Biblio

Augmented reality (AR) has been identified as a key technology to enhance worker utility in the context of increasing automation of repeatable procedures. AR can achieve this by assisting the user in performing complex and frequently changing procedures. Crucial to the success of procedure assistance AR applications is user acceptability, which can be measured by user quality of experience (QoE). An active research topic in QoE is the identification of implicit metrics that can be used to continuously infer user QoE during a multimedia experience. A user's QoE is linked to their affective state. Affective state is reflected in facial expressions. Emotions shown in micro facial expressions resemble those expressed in normal expressions but are distinguished from them by their brief duration. The novelty of this work lies in the evaluation of micro facial expressions as a continuous QoE metric by means of correlation analysis to the more traditional and accepted post-experience self-reporting. In this work, an optimal Rubik's Cube solver AR application was used as a proof of concept for complex procedure assistance. This was compared with a paper-based procedure assistance control. QoE expressed by affect in normal and micro facial expressions was evaluated through correlation analysis with post-experience reports. The results show that the AR application yielded higher task success rates and shorter task durations. Micro facial expressions reflecting disgust correlated moderately to the questionnaire responses for instruction disinterest in the AR application.

This paper investigates the event-triggered control (ETC) problem for stochastic networked control systems (NCSs) with exogenous disturbances and Denial-of-Service (DoS) attacks. The ETC strategy is proposed to reduce the utilization of network resource while defending the DoS attacks. Based on the introduced ETC strategy, sufficient conditions, which rely on the frequency and duration properties of DoS attacks, are obtained to achieve the stochastic input-to-state stability and Zeno-freeness of the ETC stochastic NCSs. An example of air vehicle system is given to explain the effectiveness of proposed ETC strategy.

Privacy preservation is one of the greatest concerns when data is shared between different organizations. On the one hand, releasing data for research purposes is inevitable. On the other hand, sharing this data can jeopardize users' privacy. An effective solution, for the sharing organizations, is to use anonymization techniques to hide the users' sensitive information. One of the most popular anonymization techniques is k-Anonymization in which any data record is indistinguishable from at least k-1 other records. However, one of the fundamental challenges in choosing the value of k is the trade-off between achieving a higher privacy and the information loss associated with the anonymization. In this paper, the problem of choosing the optimal anonymization level for k-anonymization, under possible attacks, is studied when multiple organizations share their data to a common platform. In particular, two common types of attacks are considered that can target the k-anonymization technique. To this end, a novel game-theoretic framework is proposed to model the interactions between the sharing organizations and the attacker. The problem is formulated as a static game and its different Nash equilibria solutions are analytically derived. Simulation results show that the proposed framework can significantly improve the utility of the sharing organizations through optimizing the choice of k value.

In the existing scheduling algorithms of mimicry structure, the random algorithm cannot solve the problem of large vulnerability window in the process of random scheduling. Based on known vulnerabilities, the algorithm with diversity and complexity as scheduling indicators can not only fail to meet the characteristic requirements of mimic's endogenous security for defense, but also cannot analyze the unknown vulnerabilities and measure the continuous differences in time of mimic Executive Entity. In this paper, from the Angle of attack surface is put forward based on mimicry attack the mimic Executive Entity scheduling algorithm, its resources to measure analysis method and mimic security has intrinsic consistency, avoids the random algorithm to vulnerability and modeling using known vulnerabilities targeted, on time at the same time can ensure the diversity of the Executive body, to mimic the attack surface web server scheduling system in continuous time is less, and able to form a continuous differences. Experiments show that the minimum symbiotic resource scheduling algorithm based on time continuity is more secure than the random scheduling algorithm.

OLAP is an authoritative analytical tool in the emerging big data analytics context, with particular regards to the target distributed environments (e.g., Clouds). Here, privacy-preserving OLAP-based big data analytics is a critical topic, with several amenities in the context of innovative big data application scenarios like smart cities, social networks, bio-informatics, and so forth. The goal is that of providing privacy preservation during OLAP analysis tasks, with particular emphasis on the privacy of OLAP aggregates. Following this line of research, in this paper we provide a deep contribution on experimenting and assessing a state-of-the-art distributed privacy-preserving OLAP framework, named as SPPOLAP, whose main benefit is that of introducing a completely-novel privacy notion for OLAP data cubes.

