Biblio

This paper proposes a Mobile IoT optimization method for Next-Generation networks by evaluating a series of named-based techniques implemented in Information-Centric Networking (ICN). The idea is based on the possibility to have a more suitable naming and forwarding mechanism to be implemented in IoT. The main advantage of the method is in achieving a higher success packet rate and data rate by following the proposed technique even when the device is mobile / roaming around. The proposed technique is utilizing a root prefix naming which allows faster process and dynamic increase for content waiting time in Pending Interest Table (PIT). To test the idea, a simulation is carried out by mimicking how IoT can be implemented, especially in smart cities, where a user can also travel and not be static. Results show that the proposed technique can achieve up to a 13% interest success rate and an 18.7% data rate increase compared to the well-known implementation algorithms. The findings allow for possible further cooperation of data security factors and ensuring energy reduction through leveraging more processes at the edge node.

In view of the characteristics that rolling bearing is prone to failure under actual working conditions, and it is difficult to classify the fault category and fault degree, the deep belief network is introduced to diagnose the rolling bearing fault. Firstly, principal component analysis is used to reduce the dimension of original input data and delete redundant input information. Then, the dimension reduced data are input into the deep belief network to extract the low dimensional fault feature representation, and the extracted features are input into the classifier for rolling bearing fault pattern recognition. Finally, the diagnosis effect of the proposed network is compared with the existing common shallow neural network. The simulation experiment is carried out through the bearing data in the United States.

Emails are widely used as a form of communication and sharing files in an organization. However, email is widely used by cybercriminals to spread malware and carrying out cyber-attacks. We implemented an open-source email gateway in conjunction with a security sandbox for securing emails against malicious attachments. The email gateway scans all incoming and outgoing emails and stops emails containing suspicious files. An automated python script would then send the suspected email to the sandboxing element through sandbox API for further analysis, while the script is used also for the prevention of duplicate results. Moreover, the mail server administrator receives notifications from the email gateway about suspicious attachments. If detected attachment is a true positive based on the sandbox analysis result, email is deleted, otherwise, the email is delivered to the recipient. The paper describes in an empirical way the steps followed during the implementation, results, and conclusions of our research.

The widespread adoption of eCommerce, iBanking, and eGovernment institutions has resulted in an exponential rise in the use of web applications. Due to a large number of users, web applications have become a prime target of cybercriminals who want to steal Personally Identifiable Information (PII) and disrupt business activities. Hence, there is a dire need to audit the websites and ensure information security. In this regard, several web vulnerability scanners are employed for vulnerability assessment of web applications but attacks are still increasing day by day. Therefore, a considerable amount of research has been carried out to measure the effectiveness and limitations of the publicly available web scanners. It is identified that most of the publicly available scanners possess weaknesses and do not generate desired results. In this paper, the evaluation of publicly available web vulnerability scanners is performed against the top ten OWASP11OWASP® The Open Web Application Security Project (OWASP) is an online community that produces comprehensive articles, documentation, methodologies, and tools in the arena of web and mobile security. vulnerabilities and their performance is measured on the precision of their results. Based on these results, we proposed an Integrated Multi-Agent Blackbox Security Assessment Tool (SAT) for the security assessment of web applications. Research has proved that the vulnerabilities assessment results of the SAT are more extensive and accurate.

Blockchain technology promises to overcome trust and privacy concerns inherent to centralized information sharing. However, current decentralized supply chain management systems do either not meet privacy and scalability requirements or require a trustworthy consortium, which is challenging for increasingly dynamic supply chains with constantly changing participants. In this paper, we propose CCChain, a scalable and privacy-aware supply chain management system that stores all information locally to give companies complete sovereignty over who accesses their data. Still, tamper protection of all data through a permissionless blockchain enables on-demand tracking and tracing of products as well as reliable information sharing while affording the detection of data inconsistencies. Our evaluation confirms that CCChain offers superior scalability in comparison to alternatives while also enabling near real-time tracking and tracing for many, less complex products.

