Biblio

With the help of technological advancements in the last decade, it has become much easier to extensively and remotely observe medical conditions of the patients through wearable biosensors that act as connected nodes on Body Area Networks (BANs). Sensitive nature of the critical data captured and communicated via wireless medium makes it extremely important to process it as securely as possible. In this regard, lightweight security mechanisms are needed to overcome the hardware resource restrictions of biosensors. Random and secure cryptographic key generation and agreement among the biosensors take place at the core of these security mechanisms. In this paper, we propose the SKA-PSAR (Augmented Randomness for Secure Key Agreement using Physiological Signals) system to produce highly random cryptographic keys for the biosensors to secure communication in BANs. Similar to its predecessor SKA-PS protocol by Karaoglan Altop et al., SKA-PSAR also employs physiological signals, such as heart rate and blood pressure, as inputs for the keys and utilizes the set reconciliation mechanism as basic building block. Novel quantization and binarization methods of the proposed SKA-PSAR system distinguish it from SKA-PS by increasing the randomness of the generated keys. Additionally, SKA-PSAR generated cryptographic keys have distinctive and time variant characteristics as well as long enough bit sizes that provides resistance against cryptographic attacks. Moreover, correct key generation rate is above 98% with respect to most of the system parameters, and false key generation rate of 0% have been obtained for all system parameters.

In a world with computation at the epicenter of every activity, computing systems must be highly resilient to errors even if miniaturization makes the underlying hardware unreliable. Techniques able to guarantee high reliability are associated to high costs. Early resilience analysis has the potential to support informed design decisions to maximize system-level reliability while minimizing the associated costs. This tutorial focuses on early cross-layer (hardware and software) resilience analysis considering the full computing continuum (from IoT/CPS to HPC applications) with emphasis on soft errors.

We address energy-efficient placement of data and analytics components of composite analytics services on a wireless network to minimize execution-time energy consumption (computation and communication) subject to compute, storage and network resource constraints. We introduce an expressive analytics service hypergraph model for representing k-ary composability relationships (k ≥ 2) between various analytics and data components and leverage binary quadratic programming (BQP) to minimize the total energy consumption of a given placement of the analytics hypergraph nodes on the network subject to resource availability constraints. Then, after defining a potential energy functional Φ(·) to model the affinities of analytics components and network resources using analogs of attractive and repulsive forces in physics, we propose a decentralized Metropolis Monte Carlo (MMC) sampling method which seeks to minimize Φ by moving analytics and data on the network. Although Φ is non-convex, using a potential game formulation, we identify conditions under which the algorithm provably converges to a local minimum energy equilibrium placement configuration. Trace-based simulations of the placement of a deep-neural-network analytics service on a realistic wireless network show that for smaller problem instances our MMC algorithm yields placements with total energy within a small factor of BQP and more balanced workload distributions; for larger problems, it yields low-energy configurations while the BQP approach fails.

We propose an Artificial Intelligence (AI)/Deep Learning (DL)-based image analysis framework for hardware assurance of digital integrated circuits (ICs). Our aim is to examine and verify various hardware information from analyzing the Scanning Electron Microscope (SEM) images of an IC. In our proposed framework, we apply DL-based methods at all essential steps of the analysis. To the best of our knowledge, this is the first such framework that makes heavy use of DL-based methods at all essential analysis steps. Further, to reduce time and effort required in model re-training, we propose and demonstrate various automated or semi-automated training data preparation methods and demonstrate the effectiveness of using synthetic data to train a model. By applying our proposed framework to analyzing a set of SEM images of a large digital IC, we prove its efficacy. Our DL-based methods are fast, accurate, robust against noise, and can automate tasks that were previously performed mainly manually. Overall, we show that DL-based methods can largely increase the level of automation in hardware assurance of digital ICs and improve its accuracy.

For optimal use of cloud resources and to reduce the latency of cloud users, the cloud computing model extends the services such as networking facilities, computational capabilities and storage facilities based on demand. Due to the dynamic behavior, distributed paradigm and heterogeneity present among the processing elements, devices and service oriented pay per use policies; the cloud computing environment is having its availability, security and privacy issues. Among these various issues one of the important issues in cloud computing paradigm is DDoS attack. This paper put in plain words the DDoS attack, its detection as well as prevention mechanisms in cloud computing environment. The inclusive study also explains about the effects of DDoS attack on cloud platform and the related defense mechanisms required to be considered.

