Biblio

Securing communication and information is known as cryptography. To convert messages from plain text to cipher text and the other way around. It is the process of protecting the data and sending it to the right audience so they can understand and process it. Hence, unauthorized access is avoided. This work suggests leveraging DNA technology for encrypt and decrypt the data. The main aim of utilizing the AES in this stage will transform ASCII code to hexadecimal to binary coded form and generate DNA. The message is encrypted with a random key. Shared key used for encrypt and decrypt the data. The encrypted data will be disguised as an image using steganography. To protect our data from hijackers, assailants, and muggers, it is frequently employed in institutions, banking, etc.

Video summarization aims to improve the efficiency of large-scale video browsing through producting concise summaries. It has been popular among many scenarios such as video surveillance, video review and data annotation. Traditional video summarization techniques focus on filtration in image features dimension or image semantics dimension. However, such techniques can make a large amount of possible useful information lost, especially for many videos with rich text semantics like interviews, teaching videos, in that only the information relevant to the image dimension will be retained. In order to solve the above problem, this paper considers video summarization as a continuous multi-dimensional decision-making process. Specifically, the summarization model predicts a probability for each frame and its corresponding text, and then we designs reward methods for each of them. Finally, comprehensive summaries in two dimensions, i.e. images and semantics, is generated. This approach is not only unsupervised and does not rely on labels and user interaction, but also decouples the semantic and image summarization models to provide more usable interfaces for subsequent engineering use.

The Internet of Vehicles (IoV) has a tremendous prospect for numerous vehicular applications. IoV enables vehicles to transmit data to improve roadway safety and efficiency. Data security is essential for increasing the security and privacy of vehicle and roadway infrastructures in IoV systems. Several researchers proposed numerous solutions to address security and privacy issues in IoV systems. However, these issues are not proper solutions that lack data authentication and verification protocols. In this paper, a blockchain-enabled automated data management system for vehicles has been proposed and demonstrated. This work enables automated data verification and authentication using smart contracts. Certified organizations can only access vehicle data uploaded by the vehicle user to the Interplanetary File System (IPFS) server through that vehicle user’s consent. The proposed system increases the security of vehicles and data. Vehicle privacy is also maintained here by increasing data privacy.

Previous work has shown that a neural network with the rectified linear unit (ReLU) activation function leads to a convex polyhedral decomposition of the input space. These decompositions can be represented by a dual graph with vertices corresponding to polyhedra and edges corresponding to polyhedra sharing a facet, which is a subgraph of a Hamming graph. This paper illustrates how one can utilize the dual graph to detect and analyze adversarial attacks in the context of digital images. When an image passes through a network containing ReLU nodes, the firing or non-firing at a node can be encoded as a bit (1 for ReLU activation, 0 for ReLU non-activation). The sequence of all bit activations identifies the image with a bit vector, which identifies it with a polyhedron in the decomposition and, in turn, identifies it with a vertex in the dual graph. We identify ReLU bits that are discriminators between non-adversarial and adversarial images and examine how well collections of these discriminators can ensemble vote to build an adversarial image detector. Specifically, we examine the similarities and differences of ReLU bit vectors for adversarial images, and their non-adversarial counterparts, using a pre-trained ResNet-50 architecture. While this paper focuses on adversarial digital images, ResNet-50 architecture, and the ReLU activation function, our methods extend to other network architectures, activation functions, and types of datasets.

Android malware is continuously evolving at an alarming rate due to the growing vulnerabilities. This demands more effective malware detection methods. This paper presents DynaMalDroid, a dynamic analysis-based framework to detect malicious applications in the Android platform. The proposed framework contains three modules: dynamic analysis, feature engineering, and detection. We utilized the well-known CICMalDroid2020 dataset, and the system calls of apps are extracted through dynamic analysis. We trained our proposed model to recognize malware by selecting features obtained through the feature engineering module. Further, with these selected features, the detection module applies different Machine Learning classifiers like Random Forest, Decision Tree, Logistic Regression, Support Vector Machine, Naïve-Bayes, K-Nearest Neighbour, and AdaBoost, to recognize whether an application is malicious or not. The experiments have shown that several classifiers have demonstrated excellent performance and have an accuracy of up to 99%. The models with Support Vector Machine and AdaBoost classifiers have provided better detection accuracy of 99.3% and 99.5%, respectively.

