Biblio

Due to the low latency and high speed of 5G networks, the Internet of Vehicles (IoV) under the 5G network has been rapidly developed and has broad application prospects. The Third Generation Partnership Project (3GPP) committee has taken remote diagnosis as one of the development cores of IoV. However, how to ensure the security of remote diagnosis and maintenance services is also a key point to ensure vehicle safety, which is directly related to the safety of vehicle passengers. In this paper, we propose a secure and efficient authentication scheme based on extended chebyshev chaotic maps for remote diagnosis and maintenance in IoVs. In the proposed scheme, to provide strong security, anyone, such as the vehicle owner or the employee of the Vehicle Service Centre (VSC), must enter the valid biometrics and password in order to enjoy or provide remote diagnosis and maintenance services, and the vehicle and the VSC should authenticate each other to ensure that they are legitimate. The security analysis and performance evaluation results show that the proposed scheme can provide robust security with ideal efficiency.

The paper presents a comprehensive model of cybersecurity threats for a system of autonomous and remotely controlled vehicles (AV) in the environment of a smart city. The main focus in the security context is given to the “integrity” property. That property is of higher importance for industrial control systems in comparison with other security properties (availability and confidentiality). The security graph, which is part of the model, is dynamic, and, in real cases, its analysis may require significant computing resources for AV systems with a large number of assets and connections. The simplified example of the security graph for the AV system is presented.

Antisparse coding aims at spreading the information uniformly over representation coefficients and can be expressed as the solution of an ℓ∞-norm regularized problem. In this paper, we propose a new methodology, coined "safe squeezing", accelerating the computation of antisparse representations. The idea consists in identifying saturated entries of the solution via simple tests and compacting their contribution to achieve some form of dimensionality reduction. Numerical experiments show that the proposed approach leads to significant computational gain.

Network traffic anomaly detection is of critical importance in cybersecurity due to the massive and rapid growth of sophisticated computer network attacks. Indeed, the more new Internet-related technologies are created, the more elaborate the attacks become. Among all the contemporary high-level attacks, dictionary-based brute-force attacks (BFA) present one of the most unsurmountable challenges. We need to develop effective methods to detect and mitigate such brute-force attacks in realtime. In this paper, we investigate SSH and FTP brute-force attack detection by using the Long Short-Term Memory (LSTM) deep learning approach. Additionally, we made use of machine learning (ML) classifiers: J48, naive Bayes (NB), decision table (DT), random forest (RF) and k-nearest-neighbor (k-NN), for additional detection purposes. We used the well-known labelled dataset CICIDS2017. We evaluated the effectiveness of the LSTM and ML algorithms, and compared their performance. Our results show that the LSTM model outperforms the ML algorithms, with an accuracy of 99.88%.

Network adversaries, such as malicious transit autonomous systems (ASes), have been shown to be capable of partitioning the Bitcoin's peer-to-peer network via routing-level attacks; e.g., a network adversary exploits a BGP vulnerability and performs a prefix hijacking attack (viz. Apostolaki et al. [3]). Due to the nature of BGP operation, such a hijacking is globally observable and thus enables immediate detection of the attack and the identification of the perpetrator. In this paper, we present a stealthier attack, which we call the EREBUS attack, that partitions the Bitcoin network without any routing manipulations, which makes the attack undetectable to control-plane and even to data-plane detectors. The novel aspect of EREBUS is that it makes the adversary AS a natural man-in-the-middle network of all the peer connections of one or more targeted Bitcoin nodes by patiently influencing the targeted nodes' peering decision. We show that affecting the peering decision of a Bitcoin node, which is believed to be infeasible after a series of bug patches against the earlier Eclipse attack [29], is possible for the network adversary that can use abundant network address resources (e.g., spoofing millions of IP addresses in many other ASes) reliably for an extended period of time at a negligible cost. The EREBUS attack is readily available for large ASes, such as Tier-1 and large Tier-2 ASes, against the vast majority of 10K public Bitcoin nodes with only about 520 bit/s of attack traffic rate per targeted Bitcoin node and a modest (e.g., 5-6 weeks) attack execution period. The EREBUS attack can be mounted by nation-state adversaries who would be willing to execute sophisticated attack strategies patiently to compromise cryptocurrencies (e.g., control the consensus, take down a cryptocurrency, censor transactions). As the attack exploits the topological advantage of being a network adversary but not the specific vulnerabilities of Bitcoin core, no quick patches seem to be available. We discuss that some naive solutions (e.g., whitelisting, rate-limiting) are ineffective and third-party proxy solutions may worsen the Bitcoin's centralization problem. We provide some suggested modifications to the Bitcoin core and show that they effectively make the EREBUS attack significantly harder; yet, their non-trivial changes to the Bitcoin's network operation (e.g., peering dynamics, propagation delays) should be examined thoroughly before their wide deployment.