Equivalence checking is one of the most scalable and useful verification techniques in industry. NULL Convention Logic (NCL) circuits utilize dual-rail signals (i.e., two wires to represent one bit of DATA), where the wires are inverses of each other during a DATA wavefront. In this paper, a technique that exploits this invariant at NCL register boundaries is proposed to improve the efficiency of equivalence verification of NCL circuits.

Ransomware attacks cost businesses more than \$75 billion/year, and it is predicted to cost \$6 trillion/year by 2021. These numbers demonstrate the havoc produced by ransomware on a large number of sectors and urge security researches to tackle it. Several ransomware detection approaches have been proposed in the literature that interchange between static and dynamic analysis. Recently, ransomware attacks were shown to fingerprint the execution environment before they attack the system to counter dynamic analysis. In this paper, we exploit the behavior of contemporary ransomware to prevent its attack on real systems and thus avoid the loss of any data. We explore a set of ransomware-generated artifacts that are launched to sniff the surrounding. Furthermore, we design, develop, and evaluate an approach that monitors the behavior of a program by intercepting the called Windows APIs. Consequently, we determine in real-time if the program is trying to inspect its surrounding before the attack, and abort it immediately prior to the initiation of any malicious encryption or locking. Through empirical evaluations using real and recent ransomware samples, we study how ransomware and benign programs inspect the environment. Additionally, we demonstrate how to prevent ransomware with a low false positive rate. We make the developed approach available to the research community at large through GitHub to strongly promote cyber security defense operations and for wide-scale evaluations and enhancements.

Supervisor synthesis enables the design of supervisory controllers for large cyber-physical systems, with high guarantees for functionality and safety. The complexity of the synthesis problem, however, increases exponentially with the number of system components in the cyber-physical system and the number of models of this system, often resulting in lengthy or even unsolvable synthesis procedures. In this paper, a new method is proposed for reducing the model of the system before synthesis to decrease the required computational time and effort. The method consists of three steps for model reduction, that are mainly based on symmetry in dependency graphs of the system. Dependency graphs visualize the components in the system and the relations between these components. The proposed method is applied in a case study on the design of a supervisory controller for a road tunnel. In this case study, the model reduction steps are described, and results are shown on the effectiveness of model reduction in terms of model size and synthesis time.

Consensus protocols are currently the bottlenecks that prevent blockchain systems from scaling. However, we argue that transaction execution is also important to the performance and security of blockchains. In other words, there are ample opportunities to speed up and further secure blockchains by reducing the cost of transaction execution. Our goal is to understand how much we can speed up blockchains by exploiting transaction concurrency available in blockchain workloads. To this end, we first analyze historical data of seven major public blockchains, namely Bitcoin, Bitcoin Cash, Litecoin, Dogecoin, Ethereum, Ethereum Classic, and Zilliqa. We consider two metrics for concurrency, namely the single-transaction conflict rate per block, and the group conflict rate per block. We find that there is more concurrency in UTXO-based blockchains than in account-based ones, although the amount of concurrency in the former is lower than expected. Another interesting finding is that some blockchains with larger blocks have more concurrency than blockchains with smaller blocks. Next, we propose an analytical model for estimating the transaction execution speed-up given an amount of concurrency. Using results from our empirical analysis, the model estimates that 6× speed-ups in Ethereum can be achieved if all available concurrency is exploited.

In this paper, we present a flexible Variable Precision Computation Array (VPCA) component for different accelerators, which leverages a sparsification scheme for activations and a low bits serial-parallel combination computation unit for improving the efficiency and resiliency of accelerators. The VPCA can dynamically decompose the width of activation/weights (from 32bit to 3bit in different accelerators) into 2-bits serial computation units while the 2bits computing units can be combined in parallel computing for high throughput. We propose an on-the-fly compressing and calculating strategy SLE-CLC (single lane encoding, cross lane calculation), which could further improve performance of 2-bit parallel computing. The experiments results on image classification datasets show VPCA can outperforms DaDianNao, Stripes, Loom-2bit by 4.67×, 2.42×, 1.52× without other overhead on convolution layers.

