Biblio

In the theoretical part of the paper, the scope of application of pseudorandom numbers and methods of their generation, as well as methods of statistical testing of pseudorandom sequences (PS) are considered. In the practical part of the work, the quality of PS obtained by Mersenne Twister [1] generator and the cryptographic generator of the RNGCryptoServiceProvider class of the. NET platform is evaluated. Based on the conducted research, the results of testing are obtained, which show that the quality of pseudorandom sequences generated by the cryptographic random number generator is higher than PS generated by Mersenne Twister. Additionally, based on statistical analysis by NIST and TestU01, a study is conducted in an attempt to establish the statistical indistinguishability of sets of empty- and stegocontainers created using a two-dimensional associative masking mechanism [2-4] based on a gamma of at least 500 KB in length. Research work was carried out under the guidance of R.F. Gibadullin, Associate Professor of the Department of Computer Systems of Kazan National Research Technical University named after A.N.Tupolev-KAI.

For the purpose of stealthiness, trigger-based Hardware Trojans(HTs) tend to have at least one trigger signal with an extremely low transition probability to evade the functional verification. In this paper, we discuss the correlation between poor testability and low transition probability, and then propose a kind of systematic Trojan trigger model with extremely low transition probability but reasonable testability, which can disable the Controllability and Observability for hardware Trojan Detection (COTD) technique, an efficient HT detection method based on circuits testability. Based on experiments and tests on circuits, we propose that the more imbalanced 0/1-controllability can indicate the lower transition probability. And a trigger signal identification method using the imbalanced 0/1-controllability is proposed. Experiments on ISCAS benchmarks show that the proposed method can obtain a 100% true positive rate and average 5.67% false positive rate for the trigger signal.

The growing need for reliable communication over untrusted networks has caused a renewed interest in adversarial channel models, which often behave much differently than traditional stochastic channel models. Of particular practical use is the assumption of a causal or online adversary who is limited to causal knowledge of the transmitted codeword. In this work, we consider stochastic-adversarial mixed noise models. In the setup considered, a transmit node (Alice) attempts to communicate with a receive node (Bob) over a binary erasure channel (BEC) or binary symmetric channel (BSC) in the presence of an online adversary (Calvin) who can erase or flip up to a certain number of bits at the input of the channel. Calvin knows the encoding scheme and has strict causal access to Bob's reception through feedback snooping. For erasures, we provide a complete capacity characterization with and without transmitter feedback. For bit-flips, we provide converse and achievability bounds.

Security plays a paradigmatic role in the area of networking. The main goal of security is to protect these networks which contains confidential data against various kinds of attacks. By changing parameters like key size, increasing the rounds of iteration and finally using confusion box as the S-box, the strength of the cryptographic algorithms can be incremented. By using the Data Encryption Standard (DES), the images can be secured with the help of Dynamic S-boxes. Each of these 8 S-boxes contain 64 elements. Each row contains elements in the range 0–15 and are unique. Our proposed system generates these S-boxes dynamically depending on the key. The evaluation of this Dynamic S-box and DES shows much fruitful results over factors like Non-linearity, Strict Avalanche criterion, Balance, memory and time required for implementation using images.

Over the past few years computer vision has become the essential aspect of modern era of technology. This computer vision is manly based on image processing whereas the image processing includes three important aspects as image filtering, image compression & image security. The image filtering can be achieved by using various filtering techniques but the PSNR & operating frequency are the most challenging aspects of image filtering. This paper mainly focused on overcoming the challenges appears while removing the salt & pepper noise with conventional median filtering by developing improved adaptive moving window architecture median filter & comparing its performance to have improved performance in terms of PSNR & operating frequency.

Throughout the years, honeypots have been very useful in tracking down attackers and preventing different types of cyber attacks on a very large scale. It's been almost 3 decades since the discover of honeypots and still more than 80% of the companies rely on this system because of intrusion detection features and low false positive rate. But with time, the attackers tend to start discovering loopholes in the system. Hence it is very important to be up to date with the technology when it comes to protecting a computing device from the emerging cyber attacks. Timely advancements in the security model provided by the honeypots helps in a more efficient use of the resource and also leads to better innovations in that field. The following paper reviews different methods of honeypot network and also gives an insight about the problems that those techniques can face along with their solution. Further it also gives the detail about the most preferred solution among all of the listed techniques in the paper.

