Biblio

Since 2016, the northwest power grid has organized new energy sources to participate in the rapid frequency regulation research and carried out pilot test work at the sending end large power grid. The experimental results show that new energy generator has the ability to participate in the grid's rapid frequency regulation, and its performance is better than that of conventional power supply units. This paper analyses the requirements for fast frequency control of the sending end large power grid in northwest China, and proposes the segmented participation indexes of photovoltaic and wind power in the frequency regulation of power grids. In accordance with the idea of "clear responsibilities, various types of unit coordination", the parameter setting of new energy sources rapid frequency regulation is completed based on the coordinated control based on multi-frequency regulation resources in northwest power grid. The new energy fast frequency regulation model was established, through the PSASP power grid stability simulation program and the large-scale power grid stability simulation analysis was completed. The simulation results show that the wind power and photovoltaic adopting differential rapid frequency regulation parameters can better utilize the rapid frequency regulation capability of various types of power sources, realize the coordinated rapid frequency regulation of all types of units, and effectively improve the frequency security prevention and control level of the sending end large power grid.

Capturing the patterns in adversarial movement can present crucial insight into team dynamics and organization of cybercrimes. This information can be used for additional assessment and comparison of decision making approaches during cyberattacks. In this study, we propose a data-driven analysis based on time series analysis and social networks to identify patterns and alterations in time allocated to intrusion stages and adversarial movements. The results of this analysis on two case studies of collegiate cybersecurity exercises is provided as well as an analytical comparison of their behavioral trends and characteristics. This paper presents preliminary insight into complexities of individual and group level adversarial movement and decision-making as cyberattacks unfold.

-In wireless networks, Cooperative communication can be used to increase the strength of the communication by means of spatial diversity. Basic idea that exists behind Cooperative communication is, if the transmission from source to destination is not successful, a helping node called relay can be used to send the same information to the destination through independent paths. In order to improve the performance of such communication, channel coding techniques can be used which reduces the Bit Error Rate. Previous works on cooperative communication only concentrated on improving channel capacity through cooperation. Hence this paper presents different Channel coding methods such as Turbo coding, Convolutional coding, and low-density parity-check coding over Rayleigh fading channels in the presence of Additive white Gaussian noise. Performance of these Channel coding techniques are measured in terms of noise power spectral density (NO ) vs. Bit error rate.

Secret key generation from wireless channel is an emerging technique of physical layer security. At present, most of the secret key generation schemes use information reconciliation to obtain symmetric keys. This paper introduces a non-interactive information reconciliation scheme based on channel coding and stream encryption, and considering the error correction capability, we design a concatenated code of BCH and RS codes as channel coding. The performance of concatenated error correction code has been analyzed in this scheme. Then, we compare the concatenated code with first-level error correction code in different test environments. Extensive numerical simulations and experiments demonstrate that the decoding performance of this second-level concatenated code is better than the first-level error correction code, and it can also effectively eliminate third-party eavesdropping.

Performance and improved packet handling capacity against high traffic load are important requirements for an effective intrusion detection system (IDS). Snort is one of the most popular open-source intrusion detection system which runs on Linux. This research article discusses ways of enhancing the performance of Snort by modifying Linux key parameters related to NAPI packet reception mechanism within the Linux kernel networking subsystem. Our enhancement overcomes the current limitations related to NAPI throughput. We experimentally demonstrate that current default budget B value of 300 does not yield the best performance of Snort throughput. We show that a small budget value of 14 gives the best Snort performance in terms of packet loss both at Kernel subsystem and at the application level. Furthermore, we compare our results to those reported in the literature, and we show that our enhancement through tuning certain parameters yield superior performance.

Video surveillance system is an important application system on the ubiquitous SG-eIoT. A comparative analysis of the traditional video surveillance scheme and the unified video surveillance solution in the eIoT environment is made. Network load and service latency parameters under the two schemes are theoretically modeled and simulated. Combined with the simulation results, the corresponding suggestions for the access of video terminals in the ubiquitous eIoT are given.