An attack graph is a method used to enumerate the possible paths that an attacker can take in the organizational network. MulVAL is a known open-source framework used to automatically generate attack graphs. MulVAL's default modeling has two main shortcomings. First, it lacks the ability to represent network protocol vulnerabilities, and thus it cannot be used to model common network attacks, such as ARP poisoning. Second, it does not support advanced types of communication, such as wireless and bus communication, and thus it cannot be used to model cyber-attacks on networks that include IoT devices or industrial components. In this paper, we present an extended network security model for MulVAL that: (1) considers the physical network topology, (2) supports short-range communication protocols, (3) models vulnerabilities in the design of network protocols, and (4) models specific industrial communication architectures. Using the proposed extensions, we were able to model multiple attack techniques including: spoofing, man-in-the-middle, and denial of service attacks, as well as attacks on advanced types of communication. We demonstrate the proposed model in a testbed which implements a simplified network architecture comprised of both IT and industrial components

Radio frequency identification (RFID) is widespread and still necessary in many important applications. However, and in various significant cases, the use of this technology faces multiple security issues that must be addressed. This is mainly related to the use of RFID tags (transponders) which are electronic components communicating wirelessly, and hence they are vulnerable to multiple attacks through several means. In this work, an extensive fault analysis is performed on a tag architecture in order to evaluate its hardness. Tens of millions of single-bit upset (SBU) and multiple-bit upset (MBU) faults are emulated randomly on this tag architecture using an FPGA-based emulation platform. The emulated faults are classified under five groups according to faults effect on the tag behaviour. The obtained results show the faults effect variation in function of the number of MBU affected bits. The interpretation of this variation allows evaluating the tag robustness. The proposed approach represents an efficient mean that permits to study tag architectures at the design level and evaluating their robustness and vulnerability to fault attacks.

LoRaWAN (Low-power Wide-Area Networks) is the main specification for application-level IoT (Internet of Things). The current version, published in October 2017, is LoRaWAN 1.1, with its 1.0 precursor still being the main specification supported by commercial devices such as PyCom LoRa transceivers. Prior (semi)-formal investigations into the security of the LoRaWAN protocols are scarce, especially for Lo-RaWAN 1.1. Moreover, amongst these few, the current encodings [4], [9] of LoRaWAN into verification tools unfortunately rely on much-simplified versions of the LoRaWAN protocols, undermining the relevance of the results in practice. In this paper, we fill in some of these gaps. Whilst we briefly discuss the most recent cryptographic-orientated works [5] that looked at LoRaWAN 1.1, our true focus is on producing formal analyses of the security and correctness of LoRaWAN, mechanised inside automated tools. To this end, we use the state-of-the-art prover, Tamarin. Importantly, our Tamarin models are a faithful and precise rendering of the LoRaWAN specifications. For example, we model the bespoke nonce-generation mechanisms newly introduced in LoRaWAN 1.1, as well as the “classical” but shortdomain nonces in LoRaWAN 1.0 and make recommendations regarding these. Whilst we include small parts on device-commissioning and application-level traffic, we primarily scrutinise the Join Procedure of LoRaWAN, and focus on version 1.1 of the specification, but also include an analysis of Lo-RaWAN 1.0. To this end, we consider three increasingly strong threat models, resting on a Dolev-Yao attacker acting modulo different requirements made on various channels (e.g., secure/insecure) and the level of trust placed on entities (e.g., honest/corruptible network servers). Importantly, one of these threat models is exactly in line with the LoRaWAN specification, yet it unfortunately still leads to attacks. In response to the exhibited attacks, we propose a minimal patch of the LoRaWAN 1.1 Join Procedure, which is as backwards-compatible as possible with the current version. We analyse and prove this patch secure in the strongest threat model mentioned above. This work has been responsibly disclosed to the LoRa Alliance, and we are liaising with the Security Working Group of the LoRa Alliance, in order to improve the clarity of the LoRaWAN 1.1 specifications in light of our findings, but also by using formal analysis as part of a feedback-loop of future and current specification writing.

Deepfake imagery that contains altered faces has become a threat to online content. Current anti-deepfake approaches usually do so by detecting image anomalies, such as visible artifacts or inconsistencies. However, with deepfake advances, these visual artifacts are becoming harder to detect. In this paper, we show that one can use biometric eyebrow matching as a tool to detect manipulated faces. Our method could provide an 0.88 AUC and 20.7% EER for deepfake detection when applied to the highest quality deepfake dataset, Celeb-DF.

With the development of deep neural networks, digital fake paintings can be generated by various style transfer algorithms. To detect the fake generated paintings, we analyze the fake generated and real paintings in Fourier frequency domain and observe statistical differences and artifacts. Based on our observations, we propose Fake Generated Painting Detection via Frequency Analysis (FGPD-FA) by extracting three types of features in frequency domain. Besides, we also propose a digital fake painting detection database for assessing the proposed method. Experimental results demonstrate the excellence of the proposed method in different testing conditions.

