Biblio

At present, the research on the network security problem of underwater wireless sensors is still few, and since the underwater environment is exposed, passive security defense technology is not enough to deal with unknown security threats. Aiming at this problem, this paper proposes an offensive and defensive game model from the finite rationality of the network attack and defense sides, combined with evolutionary game theory. The replicated dynamic equation is introduced to analyze the evolution trend of strategies under different circumstances, and the selection algorithm of optimal strategy is designed, which verifies the effectiveness of this model through simulation and provides guidance for active defense technology.

Due to the simplicity of implementation and high threat level, SQL injection attacks are one of the oldest, most prevalent, and most destructive types of security attacks on Web-based information systems. With the continuous development and maturity of artificial intelligence technology, it has been a general trend to use AI technology to detect SQL injection. The selection of the sample set is the deciding factor of whether AI algorithms can achieve good results, but dataset with tagged specific category labels are difficult to obtain. This paper focuses on data augmentation to learn similar feature representations from the original data to improve the accuracy of classification models. In this paper, deep convolutional generative adversarial networks combined with genetic algorithms are applied to the field of Web vulnerability attacks, aiming to solve the problem of insufficient number of SQL injection samples. This method is also expected to be applied to sample generation for other types of vulnerability attacks.

Modern web applications are getting more sophisticated by using frameworks that make development easy, but pose challenges for security analysis tools. New analysis techniques are needed to handle such frameworks that grow in number and popularity. In this paper, we describe Gelato that addresses the most crucial challenges for a security-aware client-side analysis of highly dynamic web applications. In particular, we use a feedback-driven and state-aware crawler that is able to analyze complex framework-based applications automatically, and is guided to maximize coverage of security-sensitive parts of the program. Moreover, we propose a new lightweight client-side taint analysis that outperforms the state-of-the-art tools, requires no modification to browsers, and reports non-trivial taint flows on modern JavaScript applications. Gelato reports vulnerabilities with higher accuracy than existing tools and achieves significantly better coverage on 12 applications of which three are used in production.

By broadcasting false Global Navigation Satellite System (GNSS) signals, spoofing attacks will induce false position and time fixes within the victim receiver. In this article, we propose a Sparse Decomposition (SD)-based spoofing detection algorithm in the acquisition process, which can be applied in a single-antenna receiver. In the first step, we map the Fast Fourier transform (FFT)-based acquisition result in a two-dimensional matrix, which is a distorted autocorrelation function when the receiver is under spoof attack. In the second step, the distorted function is decomposed into two main autocorrelation function components of different code phases. The corresponding elements of the result vector of the SD are the code-phase values of the spoofed and the authentic signals. Numerical simulation results show that the proposed method can not only outcome spoofing detection result, but provide reliable estimations of the code phase delay of the spoof attack.

Audit systems maintain detailed logs of security-related events on enterprise machines to forensically analyze potential incidents. In principle, these logs should be safely stored in a secure location (e.g., network storage) as soon as they are produced, but this incurs prohibitive slowdown to a monitored machine. Hence, existing audit systems protect batched logs asynchronously (e.g., after tens of seconds), but this allows attackers to tamper with unprotected logs.This paper presents HARDLOG, a practical and effective system that employs a novel audit device to provide fine-grained log protection with minimal performance slowdown. HARDLOG implements criticality-aware log protection: it ensures that logs are synchronously protected in the audit device before an infrequent security-critical event is allowed to execute, but logs are asynchronously protected on frequent non-critical events to minimize performance overhead. Importantly, even on non-critical events, HARDLOG ensures bounded-asynchronous protection: it sends log entries to the audit device within a tiny, bounded delay from their creation using well-known real-time techniques. To demonstrate HARDLOG’S effectiveness, we prototyped an audit device using commodity components and implemented a reference audit system for Linux. Our prototype achieves a bounded protection delay of 15 milliseconds at non-critical events alongside undelayed protection at critical events. We also show that, for diverse real-world programs, HARDLOG incurs a geometric mean performance slowdown of only 6.3%, hence it is suitable for many real-world deployment scenarios.