Encryption schemes for network security usually require a key distribution center to share or distribute the secret keys, which is difficult to deploy in wireless networks without fixed infrastructure. A novel key generation scheme based on the physical layer can generate a shared key between a pair of correlated parties by sharing random sources. The existing physical layer key generation scheme is based on the half-duplex mode with time division duplex (TDD) mode, which makes it impossible for the correlated communication parties to detect the channel simultaneously in order to improve the channel coherence. In this paper, we propose a full-duplex physical layer key generation scheme, which allows each legal communication nodes to transmit and receive signals at the same time, in order to reduce channel probing time and increase channel coherence performance. The simulation experiments show that the proposed scheme can much outperform some typical existing schemes in terms of the key performance evaluation indicators, key disagreement rate, key generation rate, entropy of the scheme improved, and the randomness of generated keys passed the National Institute of Standards and Technology (NIST) test.

Wireless communication network (WCN) performance is primarily depends on physical layer security which is critical among all other layers of OSI network model. It is typically prone to anomaly/malicious user's attacks owing to openness of wireless channels. Cognitive radio networking (CRN) is a recently emerged wireless technology that is having numerous security challenges because of its unlicensed access of wireless channels. In CRNs, the security issues occur mainly during spectrum sensing and is more pronounced during distributed spectrum sensing. In recent past, various anomaly effects are modelled and developed detectors by applying advanced statistical techniques. Nevertheless, many of these detectors have been developed based on sensing data of one variable (energy measurement) and degrades their performance drastically when the data is contaminated with multiple anomaly nodes, that attack the network cooperatively. Hence, one has to develop an efficient multiple anomaly detection algorithm to eliminate all possible cooperative attacks. To achieve this, in this work, the impact of anomaly on detection probability is verified beforehand in developing an efficient algorithm using bivariate data to detect possible attacks with mahalanobis distance measure. Result discloses that detection error of cooperative attacks by anomaly has significant impact on eigenvalue-based sensing.

This paper investigates the secrecy outage performance of an energy harvesting-based dual-hop amplify-and-forward (AF) mixed radio-frequency/underwater optical wireless communication (RF/UOWC) system. A single-antenna source node (S) is considered, communicating with one legitimate destination node (D) with the aid of a multi-antenna AF relay (R) device. In this setup, the relay node receives the incoming signal from S via an RF link, which is subject to Nakagami-m fading, then performs maximal-ratio-combining (MRC) followed by a fixed-gain amplification, before transmitting it to the destination via a UOWC link, subject to mixture Exponential-Gamma fading. Assuming the presence of a malicious eavesdropper attempting to intercept the S- R hop, a tight approximate expression for the secrecy outage probability is retrieved. The derived results provide useful insights into the influence of key system parameters on the secrecy outage performance. Our analytical results are corroborated through computer simulations, which verifies their validity.

Visible light communication (VLC) is a burgeoning field in wireless communications as it considers illumination and communication simultaneously. The broadcast nature of VLC makes it necessary to consider the security of underlying transmissions. A physical-layer security (PLS) scheme by introducing jamming LEDs is considered in this paper. The secrecy rate of an indoor VLC system with multiple LEDs, one legitimate receiver, and multiple eavesdroppers is investigated. Three distributions of input signal are assumed, i.e., truncated generalized normal distribution (TGN), uniform distribution, and exponential distribution. The results show that jamming can improve the secrecy performance efficiently. This paper also demonstrates that when the numbers of LEDs transmitting information-bearing signal and jamming signal are equal, the average secrecy rate can be maximized.

As the next generation of the power system, smart grid develops towards automated and intellectualized. Along with the benefits brought by smart grids, e.g., improved energy conversion rate, power utilization rate, and power supply quality, are the security challenges. One of the most important issues in smart grids is to ensure reliable communication between the secondary equipment. The state-of-art method to ensure smart grid security is to detect cyber attacks by deep learning. However, due to the small number of negative samples, the performance of the detection system is limited. In this paper, we propose a novel approach that utilizes the Generative Adversarial Network (GAN) to generate abundant negative samples, which helps to improve the performance of the state-of-art detection system. The evaluation results demonstrate that the proposed method can effectively improve the performance of the detection system by 4%.

