Biblio

To decrease the IoT attack surface and provide protection against security threats such as introduction of fake IoT nodes and identity theft, IoT requires scalable device identity and authentication management. This work proposes a blockchain-based identity management approach with consensus authentication as a scalable solution for IoT device authentication management. The proposed approach relies on having a blockchain secure tamper proof ledger and a novel lightweight consensus-based identity authentication. The results show that the proposed decentralised authentication system is scalable as we increase number of nodes.

Recently, placing vehicles in the parking area is becoming a problem. A smart parking system is proposed to solve the problem. Most smart parking systems have a centralized system, wherein that type of system is at-risk of single-point failure that can affect the whole system. To overcome the weakness of the centralized system, the most popular mechanism that researchers proposed is blockchain. If there is no mechanism implemented in the blockchain to verify the authenticity of every transaction, then the system is not secure against impersonation attacks. This study combines blockchain mechanism with Ring Learning With Errors (RLWE) based digital signature for securing the scheme against impersonation and double-spending attacks. RLWE was first proposed by Lyubashevsky et al. This scheme is a development from the previous scheme Learning with Error or LWE.

Data poisoning is a type of adversarial attack on training data where an attacker manipulates a fraction of data to degrade the performance of machine learning model. There are several known defensive mechanisms for handling offline attacks, however defensive measures for online learning, where data points arrive sequentially, have not garnered similar interest. In this work, we propose a defense mechanism to minimize the degradation caused by the poisoned training data on a learner's model in an online setup. Our proposed method utilizes an influence function which is a classic technique in robust statistics. Further, we supplement it with the existing data sanitization methods for filtering out some of the poisoned data points. We study the effectiveness of our defense mechanism on multiple datasets and across multiple attack strategies against an online learner.

User privacy is an attractive and valuable task to the success of blockchain systems. However, user privacy protection's performance and data capacity have not been well studied in existing access control models of blockchain systems because of traceability and openness of the P2P network. This paper focuses on investigating performance and data capacity from a blockchain infrastructure perspective, which adds secondary encryption to shield confidential information in a non-invasive way. First, we propose an efficient asymmetric encryption scheme by combining homomorphic encryption and state-of-the-art multi-signature key aggregation to preserve privacy. Second, we use smart contracts and CA infrastructure to achieve attribute-based access control. Then, we use the non-interactive zero-knowledge proof scheme to achieve secondary confidentiality explicitly. Finally, experiments show our scheme succeeds better performance in data capacity and system than other schemes. This scheme improves availability and robust scalability, solves the problem of multi-signature key distribution and the unlinkability of transactions. Our scheme has established a sound security cross-chain system and privacy confidentiality mechanism and that has more excellent performance and higher system computing ability than other schemes.

A botnet is a new type of attack method developed and integrated on the basis of traditional malicious code such as network worms and backdoor tools, and it is extremely threatening. This course combines deep learning and neural network methods in machine learning methods to detect and classify the existence of botnets. This sample does not rely on any prior features, the final multi-class classification accuracy rate is higher than 98.7%, the effect is significant.

Software based scan diagnosis is the de facto method for debugging logic scan failures. Physical analysis success rate is high on dies diagnosed with maximum score, one symptom, one suspect and shorter net. This poses a limitation on maximum utilization of scan diagnosis data for PFA. There have been several attempts to combine dynamic fault isolation techniques with scan diagnosis results to enhance the utilization and success rate. However, it is not a feasible approach for foundry due to limited product design and test knowledge and hardware requirements such as probe card and tester. Suitable for a foundry, an enhanced diagnosis-driven analysis scheme was proposed in [1] that classifies the failures as frontend-of-line (FEOL) and backend-of-line (BEOL) improving the die selection process for PFA. In this paper, static NIR PEM and defect prediction approach are applied on dies that are already classified as FEOL and BEOL failures yet considered unsuitable for PFA due to low score, multiple symptoms, and suspects. Successful case studies are highlighted to showcase the effectiveness of using static NIR PEM as the next level screening process to further maximize the scan diagnosis data utilization.

