Biblio

In Wireless Sensor Networks (WSNs), energy and security are two critical concerns that must be addressed. Because of the scarcity of energy, several security measures are restricted. For secure data routing in WSN, it becomes vital to identify insider packet drop attacks. The trust mechanism is an effective strategy for detecting this assault. Each node in this system validates the trustworthiness of its neighbors before transmitting packets, ensuring that only trust-worthy nodes get packets. With such a trust-aware scheme, however, there is a risk of false alarm. This work develops an adaptive trust computation model (TCM)which is implemented in our already proposed Chimp Optimization Algorithm-based Energy-Aware Secure Routing Protocol (COA-EASRP) for WSN. The proposed technique computes the optimal path using the hybrid combination of COA-EASRP and AODV as well as TCM is used to indicate false alarms in detecting selfish nodes. Our Proposed approach provides the series of Simulation outputs carried out based on various parameters

Security incident handling and response are essen-tial parts of every organization's information and cyber security. Security incident handling consists of several phases, among which digital forensic analysis has an irreplaceable place. Due to particular digital evidence being recorded at a specific time, timelines play an essential role in analyzing this digital evidence. One of the vital tasks of the digital forensic investigator is finding relevant records in this timeline. This operation is performed manually in most cases. This paper focuses on the possibilities of automatically identifying digital evidence pertinent to the case and proposes a model that identifies this digital evidence. For this purpose, we focus on Windows operating system and the NTFS file system and use outlier detection (Local Outlier Factor method). Collected digital evidence is preprocessed, transformed to binary values, and aggregated by file system inodes and names. Subsequently, we identify digital records (file inodes, file names) relevant to the case. This paper analyzes the combinations of attributes, aggregation functions, local outlier factor parameters, and their impact on the resulting selection of relevant file inodes and file names.

The Compressive Sensing (CS) has wide range of applications in various domains. The sampling of sparse signal, which is periodic or aperiodic in nature, is still an out of focus topic. This paper proposes novel Sparse Spasmodic Sampling (SSS) techniques for different sparse signal in original domain. The SSS techniques are proposed to overcome the drawback of the existing CS sampling techniques, which can sample any sparse signal efficiently and also find location of non-zero components in signals. First, Sparse Spasmodic Sampling model-1 (SSS-1) which samples random points and also include non-zero components is proposed. Another sampling technique, Sparse Spasmodic Sampling model-2 (SSS-2) has the same working principle as model-1 with some advancements in design. It samples equi-distance points unlike SSS-1. It is demonstrated that, using any sampling technique, the signal is able to reconstruct with a reconstruction algorithm with a smaller number of measurements. Simulation results are provided to demonstrate the effectiveness of the proposed sampling techniques.

The demand for increasing flexibility use in power systems is stressed by the changing grid utilization. Making use of largely untapped flexibility potential is possible through novel flexibility markets. Different approaches for these markets are being developed and vary considering their handling of transaction schemes and relation of participating entities. This paper delivers the conceptual development of a holistic system architecture for the realization of an interregional flexibility market, which targets a market based congestion management in the transmission and distribution system through trading between system operators and flexibility providers. The framework combines a market mechanism with the required supplements like appropriate control algorithms for emergency situations, cyber-physical system monitoring and cyber-security assessment. The resulting methods are being implemented and verified in a remote-power-hardware-in-the-loop setup coupling a real world low voltage grid with a geographically distant real time simulation using state of the art control system applications with an integration of the aforementioned architecture components.

Differential privacy mechanisms have been proposed to guarantee the privacy of individuals in various types of statistical information. When constructing a probabilistic mechanism to satisfy differential privacy, it is necessary to consider the impact of an arbitrary record on its statistics, i.e., sensitivity, but there are situations where sensitivity is difficult to derive. In this paper, we first summarize the situations in which it is difficult to derive sensitivity in general, and then propose a definition equivalent to the conventional definition of differential privacy to deal with them. This definition considers neighboring datasets as in the conventional definition. Therefore, known differential privacy mechanisms can be applied. Next, as an example of the difficulty in deriving sensitivity, we focus on the t-test, a basic tool in statistical analysis, and show that a concrete differential privacy mechanism can be constructed in practice. Our proposed definition can be treated in the same way as the conventional differential privacy definition, and can be applied to cases where it is difficult to derive sensitivity.