Artificial neural networks in general and deep learning networks in particular established themselves as popular and powerful machine learning algorithms. While the often tremendous sizes of these networks are beneficial when solving complex tasks, the tremendous number of parameters also causes such networks to be vulnerable to malicious behavior such as adversarial perturbations. These perturbations can change a model's classification decision. Moreover, while single-step adversaries can easily be transferred from network to network, the transfer of more powerful multi-step adversaries has - usually - been rather difficult.In this work, we introduce a method for generating strong adversaries that can easily (and frequently) be transferred between different models. This method is then used to generate a large set of adversaries, based on which the effects of selected defense methods are experimentally assessed. At last, we introduce a novel, simple, yet effective approach to enhance the resilience of neural networks against adversaries and benchmark it against established defense methods. In contrast to the already existing methods, our proposed defense approach is much more efficient as it only requires a single additional forward-pass to achieve comparable performance results.

Advanced persistent threats (APT) have increased in recent times as a result of the rise in interest by nation-states and sophisticated corporations to obtain high profile information. Typically, APT attacks are more challenging to detect since they leverage zero-day attacks and common benign tools. Furthermore, these attack campaigns are often prolonged to evade detection. We leverage an approach that uses a provenance graph to obtain execution traces of host nodes in order to detect anomalous behavior. By using the provenance graph, we extract features that are then used to train an online adaptive metric learning. Online metric learning is a deep learning method that learns a function to minimize the separation between similar classes and maximizes the separation between dis-similar instances. We compare our approach with baseline models and we show our method outperforms the baseline models by increasing detection accuracy on average by 11.3 % and increases True positive rate (TPR) on average by 18.3 %.

Mobile and IoT operating systems–and their ensuing software updates–are usually distributed as binary files. Given that these binary files are commonly closed source, users or businesses who want to assess the security of the software need to rely on reverse engineering. Further, verifying the correct application of the latest software patches in a given binary is an open problem. The regular application of software patches is a central pillar for improving mobile and IoT device security. This requires developers, integrators, and vendors to propagate patches to all affected devices in a timely and coordinated fashion. In practice, vendors follow different and sometimes improper security update agendas for both mobile and IoT products. Moreover, previous studies revealed the existence of a hidden patch gap: several vendors falsely reported that they patched vulnerabilities. Therefore, techniques to verify whether vulnerabilities have been patched or not in a given binary are essential. Deep learning approaches have shown to be promising for static binary analyses with respect to inferring binary similarity as well as vulnerability detection. However, these approaches fail to capture the dynamic behavior of these systems, and, as a result, they may inundate the analysis with false positives when performing vulnerability discovery in the wild. In particular, they cannot capture the fine-grained characteristics necessary to distinguish whether a vulnerability has been patched or not. In this paper, we present PATCHECKO, a vulnerability and patch presence detection framework for executable binaries. PATCHECKO relies on a hybrid, cross-platform binary code similarity analysis that combines deep learning-based static binary analysis with dynamic binary analysis. PATCHECKO does not require access to the source code of the target binary nor that of vulnerable functions. We evaluate PATCHECKO on the most recent Google Pixel 2 smartphone and the Android Things IoT firmware images, within which 25 known CVE vulnerabilities have been previously reported and patched. Our deep learning model shows a vulnerability detection accuracy of over 93%. We further prune the candidates found by the deep learning stage–which includes false positives–via dynamic binary analysis. Consequently, PATCHECKO successfully identifies the correct matches among the candidate functions in the top 3 ranked outcomes 100% of the time. Furthermore, PATCHECKO's differential engine distinguishes between functions that are still vulnerable and those that are patched with an accuracy of 96%.

Block ciphers are one of the most fundamental building blocks for information and network security. In recent years, the need for lightweight ciphers has dramatically been increased due to their wide use in low-cost cryptosystems, wireless networks and resource-constrained embedded devices including RFIDs, sensor nodes, smart cards etc. In this paper, an efficient lightweight architecture for RECTANGLE block cipher has been proposed. The architecture is suitable for extremely hardware-constrained environments and multiple platforms due to its support of bit-slice technique. The proposed architecture has been synthesized and implemented on Xilinx Virtex-5 xc5vlx110t-1ff1136 field programmable gate array (FPGA) device. Implementation results have been presented and compared with the existing architectures and have shown commensurable performance. Also, an application-specific integrated circuit (ASIC) implementation of the architecture is done on SCL 180 nm CMOS technology where it consumes 2362 gate equivalent (GE).

