Biblio

Swarm intelligence, a nature-inspired concept that includes multiplicity, stochasticity, randomness, and messiness is emergent in most real-life problem-solving. The concept of swarming can be integrated with herding predators in an ecological system. This paper presents the development of stabilizing velocity-based controllers for a Lagrangian swarm of \$nın \textbackslashtextbackslashmathbbN\$ individuals, which are supposed to capture a moving target (intruder). The controllers are developed from a Lyapunov function, total potentials, designed via Lyapunov-based control scheme (LbCS) falling under the classical approach of artificial potential fields method. The interplay of the three central pillars of LbCS, which are safety, shortness, and smoothest course for motion planning, results in cost and time effectiveness and efficiency of velocity controllers. Computer simulations illustrate the effectiveness of control laws.

Distributed denial of service attacks are still one of the greatest threats for computer systems and networks. We propose an intelligent moving target solution against DDOS flooding attacks. Our solution will use a fast-flux approach combined with moving target techniques to increase attack cost and complexity by bringing dynamics and randomization in network address space. It continually increases attack costs and makes it harder and almost infeasible for botnets to launch an attack. Along with performing selective proxy server replication and shuffling clients among this proxy, our solution can successfully separate and isolate attackers from benign clients and mitigate large-scale and complex flooding attacks. Our approach effectively stops both network and application-layer attacks at a minimum cost. However, while we try to make prevalent attack launches difficult and expensive for Bot Masters, this approach is good enough to combat zero-day attacks, too. Using DNS capabilities to change IP addresses frequently along with the proxy servers included in the proposed architecture, it is possible to hide the original server address from the attacker and invalidate the data attackers gathered during the reconnaissance phase of attack and make them repeat this step over and over. Our simulations demonstrate that we can mitigate large-scale attacks with minimum possible cost and overhead.

At present, the security protection of distribution automation system is faced with complex and diverse operating environment, and the main use of public network may bring greater security risks, there are still some deficiencies. According to the actual situation of distribution automation of China Southern Power Grid, this paper designs multiple protection technology, carries out encryption distribution terminal research, and realizes end-to-end longitudinal security protection of distribution automation system, which is effectively improving the anti-attack ability of distribution terminal.

Today's global network is filled with attackers both live and automated seeking to identify and compromise vulnerable devices, with initial scanning and attack activity occurring within minutes or even seconds of being connected to the Internet. To better understand these events, honeypots can be deployed to monitor and log activity by simulating actual Internet facing services such as SSH, Telnet, HTTP, or FTP, and malicious activity can be logged as attempts are made to compromise them. In this study six multi-service honeypots are deployed in locations around the globe to collect and catalog traffic over a period of several months between March and December, 2020. Analysis is performed on various characteristics including source and destination IP addresses and port numbers, usernames and passwords utilized, commands executed, and types of files downloaded. In addition, Cowrie log data is restructured to observe individual attacker sessions, study command sequences, and monitor tunneling activity. This data is then correlated across honeypots to compare attack and traffic patterns with the goal of learning more about the tactics being employed. By gathering data gathered from geographically separate zones over a long period of time a greater understanding can be developed regarding attacker intent and methodology, can aid in the development of effective approaches to identifying malicious behavior and attack sources, and can serve as a cyber-threat intelligence feed.

In the last decade the use of artificial neural networks (ANNs) in many fields like image processing or speech recognition has become a common practice because of their effectiveness to solve complex tasks. However, in such a rush, very little attention has been paid to security aspects. In this work we explore the possibility to embed a watermark into the ANN parameters. We exploit model redundancy and adaptation capacity to lock a subset of its parameters to carry the watermark sequence. The watermark can be extracted in a simple way to claim copyright on models but can be very easily attacked with model fine-tuning. To tackle this culprit we devise a novel watermark aware training strategy. We aim at delving into the loss landscape to find an optimal configuration of the parameters such that we are robust to fine-tuning attacks towards the watermarked parameters. Our experimental results on classical ANN models trained on well-known MNIST and CIFAR-10 datasets show that the proposed approach makes the embedded watermark robust to fine-tuning and compression attacks.

