Biblio

In this paper, we propose a multidimensional trust model for vehicular networks. Our model evaluates the trustworthiness of each vehicle using two main modes: 1) Direct Trust Computation DTC related to a direct connection between source and target nodes, 2) Indirect Trust Computation ITC related to indirectly communication between source and target nodes. The principal characteristics of this model are flexibility and high fault tolerance, thanks to an automatic trust scores assessment. In our extensive simulations, we use Total Cost Rate to affirm the performance of the proposed trust model.

In recent days cloud domain gains a lot of user attention in order to store and access the data from remote locations connected through the internet. As it is generally known that all the sensitive data come from remote locations will be stored in the centralized storage medium and then try to access the data from that centralized storage space controlled by the cloud server. It is facing a problem like there is no security for the data in terms of user authorization and data authentication from the centralized storage location. Hence, it is required to migrate for a new storage procedure like Decentralized storage of cloud data in which the systems that do not rely on a central authority, so that the collusion resistance can be avoided by maintaining a global identifier. Here, the term de-centralized access means granting multi authorities to control the access for providing more security for the sensitive data. The proposed research study attempts to develop a new scheme by adding a global identifier like Attribute Authority (AA) for providing access keys for the data users who wish to access the sensitive information from the cloud server. The proposed research work attempts to incorporate the composite order bilinear groups scheme for providing access facility for the data users and provide more security for the sensitive data. By conducting various experiments on the proposed model, the obtained result clearly tells that the proposed system is very efficient to access the data in a de-centralized manner by using a global identifier.

Modern IoT infrastructure consists of different sub-systems, devices, applications, platforms, varied connectivity protocols with distinct operating environments scattered across different subsystems within the whole network. Each of these subsystems of the global system has its peculiar computational and security challenges. A security loophole in one subsystem has a directly negative impact on the security of the whole system. The nature and intensity of recent cyber-attacks within IoT networks have increased in recent times. Blockchain technology promises several security benefits including a decentralized authentication mechanism that addresses almost readily the challenges with a centralized authentication mechanism that has the challenges of introducing a single point of failure that affects data and system availability anytime such systems are compromised. The different design specifications and the unique functional requirements for most IoT devices require a strong yet universal authentication mechanism for multimedia data that assures an additional security layer to IoT data. In this paper, the authors propose a decentralized authentication to validate data integrity at the IoT node level. The proposed mechanism guarantees integrity, privacy, and availability of IoT node data.

Nowadays, biometric-based authentication systems are widely used. This fact has led to increased attacks on biometric data of users. Therefore, biometric template protection is sure to keep the attention of researchers for the security of the authentication systems. Many previous works proposed the biometric template protection schemes by transforming the original biometric data into a secure domain, or establishing a cryptographic key with the use of biometric data. The main purpose was that fulfill the all three requirements: cancelability, security, and performance as many as possible. In this paper, using random projection merged with fuzzy commitment, we will introduce a hybrid scheme of biometric template protection. We try to limit their own drawbacks and take full advantages of these techniques at the same time. In addition, an analysis of non-invertibility property will be exercised with regards to the use of random projection aiming at enhancing the security of the system while preserving the discriminability of the original biometric template.

This paper reports high frequency surface acoustic wave (SAW) devices developed on Sc doped (30%) AlN on high resistivity Si for demonstrating surface acoustic wave – spin wave coupling. Enhanced Q-factors were found for both propagation modes – Rayleigh (4.7 GHz) and Sezawa (8 GHz). SAW/SW (spin wave) coupling is proven for two-ports SAW structures having a magnetostrictive layer of Ni between the two interdigitated transducers (IDTs). A decrease of 3.42 dB was observed in the amplitude of the transmission parameter, at resonance, when the magnetic field was applied. The angle between the applied magnetic field and the SAW propagation direction is π/4.

