Biblio

Security of physical layer key generation is based on the randomness and reciprocity of wireless fading channel, which has attracted more and more attention in recent years. This paper proposes a rate adaptive key agreement scheme and utilizes the received signal strength (RSS) of the channel between two wireless devices to generate the key. In conventional information reconciliation process, the bit inconsistency rate is usually eliminated by using the filter method, which increases the possibility of exposing the generated key bit string. Building on the strengths of existing secret key extraction approaches, this paper develops a scheme that uses Reed-Solomon (RS) codes, one of forward error correction channel codes, for information reconciliation. Owing to strong error correction performance of RS codes, the proposed scheme can solve the problem of inconsistent key bit string in the process of channel sensing. At the same time, the composition of RS codes can help the scheme realize rate adaptation well due to the construction principle of error correction code, which can freely control the code rate and achieve the reconciliation method of different key bit string length. Through experiments, we find that when the number of inconsistent key bits is not greater than the maximum error correction number of RS codes, it can well meet the purpose of reconciliation.

Internet of Things (IoT) networks are often attacked to compromise the security and privacy of application data and disrupt the services offered by them. The attacks are being launched at different layers of IoT protocol stack by exploiting their inherent weaknesses. Forensic investigations need substantial artifacts and datasets to support the decisions taken during analysis and while attributing the attack to the adversary. Network provenance plays a crucial role in establishing the relationships between network entities. Hence IoT networks can be made forensic ready so that network provenance may be collected to help in constructing these artifacts. The paper proposes Ready-IoT, a novel forensic readiness model for IoT environment to collect provenance from the network which comprises of both network parameters and traffic. A link layer dataset, Link-IoT Dataset is also generated by querying provenance graphs. Finally, Link-IoT dataset is compared with other IoT datasets to draw a line of difference and applicability to IoT environments. We believe that the proposed features have the potential to detect the attacks performed on the IoT network.

In recent times, attackers are continuously developing advanced techniques for evading security, stealing personal financial data, Intellectual Property (IP) and sensitive information. These attacks often employ multiple attack vectors for gaining initial access to the systems. Analysts are often challenged to identify malware objective, initial attack vectors, attack propagation, evading techniques, protective mechanisms and unseen techniques. Most of these attacks are frequently referred to as Multi stage attacks and pose a grave threat to organizations, individuals and the government. Early multistage attack detection is a crucial measure to counter malware and deactivate it. Most traditional security solutions use signature-based detection, which frequently fails to thwart zero-day attacks. Manual analysis of these samples requires enormous effort for effectively counter exponential growth of malware samples. In this paper, we present a novel approach leveraging Machine Learning and MITRE Adversary Tactic Technique and Common knowledge (ATT&CK) framework for early multistage attack detection in real time. Firstly, we have developed a run-time engine that receives notification while malicious executable is downloaded via browser or a launch of a new process in the system. Upon notification, the engine extracts the features from static executable for learning if the executable is malicious. Secondly, we use the MITRE ATT&CK framework, evolved based on the real-world observations of the cyber attacks, that best describes the multistage attack with respect to the adversary Tactics, Techniques and Procedure (TTP) for detecting the malicious executable as well as predict the stages that the malware executes during the attack. Lastly, we propose a real-time system that combines both these techniques for early multistage attack detection. The proposed model has been tested on 6000 unpacked malware samples and it achieves 98 % accuracy. The other major contribution in this paper is identifying the Windows API calls for each of the adversary techniques based on the MITRE ATT&CK.

Autonomous cyber-physical systems (CPS) are susceptible to non-invasive physical attacks such as sensor spoofing attacks that are beyond the classical cybersecurity domain. These attacks have motivated numerous research efforts on attack detection, but little attention on what to do after detecting an attack. The importance of attack recovery is emphasized by the need to mitigate the attack’s impact on a system and restore it to continue functioning. There are only a few works addressing attack recovery, but they all rely on prior knowledge of system dynamics. To overcome this limitation, we propose Recovery-by-Learning, a data-driven attack recovery framework that restores CPS from sensor attacks. The framework leverages natural redundancy among heterogeneous sensors and historical data for attack recovery. Specially, the framework consists of two major components: state predictor and data checkpointer. First, the predictor is triggered to estimate systems states after the detection of an attack. We propose a deep learning-based prediction model that exploits the temporal correlation among heterogeneous sensors. Second, the checkpointer executes when no attack is detected. We propose a double sliding window based checkpointing protocol to remove compromised data and keep trustful data as input to the state predictor. Third, we implement and evaluate the effectiveness of our framework using a realistic data set and a ground vehicle simulator. The results show that our method restores a system to continue functioning in presence of sensor attacks.

