Biblio

The pervasive use of software systems and current threat environment demand that software systems not only survive cyberattacks, but also bounce back better, stronger, and faster. However, what constitutes a modern software system? Where should the security and resilience mechanisms be-in the application software or in the cloud environment where it runs? In this concept paper, we set up a context to pose these questions and present a roadmap to answer them. We describe challenges to achieving resilience and beyond, and outline potential research directions to stimulate discussion in the workshop.

Because network nodes are transparent in media streaming applications, traditional networks cannot utilize the scalability feature of Scalable video coding (SVC). Compared with the traditional network, SDN supports various flows in a more fine-grained and scalable manner via the OpenFlow protocol, making QoS requirements easier and more feasible. In previous studies, a Ternary Content-Addressable Memory (TCAM) space in the switch has not been considered. This paper proposes a scalable QoS-aware multicast scheme for SVC streams, and formulates the scalable QoS-aware multicast routing problem as a nonlinear programming model. Then, we design heuristic algorithms that reduce the TCAM space consumption and construct the multicast tree for SVC layers according to video streaming requests. To alleviate video quality degradation, a dynamic layered multicast routing algorithm is proposed. Our experimental results demonstrate the performance of this method in terms of the packet loss ratio, scalability, the average satisfaction, and system utility.

Fog computing extends the capability of cloud services to support latency sensitive applications. Adding fog computing nodes in proximity to a data generation/ actuation source can support data analysis tasks that have stringent deadline constraints. We introduce a real time, security-aware scheduling algorithm that can execute over a fog environment [1 , 2] . The applications we consider comprise of: (i) interactive applications which are less compute intensive, but require faster response time; (ii) computationally intensive batch applications which can tolerate some delay in execution. From a security perspective, applications are divided into three categories: public, private and semi-private which must be hosted over trusted, semi-trusted and untrusted resources. We propose the architecture and implementation of a distributed orchestrator for fog computing, able to combine task requirements (both performance and security) and resource properties.

Supply chain management systems (SCM) are the most intensive and statistical RFID application for object tracking. A lot of research has been carried out to overcome security issues in the field of online/offline object tracking as well as authentication protocols involving RFID technology. Due to advancements with the Internet of Things (IoT) and embedded systems in object tracking schemes the latest research manages to deliver information about the object’s location as well as provide particulars about the state of an object. Recent research presented a proposal for an authentication and online object tracking protocol focusing on solutions for privacy issues for device identification, end-to-end authentication, and secure online object tracking. However, recent schemes have been found to be vulnerable to traceability attacks. This paper presents an enhanced end-to-end authentication scheme where the identity of the user is kept anonymous so that its actions can not be tracked, eliminating attacks related to traceability. The security of the proposed protocol is formally analyzed using the attack model of the automated security testing tool, ProVerif. The proposed scheme outperforms competing schemes based on security.

Even if there is a rapid proliferation with the advantages of low cost, the emerging on-demand cloud services have led to an increase in cybercrime activities. Cyber criminals are utilizing cloud services through its distributed nature of infrastructure and create a lot of challenges to detect and investigate the incidents by the security personnel. The tracing of command flow forms a clue for the detection of malicious activity occurring in the system through System Calls Analysis (SCA). As machine learning based approaches are known to automate the work in detecting malwares, simple Support Vector Machine (SVM) based approaches are often reporting low value of accuracy. In this work, a malware classification system proposed with the supervised machine learning of unknown malware instances through Support Vector Machine - Stochastic Gradient Descent (SVM-SGD) algorithm. The performance of the system evaluated on CIC-IDS2017 dataset with labelled attacks. The system is compared with traditional signature based detection model and observed to report less number of false alerts with improved accuracy. The signature based detection gets an accuracy of 86.12%, while the SVM-SGD gets the best accuracy of 99.13%. The model is found to be lightweight but efficient in detecting malware with high degree of accuracy.

