Biblio

Mobile ad hoc network is a group of mobile nodes which have no centralized administrator. MANETs have dynamic topology since the nodes are moving. For this reason it is more prone to attacks that any node may be a misbehaving node. Every node acts as a router thereby it may lead the network with wrong routing. For these reasons MANETs have to be more protected than the wired networks. The mobile nodes will lavishly consume energy and so a security scheme that consumes less energy still provides ample protection to the messages have to be introduced. Here we propose an encryption scheme for the messages passing through MANET. The security scheme is based on selective encryption that is very robust, simple and with less computational capability.

Considering application to communication among wireless sensors, Ma and Tsudik introduced the notion of forward-secure sequential aggregate (FssAgg) authentication in 2007. They also proposed an FssAgg MAC scheme composed of a MAC function and cryptographic hash functions at the same time. The security of their proposed scheme has not been analyzed yet and remains open. It is shown in this paper that a slight variant of the Ma-Tsudik FssAgg MAC scheme is secure under reasonable and standard assumptions on security of the underlying primitives. An efficient instantiation of the underlying MAC function using a cryptographic hash function is also discussed.

In the past, researchers have developed a number of popular taint-analysis approaches, particularly in the context of Android applications. Numerous studies have shown that automated code analyses are adopted by developers only if they yield a good "signal to noise ratio", i.e., high precision. Many previous studies have reported analysis precision quantitatively, but this gives little insight into what can and should be done to increase precision further. To guide future research on increasing precision, we present a comprehensive study that evaluates static Android taint-analysis results on a qualitative level. To unravel the exact nature of taint flows, we have designed COVA, an analysis tool to compute partial path constraints that inform about the circumstances under which taint flows may actually occur in practice. We have conducted a qualitative study on the taint flows reported by FlowDroid in 1,022 real-world Android applications. Our results reveal several key findings: Many taint flows occur only under specific conditions, e.g., environment settings, user interaction, I/O. Taint analyses should consider the application context to discern such situations. COVA shows that few taint flows are guarded by multiple different kinds of conditions simultaneously, so tools that seek to confirm true positives dynamically can concentrate on one kind at a time, e.g., only simulating user interactions. Lastly, many false positives arise due to a too liberal source/sink configuration. Taint analyses must be more carefully configured, and their configuration could benefit from better tool assistance.

In order to protect user data while maintaining application functionality, encrypted databases can use specialized cryptography such as property-revealing encryption, which allows a property of the underlying plaintext values to be computed from the ciphertext. One example is deterministic encryption which ensures that the same plaintext encrypted under the same key will produce the same ciphertext. This technology enables clients to make queries on sensitive data hosted in a cloud server and has considerable potential to protect data. However, the security implications of deterministic encryption are not well understood. We provide a leakage analysis of deterministic encryption through the application of the framework of quantitative information flow. A key insight from this framework is that there is no single "right'' measure by which leakage can be quantified: information flow depends on the operational scenario and different operational scenarios require different leakage measures. We evaluate leakage under three operational scenarios, modeled using three different gain functions, under a variety of prior distributions in order to bring clarity to this problem.

Measures and methods used in financial sector to quantify risk, have been recently applied to cyber world. The aim is to help organizations to improve risk management strategies and to wisely plan investments in cyber security. On the other hand, they are useful instruments for insurance companies in pricing cyber insurance contracts and setting the minimum capital requirements defined by the regulators. In this paper we propose an estimation of Value at Risk (VaR), referred to as Cyber Value at Risk in cyber security domain, and Tail Value at risk (TVaR). The data breach information we use is obtained from the “Chronology of data breaches” compiled by the Privacy Rights Clearinghouse.

Grid modernization efforts with the latest information and communication technologies will significantly benefit smart grids in the coming years. More optical fibre communications between consumers and the control center will promise better demand response and customer engagement, yet the increasing attack surface and man-in-the-middle (MITM) threats can result in security and privacy challenges. Among the studies for more secure smart grid communications, quantum key distribution protocols (QKD) have emerged as a promising option. To bridge the theoretical advantages of quantum communication to its practical utilization, however, comprehensive investigations have to be conducted with realistic cyber-physical smart grid structures and scenarios. To facilitate research in this direction, this paper proposes an open-source, research-oriented co-simulation platform that orchestrates cyber and power simulators under the MOSAIK framework. The proposed platform allows flexible and realistic power flow-based co-simulation of quantum communications and electrical grids, where different cyber and power topologies, QKD protocols, and attack threats can be investigated. Using quantum-based communication under MITM attacks, the paper presented detailed case studies to demonstrate how the platform enables quick setup of a lowvoltage distribution grid, implementation of different protocols and cryptosystems, as well as evaluations of both communication efficiency and security against MITM attacks. The platform has been made available online to empower researchers in the modelling of quantum-based cyber-physical systems, pilot studies on quantum communications in smart grid, as well as improved attack resilience against malicious intruders.

