Biblio

A door enables you to enter a room without breaking through a wall. Also, a door enables you for privacy, environmental or security reasons. The problem statement which is the biometric system sometimes is sensitive and will not be able to sense the biological pattern of the employer’s fingerprint due to sweat and other factors. Next, people tend to misplace their key or RFID card. Apart from that, people tend to forget their pin number for a door lock. The objective of this paper is to present a secret knock intensity for door lock security system using Arduino and mobile. This project works by using a knock intensity and send the information to mobile application via wireless network to unlock or lock the door.

Vehicular Ad hoc Networks commonly abbreviated as VANETs, are an important component of MANET. VANET refers to the group of vehicles that are interlinked to one another through wireless network. Along with technology, comes the threats. Like other wireless networks, VANETs also are vulnerable to various security threats. Security in VANETs is a major issue that attracted many researchers and academicians. One small security breach can cause a big damage in case of VANETs as in this case human lives are involved. Intrusion Detection Systems (IDS) are employed in VANETs in order to detect and identify any malicious activity in the network. The IDS works by analysing the network and detecting any intrusions tried or made in the network so that proper steps could be taken timely to prevent damage from such activities. This paper reviews Intrusion Detection systems, classification of IDS based on various factors and then the architecture of IDS. We then reviewed some of the recent and important intrusion detection research works and then compared them with one another.

The risk of detecting incidents in the field of computer technology in Maritime transport is considered. The structure of the computer incident investigation system and its functions are given. The system of conducting investigations of computer incidents on sea transport is considered. A possible algorithm for investigating the incident using the tools of forensic science and an algorithm for transmitting the received data for further processing are presented.

In the context of the Industry 4.0 initiative, Cyber-Physical Production Systems (CPPS) or Cyber Manufacturing Systems (CMS) can be characterized as advanced networked mechatronic production systems gaining their added value by interaction with different systems using advanced communication technologies. Appropriate wired and wireless communication technologies and standards need to add timing in combination with security concepts to realize the potential improvements in the production process. One of these standards is IO-Link Wireless, which is used for sensor/actuator network operation. In this paper cryptographic performance and energy efficiency of an IO-Link Wireless Device are analyzed. The power consumption and the influence of the cryptographic operations on the trans-mission timing of the IO-Link Wireless protocol are exemplary measured employing a Phytec module based on a CC2650 system-on-chip (SoC) radio transceiver [2]. Confidentiality is considered in combination with the cryptographic performance as well as the energy efficiency. Different cryptographic algorithms are evaluated using the on chip hardware accelerator compared to a cryptographic software implementation.

Deep reinforcement learning has recently been adopted for robot behavior learning, where robot skills are acquired and adapted from data generated by the robot while interacting with its environment through a trial-and-error process. Despite this success, most model-free deep reinforcement learning algorithms learn a task-specific policy from a clean slate and thus suffer from high sample complexity (i.e., they require a significant amount of interaction with the environment to learn reasonable policies and even more to reach convergence). They also suffer from poor initial performance due to executing a randomly initialized policy in the early stages of learning to obtain experience used to train a policy or value function. Model based deep reinforcement learning mitigates these shortcomings. However, it suffers from poor asymptotic performance in contrast to a model-free approach. In this work, we investigate knowledge transfer from a model-based teacher to a task-specific model-free learner to alleviate executing a randomly initialized policy in the early stages of learning. Our experiments show that this approach results in better asymptotic performance, enhanced initial performance, improved safety, better action effectiveness, and reduced sample complexity.

Modern Intelligent Transport Systems (ITSs) are comprehensive applications that have to cope with a multitude of challenges while meeting strict service and security standards. A novel data-centric middleware that provides the foundation of such systems is presented in this paper. This middleware is designed for high scalability, fast data processing and multimodality. To achieve these goals, an innovative spatial annotation (SpatiaIJSON) is utilised. SpatialJSON allows the representation of geometry, topology and traffic information in one dataset. Data processing is designed in such a manner that any schema or ontology can be used to express information. Further, common concerns of ITSs are addressed, such as authenticity of messages. The core task, however, is to ensure a quick exchange of evaluated information between the individual traffic participants.

The ever-increasing cost and complexity of cutting-edge manufacturing and test processes have migrated the semiconductor industry towards a globalized business model. With many untrusted entities involved in the supply chain located across the globe, original intellectual property (IP) owners face threats such as IP theft/piracy, tampering, counterfeiting, reverse engineering, and overproduction. Logic locking has emerged as a promising solution to protect integrated circuits (ICs) against supply chain vulnerabilities. It inserts key gates to corrupt circuit functionality for incorrect key inputs. A logic-locked chip test can be performed either before or after chip activation (becoming unlocked) by loading the unlocking key into the on-chip tamperproof memory. However, both pre-activation and post-activation tests suffer from lower test coverage, higher test cost, and critical security vulnerabilities. To address the shortcomings, we propose LL-ATPG, a logic-locking aware test method that applies a set of valet (dummy) keys based on a target test coverage to perform manufacturing test in an untrusted environment. LL-ATPG achieves high test coverage and minimizes test time overhead when testing the logic-locked chip before activation without sharing the unlocking key. We perform security analysis of LL-ATPG and experimentally demonstrate that sharing the valet keys with the untrusted foundry does not create additional vulnerability for the underlying locking method.