The fundamental limits of high-current conduction and response of metal conductors to large, fast current pulses are of interest to high-speed fuses, exploding wires and foils, and magnetically driven dynamic material property and inertial confinement fusion experiments. A collaboration between the University of Nevada, Reno, University of New Mexico, and Sandia National Laboratory has fielded an electrically thick (R 400-μm \textbackslashtextgreater skin-depth) cylindrical metal rod platform in a Z-pinch configuration driven by the Sandia 100-ns, 900-kA Mykonos linear transformer driver 1 . Photonic Doppler velocimetry (PDV) measuring the expansion velocity of the uncoated surface of aluminum rods 2 was used to benchmark equation of state (EOS) and electrical conductivity models used in magnetohydrodynamics simulations using the Los Alamos National Laboratory (LANL) code FLAG 3 . The metal surface was found to expand along the liquid-vapor coexistence curve in density-temperature space for 90 ns of the rod’s expansion for both tabular EOSs with Van der Waals loops and with Maxwell constructions under the vapor dome. As the slope of the coexistence curve varies across EOS models, the metal surface in simulation was found to heat and expand at different rates depending on the model used. The expansion velocities associated with EOS models were then compared against the PDV data to validate the EOS used in simulations of similar systems. Here, the most recent aluminum EOS (SESAME 93722) 4 was found to drive a simulated velocity that best compared with the experimental data due to its relatively steep coexistence curve and high critical point.

This paper presents the time complexity estimates for the methods of points exponentiation, which are basic for encrypting information flows in computer systems. As a result of numerical experiments, it is determined that the method of doubling-addition-subtraction has the lowest complexity. Mathematical models for determining the execution time of each considered algorithm for points exponentiation on elliptic curves were developed, which allowed to conduct in-depth analysis of their performance and resistance to special attacks, in particular timing analysis attack. The dependences of the cryptographic operations execution time on the key length and the sustainability of each method on the Hamming weight are investigated. It is proved that under certain conditions the highest sustainability of the system is achieved by the doubling-addition-subtraction algorithm. This allows to justify the choice of algorithm and its parameters for the implementation of cryptographic information security, which is resistant to special attacks.

Auto-magnetizing (AutoMag) liners 1 have demonstrated strong precompressed axial magnetic field production (\textbackslashtextgreater100 T) and remarkable cylindrical implosion uniformity during experiments 2 on the Z accelerator. However, both axial field production and implosion uniformity require further optimization to support use of AutoMag targets in magnetized liner inertial fusion (MagLIF) experiments. Recent experimental study on the Mykonos accelerator has provided data on the initiation and evolution of dielectric flashover in AutoMag targets; these results have directly enabled advancement of magnetohydrodynamic (MHD) modeling protocols used to simulate AutoMag liner implosions. Using these modeling protocols, we executed three-dimensional MHD simulations focused on improving AutoMag target designs, specifically seeking to optimize axial magnetic field production and enhance cylindrical implosion uniformity for MagLIF. By eliminating the previously used driver current prepulse and reducing the helical gap widths in AutoMag liners, simulations indicate that the optimal 30-50 T range of precompressed axial magnetic field for MagLIF can be accomplished concurrently with improved cylindrical implosion uniformity, thereby enabling an optimally premagnetized magneto-inertial fusion implosion with high cylindrical uniformity.

In this paper, we present our ongoing work to develop an efficient and scalable verification method to achieve runtime security of real-time applications with strict performance requirements. The method allows to specify (functional and non-functional) behaviour of a real-time application and a set of known attacks/threats. The challenge here is to prove that the runtime application execution is at the same time (i) correct w.r.t. the functional specification and (ii) protected against the specified set of attacks, without violating any non-functional specification (e.g., real-time performance). To address the challenge, first we classify the set of attacks into computational, data integrity and communication attacks. Second, we decompose each class into its declarative properties and definitive properties. A declarative property specifies an attack as a one big-step relation between initial and final state without considering intermediate states, while a definitive property specifies an attack as a composition of many small-step relations considering all intermediate states between initial and final state. Semantically, the declarative property of an attack is equivalent to its corresponding definitive property. Based on the decomposition and the adequate specification of underlying runtime environment (e.g., compiler, processor and operating system), we prove rigorously that the application execution in a particular runtime environment is protected against declarative properties without violating runtime performance specification of the application. Furthermore, from the specification, we generate a security monitor that assures that the application execution is secure against each class of attacks at runtime without hindering real-time performance of the application.

