Biblio

Whenever any internet user visits a website, a scripting language runs in the background known as JavaScript. The embedding of malicious activities within the script poses a great threat to the cyberworld. Attackers take advantage of the dynamic nature of the JavaScript and embed malicious code within the website to download malware and damage the host. JavaScript developers obfuscate the script to keep it shielded from getting detected by the malware detectors. In this paper, we propose a novel technique for analysing and detecting JavaScript using sandbox assisted ensemble model. We extract the payload using malware-jail sandbox to get the real script. Upon getting the extracted script, we analyse it to define the features that are needed for creating the dataset. We compute Pearson's r between every feature for feature extraction. An ensemble model consisting of Sequential Minimal Optimization (SMO), Voted Perceptron and AdaBoost algorithm is used with voting technique to detect malicious JavaScript. Experimental results show that our proposed model can detect obfuscated and de-obfuscated malicious JavaScript with an accuracy of 99.6% and 0.03s detection time. Our model performs better than other state-of-the-art models in terms of accuracy and least training and detection time.

In STOC 1988, Ben-Or, Goldwasser, and Wigderson (BGW) established an important milestone in the fields of cryptography and distributed computing by showing that every functionality can be computed with perfect (information-theoretic and error-free) security at the presence of an active (aka Byzantine) rushing adversary that controls up to n/3 of the parties. We study the round complexity of general secure multiparty computation in the BGW model. Our main result shows that every functionality can be realized in only four rounds of interaction, and that some functionalities cannot be computed in three rounds. This completely settles the round-complexity of perfect actively-secure optimally-resilient MPC, resolving a long line of research. Our lower-bound is based on a novel round-reduction technique that allows us to lift existing three-round lower-bounds for verifiable secret sharing to four-round lower-bounds for general MPC. To prove the upper-bound, we develop new round-efficient protocols for computing degree-2 functionalities over large fields, and establish the completeness of such functionalities. The latter result extends the recent completeness theorem of Applebaum, Brakerski and Tsabary (TCC 2018, Eurocrypt 2019) that was limited to the binary field.

The accelerated growth of computing technologies has provided interdisciplinary teams a platform for producing innovative research at an unprecedented speed. Advanced scientific cyberinfrastructures, in particular, provide data storage, applications, software, and other resources to facilitate the development of critical scientific discoveries. Users of these environments often rely on custom developed virtual machine (VM) images that are comprised of a diverse array of open source applications. These can include vulnerabilities undetectable by conventional vulnerability scanners. This research aims to identify the installed applications, their vulnerabilities, and how they vary across images in scientific cyberinfrastructure. We propose a novel unsupervised graph embedding framework that captures relationships between applications, as well as vulnerabilities identified on corresponding GitHub repositories. This embedding is used to cluster images with similar applications and vulnerabilities. We evaluate cluster quality using Silhouette, Calinski-Harabasz, and Davies-Bouldin indices, and application vulnerabilities through inspection of selected clusters. Results reveal that images pertaining to genomics research in our research testbed are at greater risk of high-severity shell spawning and data validation vulnerabilities.

Within a framework for verifying parametric network protocols through induction, one needs to find invariants based on a protocol instance of a small number of nodes. In this paper, we propose a new approach to accelerate parameterized verification by adopting decision trees to represent the state space of a protocol instance. Such trees can be considered as a knowledge base that summarizes all behaviors of the protocol instance. With this knowledge base, we are able to efficiently construct an oracle to effectively assess candidates of invariants of the protocol, which are suggested by an invariant finder. With the discovered invariants, a formal proof for the correctness of the protocol can be derived in the framework after proper generalization. The effectiveness of our method is demonstrated by experiments with typical benchmarks.

