Biblio

Although it has been demonstrated in multiple studies that serious data leaks could occur to many-core systems thanks to the existence of the thermal covert channels (TCC), little has been done to produce effective countermeasures that are necessary to fight against such TCC attacks. In this paper, we propose a three-step countermeasure to address this critical defense issue. Specifically, the countermeasure includes detection based on signal frequency scanning, positioning affected cores, and blocking based on Dynamic Voltage Frequency Scaling (DVFS) technique. Our experiments have confirmed that on average 98% of the TCC attacks can be detected, and with the proposed defense, the bit error rate of a TCC attack can soar to 92%, literally shutting down the attack in practical terms. The performance penalty caused by the inclusion of the proposed countermeasures is only 3% for an 8×8 system.

Cyber-power resiliency analysis of the distribution system is becoming critical with increase in adverse cyberevents. Distribution network operators need to assess and analyze the resiliency of the system utilizing the analytical tool with a carefully designed visualization and be driven by data and model-based analytics. This work introduces the Cyber-Physical Security Assessment Metric (CP-SAM) visualization tool to assist operators in ensuring the energy supply to critical loads during or after a cyber-attack. CP-SAM also provides decision support to operators utilizing measurement data and distribution power grid model and through well-designed visualization. The paper discusses the concepts of cyber-physical resiliency, software design considerations, open-source software components, and use cases for the tool to demonstrate the implementation and importance of the developed tool.

The evolution of power system as a smart grid (SG) not only has enhanced the monitoring and control capabilities of the power grid, but also raised its security concerns and vulnerabilities. With a boom in Internet of Things (IoT), a lot a sensors are being deployed across the grid. This has resulted in huge amount of data available for processing and analysis. Machine learning (ML) and deep learning (DL) algorithms are being widely used to extract useful information from this data. In this context, this paper presents a comprehensive literature survey of different ML and DL techniques that have been used in the smart grid cyber security area. The survey summarizes different type of cyber threats which today's SGs are prone to, followed by various ML and DL-assisted defense strategies. The effectiveness of the ML based methods in enhancing the cyber security of SGs is also demonstrated with the help of a case study.

The present-day world has become all dependent on cyberspace for every aspect of daily living. The use of cyberspace is rising with each passing day. The world is spending more time on the Internet than ever before. As a result, the risks of cyber threats and cybercrimes are increasing. The term `cyber threat' is referred to as the illegal activity performed using the Internet. Cybercriminals are changing their techniques with time to pass through the wall of protection. Conventional techniques are not capable of detecting zero-day attacks and sophisticated attacks. Thus far, heaps of machine learning techniques have been developed to detect the cybercrimes and battle against cyber threats. The objective of this research work is to present the evaluation of some of the widely used machine learning techniques used to detect some of the most threatening cyber threats to the cyberspace. Three primary machine learning techniques are mainly investigated, including deep belief network, decision tree and support vector machine. We have presented a brief exploration to gauge the performance of these machine learning techniques in the spam detection, intrusion detection and malware detection based on frequently used and benchmark datasets.

In modern grid systems which is a typical cyber-physical System (CPS), information space and physical space are closely related. Once the communication link is interrupted, it will make a great damage to the power system. If the service path is too concentrated, the risk will be greatly increased. In order to solve this problem, this paper constructs a route planning algorithm that combines node load pressure, link load balance and service delay risk. At present, the existing intelligent algorithms are easy to fall into the local optimal value, so we chooses the deep reinforcement learning algorithm (DRL). Firstly, we build a risk assessment model. The node risk assessment index is established by using the node load pressure, and then the link risk assessment index is established by using the average service communication delay and link balance degree. The route planning problem is then solved by a route planning algorithm based on DRL. Finally, experiments are carried out in a simulation scenario of a power grid system. The results show that our method can find a lower risk path than the original Dijkstra algorithm and the Constraint-Dijkstra algorithm.

