Biblio

The major energy-hungry components in today's battery-operated embedded devices are mostly peripheral modules like LTE, WiFi, GPS, etc. Inefficient use of these modules causes energy hotspots, namely segments of the embedded software in which the module wastes energy. We study two such hotspots in the current paper, and provide the corresponding detection and removal algorithms based on static analysis techniques. The program code hotspots occur due to unnecessary releasing and re-acquiring of a module (which puts the module in power saving mode for a while) and misplaced acquiring of the module (which makes the module or processor to waste energy in idle mode). The detections are performed according to some relation between extreme (worst-case/best-case) execution times of some program segments and time/energy specifications of the module. The experimental results on our benchmarks show about 28 percent of energy reduction after the hotspot removals.

This paper combines the common ideas and methods in offensive and defensive confrontation in recent years, and uses artificial intelligence technology-based network asset automatic mining technology and artificial intelligence technology-based vulnerability automatic exploitation technology, carries out research and specific practices in discovering and using system vulnerability based on artificial intelligence technology, designs and implemented automatic binary vulnerability discovering and exploitation system, which improves improves the efficiency and success rate of vulnerability discovering and exploitation.

Packet classification is used to determine the behavior of incoming packets to network devices. Because it is achieved using a linear search on a classification rule list, a larger number of rules leads to a longer communication latency. To decrease this latency, the problem is generalized as Optimal Rule Ordering (ORO), which aims to identify the order of rules that minimizes the classification latency caused by packet classification while preserving the classification policy. Because ORO is known to be NP-complete by Hamed and Al-Shaer [Dynamic rule-ordering optimization for high-speed firewall filtering, ASIACCS (2006) 332-342], various heuristics for ORO have been proposed. Sub-graph merging (SGM) by Tapdiya and Fulp [Towards optimal firewall rule ordering utilizing directed acyclical graphs, ICCCN (2009) 1-6] is the state of the art heuristic algorithm for ORO. In this paper, we propose a novel heuristic method for ORO. Although most heuristics try to recursively determine the maximum-weight rule and move it as far as possible to an upper position, our algorithm pairs rules that cause policy violations until there are no such rules to simply sort the rules by these weights. Our algorithm markedly decreases the classification latency and reordering time compared with SGM in experiments. The sets consisting of thousands of rules that require one or more hours for reordering by SGM can be reordered by the proposed method within one minute.

The proliferation of mobile augmented reality applications and the toolkits to create them have serious implications for user privacy. In this paper, we explore how malicious AR app developers can leverage capabilities offered by commercially available AR libraries, and describe how edge computing can be used to address this privacy problem.

Internet of Medical Things (IoMT) are getting popular in the smart healthcare domain. These devices are resource-constrained and are vulnerable to attack. As the IoMTs are connected to the healthcare network infrastructure, it becomes the primary target of the adversary due to weak security and privacy measures. In this regard, this paper proposes a security architecture for smart healthcare network infrastructures. The architecture uses various security components or services that are developed and deployed as virtual network functions. This makes the security architecture ready for future network frameworks such as OpenMANO. Besides, in this security architecture, only authenticated and trusted IoMTs serve the patients along with an encryption-based communication protocol, thus creating a secure, privacy-preserving and trusted healthcare network infrastructure.