Misuse of caller ID spoofing combined with social engineering has the potential as a means to commit other crimes, such as fraud, theft, leaking sensitive information, spreading hoaxes, etc. The appropriate forensic technique must be carried out to support the verification and collection of evidence related to these crimes. In this research, a digital forensic analysis was carried out on the BlueStacks emulator, Redmi 5A smartphone, and SIM card which is a device belonging to the victim and attacker to carry out caller ID spoofing attacks. The forensic analysis uses the NIST SP 800-101 R1 guide and forensic tools FTK imager, Oxygen Forensic Detective, and Paraben’s E3. This research aims to determine the artifacts resulting from caller ID spoofing attacks to assist in mapping and finding digital evidence. The result of this research is a list of digital evidence findings in the form of a history of outgoing calls, incoming calls, caller ID from the source of the call, caller ID from the destination of the call, the time the call started, the time the call ended, the duration of the call, IMSI, ICCID, ADN, and TMSI.

The globalization of the integrated circuit (IC) manufacturing industry has lured the adversary to come up with numerous malicious activities in the IC supply chain. Logic locking has risen to prominence as a proactive defense strategy against such threats. CAS-Lock (proposed in CHES'20), is an advanced logic locking technique that harnesses the concept of single-point function in providing SAT-attack resiliency. It is claimed to be powerful and efficient enough in mitigating existing state-of-the-art attacks against logic locking techniques. Despite the security robustness of CAS-Lock as claimed by the authors, we expose a serious vulnerability and by exploiting the same we devise a novel attack algorithm against CAS-Lock. The proposed attack can not only reveal the correct key but also the exact AND/OR structure of the implemented CAS-Lock design along with all the key gates utilized in both the blocks of CAS-Lock. It simply relies on the externally observable Distinguishing Input Patterns (DIPs) pertaining to a carefully chosen key simulation of the locked design without the requirement of structural analysis of any kind of the locked netlist. Our attack is successful against various AND/OR cascaded-chain configurations of CAS-Lock and reports 100% success rate in recovering the correct key. It has an attack complexity of \$\textbackslashmathcalO(m)\$, where \$m\$ denotes the number of DIPs obtained for an incorrect key simulation.

Steady advancement in Artificial Intelligence (AI) development over recent years has caused AI systems to become more readily adopted across industry and military use-cases globally. As powerful as these algorithms are, there are still gaping questions regarding their security and reliability. Beyond adversarial machine learning, software supply chain vulnerabilities and model backdoor injection exploits are emerging as potential threats to the physical safety of AI reliant CPS such as autonomous vehicles. In this work in progress paper, we introduce the concept of AI supply chain vulnerabilities with a provided proof of concept autonomous exploitation framework. We investigate the viability of algorithm backdoors and software third party library dependencies for applicability into modern AI attack kill chains. We leverage an autonomous vehicle case study for demonstrating the applicability of our offensive methodologies within a realistic AI CPS operating environment.

Due to the intermittent nature of renewable energy sources, the implementation of energy storage systems (ESSs) is crucial for the reliable operation of microgrids. This paper proposes a peer-to-peer distributed secondary control scheme for accurate voltage restoration of distributed ESS units in a DC microgrid. The presented control framework only requires local and neighboring information to function. Besides, the ESSs communicate with each other through a sparse network in a discrete fashion compared to existing approaches based on continuous data exchange. This feature ensures reliability, expandability, and flexibility of the proposed strategy for a more practical realization of distributed control paradigm. A simulation case study is presented using MATLAB/Simulink to illustrate the performance and effectiveness of the proposed control strategy.