In general, Cloud storage is considered as a distributed model. Here, the data is usually stored on remote servers to properly maintain, back up and make it accessible to clients over a network, whenever required. Cloud storage providers keep the data and processes to oversee it on capacity servers based on secure virtualization methods. A security framework is proposed for auditing the cloud data, which makes use of the proposed blockchain technology. This ensures to efficiently maintain the data integrity. The blockchain structure inspects the mutation of operational information and thereby ensures the data security. Usually, the data auditing scheme is widely used in a Third Party Auditor (TPA), which is a centralized entity that the client is forced to trust, even if the credibility is not guaranteed. To avoid the participation of TPA, a decentralised scheme is suggested, where it uses a smart contract for auditing the cloud data. The working of smart contracts is based on blockchain. Ethereum is used to deploy a smart contract thereby eliminating the need of a foreign source in the data auditing process.

Wireless Sensor Networks (WSNs) are applied in environmental monitoring, military surveillance, etc., whereas these applications focuses on providing security for sensed data and the nodes are available for a long time. Hence, we propose DEAVD protocol for secure data exchange with limited usage of energy. The DEAVD protocol compresses data to reduces the energy consumption and implements an energy efficient encryption and decryption technique using voronoi diagram paradigm. Thus, there is an improvement in the proposed protocol with respect to security due to the concept adapted during data encryption and aggregation.

While Explanatory AI (XAI) is attracting increasing interest from academic research, most AI-based solutions still rely on black box methods. This is unsuitable for certain domains, such as smart homes, where transparency is key to gaining user trust and solution adoption. Moreover, smart homes are challenging environments for XAI, as they are decentralized systems that undergo runtime changes. We aim to develop an XAI solution for addressing problems that an autonomic management system either could not resolve or resolved in a surprising manner. This implies situations where the current state of affairs is not what the user expected, hence requiring an explanation. The objective is to solve the apparent conflict between expectation and observation through understandable logical steps, thus generating an argumentative dialogue. While focusing on the smart home domain, our approach is intended to be generic and transferable to other cyber-physical systems offering similar challenges. This position paper focuses on proposing a decentralized algorithm, called D-CAN, and its corresponding generic decentralized architecture. This approach is particularly suited for SISSY systems, as it enables XAI functions to be extended and updated when devices join and leave the managed system dynamically. We illustrate our proposal via several representative case studies from the smart home domain.

In this paper, we propose a decision support process that is designed to help network and security operators in understanding the complexity of a current security situation and decision making concerning ongoing cyber-attacks and threats. The process focuses on enterprise missions and uses a graph-based mission decomposition model that captures the missions, underlying hosts and services in the network, and functional and security requirements between them. Knowing the vulnerabilities and attacker's position in the network, the process employs logical attack graphs and Bayesian network to infer the probability of the disruption of the confidentiality, integrity, and availability of the missions. Based on the probabilities of disruptions, the process suggests the most resilient mission configuration that would withstand the current security situation.

In power systems, having accurate device models is crucial for grid reliability, availability, and resiliency. Existing model calibration methods based on mathematical approaches often lead to multiple solutions due to the ill-posed nature of the problem, which would require further interventions from the field engineers in order to select the optimal solution. In this paper, we present a novel deep-learning-based approach for model parameter calibration in power systems. Our study focused on the generator model as an example. We studied several deep-learning-based approaches including 1-D Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM), and Gated Recurrent Units (GRU), which were trained to estimate model parameters using simulated Phasor Measurement Unit (PMU) data. Quantitative evaluations showed that our proposed methods can achieve high accuracy in estimating the model parameters, i.e., achieved a 0.0079 MSE on the testing dataset. We consider these promising results to be the basis for further exploration and development of advanced tools for model validation and calibration.

Threat Actor Attribution is the task of identifying an attacker responsible for an attack. This often requires expert analysis and involves a lot of time. There had been attempts to detect a threat actor using machine learning techniques that use information obtained from the analysis of malware samples. These techniques will only be able to identify the attack, and it is trivial to guess the attacker because various attackers may adopt an attack method. A state-of-the-art method performs attribution of threat actors from text reports using Machine Learning and NLP techniques using Threat Intelligence reports. We use the same set of Threat Reports of Advanced Persistent Threats (APT). In this paper, we propose a Deep Learning architecture to attribute Threat actors based on threat reports obtained from various Threat Intelligence sources. Our work uses Neural Networks to perform the task of attribution and show that our method makes the attribution more accurate than other techniques and state-of-the-art methods.