With the development of network, network security has become a topic of increasing concern. Recent years, machine learning technology has become an effective means of network intrusion detection. However, machine learning technology requires a large amount of data for training, and training data often contains privacy information, which brings a great risk of privacy leakage. At present, there are few researches on data privacy protection in the field of intrusion detection. Regarding the issue of privacy and security, we combine differential privacy and machine learning algorithms, including One-class Support Vector Machine (OCSVM) and Local Outlier Factor(LOF), to propose an hybrid intrusion detection system (IDS) with privacy protection. We add Laplacian noise to the original network intrusion detection data set to get differential privacy data sets with different privacy budgets, and proposed a hybrid IDS model based on machine learning to verify their utility. Experiments show that while protecting data privacy, the hybrid IDS can achieve detection accuracy comparable to traditional machine learning algorithms.

Pedestrian dead reckoning (PDR) is a widely used approach to estimate locations and trajectories. Accessing location-based services with trajectory data can bring convenience to people, but may also raise privacy concerns that need to be addressed. In this paper, a privacy-preserving pedestrian dead reckoning framework is proposed to protect a user’s trajectory privacy based on differential privacy. We introduce two metrics to quantify trajectory privacy and data utility. Our proposed privacy-preserving trajectory extraction algorithm consists of three mechanisms for the initial locations, stride lengths and directions. In addition, we design an adversary model based on particle filtering to evaluate the performance and demonstrate the effectiveness of our proposed framework with our collected sensor reading dataset.

With the recognition of cyberspace as an operating domain, concerted effort is now being placed on addressing it in the whole-of-domain manner found in land, sea, undersea, air, and space domains. Among the first steps in this effort is applying the standard supporting concepts of security, defense, and deterrence to the cyber domain. This paper presents an architecture that helps realize forward defense in cyberspace, wherein adversarial actions are repulsed as close to the origin as possible. However, substantial work remains in making the architecture an operational reality including furthering fundamental research cyber science, conducting design trade-off analysis, and developing appropriate public policy frameworks.

Cryptocurrencies are the digital currencies designed to replace the regular cash money while taking place in our daily lives especially for the last couple of years. Mining cryptocurrencies are one of the popular ways to have them and make a profit due to unstable values in the market. This attracts attackers to utilize malware on internet users' computer resources, also known as cryptojacking, to mine cryptocurrencies. Cryptojacking started to be a major issue in the internet world. In this case, we developed MiNo, a web browser add-on application to detect these malicious mining activities running without the user's permission or knowledge. This add-on provides security and efficiency for the computer resources of the internet users. MiNo designed and developed with double-layer protection which makes it ahead of its competitors in the market.

Given a network with a set of vulnerable actuators (and sensors), the security index of an actuator equals the minimum number of sensors and actuators that needs to be compromised so as to conduct a perfectly undetectable attack using the said actuator. This paper deals with the problem of computing actuator security indices for discrete-time LTI network systems, using a structured systems framework. We show that the actuator security index is generic, that is for almost all realizations the actuator security index remains the same. We refer to such an index as generic security index (generic index) of an actuator. Given that the security index quantifies the vulnerability of a network, the generic index is quite valuable for large scale energy systems. Our second contribution is to provide graph-theoretic conditions for computing the generic index. The said conditions are in terms of existence of linkings on appropriately-defined directed (sub)graphs. Based on these conditions, we present an algorithm for computing the generic index.

Hardware Trojan war is expanding from digital world to analog domain. Although hardware Trojans in digital integrated circuits have been extensively investigated, there still lacks study on the Trojans crossing the boundary between digital and analog worlds. This work uses Inter-integrated Circuit (I2C) as an example to demonstrate the potential security threats on its master-slave interface. Furthermore, an obfuscated Trojan detection method is proposed to monitor the abnormal behaviors induced by analog Trojans on the I2C interface. Experimental results confirm that the proposed method has a high sensitivity to the compromised clock signal and can mitigate the clock mute attack with a success rate of over 98%.

