Biblio

Due to the decentralization, irreversibility, and traceability, blockchain has attracted significant attention and has been deployed in many critical industries such as banking and logistics. However, the micro-architecture characteristics of blockchain programs still remain unclear. What's worse, the large number of micro-architecture events make understanding the characteristics extremely difficult. We even lack a systematic approach to identify the important events to focus on. In this paper, we propose a novel benchmarking methodology dubbed BBS to characterize blockchain programs at micro-architecture level. The key is to leverage fuzzy set theory to identify important micro-architecture events after the significance of them is quantified by a machine learning based approach. The important events for single programs are employed to characterize the programs while the common important events for multiple programs form an importance vector which is used to measure the similarity between benchmarks. We leverage BBS to characterize seven and six benchmarks from Blockbench and Caliper, respectively. The results show that BBS can reveal interesting findings. Moreover, by leveraging the importance characterization results, we improve that the transaction throughput of Smallbank from Fabric by 70% while reduce the transaction latency by 55%. In addition, we find that three of seven and two of six benchmarks from Blockbench and Caliper are redundant, respectively.

With fast turn of events and development of the web, malware is one of major digital dangers nowadays. Henceforth, malware detection is an important factor in the security of computer systems. Nowadays, attackers generally design polymeric malware [1], it is usually a type of malware [2] that continuously changes its recognizable feature to fool detection techniques that uses typical signature based methods [3]. That is why the need for Machine Learning based detection arises. In this work, we are going to obtain behavioral-pattern that may be achieved through static or dynamic analysis, afterward we can apply dissimilar ML techniques to identify whether it's malware or not. Behavioral based Detection methods [4] will be discussed to take advantage from ML algorithms so as to frame social-based malware recognition and classification model.

In the past few years, the malware industry has been thriving. Malware variants among the same malware family shared similar behavioural patterns or signatures reflecting their purpose. We propose an approach that combines support vector machine (SVM) classifiers and active learning by learning (ALBL) techniques to deal with insufficient labeled data in terms of the malware classification tasks. The proposed approach is evaluated with the malware family dataset from Microsoft Malware Classification Challenge (BIG 2015) on Kaggle. The results show that ALBL techniques can effectively boost the performance of our machine learning models and improve the quality of labeled samples.

The dependency of the smart grid is higher in terms of Wireless Sensors (WS) for flexible monitoring and control. Sensor nodes are required to sense, collect and process the real-time data and transfer it to the monitoring stations. Mostly, it is deployed in extremely rural areas where human access is limited making it vulnerable to cyber intrusion. In this paper, an easy, efficient and low memory usage program is proposed to detect False Data Injection Cyber Attack (FDICA) in very little time to protect the smart grid network. Each bus of the IEEE test system is represented by a connected graph node having a weight equal to 1. During FDICA the weight of the node changes and triggers the alarm if the change is below the predefined threshold value. MATLAB software is used to evaluate the performance of the proposed method under different conditions. Simulation results indicate that the proposed method detects the FDICA in minimal time increasing the resilience capability of the smart grid.

The increasing using of IoT technologies in the industrial sector creates new challenges for the information security of such systems. Using IoT-devices for building SCADA systems cause standard protocols and public networks for data transmitting. Commercial off-the-shelf devices and systems are a new base for industrial control systems, which have high-security risks. There are some useful models are exist for security analysis of information systems, but they do not take into account IoT architecture. The nested attributed metagraph model for the security of IoT-based solutions is proposed and discussed.

Peer to peer file transferring is always a better approach for sharing the contents among multiple nodes when they are in same logical network. Sometimes when a peer leaves the network and its resources key is handed-over to other neighbors (may be adjacent peer) there is always high risk for transferring of related content. In this paper a solution has been implemented through which peers can share files with another peer in a secure manner over P2P enabled intra-network. The data of Peers are located in two different folders namely- PUBLIC and PRIVATE. For a PRIVATE file, the permission from the owner will be desired to retrieve the file at the receiving-end peer. This enables users to restrict the outflow of files. The main advantage of this application is that there is no need of global network (internetwork) and a centralized server.