In this work, we examine the method of enabling computers to understand human interaction by constructing a generative conversational agent. An experimental approach in trying to apply the techniques of natural language processing using recurrent neural networks (RNNs) to emulate the concept of textual entailment or human reasoning is presented. To achieve this functionality, our experiment involves developing an integrated Long Short-Term Memory cell neural network (LSTM) system enhanced with an attention mechanism. The results achieved by the model are shown in terms of the number of epochs versus loss graphs as well as a brief illustration of the model's conversational capabilities.

Classification between machine-translated text and original text are often tokenized on vocabulary of the corpi. With N-grams larger than uni-gram, one can create a model that estimates a decision boundary based on word frequency probability distribution; however, this approach is exponentially expensive because of high dimensionality and sparsity. Instead, we let samples of the corpi be represented by part-of-speech tagging which is significantly less vocabulary. With less trigram permutations, we can create a model with its tri-gram frequency probability distribution. In this paper, we explore less conventional ways of approaching techniques for handling documents, dictionaries, and the likes.

Battery energy storage systems are facing risks of unreliable battery sensor data which might be caused by sensor faults in an embedded battery management system, communication failures, and even cyber-attacks. It is crucial to evaluate the trustworthiness of battery sensor data since inaccurate sensor data could lead to not only serious damages to battery energy storage systems, but also threaten the overall reliability of their applications (e.g., electric vehicles or power grids). This paper introduces a battery sensor data trust framework enabling detecting unreliable data using a deep learning algorithm. The proposed sensor data trust mechanism could potentially improve safety and reliability of the battery energy storage systems. The proposed deep learning-based battery sensor fault detection algorithm is validated by simulation studies using a convolutional neural network.

With the increasing scale of network, attacks against network emerge one after another, and security problems become increasingly prominent. Network intrusion detection system is a widely used and effective security means at present. In addition, with the development of machine learning technology, various intelligent intrusion detection algorithms also start to sprout. By flexibly combining these intelligent methods with intrusion detection technology, the comprehensive performance of intrusion detection can be improved, but the vulnerability of machine learning model in the adversarial environment can not be ignored. In this paper, we study the defense problem of network intrusion detection system against adversarial samples. More specifically, we design a defense algorithm for NIDS against adversarial samples by using bidirectional generative adversarial network. The generator learns the data distribution of normal samples during training, which is an implicit model reflecting the normal data distribution. After training, the adversarial sample detection module calculates the reconstruction error and the discriminator matching error of sample. Then, the adversarial samples are removed, which improves the robustness and accuracy of NIDS in the adversarial environment.

Conventional adversarial defenses reduce classification accuracy whether or not a model is under attacks. Moreover, most of image processing based defenses are defeated due to the problem of obfuscated gradients. In this paper, we propose a new adversarial defense which is a defensive transform for both training and test images inspired by perceptual image encryption methods. The proposed method utilizes a block-wise pixel shuffling method with a secret key. The experiments are carried out on both adaptive and non-adaptive maximum-norm bounded white-box attacks while considering obfuscated gradients. The results show that the proposed defense achieves high accuracy (91.55%) on clean images and (89.66%) on adversarial examples with noise distance of 8/255 on CFAR-10 dataset. Thus, the proposed defense outperforms state-of-the-art adversarial defenses including latent adversarial training, adversarial training and thermometer encoding.

More and more organizations are today using the cloud for their business as a quite convenient alternative to in-house solutions for storing, processing, and managing data. Cloud-based solutions are then permeating almost all aspects of business organizations, resulting appealing also for functions that, already in-house, may result sensitive or security critical, and whose enforcement in the cloud requires then particular care. In this paper, we provide an approach for securely relying on cloud-based services for the enforcement of Internal Controls and Audit (ICA) functions for corporate governance. Our approach is based on the use of selective encryption and of tags to provide a level of self-protection to data and for enabling only authorized parties to access data and perform operations on them, providing privacy and integrity guarantees, as well as accountability and non-repudiation.