The promise of access to contextual expertise, advanced security tools and an increase in staff augmentation coupled with reduced computing costs has indisputably made cloud computing a computing platform of choice, so enticing that many organizations had to migrate some if not all their services to the cloud. Identity-management-as-a-service (IdMaaS), however, is still struggling to mature due to lack of trust. Lack of trust arises from losing control over the identity information (user credentials), identity management system as well as the underlying infrastructure, raising a fear of loss of confidentiality, integrity and availability of both the identities and the identity management system. This paper recognizes the need for a trust framework comprising of both the operational and technical Frameworks as a holistic approach towards enhancing trust in IdMaaS. To this end however, only the operational Framework will form the core of this paper. The success of IdMaaS will add to the suite of other matured identity management technologies, spoiling the would-be identity service consumers with a wide choice of identity management paradigms to pick from, at the same time opening entrepreneurial opportunities to cloud players.

Adhoc On-demand Distance Vector (AODV) is the well-known reactive routing protocol of Mobile Adhoc Network (MANET). Absence of security mechanism in AODV disturbs the routing because of misbehavior of attack and hence, degrades MANET's performance. Secure and efficient routing is a need of various commercial and non-commercial applications of MANET including military and war, disaster and earthquake, and riot control. This paper presents a design of important network layer attacks include black-hole (BH), gray-hole (GH) and worm-hole (WH) attacks. The performance analysis of AODV protocol is carried out under the influence of each designed attack by using the network simulator, NetSim. Simulation results show that, the network layer attacks affect packet delivery ability of AODV protocol with low energy consumption and in short time. Design of attacks helps to understand attack's behavior and hence, to develop security mechanism in AODV.

The security of the power grid is the first element of its operation. This paper aims at finding the vulnerability nodes in the power grid to prevent it from being destroyed. A novel comprehensive vulnerability index is proposed to the singleness of evaluation indicators for existing literature by integrating the power grid's topology information and operating state. Taking IEEE-118 as an example, the simulation analysis proves that the proposed vulnerability index has certain discriminative advantages and the best weighting factor is obtained through correlation analysis.

In this paper, we focus on Information-Centric Delay-Tolerant Network (ICDTN), which incorporates the communication paradigm of Information-Centric Networking (ICN) into Delay-Tolerant Networking (DTN). Conventional ICNs adopt a naming scheme that names the content with the content identifier. However, a past study proposed an alternative naming scheme that describes the name of content with the content descriptor. We believe that, in ICDTN, it is more suitable to utilize the approach using the content descriptor. In this paper, we therefore propose keyword-based ICDTN that resolves content requests and deliveries contents based on keywords, i.e., content descriptor, in the request and response messages.

Ever since Machine Learning as a Service emerges as a viable business that utilizes deep learning models to generate lucrative revenue, Intellectual Property Right (IPR) has become a major concern because these deep learning models can easily be replicated, shared, and re-distributed by any unauthorized third parties. To the best of our knowledge, one of the prominent deep learning models - Generative Adversarial Networks (GANs) which has been widely used to create photorealistic image are totally unprotected despite the existence of pioneering IPR protection methodology for Convolutional Neural Networks (CNNs). This paper therefore presents a complete protection framework in both black-box and white-box settings to enforce IPR protection on GANs. Empirically, we show that the proposed method does not compromise the original GANs performance (i.e. image generation, image super-resolution, style transfer), and at the same time, it is able to withstand both removal and ambiguity attacks against embedded watermarks. Codes are available at https://github.com/dingsheng-ong/ipr-gan.

The popularity of P2P (Peer-To-Peer) systems is increased tremendously due to massive increase in the Internet based applications. Initially, P2P systems were mainly designed for wired networks but today people are using more wireless networks and therefore these systems are gaining popularity. There are many wireless networks available today and WMNs (Wireless Mess Networks) are gaining popularity due to hybrid structure. People are using structured P2P systems-based applications within perimeter of a WMN. Structured P2P WMNs will assist the community to fetch the relevant information to accomplish their activities. There are inherent challenges in the structured P2P network and increased in wireless environment like WMNs. Structured P2P systems suffer from many challenges like lack of content availability, malicious content distribution, poor search scalability, free riding behaviour, white washing, lack of a robust trust model etc. Whereas, WMNs have limitations like mobility management, bandwidth constraint, limited battery power of user's devices, security, maintenance etc. in remote/ forward areas. We exploit the better possibility of content availability and search scalability in this paper. We propose replication schemes based on the popularity of content for structured P2P system applications in community based WMNs. The analysis of the performance shows that proposed scheme performs better than the existing replication scheme in different conditions.