The objective of this paper is to propose a model of a distributed intrusion detection system based on the multi-agent paradigm and the distributed file system (HDFS). Multi-agent systems (MAS) are very suitable to intrusion detection systems as they can address the issue of geographic data security in terms of autonomy, distribution and performance. The proposed system is based on a set of autonomous agents that cooperate and collaborate with each other to effectively detect intrusions and suspicious activities that may impact geographic information systems. Our system allows the detection of known and unknown computer attacks without any human intervention (Security Experts) unlike traditional intrusion detection systems that rely on knowledge bases as a mechanism to detect known attacks. The proposed model allows a real time detection of known and unknown attacks within large networks hosting geographic data.

Cyber-physical systems (CPS) can benefit by the use of learning enabled components (LECs) such as deep neural networks (DNNs) for perception and decision making tasks. However, DNNs are typically non-transparent making reasoning about their predictions very difficult, and hence their application to safety-critical systems is very challenging. LECs could be integrated easier into CPS if their predictions could be complemented with a confidence measure that quantifies how much we trust their output. The paper presents an approach for computing confidence bounds based on Inductive Conformal Prediction (ICP). We train a Triplet Network architecture to learn representations of the input data that can be used to estimate the similarity between test examples and examples in the training data set. Then, these representations are used to estimate the confidence of set predictions from a classifier that is based on the neural network architecture used in the triplet. The approach is evaluated using a robotic navigation benchmark and the results show that we can computed trusted confidence bounds efficiently in real-time.

Users prefer to do e-banking and e-shopping now-a-days because of the exponential growth of the internet. Because of this paradigm shift, hackers are finding umpteen ways to steal our personal information and critical details like details of debit and credit cards, by disguising themselves as reputed websites, just by changing the spelling or making minor modifications to the URL. Identifying whether an URL is benign or malicious is a challenging job, because it makes use of the weakness of the user. While there are several works carried out to detect phishing websites, they only use heuristic methods and list based techniques and therefore couldn't avoid phishing effectively. In this paper an anti-phishing system was proposed to protect the users. It uses an ensemble model that uses both LSTM and CNN with a massive data set containing nearly 2,00,000 URLs, that is balanced. After analyzing the accuracy of different existing approaches, it has been found that the ensemble model that uses both LSTM and CNN performed better with an accuracy of 96% and the precision is 97% respectively which is far better than the existing solutions.

Android Operating System becomes a major target for malicious attacks. Static analysis approach is widely used to detect malicious applications. Most of existing studies on static analysis frameworks are limited to certain features. This paper presents an Android Static Analysis Framework (ASAF) which models the overall static analysis phases and approaches for Android applications. ASAF can be implemented for different purposes including Android malicious apps detection. The proposed framework utilizes a parsing tool, Android Static Parse (ASParse) which is also introduced in this paper. Through the extendibility of the ASParse tool, future research studies can easily extend the parsed features and the parsed files to perform parsing based on their specific requirements and goals. Moreover, a case study is conducted to illustrate the implementation of the proposed ASAF.