In the northern gas fields, most data are transmitted via wireless networks, which requires special transmission security measures. Herewith, the gas field infrastructure dictates cybersecurity modules to not only meet standard requirements but also ensure reduced energy consumption. The paper discusses the issue of building such a module for a process control system based on the RTP-04M recorder operating in conjunction with an Android-based mobile device. The software options used for the RSA and Diffie-Hellman data encryption and decryption algorithms on both the RTP-04M and the Android-based mobile device sides in the Keil μVision4 and Android Studio software environments, respectively, have shown that the Diffie-Hellman algorithm is preferable. It provides significant savings in RAM and CPU resources and power consumption of the recorder. In terms of energy efficiency, the implemented programs have been analyzed in the Android Studio (Android Profiler) and Simplicity Studio (Advanced Energy Monitor) environments. The integration of this module into the existing software will improve the field's PCS cybersecurity level due to protecting data transmitted from third-party attacks.

Malware is a kind of software that, if installed on a malware victim's device, might carry malicious actions. The malicious actions might be data theft, system failure, or denial of service. Malware analysis is a process to identify whether a piece of software is a malware or not. However, with the advancement of malware technologies, there are several evasion techniques that could be implemented by malware developers to prevent analysis, such as polymorphic and oligomorphic. Therefore, this research proposes an automatic malware detection system. In the system, the malware characteristics data were obtained through both static and dynamic analysis processes. Data from the analysis process were classified using Naive Bayes algorithm to identify whether the software is a malware or not. The process of identifying malware and benign files using the Naive Bayes machine learning method has an accuracy value of 93 percent for the detection process using static characteristics and 85 percent for detection through dynamic characteristics.

In this first paper of a two-part series, the harmonic plane decomposition is introduced, which is an extension of the vector-space decomposition. In multiphase electrical machines with variable phase-pole configurations, the vector-space decomposition leads to a varying numbers of vector spaces when changing the configuration. Consequently, the model and current control become discontinuous. The method in this paper is based on samples of each single slot currents, similarly to a discrete Fourier transformation in the space domain that accounts for the winding configuration. It unifies the Clarke transformation for all possible phase-pole configurations such that a fixed number of orthogonal harmonic planes are created, which facilitates the current control during reconfigurations. The presented method is not only limited to the modeling of multiphase electrical machines but all kinds of existing machines can be modeled. In the second part of this series, the harmonic plane decomposition will be completed for all types of machine configurations.

The article presents a proposal for implementing asymmetric cryptography, specifically the elliptic curves for the protection of high-speed data transmission in a corporate network created on the platform of PLC (Power Line Communications). The solution uses an open-source software library OpenSSL. As part of the design, an experimental workplace was set up, a DHCP and FTP server was established. The possibility of encryption with the selected own elliptic curve from the OpenSSL library was tested so that key pairs (public and private keys) were generated using a software tool. A shared secret was created between communication participants and subsequently, data encryption and decryption were performed.

The number of Mobile device users in the word has evolved rapidly. Many internet users currently want to connect the internet for all utilities automatically. One of the technologies in the IPv6 network, which supports data access from moving users, is IPv6 Mobile protocol. In its mobility, the users on a range of networks can move the range to another network. High demand for this technology will interest to a hacker or a cracker to carry out an attack. One of them is a DoS attack that compromises a target to denial its services. A firewall is usually used to protect networks from external attacks. However, since the firewall based on the attacker database, the unknown may not be detected. In order to address the obstacle, a detection tool could be used. In this research, IDS as an intrusion detection tool was integrated with a firewall to be implemented in IPv6 Mobile to stop the DoS attack. The results of some experiments showed that the integration system could block the attack at 0.9 s in Correspondent Node and 1.2 s in Home Agent. The blocked attack can decrease the network throughput up to 27.44% when a Mobile Node in Home Agent, 28,87% when the Mobile Node in a Foreign Network. The final result of the blocked attack is reducing the average CPU utilization up to 30.99%.