With the ubiquitous advancement in smart medical devices and systems, the potential of Remote Patient Monitoring (RPM) network is evolving in modern healthcare systems. The medical professionals (doctors, nurses, or medical experts) can access vitals and sensitive physiological information about the patients and provide proper treatment to improve the quality of life through the RPM network. However, the wireless nature of communication in the RPM network makes it challenging to design an efficient mechanism for secure communication. Many authentication schemes have been proposed in recent years to ensure the security of the RPM network. Pseudonym, digital signature, and Authenticated Key Exchange (AKE) protocols are used for the Internet of Medical Things (IoMT) to develop secure authorization and privacy-preserving communication. However, traditional authentication protocols face overhead challenges due to maintaining a large set of key-pairs or pseudonyms results on the hospital cloud server. In this research work, we identify this research gap and propose a novel secure and efficient privacy-preserving authentication scheme using cuckoo filters for the RPM network. The use of cuckoo filters in our proposed scheme provides an efficient way for mutual anonymous authentication and a secret shared key establishment process between medical professionals and patients. Moreover, we identify the misbehaving sensor nodes using a correlation-based anomaly detection model to establish secure communication. The security analysis and formal security validation using SPAN and AVISPA tools show the robustness of our proposed scheme against message modification attacks, replay attacks, and man-in-the-middle attacks.

Sample-then-lock construction is a reusable fuzzy extractor for low-entropy sources. When applied on iris recognition scenarios, many subsets of an iris-code are used to lock the cryptographic key. The security of this construction relies on the entropy of subsets of iris codes. Simhadri et al. reported a security level of 32 bits on iris sources. In this paper, we propose two kinds of attacks to crack existing sample-then-lock schemes. Exploiting the low-entropy subsets, our attacks can break the locked key and the enrollment iris-code respectively in less than 220 brute force attempts. To protect from these proposed attacks, we design an improved sample-then-lock scheme. More precisely, our scheme employs stability and discriminability to select high-entropy subsets to lock the genuine secret, and conceals genuine locker by a large amount of chaff lockers. Our experiment verifies that existing schemes are vulnerable to the proposed attacks with a security level of less than 20 bits, while our scheme can resist these attacks with a security level of more than 100 bits when number of genuine subsets is 106.

Rational and smart decision making by means of strategic interaction and mathematical modelling is the key aspect of Game theory. Security games based on game theory are used extensively in cyberspace for various levels of security. The contemporary security issues can be modelled and analyzed using game theory as a robust mathematical framework. The attackers, defenders and the adversarial as well as defensive interactions can be captured using game theory. The security games equilibrium evaluation can help understand the attackers' strategies and potential threats at a deeper level for efficient defense. Wireless sensor network (WSN) designs are greatly benefitted by game theory. A deep learning adversarial network algorithm is used in combination with game theory enabling energy efficiency, optimal data delivery and security in a WSN. The trade-off between energy resource utilization and security is balanced using this technique.

Big Data (BD) is the combination of several technologies which address the gathering, analyzing and storing of massive heterogeneous data. The tremendous spurt of the Internet of Things (IoT) and different technologies are the fundamental incentive behind this enduring development. Moreover, the analysis of this data requires high-performance servers for advanced and parallel data analytics. Thus, data owners with their limited capabilities may outsource their data to a powerful but untrusted environment, i.e., the Cloud. Furthermore, data analytic techniques performed on external cloud may arise various security intimidations regarding the confidentiality and the integrity of the aforementioned; transferred, analyzed, and stored data. To countermeasure these security issues and challenges, several techniques have been addressed. This survey paper aims to summarize and emphasize the security threats within Big Data framework, in addition, it is worth mentioning research work related to Big Data Analytics (BDA).

Nowadays, lives are very much easier with the help of IoT. Due to lack of protection and a greater number of connections, the management of IoT becomes more difficult To manage the network flow, a Software Defined Networking (SDN) has been introduced. The SDN has a great capability in automatic and dynamic distribution. For harmful attacks on the controller a centralized SDN architecture unlocks the scope. Therefore, to reduce these attacks in real-time, a securing SDN enabled IoT scenario infrastructure of Fog networks is preferred. The virtual switches have network enforcement authorized decisions and these are executed through the SDN network. Apart from this, SDN switches are generally powerful machines and simultaneously these are used as fog nodes. Therefore, SDN looks like a good selection for Fog networks of IoT. Moreover, dynamically distributing the necessary crypto keys are allowed by the centralized and software channel protection management solution, in order to establish the Datagram Transport Layer Security (DTIS) tunnels between the IoT devices, when demanded by the cyber security framework. Through the extensive deployment of this combination, the usage of CPU is observed to be 30% between devices and the latencies are in milliseconds range, and thus it presents the system feasibility with less delay. Therefore, by comparing with the traditional SDN, it is observed that the energy consumption is reduced by more than 90%.