Clustering is a concept in data mining, which divides a data set into different classes or clusters according to a specific standard, making the similarity of data objects in the same cluster as large as possible. Clustering by fast search and find of density peaks (DPC) is a novel clustering algorithm based on density. It is simple and novel, only requiring fewer parameters to achieve better clustering effect, without the requirement for iterative solution. And it has expandability and can detect the clustering of any shape. However, DPC algorithm still has some defects, such as it employs the clear neighborhood relations to calculate local density, so it cannot identify the neighborhood membership of different values of points from the distance of points and It is impossible to accurately cluster the data of the multi-density peak. The fuzzy neighborhood density peak clustering algorithm is proposed for this shortcoming (F-DPC): novel local density is defined by the fuzzy neighborhood relationship. The fuzzy set theory can be used to make the fuzzy neighborhood function of local density more sensitive, so that the clustering for data set of various shapes and densities is more robust. Experiments show that the algorithm has high accuracy and robustness.

Regardless of the setting, edge computing has drawn much attention from both the academic and industrial communities. For edge computing, content delivery networks are both a concrete and production deployable use case. While viable at the WAN or telco edge scale, it is unclear if this extends to others, such as in home WiFi routers, as has been assumed by some. In this work-in-progress, we present an initial study on the viability of using smart edge WiFi routers as a caching location. We describe the simulator we created to test this, as well as the analysis of the results obtained. We use 1 day of e-commerce web log traffic from a public data set, as well as a sampled subset of our own site - part of an ecosystem of over 111 million users. We show that in the best case scenario, smart edge routers are inappropriate for e-commerce web caching.

Cyber-Physical Systems (CPS) such as intelligent connected vehicles, smart farming and smart logistics are constantly generating tons of data and requiring real-time data processing capabilities. Therefore, Edge Computing which provisions computing resources close to the End Devices from the network edge is becoming the ideal platform for CPS. However, it also brings many issues and one of the most prominent challenges is how to ensure the development of trustworthy smart services given the dynamic and distributed nature of Edge Computing. To tackle this challenge, this paper proposes a novel Federated Learning based Edge Computing platform for CPS, named “FengHuoLun”. Specifically, based on FengHuoLun, we can: 1) implement smart services where machine learning models are trained in a trusted Federated Learning framework; 2) assure the trustworthiness of smart services where CPS behaviours are tested and monitored using the Federated Learning framework. As a work in progress, we have presented an overview of the FengHuoLun platform and also some preliminary studies on its key components, and finally discussed some important future research directions.

Recently, dielectric/ferroelectric (DE/FE) bilayer systems have been extensively investigated for achieving high remanent polarization in Hf0.5Zr0.5O2(HZO) based MFM capacitors. Herein, we report significant enhancement in the ferroelectric property of HZO capacitors by incorporating Ta2O5as the dielectric seed layer. Thickness of the Ta2O5layer was incorporated at both top and bottom of the HZO films and the thickness of the seed layer was varied from 10 to 50 Å. When the Ta2O5dielectric films were inserted at the top, the highest remanent polarization 16.83 μC/cm2 was observed in case of 20 Å films as compared to that of 13.21 μC/cm2 of the reference HZO device. Similarly, for bottom Ta2O5dielectric films, the highest remanent polarization 15.24 μC/cm2 was observed in case of 20 Å films. When we compared both the stacks, the best result was observed in case of top Ta2O5. The coercive field (Ec) was also found to be nearly same with the HZO based device despite the incorporation of the dielectric layer. The enhanced ferroelectricity of these devices can be used in memory devices, FeFETs, FTJ and sensors applications.

Cryptography is the method of transforming the original texted message into an unknown form and in reverse also. It is the process of hiding and forwarding the data in an appropriate form so that only authorized persons can know and can process it. Cryptographic process secures the data from hijacking or transmutation, it is mainly used for users data security. This paper justifies the encryption and decryption using DNA(Deoxyribo Nucleic Acid) sequence. This process includes several intermediate steps, the perception of binary-coded form and generating of arbitrary keys is used to encrypt the message. A common key should be established between the sender and receiver for encryption and decryption process. The common key provides more security to the sequence. In this paper, both the process of binary-coded form and generating of arbitrary keys are used to encrypt the message. It is widely used in an institution and by every individual to hide their data from the muggers and hijackers and provides the data securely, and confidentially over the transmission of information.

