Biblio

Following review depicts a unique speech recognition technique, based on planned analysis and utilization of Neural Network and Google API using speech’s characteristics. Multifactor security system pioneered for the authentication of vocal modalities and identification. Undergone project drives completely unique strategy of independent convolution layers structure and involvement of totally unique convolutions includes spectrum and Mel-frequency cepstral coefficient. This review takes in the statistical analysis of sound using scaled up and scaled down spectrograms, conjointly by exploitation the Google Speech-to-text API turns speech to pass code, it will be cross-verified for extended security purpose. Our study reveals that the incorporated methodology and the result provided elucidate the inclination of research in this area and encouraged us to advance in this field.

Zero trust security model has been picking up adoption in various organizations due to its various advantages. Data quality is still one of the fundamental challenges in data curation in many organizations where data consumers don’t trust data due to associated quality issues. As a result, there is a lack of confidence in making business decisions based on data. We design a model based on the zero trust security model to demonstrate how the trust of data consumers can be established. We present a sample application to distinguish the traditional approach from the zero trust based data quality framework.

Utilities and local power providers throughout the world have recognized the advantages of the "smart grid" to encourage consumers to engage in greater energy efficiency. The digitalization of electricity and the consumer interface enables utilities to develop pricing arrangements that can smooth peak load. Time-varying price signals can enable devices associated with heating, air conditioning, and ventilation (HVAC) systems to communicate with market prices in order to more efficiently configure energy demand. Moreover, the shorter time intervals and greater collection of data can facilitate the integration of distributed renewable energy into the power grid. This study contributes to the understanding of time-varying pricing using a model that examines the extent to which transactive energy can reduce economic costs of an aggregated group of households with varying levels of distributed solar energy. It also considers the potential for transactive energy to smooth the demand curve.

With the reform of the power market(PM), various power applications based on computer networks have also developed. As a network application system supporting the operation of the PM, the technical support system(TSS) of the PM has become increasingly important for its network information security(NIS). The purpose of this article is to study the security protection of computer network information in power systems. This paper proposes an identity authentication algorithm based on digital signatures to verify the legitimacy of system user identities; on the basis of PMI, according to the characteristics of PM access control, a role-based access control model with time and space constraints is proposed, and a role-based access control model is designed. The access control algorithm based on the attribute certificate is used to manage the user's authority. Finally, according to the characteristics of the electricity market data, the data security transmission algorithm is designed and the feasibility is verified. This paper presents the supporting platform for the security test and evaluation of the network information system, and designs the subsystem and its architecture of the security situation assessment (TSSA) and prediction, and then designs the key technologies in this process in detail. This paper implements the subsystem of security situation assessment and prediction, and uses this subsystem to combine with other subsystems in the support platform to perform experiments, and finally adopts multiple manifestations, and the trend of the system's security status the graph is presented to users intuitively. Experimental studies have shown that the residual risks in the power system after implementing risk measures in virtual mode can reduce the risk value of the power system to a fairly low level by implementing only three reinforcement schemes.

With the increasing complexity, modern system-onchip (SoC) designs are becoming more susceptible to security attacks and require comprehensive security assurance. However, establishing a comprehensive assurance for security often involves knowledge of relevant security assets. Since modern SoCs contain myriad confidential assets, the identification of security assets is not straightforward. The number and types of assets change due to numerous embedded hardware blocks within the SoC and their complex interactions. Some security assets are easily identifiable because of their distinct characteristics and unique definitions, while others remain in the blind-spot during design and verification and can be utilized as potential attack surfaces to violate confidentiality, integrity, and availability of the SoC. Therefore, it is essential to automatically identify security assets in an SoC at pre-silicon design stages to protect them and prevent potential attacks. In this paper, we propose an automated CAD framework called SAF to identify an SoC's security assets at the register transfer level (RTL) through comprehensive vulnerability analysis under different threat models. Moreover, we develop and incorporate metrics with SAF to quantitatively assess multiple vulnerabilities for the identified security assets. We demonstrate the effectiveness of SAF on MSP430 micro-controller and CEP SoC benchmarks. Our experimental results show that SAF can successfully and automatically identify an SoC's most vulnerable underlying security assets for protection.