Enforcing security and resilience in a cloud platform is an essential but challenging problem due to the presence of a large number of heterogeneous applications running on shared resources. A security analysis system that can detect threats or malware must exist inside the cloud infrastructure. Much research has been done on machine learning-driven malware analysis, but it is limited in computational complexity and detection accuracy. To overcome these drawbacks, we proposed a new malware detection system based on the concept of clustering and trend micro locality sensitive hashing (TLSH). We used Cuckoo sandbox, which provides dynamic analysis reports of files by executing them in an isolated environment. We used a novel feature extraction algorithm to extract essential features from the malware reports obtained from the Cuckoo sandbox. Further, the most important features are selected using principal component analysis (PCA), random forest, and Chi-square feature selection methods. Subsequently, the experimental results are obtained for clustering and non-clustering approaches on three classifiers, including Decision Tree, Random Forest, and Logistic Regression. The model performance shows better classification accuracy and false positive rate (FPR) as compared to the state-of-the-art works and non-clustering approach at significantly lesser computation cost.

The completion and the correction of measurement data are the foundation of the ubiquitous power internet of things construction. However, data missing may occur during the data transporting process. Therefore, a model of missing load situation reconstruction based on the generative adversarial networks is proposed in this paper to overcome the disadvantage of depending on data of other relevant factors in conventional methods. Through the unsupervised training, the proposed model can automatically learn the complex features of loads that are difficult to model explicitly to fill the incomplete load data without using other relevant data. Meanwhile, a method of online correction is put forward to improve the robustness of the reconstruction model in different scenarios. The proposed method is fully data-driven and contains no explicit modeling process. The test results indicate that the proposed algorithm is well-matched for the various scenarios, including the discontinuous missing load reconstruction and the continuous missing load reconstruction even massive data missing. Specifically, the reconstruction error rate of the proposed algorithm is within 4% under the absence of 50% load data.

The wireless communication has become very vast, important and easy to access nowadays because of less cost associated and easily available mobile devices. It creates a potential threat for the community while accessing some secure information like banking passwords on the unsecured network. This proposed research work expose such a potential threat such as Rogue Access Point (RAP) detection using soft computing prediction tool. Fuzzy logic is used to implement the proposed model to identify the presence of RAP existence in the network.

Due to improving computational capacity of supercomputers, transmitting encrypted packets via one single network path is vulnerable to brute-force attacks. The versatile attackers secretly eavesdrop all the packets, classify packets into different streams, performs an exhaustive search for the decryption key, and extract sensitive personal information from the streams. However, new Internet Protocol (IP) brings great opportunities and challenges for preventing eavesdropping attacks. In this paper, we propose a Programming Protocol-independent Packet Processors (P4) based Network Immune Scheme (P4NIS) against the eavesdropping attacks. Specifically, P4NIS is equipped with three lines of defense to improve the network immunity. The first line is promiscuous forwarding by splitting all the traffic packets in different network paths disorderly. Complementally, the second line encrypts transmission port fields of the packets using diverse encryption algorithms. The encryption could distribute traffic packets from one stream into different streams, and disturb eavesdroppers to classify them correctly. Besides, P4NIS inherits the advantages from the existing encryption-based countermeasures which is the third line of defense. Using a paradigm of programmable data planes-P4, we implement P4NIS and evaluate its performances. Experimental results show that P4NIS can increase difficulties of eavesdropping significantly, and increase transmission throughput by 31.7% compared with state-of-the-art mechanisms.

With the development of globalization, more and more enterprises are involved in the supply chain network with increasingly complex structure. In this paper, enterprises and relations in the logistics network are abstracted as nodes and edges of the complex network. A graph model for a supply chain network to specified industry is constructed, and the Neo4j graph database is employed to store the graph data. This paper uses the theoretical research tool of complex network to model and analyze the supply chain, and designs a supply chain network evaluation system which include static and dynamic measurement indexes according to the statistical characteristics of complex network. In this paper both the static and dynamic resilience characteristics of the the constructed supply chain network are evaluated from the perspective of complex network. The numeric experimental simulations are conducted for validation. This research has practical and theoretical significance for enterprises to make strategies to improve the anti-risk capability of supply chain network based on logistics network information.