With the continuous emergence of cloud computing technology, cloud infrastructure software will become the mainstream application model in the future. Among the databases, relational databases occupy the largest market share. Therefore, the relational cloud database will be the main product of the combination of database technology and cloud computing technology, and will become an important branch of the database industry. This article explores the establishment of an evaluation system framework for relational databases, helping enterprises to select relational cloud database products according to a clear goal and path. This article can help enterprises complete the landing of relational cloud database projects.

Demand-side management (DSM) plays a significant function in the smart distribution system to make informed decisions from both the consumer and supplier side with regards to energy consumption to redesign the load profile and to decrease the peak load demand. This study extensively reviews the demand-side management (DSM) strategies along with both demand response and energy efficiency policies. The major objective of this paper is to enumerate the relevant features responsible to strengthen the DSM effectively, particularly for residential energy demand and the limits to energy indicators. Secondly, the large untapped and hidden potential and the associated barriers to energy efficiency enhancement are focused and surveyed for formulating a better number of potential policy responses. This further explores the portfolio approach with bundled strategies to reflect on the power market through enhancing the strength of individual residential measures through complementary policies to reduce the weaknesses. This concludes at last with the findings of possible holistic measures related to various approaches and attributes findings that reinforce the DSM strategies to enhance energy management and cost-effectiveness. Apart from that the architecture, formulation of optimization problems, and various approaches are presented to help the readers to develop research in this direction to maximize the total system peak demand, overall load factor, and utility revenue with the minimized customer electric bill.

Existing works indicate that Spiking Neural Networks (SNNs) are resilient to adversarial attacks by testing against few attack models. This paper studies adversarial attacks on SNNs using additional attack models and shows that SNNs are not inherently robust against many few-pixel L0 black-box attacks. Additionally, a method to defend against such attacks in SNNs is presented. The SNNs and the effects of adversarial attacks are tested on both software simulators as well as on SpiNNaker neuromorphic hardware.

{On considering workplace thefts as a major problem, there is a requirement of designing a vandal proof door hardware and locking mechanism for ensuring the security of our property. So the door lock system with extra security features with a user friendly cost is suggested in this paper. When a stranger comes at the door, he/she has to pass three security levels for unlocking the solenoid locks present at the door and if he fails to do so, the door will remain locked. These three levels are of three extraordinary security features as one of them is using Fingerprint sensor, second is using a knocking pattern, and the last lock is unlocked by the preset pin/pattern entered by the user. Since, in addition to these features, there is one more option for the case of appearing of guest at the door and that is the Image capturing using web-camera present at the door and here the owner of the house is able to unlock all the locks if he wants the guest to enter the home. This all will be monitored by Node MCU}.

The standard routing technique that was developed for satisfying low power IoT application needs is RPL which is a protocol in compliance with 6LoWPAN specification. RPL was created for addressing the issues and challenges of constrained and lossy network routing. However, RPL does not accomplish efficiency with respect to power and reliability altogether which are definitely needed in IoT applications. RPL runs on routing metrics and objective function which determines the optimal path in routing. This paper focuses on contributing a comprehensive survey on the improved objective functions proposed by several researchers for RPL. In addition, the paper concentrates on highlighting the strengths and shortcomings of the different approaches in designing the objective function. The approaches built on Fuzzy logic are found to be more efficient and the relevant works related to these are compared. Furthermore, we present the insights drawn from the survey and summarize the challenges which can be effectively utilized for future works.

The software industry is dominating many are like health care, finance, agriculture and entertainment. Software security has become an essential issue-outsider libraries, which assume a significant part in programming. The finding weaknesses in the binary code is a significant issue that presently cannot seem to be handled, as showed by numerous weaknesses wrote about an everyday schedule. Software seller sells the software to the client if the client wants to check the software's vulnerability it is a cumbersome task. Presently many deep learning-based methods also introduced to find the security weakness in the binary code. This paper present the merits and demerits of binary code analysis used by a different method.