The reform of electricity marketization has bred multiple market agents. In order to maximize the total social benefits on the premise of ensuring the security of the system and taking into account the interests of multiple market agents, a bi-level optimal allocation model of distribution network with multiple agents participating is proposed. The upper level model considers the economic benefits of energy and service providers, which are mainly distributed power investors, energy storage operators and distribution companies. The lower level model considers end-user side economy and actively responds to demand management to ensure the highest user satisfaction. The K-means multi scenario analysis method is used to describe the time series characteristics of wind power, photovoltaic power and load. The particle swarm optimization (PSO) algorithm is used to solve the bi-level model, and IEEE33 node system is used to verify that the model can effectively consider the interests of multiple agents while ensuring the security of the system.

Today, the Internet covers worldwide. All over the world, people prefer an E-commerce platform to buy or sell their products. Therefore, cybercrime has become the center of attraction for cyber attackers in cyberspace. Phishing is one such technique where the unidentified structure of the Internet has been used by attackers/criminals that intend to deceive users with the use of the illusory website and emails for obtaining their credentials (like account numbers, passwords, and PINs). Consequently, the identification of a phishing or legitimate web page is a challenging issue due to its semantic structure. In this paper, a phishing detection system is implemented using deep learning techniques to prevent such attacks. The system works on URLs by applying a convolutional neural network (CNN) to detect the phishing webpage. In paper [19] the proposed model has achieved 97.98% accuracy whereas our proposed system achieved accuracy of 98.00% which is better than earlier model. This system doesn’t require any feature engineering as the CNN extract features from the URLs automatically through its hidden layers. This is other advantage of the proposed system over earlier reported in [19] as the feature engineering is a very time-consuming task.

The internal structure of the flexible-DC transformer is complicated and the lack of a reliable vibration calculation model limits the application of the vibration analysis method in the fault diagnosis of the flexible-DC transformer. In response to this problem, this paper analyzes the correlation between the vibration signals of multiple measuring points and establishes a ``black box'' model of transformer vibration detection. Using the correlation analysis of multiple measuring points and BP neural network, a ``black box'' model that simulates the internal vibration transmission relationship of the transformer is established. The vibration signal of the multiple measuring points can be used to calculate the vibration signal of the target measuring point under specific working conditions. This can provide effective information for fault diagnosis and judgment of the running status of the flexible-DC transformer.

Wireless Network-on-Chip (WNoC) broadly adopts single channel for low overhead data transmission. Sharing of the channel among multiple wireless interfaces (WIs) is controlled by a channel access mechanism (CAM). Such CAM can be malfunctioned by a Hardware Trojan (HT) in a malicious WI or a rogue third party intellectual property (IP) core present on the same System-on-Chip (SoC). This may result in denial-of-service (DoS) or spoofing in WNoC leading to starvation of healthy WIs and under-utilization of wireless channel. Our work demonstrates possible threat model on CAM and proposes low overhead decentralized countermeasures for both DoS and spoofing attacks in WNoC.

This paper presents a study and analysis of flux linkage performance on 12/8 pole doubly salient permanent magnet machine in square envelope conventional. Analyzed model was using a finite element method. The investigated model was constructed by changing the size of the structure as the main parameters of the speed 500 rpm, PM coercivity 910 kA/m, PM remanence 1.2 T, copper loss 30 W, turns per coil 45, and stator side length 100 mm. The study and analysis of flux linkage, induced voltage, and torque are also included in this paper.

As the world is moving towards industry 4.0, it is estimated that in the near future billions of IoT devices will be interconnected over the Internet. The open and heterogeneous nature of IoT environment makes it vulnerable to adversarial attacks. To maintain sustainability in IoT ecosystem, this paper evaluates some of the recent IoT schemes based on key security features i.e. authentication, confidentiality, trust etc. These schemes are classified according to three-layer IoT architecture. Based on our findings, some of these solutions are applicable at physical layer while others are at network, and application layers. However, none of these schemes can provide end-to-end solution for IoT environment. Therefore, our work provides a roadmap for future research directions in IoT domain to design robust security schemes for IoT environment, thus can achieve sustainability in IoT ecosystem.