Security baseline hardening is a baseline configuration framework aims to improve the robustness of the operating system, lowering the risk and impact of breach incidents. In typical best practice, the security baseline hardening requires to have regular check and follow-up to keep the system in-check, this set of activities are called "Security Baseline Audit". The Security Baseline Audit process is responsible by the IT department. In terms of business, this process consumes a fair number of resources such as man-hour, time, and technical knowledge. In a huge production environment, the resources mentioned can be multiplied by the system's amount in the production environment. This research proposes improving the process with automation while maintaining the quality and security level at the standard. Robot Framework, a useful and flexible opensource automation framework, is being utilized in this research following with a very successful result where the configuration is aligned with CIS (Center for Internet Security) run by the automation process. A tremendous amount of time and process are decreased while the configuration is according to this tool's standard.

The utilization of Third-party modules is very common nowadays. Hence, combating Hardware Trojans affecting the applications' functionality and data security becomes inevitably essential. This paper focuses on the detection/masking of Hardware Trojans' undesirable effects concerned with spying and information leakage due to the growing care about applications' data confidentiality. It is assumed here that the Trojan-infected system consists mainly of a Microprocessor module (MP) followed by an encryption module and then a Medium Access Control (MAC) module. Also, the system can be application-specific integrated circuit (ASIC) based or Field Programmable Gate Arrays (FPGA) based. A general solution, including encryption, CRC encoder/decoder, and zero padding modules, is presented to handle such Trojans. Special cases are then discussed carefully to prove that Trojans will be detected/masked with a corresponding overhead that depends on the Trojan's location, and the system's need for encryption. An implementation of the CRC encoder along with the zero padding module is carried out on an Altera Cyclone IV E FPGA to illustrate the extra resource utilization required by such a system, given that it is already using encryption.

To defend networks against security attacks, cyber defenders have to identify vulnerabilities that could be exploited by an attacker and fix them. However, vulnerabilities are constantly evolving and their number is rising. In addition, the resources required (i.e., time and cost) to patch all the identified vulnerabilities and update the affected assets are not always affordable. For these reasons, the defender needs to have a set of metrics that could be used to automatically map new discovered vulnerabilities to potential attack tactics. Using such a mapping to attack tactics, will allow security solutions to better respond inline to any vulnerabilities exploitation tentatives, by selecting and prioritizing suitable response strategy. In this work, we provide a multilabel classification approach to automatically map a detected vulnerability to the MITRE Adversarial Tactics that could be used by the attacker. The proposed approach will help cyber defenders to prioritize their defense strategies, ensure a rapid and efficient investigation process, and well manage new detected vulnerabilities. We evaluate a set of machine learning algorithms (BinaryRelevance, LabelPowerset, ClassifierChains, MLKNN, BRKNN, RAkELd, NLSP, and Neural Networks) and found out that ClassifierChains with RandomForest classifier is the best method in our experiment.

Numerical simulation of fluid flow is a significant research concern during the design process of a machine component that experiences fluid-structure interaction (FSI). State-of-the-art in traditional computational fluid dynamics (CFD) has made CFD reach a relative perfection level during the last couple of decades. However, the accuracy of CFD is highly dependent on mesh size; therefore, the computational cost depends on resolving the minor feature. The computational complexity grows even further when there are multiple physics and scales involved making the approach time-consuming. In contrast, machine learning (ML) has shown a highly encouraging capacity to forecast solutions for partial differential equations. A trained neural network has offered to make accurate approximations instantaneously compared with conventional simulation procedures. This study presents transient fluid flow prediction past a fully immersed body as an integral part of the ML-CFD project. MLCFD is a hybrid approach that involves initialising the CFD simulation domain with a solution forecasted by an ML model to achieve fast convergence in traditional CDF. Initial results are highly encouraging, and the entire time-based series of fluid patterns past the immersed structure is forecasted using a deep learning algorithm. Prepared results show a strong agreement compared with fluid flow simulation performed utilising CFD.