Development of large-scale and complex software systems requires multiple teams, including software development teams, domain experts, user representatives, and other project stakeholders, to work collaboratively to achieve software development goals. These teams rely on the use of agreed software development processes, knowledge management tools, and communication channels collaboratively in the software development project. Software testing is an important and complicated process due to reasons such as difficulties in achieving testing goals with the given time constraint, absence of efficient data sharing policies, vague testing acceptance criteria at various levels of testing, and lack of trusted coordination among the teams involved in software testing. The efficiency of the software testing relies on efficient, reliable, and trusted information sharing among these teams. Existing approaches to software testing for collaborative software development use centralized or decentralize tools for software testing, knowledge management, and communication channels. Existing approaches have the limitations of centralized authority, a single point of failure/compromise, lack of automatic requirement compliance checking and transparency in information sharing, and lack of unified data sharing policy, and reliable knowledge management repositories for sharing and storing past software testing artifacts and data. In this paper, a software testing approach for collaborative software development using private blockchain is presented, and the desirable properties of private blockchain, such as distributed data management, tamper-resistance, auditability and automatic requirement compliance checking, are incorporated to greatly improve the quality of software testing for collaborative software development.

The environment of wireless sensor networks (WSNs) makes the communication not only have the broadcast nature of wireless transmission, but also be limited to the low power and communication capability of sensor equipment. Both of them make it hard to ensure the confidentiality of communication. In this paper, we propose a cluster-based cooperative jamming scheme based on physical layer security for WSNs. The mathematical principle of the scheme is based on the design principle of code division multiple access. By using the orthogonality of orthogonal vectors, the legitimate receiver can effectively eliminate the noise, which is generated by the cooperative jamming nodes to disturb the eavesdropper. This scheme enables the legitimate receiver to ensure a strong communication confidentiality even if there is no location or channel advantage comparing with eavesdroppers. Through extensive simulations, the security performance of the proposed scheme is investigated in terms of secrecy rate.

Cryptojacking is currently being exploited by cyber-criminals. This form of malware runs in the computers of victims without their consent. It often infects browsers and does CPU-intensive computations to mine cryptocurrencies on behalf of the cyber-criminal, which takes the profits without paying for the resources consumed. Such attacks degrade computer performance and potentially reduce the hardware lifetime. We introduce a new cryptojacking detection mechanism based on monitoring the CPU usage of the visited web pages. This may look like an unreliable way to detect mining malware since many web sites are heavy computationally and that malware often throttles CPU usage. However, by combining a set of CPU monitoring features and using machine learning, we manage to obtain metrics like precision and recall close to 1.

The concept of federation in 5G and NFV networks aims to provide orchestration of services across multiple administrative domains. Edge robotics, as a field of robotics, implements the robot control on the network edge by relying on low-latency and reliable access connectivity. In this paper, we propose a solution that enables Edge robotics service to expand its service footprint or access coverage over multiple administrative domains. We propose application of Distributed ledger technologies (DLTs) for the federation procedures to enable private, secure and trusty interactions between undisclosed administrative domains. The solution is applied on a real-case Edge robotics experimental scenario. The results show that it takes around 19 seconds to deploy & federate a Edge robotics service in an external/anonymous domain without any service down-time.

The recent advances in mobile devices and wireless communication sector transformed Mobile Augmented Reality (MAR) from science fiction to reality. Among the other MAR use cases, the incorporation of this MAR technology in the healthcare sector can elevate the quality of diagnosis and treatment for the patients. However, due to the highly sensitive nature of the data available in this process, it is also highly vulnerable to all types of security threats. In this paper, an edge-based secure architecture is presented for a MAR healthcare application. Based on the ESSMAR architecture, a secure key management scheme is proposed for both the registration and authentication phases. Then the security of the proposed scheme is validated using formal and informal verification methods.

Development of malware protection tools requires a more advanced test environment comparing to safe software. This kind of development includes a safe execution of many malware samples in order to evaluate the protective power of the tool. The host machine needs to be protected from the harmful effects of malware samples and provide a realistic simulation of the execution environment. In this paper, a framework for automated malware analysis on Linux is presented. Different types of malware analysis methods are discussed, as well as the properties of a good framework for dynamic malware analysis.