The security and reliability of power grid dispatching system is the basis of the stable development of the whole social economy. With the development of information, computer science and technology, communication technology, and network technology, using more advanced intelligent technology to improve the performance of security and reliability of power grid dispatching system has important research value and practical significance. In order to provide valuable references for relevant researchers and for the construction of future power system related applications. This paper summarizes the latest technical status of attribute encryption and hierarchical identity encryption methods, and introduces the access control method based on attribute and hierarchical identity encryption, the construction method of attribute encryption scheme, revocable CP-ABE scheme and its application in power grid data security access control. Combined with multi authorization center encryption, third-party trusted entity and optimized encryption algorithm, the parallel access control algorithm of hierarchical identity and attribute encryption and its application in power grid data security access control are introduced.

Cloud computing is a model of service provisioning in heterogeneous distributed systems that encourages many researchers to explore its benefits and drawbacks in executing workflow applications. Recently, high-quality security protection has been a new challenge in workflow allocation. Different tasks may and may not have varied security demands, security overhead may vary for different virtual machines (VMs) at which the task is assigned. This paper proposes a Security Oriented Deadline-Aware workflow allocation (SODA) strategy in an IaaS cloud environment to minimize the risk probability of the workflow tasks while considering the deadline met in a deterministic environment. SODA picks out the task based on the highest security upward rank and assigns the selected task to the trustworthy VMs. SODA tries to simultaneously satisfy each task’s security demand and deadline at the maximum possible level. The simulation studies show that SODA outperforms the HEFT strategy on account of the risk probability of the cloud system on scientific workflow, namely CyberShake.

All-or-nothing transforms (AONT) were proposed by Rivest as a message preprocessing technique for encrypting data to protect against brute-force attacks, and have many applications in cryptography and information security. Later the unconditionally secure AONT and their combinatorial characterization were introduced by Stinson. Informally, a combinatorial AONT is an array with the unbiased requirements and its security properties in general depend on the prior probability distribution on the inputs s-tuples. Recently, it was shown by Esfahani and Stinson that a combinatorial AONT has perfect security provided that all the inputs s-tuples are equiprobable, and has weak security provided that all the inputs s-tuples are with non-zero probability. This paper aims to explore on the gap between perfect security and weak security for combinatorial (t, s, v)-AONTs. Concretely, we consider the typical scenario that all the s inputs take values independently (but not necessarily identically) and quantify the amount of information H(\textbackslashmathcalX\textbackslashmid \textbackslashmathcalY) about any t inputs \textbackslashmathcalX that is not revealed by any s−t outputs \textbackslashmathcalY. In particular, we establish the general lower and upper bounds on H(\textbackslashmathcalX\textbackslashmid \textbackslashmathcalY) for combinatorial AONTs using information-theoretic techniques, and also show that the derived bounds can be attained in certain cases.

The Personnel Management Information System is managed by the Personnel and Human Resources Development Agency on local government office to provide personnel services. The existence of a system and information technology can help ongoing business processes but can have an impact or risk if the proper mitigation is not carried out. It is known that the problems are damage to databases, servers, and computer equipment due to bad weather, network connections being lost due to power outages, data loss due to not having backup data, and human error. This resulted in PMIS being inaccessible for some time, thus hampering ongoing business processes and causing financial losses. This study aims to identify risks, conduct a risk assessment using the failure mode and effects analysis (FMEA) method, and provide mitigation recommendations based on the ISO/IEC 27002:2013 standard. The analysis results obtained 50 failure modes categorized into five asset categories, and six failure modes have a high level. Then provide mitigation recommendations based on the ISO/IEC 27002:2013 Standard, which has been adapted to the needs of Human Resources Development Agency. Thus, the results of this study are expected to assist and serve as material for local office government's consideration in making improvements and security controls to avoid emerging threats to information assets.

The burglary of a safe in the city of Jombang, East Java, lost valuables belonging to the Cemerlang Multipurpose Trading Cooperative. Therefore, a security system tool was created in the safe that serves as a place to store valuables and important assets. Change the security system using the security system with a private unique method with modulo arithmetic pattern. The security system of the safe is designed in layers which are attached with the RFID tag by registering and then verifying it on the card. Entering the password on the card cannot be read or is not performed, then the system will refuse to open it. arduino mega type 256 components, RFID tag is attached to the RFID reader, only one validated passive tag can open access to the security system, namely number B9 20 E3 0F. Meanwhile, of the ten passwords entered, only three match the modulo arithmetic format and can open the security system, namely password numbers 22540, 51324 and 91032. The circuit system on the transistor in the solenoid driver circuit works after the safety system opens. The servo motor can rotate according to the input of the open 900 servo angle rotation program.