Modern JavaScript applications extensively depend on third-party libraries. Especially for the Node.js platform, vulnerabilities can have severe consequences to the security of applications, resulting in, e.g., cross-site scripting and command injection attacks. Existing static analysis tools that have been developed to automatically detect such issues are either too coarse-grained, looking only at package dependency structure while ignoring dataflow, or rely on manually written taint specifications for the most popular libraries to ensure analysis scalability. In this work, we propose a technique for automatically extracting taint specifications for JavaScript libraries, based on a dynamic analysis that leverages the existing test suites of the libraries and their available clients in the npm repository. Due to the dynamic nature of JavaScript, mapping observations from dynamic analysis to taint specifications that fit into a static analysis is non-trivial. Our main insight is that this challenge can be addressed by a combination of an access path mechanism that identifies entry and exit points, and the use of membranes around the libraries of interest. We show that our approach is effective at inferring useful taint specifications at scale. Our prototype tool automatically extracts 146 additional taint sinks and 7 840 propagation summaries spanning 1 393 npm modules. By integrating the extracted specifications into a commercial, state-of-the-art static analysis, 136 new alerts are produced, many of which correspond to likely security vulnerabilities. Moreover, many important specifications that were originally manually written are among the ones that our tool can now extract automatically.

Suppose we are given a large number of sequences on a given alphabet, and an adversary is interested in identifying (de-anonymizing) a specific target sequence based on its patterns. Our goal is to thwart such an adversary by obfuscating the target sequences by applying artificial (but small) distortions to its values. A key point here is that we would like to make no assumptions about the statistical model of such sequences. This is in contrast to existing literature where assumptions (e.g., Markov chains) are made regarding such sequences to obtain privacy guarantees. We relate this problem to a set of combinatorial questions on sequence construction based on which we are able to obtain provable guarantees. This problem is relevant to important privacy applications: from fingerprinting webpages visited by users through anonymous communication systems to linking communicating parties on messaging applications to inferring activities of users of IoT devices.

For cyber-physical systems (CPS), ensuring process and data security is critically important since the corresponding infrastructure needs to have high operational efficiency with no downtime. There are many techniques available that make communications in CPS environments secure - such as enabling traffic encryption between sensors and the computers processing the sensor's data, incorporating message authentication codes to achieve integrity, etc. However, most of these techniques are dependent on some form of symmetric or asymmetric cryptographic algorithms like AES and RSA. These algorithms are under threat because of the emerging quantum computing paradigm: with quantum computing, these encryption algorithms can be potentially broken. It is therefore desirable to explore the use of quantum cryptography - which cannot be broken by quantum computing - for securing the classical communications infrastructure deployed in CPS. In this paper, we discuss possible consequences of this option. We also explain how quantum computers can help even more: namely, they can be used to maximize the system's security where scalability is never a constraint, and to ensure we are not wasting time cycles on communicating and processing irrelevant information.

Cyber threats directly affect the critical reliability and availability of modern Industry Control Systems (ICS) in respects of operations and processes. Where there are a variety of vulnerabilities and cyber threats, it is necessary to effectively evaluate cyber security risks, and control uncertainties of cyber environments, and quantitative evaluation can be helpful. To effectively and timely control the spread and impact produced by attacks on ICS networks, a probabilistic Multi-Attribute Vulnerability Criticality Analysis (MAVCA) model for impact estimation and prioritised remediation is presented. This offer a new approach for combining three major attributes: vulnerability severities influenced by environmental factors, the attack probabilities relative to the vulnerabilities, and functional dependencies attributed to vulnerability host components. A miniature ICS testbed evaluation illustrates the usability of the model for determining the weakest link and setting security priority in the ICS. This work can help create speedy and proactive security response. The metrics derived in this work can serve as sub-metrics inputs to a larger quantitative security metrics taxonomy; and can be integrated into the security risk assessment scheme of a larger distributed system.

Cognitive radio systems aim to solve the issue of spectrum scarcity through implementation of dynamic spectrum management and cooperative spectrum access. However, the structure of such systems introduced unique types of vulnerabilities and attacks, one of which is spectrum sensing data falsification attack (SSDF). In such attacks malicious users provide incorrect observations to the fusion center of the system, which may result in severe quality of service degradation and interference for licensed users. In this paper we investigate this type of attacks and propose a combined approach to their mitigation. On the first step a reputational method is used to isolate the initially untrustworthy nodes, on the second step specialized q-out-of-m fusion rule is utilized to mitigate the remains of attack. In this paper we present theoretical analysis of the proposed combined method.

