Biblio

An emerging widely used technology cloud computing which a paddle of computing resources is available for the users. Through the internet-based the resources could be supplied to cloud consumers at their request but it is not directly active management by the user. This application-based software infrastructure can store data on remote serves, which can be accessed through the internet and a user who wants to access data stored in the cloud have to use an internet browser or cloud computing software. Data protection has become one of the significant issues in cloud computing when users must rely on their cloud providers for security purposes. In this article, a system that can embarrass the disclosure of the key for distributing a file that will assure security dispensing asymmetric key and sharing it among the cloud environment and user perform the integrity check themselves rather than using third-party services by using compression or hash function where the hash is created using a hash function and it was not mentioned in the previous paper. After the user receives the data every hash is compared with other hash values to check the differences of the data. The time-consumption of encryption and decryption of the data is calculated and compared with the previous paper and the experiment shows that our calculation took around 80% less time.

The maturity of intelligent transportation system, cloud computing and Internet of Things (IoT) technology has encouraged the rapid growth of vehicular ad-hoc networks (VANETs). Currently, vehicles are supposed to carry relatively more storage, on board computing facilities, increased sensing power and communication systems. In order to cope with real world demands such as low latency, low storage cost, mobility, etc., for the deployment of VANETs, numerous attempts have been taken to integrate fog-computing with VANETs. In the recent past, Ma et al. (IEEE Internet of Things, pp 2327-4662, 10. 1109/JIOT.2019.2902840) designed “An Efficient and Provably Secure Authenticated Key Agreement Protocol for Fog-Based Vehicular Ad-Hoc Networks”. Ma et al. claimed that their protocol offers secure communication in fog-based VANETs and is resilient against several security attacks. However, this comment demonstrates that their scheme is defenseless against vehicle-user impersonation attack and reveals secret keys of vehicle-user and fog-node. Moreover, it fails to offer vehicle-user anonymity and has inefficient login phase. This paper also gives some essential suggestions on strengthening resilience of the scheme, which are overlooked by Ma et al.

Multi-stage Proof-of-Work is a recently proposed protocol which extends the Proof-of-Work protocol used in Bitcoin. It splits Proof-of-Work into multiple stages, to achieve a more efficient block generation and a fair reward distribution. In this paper we study some of the Multi-stage Proof-of-Work security vulnerabilities. Precisely, we present two attacks: a Selfish Mining attack and a Selfish Stage-Withholding attack. We show that Multi-stage Proof-of-Work is not secure against a selfish miner owning more than 25% of the network hashing power. Moreover, we show that Selfish Stage-Withholding is a complementary strategy to boost a selfish miner's profitability.

The convergence of Internet of Things (IoT) and cloud computing is due to the practical necessity for providing broader services to extensive user in distinct environments. However, cloud computing has numerous constraints for applications that require high-mobility and high latency, notably in adversarial situations (e.g. battlefields). These limitations can be elevated to some extent, in a fog computing model because it covers the gap between remote data-center and edge device. Since, the fog nodes are usually installed in remote areas, therefore, they impose the design of fool proof safety solution for a fog-based setting. Thus, to ensure the security and privacy of fog-based environment, numerous schemes have been developed by researchers. In the recent past, Jia et al. (Wireless Networks, DOI: 10.1007/s11276-018-1759-3) designed a fog-based three-party scheme for healthcare system using bilinear. They claim that their scheme can withstand common security attacks. However, in this work we investigated their scheme and show that their scheme has different susceptibilities such as revealing of secret parameters, and fog node impersonation attack. Moreover, it lacks the anonymity of user anonymity and has inefficient login phase. Consequently, we have suggestion with some necessary guidelines for attack resilience that are unheeded by Jia et al.