The deep learning-based compressive Sensing (CS) has shown substantial improved performance and in run-time reduction with signal sampling and reconstruction. In most cases, moreover, these techniques suffer from disrupting artefacts or high-frequency contents at low sampling ratios. Similarly, this occurs in the multi-resolution sampling method, which further collects more components with lower frequencies. A promising innovation combining CS with convolutionary neural network has eliminated the sparsity constraint yet recovery persists slow. We propose a Deep wavelet based compressive sensing with multi-resolution framework provides better improvement in reconstruction as well as run time. The proposed model demonstrates outstanding quality on test functions over previous approaches.

Recent advances in technology have made the deep learning (DL) models available for use in a wide variety of novel applications; for example, generative adversarial network (GAN) models are capable of producing hyper-realistic images, speech, and even videos, such as the so-called “Deepfake” produced by GANs with manipulated audio and/or video clips, which are so realistic as to be indistinguishable from the real ones in human perception. Aside from innovative and legitimate applications, there are numerous nefarious or unlawful ways to use such counterfeit contents in propaganda, political campaigns, cybercrimes, extortion, etc. To meet the challenges posed by Deepfake multimedia, we propose a deep ensemble learning technique called DeepfakeStack for detecting such manipulated videos. The proposed technique combines a series of DL based state-of-art classification models and creates an improved composite classifier. Based on our experiments, it is shown that DeepfakeStack outperforms other classifiers by achieving an accuracy of 99.65% and AUROC of 1.0 score in detecting Deepfake. Therefore, our method provides a solid basis for building a Realtime Deepfake detector.

Nowadays, Fog Computing gets more attention due to its characteristics. Fog computing provides more advantages in related to apply with the latest technology. On the other hand, there is an issue about the data security over processing of data. Fog Computing encounters many security challenges like false data injection, violating privacy in edge devices and integrity of data, etc. An encryption scheme called Homomorphic Encryption (HME) technique is used to protect the data from the various security threats. This homomorphic encryption scheme allows doing manipulation over the encrypted data without decrypting it. This scheme can be implemented in many systems with various crypto-algorithms. This homomorphic encryption technique is mainly used to retain the privacy and to process the stored encrypted data on a remote server. This paper addresses the terminologies of Fog Computing, work flow and properties of the homomorphic encryption algorithm, followed by exploring the application of homomorphic encryption in various public key cryptosystems such as RSA and Pailier. It focuses on various homomorphic encryption schemes implemented by various researchers such as Brakerski-Gentry-Vaikuntanathan model, Improved Homomorphic Cryptosystem, Upgraded ElGamal based Algebric homomorphic encryption scheme, In-Direct rapid homomorphic encryption scheme which provides integrity of data.

Stochastic computing is based on probability concepts which are different from conventional mathematical operations. Advantages of stochastic computing in the fields of neural networks and digital image processing have been reported in literature recently. Arithmetic operations especially multiplications can be performed either by logical AND gates in unipolar format or by EXNOR gates in bipolar format in stochastic computation. Stochastic computing is inherently fault-tolerant and requires fewer logic gates to implement arithmetic operations. Long computing time and low accuracy are the main drawbacks of this system. In this presentation, to reduce hardware requirement and delay, modified stochastic multiplication using AND gate array and multiplexer are used for the design of Finite Impulse Response Filter cores. Performance parameters such as area, power and delay for FIR filter using modified stochastic computing methods are compared with conventional floating point computation.

The current state of the integrated circuit (IC) ecosystem is that only a handful of foundries are at the forefront, continuously pushing the state of the art in transistor miniaturization. Establishing and maintaining a FinFET-capable foundry is a billion dollar endeavor. This scenario dictates that many companies and governments have to develop their systems and products by relying on 3rd party IC fabrication. The major caveat within this practice is that the procured silicon cannot be blindly trusted: a malicious foundry can effectively modify the layout of the IC, reverse engineer its IPs, and overproduce the entire chip. The Hardware Security community has proposed many countermeasures to these threats. Notably, obfuscation has gained a lot of traction - here, the intent is to hide the functionality from the untrusted foundry such that the aforementioned threats are hindered or mitigated. In this paper, we summarize the research efforts of three independent research groups towards achieving trustworthy ICs, even when fabricated in untrusted offshore foundries. We extensively address the use of logic locking and its many variants, as well as the use of high-level synthesis (HLS) as an obfuscation approach of its own.