The wireless communication is a backbone for a development of a nation. But spectrum is finite resource and issues like spectrum scarcity, loss of signal quality, transmission delay, raised in wireless communication system due to growth of wireless applications and exponentially increased number of users. Secondary use of a spectrum using Software Defined Radio (SDR) is one of the solutions which is also supported by TRAI. The spectrum sensing is key process in communication based on secondary use of spectrum. But energy consumption, added delay, primary users security are some threats in this system. Here in this paper we mainly focused on throughput optimization in secondary use of spectrum based on optimal sensing time and number of Secondary users during cooperative spectrum sensing in Cognitive radio networks.

Mobile Ad-hoc Network (MANET) is a dynamic network between mobile nodes for sharing of information and is popular for its infrastructure-less design. Due to the lack of central governing body, however, various security threats come forward in MANETs in comparison to its infrastructure based counterparts. Blackhole attack is one of the most challenging security issues present in MANETs. Blackhole attack reduces network efficiency considerably by disrupting the flow of data between source and destination. In this paper, we propose an algorithm which is based on the technique of changing the sequence number present in control packets, in particular the Route Reply Packets (RREP) in widely used Ad-Hoc On Demand Distance Vector (AODV) routing protocol, in order to identify the blackhole nodes and thereby to minimize the data loss by discarding the route with such Blackhole nodes. Simulation results show that the proposed algorithm outperforms the legacy Intrusion Detection System (IDS) provisioned for AODV.

{The paper considers the efficiency of an adaptive non-recursive filter using the adjustment algorithm for weighting coefficients taking into account the constant envelope of the desired signal when receiving signals with multi-position phase shift keying against the background of noise and non-fluctuation interference. Two types of such interference are considered - harmonic and retranslated. The optimal filter parameters (adaptation coefficient and length) are determined by using simulation; the effect of the filter on the noise immunity of a quadrature coherent signal receiver with multi-position phase shift keying for different combinations of interference and their intensity is estimated. It is shown that such an adaptive filter can successfully deal with the most dangerous sighting harmonic interference}.

The wireless technology has knocked the door of tremendous usage and popularity in the last few years along with a high growth rate for new applications in the networking domain. Mobile Ad hoc Networks (MANETs) is solitary most appealing, alluring and challenging field where in the participating nodes do not require any active, existing and centralized system or rigid infrastructure for execution purpose and thus nodes have the moving capability on arbitrary basis. Radio range nodes directly communicate with each other through the wireless links whereas outside range nodes uses relay principle for communication. Though it is a rigid infrastructure less environment and has high growth rate but security is a major concern and becomes vital part of providing hostile free environment for communication. The MANET imposes several prominent challenges such as limited energy reserve, resource constraints, highly dynamic topology, sharing of wireless medium, energy inefficiency, recharging of the batteries etc. These challenges bound to make MANET more susceptible, more close to attacks and weak unlike the wired line networks. Theresearch paperismainly focused on two aspects, one is computation termination of cluster head algorithm and another is use of finite state machine for attacks identification.

This paper analyzes security problems of modern computer systems caused by vulnerabilities in their operating systems (OSs). Our scrutiny of widely used enterprise OSs focuses on their vulnerabilities by examining the statistical data available on how vulnerabilities in these systems are disclosed and eliminated, and by assessing their criticality. This is done by using statistics from both the National Vulnerabilities Database and the Common Vulnerabilities and Exposures System. The specific technical areas the paper covers are the quantitative assessment of forever-day vulnerabilities, estimation of days-of-grey-risk, the analysis of the vulnerabilities severity and their distributions by attack vector and impact on security properties. In addition, the study aims to explore those vulnerabilities that have been found across a diverse range of OSs. This leads us to analyzing how different intrusion-tolerant architectures deploying the OS diversity impact availability, integrity, and confidentiality.