Sound plays a key role in human life and therefore sound recognition system has a great future ahead. Sound classification and identification system has many applications such as system for personal security, critical surveillance, etc. The main aim of this paper is to detect and classify the security sound event using the surveillance camera systems with integrated microphone based on the generated spectrograms of the sounds. This will enable to track security events in cases of emergencies. The goal is to propose a security system to accurately detect sound events and make a better security sound event detection system. We propose to use a convolutional neural network (CNN) to design the security sound detection system to detect a security event with minimal sound. We used the spectrogram images to train the CNN. The neural network was trained using different security sounds data which was then used to detect security sound events during testing phase. We used two datasets for our experiment training and testing datasets. Both the datasets contain 3 different sound events (glass break, gun shots and smoke alarms) to train and test the model, respectively. The proposed system yields the good accuracy for the sound event detection even with minimum available sound data. The designed system achieved accuracy was 92% and 90% using CNN on training dataset and testing dataset. We conclude that the proposed sound classification framework which using the spectrogram images of sounds can be used efficiently to develop the sound classification and recognition systems.

To improve the security and reliability of the system in case of sensor failure, a fault diagnosis algorithm based on neural network is proposed to locate the fault quickly and reconstruct the control system in this paper. Firstly, the typical airborne sensors are introduced and their common failure modes are analyzed. Then, a new method of complex feature extraction using wavelet packet is put forward to extract the fault characteristics of UAV sensors. Finally, the observer method based on BP neural network is adopted to train and acquire data offline, and to detect and process single or multiple sensor faults online. Matlab simulation results show that the algorithm has good diagnostic accuracy and strong generalization ability, which also has certain practicability in engineering.

Wireless Sensor Network (WSN)is the most promising area which is widely used in the field of military, healthcare systems, flood control, and weather forecasting system. In WSN every node is connected with another node and exchanges the information from one to another. While sending data between nodes data security is an important factor. Security is a vital issue in the area of networking. This paper addresses the issue of security in terms of distinct attacks and their solutions provided by the different authors. Whenever data is transferred from source to destination then it follows some route so there is a possibility of a malicious node in the network. It is a very difficult task to identify the malicious node present in the network. Insecurity intruder attacks on data packets that are transferred from one node to another node. While transferring the data from source to destination node hacker hacks the data and changes the actual data. In this paper, we have discussed the numerous security solution provided by the different authors and they had used the Machine Learning (ML) approach to handle the attacks. Various ML techniques are used to determine the authenticity of the node. Network attacks are elaborated according to the layer used for WSN architecture. In this paper, we will categorize the security attacks according to layer-wise and type-wise and represent the solution using the ML technique for handling the security attack.

Blockchain technology has gradually replaced traditional centralized data storage methods, and provided people reliable data storage services with its decentralized and non-tamperable features. However, the current blockchain data supervision is insufficient and the data cannot be modified once it is on the blockchain, which will cause the blockchain system to face various problems such as illegal information cannot be deleted and breach of smart contract cannot be fixed in time. To address these issues, we propose an anonymous editable blockchain scheme based on the reconstruction of the blockchain structure of the SpaceMint combining with the certificateless aggregate signature algorithm. Users register with their real identities and use pseudonyms in the system to achieve their anonymity. If the number of users who agree to edit meets the threshold, the data on the blockchain can be modified or deleted, and our scheme has the function of accountability for malicious behavior. The security analysis show that the proposed certificateless aggregate signature algorithm enjoys the unforgeability under the adaptive selected message attack. Moreover, the method of setting the threshold of related users is adopted to guarantee the effectiveness and security of editing blockchain data. At last, we evaluate the performance of our certificateless aggregate signature algorithm and related schemes in theoretical analysis and experimental simulation, which demonstrates our scheme is feasible and efficient in storage, bandwidth and computational cost.

With the emergence of quantum computers, traditional digital signature schemes based on problems such as large integer solutions and discrete logarithms will no longer be secure, and it is urgent to find effective digital signature schemes that can resist quantum attacks. Lattice cryptography has the advantages of computational simplicity and high security. In this paper, we propose an identity-based digital signature scheme based on the rejection sampling algorithm. Unlike most schemes that use a common Gaussian distribution, this paper uses a bimodal Gaussian distribution, which improves efficiency. The identity-based signature scheme is more convenient for practical application than the traditional certificate-based signature scheme.

