benefits of vehicular communications. It improves traffic management and put derivers in better control of their vehicles. Privacy and security protection are collective accountability in which all parties need to actively engage and collaborate to afford safe and secure communication environments. The primary objective of this paper is to exploit the RSS characteristic of physical layer, in order to generate a secret key that can securely be exchanged between legitimated communication vehicles. In this paper, secret key extraction from wireless channel will be the main focus of the countermeasures against VANET security attacks. The technique produces a high rate of bits stream while drop less amount of information. Information reconciliation is then used to remove dissimilarity of two initially extracted keys, to increase the uncertainty associated to the extracted bits. Five values are defined as quantization thresholds for the captured probes. These values are derived statistically, adaptively and randomly according to the readings obtained from the received signal strength.

Information system security is very important and very complicated, security is to prevent potential crisis. To detect both from external invasion behavior, also want to check the internal unauthorized behavior. Presented here ABHIDS hybrid intrusion detection system model, designed a component Agent, controller, storage, filter, manager component (database), puts forward a new detecting DDoS attacks (trinoo) algorithm and the implementation. ABHIDS adopts object-oriented design method, a study on intrusion detection can be used as a working mechanism of the algorithms and test verification platform.

Software Defined Networking (SDN) has changed the way of designing and managing networks through programmability. However, programmability also introduces security threats. In this work we address the issue of malicious hosts running malicious applications that bypass the standard SDN based detection mechanisms. The SDN security system we are proposing periodically monitors the system calls utilization of the different SDN applications installed, learns from past system behavior using machine learning classifiers, and thus accurately detects the existence of an unusual activity or a malicious application.

The ever-evolving computers has its implications on the data and information and the threats that they are exposed to. With the exponential growth of internet, the chances of data breach are highly likely as unauthorized and ill minded users find new ways to get access to the data that they can use for their plans. Most of the systems today have well designed measures that examine the information for any abnormal behavior (Zero Day Attacks) compared to what has been seen and experienced over the years. These checks are done based on a predefined identity (signature) of information. This is being termed as Intrusion Detection Systems (IDS). The concept of IDS revolves around validation of data and/or information and detecting unauthorized access attempts with an intention of manipulating data. High Performance Soft Computing (HPSC) aims to internalize cumulative adoption of traditional and modern attempts to breach data security and expose it to high scale damage and altercations. Our effort in this paper is to emphasize on the multifaceted tactic and rationalize important functionalities of IDS available at the disposal of HPSC.

Today cyber-attacks to critical infrastructures can perform outages, economical loss, physical damage to people and the environment, among many others. In particular, the smart grid is one of the main targets. In this paper, we develop and evaluate software detectors for integrity attacks to smart meter readings. The detectors rely upon different techniques and models, such as autoregressive models, clustering, and neural networks. Our evaluation considers different “attack scenarios”, then resembling the plethora of attacks found in last years. Starting from previous works in the literature, we carry out a detailed experimentation and analysis, so to identify which “detectors” best fit for each “attack scenario”. Our results contradict some findings of previous works and also offer a light for choosing the techniques that can address best the attacks to smart meters.