Industrial Control Systems (ICS) have evolved in the last decade, shifting from proprietary software/hardware to contemporary embedded architectures paired with open-source operating systems. In contrast to the IT world, where continuous updates and patches are expected, decommissioning always-on ICS for security assessment can incur prohibitive costs to their owner. Thus, a solution for routinely assessing the cybersecurity posture of diverse ICS without affecting their operation is essential. Therefore, in this paper we introduce IFFSET, a platform that leverages full system emulation of Linux-based ICS firmware and utilizes fuzzing for security evaluation. Our platform extracts the file system and kernel information from a live ICS device, building an image which is emulated on a desktop system through QEMU. We employ fuzzing as a security assessment tool to analyze ICS specific libraries and find potential security threatening conditions. We test our platform with commercial PLCs, showcasing potential threats with no interruption to the control process.

Information security is everyone's concern. Computer systems are used to store sensitive data. Any weakness in their reliability and security makes them vulnerable. The Common Vulnerability Scoring System (CVSS) is a commonly used scoring system, which helps in knowing the severity of a software vulnerability. In this research, we show the effectiveness of common machine learning algorithms in predicting the computer operating systems security using the published vulnerability data in Common Vulnerabilities and Exposures and National Vulnerability Database repositories. The Random Forest algorithm has the best performance, compared to other algorithms, in predicting the computer operating system vulnerability severity levels based on precision, recall, and F-measure evaluation metrics. In addition, a predictive model was developed to predict whether a newly discovered computer operating system vulnerability would allow attackers to cause denial of service to the subject system.

The concept of the adversary model has been widely applied in the context of cryptography. When designing a cryptographic scheme or protocol, the adversary model plays a crucial role in the formalization of the capabilities and limitations of potential attackers. These models further enable the designer to verify the security of the scheme or protocol under investigation. Although being well established for conventional cryptanalysis attacks, adversary models associated with attackers enjoying the advantages of machine learning techniques have not yet been developed thoroughly. In particular, when it comes to composed hardware, often being security-critical, the lack of such models has become increasingly noticeable in the face of advanced, machine learning-enabled attacks. This paper aims at exploring the adversary models from the machine learning perspective. In this regard, we provide examples of machine learning-based attacks against hardware primitives, e.g., obfuscation schemes and hardware root-of-trust, claimed to be infeasible. We demonstrate that this assumption becomes however invalid as inaccurate adversary models have been considered in the literature.

An acoustic fingerprint is a condensed and powerful digital signature of an audio signal which is used for audio sample identification. A fingerprint is the pattern of a voice or audio sample. A large number of algorithms have been developed for generating such acoustic fingerprints. These algorithms facilitate systems that perform song searching, song identification, and song duplication detection. In this study, a comprehensive and powerful survey of already developed algorithms is conducted. Four major music fingerprinting algorithms are evaluated for identifying and analyzing the potential hurdles that can affect their results. Since the background and environmental noise reduces the efficiency of music fingerprinting algorithms, behavioral analysis of fingerprinting algorithms is performed using audio samples of different languages and under different environmental conditions. The results of music fingerprint classification are more successful when deep learning techniques for classification are used. The testing of the acoustic feature modeling and music fingerprinting algorithms is performed using the standard dataset of iKala, MusicBrainz and MIR-1K.

Military supply chains play a critical role in the acquisition and movement of goods for defence purposes. The disruption of these supply chain processes can have potentially devastating affects to the operational capability of military forces. The introduction and integration of new technologies into defence supply chains can serve to increase their effectiveness. However, the benefits posed by these technologies may be outweighed by significant consequences to the cyber security of the entire defence supply chain. Supply chains are complex Systems of Systems, and the introduction of an insecure technology into such a complex ecosystem may induce cascading system-wide failure, and have catastrophic consequences to military mission assurance. Subsequently, there is a need for an evaluative process to determine the extent to which a new technology will affect the cyber security of military supply chains. This work proposes a new model, the Military Supply Chain Cyber Implications Model (M-SCCIM), that serves to aid military decision makers in understanding the potential cyber security impact of introducing new technologies to supply chains. M-SCCIM is a multiphase model that enables understanding of cyber security and supply chain implications through the lenses of theoretical examinations, pilot applications and system wide implementations.