On the current website, there are many undeniable conditions and there is the existence of new plot holes. If data link is normally extracted on each of the websites, it becomes difficult to evaluate each vulnerability, with tolls such as XS S, SQLI, and other such existing tools for vulnerability assessment. Integrated testing criteria for vulnerabilities are met. In addition, the response should be automated and systematic. The primary value of vulnerability Buffer will be made of predefined and self-formatted code written in python, and the software is automated to send reports to their respective users. The vulnerabilities are tried to be classified as accessible. OWASP is the main resource for developing and validating web security processes.

Machine learning and Artificial Intelligent techniques are the most used techniques. It gives opportunity to online sharing market where sharing and adopting model is being popular. It gives attackers many new opportunities. Deep neural network is the most used approached for artificial techniques. In this paper we are presenting a Proof of Concept method to detect Trojan attacks on the Deep Neural Network. Deploying trojan models can be dangerous in normal human lives (Application like Automated vehicle). First inverse the neuron network to create general trojan triggers, and then retrain the model with external datasets to inject Trojan trigger to the model. The malicious behaviors are only activated with the trojan trigger Input. In attack, original datasets are not required to train the model. In practice, usually datasets are not shared due to privacy or copyright concerns. We use five different applications to demonstrate the attack, and perform an analysis on the factors that affect the attack. The behavior of a trojan modification can be triggered without affecting the test accuracy for normal input datasets. After generating the trojan trigger and performing an attack. It's applying SHAP as defense against such attacks. SHAP is known for its unique explanation for model predictions.

As the configuration used for the Mobile Ad hoc Networks (MANET) does not have a fixed infrastructure as well, the mechanism varies for each MANET. The finding of the route in this mechanism also varies because it does not have any fixed path route for routing as well every node in this structure behaves like a base station. MANET has such freedom for its creation, so it also faces various types of attacks on it. Some of the attacks are a black hole, warm hole etc. The researchers have provided various methods to prevent warm hole attacks, as the warm hole attack is seen as difficult to prevent. So here a mechanism is proposed to detect and prevent the warm hole attack using the AODV protocol which is based on trust calculation. In our method, the multiple path selection is used for finding the best path for routing. The path is tested for the warm hole attack, as the node is detected the data packet sent in between the source and destination selects the path from the multi-paths available and the packet delivery is improved. The packet delivery ratio (PDR) is calculated for the proposed mechanism, and the results have improved the PDR by 71.25%, throughput by 74.09 kbps, and the E to E delay is decreased by 57.92ms for the network of 125 nodes.

Security maintenance of Supervisory Control and Data Acquisition (SCADA) systems has been a point of interest during recent years. Numerous research works have been dedicated to the design of intrusion detection systems for securing SCADA communications. Nevertheless, these data-driven techniques are usually dependant on the quality of the monitored data. In this work, we propose a novel feature selection approach, called MSFS, to tackle undesirable quality of data caused by feature redundancy. In contrast to most feature selection techniques, the proposed method models each class in a different subspace, where it is optimally discriminated. This has been accomplished by resorting to ensemble learning, which enables the usage of multiple feature sets in the same feature space. The proposed method is then utilized to perform intrusion detection in smaller subspaces, which brings about efficiency and accuracy. Moreover, a comparative study is performed on a number of advanced feature selection algorithms. Furthermore, a dataset obtained from the SCADA system of a gas pipeline is employed to enable a realistic simulation. The results indicate the proposed approach extensively improves the detection performance in terms of classification accuracy and standard deviation.

The purpose of the work is a formalized description of the method determining numerical expression of the danger from actions potentially implemented by an information security violator. The implementation of such actions may lead to a disruption of the ordered functioning of multilevel distributed automated process control systems, which indicates the importance of developing new adequate solutions for predicting attacks consequences. The analysis of the largest destructive effects on information security systems of critical objects is carried out. The most common methods of obtaining the value of the hazard quotient of information security violators' destructive actions are considered. Based on the known methods for determining the possible damage from attacks implemented by a potential information security violator, a new, previously undetected in open sources method for determining the hazard quotient of destructive actions of an information security violator has been proposed. In order to carry out experimental calculations by the proposed method, the authors developed the required software. The calculations results are presented and indicate the possibility of using the proposed method for modeling threats and information security violators when designing an information security system for automated process control systems.