Current implementations of Differential Privacy (DP) focus primarily on the privacy of the data release. The planned thesis will investigate steps towards a user-centric approach of DP in the scope of the Internet-of-Things (IoT) which focuses on data subjects, IoT developers, and data analysts. We will conduct user studies to find out more about the often conflicting interests of the involved parties and the encountered challenges. Furthermore, a technical solution will be developed to assist data subjects and analysts in making better informed decisions. As a result, we expect our contributions to be a step towards the development of usable DP for IoT sensor data.

Perimeter models, which provide access control for protecting resources on networks, make authorization decisions using the source network of access requests as one of critical factors. However, such models are problematic because once a network is intruded, the attacker gains access to all of its resources. To overcome the above problem, a Zero Trust Network (ZTN) is proposed as a new security model in which access control is performed by authenticating users who request access and then authorizing such requests using various information about users and devices called contexts. To correctly make authorization decisions, this model must take a large amount of various contexts into account. However, in some cases, an access control mechanism cannot collect enough context to make decisions, e.g., when an organization that enforces access control joins the identity federation and uses systems operated by other organizations. This is because the contexts collected using the systems are stored in individual systems and no federation exists for sharing contexts. In this study, we propose the concept of a Zero Trust Federation (ZTF), which applies the concept of ZTN under the identity federation, and a method for sharing context among systems of organizations. Since context is sensitive to user privacy, we also propose a mechanism for sharing contexts under user control. We also verify context sharing by implementing a ZTF prototype.

Cloud storage is a low-cost and convenient storage method, but the nature of cloud storage determines the existence of security risks for data uploaded by users. In order to ensure the security of users' data in third-party cloud platforms, a zero trust security platform for data trusteeship is proposed. The platform introduces the concept of zero trust, which meets the needs of users to upload sensitive data to untrusted third-party cloud platforms by implementing multiple functional modules such as sensitivity analysis service, cipher index service, attribute encryption service.

6G is the next generation for the communication systems. In recent years, machine learning algorithms have been applied widely in various fields such as health, transportation, and the autonomous car. The predictive algorithms will be used in 6G problems. With the rapid developments of deep learning techniques, it is critical to take the security concern into account when applying the algorithms. While machine learning offers significant advantages for 6G, AI models’ security is normally ignored. Due to the many applications in the real world, security is a vital part of the algorithms. This paper proposes a mitigation method for adversarial attacks against proposed 6G machine learning models for the millimeter-wave (mmWave) beam prediction using adversarial learning. The main idea behind adversarial attacks against machine learning models is to produce faulty results by manipulating trained deep learning models for 6G applications for mmWave beam prediction. We also present the adversarial learning mitigation method’s performance for 6G security in millimeter-wave beam prediction application with fast gradient sign method attack. The mean square errors of the defended model under attack are very close to the undefended model without attack.

The development of autonomous connected vehicles, in particular, moving as a platoon formation, has received great attention in recent years. The autonomous movement allows to increase the efficiency of the transportation infrastructure usage, reduce the fuel consumption, improve road safety, decrease traffic congestion, and others. To maintain an optimal spacing policy in a platoon formation, it is necessary to exchange information between vehicles. The Vehicular ad hoc Network (VANET) is the key component to establish wireless vehicle-to-vehicle communications. However, vehicular communications can be affected by different security threats. In this paper, we consider the third-order consensus approach as a control strategy for the vehicle platoon. We investigate several types of malicious attacks (spoofing, message falsification) and propose an anomaly detection algorithm that allows us to detect the malicious vehicle and enhance the security of the vehicle platoon. The experimental study of the proposed approach is conducted using Plexe, a vehicular network simulator that permits the realistic simulation of platooning systems.

