Biblio

Information security has become a major challenge in data transmission. Data transmitted through the network is vulnerable to many passive and active attacks. Cryptographic algorithms provide security against the data intruders and provide secure network communication. In this method, two algorithms TEA and DNA are combined to form a new algorithm called DETD (Double Encryption using TEA and DNA). The algorithm mainly deals with encryption and decryption time of a given input text. Here, both the encryption and decryption time are compared with the other two algorithms and the results are recorded. This algorithm also aims to provide data security by increasing the levels of encryption.

The similarity detection of the program has important significance in code reuse, plagiarism detection, intellectual property protection and information retrieval methods. Attribute counting methods cannot take into account program semantics. The method based on syntax tree or graph structure has a very high construction cost and low space efficiency. So it is difficult to solve problems in large-scale software systems. This paper uses different decision strategies for different levels, then puts forward a similarity detection method at the file level. This method can make full use of the features of the program and take into account the space-time efficiency. By using static analysis methods, we get function features and control flow features of files. And based on this, we establish the function call graph. The similar degree between two files can be measured with the two graphs. Experimental results show the method can effectively detect similar files. Finally, this paper discusses the direction of development of this method.

The process for determining how to respond to a cyberattack involves evaluating many factors, including some with competing risks. Consequentially, decision makers in the private sector and policymakers in the U.S. government (USG) need a framework in order to make effective response decisions. The authors' research identified two competing risks: 1) the risk of not responding forcefully enough to deter a suspected attacker, and 2) responding in a manner that escalates a situation with an attacker. The authors also identified three primary factors that influence these risks: attribution confidence/time, the scale of the attack, and the relationship with the suspected attacker. This paper provides a framework to help decision makers understand how these factors interact to influence the risks associated with potential response options to cyberattacks. The views expressed do not reflect the official policy or position of the National Intelligence University, the Department of Defense, the U.S. Intelligence Community, or the U.S. Government.

Power systems domain has generally been very conservative in terms of conducting digital forensic investigations, especially so since the advent of smart grids. This lack of research due to a multitude of challenges has resulted in absence of knowledge base and resources to facilitate such an investigation. Digitalization in the form of smart grids is upon us but in case of cyber-attacks, attribution to such attacks is challenging and difficult if not impossible. In this research, we have identified digital forensic artifacts resulting from a cyber-attack on Wide Area Monitoring, Protection and Control (WAMPAC) systems, which will help an investigator attribute an attack using the identified evidences. The research also shows the usage of sandboxing for digital forensics along with hardware-in-the-loop (HIL) setup. This is first of its kind effort to identify and acquire all the digital forensic evidences for WAMPAC systems which will ultimately help in building a body of knowledge and taxonomy for power system forensics.

K-nearest neighbor (kNN) search has wide applications in many areas, including data mining, machine learning, statistics and many applied domains. Inspired by the success of ensemble methods and the flexibility of tree-based methodology, we propose random projection forests, rpForests, for kNN search. rpForests finds kNNs by aggregating results from an ensemble of random projection trees with each constructed recursively through a series of carefully chosen random projections. rpForests achieves a remarkable accuracy in terms of fast decay in the missing rate of kNNs and that of discrepancy in the kNN distances. rpForests has a very low computational complexity. The ensemble nature of rpForests makes it easily run in parallel on multicore or clustered computers; the running time is expected to be nearly inversely proportional to the number of cores or machines. We give theoretical insights by showing the exponential decay of the probability that neighboring points would be separated by ensemble random projection trees when the ensemble size increases. Our theory can be used to refine the choice of random projections in the growth of trees, and experiments show that the effect is remarkable.