Surface acoustic wave devices based on LiNbO3/interlayer/substrate layered structure have attracted great attention due to the high electromechanical coupling coefficient (K2) of LiNbO3 and the energy confinement effect of the layered structure. In this study, 30° YX-LiNbO3 (LN)/SiO2/Si multilayered structure, which can excited shear-horizontal surface acoustic wave (SH-SAW) with high K2, was proposed. The optimized orientation of LiNbO3 was verified by the effective permittivity method based on the stiffness matrix. The phase velocity, K2 value, and temperature coefficient of frequency (TCF) of the SH-SAW were calculated as a function of the LiNbO3 thickness at different thicknesses of the SiO2 in 30° YX-LiNbO3/SiO2/Si multilayer structure by finite element method (FEM). The results show that the optimized LiNbO3 thickness is 0.1 and the optimized SiO2 thickness is 0.2λ. The optimized Al electrode thickness and metallization ratio are 0.07 and 0.4, respectively. The K2 of the SH-SAW is 29.89%, the corresponding phase velocity is 3624.00 m/s and TCF is about 10 ppm/°C with the optimized IDT/30° YX-LiNbO3/SiO2/Si layered structure.

In Magnetic Josephson Junctions (MJJs) based on Superconductor-Insulator-Superconductor-Ferromagnet-Superconductor (SIS’FS), we provide evidence of an unconventional magnetic field behavior of the critical current characterized by an inverted magnetic hysteresis, i.e., an inverted shift of the whole magnetic field pattern when sweeping the external field. By thermoremanence measurements of S/F/S trilayers, we have ruled out that this uncommon behavior could be related to the F-stray fields. In principle, this finding could have a crucial role in the design and proper functioning of scalable cryogenic memories.

Space systems provide many critical functions to the military, federal agencies, and infrastructure networks. Nation-state adversaries have shown the ability to disrupt critical infrastructure through cyber-attacks targeting systems of networked, embedded computers. Moving target defenses (MTDs) have been proposed as a means for defending various networks and systems against potential cyber-attacks. MTDs differ from many cyber resilience technologies in that they do not necessarily require detection of an attack to mitigate the threat. We devised a MTD algorithm and tested its application to a real-time network. We demonstrated MTD usage with a real-time protocol given constraints not typically found in best-effort networks. Second, we quantified the cyber resilience benefit of MTD given an exfiltration attack by an adversary. For our experiment, we employed MTD which resulted in a reduction of adversarial knowledge by 97%. Even when the adversary can detect when the address changes, there is still a reduction in adversarial knowledge when compared to static addressing schemes. Furthermore, we analyzed the core performance of the algorithm and characterized its unpredictability using nine different statistical metrics. The characterization highlighted the algorithm has good unpredictability characteristics with some opportunity for improvement to produce more randomness.

With the advancement of network technology, users can now easily gain access to and benefit from networks. However, the number of network violations is increasing. The main issue with this violation is that irresponsible individuals are infiltrating the network. Network intrusion can be interpreted in a variety of ways, including cyber criminals forcibly attempting to disrupt network connections, gaining unauthorized access to valuable data, and then stealing, corrupting, or destroying the data. There are already numerous systems in place to detect network intrusion. However, the systems continue to fall short in detecting and counter-attacking network intrusion attacks. This research aims to enhance the detection of Denial of service (DoS) by identifying significant features and identifying abnormal network activities more accurately. To accomplish this goal, the study proposes an Intrusion Analysis System for detecting Denial of service (DoS) network attacks using machine learning. The accuracy rate of the proposed method using random forest was demonstrated in our experimental results. It was discovered that the accuracy rate with each dataset is greater than 98.8 percent when compared to traditional approaches. Furthermore, when features are selected, the detection time is significantly reduced.

Secret-related carrier intelligent management and control system uses the Internet of Things and artificial intelligence to solve the transformation of secret-related carrier management and control from manual operation to automatic detection, precise monitoring, and intelligent decision-making, and use technical means to resolve security risks. However, the coexistence of multiple heterogeneous networks will lead to various network security problems in the secret carrier intelligent management and control. Aiming at the actual requirements of the intelligent management and control of secret-related carriers, this paper proposes a system structure including device domain, network domain, platform domain and user domain, and conducts a detailed system security analysis, and introduces intelligent agent technology, and proposes a distributed system. The hierarchical system structure of the secret-related carrier intelligent management and control security protection model has good robustness and portability.

This paper is devoted to boundary control design for urban traffic described on a macroscopic scale. The state corresponds to vehicle density that evolves on a continuum two-dimensional domain that represents a continuous approximation of a urban network. Its parameters are interpolated as a function of distance to physical roads. The dynamics are governed by a new macroscopic multi-directional traffic model that encompasses a system of four coupled partial differential equations (PDE) each describing density evolution in one direction layer: North, East, West and South (NEWS). We analyse the class of desired states that the density governed by NEWS model can achieve. Then a boundary control is designed to drive congested traffic to an equilibrium with the minimal congestion level. The result is validated numerically using the real structure of Grenoble downtown (a city in France).