The popularity and demand of home automation has increased exponentially in recent years because of the ease it provides. Recently, development has been done in this domain and few systems have been proposed that either use voice assistants or application for controlling the electrical appliances. However; less emphasis is laid on power efficiency and this system cannot be integrated with the existing appliances and hence, the entire system needs to be upgraded adding to a lot of additional cost in purchasing new appliances. In this research, the objective is to design such a system that emphasises on power efficiency as well as can be integrated with the already existing appliances. NodeMCU, along with Raspberry Pi, Firebase realtime database, is used to create a system that accomplishes such endeavours and can control relays, which can control these appliances without the need of replacing them. The experiments in this paper demonstrate triggering of electrical appliances using voice assistant, fire alarm on the basis of flame sensor and temperature sensor. Moreover; use of android application was presented for operating electrical appliances from a remote location. Lastly, the system can be modified by adding security cameras, smart blinds, robot vacuums etc.

Remote patient monitoring is a system that focuses on patients care and attention with the advent of the Internet of Things (IoT). The technology makes it easier to track distance, but also to diagnose and provide critical attention and service on demand so that billions of people are safer and more safe. Skincare monitoring is one of the growing fields of medical care which requires IoT monitoring, because there is an increasing number of patients, but cures are restricted to the number of available dermatologists. The IoT-based skin monitoring system produces and store volumes of private medical data at the cloud from which the skin experts can access it at remote locations. Such large-scale data are highly vulnerable and otherwise have catastrophic results for privacy and security mechanisms. Medical organizations currently do not concentrate much on maintaining safety and privacy, which are of major importance in the field. This paper provides an IoT based skin surveillance system based on a blockchain data protection and safety mechanism. A secure data transmission mechanism for IoT devices used in a distributed architecture is proposed. Privacy is assured through a unique key to identify each user when he registers. The principle of blockchain also addresses security issues through the generation of hash functions on every transaction variable. We use blockchain consortiums that meet our criteria in a decentralized environment for controlled access. The solutions proposed allow IoT based skin surveillance systems to privately and securely store and share medical data over the network without disturbance.

The objective of the project is to structure a portable application for inspecting and putting away information through a distributed storage administration. The information is remotely put away in the cloud. In some distributed storage frameworks, the cloud record may contain some touchy data. Scrambling the entire shared record doesn't permit different clients to get to it. In the current framework the client needs to use the biometric information to guarantee the character of the client and afterward a marking key will be checked which is to ensure the personality and security of the client. The principle downside of utilizing the biometric information is that it can't be coordinated precisely because of the elements that influence the difference in biometric information. A reference id made is naturally changed over to the QR code and it is checked utilizing a scanner and the specific record is downloaded. This record whenever erased or lost in the customer's inward stockpiling it very well may be recovered again from the cloud.

A distributed event-triggered controller is developed for formation control and leader tracking (FCLT) with robustness to adversarial Byzantine agents for a class of heterogeneous multi-agent systems (MASs). A reputation-based strategy is developed for each agent to detect Byzantine agent behaviors within their neighbor set and then selectively disregard Byzantine state information. Selectively ignoring Byzantine agents results in time-varying discontinuous changes to the network topology. Nonsmooth dynamics also result from the use of the event-triggered strategy enabling intermittent communication. Nonsmooth Lyapunov methods are used to prove stability and FCLT of the MAS consisting of the remaining cooperative agents.

Mining of data is used to analyze facts to discover formerly unknown patterns, classifying and grouping the records. There are several crucial scalable statistics mining platforms that have been developed in latest years. RapidMiner is a famous open source software which can be used for advanced analytics, Weka and Orange are important tools of machine learning for classifying patterns with techniques of clustering and regression, whilst Knime is often used for facts preprocessing like information extraction, transformation and loading. This article encapsulates the most important and robust platforms.