Underwater Wireless Communication Network (UWCN) is highly emerging in recent times due to the broad variety of underwater applications ranging from disaster prediction, environmental resource monitoring, military security surveillance and assisted navigation. Since the kind of accuracy these applications demands from the dynamic underwater environment is really high, so there is a need for effective way of study underwater communication networks. Usually underwater networks can be studied with the help of actual underwater testbed or with the model of the underwater network. Studying the underwater system with the actual underwater testbed is costly. The effective way of analysis can be done by creating a mathematical model of underwater systems. Queuing theory is one of the most popular mathematical theories used for conventional circuit switched networks whereas it can’t be applied for modeling modern packet switched networks which has high variability compared to that of circuit switched networks. So this paper presents Stochastic Network Calculus (SNC) as the mathematical theory for modeling underwater communication networks. Underlying principles and basic models provided by SNC for analyzing the performance graduates of UWCN is discussed in detail for the benefit of researchers looking for the effective mathematical theory for modeling the system in the domain of underwater communication.

The progress made in terms of controller technologies with the introduction of remotely-accessibility capacity in the digital controllers has opened the door to new cybersecurity threats on the Industrial Control Systems (ICSs). Among them, some aim at damaging the ICS's physical system. In this paper, a corrupted controller emitting a non-legitimate Pulse Width Modulation control signal to an Electro-Mechanical Actuator (EMA) is considered. The attacker's capabilities for accelerating the EMA's aging by inducing Partial Discharges (PDs) are investigated. A simplified model is considered for highlighting the influence of the carrier frequency of the control signal over the amplitude and the repetition of the PDs involved in the EMA's aging.

Despite the performance of state-of-the-art Artificial Intelligence (AI) systems, some sectors hesitate to adopt AI because of a lack of trust in these systems. This attitude is prevalent among high-risk areas, where there is a reluctance to remove humans entirely from the loop. In these scenarios, Augmentation provides a preferred alternative over complete Automation. Instead of replacing humans, AI Augmentation uses AI to improve and support human operations, creating an environment where humans work side by side with AI systems. In this paper, we discuss how AI Augmentation can provide a path for building Trustworthy AI. We exemplify this approach using Robot Teleoperation. We lay out design guidelines and motivations for the development of AI Augmentation for Robot Teleoperation. Finally, we discuss the design of a Robot Teleoperation testbed for the development of AI Augmentation systems.

The interface permits the client to scan for a subjective utility on the Play Store; the authorizations posting and the protection arrangement are then routinely recovered, on all events imaginable. The client has then the capability of choosing an interesting authorization, and a posting of pertinent sentences are separated with the guide of the privateer's inclusion and introduced to them, alongside a right depiction of the consent itself. Such an interface allows the client to rapidly assess the security-related dangers of an Android application, by utilizing featuring the pertinent segments of the privateer's inclusion and by introducing helpful data about shrewd authorizations. A novel procedure is proposed for the assessment of privateer's protection approaches with regards to Android applications. The gadget actualized widely facilitates the way toward understanding the security ramifications of placing in 1/3 birthday celebration applications and it has just been checked in a situation to feature troubling examples of uses. The gadget is created in light of expandability, and correspondingly inclines in the strategy can without trouble be worked in to broaden the unwavering quality and adequacy. Likewise, if your application handles non-open or delicate individual information, it would be ideal if you also allude to the extra necessities in the “Individual and Sensitive Information” territory underneath. These Google Play necessities are notwithstanding any prerequisites endorsed by method for material security or data assurance laws. It has been proposed that, an individual who needs to perform the establishment and utilize any 1/3 festival application doesn't perceive the significance and which methods for the consents mentioned by method for an application, and along these lines sincerely gives all the authorizations as a final product of which unsafe applications furthermore get set up and work their malevolent leisure activity in the rear of the scene.