Machine-to-Machine (M2M) networks being connected to the internet at large, inherit all the cyber-vulnerabilities of the standard Information Technology (IT) systems. Since perfect cyber-security and robustness is an idealistic construct, it is worthwhile to design intrusion detection schemes to quickly detect and mitigate the harmful consequences of cyber-attacks. Volumetric anomaly detection have been popularized due to their low-complexity, but they cannot detect low-volume sophisticated attacks and also suffer from high false-alarm rate. To overcome these limitations, feature-based detection schemes have been studied for IT networks. However these schemes cannot be easily adapted to M2M systems due to the fundamental architectural and functional differences between the M2M and IT systems. In this paper, we propose novel feature-based detection schemes for a general M2M uplink to detect Distributed Denial-of-Service (DDoS) attacks, emergency scenarios and terminal device failures. The detection for DDoS attack and emergency scenarios involves building up a database of legitimate M2M connections during a training phase and then flagging the new M2M connections as anomalies during the evaluation phase. To distinguish between DDoS attack and emergency scenarios that yield similar signatures for anomaly detection schemes, we propose a modified Canberra distance metric. It basically measures the similarity or differences in the characteristics of inter-arrival time epochs for any two anomalous streams. We detect device failures by inspecting for the decrease in active M2M connections over a reasonably large time interval. Lastly using Monte-Carlo simulations, we show that the proposed anomaly detection schemes have high detection performance and low-false alarm rate.

The security threats to mobile applications are growing explosively. Mobile apps flaws and security defects open doors for hackers to break in and access sensitive information. Defensive requirements analysis should be an integral part of secure mobile SDLC. Developers need to consider the information confidentiality and data integrity, to verify the security early in the development lifecycle rather than fixing the security holes after attacking and data leaks take place. Early eliminating known security vulnerabilities will help developers increase the security of apps and reduce the likelihood of exploitation. However, many software developers lack the necessary security knowledge and skills at the development stage, and that's why Secure Mobile Software Development education is very necessary for mobile software engineers. In this paper, we propose a guided security requirement analysis based on OWASP Mobile Top ten security risk recommendations for Android mobile software development and its traceability of the developmental controls in SDLC. Building secure apps immune to the OWASP Mobile Top ten risks would be an effective approach to provide very useful mobile security guidelines.

Cryptography is widely adopted in computer systems to protect the confidentiality of sensitive information. The security relies on the assumption that cryptography keys are never leaked, which may be broken by the memory disclosure attacks, e.g., the Heartbleed and coldboot attacks. Various schemes are proposed to defend against memory disclosure attacks, e.g., performing the cryptographic computations in registers, or adopting the hardware features (e.g., Intel TSX and Intel SGX) to ensure that the plaintext of the cryptography key never appears in memory. However, these schemes are still not widely deployed due to the following limitations: (a) Most of the schemes are deployed in the OS kernel and require the root (or administrator) privileges of the host; and (b) They require the programmers to integrate these protection schemes in the implementation of different cryptography algorithms on different platforms. In this paper, we propose a tool implemented in Clang/LLVM, named Peapods, which provides the user-mode protection for cryptographic keys in software engines. It introduces one qualifier and three intrinsics for the programmers to specify the sensitive variables and code fragments to be protected, making it easier to be deployed. Peapods adopts transactional memory to protect cryptographic keys, while it is OS-independent and does not require the cryptographic computation performed in the OS kernel. Peapods supports the automatic protection between transactions for better performance. We have implemented the prototype of Peapods. Evaluation results demonstrate that Peapods achieves the design goals with a modest overhead (less than 10%).

The aim of this paper is to explore the performance of two well-known wave energy converters (WECs) namely Floating Buoy Point Absorber (FBPA) and Oscillating Surge (OS) in onshore and offshore locations. To achieve clean energy targets by reducing greenhouse gas emissions, integration of renewable energy resources is continuously increasing all around the world. In addition to widespread renewable energy source such as wind and solar photovoltaic (PV), wave energy extracted from ocean is becoming more tangible day by day. In the literature, a number of WEC devices are reported. However, further investigations are still needed to better understand the behaviors of FBPA WEC and OS WEC under irregular wave conditions in onshore and offshore locations. Note that being surrounded by Bay of Bengal, Bangladesh has huge scope of utilizing wave power. To this end, FBPA WEC and OS WEC are simulated using the typical onshore and offshore wave height and wave period of the coastal area of Bangladesh. Afterwards, performances of the aforementioned two WECs are compared by analyzing their power output.

We consider a pharmaceutical supply chain where the manufacturer sources a customized product with unique attributes from a set of unreliable suppliers. We model the likelihood of a supplier to successfully deliver the product via Bayesian logistic regression and use simulation to obtain the posterior distribution of the unknown parameters of this model. We study the role of so-called input-model uncertainty in estimating the likelihood of the supply failure, which is the probability that none of the suppliers in a given supplier portfolio can successfully deliver the product. We investigate how the input-model uncertainty changes with respect to the characteristics of the historical data on the past realizations of the supplier performances and the product attributes.

