Biblio

On battery-free IoT devices such as passive RFID tags, it is extremely difficult, if not impossible, to run cryptographic algorithms. Hence physical-layer identification methods are proposed to validate the authenticity of passive tags. However no existing physical-layer authentication method of RFID tags that can defend against the signal replay attack. This paper presents Hu-Fu, a new direction and the first solution of physical layer authentication that is resilient to the signal replay attack, based on the fact of inductive coupling of two adjacent tags. We present the theoretical model and system workflow. Experiments based on our implementation using commodity devices show that Hu-Fu is effective for physical-layer authentication.

Exploratory evaluation is an effective way to analyze and improve the security of information system. The information system structure model for security protection capability is set up in view of the exploratory evaluation requirements of security protection capability, and the requirements of agility, traceability and interpretation for exploratory evaluation are obtained by analyzing the relationship between information system, protective equipment and protection policy. Aimed at the exploratory evaluation description problem of security protection capability, the exploratory evaluation problem and exploratory evaluation process are described based on the Granular Computing theory, and a general mathematical description is established. Analysis shows that the standardized description established meets the exploratory evaluation requirements, and it can provide an analysis basis and description specification for exploratory evaluation of information system security protection capability.

The factors that threaten electric power information network are analyzed. Aiming at the weakness of being unable to provide numerical value of risk, this paper presents the evaluation index system, the evaluation model and method of network security based on multilevel fuzzy comprehensive judgment. The steps and method of security evaluation by the synthesis evaluation model are provided. The results show that this method is effective to evaluate the risk of electric power information network.

With the repaid growth of social tagging users, it becomes very important for social tagging systems how the required resources are recommended to users rapidly and accurately. Firstly, the architecture of an agent-based intelligent social tagging system is constructed using agent technology. Secondly, the design and implementation of user interest mining, personalized recommendation and common preference group recommendation are presented. Finally, a self-adaptive recommendation strategy for social tagging and its implementation are proposed based on the analysis to the shortcoming of the personalized recommendation strategy and the common preference group recommendation strategy. The self-adaptive recommendation strategy achieves equilibrium selection between efficiency and accuracy, so that it solves the contradiction between efficiency and accuracy in the personalized recommendation model and the common preference recommendation model.

Network systems, such as transportation systems and water supply systems, play important roles in our daily life and industrial production. However, a variety of disruptive events occur during their life time, causing a series of serious losses. Due to the inevitability of disruption, we should not only focus on improving the reliability or the resistance of the system, but also pay attention to the ability of the system to response timely and recover rapidly from disruptive events. That is to say we need to pay more attention to the resilience. In this paper, we describe two resilience models, quotient resilience and integral resilience, to measure the final recovered performance and the performance cumulative process during recovery respectively. Based on these two models, we implement the optimization of the system recovery strategies after disruption, focusing on the repair sequence of the damaged components and the allocation scheme of resource. The proposed research in this paper can serve as guidance to prioritize repair tasks and allocate resource reasonably.

The evolution of information and communication technologies has brought new challenges in managing the Internet. Software-Defined Networking (SDN) aims to provide easily configured and remotely controlled networks based on centralized control. Since SDN will be the next disruption in networking, SDN security has become a hot research topic because of its importance in communication systems. A centralized controller can become a focal point of attack, thus preventing attack in controller will be a priority. The whole network will be affected if attacker gain access to the controller. One of the attacks that affect SDN controller is DDoS attacks. This paper reviews different detection techniques that are available to prevent DDoS attacks, characteristics of these techniques and issues that may arise using these techniques.

Cloud computing has emerged as a compelling vision for managing data and delivering query answering capability over the internet. This new way of computing also poses a real risk of disclosing confidential information to the cloud. Searchable encryption addresses this issue by allowing the cloud to compute the answer to a query based on the cipher texts of data and queries. Thanks to its inner product preservation property, the asymmetric scalar-product-preserving encryption (ASPE) has been adopted and enhanced in a growing number of works toperform a variety of queries and tasks in the cloud computingsetting. However, the security property of ASPE and its enhancedschemes has not been studied carefully. In this paper, we show acomplete disclosure of ASPE and several previously unknownsecurity risks of its enhanced schemes. Meanwhile, efficientalgorithms are proposed to learn the plaintext of data and queriesencrypted by these schemes with little or no knowledge beyondthe ciphertexts. We demonstrate these risks on real data sets.