Internet of Things (IoT) is a revolutionary expandable network which has brought many advantages, improving the Quality of Life (QoL) of individuals. However, IoT carries dangers, due to the fact that hackers have the ability to find security gaps in users' IoT devices, which are not still secure enough and hence, intrude into them for malicious activities. As a result, they can control many connected devices in an IoT network, turning IoT into Botnet of Things (BoT). In a botnet, hackers can launch several types of attacks, such as the well known attacks of Distributed Denial of Service (DDoS) and Man in the Middle (MitM), and/or spread various types of malicious software (malware) to the compromised devices of the IoT network. In this paper, we propose a novel hybrid Artificial Intelligence (AI)-powered honeynet for enhanced IoT botnet detection rate with the use of Cloud Computing (CC). This upcoming security mechanism makes use of Machine Learning (ML) techniques like the Logistic Regression (LR) in order to predict potential botnet existence. It can also be adopted by other conventional security architectures in order to intercept hackers the creation of large botnets for malicious actions.

Modern control flow attacks circumvent existing defense mechanisms to transfer the program control to attacker chosen malicious code in the program, leaving application vulnerable to attack. Advanced attacks such as Return-Oriented Programming (ROP) attack and its variants, transfer program execution to gadgets (code-snippet that ends with return instruction). The code space to generate gadgets is large and attacks using these gadgets are Turing-complete. One big challenge to harden the program against ROP attack is to confine gadget selection to a limited locations, thus leaving the attacker to search entire code space according to payload criteria. In this paper, we present a novel approach to label the nodes of the Control-Flow Graph (CFG) of a program such that labels of the nodes on a valid control flow edge satisfy a Hamming distance property. The newly encoded CFG enables detection of illegal control flow transitions during the runtime in the processor pipeline. Experimentally, we have demonstrated that the proposed Control Flow Integrity (CFI) implementation is effective against control-flow hijacking and the technique can reduce the search space of the ROP gadgets upto 99.28%. We have also validated our technique on seven applications from MiBench and the proposed labeling mechanism incurs no instruction count overhead while, on average, it increases instruction width to a maximum of 12.13%.

Most modern cloud and web services are programmatically accessed through REST APIs. This paper discusses how an attacker might compromise a service by exploiting vulnerabilities in its REST API. We introduce four security rules that capture desirable properties of REST APIs and services. We then show how a stateful REST API fuzzer can be extended with active property checkers that automatically test and detect violations of these rules. We discuss how to implement such checkers in a modular and efficient way. Using these checkers, we found new bugs in several deployed production Azure and Office365 cloud services, and we discuss their security implications. All these bugs have been fixed.

Wireless sensors are often deployed in environments where it is difficult for them to discern friend from enemy. An example case is a military tactical scenario, where sensors are deployed to map the location of an item but where some of the nodes have been compromised or where there are other malicious nodes present. In this scenario, sharing data with other network nodes may present a critical security risk to the sensor nodes. Blockchain technology, with its ability to house a secure distributed ledger, offers a possible solution. However, blockchain applications for Wireless Sensor Networks suffer from poor latency in block propagation which in turn decreases throughput and network scalability. Several researchers have proposed solutions for improved network throughput. In this work, a comparison of these existing works is performed leading to a taxonomy of existing algorithms. Characteristics consistently found in algorithms reporting improved throughput are presented and, later, these characteristics are used in the development of a new algorithm for improving throughput. The proposed algorithm utilizes a proof-of- authority consensus algorithm with a node trust-based scheme. The proposed algorithm shows strong results over the base case algorithm and was evaluated with blockchain network simulations of up to 20000 nodes.