In a traditional electronic records management system (ERMS), the legitimacy of the participants’ identities is verified by Certificate Authority (CA) certifications. The authentication process is complicated and takes up lots of memory. To overcome this problem, we construct a hierarchical electronic records management system by using a Hierarchical Identity-Based Cryptosystem (HIBC) to replace CA. However, there exist the threats of malicious behavior from a private key generator (PKG) or an entity in the upper layer because the private keys are generated by a PKG or upper entity in HIBC. Thus, we adopt distributed key generation protocols in HIBC to avoid the threats. Finally, we use blockchain technology in our system to achieve decentralized management.

A High Overtone Bulk Acoustic Wave Resonator (HBAR) is fabricated with the active material being Ba0.5Sr0.5TiO3 (BST). Owing to its strong electrostrictive property, the BST needs an external dc voltage to yield an electromechanical coupling. The variations in resonances with respect to varying dc fields are noted and analyzed with the aid of an Resonant Spectrum Method (RSM) model. Effective coupling coefficient \$(\textbackslashmathrmK\_\textbackslashmathrme\textbackslashmathrmf\textbackslashmathrmfˆ2(%))\$ in the case of employed MIM based structure is observed and the comparisons are drawn with the corresponding values of the CPC structures. An improvement of 70% in the value of \$\textbackslashmathrmK\_\textbackslashmathrme\textbackslashmathrmf\textbackslashmathrmfˆ2\$(%)at 1.34 GHz is witnessed in MIM structures because of direct access to the bottom electrode of the structure.

The agricultural sector and other Micro, Small, and Medium Enterprises in India operate with more than 90% migrant workers searching for better employment opportunities far away from their native places. However, inherent challenges are far more for the migrant workers, most prominently their Identity. To the best of our knowledge, available literature lacks a comprehensive study on identity management components for user privacy and data protection mechanisms in identity management architecture. Self-Sovereign Identity is regarded as a new evolution in digital identity management systems. Blockchain technology and distributed ledgers bring us closer to realizing an ideal Self-Sovereign Identity system. This paper proposes a novel solution to address identity issues being faced by migrant workers. It also gives a holistic, coherent, and mutually beneficial Identity Management Solution for the migrant workforce in the Indian perspective towards e-Governance and Digital India.

The latest generation of IoT systems incorporate machine learning (ML) technologies on edge devices. This introduces new engineering challenges to bring ML onto resource-constrained hardware, and complications for ensuring system security and privacy. Existing research prescribes iterative processes for machine learning enabled IoT products to ease development and increase product success. However, these processes mostly focus on existing practices used in other generic software development areas and are not specialized for the purpose of machine learning or IoT devices. This research seeks to characterize engineering processes and security practices for ML-enabled IoT systems through the lens of the engineering lifecycle. We collected data from practitioners through a survey (N=25) and interviews (N=4). We found that security processes and engineering methods vary by company. Respondents emphasized the engineering cost of security analysis and threat modeling, and trade-offs with business needs. Engineers reduce their security investment if it is not an explicit requirement. The threats of IP theft and reverse engineering were a consistent concern among practitioners when deploying ML for IoT devices. Based on our findings, we recommend further research into understanding engineering cost, compliance, and security trade-offs.

Nowadays, safety systems are an important feature for modern vehicles. Many accidents would have been occurred without them. In comparison with older vehicles, modern vehicles have a much better crumple zone, more airbags, a better braking system, as well as a much better and safer driving behaviour. Although, the vehicles safety systems are working well in these days, there is still space for improvement and for adding new security features. This paper describes the implementation of an Intelligent Caravan Monitoring System (ICMS) using the Controller Area Network (CAN), for the communication between the vehicle’s electronic system and the trailer’s electronic system. Furthermore, a comparison between the communication technology of this paper and a previous published paper will be made. The new system is faster, more flexible and more energy efficient.