In this paper we present a case study of applying fitness dimensions in API design assessment. We argue that API assessment is company specific and should take into consideration various stakeholders in the API ecosystem. We identified new fitness dimensions and introduced the notion of design considerations for fitness dimensions such as priorities, tradeoffs, and technical versus cognitive classification.

With the development of Software Defined Networking, its software programmability and openness brings new idea for network security. Therefore, many Software Defined Security Architectures emerged at the right moment. Software Defined Security decouples security control plane and security data plane. In Software Defined Security Architectures, underlying security devices are abstracted as security resources in resource pool, intellectualized and automated security business management and orchestration can be realized through software programming in security control plane. However, network management has been becoming extremely complicated due to expansible network scale, varying network devices, lack of abstraction and heterogeneity of network especially. Therefore, new-type open security devices are needed in SDS Architecture for unified management so that they can be conveniently abstracted as security resources in resource pool. This paper firstly analyses why open security devices are needed in SDS architecture and proposes a method of opening security devices. Considering this new architecture requires a new security scheduling mechanism, this paper proposes a security resource scheduling algorithm which is used for managing and scheduling security resources in resource pool according to user s security demand. The security resource scheduling algorithm aims to allocate a security protection task to a suitable security resource in resource pool so that improving security protection efficiency. In the algorithm, we use BP neural network to predict the execution time of security tasks to improve the performance of the algorithm. The simulation result shows that the algorithm has ideal performance. Finally, a usage scenario is given to illustrate the role of security resource scheduling in software defined security architecture.

Cyber-physical systems connect the physical world and the information world by sensors and actuators. These sensors are usually small embedded systems which have many limitations on wireless communication, computing and storage. This paper proposes a lightweight coding method for secure and reliable transmission over a wireless communication links in cyber-physical systems. The reliability of transmission is provided by forward error correction. And to ensure the confidentiality, we utilize different encryption matrices at each time of coding which are generated by the sequence number of packets. So replay attacks and other cyber threats can be resisted simultaneously. The issues of the prior reliable transmission protocols and secure communication protocols in wireless networks of a cyber-physical system are reduced, such as large protocol overhead, high interaction delay and large computation cost.

In this paper, a novel secure information exchange scheme has been proposed for MIMO vehicular ad hoc networks (VANETs) through physical layer approach. In the scheme, a group of On Board Units (OBUs) exchange information with help of one Road Side Unit (RSU). By utilizing the key signal processing technique, i.e., Direction Rotation Alignment technique, the information to be exchanged of the two neighbor OBUs are aligned into a same direction to form summed signal at RSU or external eavesdroppers. With such summed signal, the RSU or the eavesdropper cannot recover the individual information from the OBUs. By regulating the transmission rate for each OBU, the information theoretic security could be achieved. The secrecy sum-rates of the proposed scheme are analyzed following the scheme. Finally, the numerical results are conducted to demonstrate the theoretical analysis.

The rapid increase of connected devices and the major advances in information and communication technologies have led to great emergence in the Internet of Things (IoT). IoT devices require software adaptation as they are in continuous transition. Multi-agent based solutions offer adaptable composition for IoT systems. Mobile agents can also be used to enable interoperability and global intelligence with smart objects in the Internet of Things. The use of agents carrying personal data and the rapid increasing number of connected IoT devices require the use of security protocols to secure the user data. Elliptic Curve Cryptography (ECC) Algorithm has emerged as an attractive and efficient public-key cryptosystem. We recommend the use of ECC in the proposed Broadcast based Secure Mobile Agent Protocol (BROSMAP) which is one of the most secure protocols that provides confidentiality, authentication, authorization, accountability, integrity and non-repudiation. We provide a methodology to improve BROSMAP to fulfill the needs of Multi-agent based IoT Systems in general. The new BROSMAP performs better than its predecessor and provides the same security requirements. We have formally verified ECC-BROSMAP using Scyther and compared it with BROSMAP in terms of execution time and computational cost. The effect of varying the key size on BROSMAP is also presented. A new ECC-based BROSMAP takes half the time of Rivest-Shamir-Adleman (RSA) 2048 BROSMAP and 4 times better than its equivalent RSA 3072 version. The computational cost was found in favor of ECC-BROSMAP which is more efficient by a factor of 561 as compared to the RSA-BROSMAP.