The effective security system improvement from malware attacks on the Android operating system should be updated and improved. Effective malware detection increases the level of data security and high protection for the users. Malicious software or malware typically finds a means to circumvent the security procedure, even when the user is unaware whether the application can act as malware. The effectiveness of obfuscated android malware detection is evaluated by collecting static analysis data from a data set. The experiment assesses the risk level of which malware dataset using the hash value of the malware and records malware behavior. A set of hash SHA256 malware samples has been obtained from an internet dataset and will be analyzed using static analysis to record malware behavior and evaluate which risk level of the malware. According to the results, most of the algorithms provide the same total score because of the multiple crime inside the malware application.

The use of software daily has become inevitable nowadays. Almost all everyday tools and the most different areas (e.g., medicine or telecommunications) are dependent on software. The C programming language is one of the most used languages for software development, such as operating systems, drivers, embedded systems, and industrial products. Even with the appearance of new languages, it remains one of the most used [1] . At the same time, C lacks verification mechanisms, like array boundaries, leaving the entire responsibility to the developer for the correct management of memory and resources. These weaknesses are at the root of buffer overflows (BO) vulnerabilities, which range the first place in the CWE’s top 25 of the most dangerous weaknesses [2] . The exploitation of BO when existing in critical safety systems, such as railways and autonomous cars, can have catastrophic effects for manufacturers or endanger human lives.

Swarm robotics is a network based multi-device system designed to achieve shared objectives in a synchronized way. This system is widely used in industries like farming, manufacturing, and defense applications. In recent implementations, swarm robotics is integrated with Blockchain based networks to enhance communication, security, and decentralized decision-making capabilities. As most of the current blockchain applications are based on complex consensus algorithms, every individual robot in the swarm network requires high computing power to run these complex algorithms. Thus, it is a challenging task to achieve consensus between the robots in the network. This paper will discuss the details of designing an effective consensus algorithm that meets the requirements of swarm robotics network.

Random numbers are essential for communications security, as they are widely employed as secret keys and other critical parameters of cryptographic algorithms. The Linux random number generator (LRNG) is the most popular open-source software-based random number generator (RNG). The security of LRNG is influenced by the overall design, especially the quality of entropy sources. Therefore, it is necessary to assess and quantify the quality of the entropy sources which contribute the main randomness to RNGs. In this paper, we perform an empirical study on the quality of entropy sources in LRNG with Linux kernel 5.6, and provide the following two findings. We first analyze two important entropy sources: jiffies and cycles, and propose a method to predict jiffies by cycles with high accuracy. The results indicate that, the jiffies can be correctly predicted thus contain almost no entropy in the condition of knowing cycles. The other important finding is the failure of interrupt cycles during system boot. The lower bits of cycles caused by interrupts contain little entropy, which is contrary to our traditional cognition that lower bits have more entropy. We believe these findings are of great significance to improve the efficiency and security of the RNG design on software platforms.

This paper proposes an improved version of the newly developed Honey Badger Algorithm (HBA), called Generalized opposition Based-Learning HBA (GOBL-HBA), for solving the mesh routers placement problem. The proposed GOBLHBA is based on the integration of the generalized opposition-based learning strategy into the original HBA. GOBL-HBA is validated in terms of three performance metrics such as user coverage, network connectivity, and fitness value. The evaluation is done using various scenarios with different number of mesh clients, number of mesh routers, and coverage radius values. The simulation results revealed the efficiency of GOBL-HBA when compared with the classical HBA, Genetic Algorithm (GA), and Particle Swarm optimization (PSO).