We present an alternate-channel chaotic laser secure communication system to enhance information communication security and study its technical solution via combining chaos shift keying (CSK) and chaos masking (CM). Two coupled lasers and other two single lasers are introduced as a novel alternate-channel secure communication system, where one of two coupled lasers is modulated via CSK to encode a digital signal and the other of coupled lasers is used to emit a chaotic carrier to mask an information using CM. The two single lasers are used to decode CSK and CM information, respectively. And such CSK performance results in enhancement of CM secure performance because of in-time variation of the emitter' parameter as secret keys. The obtained numerical results show that the encoding and decoding can be successfully performed. The study is beneficial to chaotic cryptography and optics secure communication.

The CAN (Controller Area Network) bus, which transmits and receives ECU control information in vehicle, has a critical risk of external intrusion because there is no standardized security system. Recently, the need for IDS (Intrusion Detection System) to detect external intrusion of CAN bus is increasing, and high accuracy and real-time processing for intrusion detection are required. In this paper, we propose Hybrid MR (Machine learning and Ruleset) -IDS based on machine learning and ruleset to improve IDS performance. For high accuracy and detection rate, feature engineering was conducted based on the characteristics of the CAN bus, and the generated features were used in detection step. The proposed Hybrid MR-IDS can cope to various attack patterns that have not been learned in previous, as well as the learned attack patterns by using both advantages of rule set and machine learning. In addition, by collecting CAN data from an actual vehicle in driving and stop state, five attack scenarios including physical effects during all driving cycle are generated. Finally, the Hybrid MR-IDS proposed in this paper shows an average of 99% performance based on F1-score.

Cyberattacks have been progressed in the fields of Internet of Things, and artificial intelligence technologies using the advanced persistent threat (APT) method recently. The damage caused by ransomware is rapidly spreading among APT attacks, and the range of the damages of individuals, corporations, public institutions, and even governments are increasing. The seriousness of the problem has increased because ransomware has been evolving into an intelligent ransomware attack that spreads over the network to infect multiple users simultaneously. This study used open source endpoint detection and response tools to build and test a framework environment that enables systematic ransomware detection at the network and system level. Experimental results demonstrate that the use of EDR tools can quickly extract ransomware attack features and respond to attacks.

Plagiarism checkers have been widely used to verify the authenticity of dissertation/project submissions. However, when non-verbatim plagiarism or online examinations are considered, this practice is not the best solution. In this work, we propose a better authentication system for online examinations that analyses the submitted text's stylometry for a match of writing pattern of the author by whom the text was submitted. The writing pattern is analyzed over many indicators (i.e., features of one's writing style). This model extracts 27 such features and stores them as the writing pattern of an individual. Stylometric Analysis is a better approach to verify a document's authorship as it doesn't check for plagiarism, but verifies if the document was written by a particular individual and hence completely shuts down the possibility of using text-convertors or translators. This paper also includes a brief comparative analysis of some simpler algorithms for the same problem statement. These algorithms yield results that vary in precision and accuracy and hence plotting a conclusion from the comparison shows that the best bet to tackle this problem is through Artificial Neural Networks.

Human Resource (HR) Analytics has been increasingly attracted attention for a past decade. This is because the study field is adopted data-driven approaches to be processed and interpreted for meaningful insights in human resources. The field is involved in HR decision making helping to understand why people, organization, or other business performance behaved the way they do. Embracing the available tools for decision making and learning in the field of computational intelligence (CI) and Artificial Intelligence (AI) to the field of HR, this creates tremendous opportunities for HR Analytics in practical aspects. However, there are still inadequate applications in this area. This paper serves as a survey of using the tools and their applications in HR involving recruitment, retention, reward and retirement. An example of using CI and AI for career development and training in the era of disruption is conceptually proposed.