Dielectric capacitors have attracted attention as energy storage devices that can achieve rapid charge and discharge. But the key to restricting its development is the low energy storage density of dielectric materials. Polyvinylidene fluoride (PVDF), as a polymer with high dielectric properties, is expected to improve the energy storage density of dielectric materials. In this work, the multilayer structure of PVDF ferroelectric polymer is designed, and the influence of the number of layers on the maximum polarization, remanent polarization, applied electric field and energy storage density of the dielectric material is studied. The final obtained double-layer PVDF obtained a discharge energy storage density of 10.6 J/cm3 and an efficiency of 49.1% at an electric field of 410 kV/mm; the three-layer PVDF obtained a discharge energy storage density of 11.0 J/cm3 and an efficiency of 37.2% at an electric field of 440 kV/mm.

As the effects of climate change are becoming more and more evident, the importance of improved situation awareness is also gaining more attention, both in the context of preventive environmental monitoring and in the context of acute crisis response. One important aspect of situation awareness is the correct and thorough monitoring of air pollutants. The monitoring is threatened by sensor faults, power or network failures, or other hazards leading to missing or incorrect data transmission. For this reason, in this work we propose two complementary approaches for predicting missing sensor data and a combined technique for detecting outliers. The proposed solution can enhance the performance of low-cost sensor systems, closing the gap of missing measurements due to network unavailability, detecting drift and outliers thus paving the way to its use as an alert system for reportable events. The techniques have been deployed and tested also in a low power microcontroller environment, verifying the suitability of such a computing power to perform the inference locally, leading the way to an edge implementation of a virtual sensor digital twin.

Securing cloud configurations is an elusive task, which is left up to system administrators who have to base their decisions on "trial and error" experimentations or by observing good practices (e.g., CIS Benchmarks). We propose a knowledge, AND/OR, graphs approach to model cloud deployment security objects and vulnerabilities. In this way, we can capture relationships between configurations, permissions (e.g., CAP\_SYS\_ADMIN), and security profiles (e.g., AppArmor and SecComp). Such an approach allows us to suggest alternative and safer configurations, support administrators in the study of what-if scenarios, and scale the analysis to large scale deployments. We present an initial validation and illustrate the approach with three real vulnerabilities from known sources.

The vertiginous technological advance related to globalization and the new digital era has led to the design of new techniques and tools that deal with the risks of technology and information. Terms such as "cybersecurity" stand out, which corresponds to that area of computer science that is responsible for the development and implementation of information protection mechanisms and technological infrastructure, in order to deal with cyberattacks. Phishing is a crime that uses social engineering and technical subterfuge to steal personal identity data and financial account credentials from users, representing a high economic and financial risk worldwide, both for individuals and for large organizations. The objective of this research is to determine the ways to prevent phishing, by analyzing the characteristics of this computer fraud, the various existing modalities and the main prevention strategies, in order to increase the knowledge of users about this. subject, highlighting the importance of adequate training that allows establishing efficient mechanisms to detect and block phishing.

Intelligent Environments (IEs) enrich the physical world by connecting it to software applications in order to increase user comfort, safety and efficiency. IEs are often supported by wireless networks of smart sensors and actuators, which offer multi-year battery life within small packages. However, existing radio mesh networks suffer from high latency, which precludes their use in many user interface systems such as real-time speech, touch or positioning. While recent advances in optical networks promise low end-to-end latency through symbol-synchronous transmission, current approaches are power hungry and therefore cannot be battery powered. We tackle this problem by introducing BoboLink, a mesh network that delivers low-power and low-latency optical networking through a combination of symbol-synchronous transmission and a novel wake-up technology. BoboLink delivers mesh-wide wake-up in 1.13ms, with a quiescent power consumption of 237µW. This enables building-wide human computer interfaces to be seamlessly delivered using wireless mesh networks for the first time.