This paper presents Foggy, an anonymous communication system focusing on providing users with anonymous web browsing. Foggy provides a microservice-based proxy for web browsing and other low-latency network activities without exposing users' metadata and browsed content to adversaries. It is designed with decentralized information management, web caching, and configurable service selection. Although Foggy seems to be more centralized compared with Tor, it gains an advantage in manageability while retaining anonymity. Foggy can be deployed by several agencies to become more decentralized. We prototype Foggy and test its performance. Our experiments show Foggy's low latency and deployability, demonstrating its potential to be a commercial solution for real-world deployment.

In this paper, we introduce a new digital image forensics approach called forensic similarity, which determines whether two image patches contain the same forensic trace or different forensic traces. One benefit of this approach is that prior knowledge, e.g., training samples, of a forensic trace is not required to make a forensic similarity decision on it in the future. To do this, we propose a two-part deep-learning system composed of a convolutional neural network-based feature extractor and a three-layer neural network, called the similarity network. This system maps the pairs of image patches to a score indicating whether they contain the same or different forensic traces. We evaluated the system accuracy of determining whether two image patches were captured by the same or different camera model and manipulated by the same or a different editing operation and the same or a different manipulation parameter, given a particular editing operation. Experiments demonstrate applicability to a variety of forensic traces and importantly show efficacy on “unknown” forensic traces that were not used to train the system. Experiments also show that the proposed system significantly improves upon prior art, reducing error rates by more than half. Furthermore, we demonstrated the utility of the forensic similarity approach in two practical applications: forgery detection and localization, and database consistency verification.

The industrial Internet of Things (IIoT) can facilitate industrial upgrading, intelligent manufacturing, and lean production. Industrial control system (ICS) is a vital support mechanism for many key infrastructures in the IIoT. However, natural defects in the ICS network security mechanism and the susceptibility of the programmable logic controller (PLC) program to malicious attack pose a threat to the safety of national infrastructure equipment. To improve the security of the underlying equipment in ICS, a model checking method based on timed automata is proposed in this work, which can effectively model the control process and accurately simulate the system state when incorporating time factors. Formal analysis of the ICS and PLC is then conducted to formulate malware detection rules which can constrain the normal behavior of the system. The model checking tool UPPAAL is then used to verify the properties by detecting whether there is an exception in the system and determine the behavior of malware through counter-examples. The chemical reaction control system in Tennessee-Eastman process is taken as an example to carry out modeling, characterization, and verification, and can effectively detect multiple patterns of malware and propose relevant security policy recommendations.

The essence of network security is the asymmetric online confrontation with the partial observable cyber threats, which requires the defense ability against unexpected security incidents. The existing network intrusion detection systems are mostly static centralized structure, and usually faced with problems such as high pressure of central processing node, low fault tolerance, low damage resistance and high construction cost. In this paper, exploiting the advantage of collaborative decision-making of decentralized multiagent coordination, we design a collaborative cyber threat perception model, DI-MDPs, which is based on the decentralized coordination, and the core idea is initiative information interaction among agents. Then, we analysis the relevance and transformation conditions between the proposed model, then contribute a reinforcement learning algorithm HTI that takes advantage of the particular structure of DI-MDPs in which agent updates policies by learning both its local cognition and the additional information obtained through interaction. Finally, we compare and verify the performance of the designed algorithm under typical scenario setting.

Recently, several practical attacks raised serious concerns over the security of searchable encryption. The attacks have brought emphasis on forward privacy, which is the key concept behind solutions to the adaptive leakage-exploiting attacks, and will very likely to become a must-have property of all new searchable encryption schemes. For a long time, forward privacy implies inefficiency and thus most existing searchable encryption schemes do not support it. Very recently, Bost (CCS 2016) showed that forward privacy can be obtained without inducing a large communication overhead. However, Bost's scheme is constructed with a relatively inefficient public key cryptographic primitive, and has poor I/O performance. Both of the deficiencies significantly hinder the practical efficiency of the scheme, and prevent it from scaling to large data settings. To address the problems, we first present FAST, which achieves forward privacy and the same communication efficiency as Bost's scheme, but uses only symmetric cryptographic primitives. We then present FASTIO, which retains all good properties of FAST, and further improves I/O efficiency. We implemented the two schemes and compared their performance with Bost's scheme. The experiment results show that both our schemes are highly efficient.