Public key infrastructures (PKIs) are one of the main building blocks for securing communications over the Internet. Currently, PKIs are under the control of centralized authorities, which is problematic as evidenced by numerous incidents where they have been compromised. The distributed, fault tolerant log of transactions provided by blockchains and more recently, smart contract platforms, constitutes a powerful tool for the decentralization of PKIs. To verify the validity of identity records, blockchain-based identity systems store on chain either all identity records, or, a small (or even constant) sized amount of data for verifying identity records stored off chain. However, as most of these systems have never been implemented, there is little information regarding the practical implications of each design's tradeoffs. In this work, we first implement and evaluate the only provably secure, smart contract based PKI of Patsonakis et al. on top of Ethereum. This construction incurs constant-sized storage at the expense of computational complexity. To explore this tradeoff, we propose and implement a second construction which, eliminates the need for trusted setup, preserves the security properties of Patsonakis et al. and, as illustrated through our evaluation, is the only version with constant-sized state that can be deployed on the live chain of Ethereum. Furthermore, we compare these two systems with the simple approach of most prior works, e.g., the Ethereum Name Service, where all identity records are stored on the smart contract's state, to illustrate several shortcomings of Ethereum and its cost model. We propose several modifications for fine tuning the model, which would be useful to be considered for any smart contract platform like Ethereum so that it reaches its full potential to support arbitrary distributed applications.

Machine learning (ML) applications are increasingly prevalent. Protecting the confidentiality of ML models becomes paramount for two reasons: (a) a model can be a business advantage to its owner, and (b) an adversary may use a stolen model to find transferable adversarial examples that can evade classification by the original model. Access to the model can be restricted to be only via well-defined prediction APIs. Nevertheless, prediction APIs still provide enough information to allow an adversary to mount model extraction attacks by sending repeated queries via the prediction API. In this paper, we describe new model extraction attacks using novel approaches for generating synthetic queries, and optimizing training hyperparameters. Our attacks outperform state-of-the-art model extraction in terms of transferability of both targeted and non-targeted adversarial examples (up to +29-44 percentage points, pp), and prediction accuracy (up to +46 pp) on two datasets. We provide take-aways on how to perform effective model extraction attacks. We then propose PRADA, the first step towards generic and effective detection of DNN model extraction attacks. It analyzes the distribution of consecutive API queries and raises an alarm when this distribution deviates from benign behavior. We show that PRADA can detect all prior model extraction attacks with no false positives.

We present a new consensus protocol for Blockchain ecosystems - PPoM - Predictive Proof of Metrics. First, we describe the motivation for PPoM - why we need it. Then, we outline its architecture, components, and operation. As part of this, we detail our reputation and reward based approach to bring about consensus in the Blockchain. We also address security and scalability for a PPoM based Blockchain, and discuss potential improvements for future work. Finally, we present measurements for our short term Provider Prediction engine.

Dynamic Taint Analysis (DTA) technique has been developed for analysis and understanding behavior of Android applications and privacy policy enforcement. Meanwhile, implicit information flows (IIFs) are major concern of security researchers because IIFs can evade DTA technique easily and give attackers an advantage over the researchers. Some researchers suggested approaches to the issue and developed analysis systems supporting privacy policy enforcement against IIF-accompanied attacks; however, there is still no effective technique of comprehensive analysis and privacy policy enforcement against IIF-accompanied attacks. In this paper, we propose an IIF detection technique to enforce privacy policy against IIF-accompanied attacks in Android applications. We developed a new analysis tool, called Smalien, that can discover data leakage caused by IIF-contained information flows as well as explicit information flows. We demonstrated practicability of Smalien by applying it to 16 IIF tricks from ScrubDroid and two IIF tricks from DroidBench. Smalien enforced privacy policy successfully against all the tricks except one trick because the trick loads code dynamically from a remote server at runtime, and Smalien cannot analyze any code outside of a target application. The results show that our approach can be a solution to the current attacker-superior situation.