Smart meters (SMs) can pose privacy threats for consumers, an issue that has received significant attention in recent years. This paper studies the impact of Side Information (SI) on the performance of possible attacks to real-time privacy-preserving algorithms for SMs. In particular, we consider a deep adversarial learning framework, in which the desired releaser, which is a Recurrent Neural Network (RNN), is trained by fighting against an adversary network until convergence. To define the objective for training, two different approaches are considered: the Causal Adversarial Learning (CAL) and the Directed Information (DI)-based learning. The main difference between these approaches relies on how the privacy term is measured during the training process. The releaser in the CAL method, disposing of supervision from the actual values of the private variables and feedback from the adversary performance, tries to minimize the adversary log-likelihood. On the other hand, the releaser in the DI approach completely relies on the feedback received from the adversary and is optimized to maximize its uncertainty. The performance of these two algorithms is evaluated empirically using real-world SMs data, considering an attacker with access to SI (e.g., the day of the week) that tries to infer the occupancy status from the released SMs data. The results show that, although they perform similarly when the attacker does not exploit the SI, in general, the CAL method is less sensitive to the inclusion of SI. However, in both cases, privacy levels are significantly affected, particularly when multiple sources of SI are included.

Verifiability is one of the parameters in e-voting that can increase confidence in voting technology with several parties ensuring that voters do not change their votes. Voting has become an important part of the democratization system, both to make choices regarding policies, to elect representatives to sit in the representative assembly, and to elect leaders. the more voters and the wider the distribution, the more complex the social life, and the need to manage the voting process efficiently and determine the results more quickly, electronic-based voting (e-Voting) is becoming a more promising option. The level of confidence in voting depends on the capabilities of the system. E-voting must have parameters that can be used as guidelines, which include the following: Accuracy, Invulnerability, Privacy and Verifiability. The implementation of the simple verifiability metric to measure the degree of verifiability in the e-voting protocol, the researchers can calculate the degree of verifiability in the e-voting protocol and the researchers have been able to assess the proposed e-voting protocol with the standard of the best degree of verifiability is 1, where the value of 1 is is absolutely verified protocol.

With the development of augmented reality(AR) technology and location-based service (LBS) technology, combining AR with LBS will create a new way of life and socializing. In AR, users may consider the privacy and security of data. In LBS, the leakage of user location privacy is an important threat to LBS users. Therefore, it is very important for privacy management of positioning information and user location privacy to avoid loopholes and abuse. In this review, the concepts and principles of AR technology and LBS would be introduced. The existing privacy measurement and privacy protection framework would be analyzed and summarized. Also future research direction of location privacy protection would be discussed.

A continually growing number of sensors is required for monitoring industrial processes and for continuous data acquisition from industrial plants and devices. The cabling of sensors represent a considerable effort and potential source of error, which can be avoided by using wireless sensor nodes. These wireless sensor nodes form a wireless sensor network (WSN) to efficiently transmit data to the destination. For the acceptance of WSNs in industry, it is important to build up networks with high trustworthiness. The trustworthiness of the WSN depends not only on a secure wireless communication but also on the ability to detect modifications at the wireless sensor nodes itself. This paper presents the enhancement of the WSN's trustworthiness using an optical localization system. It can be used for the preparation phase of the WSN and also during operation to track the positions of the wireless sensor nodes and detect spatial modification. The location information of the sensor nodes can also be used to rate their trustworthiness.