New technologies from day to day are submitted with many vulnerabilities that can make data exploitation. Nowadays, IoT is a target for Cybercrime attacks as it is one of the popular platforms in the century. This research address the IoT security problem by carried a medium-interaction honeypot. Honeypot is one of the solutions that can be done because it is a system feed for the introduction of attacks and fraudulent devices. This research has created a medium interaction honeypot using Cowrie, which is used to maintain the Internet of Things device from malware attacks or even attack patterns and collect information about the attacker's machine. From the result analysis, the honeypot can record all trials and attack activities, with CPU loads averagely below 6,3%.

Computer network and virtual machine security is very essential in today's era. Various architectures have been proposed for network security or prevent malicious access of internal or external users. Various existing systems have already developed to detect malicious activity on victim machines; sometimes any external user creates some malicious behavior and gets unauthorized access of victim machines to such a behavior system considered as malicious activities or Intruder. Numerous machine learning and soft computing techniques design to detect the activities in real-time network log audit data. KKDDCUP99 and NLSKDD most utilized data set to detect the Intruder on benchmark data set. In this paper, we proposed the identification of intruders using machine learning algorithms. Two different techniques have been proposed like a signature with detection and anomaly-based detection. In the experimental analysis, demonstrates SVM, Naïve Bayes and ANN algorithm with various data sets and demonstrate system performance on the real-time network environment.

Blockchain technology is the need of an hour for ensuring security and data privacy. However, very limited tools and documentation are available, therefore, the traditional code-centric implementation of Blockchain is challenging for programmers and developers due to inherent complexities. To overcome these challenges, in this article, a novel and efficient framework is proposed that is based on the Model-Driven Architecture. Particularly, a Meta-model (M2 level Ecore Model) is defined that contains the concepts of Blockchain technology. As a part of tool support, a tree editor (developed using Eclipse Modeling Framework) and a Sirius based graphical modeling tool with a drag-drop palette have been provided to allow modeling and visualization of simple and complex Blockchain-based scenarios for security labs in a very user-friendly manner. A Model to Text (M2T) transformation code has also been written using Acceleo language that transforms the modeled scenarios into java code for Blockchain application in the security lab. The validity of the proposed framework has been demonstrated via a case study. The results prove that our framework can be reliably used and further extended for automation and development of Blockchain-based application for security labs with simplicity.

In recent years, many modifications have been done to combat the weaknesses of the Vigenère Cipher Algorithm. Several studies have been carried out to rectify the flaw of the algorithm’s repeating key nature by increasing the key length equal to that of the plain text. However, some characters cannot be encrypted due to the limited set of characters in the key. This paper modified the algorithm’s key generation process using a Pseudo-Random Number Generator to improve the algorithm’s security and expanded the table of characters to up to 190 characters. The results show that based on Monobit examination and frequency analysis, the repeating nature of the key is non-existent, and the generated key can be used to encrypt a larger set of characters. The ciphertext has a low IC value of 0.030, which is similar to a random string and polyalphabetic cipher with an IC value of 0.038 but not equal to a monoalphabetic cipher with an IC value of 0.065. Results show that the modified version of the algorithm performs better than some of the recent studies conducted on it

A physical layer security (PLS) technique called Gray Code Hopping (GCH) is presented offering simplistic implementation and no bit error rate (BER) performance degradation over the main channel. A synchronized transmitter and receiver "hop" to an alternative binary reflected Gray code (BRGC) mapping of bits to symbols between each consecutive modulation symbol. Monte Carlo simulations show improved BER performance over a similar technique from the literature. Simulations also confirm compatibility of GCH with either hard or soft decision decoding methods. Simplicity of GCH allows for ready implementation in adaptive 5th Generation New Radio (5G NR) modulation coding schemes.

The evolution of deep learning has promoted the popularization of smart devices. However, due to the insufficient development of computing hardware, the ability to conduct local training on smart devices is greatly restricted, and it is usually necessary to deploy ready-made models. This opacity makes smart devices vulnerable to deep learning backdoor attacks. Some existing countermeasures against backdoor attacks are based on the attacker’s ignorance of defense. Once the attacker knows the defense mechanism, he can easily overturn it. In this paper, we propose a Trojaning attack defense framework based on moving target defense(MTD) strategy. According to the analysis of attack-defense game types and confrontation process, the moving target defense model based on signaling game was constructed. The simulation results show that in most cases, our technology can greatly increase the attack cost of the attacker, thereby ensuring the availability of Deep Neural Networks(DNN) and protecting it from Trojaning attacks.