Cloud computing is a new kind of computing model which allows users to effectively rent virtualized computing resources on pay as you go model. It offers many advantages over traditional models in IT industries and healthcare as well. However, there is lack of trust between CSUs and CSPs to prevent the extensive implementation of cloud technologies amongst industries. Different models are developed to overcome the uncertainty and complexity between CSP and CSU regarding suitability. Several researchers focused on resource optimization, scheduling and service dependability in cloud computing by using fuzzy logic. But, data storage and security using fuzzy logic have been ignored. In this paper, a trust evaluation model is proposed for cloud computing security using fuzzy theory. Authors evaluates how fuzzy logic increases efficiency in trust evaluation. To validate the effectiveness of proposed FTEM, authors presents a case study of healthcare organization.

As the demand of online data availability increases for sharing data, business analytics, security of available data becomes important issue, data needs to be protected from unauthorized access as well as it needs to provide authority that the data is received from a trusted owner. To provide owners identity digital watermarking technique is used since long time for multimedia data. This paper proposed a technique which supports watermarking on database as most of the data available today is in database format. The characters to be entered as watermark are converted into binary values; these binary values are hidden in the database using space character. Each bit is hidden in each tuple randomly. Ant colony optimization algorithm is proposed to select tuples where watermark bits are inserted. The proposed system is enhanced in terms of security due to use of ant colony optimization and resilient because even if some bits are modified the hidden text remains almost same.

Fake source packet routing protocols can ensure Source Location Privacy (SLP) protection. However, the protocols have demonstrated some performance limitations including high energy consumption, low packet delivery ratio (PDR), and long end-to-end delay (EED). In this study, a 2-level phantom routing protocol is proposed to address some limitations of an existing fake source packet routing protocol. The proposed protocol supplants the fake source packets with a random second level phantom node to alleviate the limitations. Analysis results confirm that the proposed protocol is capable of achieving strong SLP protection with minimized communication overhead. By removing the fake packet traffic in the network, the protocol incurs minimized energy consumption, maximized PDR, and minimized EED.

As the number of data in various industries and government sectors is growing exponentially, the `7V' concept of big data aims to create a new value by indiscriminately collecting and analyzing information from various fields. At the same time as the ecosystem of the ICT industry arrives, big data utilization is treatened by the privacy attacks such as infringement due to the large amount of data. To manage and sustain the controllable privacy level, there need some recommended de-identification techniques. This paper exploits those de-identification processes and three types of commonly used privacy models. Furthermore, this paper presents use cases which can be adopted those kinds of technologies and future development directions.

Preserving medical data is of utmost importance to stake holders. There are not many laws in India about preservation, usability of patient records. When data is transmitted across the globe there are chances of data getting tampered intentionally or accidentally. Tampered data loses its authenticity for diagnostic purpose, research and various other reasons. This paper proposes an authenticity based ECDSA algorithm by signature verification to identify the tampering of medical image files and alerts by the rules of authenticity. The algorithm can be used by researchers, doctors or any other educated person in order to maintain the authenticity of the record. Presently it is applied on medical related image files like DICOM. However, it can support any other medical related image files and still preserve the authenticity.

The market landscape has undergone dramatic change because of globalization, shifting marketing conditions, cost pressure, increased competition, and volatility. Transforming the operation of businesses has been possible because of the astonishing speed at which technology has witnessed the change. The automotive industry is on the edge of a revolution. The increased customer expectations, changing ownership, self-driving vehicles and much more have led to the transformation of automobiles, applications, and services from artificial intelligence, sensors, RFID to big data analysis. Large automobiles industries have been emphasizing the collection of data to gain insight into customer's expectations, preferences, and budgets alongside competitor's policies. Statistical methods can be applied to historical data, which has been gathered from various authentic sources and can be used to identify the impact of fixed and variable marketing investments and support automakers to come up with a more effective, precise, and efficient approach to target customers. Proper analysis of supply chain data can disclose the weak links in the chain enabling to adopt timely countermeasures to minimize the adverse effects. In order to fully gain benefit from analytics, the collaboration of a detailed set of capabilities responsible for intersecting and integrating with multiple functions and teams across the business is required. The effective role played by big data analysis in the automobile industry has also been expanded in the research paper. The research paper discusses the scope and challenges of big data. The paper also elaborates on the working technology behind the concept of big data. The paper illustrates the working of MapReduce technology that executes in the back end and is responsible for performing data mining.