Purpose: Determine the main theoretical aspects of managing the resilience of an industrial enterprise in conditions of uncertainty. Method: The static control methods include the technology of the matrix aggregate computer (MAC) and the R-lenses, and the dynamic control methods - the technology based on the 4x6 matrix model. All these methods are based on the results of the theory of fuzzy sets and soft computing. Result: A comparative analysis of the resilience of 82 largest industrial enterprises in five industry classes was carried out, R-lenses were constructed for these classes, and the main factors affecting the resilience of industrial companies were evaluated. Conclusions: The central problem points in assessing and ensuring the resilience of enterprises are: a) correct modeling of external disturbances; b) ensuring the statistical homogeneity of the source data array.

This paper presents a new framework for SATCOM jamming resiliency in the presence of a smart adversary jammer that can prioritize specific channels to attack with a non-uniform probability of distribution. We first develop a model and a defense action strategy based on a Markov decision process (MDP). We propose a greedy algorithm for the MDP-based defense algorithm's policy to optimize the expected user's immediate and future discounted rewards. Next, we remove the assumption that the user has specific information about the attacker's pattern and model. We develop a Q-learning algorithm-a reinforcement learning (RL) approach-to optimize the user's policy. We show that the Q-learning method provides an attractive defense strategy solution without explicit knowledge of the jammer's strategy. Computer simulation results show that the MDP-based defense strategies are very efficient; they offer a significant data rate advantage over the simple random hopping approach. Also, the proposed Q-learning performance can achieve close to the MDP approach without explicit knowledge of the jammer's strategy or attacking model.

Named Data Networking (NDN) is an emerging network architecture, which is built by keeping data as its pivotal point. The in-network cache, one of the important characteristics, makes data packets to be available from multiple locations on the Internet. Hence data access control and their enforcement mechanisms become even more critical in the NDNs. In this paper, we propose a novel encryption-based data access control scheme using Role-Based Encryption (RBE). The inheritance property of our scheme provides a natural way to achieve efficient data access control over hierarchical content. This in turn makes our scheme suitable for large scale real world content-centric applications and services such as Netflix. Further, the proposed scheme introduces an anonymous signature-based authentication mechanism to reject bogus data requests nearer to the source, thereby preventing them from entering the network. This in turn helps to mitigate better denial of service attacks. In addition, the signature mechanism supports unlinkability, which is essential to prevent leakages of individual user's access patterns. Another major feature of the proposed scheme is that it provides accountability of the Internet Service Providers (ISPs) using batch signature verification. Moreover, we have developed a transparent and secure dispute resolution and payment mechanism using smart-contract and blockchain technologies. We present a formal security analysis of our scheme to show it is provably secure against Chosen Plaintext Attacks. We also demonstrate that our scheme supports more functionalities than the existing schemes and its performance is better in terms of computation, communication and storage.

People are dependent on Trusted Third Party (TTP) administration based Centralized systems for content sharing having a deficit of security, faith, immutability, and clearness. This work has proposed a file-sharing environment based on Blockchain by clouting the Interplanetary File System (IPFS) and Public Key Infrastructure (PKI) systems, advantages for overcoming these troubles. The smart contract is implemented to control the access privilege and the modified version of IPFS software is utilized to enforce the predefined access-control list. An application framework on a secure decentralized file sharing system is presented in combination with IPFS and PKI to secure file sharing. PKI having public and private keys is used to enable encryption and decryption of every file transaction and authentication of identities through Metamask to cryptographically recognize account ownership in the Blockchain system. A gas consumption-based result analysis is done in the private Ethereum network and it attains transparency, security managed access, and quality of data indicating better efficacy of this work.