Because of the high-value data of an enterprise, sophisticated cyber-attacks targeted at enterprise networks have become prominent. Attack graphs are useful tools that facilitate a scalable security analysis of enterprise networks. However, the administrators face difficulties in effectively modelling security problems and making right decisions when constructing attack graphs as their risk assessment experience is often limited. In this paper, we propose an innovative method of security assessment through an ontology- and graph-based approach. An ontology is designed to represent security knowledge such as assets, vulnerabilities, attacks, countermeasures, and relationships between them in a common vocabulary. An efficient algorithm is proposed to generate an attack graph based on the inference ability of the security ontology. The proposed algorithm is evaluated with different sizes and topologies of test networks; the results show that our proposed algorithm facilitates a scalable security analysis of enterprise networks.

Today, as surveillance systems are widely used for indoor and outdoor monitoring applications, there is a growing interest in real-time generation detection and there are many different applications for real-time generation detection and analysis. Two-dimensional videos; It is used in multimedia content-based indexing, information acquisition, visual surveillance and distributed cross-camera surveillance systems, human tracking, traffic monitoring and similar applications. It is of great importance for the development of systems for national security by following a moving target within the scope of military applications. In this research, a more efficient solution is proposed in addition to the existing methods. Therefore, we present YOLO, a new approach to object detection for military applications.

A Mobile Ad Hoc Network (MANET) is considered a type of network which is wireless and has no fixed infrastructure composed of a set if nodes in self organized fashion which are randomly, frequently and unpredictably mobile. MANETs can be applied in both military and civil environments ones because of its numerous applications. This is due to their special characteristics and self-configuration capability. This is due to its dynamic nature, lack of fixed infrastructure, and the no need of being centrally managed; a special type of routing protocols such as Anonymous routing protocols are needed to hide the identifiable information of communicating parties, while preserving the communication secrecy. This paper provides an examination of a comprehensive list of anonymous routing protocols in MANET, focusing their security and performance capabilities.

The Internet of things (IoT) is a distributed, networked system composed of many embedded sensor devices. Unfortunately, these devices are resource constrained and susceptible to malicious data-integrity attacks and failures, leading to unreliability and sometimes to major failure of parts of the entire system. Intrusion detection and failure handling are essential requirements for IoT security. Nevertheless, as far as we know, the area of data-integrity detection for IoT has yet to receive much attention. Most previous intrusion-detection methods proposed for IoT, particularly for wireless sensor networks (WSNs), focus only on specific types of network attacks. Moreover, these approaches usually rely on using precise values to specify abnormality thresholds. However, sensor readings are often imprecise and crisp threshold values are inappropriate. To guarantee a lightweight, dependable monitoring system, we propose a novel hierarchical framework for detecting abnormal nodes in WSNs. The proposed approach uses fuzzy logic in event-condition-action (ECA) rule-based WSNs to detect malicious nodes, while also considering failed nodes. The spatiotemporal semantics of heterogeneous sensor readings are considered in the decision process to distinguish malicious data from other anomalies. Following our experiments with the proposed framework, we stress the significance of considering the sensor correlations to achieve detection accuracy, which has been neglected in previous studies. Our experiments using real-world sensor data demonstrate that our approach can provide high detection accuracy with low false-alarm rates. We also show that our approach performs well when compared to two well-known classification algorithms.

From the last few years, security in wireless sensor network (WSN) is essential because WSN application uses important information sharing between the nodes. There are large number of issues raised related to security due to open deployment of network. The attackers disturb the security system by attacking the different protocol layers in WSN. The standard AODV routing protocol faces security issues when the route discovery process takes place. The data should be transmitted in a secure path to the destination. Therefore, to support the process we have proposed a trust based intrusion detection system (NL-IDS) for network layer in WSN to detect the Black hole attackers in the network. The sensor node trust is calculated as per the deviation of key factor at the network layer based on the Black hole attack. We use the watchdog technique where a sensor node continuously monitors the neighbor node by calculating a periodic trust value. Finally, the overall trust value of the sensor node is evaluated by the gathered values of trust metrics of the network layer (past and previous trust values). This NL-IDS scheme is efficient to identify the malicious node with respect to Black hole attack at the network layer. To analyze the performance of NL-IDS, we have simulated the model in MATLAB R2015a, and the result shows that NL-IDS is better than Wang et al. [11] as compare of detection accuracy and false alarm rate.