Smart grids integrate computing and communication infrastructure with conventional power grids to improve situational awareness, control, and safety. Several technologies such as automatic fault detection, automated reconfiguration, and outage management require close network monitoring. Therefore, utilities utilize sensing equipment such as PMUs (phasor measurement units), smart meters, and bellwether meters to obtain grid measurements. However, the expansion in sensing equipment results in an increased strain on existing communication infrastructure. Prior works overcome this problem by exploiting the sparsity of power consumption data in the Haar, Hankel, and Toeplitz transformation bases to achieve sub-Nyquist compression. However, data-driven dictionaries enable superior compression ratios and reconstruction accuracy by learning the sparsifying basis. Therefore, this work proposes using dictionary learning to learn the sparsifying basis of smart meter data. The smart meter data sent to the data centers are compressed using a random projection matrix prior to transmission. These measurements are aggregated to obtain the compressed measurements at the primary nodes. Compressive sensing-based estimators are then utilized to estimate the system states. This approach was validated on the IEEE 33-node distribution system and showed superior reconstruction accuracy over conventional transformation bases and over-complete dictionaries. Voltage magnitude and angle estimation error less than 0.3% mean absolute percentage error and 0.04 degree mean absolute error, respectively, were achieved at compression ratios as high as eight.

The assurance of the operability of surface water treatment facilities lies in many factors, but the factor with the largest impact on said assurance is the availability of the necessary chemicals. Facilities across the country vary in their processes and sources, but all require chemicals to produce potable water. The purpose of this project was to develop a risk assessment tool to determine the shortfalls and risks in the water treatment industry's chemical supply chain, which was used to produce a risk mitigation plan ensuring plant operability. To achieve this, a Fault Tree was built to address four main areas of concern: (i) market supply and demand, (ii) chemical substitutability, (iii) chemical transportation, and (iv) chemical storage process. Expert elicitation was then conducted to formulate a Failure Modes and Effects Analysis (FMEA) and develop Radar Charts, regarding the operations and management of specific plants. These tools were then employed to develop a final risk mitigation plan comprising two parts: (i) a quantitative analysis comparing and contrasting the risks of the water treatment plants under study and (ii) a qualitative recommendation for each of the plants-both culminating in a mitigation model on how to control and monitor chemical-related risks.

Supply chain cyberattacks that exploit insecure third-party software are a growing concern for the security of the electric power grid. These attacks seek to deploy malicious software in grid control devices during the fabrication, shipment, installation, and maintenance stages, or as part of routine software updates. Malicious software on grid control devices may inject bad data or execute bad commands, which can cause blackouts and damage power equipment. This paper describes an experimental setup to simulate the software update process of a commercial power relay as part of a hardware-in-the-loop simulation for grid supply chain cyber-security assessment. The laboratory setup was successfully utilized to study three supply chain cyber-security use cases.

Internet of Things (IoT) evolution calls for stringent communication demands, including low delay and reliability. At the same time, wireless mesh technology is used to extend the communication range of IoT deployments, in a multi-hop manner. However, Wireless Mesh Networks (WMNs) are facing link failures due to unstable topologies, resulting in unsatisfied IoT requirements. Named-Data Networking (NDN) can enhance WMNs to meet such IoT requirements, thanks to the content naming scheme and in-network caching, but necessitates adaptability to the challenging conditions of WMNs.In this work, we argue that Software-Defined Networking (SDN) is an ideal solution to fill this gap and introduce an integrated SDN-NDN deployment over WMNs involving: (i) global view of the network in real-time; (ii) centralized decision making; and (iii) dynamic NDN adaptation to network changes. The proposed system is deployed and evaluated over the wiLab.1 Fed4FIRE+ test-bed. The proof-of-concept results validate that the centralized control of SDN effectively supports the NDN operation in unstable topologies with frequent dynamic changes, such as the WMNs.