As information and communication technologies evolve every day, so does the use of technology in our daily lives. Along with our increasing dependence on digital information assets, security vulnerabilities are becoming more and more apparent. Passwords are a critical component of secure access to digital systems and applications. They not only prevent unauthorized access to these systems, but also distinguish the users of such systems. Research on password predictability often relies on surveys or leaked data. Therefore, there is a gap in the literature for studies that consider real data in this regard. This study investigates the password security awareness of 161 computer engineering students enrolled in a Linux-based undergraduate course at Ataturk University. The study is conducted in two phases, and in the first phase, 12 dictionaries containing also real student data are formed. In the second phase of the study, a dictionary-based brute-force attack is utilized by means of a serial and parallel version of a Bash script to crack the students’ passwords. In this respect, the /etc/shadow file of the Linux system is used as a basis to compare the hashed versions of the guessed passwords. As a result, the passwords of 23 students, accounting for 14% of the entire student group, were cracked. We believe that this is an unacceptably high prediction rate for such a group with high digital literacy. Therefore, due to this important finding of the study, we took immediate action and shared the results of the study with the instructor responsible for administering the information security course that is included in our curriculum and offered in one of the following semesters.

Human facial emotion recognition pays a variety of applications in society. The basic idea of Facial Emotion Recognition is to map the different facial emotions to a variety of emotional states. Conventional Facial Emotion Recognition consists of two processes: extracting the features and feature selection. Nowadays, in deep learning algorithms, Convolutional Neural Networks are primarily used in Facial Emotion Recognition because of their hidden feature extraction from the images. Usually, the standard Convolutional Neural Network has simple learning algorithms with finite feature extraction layers for extracting information. The drawback of the earlier approach was that they validated only the frontal view of the photos even though the image was obtained from different angles. This research work uses a deep Convolutional Neural Network along with a DenseNet-169 as a backbone network for recognizing facial emotions. The emotion Recognition dataset was used to recognize the emotions with an accuracy of 96%.

Fake news is a new phenomenon that promotes misleading information and fraud via internet social media or traditional news sources. Fake news is readily manufactured and transmitted across numerous social media platforms nowadays, and it has a significant influence on the real world. It is vital to create effective algorithms and tools for detecting misleading information on social media platforms. Most modern research approaches for identifying fraudulent information are based on machine learning, deep learning, feature engineering, graph mining, image and video analysis, and newly built datasets and online services. There is a pressing need to develop a viable approach for readily detecting misleading information. The deep learning LSTM and Bi-LSTM model was proposed as a method for detecting fake news, In this work. First, the NLTK toolkit was used to remove stop words, punctuation, and special characters from the text. The same toolset is used to tokenize and preprocess the text. Since then, GLOVE word embeddings have incorporated higher-level characteristics of the input text extracted from long-term relationships between word sequences captured by the RNN-LSTM, Bi-LSTM model to the preprocessed text. The proposed model additionally employs dropout technology with Dense layers to improve the model's efficiency. The proposed RNN Bi-LSTM-based technique obtains the best accuracy of 94%, and 93% using the Adam optimizer and the Binary cross-entropy loss function with Dropout (0.1,0.2), Once the Dropout range increases it decreases the accuracy of the model as it goes 92% once Dropout (0.3).

From the past few years cloud services are so popular and are being used by many people from various domains for various purposes such as data storage, e-mails, backing up data and much more. While there were many options to perform such things why did people choose cloud? The answer is clouds are more flexible, convenient, reliable and efficient. Coming to security of data over cloud, it is secure to store data over cloud rather than storing data locally as there is chance of some computer breakdown or any natural disaster may also occur. There are also many threats for data security over cloud namely data breaching, lack of access-key management and much more. As the data has been processed and being stored online for various purposes, there is a clear requirement for data security. Many organizations face various challenges while storing their data over cloud such as data leakages, account hijacking, insufficient credentials and so on. So to overcome these challenges and safeguard the data, various encryption techniques were implemented. However, even though encryption is used, the data still needs to be decrypted in order to do any type of operation. As a result, we must choose a manner in which the data can be analyzed, searched for, or used in any other way without needing to be decoded. So, the objective is to introduce a technique that goes right for the above conditions mentioned and for data security over cloud.