Machine learning (ML) models are often trained using private datasets that are very expensive to collect, or highly sensitive, using large amounts of computing power. The models are commonly exposed either through online APIs, or used in hardware devices deployed in the field or given to the end users. This provides an incentive for adversaries to steal these ML models as a proxy for gathering datasets. While API-based model exfiltration has been studied before, the theft and protection of machine learning models on hardware devices have not been explored as of now. In this work, we examine this important aspect of the design and deployment of ML models. We illustrate how an attacker may acquire either the model or the model architecture through memory probing, side-channels, or crafted input attacks, and propose (1) power-efficient obfuscation as an alternative to encryption, and (2) timing side-channel countermeasures.

Direct access to the system's resources such as the GPU, persistent storage and networking has enabled in-browser crypto-mining. Thus, there has been a massive response by rogue actors who abuse browsers for mining without the user's consent. This trend has grown steadily for the last months until this practice, i.e., CryptoJacking, has been acknowledged as the number one security threat by several antivirus companies. Considering this, and the fact that these attacks do not behave as JavaScript malware or other Web attacks, we propose and evaluate several approaches to detect in-browser mining. To this end, we collect information from the top 330.500 Alexa sites. Mainly, we used real-life browsers to visit sites while monitoring resourcerelated API calls and the browser's resource consumption, e.g., CPU. Our detection mechanisms are based on dynamic monitoring, so they are resistant to JavaScript obfuscation. Furthermore, our detection techniques can generalize well and classify previously unseen samples with up to 99.99% precision and recall for the benign class and up to 96% precision and recall for the mining class. These results demonstrate the applicability of detection mechanisms as a server-side approach, e.g., to support the enhancement of existing blacklists. Last but not least, we evaluated the feasibility of deploying prototypical implementations of some detection mechanisms directly on the browser. Specifically, we measured the impact of in-browser API monitoring on page-loading time and performed micro-benchmarks for the execution of some classifiers directly within the browser. In this regard, we ascertain that, even though there are engineering challenges to overcome, it is feasible and bene!cial for users to bring the mining detection to the browser.

Software Engineering is a field of new challenges every day. With every passing day, new technologies emerge. There was an era of web Applications, but the time has changed and most of the web Applications are available as Mobile Applications as well. The Mobile Applications are either android based or iOS based. To deliver error free, secure and reliable Application, it is necessary to test the Applications properly. Software testing is a phase of software development life cycle, where we test an Application in all aspects. Nowadays different type of tools are available for testing an Application automatically but still we have too many challenges for applying test cases on a given Application. In this paper the authors will discuss the challenges of automation of test cases for a Mobile based payment Application.

It is well known that superposition coding, namely separately encoding the independent sources, is optimal for symmetric multilevel diversity coding (SMDC) (Yeung-Zhang 1999). However, the characterization of the coding rate region therein involves uncountably many linear inequalities and the constant term (i.e., the lower bound) in each inequality is given in terms of the solution of a linear optimization problem. Thus this implicit characterization of the coding rate region does not enable the determination of the achievability of a given rate tuple. In this paper, we first obtain closed-form expressions of these uncountably many inequalities. Then we identify a finite subset of inequalities that is sufficient for characterizing the coding rate region. This gives an explicit characterization of the coding rate region. We further show by the symmetry of the problem that only a much smaller subset of this finite set of inequalities needs to be verified in determining the achievability of a given rate tuple. Yet, the cardinality of this smaller set grows at least exponentially fast with L.

Malware or Malicious Software, are an important threat to information technology society. Deep Neural Network has been recently achieving a great performance for the tasks of malware detection and classification. In this paper, we propose a convolutional gated recurrent neural network model that is capable of classifying malware to their respective families. The model is applied to a set of malware divided into 9 different families and that have been proposed during the Microsoft Malware Classification Challenge in 2015. The model shows an accuracy of 92.6% on the available dataset.