This manuscript prescribes the design of a four-port ultra-wideband (UWB) diversity antenna combined with 2.4 GHz ISM radio band. The denim-based wearable antenna is intended for use as a radio frequency identification (RFID) tag for tracking and security applications. The unit cells of the antenna are arranged orthogonally to each other to achieve isolation \$\textbackslashtextbackslashgt15\$ dB. The bending analysis of the proposed antenna is performed to ensure its stability. The dimensions of the unit cell and four-port MIMO antenna are \$30 \textbackslashtextbackslashtimes 17 \textbackslashtextbackslashtimes 1\$ cubic millimeter and \$55 \textbackslashtextbackslashtimes 53 \textbackslashtextbackslashtimes 1\$ cubic millimeter, respectively. The proposed antenna’s specific absorption rate (SAR) is researched in order to determine the safer SAR limit set by the Federal Communications Commission (FCC).

New services and products are increasingly becoming integral parts of our daily lives rising our technological dependence, as well as our exposure to risks from cyber. Critical sectors such as transport are progressively depending on digital technologies to run their core operations and develop novel solutions to exploit the economic strengths of the European Union. However, despite the fact that the continuously increasing number of visitors, entering the European Union through land-border crossing points or seaports, brings tremendous economic benefits, novel border control solutions, such as mobile devices for passenger identification for land and sea border control, are essential to accurately identify passengers ``on the fly'' while ensuring their comfort. However, the highly confidential personal data managed by these devices makes them an attractive target for cyberattacks. Therefore, novel secure and usable user authentication mechanisms are required to increase the level of security of this kind of devices without interrupting border control activities. Towards this direction, we, firstly, discuss risk-based and adaptive authentication for mobile devices as a suitable approach to deal with the security vs. usability challenge. Besides that, a novel risk-based adaptive user authentication mechanism is proposed for mobile passenger identification devices used by border control officers at land and sea borders.

Due to its ability to detect many frequently occurring security vulnerabilities, taint analysis is one of the core static analyses used by many static application security testing (SAST) tools. Previous studies have identified issues that software developers face with SAST tools. This paper reports on our experience in building a configurable taint analysis tool, named SecuCheck, that runs in multiple integrated development environments. SecuCheck is built on top of multiple existing components and comes with a Java-internal domain-specific language fluentTQL for specifying taint-flows, designed for software developers. We evaluate the applicability of SecuCheck in detecting eleven taint-style vulnerabilities in microbench programs and three real-world Java applications with known vulnerabilities. Empirically, we identify factors that impact the runtime of SecuCheck.

Zero- Knowledge Proof is a cryptographic protocol exercised to render privacy and data security by securing the identity of users and using services anonymously. It finds numerous applications; authentication is one of them. A Zero-Knowledge Proof-based authentication system is discussed in this paper. Advanced Encryption Standard (AES) and Secure Remote Password (SRP) protocol have been used to design and build the ZKP based authentication system. SRP is a broadly used Password Authenticated Key Exchange (PAKE) protocol. The proposed method overcomes several drawbacks of traditional and commonly used authentication systems such as a simple username and plaintext password-based system, multi-factor authentication system and others.

Underwater Acoustic Networks (UANs) have long been recognized as an instrumental technology in various fields, from ocean monitoring to defense settings. Their security, though, has been scarcely investigated despite the strategic areas involved and the intrinsic vulnerability due to the broadcast nature of the wireless medium. In this work, we focus on attacks for which the attacker has partial or total knowledge of the network protocol stack. Our strategy uses a watchdog layer that allows upper layers to gather knowledge of overheard packets. In addition, a reputation system that is able to label nodes as trustful or suspicious is analyzed and evaluated via simulations. The proposed security mechanism has been implemented in the DESERT Underwater framework and a simulation study is conducted to validate the effectiveness of the proposed solution against resource exhaustion and sinkhole attacks.

The energy sector is facing increasing risks, mainly concerning fraudulent activities and cyberattacks. This paradigm shift in risks would require innovative solutions. This paper proposes an innovative architecture based on Distributed Ledger Technologies (Blockchain) and Triple Entry Accounting (X-Accounting). The proposed architecture focusing on new applications of payment and billing would improve accountability and compliance as well as security and reliability. Future research can extend this architecture to other energy technologies and systems like EMS/SCADA and associated applications.