Currently, mobile ad hoc networks (MANETs) are widely used due to its self-configuring feature. However, it is vulnerable to the malicious jammers in practice. Traditional anti-jamming approaches, such as channel hopping based on deterministic sequences, may not be the reliable solution against intelligent jammers due to its fixed patterns. To address this problem, we propose a distributed game theory-based multi-agent anti-jamming (DMAA) algorithm in this paper. It enables each user to exploit all information from its neighboring users before the network attacks, and derive dynamic local policy knowledge to overcome intelligent jamming attacks efficiently as well as guide the users to cooperatively hop to the same channel with high probability. Simulation results demonstrate that the proposed algorithm can learn an optimal policy to guide the users to avoid malicious jamming more efficiently and rapidly than the random and independent Q-learning baseline algorithms,

Artificial Intelligence (AI) technology is developing rapidly, permeating every aspect of human life. Although the integration between AI and communication contributes to the flourishing development of wireless communication, it induces severer security problems. As a supplement to the upper-layer cryptography protocol, physical layer security has become an intriguing technology to ensure the security of wireless communication systems. However, most of the current physical layer security research does not consider the intelligence and mobility of collusive eavesdroppers. In this paper, we consider a MIMO system model with a friendly intelligent jammer against multiple collusive intelligent eavesdroppers, and zero-sum game is exploited to formulate the confrontation of them. The Nash equilibrium is derived by convex optimization and alternative optimization in the free-space scenario of a single user system. We propose a zero-sum game deep learning algorithm (ZGDL) for general situations to solve non-convex game problems. In terms of the effectiveness, simulations are conducted to confirm that the proposed algorithm can obtain the Nash equilibrium.

To exploit high temporal correlations in video frames of the same scene, the current frame is predicted from the already-encoded reference frames using block-based motion estimation and compensation techniques. While this approach can efficiently exploit the translation motion of the moving objects, it is susceptible to other types of affine motion and object occlusion/deocclusion. Recently, deep learning has been used to model the high-level structure of human pose in specific actions from short videos and then generate virtual frames in future time by predicting the pose using a generative adversarial network (GAN). Therefore, modelling the high-level structure of human pose is able to exploit semantic correlation by predicting human actions and determining its trajectory. Video surveillance applications will benefit as stored “big” surveillance data can be compressed by estimating human pose trajectories and generating future frames through semantic correlation. This paper explores a new way of video coding by modelling human pose from the already-encoded frames and using the generated frame at the current time as an additional forward-referencing frame. It is expected that the proposed approach can overcome the limitations of the traditional backward-referencing frames by predicting the blocks containing the moving objects with lower residuals. Our experimental results show that the proposed approach can achieve on average up to 2.83 dB PSNR gain and 25.93% bitrate savings for high motion video sequences compared to standard video coding.

This paper assesses the impact on the performance that information-theoretic physical layer security (IT-PLS) introduces when integrated into a 5G New Radio (NR) system. For this, we implement a wiretap code for IT-PLS based on a modular coding scheme that uses a universal-hash function in its security layer. The main advantage of this approach lies in its flexible integration into the lower layers of the 5G NR protocol stack without affecting the communication's reliability. Specifically, we use IT-PLS to secure the transmission of downlink control information by integrating an extra pre-coding security layer as part of the physical downlink control channel (PDCCH) procedures, thus not requiring any change of the 3GPP 38 series standard. We conduct experiments using a real-time open-source 5G NR standalone implementation and use software-defined radios for over-the-air transmissions in a controlled laboratory environment. The overhead added by IT-PLS is determined in terms of the latency introduced into the system, which is measured at the physical layer for an end-to-end (E2E) connection between the gNB and the user equipment.

In the process of compiling the power-cut window period of the power grid equipment maintenance plan, problems such as omission of constraints are prone to occur due to excessive reliance on manual experience. In response to these problems, this paper proposes a method for mining key features of the power-cut window based on grey relational analysis. Through mining and analysis of the historical operation data of the power grid, the operation data of new energy, and the historical power-cut information of equipment, the indicators that play a key role in the arrangement of the outage window period of the equipment maintenance plan are found. Then use the key indicator information to formulate the window period. By mining the relationship between power grid operation data and equipment power outages, this paper can give full play to the big data advantages of the power grid, improve the accuracy and efficiency of the power-cut window period.