Trusted Platform Modules (TPM) have grown to be crucial safeguards from the number of software-based strikes. By giving a restricted range of cryptographic providers by way of a well-defined user interface, divided as a result of the program itself, TPM and Infrastructure as a service (IaaS) can function as a root of loyalty so when a foundation aimed at advanced equal protection methods. This information studies the works aimed at uses on TPM within the cloud computing atmosphere, by journal times composed somewhere among 2013 as well as 2020. It identifies the present fashion as well as goals from these technologies within the cloud, as well as the kind of risks that it mitigates. The primary investigation is being focused on the TPM's association to the IaaS security based on the authorization and the enabling schema for integrity. Since integrity measurement is among the key uses of TPM and IaaS, particular focus is given towards the evaluation of operating period phases as well as S/W levels it's put on to. Finally, the deep survey on recent schemes can be applied on Cloud Environment.

Since being launched in 2014, Alexa, Amazon's versatile cloud-based voice service, is now active in over 100 million households worldwide [1]. Alexa's user-friendly, personalized vocal experience offers customers a more natural way of interacting with cutting-edge technology by allowing the ability to directly dictate commands to the assistant. Now in the present year, the Alexa service is more accessible than ever, available on hundreds of millions of devices from not only Amazon but third-party device manufacturers. Unfortunately, that success has also been the source of concern and controversy. The success of Alexa is based on its effortless usability, but in turn, that has led to a lack of sufficient security. This paper surveys various attacks against Amazon Alexa ecosystem including attacks against the frontend voice capturing and the cloud backend voice command recognition and processing. Overall, we have identified six attack surfaces covering the lifecycle of Alexa voice interaction that spans several stages including voice data collection, transmission, processing and storage. We also discuss the potential mitigation solutions for each attack surface to better improve Alexa or other voice assistants in terms of security and privacy.

The integration of IDS and Internet of Things (IoT) with deep learning plays a significant role in safety. Security has a strong role to play. Application of the IoT network decreases the time complexity and resources. In the traditional intrusion detection systems (IDS), this research work implements the cutting-edge methodologies in the IoT environment. This research is based on analysis, conception, testing and execution. Detection of intrusions can be performed by using the advanced deep learning system and multiagent. The NSL-KDD dataset is used to test the IoT system. The IoT system is used to test the IoT system. In order to detect attacks from intruders of transport layer, efficiency result rely on advanced deep learning idea. In order to increase the system performance, multi -agent algorithms could be employed to train communications agencies and to optimize the feedback training process. Advanced deep learning techniques such as CNN will be researched to boost system performance. The testing part an IoT includes data simulator which will be used to generate in continuous of research work finding with deep learning algorithms of suitable IDS in IoT network environment of current scenario without time complexity.

As malware detection algorithms and methods become more sophisticated, malware authors adopt equally sophisticated evasion mechanisms to defeat them. Anecdotal evidence claims Living-Off-The-Land (LotL) techniques are one of the major evasion techniques used in many malware attacks. These techniques leverage binaries already present in the system to conduct malicious actions. We present the first large-scale systematic investigation of the use of these techniques by malware on Windows systems.In this paper, we analyse how common the use of these native system binaries is across several malware datasets, containing a total of 31,805,549 samples. We identify an average 9.41% prevalence. Our results show that the use of LotL techniques is prolific, particularly in Advanced Persistent Threat (APT) malware samples where the prevalence is 26.26%, over twice that of commodity malware.To illustrate the evasive potential of LotL techniques, we test the usage of LotL techniques against several fully patched Windows systems in a local sandboxed environment and show that there is a generalised detection gap in 10 of the most popular anti-virus products.