While enjoying the convenience brought by mobile phones, users have been exposed to high risk of private information leakage. It is known that many applications on mobile devices read private data and send them to remote servers. However how, when and in what scale the private data are leaked are not investigated systematically in the real-world scenario. In this paper, a framework is proposed to analyze the usage data from mobile devices and the traffic data from the mobile network and make a comprehensive privacy leakage detection and privacy inference mining on a large scale of realworld mobile data. Firstly, this paper sets up a training dataset and trains a privacy detection model on mobile traffic data. Then classical machine learning tools are used to discover private usage patterns. Based on our experiments and data analysis, it is found that i) a large number of private information is transmitted in plaintext, and even passwords are transmitted in plaintext by some applications, ii) more privacy types are leaked in Android than iOS, while GPS location is the most leaked privacy in both Android and iOS system, iii) the usage pattern is related to mobile device price. Through our experiments and analysis, it can be concluded that mobile privacy leakage is pervasive and serious.

Regulatory efforts such as the General Data Protection Regulation (GDPR) embody a notion of privacy risk that is centered around the fundamental rights of data subjects. This is, however, a fundamentally different notion of privacy risk than the one commonly used in threat modeling which is largely agnostic of involved data subjects. This mismatch hampers the applicability of privacy threat modeling approaches such as LINDDUN in a Data Protection by Design (DPbD) context. In this paper, we present a data subject-aware privacy risk assessment model in specific support of privacy threat modeling activities. This model allows the threat modeler to draw upon a more holistic understanding of privacy risk while assessing the relevance of specific privacy threats to the system under design. Additionally, we propose a number of improvements to privacy threat modeling, such as enriching Data Flow Diagram (DFD) system models with appropriate risk inputs (e.g., information on data types and involved data subjects). Incorporation of these risk inputs in DFDs, in combination with a risk estimation approach using Monte Carlo simulations, leads to a more comprehensive assessment of privacy risk. The proposed risk model has been integrated in threat modeling tool prototype and validated in the context of a realistic eHealth application.

Once an individual employs the use of the Internet for accessing information; carrying out transactions and sharing of data on the Cloud, they are connected to diverse computers on the network. As such, security of such transmitted data is most threatened and then potentially creating privacy risks of users on the federated identity management system in the Cloud. Usually, User's attributes or Personal Identifiable Information (PII) are needed to access Services on the Cloud from different Service Providers (SPs). Sometime these SPs may by themselves violate user's privacy by the reuse of user's attributes offered them for the release of services to the users without their consent and then carrying out activities that may appear malicious and then causing damage to the users. Similarly, it should be noted that sensitive user's attributes (e.g. first name, email, address and the likes) are received in their original form by needed SPs in plaintext. As a result of these problems, user's privacy is being violated. Since these SPs may reuse them or connive with other SPs to expose a user's identity in the cloud environment. This research is motivated to provide a protective and novel approach that shall no longer release original user's attributes to SPs but pseudonyms that shall prevent the SPs from violating user's privacy through connivance to expose the user's identity or other means. The paper introduces a conceptual framework for the proposed user's attributes privacy protection in a federated identity management system for the cloud. On the proposed system, the use of pseudonymous technique also called Privacy Token (PT) is employed. The pseudonymous technique ensures users' original attributes values are not sent directly to the SP but auto generated pseudo attributes values. The PT is composed of: Pseudo Attribute values, Timestamp and SPİD. These composition of the PT makes it difficult for the User's PII to be revealed and further preventing the SPs from being able to keep them or reuse them in the future without the user's consent for any purpose. Another important feature of the PT is its ability to forestall collusion among several collaborating service providers. This is due to the fact that each SP receives pseudo values that have no direct link to the identity of the user. The prototype was implemented with Java programming language and its performance tested on CloudAnalyst simulation.

The key concerns in VANET communication are the security and privacy of the vehicles involved, but at the same time an efficient way to provide non-repudiation in the ad-hoc network is an important requirement. Most schemes proposed are using public key infrastructure (PKI) or symmetric key encryption to achieve security in VANET; both individually lack in serving the required purpose of providing privacy preservation of the involved On-Board Units (OBUs) (while still being able to offer non-repudiation) and amount to very sizeable overheads in computation. This paper proposes a privacy-preserving authentication protocol that employs hybrid cryptography, using the best features of PKI and symmetric cryptography to form a protocol that is scalable, efficient and offers services of integrity, non-repudiation, conditional privacy, and unlinkability; while still keeping the computational overhead at a reasonable level. The performance and security analysis of this scheme is provided to support the propositions.