It is a well-known fact that the use of Cloud Computing is becoming very common all over the world for data storage and analysis. But the proliferation of the threats in cloud is also their; threats like Information breaches, Data thrashing, Cloud account or Service traffic hijacking, Insecure APIs, Denial of Service, Malicious Insiders, Abuse of Cloud services, Insufficient due Diligence and Shared Technology Vulnerable. This paper tries to come up with the solution for the threat (Denial of Service) in cloud. We attempt to give our newly proposed model by the hybridization of Genetic algorithm and extension of Diffie Hellman algorithm and tries to make cloud transmission secure from upcoming intruders.

In the Internet of Things (IoT), it is feasible to interconnect networks of different devices and all these different devices, such as smartphones, sensor devices, and vehicles, are controlled according to a particular user. These different devices are delivered and accept the information on the network. This thing is to motivate us to do work on IoT and the devices used are sensor nodes. The validation of data delivery completely depends on the checks of count data forwarding in each node. In this research, we propose the Link Hop Value-based Intrusion Detection System (L-IDS) against the blackhole attack in the IoT with the assist of WSN. The sensor nodes are connected to other nodes through the wireless link and exchange data routing, as well as data packets. The LHV value is identified as the attacker's presence by integrating the data delivery in each hop. The LHV is always equivalent to the Actual Value (AV). The RPL routing protocol is used IPv6 to address the concept of routing. The Routing procedure is interrupted by an attacker by creating routing loops. The performance of the proposed L-IDS is compared to the RPL routing security scheme based on existing trust. The proposed L-IDS procedure is validating the presence of the attacker at every source to destination data delivery. and also disables the presence of the attacker in the network. Network performance provides better results in the existence of a security scheme and also fully represents the inoperative presence of black hole attackers in the network. Performance metrics show better results in the presence of expected IDS and improve network reliability.

Intrusion detection is one of the most prominent and challenging problem faced by cybersecurity organizations. Intrusion Detection System (IDS) plays a vital role in identifying network security threats. It protects the network for vulnerable source code, viruses, worms and unauthorized intruders for many intranet/internet applications. Despite many open source APIs and tools for intrusion detection, there are still many network security problems exist. These problems are handled through the proper pre-processing, normalization, feature selection and ranking on benchmark dataset attributes prior to the enforcement of self-learning-based classification algorithms. In this paper, we have performed a comprehensive comparative analysis of the benchmark datasets NSL-KDD and CIDDS-001. For getting optimal results, we have used the hybrid feature selection and ranking methods before applying self-learning (Machine / Deep Learning) classification algorithmic approaches such as SVM, Naïve Bayes, k-NN, Neural Networks, DNN and DAE. We have analyzed the performance of IDS through some prominent performance indicator metrics such as Accuracy, Precision, Recall and F1-Score. The experimental results show that k-NN, SVM, NN and DNN classifiers perform approx. 100% accuracy regarding performance evaluation metrics on the NSL-KDD dataset whereas k-NN and Naïve Bayes classifiers perform approx. 99% accuracy on the CIDDS-001 dataset.