Populations move across regions in search of better living possibilities, better life outcomes or going away from problems that affected their lives in the previous region they lived in. In the United States of America, this problem has been happening over decades. Intelligent Conversational Text-based Agents, also called Chatbots, and Artificial Intelligence are increasingly present in our lives and over recent years, their presence has increased considerably, due to the usability cases and the familiarity they are wining constantly. Using NLP algorithms for law in accessible platforms allows scaling of users to access a certain level of law expert who could assist users in need. This paper describes the motivation and circumstances of this problem as well as the description of the development of an Intelligent Conversational Agent system that was used by immigrants in the USA so they could get answers to questions and get suggestions about better legal options they could have access to. This system has helped thousands of people, especially in California

With the dramatic increase in malicious software, the sophistication and innovation of malware have increased over the years. In particular, the dynamic analysis based on the deep neural network has shown high accuracy in malware detection. However, most of the existing methods only employ the raw API sequence feature, which cannot accurately reflect the actual behavior of malicious programs in detail. The relationship between API calls is critical for detecting suspicious behavior. Therefore, this paper proposes a malware detection method based on the graph neural network. We first connect the API sequences executed by different processes to build a directed process graph. Then, we apply Bert to encode the API sequences of each process into node embedding, which facilitates the semantic execution information inside the processes. Finally, we employ GCN to mine the deep semantic information based on the directed process graph and node embedding. In addition to presenting the design, we have implemented and evaluated our method on 10,000 malware and 10,000 benign software datasets. The results show that the precision and recall of our detection model reach 97.84% and 97.83%, verifying the effectiveness of our proposed method.

Data security is the process of protecting data from loss, alteration, or unauthorised access during its entire lifecycle. It includes everything from the policies and practices of a company to the hardware, software, storage, and user devices used by that company. Data security tools and technology increase transparency into an organization's data and its usage. These tools can protect data by employing methods including encryption and data masking personally identifiable information.. Additionally, the method aids businesses in streamlining their auditing operations and adhering to the increasingly strict data protection rules.

We show that the most common flavors of noisy leakage can be simulated in the information-theoretic setting using a single query of bounded leakage, up to a small statistical simulation error and a slight loss in the leakage parameter. The latter holds true in particular for one of the most used noisy-leakage models, where the noisiness is measured using the conditional average min-entropy (Naor and Segev, CRYPTO’09 and SICOMP’12). Our reductions between noisy and bounded leakage are achieved in two steps. First, we put forward a new leakage model (dubbed the dense leakage model) and prove that dense leakage can be simulated in the information-theoretic setting using a single query of bounded leakage, up to small statistical distance. Second, we show that the most common noisy-leakage models fall within the class of dense leakage, with good parameters. Third, we prove lower bounds on the amount of bounded leakage required for simulation with sub-constant error, showing that our reductions are nearly optimal. In particular, our results imply that useful general simulation of noisy leakage based on statistical distance and mutual information is impossible. We also provide a complete picture of the relationships between different noisy-leakage models. Our result finds applications to leakage-resilient cryptography, where we are often able to lift security in the presence of bounded leakage to security in the presence of noisy leakage, both in the information-theoretic and in the computational setting. Remarkably, this lifting procedure makes only black-box use of the underlying schemes. Additionally, we show how to use lower bounds in communication complexity to prove that bounded-collusion protocols (Kumar, Meka, and Sahai, FOCS’19) for certain functions do not only require long transcripts, but also necessarily need to reveal enough information about the inputs.

In recent years, as an important part of the Internet, web applications have gradually penetrated into life. Now enterprises, units and institutions are using web applications regardless of size. Intrusion detection to effectively identify malicious traffic has become an inevitable requirement for the development of network security technology. In addition, the proportion of deserialization vulnerabilities is increasing. Traditional intrusion detection mostly focuses on the identification of SQL injection, XSS, and command execution, and there are few studies on the identification of deserialization attack traffic. This paper use a method to extracts relevant features from the deserialized traffic or even the obfuscated deserialized traffic by reorganizing the traffic and running the relevant content through simulation, and combines deep learning technology to make judgments to efficiently identify deserialization attacks. Finally, a prototype system was designed to capture related attacks in real-world. The technology can be used in the field of malicious traffic detection and help combat Internet crimes in the future.

This paper studies Distributed Denial of Service (DDoS) attack detection by adopting the Deep Neural Network (DNN) model in Software Defined Networking (SDN). We first deploy the flow collector module to collect the flow table entries. Considering the detection efficiency of the DNN model, we also design some features manually in addition to the features automatically obtained by the flow table. Then we use the preprocessed data to train the DNN model and make a prediction. The overall detection framework is deployed in the SDN controller. The experiment results illustrate DNN model has higher accuracy in identifying attack traffic than machine learning algorithms, which lays a foundation for the defense against DDoS attack.