Software quality assurance (SQA) is a means and practice of monitoring the software engineering processes and methods used in a project to ensure proper quality of the software. It encompasses the entire software development life-cycle, including requirements engineering, software design, coding, source code reviews, software configuration management, testing , release management, software deployment and software integration. It is organized into goals, commitments, abilities, activities, measurements, verification and validation. In this talk, we will mainly focus on the testing activity part of the software development life-cycle. Its main objective is checking that software is satisfying a set of quality properties that are identified by the "ISO/IEC 25010:2011 System and Software Quality Model" standard [1] .

Supervisory Control and Data Acquisition (SCADA) systems are used to control and monitor components within the energy grid, playing a significant role in the stability of the system. As a part of critical infrastructures, components in these systems have to fulfill a variety of different requirements regarding their dependability and must also undergo strict audit procedures in order to comply with all relevant standards. This results in a slow adoption of new functionalities. Due to the emerged threat of cyberattacks against critical infrastructures, extensive security measures are needed within these systems to protect them from adversaries and ensure a stable operation. In this work, a solution is proposed to integrate extensive security measures into current systems. By deploying additional security-gateways into the communication path between two nodes, security features can be integrated transparently for the existing components. The developed security-gateway is compliant to all regulatory requirements and features an internal architecture based on the separation-of-concerns principle to increase its security and longevity. The viability of the proposed solution has been verified in different scenarios, consisting of realistic field tests, security penetration tests and various performance evaluations.

Cyber-Physical Systems (CPS) have a physical part that can interact with sensors and actuators. The data that is read from sensors and the one generated to drive actuators is crucial for the correct operation of this class of devices. Most implementations trust the data being read from sensors and the outputted data to actuators. Real-time validation of the input and output of data for any system is crucial for the safety of its operation. This paper proposes an architecture for handling this issue through smart data guards detached from sensors and controllers and acting solely on the data. This mitigates potential issues of malfunctioning sensors and intentional sensor and controller attacks. The data guards understand the expected data, can detect anomalies and can correct them in real-time. This approach adds more guarantees for fault-tolerant behavior in the presence of attacks and sensor failures.

Sentiment Analysis (SA) is an approach for detecting subjective information such as thoughts, outlooks, reactions, and emotional state. The majority of previous SA work treats it as a text-classification problem that requires labelled input to train the model. However, obtaining a tagged dataset is difficult. We will have to do it by hand the majority of the time. Another concern is that the absence of sufficient cross-domain portability creates challenging situation to reuse same-labelled data across applications. As a result, we will have to manually classify data for each domain. This research work applies sentiment analysis to evaluate the entire vaccine twitter dataset. The work involves the lexicon analysis using NLP libraries like neattext, textblob and multi class classification using BERT. This word evaluates and compares the results of the machine learning algorithms.

The robustness of supply chain networks (SCNs) against sequential topology attacks is significant for maintaining firm relationships and activities. Although SCNs have experienced many emergencies demonstrating that mixed failures exacerbate the impact of cascading failures, existing studies of sequential attacks rarely consider the influence of mixed failure modes on cascading failures. In this paper, a reinforcement learning (RL)-based sequential attack strategy is applied to SCNs with cascading failures that consider mixed failure modes. To solve the large state space search problem in SCNs, a deep Q-network (DQN) optimization framework combining deep neural networks (DNNs) and RL is proposed to extract features of state space. Then, it is compared with the traditional random-based, degree-based, and load-based sequential attack strategies. Simulation results on Barabasi-Albert (BA), Erdos-Renyi (ER), and Watts-Strogatz (WS) networks show that the proposed RL-based sequential attack strategy outperforms three existing sequential attack strategies. It can trigger cascading failures with greater influence. This work provides insights for effectively reducing failure propagation and improving the robustness of SCNs.

Emerging safety-critical systems require high-performance data-parallel architectures and, problematically, ones that can guarantee tight and safe worst-case execution times. Given the complexity of existing architectures like GPUs, it is unlikely that sufficiently accurate models and algorithms for timing analysis will emerge in the foreseeable future. This motivates our work on Sim-D, a clean-slate approach to designing a real-time data-parallel architecture. Sim-D enforces a predictable execution model by isolating compute- and access resources in hardware. The DRAM controller uninterruptedly transfers tiles of data, requested by entire work-groups. This permits work-groups to be executed as a sequence of deterministic access- and compute phases, scheduling phases from up to two work-groups in parallel. Evaluation using a cycle-accurate timing model shows that Sim-D can achieve performance on par with an embedded-grade NVIDIA TK1 GPU under two conditions: applications refrain from using indirect DRAM transfers into large buffers, and Sim-D's scratchpads provide sufficient bandwidth. Sim-D's design facilitates derivation of safe WCET bounds that are tight within 12.7 percent on average, at an additional average performance penalty of \textbackslashsim∼9.2 percent caused by scheduling restrictions on phases.