This paper presents a new micro-architectural vulnerability on the power management units of modern computers which creates an electromagnetic-based side-channel. The key observations that enable us to discover this sidechannel are: 1) in an effort to manage and minimize power consumption, modern microprocessors have a number of possible operating modes (power states) in which various sub-systems of the processor are powered down, 2) for some of the transitions between power states, the processor also changes the operating mode of the voltage regulator module (VRM) that supplies power to the affected sub-system, and 3) the electromagnetic (EM) emanations from the VRM are heavily dependent on its operating mode. As a result, these state-dependent EM emanations create a side-channel which can potentially reveal sensitive information about the current state of the processor and, more importantly, the programs currently being executed. To demonstrate the feasibility of exploiting this vulnerability, we create a covert channel by utilizing the changes in the processor's power states. We show how such a covert channel can be leveraged to exfiltrate sensitive information from a secured and completely isolated (air-gapped) laptop system by placing a compact, inexpensive receiver in proximity to that system. To further show the severity of this attack, we also demonstrate how such a covert channel can be established when the target and the receiver are several meters away from each other, including scenarios where the receiver and the target are separated by a wall. Compared to the state-of-the-art, the proposed covert channel has \textbackslashtextgreater3x higher bit-rate. Finally, to demonstrate that this new vulnerability is not limited to being used as a covert channel, we demonstrate how it can be used for attacks such as keystroke logging.

In this digital age, almost every system and service has moved from a localized to a digital environment. Consequently the number of attacks targeting both personal as well as commercial digital devices has also increased exponentially. In most cases specific malware attacks have caused widespread damage and emotional anguish. Though there are automated techniques to analyse and thwart such attacks, they are still far from perfect. This paper identifies optimal features, which improves the accuracy and efficiency of the classification process, required for malware classification in an attempt to assist automated anti-malware systems identify and block malware families in an attempt to secure the end user and reduce the damage caused by these malicious software.

A metric and structure of computing 2020 is proposed in the form of Top 12 Technology Trends, which will influence on investment in science, education and industry in developing countries. The primary social and technological problem of the protection of society and critical facilities through the creation of Global Intelligent Cyber Security is formulated. The axioms of the constructive formation of developing countries on the basis of the adoption of moral relations are formulated. Models, methods and algorithms of cyber-social computing are proposed that are focused on processing big data, searching for keywords and test fragments. New characteristic equations of similarity - differences between the processes and phenomena are synthesized for the exact information retrieval by keywords in cyber-physical space. A computing model of the development of the Universe is formulated, where the binary interactions of entities and forms are harmonic functions of the phase state. A structure of interactive computing of the creative process based on a metric assessment of the development status with world achievements is proposed.

Currently, little attention has been carried out to address the feasibility of in-network caching in Information-Centric Networking (ICN) for the design and real-world deployment of future networks. Towards this line, in this paper, we propose a beneficial caching scheme in ICN by storing no more than a specific number of replicas for each content. Particularly, to realize an optimal content distribution for deploying caches in ICN, a content can be cached either partially or as a full-object corresponding to its request arrival rate and data traffic. Also, we employ a utility-based replacement in each content node to keep the most recent and popular content items in the ICN interconnections. The evaluation results show that the proposal improves the cache hit rate and cache diversity considerably, and acts as a beneficial caching approach for network and service providers in ICN. Specifically, the proposed caching mechanism is easy to deploy, robust, and relevant for the content-based providers by enabling them to offer users high Quality of Service (QoS) and gain benefits at the same time.

The challenge of network traffic classification exists at the heart of many networking related tasks aimed at improving the overall user experience and usability of the internet. Current techniques, such as deep packet inspection, depend heavily on interaction by network administrators and engineers to maintain up to date stores of application network signatures and the infrastructure required to utilize them effectively. In this paper, we introduce Network Traffic Images, a 2-dimensional (2D) formulation of a stream of packet header lengths, which enable us to employ deep convolutional neural networks for network traffic classification. Five different network traffic image orientation mappings are carefully designed to deduce the best way to transform the 1-dimensional packet-subflow into a 2D image. Two different mapping strategies, one packet-relative and the other time-relative, are experimented with to map the packets of a packet flow to the pixels in the image. Experiments shows that high classification accuracy can be achieved with minimal manual effort using network traffic images in deep learning.