Supply chain plays a significant job in an organization making systems between an organization and its supplier to deliver and disperse items and administrations to the last purchasers. Digitization alludes to the way toward moving physical reports into physical documents. Digitization will make incredible open doors for associations and supply chain rehearses. Numerous associations need to turn out to be progressively “advanced” since they have watched the criticality and value of computerized advances for their development and their own organizations. This research study topic presents a review of the supply chain management digitization practices and dreams with a merged image of digitization and stream of data between the Supplier and Manufacturer chain. Value management, in value analysis, assumes a huge job in a viable Digital Supply Chain Management, it is progressively centered around mechanization, digitizing the procedure, and the coordination and reconciliation of the considerable number of components associated with the supply chain. In view of how value-chain management has developed, it assumes an urgent job in managing the ever-expanding unpredictability in supply chains all inclusive. This study presents an overview of the supply chain management digitization practices and visions with a consolidated picture of digitization and flow of information between the Supplier and Manufacturer chain. This study can be further improved by integrating the latest technology and tools AI and IoT-as a future study.

The Ad-hoc Vehicular networks (VANET) was developed through the implementation of the concepts of ad-hoc mobile networks(MANET), which is swiftly maturing, promising, emerging wireless communication technology nowadays. Vehicular communication enables us to communicate with other vehicles and Roadside Infrastructure Units (RSU) to share information pertaining to the safety system, traffic analysis, Authentication, privacy, etc. As VANETs operate in an open wireless connectivity system, it increases permeable of variant type's security issues. Security concerns, however, which are either generally seen in ad-hoc networks or utterly unique to VANET, present significant challenges. Access Control List (ACL) can be an efficient feature to solve such security issues by permitting statements to access registered specific IP addresses in the network and deny statement unregistered IP addresses in the system. To establish such secured VANETs, the License number of the vehicle will be the Identity Number, which will be assigned via a DNS server by the Traffic Certification Authority (TCA). TCA allows registered vehicles to access the nearest two or more regions. For special vehicles, public access should be restricted by configuring ACL on a specific IP. Smart-card given by TCA can be used to authenticate a subscriber by checking previous records during entry to a new network area. After in-depth analysis of Packet Delivery Ratio (PDR), Packet Loss Ratio (PLR), Average Delay, and Handover Delay, this research offers more secure and reliable communication in VANETs.

The present work describes a remote environment monitoring system based on the paradigms of mesh networks and opportunistic networks, whereby a sensor node can explore “con-nectivity windows” to transmit information that will eventually reach another network participants. We discuss the threats to the system's security and propose security mechanisms for the system ensuring the integrity and availability of monitoring information, something identified as critical to its proper operation.

Increasing penetration of distributed energy resources (DERs) in distribution networks expands the cyberattack surface. Moreover, the widely used standard protocols for communicating DER inverters such as Modbus is more vulnerable to data-integrity attacks and denial of service (DoS) attacks because of its native clear-text packet format. This paper proposes a distributed intrusion detection system (D-IDS) architecture and algorithms for detecting anomalies on the DER Modbus communication. We devised a model-based approach to define physics-based threshold bands for analog data points and transaction-based threshold bands for both the analog and discrete data points. The proposed IDS algorithm uses the model- based approach to develop Modbus-specific IDS rule sets, which can enhance the detection accuracy of the anomalies either by data-integrity attacks or maloperation on cyber-physical DER Modbus devices. Further, the IDS algorithm autogenerates the Modbus-specific IDS rulesets in compliance with various open- source IDS rule syntax formats, such as Snort and Suricata, for seamless integration and mitigation of semantic/syntax errors in the development and production environment. We considered the IEEE 13-bus distribution grid, including DERs, as a case study. We conducted various DoS type attacks and data-integrity attacks on the hardware-in-the-loop (HIL) CPS DER testbed at ISU to evaluate the proposed D-IDS. Consequently, we computed the performance metrics such as IDS detection accuracy, IDS detection rate, and end-to-end latency. The results demonstrated that 100% detection accuracy, 100% detection rate for 60k DoS packets, 99.96% detection rate for 80k DoS packets, and 0.25 ms end-to-end latency between DERs to Control Center.