The use of Virtual Machine (VM) migration as support for software rejuvenation was introduced more than a decade ago. Since then, several works have validated this approach from experimental and theoretical perspectives. Recently, some works shed light on the possibility of using the same technique as Moving Target Defense (MTD). However, to date, no work evaluated the availability and security levels while applying VM migration for both rejuvenation and MTD (multipurpose VM migration). In this paper, we conduct a comprehensive evaluation using Stochastic Petri Net (SPN) models to tackle this challenge. The evaluation covers the steady-state system availability, expected MTD protection, and related metrics of a system under time-based multipurpose VM migration. Results show that the availability and security improvement due to VM migration deployment surpasses 50% in the best scenarios. However, there is a trade-off between availability and security metrics, meaning that improving one implies compromising the other.

Wireless mesh networks are increasingly deployed as a flexible and low-cost alternative for providing wireless services for a variety of applications including community mesh networking, medical applications, and disaster ad hoc communications, sensor and IoT applications. However, challenges remain such as interference, contention, load imbalance, and congestion. To address these issues, previous work employ load adaptive routing based on load sensitive routing metrics. On the other hand, such approach does not immediately improve network performance because the load estimates used to choose routes are themselves affected by the resulting routing changes in a cyclical manner resulting to oscillation. Although this is not a new phenomenon and has been studied in wired networks, it has not been investigated extensively in wireless mesh and/or sensor networks. We present these instabilities and how they pose performance, security, and energy issues to these networks. Accordingly, we present a feedback-aware mapping system called FARM that handles these instabilities in a manner analogous to a control system with feedback control. Results show that FARM stabilizes routes that improves network performance in throughput, delay, energy efficiency, and security.

The Internet of Things (IoT) is rapidly evolving, allowing physical items to share information and coordinate with other nodes, increasing IoT’s value and being widely applied to various applications. Radio Frequency Identification (RFID) is usually used in IoT applications to automate item identification by establishing symmetrical communication between the tag device and the reader. Because RFID reading data is typically in plain text, a security mechanism is required to ensure that the reading results from this RFID data remain confidential. Researchers propose a lightweight encryption algorithm framework for IoT-based RFID applications to address this security issue. Furthermore, this research assesses the implementation of lightweight encryption algorithms, such as Grain v1 and Espresso, as two systems scenarios. The Grain v1 encryption is the final eSTREAM project that accepts an 80-bit key, 64-bit IV, and has a 160-bit internal state with limited application. In contrast, the Espresso algorithm has been implemented in various applications such as 5G wireless communication. Furthermore, this paper tested the performance of each encryption algorithm in the microcontroller and inspected the network performance in an IoT system.

This paper belongs to a sequence of manuscripts that discuss generic and easy-to-apply security metrics for Strong PUFs. These metrics cannot and shall not fully replace in-depth machine learning (ML) studies in the security assessment of Strong PUF candidates. But they can complement the latter, serve in initial PUF complexity analyses, and are much easier and more efficient to apply: They do not require detailed knowledge of various ML methods, substantial computation times, or the availability of an internal parametric model of the studied PUF. Our metrics also can be standardized particularly easily. This avoids the sometimes inconclusive or contradictory findings of existing ML-based security test, which may result from the usage of different or non-optimized ML algorithms and hyperparameters, differing hardware resources, or varying numbers of challenge-response pairs in the training phase.This first manuscript within the abovementioned sequence treats one of the conceptually most straightforward security metrics on that path: It investigates the effects that small perturbations in the PUF-challenges have on the resulting PUF-responses. We first develop and implement several sub-metrics that realize this approach in practice. We then empirically show that these metrics have surprising predictive power, and compare our obtained test scores with the known real-world security of several popular Strong PUF designs. The latter include (XOR) Arbiter PUFs, Feed-Forward Arbiter PUFs, and (XOR) Bistable Ring PUFs. Along the way, our manuscript also suggests techniques for representing the results of our metrics graphically, and for interpreting them in a meaningful manner.