Jamming attacks target a wireless network creating an unwanted denial of service. 5G is vulnerable to these attacks despite its resilience prompted by the use of millimeter wave bands. Over the last decade, several types of jamming detection techniques have been proposed, including fuzzy logic, game theory, channel surfing, and time series. Most of these techniques are inefficient in detecting smart jammers. Thus, there is a great need for efficient and fast jamming detection techniques with high accuracy. In this paper, we compare the efficiency of several machine learning models in detecting jamming signals. We investigated the types of signal features that identify jamming signals, and generated a large dataset using these parameters. Using this dataset, the machine learning algorithms were trained, evaluated, and tested. These algorithms are random forest, support vector machine, and neural network. The performance of these algorithms was evaluated and compared using the probability of detection, probability of false alarm, probability of miss detection, and accuracy. The simulation results show that jamming detection based random forest algorithm can detect jammers with a high accuracy, high detection probability and low probability of false alarm.

In Named Data Networking (NDN) architectures, a content object is located according to the content's identifier and can be retrieved from all nodes that hold a replica of the content. The default forwarding strategy of NDN is to forward an Interest packet along the default path from the requester to the server to find a content object according to its name prefix. However, the best path may not be the default path, since content might also be located nearby. Hence, the default strategy could result in a sub-optimal delivery efficiency. To address this issue we introduce a vicinity-based replica finding scheme. This is based on the observation that content objects might be requested several times. Therefore, replicas can be often cached within a particular neighbourhood and thus it might be efficient to specifically look for them in order to improve the content delivery performance. Within this paper, we evaluate the optimal size of the vicinity within which content should be located (i.e. the distance between the requester and its neighbours that are considered within the content search). We also compare the proposed scheme with the default NDN forwarding strategy with respect to replica finding efficiency and network overhead. Using the proposed scheme, we demonstrate that the replica finding mechanism reduces the delivery time effectively with acceptable overhead costs.

Over the past decade, distributed CSMA, which forms the basis for WiFi, has been deployed ubiquitously to provide seamless and high-speed mobile internet access. However, distributed CSMA might not be ideal for future IoT/M2M applications, where the density of connected devices/sensors/controllers is expected to be orders of magnitude higher than that in present wireless networks. In such high-density networks, the overhead associated with completely distributed MAC protocols will become a bottleneck. Moreover, IoT communications are likely to have strict QoS requirements, for which the `best-effort' scheduling by present WiFi networks may be unsuitable. This calls for a clean-slate redesign of the wireless MAC taking into account the requirements for future IoT/M2M networks. In this paper, we propose a reservation-based (for minimal overhead) wireless MAC designed specifically with IoT/M2M applications in mind.

Through analysis of sessions in which files were created and downloaded on three Cowrie SSH/Telnet honeypots, we find that IoT botnets are by far the most common source of malware on connected systems with weak credentials. We detail our honeypot configuration and describe a simple method for listing near-identical malicious login sessions using edit distance. A large number of IoT botnets attack our honeypots, but the malicious sessions which download botnet software to the honeypot are almost all nearly identical to one of two common attack patterns. It is apparent that the Mirai worm is still the dominant botnet software, but has been expanded and modified by other hackers. We also find that the same loader devices deploy several different botnet malware strains to the honeypot over the course of a 40 day period, suggesting multiple botnet deployments from the same source. We conclude that Mirai continues to be adapted but can be effectively tracked using medium interaction honeypots such as Cowrie.

Expressing Keystroke Dynamics (KD) in form of sound opens new avenues to apply sound analysis techniques on KD. However this mapping is not straight-forward as varied feature space, differences in magnitudes of features and human interpretability of the music bring in complexities. We present a musical interface to KD by mapping keystroke features to music features. Music elements like melody, harmony, rhythm, pitch and tempo are varied with respect to the magnitude of their corresponding keystroke features. A pitch embedding technique makes the music discernible among users. Using the data from 30 users, who typed fixed strings multiple times on a desktop, shows that these auditory signals are distinguishable between users by both standard classifiers (SVM, Random Forests and Naive Bayes) and humans alike.