Empathy is a fundamental mechanism of human interactions. As such, it should be an integral part of Human-Computer Interaction systems to make them more relatable. With this work, we focused on conversational scenarios where integrating empathy is crucial to perceive the computer like a human. As a result, we derived the high-level architecture of an Empathetic Conversational Agent we are willing to implement. We relied on theories about artificial empathy to derive the function approximating this mechanism and selected the conversational aspects to control for an empathetic interaction. In particular, we designed a core empathetic controller manages the empathetic responses, predicting, at each turn, the high-level content of the response. The derived architecture integrates empathy in a task-agnostic manner; hence we can employ it in multiple scenarios by changing the objective of the controller.

With rapid advancement of Smart Grid as well as Internet of Things (IoT), current power distribution communication network faces the challenges of satisfying the emerging data transmission requirements of ubiquitous secure coverage for distributed power services. This paper focuses on secure ubiquitous wireless communication solution for power distribution Internet of Things (PDİoT) in Smart Grid. Detailed secure ubiquitous wireless communication networking topology is presented, and integrated encryption and communication device is developed. The proposed solution supports several State Secret cryptographic algorithm including SM1/SM2/SM3/SM4 as well as forward and reverse isolation functions, thus achieving secure wireless communication for PDİoT services.

Recently, smart video surveillance at the edge has become a trend in developing security applications since edge computing enables more image processing tasks to be implemented on the decentralised network note of the surveillance system. As a result, many security applications such as behaviour recognition and prediction, employee safety, perimeter intrusion detection and vandalism deterrence can minimise their latency or even process in real-time when the camera network system is extended to a larger degree. Technically, human detection is a key step in the implementation of these applications. With the advantage of high detection rates, deep learning methods have been widely employed on edge devices in order to detect human objects. However, due to their high computation costs, it is challenging to apply these methods on resource limited edge devices for real-time applications. Inspired by the You Only Look Once (YOLO), residual learning and Spatial Pyramid Pooling (SPP), a novel form of real-time human detection is presented in this paper. Our approach focuses on designing a network structure so that the developed model can achieve a good trade-off between accuracy and processing time. Experimental results show that our trained model can process 2 FPS on Raspberry PI 3B and detect humans with accuracies of 95.05 % and 96.81 % when tested respectively on INRIA and PENN FUDAN datasets. On the human COCO test dataset, our trained model outperforms the performance of the Tiny-YOLO versions. Additionally, compare to the SSD based L-CNN method, our algorithm achieves better accuracy than the other method.

Internet of Things (IoT) and its applications are becoming commonplace with more devices, but always at risk of network security. It is therefore crucial for an IoT network design to identify attackers accurately, quickly and promptly. Many solutions have been proposed, mainly concerning secure IoT architectures and classification algorithms, but none of them have paid enough attention to reducing the complexity. Our proposal in this paper is an edge-cloud architecture that fulfills the detection task right at the edge layer, near the source of the attacks for quick response, versatility, as well as reducing the cloud's workload. We also propose a multi-attack detection mechanism called LCHA (Low-Complexity detection solution with High Accuracy) , which has low complexity for deployment at the edge zone while still maintaining high accuracy. The performance of our proposed mechanism is compared with that of other machine learning and deep learning methods using the most updated BoT-IoT data set. The results show that LCHA outperforms other algorithms such as NN, CNN, RNN, KNN, SVM, KNN, RF and Decision Tree in terms of accuracy and NN in terms of complexity.

We present a collected overview on how to assess both the accuracy and reliability levels and relate them to the required effort, for different digital methods of synchronizing clocks. The presented process is intended for end users who require time synchronization but are not certain about how to judge at least one of the aspects. It can not only be used on existing technologies but should also be transferable to many future approaches. We further relate this approach to several examples. We discuss in detail the approach of medium-range White Rabbit connections over dedicated fibers, a method that occupies an extreme corner in the evaluation, where the effort is exceedingly high, but also yields excellent accuracy and significant reliability.

Reconfigurable Intelligent Surface (RIS) is one of the latest technologies in bringing a certain amount of control to the rather unpredictable and uncontrollable wireless channel. In this paper, RIS is introduced in a bidirectional system with two source nodes and a Decode and Forward (DF) relay node. It is assumed that there is no direct path between the source nodes. The relay node receives information from source nodes simultaneously. The Physical Layer Network Coding (PLNC) is applied at the relay node to assist in the exchange of information between the source nodes. Analytical expressions are derived for the average probability of errors at the source nodes and relay node of the proposed RIS-assisted bidirectional relay system. The Bit Error Rate (BER) performance is analyzed using both simulation and analytical forms. It is observed that RIS-assisted PLNC based bidirectional relay system performs better than the conventional PLNC based bidirectional system.