This paper discusses formulations and algorithms which allow a number of agents to collectively solve problems involving both (non-convex) minimization and (concave) maximization operations. These problems have a number of interesting applications in information processing and machine learning, and in particular can be used to model an adversary learning problem called network data poisoning. We develop a number of algorithms to efficiently solve these non-convex min-max optimization problems, by combining techniques such as gradient tracking in the decentralized optimization literature and gradient descent-ascent schemes in the min-max optimization literature. Also, we establish convergence to a first order stationary point under certain conditions. Finally, we perform experiments to demonstrate that the proposed algorithms are effective in the data poisoning attack.

This paper is devoted to the choice and justification of a joint-level controller for a joint with intrinsic elasticity. Such joints show a number of advantages in terms of shock robustness, interaction safety, energy efficiency and so on. On the other hand, the addition of elastic element, i.e. a torsion spring, leads to oscillating behaviour. Thus, more elaborate controller structure is required. Active damping injection approach is chosen in this article to improve the joint performance and achieve smooth motion. A method to select controller gains is suggested as well which allows step-wise customization, by which either the settling time can be minimized or the motion can be made fully smooth. Finally, the controller performance is verified in simulation.

Current physical layer authentication (PLA) mechanisms are mostly designed for static communications, and the accuracy degrades significantly when used in dynamic scenarios, where the network environments and wireless channels change frequently. To improve the authentication performance, it is necessary to update the hypothesis test models and parameters in time, which however brings high computational complexity and authentication delay. In this paper, we propose a lightweight cross-layer authentication scheme for dynamic communication scenarios. We use multiple characteristics based PLA to guarantee the reliability and accuracy of authentication, and propose an upper layer assisted method to ensure the performance stability. Specifically, upper layer authentication (ULA) helps to update the PLA models and parameters. By properly choosing the period of triggering ULA, a balance between complexity and performance can be easily obtained. Simulation results show that our scheme can achieve pretty good authentication performance with reduced complexity.

This paper considers the problem of the quickest detection of a change in distribution while taking privacy considerations into account. Our goal is to sanitize the signal to satisfy information privacy requirements while being able to detect a change quickly. We formulate the privacy-aware quickest change detection (QCD) problem by including a privacy constraint to Lorden's minimax formulation. We show that the Generalized Likelihood Ratio (GLR) CuSum achieves asymptotic optimality with a properly designed sanitization channel and formulate the design of this sanitization channel as an optimization problem. For computational tractability, a continuous relaxation for the discrete counting constraint is proposed and the augmented Lagrangian method is applied to obtain locally optimal solutions.

The limited output of various drives means a challenge in controller design whenever the acceleration need of the "nominal trajectory to be tracked" temporarily exceeds the abilities of the saturated control system. The prevailing control design methods can tackle this problem either in a single theoretical step or in two consecutive steps. In this latter case in the first step the design happens without taking into account the actuator constraints, then apply a saturation compensator if the phenomenon of windup is observed. In the Fixed Point Iteration- based Adaptive Control (FPIAC) that has been developed as an alternative of the Lyapunov function-based approach the actuator saturation causes problems in its both elementary levels: in the kinematic/kinetic level where the desired acceleration is calculated, and in the iterative process that compensates the effects of modeling errors of the dynamic system under control and that of the external disturbances. The here presented approach tackles this problem in both levels by relatively simple considerations. To illustrate the method's efficiency simulation investigations were done in the FPIAC control of a modification of the van der Pol oscillator to which an additional strongly nonlinear term was added.