The rapid advancement of IoT technologies has led to its flexible adoption in battle field networks, known as Internet of Battlefield Things (IoBT) networks. One important application of IoBT networks is the weather sensory network characterized with a variety of weather, land and environmental sensors. This data contains hidden trends and correlations, needed to provide situational awareness to soldiers and commanders. To interpret the incoming data in real-time, machine learning algorithms are required to automate strategic decision-making. Existing solutions are not well-equipped to provide the fine-grained feedback to military personnel and cannot facilitate a scalable, end-to-end platform for fast unlabeled data collection, cleaning, querying, analysis and threats identification. In this work, we present a scalable end-to-end IoBT data driven platform for SVAD (Storage, Visualization, Anomaly Detection) analysis of heterogeneous weather sensor data. Our SVAD platform includes extensive data cleaning techniques to denoise efficiently data to differentiate data from anomalies and noise data instances. We perform comparative analysis of unsupervised machine learning algorithms for multi-variant data analysis and experimental evaluation of different data ingestion pipelines to show the ability of the SVAD platform for (near) real-time processing. Our results indicate impending turbulent weather conditions that can be detected by early anomaly identification and detection techniques.

When the electrical grid in a region suffers a major outage, e.g., after a catastrophic cyber attack, a “black start” may be required, where the grid is slowly restarted, carefully and incrementally adding generating capacity and demand. To ensure safe and effective black start, the grid control center has to be able to communicate with field personnel and with supervisory control and data acquisition (SCADA) systems. Voice and text communication are particularly critical. As part of the Defense Advanced Research Projects Agency (DARPA) Rapid Attack Detection, Isolation, and Characterization Systems (RADICS) program, we designed, tested and evaluated a self-configuring mesh network prototype called the Phoenix Secure Emergency Network (PhoenixSEN). PhoenixSEN provides a secure drop-in replacement for grid's primary communication networks during black start recovery. The network combines existing and new technologies, can work with a variety of link-layer protocols, emphasizes manageability and auto-configuration, and provides services and applications for coordination of people and devices including voice, text, and SCADA communication. We discuss the architecture of PhoenixSEN and evaluate a prototype on realistic grid infrastructure through a series of DARPA-led exercises.

A tamper-resistant logical operation method based on integrated nanophotonics is proposed focusing on electromagnetic side-channel attacks. In the proposed method, only the phase of each optical signal is modulated depending on its logical state, which keeps the power of optical signals in optical logic circuits constant. This provides logic-gate-level tamper resistance which is difficult to achieve with CMOS circuits. An optical implementation method based on electronically-controlled phase shifters is then proposed. The electrical part of proposed circuits achieves 300 times less instantaneous current change, which is proportional to intensity of the leaked electromagnetic wave, than a CMOS logic gate.

This research attempts to provide some insights on the application of text mining and Natural Language Processing (NLP). The application domain is consumer complaints about financial institutions in the USA. As an advanced analytics discipline embedded within the Big Data paradigm, the practice of text analytics contains elements of emergent knowledge processes. Since our experiment should be able to scale up we make use of a pipeline based on Spark-NLP. The usage scenario is adapting the model to a specific industrial context and using the dataset offered by the "Consumer Financial Protection Bureau" to illustrate the application.

Critical infrastructures have to withstand advanced and persistent threats, which can be addressed using Byzantine fault tolerant state-machine replication (BFT-SMR). In practice, unattended cyberdefense systems rely on threat level detectors that synchronously inform them of changing threat levels. However, to have a BFT-SMR protocol operate unattended, the state-of-the-art is still to configure them to withstand the highest possible number of faulty replicas \$f\$ they might encounter, which limits their performance, or to make the strong assumption that a trusted external reconfiguration service is available, which introduces a single point of failure. In this work, we present ThreatAdaptive the first BFT-SMR protocol that is automatically strengthened or optimized by its replicas in reaction to threat level changes. We first determine under which conditions replicas can safely reconfigure a BFT-SMR system, i.e., adapt the number of replicas \$n\$ and the fault threshold \$f\$ so as to outpace an adversary. Since replicas typically communicate with each other using an asynchronous network they cannot rely on consensus to decide how the system should be reconfigured. ThreatAdaptive avoids this pitfall by proactively preparing the reconfiguration that may be triggered by an increasing threat when it optimizes its performance. Our evaluation shows that ThreatAdaptive can meet the latency and throughput of BFT baselines configured statically for a particular level of threat, and adapt 30% faster than previous methods, which make stronger assumptions to provide safety.