Supercomputers are widely applied in various domains, which have advantage of high processing capability and mass storage. With growing supercomputing users, the system security receives comprehensive attentions, and becomes more and more important. In this paper, according to the characteristics of supercomputing environment, we perform an in-depth analysis of existing security problems in the process of using resources. To solve these problems, we propose a security analysis method and a prototype system for supercomputing users' behavior. The basic idea is to restore the complete users' behavior paths and operation records based on the supercomputing business process and track the use of resources. Finally, the method is evaluated and the results show that the security analysis method of users' behavior can help administrators detect security incidents in time and respond quickly. The final purpose is to optimize and improve the security level of the whole system.

Wearable devices are being more popular in our daily life. Especially, smart wristbands are booming in the market recently, which can be used to monitor health status, track fitness data, or even do medical tests, etc. For this reason, smart wristbands can obtain a lot of personal data. Hence, users and manufacturers should pay more attention to the security aspects of smart wristbands. However, we have found that some Bluetooth Low Energy based smart wristbands have very weak or even no security protection mechanism, therefore, they are vulnerable to replay attacks, man-in-the-middle attacks, brute-force attacks, Denial of Service (DoS) attacks, etc. We have investigated four different popular smart wristbands and a smart watch. Among them, only the smart watch is protected by some security mechanisms while the other four smart wristbands are not protected. In our experiments, we have also figured out all the message formats of the controlling commands of these smart wristbands and developed an Android software application as a testing tool. Powered by the resolved command formats, this tool can directly control these wristbands, and any other wristbands of these four models, without using the official supporting applications.

There are billions of Internet of things (IoT) devices connecting to the Internet and the number is increasing. As a still ongoing technology, IoT can be used in different fields, such as agriculture, healthcare, manufacturing, energy, retailing and logistics. IoT has been changing our world and the way we live and think. However, IoT has no uniform architecture and there are different kinds of attacks on the different layers of IoT, such as unauthorized access to tags, tag cloning, sybil attack, sinkhole attack, denial of service attack, malicious code injection, and man in middle attack. IoT devices are more vulnerable to attacks because it is simple and some security measures can not be implemented. We analyze the privacy and security challenges in the IoT and survey on the corresponding solutions to enhance the security of IoT architecture and protocol. We should focus more on the security and privacy on IoT and help to promote the development of IoT.

Currently, security protection in Industrial Control Systems has become a hot topic, and a great number of defense techniques have sprung up. As one of the most effective approaches, area isolation has the exceptional advantages and is widely used to prevent attacks or hazards propagating. However, most existing methods for inter-area communication protection present some limitations, i.e., excessively depending on the analyzing rules, affecting original communication. Additionally, the network architecture and data flow direction can hardly be adjusted after being deployed. To address these problems, a dynamical and customized communication protection technology is proposed in this paper. In detail, a security inter-area communication architecture based on Software Defined Network is designed firstly, where devices or subsystems can be dynamically added into or removed from the communication link. And then, a security inspection method based on information entropy is presented for deep network behaviors analysis. According to the security analysis results, the communications in the network can be adjusted in time. Finally, simulations are constructed, and the results indicate that the proposed approach is sensitive and effective for cyber-attacks detection.