Global cybersecurity threats have grown as a result of the evolving digital transformation. Cybercriminals have more opportunities as a result of digitization. Initially, cyberthreats take the form of phishing in order to gain confidential user credentials.As cyber-attacks get more sophisticated and sophisticated, the cybersecurity industry is faced with the problem of utilising cutting-edge technology and techniques to combat the ever-present hostile threats. Hackers use phishing to persuade customers to grant them access to a company’s digital assets and networks. As technology progressed, phishing attempts became more sophisticated, necessitating the development of tools to detect phishing.Machine learning is unsupervised one of the most powerful weapons in the fight against terrorist threats. The features used for phishing detection, as well as the approaches employed with machine learning, are discussed in this study.In this light, the study’s major goal is to propose a unique, robust ensemble machine learning model architecture that gives the highest prediction accuracy with the lowest error rate, while also recommending a few alternative robust machine learning models.Finally, the Random forest algorithm attained a maximum accuracy of 96.454 percent. But by implementing a hybrid model including the 3 classifiers- Decision Trees,Random forest, Gradient boosting classifiers, the accuracy increases to 98.4 percent.

Data Protection and Consenting Communication Mechanisms (DPCCMs) enable users to express their privacy decisions and manage their online consent. Thus, they can become a crucial means of protecting individuals' online privacy and agency, thereby replacing the current problematic practices such as “consent dialogues”. Based on an in-depth analysis of different DPCCMs, we propose an interdisciplinary set of factors that can be used for a comparison of such mechanisms. Moreover, we use the results from a qualitative expert study to identify some of the main multidisciplinary challenges that DPCCMs should address to become widely adopted data privacy mechanisms. We leverage both the factors and the challenges to compare two current open specifications, i.e. the Advanced Data Protection Control (ADPC) and the Global Privacy Control (GPC), and discuss future work.

With the rapid growth of wireless communication, sensor technology, and mobile computing, the ad hoc network has gained increasing attention from governments, corporations, and scientific research organisations. Ad hoc and sensor network security has become crucial. Malicious node identification, network resilience and survival, and trust models are among the security challenges discussed. The security of ad hoc networks is a key problem. In this paper, we'll look at a few security procedures and approaches that can be useful in keeping this network secure. We've compiled a list of all the ad networks' descriptions with explanations. Before presenting our conclusions from the examination of the literature, we went through various papers on the issue. The taxonomy diagram for the Ad-hoc Decentralized Network is the next item on the agenda. Security is one of the most significant challenges with an ad hoc network. In most cases, cyber-attackers will be able to connect to a wireless ad hoc network and, as a result, to the device if they reach within signal range. So, we moved on to a discussion of VANET, UAVs security issues discovered in the field. The outcomes of various ad hoc network methods were then summarised in the form tables. Furthermore, the Diffie Hellman Key Exchange is used to investigate strategies for improving ad-hoc network security and privacy in the next section, and a comparison of RSA with Diffie Hellman is also illustrated. This paper can be used as a guide and reference to provide readers with a broad knowledge of wireless ad hoc networks and how to deal with their security issues.

Worldwide, societies are rapidly becoming more connected, owing primarily to the growing number of intelligent things and smart applications (e.g, smart automobiles, smart wearable devices, etc.) These have occurred in tandem with the Internet Of Things, a new method of connecting the physical and virtual worlds. It is a new promising paradigm whereby every ‘thing’ can connect to anything via the Internet. However, with IoT systems being deployed even on large-scale, security concerns arise amongst other challenges. Hence the need to allocate appropriate protection of resources. The realization of secure IoT systems could only be accomplished with a comprehensive understanding of the particular needs of a specific system. How-ever, this paradigm lacks a proper and exhaustive classification of security requirements. This paper presents an approach towards understanding and classifying the security requirements of IoT devices. This effort is expected to play a role in designing cost-efficient and purposefully secured future IoT systems. During the coming up with and the classification of the requirements, We present a variety of set-ups and define possible attacks and threats within the scope of IoT. Considering the nature of IoT and security weaknesses as manifestations of unrealized security requirements, We put together possible attacks and threats in categories, assessed the existent IoT security requirements as seen in literature, added more in accordance with the applied domain of the IoT and then classified the security requirements. An IoT system can be secure, scalable, and flexible by following the proposed security requirement classification.