Existing compression coding technologies are investigated using a statistical approach. The fundamental strategies used in the process of statistical coding of video information data are analyzed. Factors that have a significant impact on the reliability and efficiency of video delivery in the process of statistical coding are analyzed. A model for estimating the impact of errors in the process of reconstruction of uneven code structures on the quality of recoverable video images is being developed.The influence of errors that occur in data transmission channels on the reliability of the reconstructed video image is investigated.

The availability of FPGAs in cloud data centers offers rapid, on-demand access to hardware compute resources that users can configure to their own needs. However, the low-level access to the hardware FPGA and associated resources such as PCIe, SSD, or DRAM also opens up threats of malicious attackers uploading designs that are able to infer information about other users or about the cloud infrastructure itself. In particular, this work presents a new, fast PCIe-contention-based channel that is able to transmit data between different FPGA-accelerated virtual machines with bandwidths reaching 2 kbps with 97% accuracy. This paper further demonstrates that the PCIe receiver circuits are able to not just receive covert transmissions, but can also perform fine-grained monitoring of the PCIe bus or detect different types of activities from other users' FPGA-accelerated virtual machines based on their PCIe traffic signatures. Beyond leaking information across different virtual machines, the ability to monitor the PCIe bandwidth over hours or days can be used to estimate the data center utilization and map the behavior of the other users. The paper also introduces further novel threats in FPGA-accelerated instances, including contention due to shared NVMe SSDs as well as thermal monitoring to identify FPGA co-location using the DRAM modules attached to the FPGA boards. This is the first work to demonstrate that it is possible to break the separation of privilege in FPGA-accelerated cloud environments, and highlights that defenses for public clouds using FPGAs need to consider PCIe, SSD, and DRAM resources as part of the attack surface that should be protected.

In the ever evolving Internet threat landscape, Distributed Denial-of-Service (DDoS) attacks remain a popular means to invoke service disruption. DDoS attacks, however, have evolved to become a tool of deceit, providing a smokescreen or distraction while some other underlying attack takes place, such as data exfiltration. Knowing the intent of a DDoS, and detecting underlying attacks which may be present concurrently with it, is a challenging problem. An entity whose network is under a DDoS attack may not have the support personnel to both actively fight a DDoS and try to mitigate underlying attacks. Therefore, any system that can detect such underlying attacks should do so only with a high degree of confidence. Previous work utilizing flow aggregation techniques with multi-class anomaly detection showed promise in both DDoS detection and detecting underlying attacks ongoing during an active DDoS attack. In this work, we head in the opposite direction, utilizing flow segmentation and concurrent flow feature aggregation, with the primary goal of greatly reduced detection times of both DDoS and underlying attacks. Using the same multi-class anomaly detection approach, we show greatly improved detection times with promising detection performance.

Cloud Computing (CC) has emerged as an on-demand accessible tool in different practical applications such as digital industry, academics, manufacturing, health sector and others. In this paper different security threats faced by CC are discussed with suitable examples. Moreover, an artificial intelligence based security enabled CC is also discussed based on suitable empirical data. It is found that an artificial neural network (ANN) is an effective system to detect the level of risk factors associated with CC along with mitigating those risk issues with appropriate algorithms. Hence, it provides a desired level of protection against cyber attacks, internal confidential threats and external threat of data theft from a cloud computing system. Levenberg–Marquardt (LMBP) algorithms are also found as a significant tool to estimate the level of security performance around a cloud computing system. ANN is used to improve the performance level of data security across a cloud computing network and make it security enabled to ensure a protected data transmission to clients associated with the system.

In this paper we use a seeded modular coding scheme for implementing physical layer security in a wiretap scenario. This modular scheme consists of a traditional coding layer and a security layer. For the traditional coding layer, we use a polar code. We evaluate the performance of the seeded modular coding scheme in an experimental setup with software defined radios and compare these results to simulation results. In order to assess the secrecy level of the scheme, we employ the distinguishing security metric. In our experiments, we compare the distinguishing error rate for different seeds and block lengths.

As it is easy to ensure the confidentiality of users on the Dark Web, malware and exploit kits are sold on the market, and attack methods are discussed in forums. Some services provide IoT Botnet to perform distributed denial-of-service (DDoS as a Service: DaaS), and it is speculated that the purchase of these services is made on the Dark Web. By crawling such information and storing it in a database, threat intelligence can be obtained that cannot otherwise be obtained from information on the Surface Web. However, crawling sites on the Dark Web present technical challenges. For this paper, we implemented a crawler that can solve these challenges. We also collected information on markets and forums on the Dark Web by operating the implemented crawler. Results confirmed that the dataset collected by crawling contains threat intelligence that is useful for analyzing cyber attacks, particularly those related to IoT Botnet and DaaS. Moreover, by uncovering the relationship with security reports, we demonstrated that the use of data collected from the Dark Web can provide more extensive threat intelligence than using information collected only on the Surface Web.