Security in the communication systems rely mainly on a trusted Public Key Infrastructure (PKI) and Certificate Authorities (CAs). Besides the lack of automation, the complexity and the cost of assigning a signed certificate to a device, several allegations against CAs have been discovered, which has created trust issues in adopting this standard model for secure systems. The automation of the servers certificate assignment was achieved by the Automated Certificate Management Environment (ACME) method, but without confirming the trust of assigned certificate. This paper presents a complete tested and implemented solution to solve the trust of the Certificates provided to the servers by using the blockchain platform for certificate validation. The Blockchain network provides an immutable data store, holding the public keys of all domain names, while resolving the trust concerns by applying an automated Blockchain-based Domain Control Validation (B-DCV) for the server and client server verification. The evaluation was performed on the Ethereum Rinkeby testnet adopting the Proof of Authority (PoA) consensus algorithm which is an improved version of Proof of Stake (Po \$S\$) applied on Ethereum 2.0 providing superior performance compared to Ethereum 1.0.

Cloud computing plays major role in the development of accessing clouduser’s document and sensitive information stored. It has variety of content and representation. Cyber security and attacks in the cloud is a challenging aspect. Information security attains a vital part in Cyber Security management. It involves actions intended to reduce the adverse impacts of such incidents. To access the documents stored in cloud safely and securely, access control will be introduced based on cloud users to access the user’s document in the cloud. To achieve this, it is highly required to combine security components (e.g., Access Control, Usage Control) in the security document to get automatic information. This research work has proposed a Role Key Homomorphic Encryption Algorithm (RKHEA) to monitor the cloud users, who access the services continuously. This method provides access creation of session-based key to store the singularized encryption to reduce the key size from random methods to occupy memory space. It has some terms and conditions to be followed by the cloud users and also has encryption method to secure the document content. Hence the documents are encrypted with the RKHEA algorithm based on Service Key Access (SKA). Then, the encrypted key will be created based on access control conditions. The proposed analytics result shows an enhanced control over the documents in cloud and improved security performance.

Web-based technologies are evolving day by day and becoming more interactive and secure. Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is one of the security features that help detect automated bots on the Web. Earlier captcha was complex designed text-based, but some optical recognition-based algorithms can be used to crack it. That is why now the captcha system is image-based. But after the arrival of strong image recognition algorithms, image-based captchas can also be cracked nowadays. In this paper, we propose a new captcha system that can be used to differentiate real humans and bots on the Web. We use advanced deep layers with pre-trained machine learning models for captchas authentication using a facial recognition system.

Large volumes of private data are gathered, processed, and stored on computers by governments, the military, organizations, financial institutions, colleges, and other enterprises. This data is then sent through networks to other computers. Urgent measures are required to safeguard sensitive personal and company data as well as national security due to the exponential development in number and complexity of cyber- attacks. The essay discusses the characteristics of the Internet and demonstrates how private and financial data can be transmitted over it while still being safeguarded. We show that robbery has spread throughout India and the rest of the world, endangering the global economy and security and giving rise to a variety of cyber-attacks.

The present industrial scenario requires frequent transfer of data between remote servers and on premise devices and hence the risk of attacks on these data cannot be overlooked. Such security risk is even aggravated in case of sensitive information being compromised due to inefficient security implementations. Various forms of security implementations are being discussed and experimented for the same. With the introduction of devices with better processing capabilities, Public Key Infrastructure is a very popular technique being widely implemented, wherein symmetric and asymmetric key based encryptions are used inorder to secure the data being transferred and it has proven to be an effective technique. The PKI however suffers certain drawbacks and it is evident from the attacks. A system specifically designed for scenarios such as a factory having a centralised device management system requiring multiple devices to communicate and upload data safely to server is being put forward in this paper.

In this work, we conduct a systematic study on data poisoning attacks to Matrix Factorisation (MF) based Recommender Systems (RS) where a determined attacker injects fake users with false user-item feedback, with an objective to promote a target item by increasing its rating. We explore the capability of a MF based approach to reduce the impact of attack on targeted item in the system. We develop and evaluate multiple techniques to update the user and item feature matrices when incorporating new ratings. We also study the effectiveness of attack under increasing filler items and choice of target item.Our experimental results based on two real-world datasets show that the observations from the study could be used to design a more robust MF based RS.