Based on the analysis of material performance data management requirements, a network-sharing scheme of material performance data is proposed. A material performance database system including material performance data collection, data query, data analysis, data visualization, data security management and control modules is designed to solve the problems of existing material performance database network sharing, data fusion and multidisciplinary support, and intelligent services Inadequate standardization and data security control. This paper adopts hierarchical access control strategy. After logging into the material performance database system, users can standardize the material performance data and store them to form a shared material performance database. The standardized material performance data of the database system shall be queried and shared under control according to the authority. Then, the database system compares and analyzes the material performance data obtained from controlled query sharing. Finally, the database system visualizes the shared results of controlled queries and the comparative analysis results obtained. The database system adopts the MVC architecture based on B/S (client/server) cross platform J2EE. The Third-party computing platforms are integrated in System. Users can easily use material performance data and related services through browsers and networks. MongoDB database is used for data storage, supporting distributed storage and efficient query.

A distributed denial-of-service (DDoS) is a malicious attempt by attackers to disrupt the normal traffic of a targeted server, service or network. This is done by overwhelming the target and its surrounding infrastructure with a flood of Internet traffic. The multiple compromised computer systems (bots or zombies) then act as sources of attack traffic. Exploited machines can include computers and other network resources such as IoT devices. The attack results in either degraded network performance or a total service outage of critical infrastructure. This can lead to heavy financial losses and reputational damage. These attacks maximise effectiveness by controlling the affected systems remotely and establishing a network of bots called bot networks. It is very difficult to separate the attack traffic from normal traffic. Early detection is essential for successful mitigation of the attack, which gives rise to a very important role in cybersecurity to detect the attacks and mitigate the effects. This can be done by deploying machine learning or deep learning models to monitor the traffic data. We propose using various machine learning and deep learning algorithms to analyse the traffic patterns and separate malicious traffic from normal traffic. Two suitable datasets have been identified (DDoS attack SDN dataset and CICDDoS2019 dataset). All essential preprocessing is performed on both datasets. Feature selection is also performed before detection techniques are applied. 8 different Neural Networks/ Ensemble/ Machine Learning models are chosen and the datasets are analysed. The best model is chosen based on the performance metrics (DEEP NEURAL NETWORK MODEL). An alternative is also suggested (Next best - Hypermodel). Optimisation by Hyperparameter tuning further enhances the accuracy. Based on the nature of the attack and the intended target, suitable mitigation procedures can then be deployed.

Internet of Things (IoT) is widely present nowadays, from businesses to connected houses, and more. IoT is considered a part of the Internet of the future and will comprise billions of intelligent communication. These devices transmit data from sensors to entities like servers to perform suitable responses. The problem of securing these data from cyberattacks increases due to the sensitive information it contains. In addition, studies have shown that most of the time data transiting in IoT devices does not apply encrypted communication. Thus, anyone has the ability to listen to or modify the information. Encrypting communications seems mandatory to secure networks and data transiting from sensors to servers. In this paper, we propose an approach to secure the transmission and the storage of data in IoT using Elliptic Curve Cryptography (ECC). The proposed method offers a high level of security at a reasonable computational cost. Indeed, we present an adequate architecture that ensures the use of a state-of-the-art cryptography algorithm to encrypt sensitive data in IoT.

Security authentication can effectively solve the problem of access to Low Earth Orbit (LEO) satellites. However, the existing solutions still harbor some problems in the computational complexity of satellite authentication, flexible networking, resistance to brute force attacks and other aspects. So, a security authentication scheme for LEO satellites that integrates spatial channel characteristics is designed within the software defined network architecture. In this scheme, the spatial channel characteristics are introduced to the subsequent lightweight encryption algorithm to achieve effective defense against brute force attacks. According to security analysis and simulation results, the scheme can effectively reduce the computational overhead while protecting against replay attacks, brute force attacks, DOS attacks, and other known attacks.

Side Channel Attacks (SCAs), an attack that exploits the physical information generated when an encryption algorithm is executed on a device to recover the key, has become one of the key threats to the security of encrypted devices. Recently, with the development of deep learning, deep learning techniques have been applied to SCAs with good results on publicly available dataset experiences. In this paper, we propose a power traces decomposition method that divides the original power traces into two parts, where the data-influenced part is defined as data power traces (Tdata) and the other part is defined as device constant power traces, and use the Tdata for training the network model, which has more obvious advantages than using the original power traces for training the network model. To verify the effectiveness of the approach, we evaluated the ATXmega128D4 microcontroller by capturing the power traces generated when implementing AES-128. Experimental results show that network models trained using Tdata outperform network models trained using raw power traces (Traw ) in terms of classification accuracy, training time, cross-subkey recovery key, and cross-device recovery key.