With the development in IC technology, testing the designs is becoming more and more complex. In the design, process testing consumes 60-80% of the time. The basic testing principle is providing the circuit under test (CUT) with input patterns, observing output responses, and comparing against the desired response called the golden response. As the density of the device are rising leads to difficulty in examining the sub-circuit of the chip. So, testing of design is becoming a time-consuming and costly process. Attaching additional logic to the circuit resolves the issue by testing itself. BIST is a relatively a design for testability technique to facilitate thorough testing of ICs and it comprises the test pattern generator, circuit under test, and output response analyzer. Quick diagnosis and very high fault coverage can be ensured by BIST. As complexity in the circuit is increasing, testing urges TPGs (Test Pattern Generators) to generate the test patterns for the CUT to sensitize the faults. TPGs are vulnerable to malicious activities such as scan-based side-channel attacks. Secret data saved on the chip can be extracted by an attacker by scanning out the test outcomes. These threats lead to the emergence of securing TPGs. This work demonstrates providing a secured test pattern generator for BIST circuits by locking the logic of TPG with a password or key generated by the key generation circuit. Only when the key is provided test patterns are generated. This provides versatile protection to TPG from malicious attacks such as scan-based side-channel attacks, Intellectual Property (IP) privacy, and IC overproduction.

An effective response against information security violations in the technical systems remains relevant challenge nowadays, when their number, complexity, and the level of possible losses are growing. The violation can be caused by the set of the intruder's consistent actions. In the area of countermeasure selection for a proactive and reactive response against security violations, there are a large number of techniques. The techniques based on graph models seem to be promising. These models allow representing the set of actions caused the violation. Their advantages include the ability to forecast violations for timely decision-making on the countermeasures, as well as the ability to analyze and consider the coverage of countermeasures in terms of steps caused the violation. The paper proposes and describes a decision support method for responding against information security violations in the technical systems based on the graph models, as well as the developed models, including the countermeasure model and the graph representing the set of actions caused the information security violation.

This position paper presents and illustrates the concept of security requirements as code – a novel approach to security requirements specification. The aspiration to minimize code duplication and maximize its reuse has always been driving the evolution of software development approaches. Object-Oriented programming (OOP) takes these approaches to the state in which the resulting code conceptually maps to the problem that the code is supposed to solve. People nowadays start learning to program in the primary school. On the other hand, requirements engineers still heavily rely on natural language based techniques to specify requirements. The key idea of this paper is: artifacts produced by the requirements process should be treated as input to the regular object-oriented analysis. Therefore, the contribution of this paper is the presentation of the major concepts for the security requirements as the code method that is illustrated with a real industry example from the VeriDevOps project.

With the rapid growth of data sharing through social media networks, determining relevant data items concerning a particular subject becomes paramount. We address the issue of establishing which images represent an event of interest through a semi-supervised learning technique. The method learns consistent and shared features related to an event (from a small set of examples) to propagate them to an unlabeled set. We investigate the behavior of five image feature representations considering low- and high-level features and their combinations. We evaluate the effectiveness of the feature embedding approach on five collected datasets from real-world events.

Thousands of people have lost their life by COVID-19 infection. Authorities have seen the calamities caused by the corona virus in China. So, when the trace of virus was found in India, the only possible way to stop the spread of the virus was to go into lockdown. In a country like India where a major part of the population depends on the daily wages, being in lockdown started affecting their life. People where tend to go out for getting the food items and other essentials, and this caused the spread of virus. Many were infected and many lost their life by this. Due to the pandemic, the whole world was affected and many people working in foreign countries lost their jobs as well. These people who came back to India caused further spread of the virus. The main reason for the spread is lack of hygiene and a proper system to monitor the symptoms. Even though our country was in lockdown for almost 6 months the number of COVID cases doesn't get diminished. It is not practical to extend the lockdown any further, and people have decided to live with the virus. But it is essential to take the necessary precautions while interacting with the society. Automated system for checking that all the COVID protocols are followed and early symptom identification before entering to a place are essential to stop the spread of the infection. This research work proposes a smart door system, which evaluates the COVID-19 risk factors and collects the data of person before entering into any place, thereby ensuring that non-infected people are only entering to the place and thus the spread of virus can be avoided.