Patches and related information about software vulnerabilities are often made available to the public, aiming to facilitate timely fixes. Unfortunately, the slow paces of system updates (30 days on average) often present to the attackers enough time to recover hidden bugs for attacking the unpatched systems. Making things worse is the potential to automatically generate exploits on input-validation flaws through reverse-engineering patches, even though such vulnerabilities are relatively rare (e.g., 5% among all Linux kernel vulnerabilities in last few years). Less understood, however, are the implications of other bug-related information (e.g., bug descriptions in CVE), particularly whether utilization of such information can facilitate exploit generation, even on other vulnerability types that have never been automatically attacked. In this paper, we seek to use such information to generate proof-of-concept (PoC) exploits for the vulnerability types never automatically attacked. Unlike an input validation flaw that is often patched by adding missing sanitization checks, fixing other vulnerability types is more complicated, usually involving replacement of the whole chunk of code. Without understanding of the code changed, automatic exploit becomes less likely. To address this challenge, we present SemFuzz, a novel technique leveraging vulnerability-related text (e.g., CVE reports and Linux git logs) to guide automatic generation of PoC exploits. Such an end-to-end approach is made possible by natural-language processing (NLP) based information extraction and a semantics-based fuzzing process guided by such information. Running over 112 Linux kernel flaws reported in the past five years, SemFuzz successfully triggered 18 of them, and further discovered one zero-day and one undisclosed vulnerabilities. These flaws include use-after-free, memory corruption, information leak, etc., indicating that more complicated flaws can also be automatically attacked. This finding calls into question the way vulnerability-related information is shared today.

Deep Generative Models (DGMs) are able to extract high-level representations from massive unlabeled data and are explainable from a probabilistic perspective. Such characteristics favor sequence modeling tasks. However, it still remains a huge challenge to model sequences with DGMs. Unlike real-valued data that can be directly fed into models, sequence data consist of discrete elements and require being transformed into certain representations first. This leads to the following two challenges. First, high-level features are sensitive to small variations of inputs as well as the way of representing data. Second, the models are more likely to lose long-term information during multiple transformations. In this paper, we propose a Hierarchical Deep Generative Model With Dual Memory to address the two challenges. Furthermore, we provide a method to efficiently perform inference and learning on the model. The proposed model extends basic DGMs with an improved hierarchically organized multi-layer architecture. Besides, our model incorporates memories along dual directions, respectively denoted as broad memory and deep memory. The model is trained end-to-end by optimizing a variational lower bound on data log-likelihood using the improved stochastic variational method. We perform experiments on several tasks with various datasets and obtain excellent results. The results of language modeling show our method significantly outperforms state-of-the-art results in terms of generative performance. Extended experiments including document modeling and sentiment analysis, prove the high-effectiveness of dual memory mechanism and latent representations. Text random generation provides a straightforward perception for advantages of our model.

Smart grid personalized service to improve the accuracy of the grid network query, along with the data security issues worthy of our thinking. How to solve the privacy problem in the smart grid, which is a challenge to the smart grid. As data in the grid becomes more and more important, better algorithms are needed to protect the data. In this paper, we first summarize the influence of k-anonymous algorithm on sensitive attributes in standard identifiers, and then analyze the improved L-diversity algorithm from the perspective of anonymous data privacy and security. Experiments show that the algorithm can protect the data in the smart grid.

In a spectrally congested environment or a spectrally contested environment which often occurs in cyber security applications, multiple signals are often mixed together with significant overlap in spectrum. This makes the signal detection and parameter estimation task very challenging. In our previous work, we have demonstrated the feasibility of using a second order spectrum correlation function (SCF) cyclostationary feature to perform mixed signal detection and parameter estimation. In this paper, we present our recent work on software defined radio (SDR) based implementation and demonstration of such mixed signal detection algorithms. Specifically, we have developed a software defined radio based mixed RF signal generator to generate mixed RF signals in real time. A graphical user interface (GUI) has been developed to allow users to conveniently adjust the number of mixed RF signal components, the amplitude, initial time delay, initial phase offset, carrier frequency, symbol rate, modulation type, and pulse shaping filter of each RF signal component. This SDR based mixed RF signal generator is used to transmit desirable mixed RF signals to test the effectiveness of our developed algorithms. Next, we have developed a software defined radio based mixed RF signal detector to perform the mixed RF signal detection. Similarly, a GUI has been developed to allow users to easily adjust the center frequency and bandwidth of band of interest, perform time domain analysis, frequency domain analysis, and cyclostationary domain analysis.