This paper studies the differential privacy-preserving problem of discrete-time multi-agent systems (MASs) with antagonistic information, where the connected signed graph is structurally balanced. First, we introduce the bipartite consensus definitions in the sense of mean square and almost sure, respectively. Second, some criteria for mean square and almost sure bipartite consensus are derived, where the eventualy value is related to the gauge matrix and agents’ initial states. Third, we design the ε-differential privacy algorithm and characterize the tradeoff between differential privacy and system performance. Finally, simulations validate the effectiveness of the proposed algorithm.

The study of networks is an extensively investigated field of research, with networks and network structure often encoding relationships describing certain systems or processes. Critical infrastructure is understood as being a structure whose failure or damage has considerable impact on safety, security and wellbeing of society, with power systems considered a classic example. The work presented in this paper builds on the long-lasting foundations of network and complex network theory, proposing an extension in form of rebalance based flow centrality for structural vulnerability assessment and critical component identification in adaptive network topologies. The proposed measure is applied to power system vulnerability analysis, with performance demonstrated on the IEEE 30-, 57- and 118-bus test system, outperforming relevant methods from the state-of-the-art. The proposed framework is deterministic (guaranteed), analytically obtained (interpretable) and generalizes well with changing network parameters, providing a complementary tool to power system vulnerability analysis and planning.

Information leakage estimation for practical wiretap codes is a challenging task for which existing solutions are either too complex or suboptimal, and don't scale for large blocklengths. In this paper we present a new method, based on a modified version of the successive cancellation decoder in order to compute the information leakage for the wiretap polar code which improves upon existing methods in terms of complexity and accuracy. Results are presented for classical binary-input symmetric channels alike the Binary Erasure Channel (BEC), the Binary Symmetric Channel (BSC) and Binary Input Additive White Gaussian Noise channel (BI-AWGN).

Underwater wireless sensor network(UWSN) is an emerging technology for exploring and research inside the ocean. Since it is somehow similar to the normal wireless network, which uses radio signals for communication purposes, while UWSN uses acoustic for communication between nodes inside the ocean and sink nodes. Due to unattended areas and the vulnerability of acoustic medium, UWNS are more prone to various malicious attacks like Sybil attack, Black-hole attack, Wormhole attack, etc. This paper analyzes blackhole attacks in UWSN and proposes an algorithm to mitigate blackhole attacks by forming clusters of nodes and selecting coordinator nodes from each cluster to identify the presence of blackholes in its cluster. We used public-key cryptography and the challenge-response method to authenticate and verify nodes.

To improve communication underwater, the underwater sensor networks (UWSN) provide gains for many different underwater applications, like Underwater Data-centers, Aquatic Monitoring, Tsunami Monitoring Systems, Aquatic Monitoring, Underwater Oil Field Discovery, Submarine Target Localization, Surveilling Water Territory of the Country via UWSN, Submarine Target Localization and many more. underwater applications are dependent on secure data communication in an underwater environment, so Data transmission in Underwater Sensor Network is a need of the future. Underwater data transmission itself is a big challenge due to various limitations of underwater communication mediums like lower bandwidth, multipath effect, path loss, propagation delay, noise, Doppler spread, and so on. These challenges make the underwater networks one of the most vulnerable networks for many different security attacks like sinkhole, spoofing, wormhole, misdirection, etc. It causes packets unable to be delivered to the destination, and even worse forward them to malicious nodes. A compromised node, which may be a router, intercepts packets going through it, and selectively drops them or can perform some malicious activity. This paper presents a solution to Mitigate unsecured data forwarding related attacks of an underwater sensor network, our solution uses a pre-shared key to secure communication and hashing algorithm to maintain the integrity of stored locations at head node and demonstration of attack and its mitigation done on Unetstack software.