One of the main security issues in telecare medecine information systems is the remote user authentication and key agreement between healthcare professionals and patient's medical sensors. Many of the proposed approaches are based on multiple factors (password, token and possibly biometrics). Two-factor authentication protocols do not resist to many possible attacks. As for three-factor authentication schemes, they usually come with high resource consumption. Since medical sensors have limited storage and computational capabilities, ensuring a minimal resources consumption becomes a major concern in this context. In this paper, we propose a secure and lightweight three-factor authentication and key generation scheme for securing communications between healtcare professional and patient's medical sensors. Thanks to formal verification, we prove that this scheme is robust enough against known possible attacks. A comparison with the most relevant related work's schemes shows that our protocol ensures an optimised resource consumption level.

With the advent of networking technologies and increasing network attacks, Intrusion Detection systems are apparently needed to stop attacks and malicious activities. Various frameworks and techniques have been developed to solve the problem of intrusion detection, still there is need for new frameworks as per the challenging scenario of enormous scale in data size and nature of attacks. Current IDS systems pose challenges on the throughput to work with high speed networks. In this paper we address the issue of high computational overhead of anomaly based IDS and propose the solution using discretization as a data preprocessing step which can drastically reduce the computation overhead. We propose method to provide near real time detection of attacks using only basic flow level features that can easily be extracted from network packets.

Autonomous Underwater Vehicles (AUVs) have several fundamental civilian and military applications, and Denial of Service (DoS) attacks against their communications are a serious threat. In this work, we analyze such an attack using game theory in an asymmetric scenario, in which the node under attack does not know the position of the jammer that blocks its signals. The jammer has a dual objective, namely, disrupting communications and forcing the legitimate transmitter to spend more energy protecting its own transmissions. Our model shows that, if both nodes act rationally, the transmitter is able to quickly reduce its disadvantage, estimating the location of the jammer and responding optimally to the attack.

Technology advancement also increases the risk of a computer's security. As we can have various mechanisms to ensure safety but still there have flaws. The main concerned area is user authentication. For authentication, various biometric applications are used but once authentication is done in the begging there was no guarantee that the computer system is used by the authentic user or not. The intrusion detection system (IDS) is a particular procedure that is used to identify intruders by analyzing user behavior in the system after the user logged in. Host-based IDS monitors user behavior in the computer and identify user suspicious behavior as an intrusion or normal behavior. This paper discusses how an expert system detects intrusions using a set of rules as a pattern recognized engine. We propose a PIDE (Pattern Based Intrusion Detection) model, which is verified previously implemented SBID (Statistical Based Intrusion Detection) model. Experiment results indicate that integration of SBID and PBID approach provides an extensive system to detect intrusion.

Zero-day Web attacks are arguably the most serious threats to Web security, but are very challenging to detect because they are not seen or known previously and thus cannot be detected by widely-deployed signature-based Web Application Firewalls (WAFs). This paper proposes ZeroWall, an unsupervised approach, which works with an existing WAF in pipeline, to effectively detecting zero-day Web attacks. Using historical Web requests allowed by an existing signature-based WAF, a vast majority of which are assumed to be benign, ZeroWall trains a self-translation machine using an encoder-decoder recurrent neural network to capture the syntax and semantic patterns of benign requests. In real-time detection, a zero-day attack request (which the WAF fails to detect), not understood well by self-translation machine, cannot be translated back to its original request by the machine, thus is declared as an attack. In our evaluation using 8 real-world traces of 1.4 billion Web requests, ZeroWall successfully detects real zero-day attacks missed by existing WAFs and achieves high F1-scores over 0.98, which significantly outperforms all baseline approaches.

Crime scene investigation and preservation are fundamentally the pillars of forensics. Numerous cases have been discussed in this paper where mishandling of evidence or improper investigation leads to lengthy trials and even worse incorrect verdicts. Whether the problem is lack of training of first responders or any other scenario, it is essential for police officers to properly preserve the evidence. Second problem is the criminal profiling where each district department has its own method of storing information about criminals. ARCRIME intends to digitally transform the way police combat crime. It will allow police officers to create a copy of the scene of crime so that it can be presented in courts or in forensics labs. It will be in the form of wearable glasses for officers on site whereas officers during training will be wearing a headset. The trainee officers will be provided with simulations of cases which have already been resolved. Officers on scene would be provided with intelligence about the crime and the suspect they are interviewing. They would be able to create a case file with audio recording and images which can be digitally sent to a prosecution lawyer. This paper also explores the risks involved with ARCRIME and also weighs in their impact and likelihood of happening. Certain contingency plans have been highlighted in the same section as well to respond to emergency situations.