Security evaluation can be performed using a variety of analysis methods, such as attack trees, attack graphs, threat propagation models, stochastic Petri nets, and so on. These methods analyze the effect of attacks on the system, and estimate security attributes from different perspectives. However, they require information from experts in the application domain for properly capturing the key elements of an attack scenario: i) the attack paths a system could be subject to, and ii) the different characteristics of the possible adversaries. For this reason, some recent works focused on the generation of low-level security models from a high-level description of the system, hiding the technical details from the modeler.In this paper we build on an existing ontology framework for security analysis, available in the ADVISE Meta tool, and we extend it in two directions: i) to cover the attack patterns available in the CAPEC database, a comprehensive dictionary of known patterns of attack, and ii) to capture all the adversaries’ profiles as defined in the Threat Agent Library (TAL), a reference library for defining the characteristics of external and internal threat agents ranging from industrial spies to untrained employees. The proposed extension supports a richer combination of adversaries’ profiles and attack paths, and provides guidance on how to further enrich the ontology based on taxonomies of attacks and adversaries.

Ethical bias in machine learning models has become a matter of concern in the software engineering community. Most of the prior software engineering works concentrated on finding ethical bias in models rather than fixing it. After finding bias, the next step is mitigation. Prior researchers mainly tried to use supervised approaches to achieve fairness. However, in the real world, getting data with trustworthy ground truth is challenging and also ground truth can contain human bias. Semi-supervised learning is a technique where, incrementally, labeled data is used to generate pseudo-labels for the rest of data (and then all that data is used for model training). In this work, we apply four popular semi-supervised techniques as pseudo-labelers to create fair classification models. Our framework, Fair-SSL, takes a very small amount (10%) of labeled data as input and generates pseudo-labels for the unlabeled data. We then synthetically generate new data points to balance the training data based on class and protected attribute as proposed by Chakraborty et al. in FSE 2021. Finally, classification model is trained on the balanced pseudo-labeled data and validated on test data. After experimenting on ten datasets and three learners, we find that Fair-SSL achieves similar performance as three state-of-the-art bias mitigation algorithms. That said, the clear advantage of Fair-SSL is that it requires only 10% of the labeled training data. To the best of our knowledge, this is the first SE work where semi-supervised techniques are used to fight against ethical bias in SE ML models. To facilitate open science and replication, all our source code and datasets are publicly available at https://github.com/joymallyac/FairSSL. CCS CONCEPTS • Software and its engineering → Software creation and management; • Computing methodologies → Machine learning. ACM Reference Format: Joymallya Chakraborty, Suvodeep Majumder, and Huy Tu. 2022. Fair-SSL: Building fair ML Software with less data. In International Workshop on Equitable Data and Technology (FairWare ‘22), May 9, 2022, Pittsburgh, PA, USA. ACM, New York, NY, USA, 8 pages. https://doi.org/10.1145/3524491.3527305

The rapid growth of number of devices that are connected to internet of things (IoT) networks, increases the severity of security problems that need to be solved in order to provide safe environment for network data exchange. The discovery of new vulnerabilities is everyday challenge for security experts and many novel methods for detection and prevention of intrusions are being developed for dealing with this issue. To overcome these shortcomings, artificial intelligence (AI) can be used in development of advanced intrusion detection systems (IDS). This allows such system to adapt to emerging threats, react in real-time and adjust its behavior based on previous experiences. On the other hand, the traffic classification task becomes more difficult because of the large amount of data generated by network systems and high processing demands. For this reason, feature selection (FS) process is applied to reduce data complexity by removing less relevant data for the active classification task and therefore improving algorithm's accuracy. In this work, hybrid version of recently proposed sand cat swarm optimizer algorithm is proposed for feature selection with the goal of increasing performance of extreme learning machine classifier. The performance improvements are demonstrated by validating the proposed method on two well-known datasets - UNSW-NB15 and CICIDS-2017, and comparing the results with those reported for other cutting-edge algorithms that are dealing with the same problems and work in a similar configuration.