In this paper, we present a security and privacy enhancement (SPE) framework for unmodified mobile operating systems. SPE introduces a new layer between the application and the operating system and does not require a device be jailbroken or utilize a custom operating system. We utilize an existing ontology designed for enforcing security and privacy policies on mobile devices to build a policy that is customizable. Based on this policy, SPE provides enhancements to native controls that currently exist on the platform for privacy and security sensitive components. SPE allows access to these components in a way that allows the framework to ensure the application is truthful in its declared intent and ensure that the user's policy is enforced. In our evaluation we verify the correctness of the framework and the computing impact on the device. Additionally, we discovered security and privacy issues in several open source applications by utilizing the SPE Framework. From our findings, if SPE is adopted by mobile operating systems producers, it would provide consumers and businesses the additional privacy and security controls they demand and allow users to be more aware of security and privacy issues with applications on their devices.

Vectorless integrity verification is becoming increasingly critical to robust design of nanoscale power delivery networks (PDNs). To dramatically improve efficiency and capability of vectorless integrity verifications, this paper introduces a scalable multilevel integrity verification framework by leveraging a hierarchy of almost linear-sized spectral power grid sparsifiers that can well retain effective resistances between nodes, as well as a recent graph-theoretic algebraic multigrid (AMG) algorithmic framework. As a result, vectorless integrity verification solution obtained on coarse level problems can effectively help find the solution of the original problem. Extensive experimental results show that the proposed vectorless verification framework can always efficiently and accurately obtain worst-case scenarios in even very large power grid designs.

Acoustic speaker recognition systems are very vulnerable to spoofing attacks via replayed or synthesized utterances. One possible countermeasure is audio-visual speaker recognition. Nevertheless, the addition of the visual stream alone does not prevent spoofing attacks completely and only provides further information to assess the authenticity of the utterance. Many systems consider audio and video modalities independently and can easily be spoofed by imitating only a single modality or by a bimodal replay attack with a victim's photograph or video. Therefore, we propose the simultaneous verification of the data synchronicity and the transcription in a challenge-response setup. We use coupled hidden Markov models (CHMMs) for a text-dependent spoofing detection and introduce new features that provide information about the transcriptions of the utterance and the synchronicity of both streams. We evaluate the features for various spoofing scenarios and show that the combination of the features leads to a more robust recognition, also in comparison to the baseline method. Additionally, by evaluating the data on unseen speakers, we show the spoofing detection to be applicable in speaker-independent use-cases.

Private communication over the Internet remains a challenging problem. Even if messages are encrypted, it is hard to deliver them without revealing metadata about which pairs of users are communicating. Scalable anonymity systems, such as Tor, are susceptible to traffic analysis attacks that leak metadata. In contrast, the largest-scale systems with metadata privacy require passing all messages through a small number of providers, requiring a high operational cost for each provider and limiting their deployability in practice. This paper presents Stadium, a point-to-point messaging system that provides metadata and data privacy while scaling its work efficiently across hundreds of low-cost providers operated by different organizations. Much like Vuvuzela, the current largest-scale metadata-private system, Stadium achieves its provable guarantees through differential privacy and the addition of noisy cover traffic. The key challenge in Stadium is limiting the information revealed from the many observable traffic links of a highly distributed system, without requiring an overwhelming amount of noise. To solve this challenge, Stadium introduces techniques for distributed noise generation and differentially private routing as well as a verifiable parallel mixnet design where the servers collaboratively check that others follow the protocol. We show that Stadium can scale to support 4x more users than Vuvuzela using servers that cost an order of magnitude less to operate than Vuvuzela nodes.