Due to the increasing complexity of modern hetero-geneous System-on-Chips (SoC) and the growing vulnerabilities, security risk assessment and quantification is required to measure the trustworthiness of a SoC. This paper describes a systematic approach to model the security risk of a system for malicious hardware attacks. The proposed method uses graph analysis to assess the impact of an attack and the Common Vulnerability Scoring System (CVSS) is used to quantify the security level of the system. To demonstrate the applicability of the proposed metric, we consider two open source SoC benchmarks with different architectures. The overall risk is calculated using the proposed metric by computing the exploitability and impact of attack on critical components of a SoC.

A new framework is presented in this paper for proving coding theorems for linear codes, where the systematic bits and the corresponding parity-check bits play different roles. Precisely, the noisy systematic bits are used to limit the list size of typical codewords, while the noisy parity-check bits are used to select from the list the maximum likelihood codeword. This new framework for linear codes allows that the systematic bits and the parity-check bits are transmitted in different ways and over different channels. In particular, this new framework unifies the source coding theorems and the channel coding theorems. With this framework, we prove that the Bernoulli generator matrix codes (BGMCs) are capacity-achieving over binary-input output symmetric (BIOS) channels and also entropy-achieving for Bernoulli sources.

For a long time, SQL injection has been considered one of the most serious security threats. NoSQL databases are becoming increasingly popular as big data and cloud computing technologies progress. NoSQL injection attacks are designed to take advantage of applications that employ NoSQL databases. NoSQL injections can be particularly harmful because they allow unrestricted code execution. In this paper we use supervised learning and natural language processing to construct a model to detect NoSQL injections. Our model is designed to work with MongoDB, CouchDB, CassandraDB, and Couchbase queries. Our model has achieved an F1 score of 0.95 as established by 10-fold cross validation.

Security attacks on sensor data can deceive a control system and force the physical plant to reach an unwanted and potentially dangerous state. Therefore, attack detection mechanisms are employed in cyber-physical control systems to detect ongoing attacks, the most prominent one being a threshold-based anomaly detection method called CUSUM. Literature defines the maximum impact of stealth attacks as the maximum deviation in the plant’s state that an undetectable attack can introduce, and formulates it as an optimization problem. This paper proposes an optimization-based attack with different saturation models, and it investigates how the attack duration significantly affects the impact of the attack on the state of the plant. We show that more dangerous attacks can be discovered when allowing saturation of the control system actuators. The proposed approach is compared with the geometric attack, showing how longer attack durations can lead to a greater impact of the attack while keeping the attack stealthy.

This paper proposes a novel approach for privacy preserving face recognition aimed to formally define a trade-off optimization criterion between data privacy and algorithm accuracy. In our methodology, real world face images are anonymized with Gaussian blurring for privacy preservation. The anonymized images are processed for face detection, face alignment, face representation, and face verification. The proposed methodology has been validated with a set of experiments on a well known dataset and three face recognition classifiers. The results demonstrate the effectiveness of our approach to correctly verify face images with different levels of privacy and results accuracy, and to maximize privacy with the least negative impact on face detection and face verification accuracy.

With the advent of technology and owing to mankind’s reliance on technology, it is of utmost importance to safeguard people’s data and their identity. Biometrics have for long played an important role in providing that layer of security ranging from small scale uses such as house locks to enterprises using them for confidentiality purposes. In this paper we will provide an insight into behavioral biometrics that rely on identifying and measuring human characteristics or behavior. We review different types of behavioral parameters such as keystroke dynamics, gait, footstep pressure signals and more.