Files in the backup of iOS devices can be a potential source of evidentiary data. Particularly, the iOS backup (obtained through a logical acquisition technique) is widely used by many forensic tools to sift through the data. A significant challenge faced by several forensic tool developers is the changes in the data organization of the iOS backup. This is due to the fact that the iOS operating system is frequently updated by Apple Inc. Many iOS application developers release periodical updates to iOS mobile applications. Both these reasons can cause significant changes in the way user data gets stored in the iOS backup files. Moreover, approximately once every couple years, there could be a major iOS release which can cause the reorganization of files and folders in the iOS backup. Directories in the iOS backup contain SQLite databases, plist files, XML files, text files, and media files. Android/iOS devices generally use SQLite databases since it is a lightweight database. Our focus in this paper is to analyze the SQLite schema evolution specific to iOS and assist forensic tool developers in keeping their tools compatible with the latest iOS version. Our recommendations for updating the forensic data extraction tools is based on the observation of schema changes found in successive iOS versions.

This paper presents how students practical’s is developed and used for the important task forensic specialist have to do when using common digital forensic tools for data deletion and data recovery from various types of digital media and live systems. Digital forensic tools like EnCase, FTK imager, BlackLight, and open source tools are discussed in developed practical’s scenarios. This paper shows how these tools can be used to train and enhance student understanding of the capabilities and limitations of digital forensic tools in uncommon digital forensic scenarios. Students’ practicals encourage students to efficiently use digital forensic tools in the various professional scenarios that they will encounter.

Cross-Site Scripting, also called as XSS, is a type of injection where malicious scripts are injected into trusted websites. When malicious code, usually in the form of browser side script, is injected using a web application to a different end user, an XSS attack is said to have taken place. Flaws which allows success to this attack is remarkably widespread and occurs anywhere a web application handles the user input without validating or encoding it. A study carried out by Symantic states that more than 50% of the websites are vulnerable to the XSS attack. Security engineers of Microsoft coined the term "Cross-Site Scripting" in January of the year 2000. But even if was coined in the year 2000, XSS vulnerabilities have been reported and exploited since the beginning of 1990's, whose prey have been all the (then) tech-giants such as Twitter, Myspace, Orkut, Facebook and YouTube. Hence the name "Cross-Site" Scripting. This attack could be combined with other attacks such as phishing attack to make it more lethal but it usually isn't necessary, since it is already extremely difficult to deal with from a user perspective because in many cases it looks very legitimate as it's leveraging attacks against our banks, our shopping websites and not some fake malicious website.

The fast improvement in telecommunication technologies that has characterised the last decade is enabling a revolution centred on Cyber-Physical Systems (CPSs). Elements inside cities, from vehicles to cars, can now be connected and share data, describing both our environment and our behaviours. These data can also be used in an active way, by becoming the tenet of innovative services and products, i.e. of Cyber-Physical Products (CPPs). Still, having data is not tantamount to having knowledge, and an important overlooked topic is how should them be analysed. In this contribution we tackle the issue of the development of an analytics toolbox for processing CPS data. Specifically, we review and quantify the main requirements that should be fulfilled, both functional (e.g. flexibility or dependability) and technical (e.g. scalability, response time, etc.). We further propose an initial set of analysis that should in it be included. We finally review some challenges and open issues, including how security and privacy could be tackled by emerging new technologies.

Water-filling (WF) is a well-established iterative solution to optimal power allocation in parallel fading channels. Slow iterative search can be impractical for allocating power to a large number of OFDM sub-channels. Neural networks (NN) can transform the iterative WF threshold search process into a direct high-dimensional mapping from channel gain to transmit power solution. Our results show that the NN can perform very well (error 0.05%) and can be shown to be indeed performing approximate WF power allocation. However, there is no guarantee on the NN is mapping between channel states and power output. Here, we attempt to explain the NN power allocation solution via the Meijer G-function as a general explainable symbolic mapping. Our early results indicate that whilst the Meijer G-function has universal representation potential, its large search space means finding the best symbolic representation is challenging.

Attack graph is an effective way to analyze the vulnerabilities for industrial control networks. We develop a vulnerability correlation method and a practical visualization technology for industrial control network. First of all, we give a complete attack graph analysis for industrial control network, which focuses on network model and vulnerability context. Particularly, a practical attack graph algorithm is proposed, including preparing environments and vulnerability classification and correlation. Finally, we implement a three-dimensional interactive attack graph visualization tool. The experimental results show validation and verification of the proposed method.