Generative Adversarial Networks (GANs) are machine learning methods that are used in many important and novel applications. For example, in imaging science, GANs are effectively utilized in generating image datasets, photographs of human faces, image and video captioning, image-to-image translation, text-to-image translation, video prediction, and 3D object generation to name a few. In this paper, we discuss how GANs can be used to create an artificial world. More specifically, we discuss how GANs help to describe an image utilizing image/video captioning methods and how to translate the image to a new image using image-to-image translation frameworks in a theme we desire. We articulate how GANs impact creating a customized world.

Distributed Denial-of-Service (DDoS) attacks pose a huge risk to the network and threaten its stability. A game theoretic approach for intrusion detection and prevention is proposed to avoid DDoS attacks in the internet. Game theory provides a control mechanism that automates the intrusion detection and prevention process within a network. In the proposed system, system-subject interaction is modeled as a 2-player Bayesian signaling zero sum game. The game's Nash Equilibrium gives a strategy for the attacker and the system such that neither can increase their payoff by changing their strategy unilaterally. Moreover, the Intent Objective and Strategy (IOS) of the attacker and the system are modeled and quantified using the concept of incentives. In the proposed system, the prevention subsystem consists of three important components namely a game engine, database and a search engine for computing the Nash equilibrium, to store and search the database for providing the optimum defense strategy. The framework proposed is validated via simulations using ns3 network simulator and has acquired over 80% detection rate, 90% prevention rate and 6% false positive alarms.

The extraordinary number of alerts generated by network intrusion detection systems (NIDS) can desensitize security analysts tasked with incident response. Security information and event management systems (SIEMs) perform some rudimentary automation but cannot replicate the decision-making process of a skilled analyst. Machine learning and artificial intelligence (AI) can detect patterns in data with appropriate training. In practice, the majority of the alert data comprises false alerts, and true alerts form only a small proportion. Consequently, a naive engine that classifies all security alerts into the majority class can yield a superficial high accuracy close to 100%. Without any correction for the class imbalance, the false alerts will dominate algorithmic predictions resulting in poor generalization performance. We propose a machine-learning approach to address the class imbalance problem in multi-appliance security alert data and automate the security alert analysis process performed in security operations centers (SOCs). We first used the neighborhood cleaning rule (NCR) to identify and remove ambiguous, noisy, and redundant false alerts. Then, we applied the support vector machine synthetic minority oversampling technique (SVMSMOTE) to generate synthetic training true alerts. Finally, we fit and evaluated the decision tree and random forest classifiers. In the experiments, using alert data from eight security appliances, we demonstrated that the proposed method can significantly reduce the need for manual auditing, decreasing the number of uninspected alerts and achieving a performance of 99.524% in recall.

SQL Injection and Cross-Site Scripting are the two most common attacks in database-based web applications. In this paper we propose a system to detect different types of SQL injection and XSS attacks associated with a web application, without the existence of any firewall, while significantly reducing the network overhead. We use properly modifications of the Nginx Reverse Proxy protocols and Suricata NIDS/ IPS rules. Pure work has been done from other researchers based on the capabilities of Nginx and Suricata and our approach with the experimental results provided in the paper demonstrate the efficiency of our system.

Kernel embeddings of distributions have recently gained significant attention in the machine learning community as a data-driven technique for representing probability distributions. Broadly, these techniques enable efficient computation of expectations by representing integral operators as elements in a reproducing kernel Hilbert space. We apply these techniques to the area of stochastic optimal control theory and present a method to compute approximately optimal policies for stochastic systems with arbitrary disturbances. Our approach reduces the optimization problem to a linear program, which can easily be solved via the Lagrangian dual, without resorting to gradient-based optimization algorithms. We focus on discrete- time dynamic programming, and demonstrate our proposed approach on a linear regulation problem, and on a nonlinear target tracking problem. This approach is broadly applicable to a wide variety of optimal control problems, and provides a means of working with stochastic systems in a data-driven setting.

Privacy and data security are critical aspects in databases, mainly when the latter are publically accessed such in social networks. Furthermore, for advanced databases, such as NoSQL ones, security models and security meta-data must be integrated to the business specification and data. In the literature, the proposed models for NoSQL databases can be considered as static, in the sense where the privileges for a given user are predefined and remain unchanged during job sessions. In this paper, we propose a novel model for NoSQL database access control that we aim that it will be dynamic. To be able to design such model, we have considered the Trust concept to compute the reputation degree for a given user that plays a given role.