Mining, the process where multiple miners compete to add blocks to Proof-of-Work (PoW) blockchains, is of great importance to maintain the tamper-resistance feature of blockchains. In current blockchain networks, miners usually form groups, called mining pools, to improve their revenues. When multiple pools exist, a fundamental mining pool selection problem arises: which pool should each miner join to maximize its revenue? In addition, the existence of mining pools also leads to another critical issue, i.e., Block WithHolding (BWH) attack, where a pool sends some of its miners as spies to another pool to gain extra revenues without contributing to the mining of the infiltrated pool. This paper therefore aims to investigate the mining pool selection issue (i.e., the stable population distribution of miners in the pools) in the presence of BWH attack from the perspective of evolutionary game theory. We first derive the expected revenue density of each pool to determine the expected payoff of miners in that pool. Based on the expected payoffs, we formulate replicator dynamics to represent the growth rates of the populations in all pools. Using the replicator dynamics, we obtain the rest points of the growth rates and discuss their stability to identify the Evolutionarily Stable States (ESSs) (i.e., stable population distributions) of the game. Simulation and numerical results are also provided to corroborate our analysis and to illustrate the theoretical findings.

The PTPv2.1 standard provides new protection mechanisms to ensure the authenticity and integrity of PTP messages. However, the distribution of the necessary security parameters is not part of the specification. This paper proposes a simple and practical approach for the automated distribution of these parameters by using a key management system that enables the Immediate Security Processing in PTP. It is based on the Network Time Security protocol and offers functions for group management, parameter updating and monitoring mechanisms. A Proof-of-Concept implementation provides initial results of the resources required for the key management system and its use.

Online detection of anomalies is crucial to enhancing the reliability and resiliency of power systems. We propose a novel data-driven online event detection algorithm with synchrophasor data using graph signal processing. In addition to being extremely scalable, our proposed algorithm can accurately capture and leverage the spatio-temporal correlations of the streaming PMU data. This paper also develops a general technique to decouple spatial and temporal correlations in multiple time series. Finally, we develop a unique framework to construct a weighted adjacency matrix and graph Laplacian for product graph. Case studies with real-world, large-scale synchrophasor data demonstrate the scalability and accuracy of our proposed event detection algorithm. Compared to the state-of-the-art benchmark, the proposed method not only achieves higher detection accuracy but also yields higher computational efficiency.

Video-based surveillance systems often suffer from poor-quality video in an uncontrolled environment. This may strongly affect the performance of high-level tasks such as visual tracking, abnormal event detection or more generally scene understanding and interpretation. This work aims to demonstrate the impact and the importance of video quality in video surveillance systems. Here, we focus on the most important challenges and difficulties related to the perceptual quality of the acquired or transmitted images/videos in uncontrolled environments. In this paper, we propose an architecture of a smart surveillance system that incorporates the perceptual quality of acquired scenes. We study the behaviour of some state-of-the-art video quality metrics on some original and distorted sequences from a dedicated surveillance dataset. Through this study, it has been shown that some of the state-of-the-art image/video quality metrics do not work in the context of video-surveillance. This study opens a new research direction to develop the video quality metrics in the context of video surveillance and also to propose a new quality-driven framework of video surveillance system.

Ensuring security to IoT devices is important in order to provide privacy and quality of services. Proposing a security solution is considered an important step towards achieving protection, however, proving the soundness of the solution is also crucial. In this paper, we propose a methodology for the performance evaluation of lightweight IoT-based authentication protocols based on execution time. Then, a formal verification test is conducted on a lightweight protocol proposed in the literature. The formal verification test conducted with Scyther tool proofs that the model provides mutual authentication, authorization, integrity, confidentiality, non-repudiation, and accountability. The protocol also was proven to provide protection from various attacks.

This paper deals with the design and development of a Li-Fi (light fidelity) simplex communication system for data exchange between Android mobile devices. Li-Fi is an up-to-date technology in the modern world, since it uses visible light for data exchange, allowing for high-speed communication. The paper includes a brief review of Li-Fi technology, a review of the literature used, and a study of technological methods for implementing such systems, based on scientific sources. We propose the algorithms for data exchange, packet formation, and encryption-decryption. The paper presents the developed mobile application and the transceiver device, the development results, as well as experiments with the developed prototype. The results show that Li-Fi technology is workable and is a good alternative to existing communication methods.