Distributed Denial of Service (DDoS) attacks pose a considerable threat to Cloud Computing, Internet of Things (IoT) and other services offered on the Internet. The victim server receives terabytes of data per second during the DDoS attack. It may take hours to examine them to detect a potential threat, leading to denial of service to legitimate users. Processing vast volumes of traffic to mitigate the attack is a challenging task for network administrators. High-performance techniques are more suited for processing DDoS attack traffic compared to Sequential Processing Techniques. This paper proposes a Multi-Core Parallel Processing Technique to prepare the time series data for the early detection of DDoS flooding attacks. Different time series analysis methods are suggested to detect the attack early on. Producing time series data using parallel processing saves time and further speeds up the detection of the attack. The proposed method is applied to the benchmark data set CICDDoS2019 for generating four different time series to detect TCP-based flooding attacks, namely TCP-SYN, TCP-SYN-ACK, TCP-ACK, and TCP-RST. The implementation results show that the proposed method can give a speedup of 2.3 times for processing attack traffic compared to sequential processing.

Various methods for face validation-based authentication systems have been applied in a number of access control applications. However, using only one biometric factor such as facial data may limit accuracy and use, and is not practical in a real environment. This paper presents the implementation of a face time attendance system with an additional factor, a QR code to improve accuracy. This two- factor authentication system was developed in the form of a kiosk with a contactless process, which emerged due to the COVID-19 pandemic. The experiment was conducted at a well- known training event in Thailand. The proposed two-factor system was evaluated in terms of accuracy and satisfaction. Additionally, it was compared to a traditional single-factor system using only face recognition. The results confirm that the proposed two-factor scheme is more effective and did not incorrectly identify any users.

For exploiting multimode fiber optic communication networks towards physical layer security, we have trained a neural network performing mode decomposition of 10 modes. The approach is based on intensity-only camera images and works in real-time.

With the development of quantum computers, classical cryptography for secure communication is in danger of becoming obsolete. Quantum cryptography, however, can exploit the laws of quantum mechanics to guarantee unconditional security independently of the computational power of a potential eavesdropper. An example is quantum key distribution (QKD), which allows two parties to encrypt a message through a random secret key encoded in the degrees of freedom of quantum particles, typically photons.

Real time data analysis in the context of e.g. realtime monitoring or computational steering is an important tool in many fields of science, allowing scientists to make the best use of limited resources such as sensors and HPC platforms. These tools typically rely on large amounts of continuously collected data that needs to be processed in near-real time to avoid wasting compute, storage, and networking resources. Streaming pipelines are a natural fit for this use case but are inconvenient to use on high-performance computing (HPC) systems because of the diverging system software environment with big data, increasing both the cost and the complexity of the solution. In this paper we propose Neon, a clean-slate design of a streaming data processing framework for HPC systems that enables users to create arbitrarily large streaming pipelines. The experimental results on the Bebop supercomputer show significant performance improvements compared with Apache Storm, with up to 2x increased throughput and reduced latency.

IPsec is widely used for internet security because it offers confidentiality, integrity, and authenticity also protects from replay attacks. IP Security depends on numerous frameworks, organization propels, and cryptographic techniques. IPsec is a heavyweight complex security protocol suite. Because of complex architecture and implementation processes, security implementers prefer TLS. Because of complex implementation, it is impractical to manage over the IoT devices. We propose a simplified and lite version of internet security protocol implemented with only ESP. For encryption, we use AES, RAS-RLP public key cryptography.

With the advancement in Generative Adversarial Networks (GAN), it has become easier than ever to generate fake images. These images are more realistic and non-discernible by untrained eyes and can be used to propagate fake information on the Internet. In this paper, we propose a novel method to detect GAN generated fake images by using a combination of frequency spectrum of image and deep learning. We apply Discrete Fourier Transform to each of 3 color channels of the image to obtain its frequency spectrum which shows if the image has been upsampled, a common trend in most GANs, and then train a Capsule Network model with it. Conducting experiments on a dataset of almost 1000 images based on Unconditional data modeling (StyleGan2 - ADA) gave results indicating that the model is promising with accuracy over 99% when trained on the state-of-the-art GAN model. In theory, our model should give decent results when trained with one dataset and tested on another.

The vast majority of nowadays remote code execution attacks target virtual function tables (vtables). Attackers hijack vtable pointers to change the control flow of a vulnerable program to their will, resulting in full control over the underlying system. In this paper, we present NoVT, a compiler-based defense against vtable hijacking. Instead of protecting vtables for virtual dispatch, our solution replaces them with switch-case constructs that are inherently control-flow safe, thus preserving control flow integrity of C++ virtual dispatch. NoVT extends Clang to perform a class hierarchy analysis on C++ source code. Instead of a vtable, each class gets unique identifier numbers which are used to dispatch the correct method implementation. Thereby, NoVT inherently protects all usages of a vtable, not just virtual dispatch. We evaluate NoVT on common benchmark applications and real-world programs including Chromium. Despite its strong security guarantees, NoVT improves runtime performance of most programs (mean overhead −0.5%, −3.7% min, 2% max). In addition, protected binaries are slightly smaller than unprotected ones. NoVT works on different CPU architectures and protects complex C++ programs against strong attacks like COOP and ShrinkWrap.