This paper proposes a distributed deep learning framework for privacy-preserving medical data training. In order to avoid patients' data leakage in medical platforms, the hidden layers in the deep learning framework are separated and where the first layer is kept in platform and others layers are kept in a centralized server. Whereas keeping the original patients' data in local platforms maintain their privacy, utilizing the server for subsequent layers improves learning performance by using all data from each platform during training.

Nowadays, a massive number of data, referred as big data, are being collected from social networks and Internet of Things (IoT), which are of tremendous value. Many deep learning-based methods made great progress in the extraction of knowledge of those data. However, the knowledge extraction of the law data poses vast challenges on the deep learning, since the law data usually contain the privacy information. In addition, the amount of law data of an institution is not large enough to well train a deep model. To solve these challenges, some privacy-preserving deep learning are proposed to capture knowledge of privacy data. In this paper, we review the emerging topics of deep learning for the feature learning of the privacy data. Then, we discuss the problems and the future trend in deep learning for privacy-preserving feature learning on law data.

The purpose of this article is to present an algorithm which maximizes prediction accuracy under a linear regression model while preserving data privacy. This approach anonymizes the data such that the privacy of the original features is fully guaranteed, and the deterioration in predictive accuracy using the anonymized data is minimal. The proposed algorithm employs two stages: the first stage uses a probabilistic latent factor approach to anonymize the original features into a collection of lower dimensional latent factors, while the second stage uses an optimization algorithm to tune the anonymized data further, in a way which ensures a minimal loss in prediction accuracy under the predictive approach specified by the user. We demonstrate the advantages of our approach via numerical studies and apply our method to high-dimensional neuroimaging data where the goal is to predict the behavior of adolescents and teenagers based on functional magnetic resonance imaging (fMRI) measurements.

The purpose of this article is to present an algorithm which maximizes prediction accuracy under a linear regression model while preserving data privacy. This approach anonymizes the data such that the privacy of the original features is fully guaranteed, and the deterioration in predictive accuracy using the anonymized data is minimal. The proposed algorithm employs two stages: the first stage uses a probabilistic latent factor approach to anonymize the original features into a collection of lower dimensional latent factors, while the second stage uses an optimization algorithm to tune the anonymized data further, in a way which ensures a minimal loss in prediction accuracy under the predictive approach specified by the user. We demonstrate the advantages of our approach via numerical studies and apply our method to high-dimensional neuroimaging data where the goal is to predict the behavior of adolescents and teenagers based on functional magnetic resonance imaging (fMRI) measurements.

This paper provides a proof of concept for using SRAM based Physically Unclonable Functions (PUFs) to generate private keys for IoT devices. PUFs are utilized, as there is inadequate protection for secret keys stored in the memory of the IoT devices. We utilize a custom-made Arduino mega shield to extract the fingerprint from SRAM chip on demand. We utilize the concepts of ternary states to exclude the cells which are easily prone to flip, allowing us to extract stable bits from the fingerprint of the SRAM. Using the custom-made software for our SRAM device, we can control the error rate of the PUF to achieve an adjustable memory-based PUF for key generation. We utilize several fuzzy extractor techniques based on using different error correction coding methods to generate secret keys from the SRAM PUF, and study the trade-off between the false authentication rate and false rejection rate of the PUF.

Insecure data storage may open a door to malicious malware to steal users' and system sensitive information. These problems may due to developer negligence or lack of security knowledge. Android developers use various storage methods to store data. However, Attackers have attacked these vulnerable data storage. Although the developers have modified the apps after knowing the vulnerability, the user's personal information has been leaked and caused serious consequences. As a result, instead of patching and fixing the vulnerability, we should conduct proactive control for secure Android data storage. In this paper, we analyzed Android external storage vulnerability and discussed the prevention solutions to prevent sensitive information in external storage from disclosure.