The safety of web browsers is essential to the privacy of Internet users and the security of their computing systems. In the last few years, there have been several cyber attacks geared towards compromising surfers' data and systems via exploiting browser-based vulnerabilities. Android and a number of mobile operating systems have been supporting a UI component called WebView, which can be embedded in any mobile application to render the web contents. Yet, this mini-browser component has been found to be vulnerable to various kinds of attacks. For instance, an attacker in her WebView-Embedded app can inject malicious JavaScripts into the WebView to modify the web contents or to steal user's input values. This kind of attack is particularly challenging due to the full control of attackers over the content of the loaded pages. In this paper, we are proposing and testing a server-side moving target defense technique to counter the risk of JavaScript injection attacks on mobile WebViews. The solution entails creating redundant HTML forms, randomizing their attributes and values, and asserting stealthy prompts for the user data. The solution does not dictate any changes to the browser or applications codes, neither it requires key sharing with benign clients. The results of our performance and security analysis suggest that our proposed approach protects the confidentiality and integrity of user input values with minimum overhead.

SCADA systems are being constantly migrated to modern information and communication technologies (ICT) -based systems named cyber-physical systems. Unfortunately, this allows attackers to execute exploitation techniques into these architectures. In addition, ransomware insertion is nowadays the most popular attacking vector because it denies the availability of critical files and systems until attackers receive the demanded ransom. In this paper, it is analysed the risk impact of ransomware insertion into SCADA systems and it is suggested countermeasures addressed to the protection of SCADA systems and its components to reduce the impact of ransomware insertion.

Modern cybercrimes have exponentially grown over the last one decade. Ransomware is one of the types of malware which is the result of sophisticated attempt to compromise the modern computer systems. The governments and large corporations are investing heavily to combat this cyber threat against their critical infrastructure. It has been observed that over the last few years that Industrial Control Systems (ICS) have become the main target of Ransomware due to the sensitive operations involved in the day to day processes of these industries. As the technology is evolving, more and more traditional industrial systems are replaced with advanced industry methods involving advanced technologies such as Internet of Things (IoT). These technology shift help improve business productivity and keep the company's global competitive in an overflowing competitive market. However, the systems involved need secure measures to protect integrity and availability which will help avoid any malfunctioning to their operations due to the cyber-attacks. There have been several cyber-attack incidents on healthcare, pharmaceutical, water cleaning and energy sector. These ICS' s are operated by remote control facilities and variety of other devices such as programmable logic controllers (PLC) and sensors to make a network. Cyber criminals are exploring vulnerabilities in the design of these ICS's to take the command and control of these systems and disrupt daily operations until ransomware is paid. This paper will provide critical analysis of the impact of Ransomware threat on SCADA systems.

Real-time discovery of all different types of unique attributes within unstructured data is a challenging problem to solve when dealing with multiple petabytes of unstructured data volume everyday. Popular discovery solutions such as the creation of offline jobs to uniquely identify attributes or running aggregation queries on raw data sets limits real time discovery use-cases and often results into poor resource utilization. The discovery information must be treated as a parallel problem to just storing raw data sets efficiently onto back-end big data systems. Solving the discovery problem by creating a parallel discovery data store infrastructure has multiple benefits as it allows such to channel the actual search queries against the raw data set in much more funneled manner instead of being widespread across the entire data sets. Such focused search queries and data separation are far more performant and requires less compute and memory footprint.

Recently, damage caused by ransomware has been increasing in PC and Android environments. There are many studies into real-time ransomware detection because the most important time to prevent encryption is before ransomware is able to execute its malicious process. Traditional analyses determine an application is ransomware or not by static/dynamic methods. Those analyses can serve as components of a method to detect ransomware in real time. However, problems can occur such as the inability to detect new/variant/unknown ransomware. These types require signed patches from a trusted party that can only be created after attacks occur. In a previous study into realtime new/variant/unknown ransomware detection in a PC environment, important files are monitored and only programs that have been previously analyzed and evaluated as nonmalicious are allowed. As such, programs that have not been analyzed are restricted from accessing important files. In an Android environment, this method can be applied using Android applications to prevent emerging threats and verify consistency with user intent. Thus, this paper proposes a method of detecting new/variant/unknown ransomware in real time in an Android environment.