Federated learning is a privacy-preserving learning system where participants locally update a shared model with their own training data. Despite the advantage that training data are not sent to a server, there is still a risk that a state-of-the-art model inversion attack, which may be conducted by the server, infers training data from the models updated by the participants, referred to as individual models. A solution to prevent such attacks is differential privacy, where each participant adds noise to the individual model before sending it to the server. Differential privacy, however, sacrifices the quality of the shared model in compensation for the fact that participants' training data are not leaked. This paper proposes a federated learning system that is resistant to model inversion attacks without sacrificing the quality of the shared model. The core idea is that each participant divides the individual model into model fragments, shuffles, and aggregates them to prevent adversaries from inferring training data. The other benefit of the proposed system is that the resulting shared model is identical to the shared model generated with the naive federated learning.

The widely adopted dynamic line rating (DLR) mechanism can improve the operation efficiency for industrial and commercial power systems. However, the predicted environmental parameters used in DLR bring great uncertainty to transmission line capacity estimation and may introduce system security risk if over-optimistic estimation is adopted in the operation process, which could affect the electrical safety of industrial and commercial power systems in multiple cases. Therefore, it becomes necessary to establish a system operation security assessment model to reduce the risk and provide operational guidance to enhance electrical safety. This paper aims to solve the electrical safety problems caused by the transmission line under DLR mechanism. An operation security assessment method of transmission lines considering DLR uncertainty is proposed to visualize the safety margin under the given operation strategy and optimally setting transmission line capacity while taking system safety into account. With the help of robust optimization (RO) techniques, the uncertainty is characterized and a risk-averse transmission line rating guidance can be established to determine the safety margin of line capacity for system operation. In this way, the operational security for industrial and commercial power systems can be enhanced by reducing the unsafe conditions while the operational efficiency benefit provided by DLR mechanism still exist.

With the spread of the Internet, various devices are now connected to it and the number of IoT devices is increasing. Data generated by IoT devices has traditionally been aggregated in the cloud and processed over time. However, there are two issues with using the cloud. The first is the response delay caused by the long distance between the IoT device and the cloud, and the second is the difficulty of implementing sufficient security measures on the IoT device side due to the limited resources of the IoT device at the end. To address these issues, fog computing, which is located in the middle between IoT devices and the cloud, has been attracting attention as a new network component. However, the risks associated with the introduction of fog computing have not yet been fully investigated. In this study, we conducted a risk assessment of fog computing, which is newly established to promote the use of IoT devices, and identified 24 risk factors. The main countermeasures include the gradual introduction of connected IoT connection protocols and security policy matching. We also demonstrated the effectiveness of the proposed risk measures by evaluating the risk values. The proposed risk countermeasures for fog computing should help us to utilize IoT devices in a safe and secure manner.

In recent years, new cyber attacks such as targeted attacks have caused extensive damage. With the continuing development of the IoT society, various devices are now connected to the network and are being used for various purposes. The Internet of Things has the potential to link cyber risks to actual property damage, as cyberspace risks are connected to physical space. With this increase in unknown cyber risks, the demand for cyber insurance is increasing. One of the most serious emerging risks is the silent cyber risk, and it is likely to increase in the future. However, at present, security measures against silent cyber risks are insufficient. In this study, we conducted a risk management of silent cyber risk for organizations with the objective of contributing to the development of risk management methods for new cyber risks that are expected to increase in the future. Specifically, we modeled silent cyber risk by focusing on state transitions to different risks. We newly defined two types of silent cyber risk, namely, Alteration risk and Combination risk, and conducted risk assessment. Our assessment identified 23 risk factors, and after analyzing them, we found that all of them were classified as Risk Transference. We clarified that the most effective risk countermeasure for Alteration risk was insurance and for Combination risk was measures to reduce the impact of the risk factors themselves. Our evaluation showed that the silent cyber risk could be reduced by about 50%, thus demonstrating the effectiveness of the proposed countermeasures.