Data leakage by employees is a matter of concern for companies and organizations today. Previous studies have shown that existing Data Leakage Protection (DLP) systems on the market, the more secure they are, the more intrusive and tedious they are to work with. This paper proposes and assesses the implementation of four technologies that enable the development of secure file systems for insider threat-focused, low-intrusive and user-transparent DLP tools. Two of these technologies are configurable features of the Windows operating system (Minifilters and Server Message Block), the other two are virtual file systems (VFS) Dokan and WinFsp, which mirror the real file system (RFS) allowing it to incorporate security techniques. In the assessment of the technologies, it was found that the implementation of VFS was very efficient and simple. WinFsp and Dokan presented a performance of 51% and 20% respectively, with respect to the performance of the operations in the RFS. This result may seem relatively low, but it should be taken into account that the calculation includes read and write encryption and decryption operations as appropriate for each prototype. Server Message Block (SMB) presented a low performance (3%) so it is not considered viable for a solution like this, while Minifilters present the best performance but require high programming knowledge for its evolution. The prototype presented in this paper and its strategy provides an acceptable level of comfort for the user, and a high level of security.

Ferroelectric capacitor memory devices with carbon-free Hf0.5Zr0.5O2 (HZO) ferroelectric films are fabricated and characterized. The HZO ferroelectric films are deposited by ALD at temperatures from 225 to 300°C, with HfCl4 and ZrCl4 as the precursors. Residual chlorine from the precursors is measured and studied systematically with various process temperatures. 10nm HZO films with optimal ALD growth temperature at 275°C exhibit remanent polarization of 25µC/cm2 and cycle endurance of 5×1011. Results will be compared with those from HZO films deposited with carbon containing metal-organic precursors.

We present a ternary source coding scheme in this paper, which is a special class of low density generator matrix (LDGM) codes. We prove that a ternary linear block LDGM code, whose generator matrix is randomly generated with each element independent and identically distributed, is universal for source coding in terms of the symbol-error rate (SER). To circumvent the high-complex maximum likelihood decoding, we introduce a special class of convolutional LDGM codes, called block Markov superposition transmission of repetition (BMST-R) codes, which are iteratively decodable by a sliding window algorithm. Then the presented BMST-R codes are applied to construct a tandem scheme for Gaussian source compression, where a dead-zone quantizer is introduced before the ternary source coding. The main advantages of this scheme are its universality and flexibility. The dead-zone quantizer can choose a proper quantization level according to the distortion requirement, while the LDGM codes can adapt the code rate to approach the entropy of the quantized sequence. Numerical results show that the proposed scheme performs well for ternary sources over a wide range of code rates and that the distortion introduced by quantization dominates provided that the code rate is slightly greater than the discrete entropy.

In recent times, the occurrence of malware attacks are increasing at an unprecedented rate. Particularly, the image-based malware attacks are spreading worldwide and many people get harmful malware-based images through the technique called steganography. In the existing system, only open malware and files from the internet can be identified. However, the image-based malware cannot be identified and detected. As a result, so many phishers make use of this technique and exploit the target. Social media platforms would be totally harmful to the users. To avoid these difficulties, Machine learning can be implemented to find the steganographic malware images (contents). The proposed methodology performs an automatic detection of malware and steganographic content by using Machine Learning. Steganography is used to hide messages from apparently innocuous media (e.g., images), and steganalysis is the approach used for detecting this malware. This research work proposes a machine learning (ML) approach to perform steganalysis. In the existing system, only open malware and files from the internet are identified but in the recent times many people get harmful malware-based images through the technique called steganography. Social media platforms would be totally harmful to the users. To avoid these difficulties, the proposed Machine learning has been developed to appropriately detect the steganographic malware images (contents). Father, the steganalysis method using machine learning has been developed for performing logistic classification. By using this, the users can avoid sharing the malware images in social media platforms like WhatsApp, Facebook without downloading it. It can be also used in all the photo-sharing sites such as google photos.