The Internet of Things (IoT) paradigm, with its highly distributed and interconnected architecture, is gaining ground in Industry 4.0 and in critical infrastructures like the eHealth sector, the Smart Grid, Intelligent Power Plants and Smart Mobility. In these critical sectors, the preservation of metrological characteristics and their traceability is a strong legal requirement, just like cyber-security, since it offers the ground for liability. Any vulnerability in the system in which the metrological network is embedded can endanger human lives, the environment or entire economies. This paper presents a framework comprised of a methodology and some tools for the governance of the metrological chain. The proposed methodology combines the RAMI 4.0 model, which is a Reference Architecture used in the field of Industrial Internet of Things (IIoT), with the the Reference Model for Information Assurance & Security (RMIAS), a framework employed to guarantee information assurance and security, merging them with the well established paradigms to preserve calibration and referability of metrological instruments. Thus, metrological traceability and cyber-security are taken into account straight from design time, providing a conceptual space to achieve security by design and to support the maintenance of the metrological chain over the entire system lifecycle. The framework lends itself to be completely automatized with Model Checking to support automatic detection of non conformity and anomalies at run time.

Cyber-physical systems are used in many areas of human life. But people do not pay enough attention to ensuring the security of these systems. As a result of the resulting security gaps, an attacker can launch an attack, not only shutting down the system, but also having some negative impact on the environment. The article examines denial of service attacks in ad-hoc networks, conducts experiments and considers the consequences of their successful execution. As a result of the research, it was determined that an attack can be detected by changes in transmitted traffic and processor load. The cyber-physical system operates on stable algorithms, and even if legal changes occur, they can be easily distinguished from those caused by the attack. The article shows that the use of statistical methods for analyzing traffic and other parameters can be justified for detecting an attack. This study shows that each attack affects traffic in its own way and creates unique patterns of behavior change. The experiments were carried out according to methodology with changings in the intensity of the attacks, with a change in normal behavior. The results of this study can further be used to implement a system for detecting attacks on cyber-physical systems. The collected datasets can be used to train the neural network.

The advancement of technology in the creation of new tools to solve problems such as information storage generates proportionally developing methods that search for security flaws or breaches that compromise said information. The need to periodically generate security reports on database managers is given by the complexity and number of attacks that can be carried out today. This project seeks to carry out an evaluation of the security of NoSQL database managers. The work methodology is developed according to the order of the objectives, it begins by synthesizing the types of vulnerabilities, attacks and protection schemes limited to MongoDB, Redis and Apache Cassandra. Once established, a prototype of a web system that stores information with a non-relational database will be designed on which a series of attacks defined by a test plan will be applied seeking to add, consult, modify or eliminate information. Finally, a report will be presented that sets out the attacks carried out, the way in which they were applied, the results, possible countermeasures, security advantages and disadvantages for each manager and the conclusions obtained. Thus, it is possible to select which tool is more convenient to use for a person or organization in a particular case. The results showed that MongoDB is more vulnerable to NoSQL injection attacks, Redis is more vulnerable to attacks registered in the CVE and that Cassandra is more complex to use but is less vulnerable.

We investigate cognitive radio networks where the unlicensed sender operates in the overlay mode to relay the information of the licensed transmitter as well as send its individual information. To secure information broadcasted by the unlicensed sender against the wire-tapper, we invoke jammers to limit eavesdropping. Also, to exploit efficiently radio frequency energy in licensed signals, we propose the unlicensed sender and all jammers to scavenge this energy source. To assess the security measures of both licensed and unlicensed networks, we first derive rigorous closed-form formulas of licensed/unlicensed secrecy outage probabilities. Next, we validate these formulas with Monte-Carlo simulations before using them to achieve insights into the security capability of the proposed jamming-aided energy harvesting cognitive radio networks in crucial system parameters.

This paper presents an IoT enabled real time occupancy semantic search system leveraging ETSI defined context information and interface meta model standard- ``Next Generation Service Interface for Linked Data'' (NGSI-LD). It facilitates interoperability, integration and federation of information exchange related to spatial infrastructure among geo-distributed deployed IoT entities, different stakeholders, and process domains. This system, in the presented use case, solves the problem of adhoc booking of meetings in real time through semantic discovery of spatial data and metadata related to room occupancy and thus enables optimum utilization of spatial infrastructure in university campuses. Therefore, the proposed system has the capability to save on effort, cost and productivity in institutional spatial management contexts in the longer run and as well provide a new enriched user experience in smart public buildings. Additionally, the system empowers different stakeholders to plan, forecast and fulfill their spatial infrastructure requirements through semantic data search analysis and real time data driven planning. The initial performance results of the system have shown quick response enabled semantic discovery of data and metadata (textless2 seconds mostly). The proposed system would be a steppingstone towards smart management of spatial infrastructure which offers scalability, federation, vendor agnostic ecosystem, seamless interoperability and integration and security by design. The proposed system provides the fundamental work for its extension and potential in relevant spatial domains of the future.