In order to realize Intelligent Disaster Recovery and break the traditional reactive backup mode, it is necessary to forecast the potential system anomalies, and proactively backup the real-time datas and configurations. System logs record the running status as well as the critical events (including errors and warnings), which can help to detect system performance, debug system faults and analyze the causes of anomalies. What's more, with the features of real-time, hierarchies and easy-access, log data can be an ideal source for monitoring system status. To reduce the complexity and improve the robustness and practicability of existing log-based anomaly detection methods, we propose a new anomaly detection mechanism based on hierarchical weights, which can deal with unstable log data. We firstly extract semantic information of log strings, and get the word-level weights by SIF algorithm to embed log strings into vectors, which are then feed into attention-based Long Short-Term Memory(LSTM) deep learning network model. In addition to get sentence-level weight which can be used to explore the interdependence between different log sequences and improve the accuracy, we utilize attention weights to help with building workflow to diagnose the abnormal points in the execution of a specific task. Our experimental results show that the hierarchical weights mechanism can effectively improve accuracy of perdition task and reduce complexity of the model, which provides the feasibility foundation support for Intelligent Disaster Recovery.

The paper considers the issue of recurrent neural networks applicability for detecting industrial process anomalies to detect intrusion in Industrial Control Systems. Cyberattack on Industrial Control Systems often leads to appearing of anomalies in industrial process. Thus, it is proposed to detect such anomalies by forecasting the state of an industrial process using a recurrent neural network and comparing the predicted state with actual process' state. In the course of experimental research, a recurrent neural network with one-dimensional convolutional layer was implemented. The Secure Water Treatment dataset was used to train model and assess its quality. The obtained results indicate the possibility of using the proposed method in practice. The proposed method is characterized by the absence of the need to use anomaly data for training. Also, the method has significant interpretability and allows to localize an anomaly by pointing to a sensor or actuator whose signal does not match the model's prediction.

Over the past decade, cyber-attack events on the electricity grid are on the rise and have proven to result in severe consequences in grid operation. These attacks are becoming more intelligent and can bypass existing protection protocols, resulting in economic losses due to system operating in a falsified and non-optimal condition over a prolonged period. Hence, it is crucial to develop defense tools to detect and mitigate the attack to minimize the cost of malicious operation. This paper aims to develop a novel command verification strategy to detect and mitigate False Data Injection Attacks (FDIAs) targeting the system centralized Economic Dispatch (ED) control signals. Firstly, we describe the ED problem in Singapore's deregulated market. We then perform a risk assessment and formulate two FDIA vectors - Man in the Middle (MITM) and Stealth attack on the ED control process. Subsequently, we propose a novel verification technique based on Multi-Agent System (MAS) to validate the control commands. This algorithm has been tested on the IEEE 6-Bus 3-generator test system, and experimental results verified that the proposed algorithm can detect and mitigate the FDIA vectors.

Realizing flow security in a concurrent environment is extremely challenging, primarily due to non-deterministic nature of execution. The difficulty is further exacerbated from a security angle if sequential threads disclose control locations through publicly observable statements like print, sleep, delay, etc. Such observations lead to internal and external timing attacks. Inspired by previous works that use classical Hoare style proof systems for establishing correctness of distributed (real-time) programs, in this paper, we describe a method for finding information leaks in concurrent programs through the introduction of leaky assertions at observable program points. Specifying leaky assertions akin to classic assertions, we demonstrate how information leaks can be detected in a concurrent context. To our knowledge, this is the first such work that enables integration of different notions of non-interference used in functional and security context. While the approach is sound and relatively complete in the classic sense, it enables the use of algorithmic techniques that enable programmers to come up with leaky assertions that enable checking for information leaks in sensitive applications.

The traditional Proof of Existence blockchain service on the Bitcoin network can be used to verify the existence of any research data at a specific point of time, and to validate the data integrity, without revealing its content. Several variants of the blockchain service exist to certify the existence of data relying on cryptographic fingerprinting, thus enabling an efficient verification of the authenticity of such certifications. However, nowadays research data is continuously changing and being modified through different processing steps in most scientific research workflows such that certifications of individual data objects seem to be constantly outdated in this setting. This paper describes how the blockchain and distributed ledger technology can be used to form a new certification model, that captures the research process as a whole in a more meaningful way, including the description of the used data through its different stages and the associated computational pipeline, code for analysis and the experimental design. The scientific blockchain infrastructure bloxberg, together with a deep learning based analysis from the behavioral science field are used to show the applicability of the approach.