In recent years, the security of AI systems has drawn increasing research attention, especially in the medical imaging realm. To develop a secure medical image analysis (MIA) system, it is a must to study possible backdoor attacks (BAs), which can embed hidden malicious behaviors into the system. However, designing a unified BA method that can be applied to various MIA systems is challenging due to the diversity of imaging modalities (e.g., X-Ray, CT, and MRI) and analysis tasks (e.g., classification, detection, and segmentation). Most existing BA methods are designed to attack natural image classification models, which apply spatial triggers to training images and inevitably corrupt the semantics of poisoned pixels, leading to the failures of attacking dense prediction models. To address this issue, we propose a novel Frequency-Injection based Backdoor Attack method (FIBA) that is capable of delivering attacks in various MIA tasks. Specifically, FIBA leverages a trigger function in the frequency domain that can inject the low-frequency information of a trigger image into the poisoned image by linearly combining the spectral amplitude of both images. Since it preserves the semantics of the poisoned image pixels, FIBA can perform attacks on both classification and dense prediction models. Experiments on three benchmarks in MIA (i.e., ISIC-2019 [4] for skin lesion classification, KiTS-19 [17] for kidney tumor segmentation, and EAD-2019 [1] for endoscopic artifact detection), validate the effectiveness of FIBA and its superiority over stateof-the-art methods in attacking MIA models and bypassing backdoor defense. Source code will be available at code.

Companies store increasing amounts of data, requiring the implementation of mechanisms to protect them from malicious people. There are techniques and procedures that aim to increase the security of computer systems, such as network protection services, firewalls. They are intended to filter packets that enter and leave a network. Its settings depend on security policies, which consist of documents that describe what is allowed to travel on the network and what is prohibited. The transcription of security policies into rules, written in native firewall language, that represent them, is the main source of errors in firewall configurations. In this work, concepts related to security between networks and firewalls are presented. Related works on security policies and their translations into firewall rules are also referenced. Furthermore, the developed tool, named Fireasy, is presented, which allows the modeling of security policies through graphic elements, and the maintenance of rules written in native firewall language, also representing them in graphic elements. Finally, a controlled experiment was conducted to validate the approach, which indicated, in addition to the correct functioning of the tool, an improvement in the translation of security policies into firewall rules using the tool. In the task of understanding firewall rules, there was a homogenization of the participants' performance when they used the tool.

JPEG-XS offers low complexity image compression for applications with constrained but reasonable bit-rate, and low latency. Our paper explores the deployment of JPEG-XS on lossy packet networks. To preserve low latency, Forward Error Correction (FEC) is envisioned as the protection mechanism of interest. Although the JPEG-XS codestream is not scalable in essence, we observe that the loss of a codestream fraction impacts the decoded image quality differently, depending on whether this codestream fraction corresponds to codestream headers, to coefficient significance information, or to low/high frequency data. Hence, we propose a rate-distortion optimal unequal error protection scheme that adapts the redundancy level of Reed-Solomon codes according to the rate of channel losses and the type of information protected by the code. Our experiments demonstrate that, at 5% loss rates, it reduces the Mean Squared Error by up to 92% and 65%, compared to a transmission without and with optimal but equal protection, respectively.

This paper explores high throughput architectures for the substitution modules, which are an integral component of encryption algorithms. The security algorithms chosen belong to the category of lightweight crypto-primitives suitable for pervasive computing. The focus of this work is on the implementation of encryption algorithms on hardware platforms to improve speed and facilitate optimization in the area and power consumption of the design. In this work, the architecture for the encryption algorithms' substitution box (S-box) is modified using switching circuits (i.e., MUX-based) along with a logic generator and included in the overall cipher design. The modified architectures exhibit high throughput and consume less energy in comparison to the state-of-the-art designs. The percentage increase in throughput or maximum frequency differs according to the chosen algorithms discussed elaborately in this paper. The evaluation of various metrics specific to the design are executed at RFID-specific frequency so that they can be deployed in an IoT environment. The designs are mainly simulated and compared on Nexys4 DDR FPGA platform, along with a few other FPGAs, to meet similar design and implementation environments for a fair comparison. The application of the proposed S-box modification is explored for the healthcare scenario with promising results.