Recently, in solving problems of sound radiation by systems of piezoceramic radiators, new approaches have emerged, which make it possible to significantly approximate the design parameters of systems to the actually measured ones. These approaches are associated with taking into account the specific features of these systems performing two functions - the function of converting electrical energy into acoustic energy and the function of forming the latter in the surrounding space. The peculiarity of the first function is the interconnection of the electric, mechanical and acoustic fields during energy conversion. The peculiarity of the second function is the interaction of the radiators in the system during the formation of its acoustic field. The aim of the work is to study the effect of acoustic interaction of cylindrical piezoceramic radiators in the composition of flat systems on their physical fields. Using the method of coupled fields in multiply connected domains, using the addition theorems for cylindrical wave functions, we obtain analytical relations that allow one to calculate the numerical results for the parameters of three interconnected physical fields that ensure the emission of sound by plane systems. Their analysis showed that with the radial symmetry of electrical excitation of cylindrical radiators, the conversion of electrical energy into mechanical energy is carried out on one - zero mode of oscillation. The placement of the radiators in the composition of the flat systems leads to the appearance of the effect of acoustic interaction between them in an external field, due to the multiple exchange of radiated and scattered waves. This effect destroys the radial symmetry of the acoustic loading of a single radiator. The violation of symmetry in the conversion of mechanical energy into acoustic energy leads to the appearance of oscillations that follow the zero mode. As a result, there is an effective redistribution of energy “pumped” into the radiators in the zero mode, between subsequent oscillations of the radiators. In turn, the emergence of new modes changes the acoustic field of a flat system. The results show the need to take into account the above features of the physical fields of the radiators in the composition of flat systems when choosing methods and developing methods for measuring field characteristics.

Graph-based Semi-Supervised Learning (GSSL) is a practical solution to learn from a limited amount of labelled data together with a vast amount of unlabelled data. However, due to their reliance on the known labels to infer the unknown labels, these algorithms are sensitive to data quality. It is therefore essential to study the potential threats related to the labelled data, more specifically, label poisoning. In this paper, we propose a novel data poisoning method which efficiently approximates the result of label inference to identify the inputs which, if poisoned, would produce the highest number of incorrectly inferred labels. We extensively evaluate our approach on three classification problems under 24 different experimental settings each. Compared to the state of the art, our influence-driven attack produces an average increase of error rate 50% higher, while being faster by multiple orders of magnitude. Moreover, our method can inform engineers of inputs that deserve investigation (relabelling them) before training the learning model. We show that relabelling one-third of the poisoned inputs (selected based on their influence) reduces the poisoning effect by 50%. ACM Reference Format: Adriano Franci, Maxime Cordy, Martin Gubri, Mike Papadakis, and Yves Le Traon. 2022. Influence-Driven Data Poisoning in Graph-Based Semi-Supervised Classifiers. In 1st Conference on AI Engineering - Software Engineering for AI (CAIN’22), May 16–24, 2022, Pittsburgh, PA, USA. ACM, New York, NY, USA, 11 pages. https://doi.org/10.1145/3522664.3528606

From an information-theoretic standpoint, the intrusion detection process can be examined. Given the IDS output(alarm data), we should have less uncertainty regarding the input (event data). We propose the Capability of Intrusion Detection (CID) measure, which is simply the ratio of mutual information between IDS input and output, and the input of entropy. CID has the desirable properties of (1) naturally accounting for all important aspects of detection capability, such as true positive rate, false positive rate, positive predictive value, negative predictive value, and base rate, (2) objectively providing an intrinsic measure of intrusion detection capability, and (3) being sensitive to IDS operation parameters. When finetuning an IDS, we believe that CID is the best performance metric to use. In terms of the IDS’ inherent ability to classify input data, the so obtained operation point is the best that it can achieve.

Web services are growing demand with fundamental advancements and have given more space to researchers for improving security of all real world applications. Accessing and get authenticated in many applications on web services, user discloses their password and other privacy data to the server for authentication purposes. These shared information should be maintained by the server with high security, otherwise it can be used for illegal purposes for any authentication breach. Protecting the applications from various attacks is more important. Comparing the security threats, insider attacks are most challenging to identify due to the fact that they use the authentication of legitimate users and their privileges to access the application and may cause serious threat to the application. Insider attacks has been studied in previous researchers with different security measures, however there is no much strong work proposed. Various security protocols were proposed for defending insider attackers. The proposed work focused on insider attack protection through Elgamal cryptography technique. The proposed work is much effective on insider attacks and also defends against various attacks. The proposed protocol is better than existing works. The key computation cost and communication cost is relatively low in this proposed work. The proposed work authenticates the application by parallel process of two way authentication mechanism through Elgamal algorithm.