Internet of Things (IoT) and 5G are emerging technologies that prompt a mobile service platform capable of provisioning billions of communication devices which enable ubiquitous computing and ambient intelligence. These novel approaches are guaranteeing gigabit-level bandwidth, ultra-low latency and ultra-high storage capacity for their subscribers. To achieve these limitations, ETSI has introduced the paradigm of Multi-Access Edge Computing (MEC) for creating efficient data processing architecture extending the cloud computing capabilities in the Radio Access Network (RAN). Despite the gained enhancements to the mobile network, MEC is subjected to security challenges raised from the heterogeneity of IoT services, intricacies in integrating virtualization technologies, and maintaining the performance guarantees of the mobile networks (i.e. 5G). In this paper, we are identifying the probable threat vectors in a typical MEC deployment scenario that comply with the ETSI standards. We analyse the identified threat vectors and propose solutions to mitigate them.

In order to better ensure the operation safety of the network, the real-time early warning of network security threats is studied based on the improved ant colony algorithm. Firstly, the network security threat perception algorithm is optimized based on the principle of neural network, and the network security threat detection process is standardized according to the optimized algorithm. Finally, the real-time early warning of network security threats is realized. Finally, the experiment proves that the network security threat real-time warning based on the improved ant colony algorithm has better security and stability than the traditional warning methods, and fully meets the research requirements.

In this paper, we propose a method for improving the robustness of real-time facial expression recognition. Although there are many ways to improve the accuracy of facial expression recognition, a revamp of the training framework and image preprocessing allow better results in applications. One existing problem is that when the camera is capturing images in high speed, changes in image characteristics may occur at certain moments due to the influence of light and other factors. Such changes can result in incorrect recognition of the human facial expression. To solve this problem for smooth system operation and maintenance of recognition speed, we take changes in image characteristics at high speed capturing into account. The proposed method does not use the immediate output for reference, but refers to the previous image for averaging to facilitate recognition. In this way, we are able to reduce interference by the characteristics of the images. The experimental results show that after adopting this method, overall robustness and accuracy of facial expression recognition have been greatly improved compared to those obtained by only the convolution neural network (CNN).

This paper proposes two adaptive Huffman coding hash tree algorithms to construct the hash tree of a file system. The algorithms are used to design the real-time proof of violation (PoV) scheme for the cloud storage service to achieve mutual non-repudiation between the user and the service provider. The PoV scheme can then generate cryptographic proofs once the service-level agreement (SLA) is violated. Based on adaptive Huffman coding, the proposed algorithms add hash tree nodes dynamically when a file is accessed for the first time. Every node keeps a count to reflect the frequency of occurrence of the associated file, and all nodes' counts and the tree structure are adjusted on-the-fly for every file access. This can significantly reduce the memory and computation overheads required by the PoV scheme. The file access patterns of the NCUCCWiki and the SNIA IOTTA datasets are used to evaluate the performance of the proposed algorithms. The algorithms are also compared with a related hash tree construction algorithm used in a PoV scheme, named ERA, to show their superiority in performance.

ECG signals are often corrupted by 50 Hz noise, the frequency from the power supply. So it becomes quite necessary to remove Power Line Interference (PLI) from the ECG signal. The reference ECG signal data was taken from the MIT-BIH database. Different filtering techniques comprising of Discrete Wavelet Transform (DWT), Normalized Least Mean Square (NLMS) filter, Finite Impulse Response (FIR) filter and Infinite Impulse Response (IIR) filter were used in this paper for denoising the ECG signal which was corrupted by the PLI. Later, the comparison was made among the methods, to find the best methodology to denoise the corrupted ECG signal. The parameters that were used for the comparison are Mean Square Error (MSE), Mean Absolute Error (MAE), Signal to Noise Ratio (SNR) and Peak Signal to Noise Ratio (PSNR). Higher values of SNR & PSNR and lower values of MSE & MAE define the best denoising algorithm.

Security has been a challenging aspect recently in the field of Web Development. A failure to obtain security in web applications may lead to complete destruction of the web application or may cause some loss to the user or the owner. To tackle this, a huge research on how to secure a web app has been going on for quite some time, yet to achieve security in today's modern era is a very difficult and no less than a challenge for web applications. All these things lead only to a vulnerable/faulty source code, formulated in coding such as PHP. Static Source Code analysis (SCSA) tools tend to give a solution to detect vulnerabilities, but they tend to detect vulnerabilities which actually are false positives, which leads to excess code reexamination. The proposed system will tackle the current situation of SCSA. This will be achieved by two additional modules to SCSA i.e. Taint analysis with False Positive Predictor which will detect and segregate the true vulnerable code from false positives respectively. The proposed system will be used by the Web Application programmers during testing of web application.