Recently, the frequent security incidents of the Internet of things make the wearable IOT health monitoring systems (WIHMS) face serious security threats. Aiming at the security requirements of WIHMS identity authentication, Q. Jiang proposed a lightweight device mutual identity authentication solution in 2019. The scheme has good security performance. However, we find that in Jiang’s scheme, in the authentication phase, the server CS needs at least 3 queries and 1 update of the database operation, which affects the overall performance of the system. For this reason, we propose a new device mutual authentication and key agreement protocol. In our protocol, the authentication server only needs to query the server database twice.

Internet Exchange Points (IXPs) are critical components of the Internet infrastructure that affect its performance, evolution, security and economy. In this work, we introduce a technique to improve the well-known TraIXroute tool with its ability to identify IXPs. TraIXroute is a tool written in python3. It always encounters problems during its installation by network administrators and researchers. This problem remains unchanged in the field of internet ixp measurement tools. Our paper aims to make a critical analysis of TraIXroute tool which has some malfunctions. Furthermore, our main objective is to implement an improved tool for detecting ixps on the traceroute path with ipv4 and ipv6. The tool will have options for Geolocation of ixps as well as ASs. Our tool is written in C\# (C sharp) and python which are object oriented programming languages.

Wireless embedded devices are key elements of Internet-of-Things (IoT) and industrial IoT (IIoT) applications. The complexity of these devices as well as the number of connected devices to networks increase steadily. The high intricacy of the overall system makes it error-prone and vulnerable to attacks and leads to the need to test individual parts or even the whole system. Therefore, this paper presents the concept of a flexible and distributed testbed to evaluate correct behavior in various operation or attack scenarios. It is based on the Robot Operating System (ROS) as communication framework to ensure modularity and expandability. The testbed integrates RF-jamming and measurement devices to evaluate remote attack scenarios and interference issues. An energy harvesting emulation cell is used to evaluate different real-world energy harvesting scenarios. A climatic test chamber allows to investigate the influence of temperature and humidity conditions on the system-under-test. As a testbed application scenario, the automated evaluation of an energy harvesting wireless sensor network designed to instrument automotive engine test benches is presented.

The human face conveys a significant amount of information. Through facial expressions, the face is able to communicate numerous sentiments without the need for verbalisation. Visual emotion recognition has been extensively studied. Recently several end-to-end trained deep neural networks have been proposed for this task. However, such models often lack generalisation ability across datasets. In this paper, we propose the Deep Facial Expression Vector ExtractoR (DeepFEVER), a new deep learning-based approach that learns a visual feature extractor general enough to be applied to any other facial emotion recognition task or dataset. DeepFEVER outperforms state-of-the-art results on the AffectNet and Google Facial Expression Comparison datasets. DeepFEVER’s extracted features also generalise extremely well to other datasets – even those unseen during training – namely, the Real-World Affective Faces (RAF) dataset.

In Industry 4.0, Information Technology (IT) and Operational Technology (OT) tend to converge further with an increasing interdependence of safety and security issues to be considered. On one hand, cyber attacks are possible which can alter implemented safety functionality leading to situations where people are harmed, serious injuries may occur or the environment gets damaged. On the other side, safety can also impact security. For instance, the misuse of a Safety Instrumented System (SIS) may force a machine or a production line to shut down resulting in a denial of service. To prevent or mitigate risks from such scenarios, this paper proposes a threat modeling technique which addresses an integrated view on safety and security. The approach is tailored to the industrial automation domain considering plausible attacks and evaluating risks based on three different metrics. The metrics selected consist of Common Vulnerability Scoring System (CVSS) used as an international standard for rating cyber security vulnerabilities, Security Level (SL) from IEC 62443 to rate cyber security risks in OT environments w.r.t. the underlying architecture, and Safety Integrity Level (SIL) from IEC 61508 to rate safety risks. Due to the variety of use cases involving the chosen metrics, the approach is also feasible for followup analyses, such as integrated safety and security assessments or audits.