Digital identity is the key to the evolving digital society and economy. Since the inception of digital identity, numerous Identity Management (IDM) systems have been developed to manage digital identity depending on the requirements of the individual and that of organisations. This evolution of IDM systems has provided an incremental process leading to the granting of control of identity ownership and personal data to its user, thus producing an IDM which is more user-centric with enhanced security and privacy. A recently promising IDM known as Self-Sovereign Identity (SSI) has the potential to provide this sovereignty to the identity owner. The Sovrin Network is an emerging SSI service utility enabling self-sovereign identity for all, therefore, its assessment has to be carefully considered with reference to its architecture, working, functionality, strengths and limitations. This paper presents an analysis of the Sovrin Network based on aforementioned features. Firstly, it presents the architecture and components of the Sovrin Network. Secondly, it illustrates the working of the Sovrin Network and performs a detailed analysis of its various functionalities and metrics. Finally, based on the detailed analysis, it presents the strengths and limitations of the Sovrin Network.

The security of Industrial Control Systems is of high importance as they play a critical role in uninterrupted services provided by Critical Infrastructure operators. Due to a large number of devices and their geographical distribution, Industrial Control Systems need efficient automatic cyber-attack detection and attribution methods, which suggests us AI-based approaches. This paper proposes a model called SteelEye based on Semi-Deep Learning for accurate detection and attribution of cyber-attacks at the application layer in industrial control systems. The proposed model depends on Bag of Features for accurate detection of cyber-attacks and utilizes Categorical Boosting as the base predictor for attack attribution. Empirical results demonstrate that SteelEye remarkably outperforms state-of-the-art cyber-attack detection and attribution methods in terms of accuracy, precision, recall, and Fl-score.

IT world is migrating towards utilizing cloud computing as an essential data storing and exchanging platform. With the amelioration of technology, a colossal amount of data is generating with time. Cloud computing provides an enormous data storage capacity with the flexibility of accessing it without the time and place restrictions with virtualized resources. Healthcare industries spawn intense amounts of data from various medical instruments and digital records of patients. To access data remotely from any geographical location, the healthcare industry is moving towards cloud computing. EHR and PHR are patient's digital records, which include sensitive information of patients. Apart from all the proficient service provided by cloud computing, security is a primary concern for various organizations. To address the security issue, several cryptographic techniques implemented by researchers worldwide. In this paper, a vigorous cryptographic method discussed which is implemented by combining DNA cryptography and Elliptic Curve Cryptography to protect sensitive data in the cloud.

In Social Aware Network (SAN) model, the elementary actions focus on investigating the attributes and behaviors of the customer. This analysis of customer attributes facilitate in the design of highly active and improved protocols. In specific, the recommender systems are highly vulnerable to the shilling attack. The recommender system provides the solution to solve the issues like information overload. Collaborative filtering based recommender systems are susceptible to shilling attack known as profile injection attacks. In the shilling attack, the malicious users bias the output of the system's recommendations by adding the fake profiles. The attacker exploits the customer reviews, customer ratings and fake data for the processing of recommendation level. It is essential to detect the shilling attack in the network for sustaining the reliability and fairness of the recommender systems. This article reviews the most prominent issues and challenges of shilling attack. This paper presents the literature survey which is contributed in focusing of shilling attack and also describes the merits and demerits with its evaluation metrics like attack detection accuracy, precision and recall along with different datasets used for identifying the shilling attack in SAN network.

In the context of Industrial Internet logo analysis, this paper analyzes the feasibility and outstanding advantages of the blockchain technology applied to supply chain data supervision combining the pain spots of traditional supply chain management system and the technical superiority. Although blockchain technology has uprooted some deep-entrenched problems of supply chain data management system, it brings new issues to government supervision in the meanwhile. Upon the analysis of current development and the new problems of blockchain-based supply chain data management system, a new parent-children blockchain-based supply chain data supervision system is proposed, which targets to overcome the dilemma faced by the governmental regulation of supply chain. Firstly, with the characteristics of blockchain including decentralization, non-tampering and non-repudiation, the system can solve the problem puzzling the traditional database about untruthful and unreliable data, and has advantages in managing supply chain and realizing product traceability. The authenticity and reliability of data on the chain also make it easier for the government to investigate and affix the responsibility of vicious incidents. At the same time, the system adopts the parent-children chain structure and the storage mode combining on-chain and off-chain resources to overcome the contradiction between information disclosure requirements of the government and privacy protection requirements of enterprises, which can better meet the needs of various users. Moreover, the application of smart contracts can replace a large number of the manual work like repetitive data analysis, which can make analysis results more accurate and avoid human failure.