Automatic Speech Verification (ASV) systems are highly vulnerable to spoofing attacks, and replay attack poses the greatest threat among various spoofing attacks. In this paper, we propose a novel multi-channel feature extraction method with attention-based adaptive filters (AAF). Original phase information, discarded by conventional feature extraction techniques after Fast Fourier Transform (FFT), is promising in distinguishing genuine from replay spoofed speech. Accordingly, phase and magnitude information are respectively extracted as phase channel and magnitude channel complementary features in our system. First, we make discriminative ability analysis on full frequency bands with F-ratio methods. Then attention-based adaptive filters are implemented to maximize capturing of high discriminative information on frequency bands, and the results on ASVspoof 2017 challenge indicate that our proposed approach achieved relative error reduction rates of 78.7% and 59.8% on development and evaluation dataset than the baseline method.

In order to excavate security threats in power grid by making full use of heterogeneous data sources in power information system, this paper proposes APT (Advanced Persistent Threat) attack detection sandbox technology and active defense system based on big data analysis technology. First, the file is restored from the mirror traffic and executed statically. Then, sandbox execution was carried out to introduce analysis samples into controllable virtual environment, and dynamic analysis and operation samples were conducted. Through analyzing the dynamic processing process of samples, various known and unknown malicious code, APT attacks, high-risk Trojan horses and other network security risks were comprehensively detected. Finally, the threat assessment of malicious samples is carried out and visualized through the big data platform. The results show that the method proposed in this paper can effectively warn of unknown threats, improve the security level of system data, have a certain active defense ability. And it can effectively improve the speed and accuracy of power information system security situation prediction.

In recent years, due to the invasion of virus and loopholes, computer networks in colleges and universities have caused great adverse effects on schools, teachers and students. In order to improve the accuracy of computer network security evaluation, Back Propagation (BP) neural network was trained and built. The evaluation index and target expectations have been determined based on the expert system, with 15 secondary evaluation index values taken as input layer parameters, and the computer network security evaluation level values taken as output layer parameter. All data were divided into learning sample sets and forecasting sample sets. The results showed that the designed BP neural network exhibited a fast convergence speed and the system error was 0.000999654. Furthermore, the predictive values of the network were in good agreement with the experimental results, and the correlation coefficient was 0.98723. These results indicated that the network had an excellent training accuracy and generalization ability, which effectively reflected the performance of the system for the computer network security evaluation.

The laser security code has been widely used for providing guarantee for ensuring quality of productions and maintaining market circulation order. The laser security code is printed on the surface of the productions, and it may be disturbed by printing method, printing position, package texture and background, which will make the laser security code cannot work normally. The image enhancement algorithm combining with bilateral filter and contrast limited adaptive histogram equalization is provided, which can realize the enhanced display of laser security code in strong interference background. The performance of this algorithm is analyzed and evaluated by experiments, and it can prove that the indexes of this algorithm are better than others.

Big data will bring revolutionary changes from life to thinking for society as a whole. At the same time, the massive data and potential value of big data are subject to many security risks. Aiming at the above problems, a data privacy protection model for big data platform is proposed. First, the data privacy protection model of big data for data owners is introduced in detail, including protocol design, logic design, complexity analysis and security analysis. Then, the query privacy protection model of big data for ordinary users is introduced in detail, including query protocol design and query mode design. Complexity analysis and safety analysis are performed. Finally, a stand-alone simulation experiment is built for the proposed privacy protection model. Experimental data is obtained and analyzed. The feasibility of the privacy protection model is verified.

In order to avoid the situation that the diagnosis model based on single sensor data is easily disturbed by environmental noise and the diagnosis accuracy is low, an intelligent fault fusion diagnosis method for marine diesel engine is proposed. Firstly, the support vector machine which is optimized by genetic algorithm is used to learn the fault sample data from different sensors, then multiple fault diagnosis models and results can be got. After that, multiple groups of diagnosis results are taken as evidence bodies and fused by evidence theory to obtain more accurate diagnosis results. By analyzing the sample data obtained from the fault simulation experiment of marine diesel engine based on AVL BOOST software, the proposed method can improve the fault diagnosis accuracy of marine diesel engine and reduce the uncertainty value of diagnosis results.

With the continuous development of information technology, our country has achieved great progress and development in Electronic Science and technology. Nowadays mobile embedded systems are gradually coming into people's vision. Mobile embedded system is a brand-new computer technology in the current computer technology. Now it has been widely used in enterprises. Mobile embedded system extends its functions mainly by combining the access capability of the Internet. Nowadays, embedded system network is widely welcomed by people. But for the embedded system network, there are also a variety of network attacks. Therefore, in the research process of this paper, we mainly start with the way of embedded network security and network attack, and then carry out the countermeasures to improve the network security of embedded system, which is to provide a good reference for improving the security and stability of embedded system.

this paper first analyses the new challenges of power information network management, difficulties of the power information network resource survey and vulnerability detection are proposed. Then, a linkage model of network resource survey and vulnerability detection is designed, and the framework of three modules in the model is described, meanwhile the process of network resources survey and vulnerability detection linkage is proposed. Finally, the implementation technologies are given corresponding to the main functions of each module.