Modern digital signature schemes can provide more guarantees than the standard notion of (strong) unforgeability, such as offering security even in the presence of maliciously generated keys, or requiring to know a message to produce a signature for it. The use of signature schemes that lack these properties has previously enabled attacks on real-world protocols. In this work we revisit several of these notions beyond unforgeability, establish relations among them, provide the first formal definition of non re-signability, and a transformation that can provide these properties for a given signature scheme in a provable and efficient way.Our results are not only relevant for established schemes: for example, the ongoing NIST PQC competition towards standardizing post-quantum signature schemes has six finalists in its third round. We perform an in-depth analysis of the candidates with respect to their security properties beyond unforgeability. We show that many of them do not yet offer these stronger guarantees, which implies that the security guarantees of these post-quantum schemes are not strictly stronger than, but instead incomparable to, classical signature schemes. We show how applying our transformation would efficiently solve this, paving the way for the standardized schemes to provide these additional guarantees and thereby making them harder to misuse.

As IoT systems would have an economic impact, they are gaining growing interest. Millions of IoT devices are expected to join the internet of things, which will carny both major benefits and significant security threats to consumers. For IoT systems that secure data and preserve privacy of users, trust management is an essential component. IoT objects carry on the ownership settings of their owners, allowing them to interact with each other. Social relationships are believed to be important in confidence building. In this paper, we explain how to compute trust in social IoT environments using a cloud-based approach.

In order to overcome a series of problems in the application process of traditional communication engineering in the new era, such as information security, this paper proposes a novel communication engineering application system based on artificial intelligence technology. The application system fully combines the artificial intelligence technology, and applies the artificial intelligence thinking to the reform of traditional communication engineering. Based on this, the application strategy also fully combines the application and development of 5g technology, and strengthens the security of communication engineering in the application process from many aspects. The results show that the application system can give full play to the role of artificial intelligence technology and improve the security of communication process as much as possible, which lays a good foundation for the further development of 5g technology.

Non-interference is a program property that ensures the absence of information leaks. In the context of programming languages, there exist two common approaches for establishing non-interference: type systems and program logics. Type systems provide strong automation (by means of type checking), but they are inherently restrictive in the kind of programs they support. Program logics support challenging programs, but they typically require significant human assistance, and cannot handle modules or higher-order programs.To connect these two approaches, we present SeLoC—a separation logic for non-interference, on top of which we build a type system using the technique of logical relations. By building a type system on top of separation logic, we can compositionally verify programs that consist of typed and untyped parts. The former parts are verified through type checking, while the latter parts are verified through manual proof.The core technical contribution of SeLoC is a relational form of weakest preconditions that can track information flow using separation logic resources. SeLoC is fully machine-checked, and built on top of the Iris framework for concurrent separation logic in Coq. The integration with Iris provides seamless support for fine-grained concurrency, which was beyond the reach of prior type systems and program logics for non-interference.

This paper presents the application of Compressive Sampling (CS) to the realization of a wideband receiver for distributed spectrum monitoring. The proposed prototype performs the non-uniform sampling CS-based technique, while the signal reconstruction is realized by the Orthogonal Matching Pursuit (OMP) algorithm on a personal computer. A first experimental analysis has been conducted on the prototype by assessing several figures of merit, thus characterizing its performance in the time, frequency and modulation domains. The obtained results demonstrate that the proposed prototype can achieve good performance in all specified domains with Compression Ratios (CRs) up to 10 for a 4-QAM (Quadrature Amplitude Modulation) signal having carrier frequency of 350 MHz and working at a symbol rate of 46 MSym/s.

Many industrial control systems (ICS) are reliant upon programmable logic controllers (PLCs) for their operations. As ICS and PLCs are increasingly targeted by cyber-attacks, research facilitating the resiliency of their physical processes is imperative. This paper proposes an approach which leverages PLC containerization, input/output (I/O) multiplexing, and orchestration to respond to cyber incidents and ensure continuity of critical processes. A proofof-concept capability was developed and evaluated on live ICS testbed environments. The experimental results indicate the approach is viable for control applications with soft real-time requirements.