This paper deals with how to implement a system that extends insider threat behavior data using private blockchain technology to overcome the limitations of insider threat datasets. Currently, insider threat data is completely undetectable in existing datasets for new methods of insider threat due to the lack of insider threat scenarios and abstracted event behavior. Also, depending on the size of the company, it was difficult to secure a sample of data with the limit of a small number of leaks among many general users in other organizations. In this study, we consider insiders who pose a threat to all businesses as public enemies. In addition, we proposed a system that can use a private blockchain to expand insider threat behavior data between network participants in real-time to ensure reliability and transparency.

Image watermarking techniques provides security, reliability copyright protection for various multimedia contents. In this paper Integer Wavelet Transform Schur decomposition and Singular value decomposition (SVD) based image watermarking scheme is suggested for the integrity protection of dicom images. In the proposed technique 3-level Integer wavelet transform (IWT) is subjected into the Dicom ultrasound image of liver cover image and in HH sub-band Schur decomposition is applied. The upper triangular matrix obtained from Schur decomposition of HH sub-band is further processed with SVD to attain the singular values. The X-ray watermark image is pre-processed before embedding into cover image by applying 3-level IWT is applied into it and singular matrix of LL sub-band is embedded. The watermarked image is encrypted using Arnold chaotic encryption for its integrity protection. The performance of suggested scheme is tested under various attacks like filtering (median, average, Gaussian) checkmark (histogram equalization, rotation, horizontal and vertical flipping, contrast enhancement, gamma correction) and noise (Gaussian, speckle, Salt & Pepper Noise). The proposed technique provides strong robustness against various attacks and chaotic encryption provides integrity to watermarked image.

This paper use the method of finite element analysis, and comparing and analyzing the split box and the integrated box from two aspects of modal analysis and static analysis. It is concluded that the integrated box has the characteristics of excellent vibration characteristics and high strength tolerance; At the same time, according to the S-N curve of the material and the load spectrum of the box, the fatigue life of the integrated box is 26.24 years by using the fatigue analysis software Fe-safe, which meets the service life requirements; The reliability analysis module PDS is used to calculate the reliability of the box, and the reliability of the integrated box is 96.5999%, which meets the performance requirements.

Transformer is the key equipment of power system, and its stable operation is very important to the security of power system In practical application, with the progress of technology, the performance of transformer becomes more and more important, but faults also occur from time to time in practical application, and the traditional manual fault diagnosis needs to consume a lot of time and energy. At present, the rapid development of artificial intelligence technology provides a new research direction for timely and accurate detection and treatment of transformer faults. In this paper, a method of transformer fault diagnosis using artificial neural network is proposed. The neural network algorithm is used for off-line learning and training of the operation state data of normal and fault states. By adjusting the relationship between neuron nodes, the mapping relationship between fault characteristics and fault location is established by using network layer learning, Finally, the reasoning process from fault feature to fault location is realized to realize intelligent fault diagnosis.

The Internet of Things is an emerging technology for recent marketplace. In IoT, the heterogeneous devices are connected through the medium of the Internet for seamless communication. The devices used in IoT are resource-constrained in terms of memory, power and processing. Due to that, IoT system is unable to implement hi-end security for malicious cyber-attacks. The recent era is all about connecting IoT devices in various domains like medical, agriculture, transport, power, manufacturing, supply chain, education, etc. and thus need to be prevented from attacks and analyzed after attacks for legal action. The legal analysis of IoT data, devices and communication is called IoT forensics which is highly indispensable for various types of attacks on IoT system. This paper will review types of IoT attacks and its preventive measures in cyber security. It will also help in ascertaining IoT forensics and its challenges in detail. This paper will conclude with the high requirement of cyber security in IoT domains with implementation of standard rules for IoT forensics.