In recent years, cyber attackers are targeting the power system and imposing different damages to the national economy and public safety. False Data Injection Attack (FDIA) is one of the main types of Cyber-Physical attacks that adversaries can manipulate power system measurements and modify system data. Consequently, it may result in incorrect decision-making and control operations and lead to devastating effects. In this paper, we propose a two-stage detection method. In the first step, Gated Recurrent Unit (GRU), as a deep learning algorithm, is employed to forecast the data for the future horizon. Meanwhile, hyperparameter optimization is implemented to find the optimum parameters (i.e., number of layers, epoch, batch size, β1, β2, etc.) in the supervised learning process. In the second step, an unsupervised scoring algorithm is employed to find the sequences of false data. Furthermore, two penalty factors are defined to prevent the objective function from greedy behavior. We assess the capability of the proposed false data detection method through simulation studies on a real-world data set (ComEd. dataset, Northern Illinois, USA). The results demonstrate that the proposed method can detect different types of attacks, i.e., scaling, simple ramp, professional ramp, and random attacks, with good performance metrics (i.e., recall, precision, F1 Score). Furthermore, the proposed deep learning method can mitigate false data with the estimated true values.

With the continuous development of edge computing, the application scope of mobile crowdsourcing (MCS) is constantly increasing. The distributed nature of edge computing can transmit data at the edge of processing to meet the needs of low latency. The trustworthiness of the third-party platform will affect the level of privacy protection, because managers of the platform may disclose the information of workers. Anonymous servers also belong to third-party platforms. For unreal third-party platforms, this paper recommends that workers first use the localized differential privacy mechanism to interfere with the real location information, and then upload it to an anonymous server to request services, called the localized differential anonymous privacy protection mechanism (LDNP). The two privacy protection mechanisms further enhance privacy protection, but exacerbate the loss of service quality. Therefore, this paper proposes to give corresponding compensation based on the authenticity of the location information uploaded by workers, so as to encourage more workers to upload real location information. Through comparative experiments on real data, the LDNP algorithm not only protects the location privacy of workers, but also maintains the availability of data. The simulation experiment verifies the effectiveness of the incentive mechanism.

The intelligent cyber-physical system (CPS) has been applied in various fields, covering multiple critical infras-tructures and human daily life support areas. CPS Security is a major concern and of critical importance, especially the security of the intelligent control component. Side-channel analysis (SCA) is the common threat exploiting the weaknesses in system operation to extract information of the intelligent CPS. However, existing literature lacks the systematic theo-retical analysis of the side-channel attacks on the intelligent CPS, without the ability to quantify and measure the leaked information. To address these issues, we propose the SCA-based model extraction attack on intelligent CPS. First, we design an efficient and novel SCA-based model extraction framework, including the threat model, hierarchical attack process, and the multiple micro-space parallel search enabled weight extraction algorithm. Secondly, an information theory-empowered analy-sis model for side-channel attacks on intelligent CPS is built. We propose a mutual information-based quantification method and derive the capacity of side-channel attacks on intelligent CPS, formulating the amount of information leakage through side channels. Thirdly, we develop the theoretical bounds of the leaked information over multiple attack queries based on the data processing inequality and properties of entropy. These convergence bounds provide theoretical means to estimate the amount of information leaked. Finally, experimental evaluation, including real-world experiments, demonstrates the effective-ness of the proposed SCA-based model extraction algorithm and the information theory-based analysis method in intelligent CPS.

The course of operating system's labs usually fall behind the state of art technology. In this paper, we propose a Software Diversity-Assisted Defense (SDAD) lab based on software diversity, mainly targeting for students majoring in cyber security and computer science. This lab is consisted of multiple modules and covers most of the important concepts and principles in operating systems. Thus, the knowledge learned from the theoretical course will be deepened with the lab. For students majoring in cyber security, they can learn this new software diversity-based defense technology and understand how an exploit works from the attacker's side. The experiment is also quite stretchable, which can fit all level students.