Internet of Vehicle (IoV) is an essential part of the Intelligent Transportation system (ITS) which is growing exponentially in the automotive industry domain. The term IoV is used in this paper for Internet of Vehicles. IoV is conceptualized for sharing traffic, safety and several other vehicle-related information between vehicles and end user. In recent years, the number of connected vehicles has increased allover the world. Having information sharing and connectivity as its advantage, IoV also faces the challenging task in the cybersecurity-related matters. The future consists of crowded places in an interconnected world through wearable's, sensors, smart phones etc. We are converging towards IoV technology and interactions with crowded space of connected peoples. However, this convergence demands high-security mechanism from the connected crowd as-well-as other connected vehicles to safeguard of proposed IoV system. In this paper, we coin the term of smart people crowd (SPC) and the smart vehicular crowd (SVC) for the Internet of Vehicles (IoV). These specific crowds of SPC and SVC are the potential cyber attackers of the smart IoV. People connected to the internet in the crowded place are known as a smart crowd. They have interfacing devices with sensors and the environment. A smart crowd would also consist of the random number of smart vehicles. With the future converging in to the smart connected framework for crowds, vehicles and connected vehicles, we present a novel cyber-physical surveillance system (CPSS) framework to tackle the security threats in the crowded environment for the smart automotive industry and provide the cyber security mechanism in the crowded places. We also describe an overview of use cases and their security challenges on the Internet of Vehicles.

Automatic Image Analysis, Image Classification, Automatic Object Recognition are some of the aspiring research areas in various fields of Engineering. Many Industrial and biological applications demand Image Analysis and Image Classification. Sample images available for classification may be complex, image data may be inadequate or component regions in the image may have poor visibility. With the available information each Digital Image Processing application has to analyze, classify and recognize the objects appropriately. Pre-processing, Image segmentation, feature extraction and classification are the most common steps to follow for Classification of Images. In this study we applied various existing edge detection methods like Robert, Sobel, Prewitt, Canny, Otsu and Laplacian of Guassian to crab images. From the conducted analysis of all edge detection operators, it is observed that Sobel, Prewitt, Robert operators are ideal for enhancement. The paper proposes Enhanced Sobel operator, Enhanced Prewitt operator and Enhanced Robert operator using morphological operations and masking. The novelty of the proposed approach is that it gives thick edges to the crab images and removes spurious edges with help of m-connectivity. Parameters which measure the accuracy of the results are employed to compare the existing edge detection operators with proposed edge detection operators. This approach shows better results than existing edge detection operators.

In this paper, we propose a deep learning framework for malware classification. There has been a huge increase in the volume of malware in recent years which poses a serious security threat to financial institutions, businesses and individuals. In order to combat the proliferation of malware, new strategies are essential to quickly identify and classify malware samples so that their behavior can be analyzed. Machine learning approaches are becoming popular for classifying malware, however, most of the existing machine learning methods for malware classification use shallow learning algorithms (e.g. SVM). Recently, Convolutional Neural Networks (CNN), a deep learning approach, have shown superior performance compared to traditional learning algorithms, especially in tasks such as image classification. Motivated by this success, we propose a CNN-based architecture to classify malware samples. We convert malware binaries to grayscale images and subsequently train a CNN for classification. Experiments on two challenging malware classification datasets, Malimg and Microsoft malware, demonstrate that our method achieves better than the state-of-the-art performance. The proposed method achieves 98.52% and 99.97% accuracy on the Malimg and Microsoft datasets respectively.

Quantum information exchange computer emulator is presented, which takes into consideration imperfections of real quantum channel such as noise and attenuation resulting in the necessity to increase number of photons in the impulse. The Qt Creator C++ program package provides evaluation of the ability to detect unauthorized access as well as an amount of information intercepted by intruder.

Reliable operation of power systems is a primary challenge for the system operators. With the advancement in technology and grid automation, power systems are becoming more vulnerable to cyber-attacks. The main goal of adversaries is to take advantage of these vulnerabilities and destabilize the system. This paper describes a game-theoretic approach to attacker / defender modeling in power systems. In our models, the attacker can strategically identify the subset of substations that maximize damage when compromised. However, the defender can identify the critical subset of substations to protect in order to minimize the damage when an attacker launches a cyber-attack. The algorithms for these models are applied to the standard IEEE-14, 39, and 57 bus examples to identify the critical set of substations given an attacker and a defender budget.