Cloud computing facilitates the access of applications and data from any location by using any device with an internet connection. It enables multiple applications and users to access the same data resources. Cloud based information sharing is a technique that allows researchers to communicate and collaborate, that leads to major new developments in the field. It also enables users to access data over the cloud easily and conveniently. Privacy, authenticity and confidentiality are the three main challenges while sharing data in cloud. There are many methods which support secure data sharing in cloud environment such as Attribute Based Encryption(ABE), Role Based Encryption, Hierarchical Based Encryption, and Identity Based Encryption. ABE provides secure access control mechanisms for integrity. It is classified as Key Policy Attribute Based Encryption(KP-ABE) and Ciphertext Policy Attribute Based Encryption(CP-ABE) based on access policy integration. In KPABE, access structure is incorporated with user's private key, and data are encrypted over a defined attributes. Moreover, in CPABE, access structure is embedded with ciphertext. This paper reviews CP-ABE methods that have been developed so far for achieving secured data sharing in cloud environment.

Software vulnerabilities have become a major problem for the security analysts, since the number of new vulnerabilities is constantly growing. Thus, there was a need for a categorization system, in order to group and handle these vulnerabilities in a more efficient way. Hence, the MITRE corporation introduced the Common Weakness Enumeration that is a list of the most common software and hardware vulnerabilities. However, the manual task of understanding and analyzing new vulnerabilities by security experts, is a very slow and exhausting process. For this reason, a new automated classification methodology is introduced in this paper, based on the vulnerability textual descriptions from National Vulnerability Database. The proposed methodology, combines textual analysis and tree-based machine learning techniques in order to classify vulnerabilities automatically. The results of the experiments showed that the proposed methodology performed pretty well achieving an overall accuracy close to 80%.

With the advancement in the growth of Internet-of-Things (IoT), its number of applications has also increased such as in healthcare, smart cities, vehicles, industries, household appliances, and Smart Grids (SG). One of the major applications of IoT is the SG and smart meter which consists of a large number of internet-connected sensors and can communicate bi-directionally in real-time. The SG network involves smart meters, data collectors, generators, and sensors connected with the internet. SG networks involve the generation, distribution, transmission, and consumption of electrical power supplies. It consists of Household Area Network (HAN), and Neighborhood Area Network (NAN) for communication. Smart meters can communicate bidirectionally with consumers and provide real-time information to utility offices. But this communication channel is a wide-open network for data transmission. Therefore, it makes the SG network and smart meter vulnerable to outside hacker and various Cyber-Physical System (CPS) attacks such as False Data Injection (FDI), inserting malicious data, erroneous data, manipulating the sensor reading values. Here cryptography techniques can play a major role along with the private blockchain model for secure data transmission in smart meters. Hence, to overcome these existing issues and challenges in smart meter communication we have proposed a blockchain-based system model for secure communication along with a novel Advanced Elliptic Curve Cryptography Digital Signature (AECCDS) algorithm in Fog Computing (FC) environment. Here FC nodes will work as miners at the edge of smart meters for secure and real-time communication. The algorithm is implemented using iFogSim, Geth version 1.9.25, Ganache, Truffle for compiling smart contracts, Anaconda (Python editor), and ATOM as language editor for the smart contracts.

In this study, we aim to find a method to autotag sentences specific to a domain. Our training data comprises short conversational sentences extracted from chat conversations between company's customer representatives and web site visitors. We manually tagged approximately 14 thousand visitor inputs into ten basic categories, which will later be used in a transformer-based language model with attention mechanisms for the ultimate goal of developing a chatbot application that can produce meaningful dialogue.We considered three different stateof- the-art models and reported their auto-tagging capabilities. We achieved the best performance with the bidirectional encoder representation from transformers (BERT) model. Implementation of the models used in these experiments can be cloned from our GitHub repository and tested for similar auto-tagging problems without much effort.

Spatial crowdsourcing has stimulated various new applications such as taxi calling and food delivery. A key enabler for these spatial crowdsourcing based applications is to plan routes for crowd workers to execute tasks given diverse requirements of workers and the spatial crowdsourcing platform. Despite extensive studies on task planning in spatial crowdsourcing, few have accounted for the location privacy of tasks, which may be misused by an untrustworthy platform. In this paper, we explore efficient task planning for workers while protecting the locations of tasks. Specifically, we define the Privacy-Preserving Task Planning (PPTP) problem, which aims at both total revenue maximization of the platform and differential privacy of task locations. We first apply the Laplacian mechanism to protect location privacy, and analyze its impact on the total revenue. Then we propose an effective and efficient task planning algorithm for the PPTP problem. Extensive experiments on both synthetic and real datasets validate the advantages of our algorithm in terms of total revenue and time cost.